Filter
Top Products
DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-61
4.5.3 Application of 802.1X
port-based Guest VLAN
and VLAN assignment
4.5.3.1 Network Topology
Figure 14 topology for 802.1X port-based Guest VLAN and VLAN assignment
4.5.3.2 Networking Requirements
The client accesses network through 802.1x authentication. RADIUS server is the
authentication server, and FTP server is the server used by the client for software downloading
and pack upgrade while it belongs to VLAN10. Radius Server is used for authentication,
authorization, accounting and dynamic VLAN assignment, and it belongs to VLAN1. The
Internet-connecting port F0/24 of switch belongs to VLAN2. The following needs must be met:
If the switch receives no reply after sending authentication request packets
(EAP-Request/Identity) for the configured number of tries, F0/1 will join the Guest VLAN
(VLAN10). By this time, both Supplicant and FTP Sever belong to VLAN10, and
Supplicant can access FTP Server and download 802.1x client.
After successful authentication, RADIUS server will assign VLAN2. By this time, both
Supplicant and F0/24 belong to VLAN2, and Supplicant can access Internet.
4.5.3.3 Configuration Tips
Turn on AAA switch and configure the communication between device and RADIUS
SERVER;
Configure 802.1X authentication and configure the device port for client access as
controlled port;