beautypg.com

2 802.1x configuration task list, Onfiguration – Accton Technology ES4626 User Manual

Page 783

background image

783

divided into two virtual port types: managed port and non-managed port. A non-managed

port is always in the connected status for both in and out directions to transfer EAP

authenticating packets. A managed port will be in the connected status when authorized

to transfer commutation packets; and is shutdown when not authorized, and cannot

transfer any packets.

In the IEEE 802.1x application environment, ES4624-SFP/ES4626-SFP is used as

the access management unit, and the user connection device is the device with 802.1x

client software. An authenticating server usually reside in the Carrier’s AAA center and

usually is a Radius server.

The authentication function of port-based IEEE 802.1x is limited when multiple user

access devices connect to one physical port, since the authentication will not be able to

tell the difference between user access, MAC-based IEEE 802.1x authentication is

implemented in ES4624-SFP/ES4626-SFP for better security and management. Only

authenticated user access devices connecting to the same physical port can access the

network, the unauthorized devices will not be able to access the network. In this way,

even if multiple terminals are connected via one physical port, ES4624-SFP/ES4626-SFP

can still authenticate and manage each user access device individually.

The maximum authenticating user number supported by ES4624-SFP/ES4626-SFP

is 4,000. It is recommended to keep the authenticating user number under 2,000.

19.2 802.1x Configuration Task List

1. Enable IEEE 802.1x function

2. Access

management

unit

property configuration

1) Configure port authentication status

2) Configure access management method for the port: MAC-based or port-based.

3) Configure expanded 802.1x function

3. User access devices related property configuration (optional)

4. RADIUS server related property configuration

1) Configure RADIUS authentication key.

2) Configure RADIUS Server

3) Configure RADIUS Service parameters.

1. Enable 802.1x function

This manual is related to the following products:
See also other documents in the category Accton Technology Computer Accessories: