Brocade FastIron Ethernet Switch Security Configuration Guide User Manual
Page 7
Supported 802.1X port security features.......................................................169
IETF RFC support ........................................................................................ 170
How 802.1X port security works....................................................................170
Device roles in an 802.1X configuration............................................170
Communication between the devices............................................... 172
Controlled and uncontrolled ports..................................................... 172
Message exchange during authentication.........................................173
Authenticating multiple hosts connected to the same port................176
802.1X port security and sFlow.........................................................180
802.1X accounting............................................................................ 180
Configuring an authentication method list for 802.1X....................... 181
Setting RADIUS parameters............................................................. 181
Dynamic VLAN assignment for 802.1X port configuration................ 184
Dynamically applying IP ACLs and MAC address filtersto 802.1X
Enabling 802.1X port security .......................................................... 191
Setting the port control...................................................................... 191
Configuring periodic re-authentication.............................................. 192
Re-authenticating a port manually.................................................... 192
Setting the quiet period..................................................................... 193
Specifying the wait interval and number of EAP-request/identity
frame retransmissions from the Brocade device......................... 193
Wait interval and number of EAP-request/identity frame
retransmissions from the RADIUS server....................................194
Specifying a timeout for retransmission of messages to the
authentication server................................................................... 195
Initializing 802.1X on a port...............................................................195
Allowing access to multiple hosts......................................................195
MAC address filters for EAP frames................................................. 198
Configuring VLAN access for non-EAP-capable clients....................198
802.1X Accounting attributes for RADIUS........................................ 199
Enabling 802.1X accounting............................................................. 200
Displaying 802.1X configuration information.....................................201
Displaying 802.1X statistics.............................................................. 205
Clearing 802.1X statistics..................................................................206
Displaying dynamically-assigned VLAN information......................... 206
Displaying information about dynamically appliedMAC address
filters and IP ACLs.......................................................................207
Displaying 802.1X multiple-host authentication information..............209
Point-to-point configuration............................................................... 211
Hub configuration.............................................................................. 212
802.1X Authentication with dynamic VLAN assignment................... 214
Multi-device port authentication and 802.1Xsecurity on the same port ........215
Local and global resources used for MAC port security....................218
Configuration notes and feature limitations for MAC port security.... 218
Secure MAC movement.................................................................... 219
FastIron Ethernet Switch Security Configuration Guide
7
53-1003088-03