Allied Telesis AT-S63 User Manual
Page 729
AT-S63 Management Software Menus Interface User’s Guide
Section VII: Port Security
729
log onto and forward traffic through the AT-9400 Series switch. Of course,
the combinations must be defined on the RADIUS authentication server.
The switch prompts a client for the information the first time they try to
pass a packet through the authenticator port. The port accepts and
forwards traffic only from those clients who successfully log on and denies
access to all other users.
Figure 254. Authenticator Port in Multiple Operating Mode - Example 1
The next example of the multiple mode in Figure 255 shows two AT-9400
Series switches. The clients connected to switch B have to log on to port 6
on Switch A when they pass a packet to that switch for the first time.
There are several things to note about interconnecting two 802.1x-
compliant devices using the Multiple operating mode of an authenticator
port. In order for switch B in our example to pass the RADIUS messages
to switch A, it must be able to log on to port 6 on switch A. That is why port
11 on the lower switch is configured as a supplicant. If its role is set to
none, port 6 on switch A will discard the packets because switch B would
not be logged on to the port.
Also note that the ports where the clients are connected on switch B are
set to the none role. This is because a client can log on only once. If, in this
AT-9400 Series Switch
FAULT
RPS
MASTER
POWER
CLASS 1
LASER PRODUCT
STATUS
TERMINAL
PORT
1
3
5
7
9
11
2
4
6
8
10
12
13
15
17
19
21
23R
14
16
18
20
22
24R
AT-9424T/SP
Gigabit Ethernet Switch
1
3
5
7
9
11
13
15
17
19
21
23R
2
4
6
8
10
12
14
16
18
20
22
24R
23
24
L/A
D/C
D/C
L/A
D/C
L/A
1000 LINK / ACT
HDX / COL
FDX
10/100 LINK / ACT
PORT ACTIVITY
L/A
1000 LINK / ACT
SFP
SFP
24
SFP
23
RADIUS
Authentication
Server
Port 6
Role: Authenticator
Operating Mode: Multiple
Piggy-back Mode: -----
Ethernet Hub or
Non-802.1x-compliant
Switch
Clients with
802.1x Client
Software