beautypg.com

2 802.1x configuration, 1 802.1x configuration task list – Amer Networks SS2R48G4i V2 User Manual

Page 129

background image

SS2R24G4i/SS2R48G4i

118


In the IEEE 802.1x application environment, SS2R24/48G4i switch is used as the access

management unit, and the user connection device is the device with 802.1x client software. An
authenticating server usually reside in the Carrier’s AAA center and usually is a Radius server.


the difference between user access, MAC-based IEEE 802.1x authentication is implemented in

SS2R24/48G4i switch for better security and management. Only authenticated user access devices
connecting to the same physical port can access the network, the unauthorized devices will not be able
to access the network. In this way, even if multiple terminals are connected via one physical port,
SS2R24/48G4i switch can still authenticate and manage each user access device individually.

User-based (IP address+ MAC address+ port) 802.1x authentication function is implemented on

the base of MAC-based 802.1x authentication function, allowing users to access restricted resources
before being authenticated. For user-based access control mode, there are two modes standard
control and advanced control. User-based standard control type does not limit the access to restricted
resources, all the users of the port can access restricted resources before being authenticated, and
after being authenticated, users can access all the resources; while the user-based advanced control
will limit the access to restricted resources, only special users of the port can access restricted resorce
before being authenticated,after passing the authentication, they can access all the resources.

14.2 802.1x Configuration

14.2.1 802.1x Configuration Task List

1.Enable IEEE 802.1x function
2.Access management unit property configuration

1) Configure port authentication status
2) Configure access management method for the port MAC-based or port-based.
3) Configure expanded 802.1x function

3. User access devices related property configuration (optional)
4. RADIUS server related property configuration

1) Configure RADIUS authentication key.
2) Configure RADIUS Server
3) Configure RADIUS Service parameters.

1. Enable 802.1x function

Command Explanation

Global Mode

aaa enable
no aaa enable

Enables the AAA authentication function in

the switch; the “no aaa enable” command

disables the AAA authentication function.

aaa-accounting enable
no aaa-accounting enable

Enables the accounting function in the

switch; the “no aaa-accounting enable”

See also other documents in the category Amer Networks Computer Accessories: