Port authentication, 1 introduction to authentication, 1 radius – ZyXEL Communications GS-3012F Series User Manual

GS-3012/GS-3012F User’s Guide

123

C

H A P T E R

16

Port Authentication

This chapter describes the 802.1x authentication method and RADIUS server connection
setup.

16.1 Introduction to Authentication

IEEE 802.1x is an extended authentication protocol

1

that allows support of RADIUS (Remote

Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile
management on a network RADIUS server.

16.1.1 RADIUS

RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol
used to authenticate users by means of an external server instead of (or in addition to) an
internal device user database that is limited to the memory capacity of the device. In essence,
RADIUS authentication allows you to validate an unlimited number of users from a central
location.

Figure 60 RADIUS Server

16.1.1.1 Vendor Specific Attribute

A Vendor Specific Attribute (VSA) is an attribute-value pair that is sent between a RADIUS
server and the switch. Configure VSAs on the RADIUS server to set the switch to perform the
following actions on an authenticated user:

• Limit bandwidth on incoming or outgoing traffic
• Assign account privilege levels

1.

At the time of writing, Windows XP of the Microsoft operating systems supports 802.1x. See the Microsoft web

site for information on other Windows operating system support. For other operating systems, see its

documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client

software.