Port roles, None role, Authenticator role – Allied Telesis AT-8100 Series User Manual

Chapter 71: 802.1x Port-based Network Access Control

1064

Port Roles

Part of the task to implementing this feature is specifying the roles of the
ports on the switch. The roles are listed here:



None



Authenticator



Supplicant

None Role

Switch ports in the none role do not participate in port-based access
control. They forward traffic without authenticating the supplicants of the
network devices. This is the default setting for the switch ports.

Note

A RADIUS authentication server cannot authenticate itself and must
communicate with the switch through a port that is not configured as
an authenticator port.

Authenticator

Role

The authenticator role activates port access control on a port. Ports in this
role do not forward network traffic to or from network devices until the
supplicants are authenticated by a RADIUS server. The authenticator role
is appropriate when you want the switch to authenticate the supplicants of
network devices before they can use the network.

Supplicant Role

A switch port in the supplicant role acts as a supplicant. It has to log on by
providing a valid user name and password to the device it is connected to,
typically another switch port, before forwarding traffic.

Figure 189 on page 1065 illustrates the supplicant port role. Port 1.0.11 on
switch B is set to the supplicant role. Whenever switch B is power cycled
or reset and initiates a link with switch A, it must log on by providing a
username and password, which switch A sends to the RADIUS server for
validation. (You enter this information when you configure the port for the
supplicant role.)