Figure 154: multi host operating mode – Allied Telesis AT-9000 Series User Manual

Chapter 60: 802.1x Port-based Network Access Control

870

Note, however, that should the client who performed the initial log on fail to
periodically reauthenticate or log out, the authenticator port reverts to the
unauthenticated state. It bars all further traffic to and from all the clients
until the initial client or another client logs on.

Figure 154 is an example of this mode. Port 6 is connected to an Ethernet
hub or non-802.1x compliant switch, which in turn is connected to several
supplicants. The switch does not forward the client traffic until one of the
clients logs on. Afterwards, it forwards the traffic of all the clients

Figure 154. Multi Host Operating Mode

If the port is set to the 802.1x authentication method, one client must have
802.1x client firmware and must provide a username and password during
authentication. (The other clients do not need 802.1x client firmware to
forward traffic through the port after one client has been authenticated.)

If the port is using MAC address-based authentication, 802.1x client
firmware is not required. The MAC address of the first client to forward
traffic through the port is used for authentication. When that client is
authenticated, all supplicants have access to the port.

RADIUS
Authentication
server

Port 6
Role: Authenticator
Operating Mode: Multi host mode

Ethernet hub or
non-802.1x-
compliant
switch

Authenticated
Client

Unauthenticated
Clients