beautypg.com

Port access control, Port access control overview – Allied Telesis AT-GS950/24 User Manual

Page 280

background image

Chapter 21: Security

280

Port Access Control

This section contains information and configuration procedures for the
Port-based Access Control. The following information is provided:

“Port Access Control Overview”

“Port Access Control Configuration” on page 281

Note
After configuring the Port-based Network Access Control, you can
choose to use the local authentication server in the AT-S115 for
802.1x authentication, a remote RADIUS server for 802.1x
authentication, or TACACS+. See “Dial-in User— Local
Authentication” on page 292, “RADIUS Client” on page 286, or
“TACACS+” on page 289.

Port Access

Control Overview

Port-based Network Access Control (IEEE 802.1x) is used to control who
can send traffic through and receive traffic from a switch port. With this
feature, the switch does not allow an end node to send or receive traffic
through a port until the user of the node logs on by entering a user name
and password.

This feature can prevent an unauthorized individual from connecting a
computer to a port or using an unattended workstation to access your
network resources. Only those users to whom you have assigned a user
name and password are able to use the switch to access the network.

This feature can be used with one of the following authentication methods:

The RADIUS authentication protocol requires that a
remote RADIUS server is present on your network.
The RADIUS server performs the authentication of the
user name and password combinations. See “Port
Access Control Configuration” on page 281 and
“RADIUS Client” on page 286 for more information.

Note
RADIUS with Extensible Authentication Protocol (EAP) extensions
is the only supported authentication server for this feature.

The TACACS+ authentication protocol requires that a
TACACS+ server is present on your network. The
TACACS+ server performs the authentication of the
user name and password combinations. Refer to “Port
Access Control Configuration” on page 281 and
“TACACS+” on page 289 for more information.

See also other documents in the category Allied Telesis Computer hardware: