beautypg.com

Port authentication, 1 port authentication overview, 1 ieee 802.1x authentication – ZyXEL Communications ZyXEL Dimension ES-2048 User Manual

Page 129: Chapter 16 port authentication, Port authentication (129)

background image

ES-2048 User’s Guide

129

C

H A P T E R

16

Port Authentication

This chapter describes the IEEE 802.1x and MAC authentication methods.

16.1 Port Authentication Overview

Port authentication is a way to validate access to ports on the Switch to clients based on an
external server (authentication server). The Switch supports the following methods for port
authentication:

IEEE 802.1x

2

- An authentication server validates access to a port based on a username

and password provided by the user.

MAC - An authentication server validates access to a port based on the MAC address and

password of the client.

Both types of authentication use the RADIUS (Remote Authentication Dial In User Service,
RFC 2138, 2139) protocol to validate users. See

Section 20.1.2 on page 158

for more

information on configuring your RADIUS server settings.

"

If you enable IEEE 802.1x authentication and MAC authentication on the same
port, the Switch performs IEEE 802.1x authentication first. If a user fails to
authenticate via the IEEE 802.1x method, then access to the port is denied.

16.1.1 IEEE 802.1x Authentication

The following figure illustrates how a client connecting to a IEEE 802.1x authentication
enabled port goes through a validation process. The Switch prompts the client for login
information in the form of a user name and password. When the client provides the login
credentials, the Switch sends an authentication request to a RADIUS server. The RADIUS
server validates whether this client is allowed access to the port.

2. At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system

documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client
software.