beautypg.com

Allied Telesis AT-S62 User Manual

Page 649

background image

AT-S62 Management Software Menus Interface User’s Guide

Section VI: Port Security

649

Authenticator

Ports with Single

and Multiple

Supplicants

An authenticator port has two operating modes. The modes relate to the
number of clients using the port and, in situations where an authenticator
port is supporting more than one client, whether just one client or all the
clients must log on to use the switch port.

The operating modes are:

ˆ

Single

ˆ

Multiple

Single Operating Mode

The Single operating mode is used in two situations. The first is when an
authenticator port supports only one client. In this scenario, the switch
allows only one client to log on and use the port.

You can also use the Single mode when an authenticator port supports
more than one client, but where only one client needs to log on in order for
all clients to use the port. This configuration can be useful in situations
where you want to add 802.1x Port-based Network Access Control to a
switch port that is supporting multiple clients, but want to avoid having to
create individual accounts for all the clients on the RADIUS server.

This is referred to as “piggy-backing.” After one client has successfully
logged, the port permits the other clients to piggy-back onto the initial
client’s log on, allowing all clients to forward packets through the port.

To implement this configuration, you have to set the operating mode of an
authenticator port to Single and also toggle the piggy-back mode feature.
When piggy-back is disabled, only one client is allowed to log on and use
the port. When this feature is enabled, an unlimited number of clients can
use the port after one client has successfully logged on.

Note, however, that should the client who accomplished the initial log on
fail to periodically reauthenticate or log out, the switch port reverts to the
unauthenticated state. It bars all further traffic to and from all the clients on
the port, until the initial client or another client logs on.

Here are several examples illustrating the Single operating mode and the
piggy-back mode of an authenticator port. In Figure 223 on page 650, an
authenticator port on a switch, in this case port 6, is connected to a single
client. The authenticator port’s operating mode is set to Single and the
piggy-back feature is disabled so that only one client can use the port at
any one time.