beautypg.com

Brocade BigIron RX Series Configuration Guide User Manual

Page 1128

background image

1050

BigIron RX Series Configuration Guide

53-1002484-04

How 802.1x port security works

34

When a Client that supports 802.1x attempts to gain access through a non-802.1x-enabled port, it
sends an EAP start frame to the BigIron RX device. When the device does not respond, the Client
considers the port to be authorized, and starts sending normal traffic.

BigIron RX devices support MD5-challenge TLS and any other EAP-encapsulated authentication
types in EAP Request/Response messages. In other words, the BigIron RX devices are transparent
to the authentication scheme used.

Authenticating multiple clients connected to the same
port

BigIron RX devices support 802.1x authentication for ports with more than one Client connected to
them.

Figure 138

illustrates a sample configuration where multiple Clients are connected to a

single 802.1x port.

FIGURE 138

Multiple clients connected to a single 802.1x-enabled port

If there are multiple Clients connected to a single 802.1x-enabled port, the BigIron RX
authenticates each of them individually. Each client’s authentication status is independent of the
others, so that if one authenticated client disconnects from the network, it has no effect on the
authentication status of any of the other authenticated clients.

RADIUS Server

(Authentication Server)

BigIron Device

(Authenticator)

Clients/Supplicants running 802.1X-compliant client software

e2/1

192.168.9.22

Hub

See also other documents in the category Brocade Computer Accessories: