Allied Telesis AT-S100 User Manual

AT-S100 Management Software User’s Guide

57

using an unattended workstation to access your network resources. Only
those users designated as valid network users on the RADIUS server are
permitted to use the switch to access the network.

The switch implements the server side of the IEEE 802.1x Port-based and
MAC-based Network Access Control. This feature allows only authorized
users, or their network devices, access to network resources by
establishing criteria for each interface on the switch.

Displaying 802.1x Port Authentication Status

Displaying the status of the 802.1x Port Authentication feature on the
switch provides the following information:

ˆ

802.1x Port Authentication status (enabled or disabled)

ˆ

RADIUS server IP address

ˆ

RADIUS client IP address

ˆ

Next RADIUS message ID

The syntax of this command is:

show dot1x

To display the status of the 802.1x Port Authentication feature, enter the
following command:

switch#show dot1x

For more information about this command including a display, see “SHOW
DOT1X” on page 203.

Setting 802.1x Port Authentication

To set 802.1x Port Authentication with a RADIUS server host of
192.168.1.30 and a shared secret key between the RADIUS server and a
client of “Encrypt112,” enter the following commands:

switch# configure terminal

switch(config)# dot1x system-auth-ctrl

switch(config)# interface ge12

switch(config-if)# dot1x port-control auto

switch(config-if)# exit

switch(config)# radius-server host 192.168.1.30

switch(config)# radius-server key Encrypt112