Accton Technology ES4710BD User Manual

509

E

ES4710BD 10 Slots L2/L3/L4 Chassis Switch

In the IEEE 802.1x application environment, ES4710BD is used as the access management unit, and

the user connection device is the device with 802.1x client software. An authenticating server

usually reside in the Carrier’s AAA center and usually is a Radius server.

The authentication function of port-based IEEE 802.1x is limited when multiple user access devices

connect to one physical port, since the authentication will not be able to tell the difference between

user access, MAC-based IEEE 802.1x authentication is implemented in ES4710BD for better

security and management. Only authenticated user access devices connecting to the same physical

port can access the network, the unauthorized devices will not be able to access the network. In this

way, even if multiple terminals are connected via one physical port, ES4710BD can still

authenticate and manage each user access device individually.

The maximum authenticating user number supported by ES4710BD is 4,000. It is recommended to

keep the authenticating user number under 2,000.

20.2 802.1x Configuration

20.2.1 802.1x Configuration Task Sequence

1. Enable IEEE 802.1x function: of the switch.

2. Access management unit property configuration

1) Configure port authentication status

2) Configure access management method for the port: MAC-based or port-based.

3) Configure expanded 802.1x function: for the switch.

3. User access devices related property configuration (optional)

4. RADIUS server related property configuration

1) Configure RADIUS authentication key.

2) Configure RADIUS Server

3) Configure RADIUS Service parameters.

1. Enable 802.1x function: of the switch.