General steps – Allied Telesis AT-S62 User Manual

Page 613

background image

AT-S62 Menus Interface User’s Guide

Section VI: Port Security

613

The information sent by the switch to the RADIUS server for an event
includes:

❑ The port number where the event occurred.

❑ The date and time when the event occurred.

❑ The number of packets transmitted and received by the port

during a supplicant’s session. (This information is sent when the
client logs off.)

You can also configure the accounting feature to send interim updates
so you can monitor which clients are still active.

Here are the guidelines to using the accounting feature:

❑ The AT-S62 management software supports the Network level of

accounting, but not the System or Exec.

❑ This feature is available for ports operating in the Authenticator

role. Accounting is not supported for ports operating in the
Supplicant or None role.

❑ You must configure 802.1x Port-based Access Control as

explained in this chapter and designate port roles.

❑ You must also specify from one to three RADIUS servers. The

instructions for this are in Configuring Authentication Protocol
Settings on page 701.

For instructions on configuring this feature, refer to Configuring RADIUS
Accounting on page 627.

General Steps

Here are the general steps to implementing 802.1x Port-based Access
Control and RADIUS accounting on the switch:

1. You must install RADIUS server software on one or more of your

network servers or management stations. Authentication protocol
server software is not available from Allied Telesyn. Funk Software
Steel-Belted Radius and Free Radius have been verified as fully
compatible with the AT-S62 management software.

Note

This feature is not supported with the TACACS+ authentication
protocol.

2. You need to install 802.1x client software on those workstations that

are to be supplicants. Microsoft WinXP client software and Meeting
House Aegis client software have been verified as fully compatible
with the AT-S62 management software.