Configuring 802.1x – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

802.1X Introduction and Configuration

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

40.7

Configuring 802.1X

The following example explains how to configure 802.1X. In this example, the RADIUS
Server keeps the Client information, validating the identity of the Client and updating the
switch about the authentication status of the client. The switch is the physical access
between the two clients and the server. It requests information from the client, relays
information to the server and then back to the client.

To configure 802.1X authentication, first enable authentication on port1.0.1 and
port1.0.2

and then specify the RADIUS Server IP address and port.

802-1x_1

Client B

Client A

192.126.12.1

port1.0.1

Radius

Server

port1.0.2

vlan 4

Table 40-1: 802.1X configuration on the switch

awplus#

configure terminal

Enter the Global Configuration mode.

awplus(config)#

aaa authentication dot1x default

group radius

Enable authentication globally.

awplus(config)#

interface port1.0.1

Specify the interface (port1.0.1) to be configured and
enter the Interface mode.

awplus(config-if)#

dot1x port-control auto

Enable authentication (via RADIUS) on port1.0.1.

awplus(config-if)#

dot1x control-direction both

Block traffic in both directions, other than authentication
packets, until authentication is complete.

awplus(config-if)#

exit

Exit the Interface Configuration mode and enter the
Global Configuration mode.

awplus(config)#

interface port1.0.2

Specify the interface (port1.0.2) you are configuring and
enter the Interface mode.

awplus(config-if)#

dot1x port-control auto

Enable authentication (via RADIUS) on port1.0.2.