beautypg.com

System configuration – Interlogix GE-DS-242-PoE User Manual

Page 122

background image

Chapter 4: Web-Based Management

118

GE-DS-242-PoE Managed Ethernet Switch User Manual

a client is successfully authenticated, the port transitions to the authorized state,
allowing all traffic for the client to flow normally.

If a client that does not support 802.1X is connected to an unauthorized 802.1X
port, the switch requests the client's identity. In this situation, the client does not
respond to the request, the port remains in the unauthorized state, and the client
is not granted access to the network.

In contrast, when an 802.1X-enabled client connects to a port that is not running
the 802.1X protocol, the client initiates the authentication process by sending the
EAPOL-start frame. When no response is received, the client sends the request
for a fixed number of times. Because no response is received, the client begins
sending frames as if the port is in the authorized state

If the client is successfully authenticated (receives an Accept frame from the
authentication server), the port state changes to authorized, and all frames from
the authenticated client are allowed through the port. If the authentication fails,
the port remains in the unauthorized state, but authentication can be retried. If
the authentication server cannot be reached, the switch can retransmit the
request. If no response is received from the server after the specified number of
attempts, authentication fails, and network access is not granted.

When a client logs off, it sends an EAPOL-logoff message, causing the switch
port to transition to the unauthorized state.

If the link state of a port transitions from up to down, or if an EAPOL-logoff frame
is received, the port returns to the unauthorized state.

System Configuration

802.1x makes use of the physical access characteristics of IEEE802 LAN
infrastructures in order to provide a means of authenticating and authorizing
devices attached to a LAN port that has point-to-point connection characteristics,
and of preventing access to that port in cases in which the authentication and
authorization process fails.

To enable 802.1x, from System \ System Information \ Misc Config then you still
to fill in the authentication server information: