beautypg.com

1x example configuration – NETGEAR AV Line M4250 GSM4210PX 8-Port Gigabit PoE+ Compliant Managed AV Switch with SFP (220W) User Manual

Page 777

background image

A Port Access Entity (PAE) is able to adopt one of two distinct roles within an access
control interaction:

1. Authenticator: A port that enforces authentication before allowing access to services

available through that port.

2. Supplicant: A port that attempts to access services offered by the authenticator.

Additionally, a third role exists:

3. Authentication server: Performs the authentication function necessary to check the

credentials of the supplicant on behalf of the authenticator.

All three roles are required for you to complete an authentication exchange.

The switch support the authenticator role only, in which the PAE is responsible for
communicating with the supplicant. The authenticator PAE is also responsible for
submitting the information received from the supplicant to the authentication server
for the credentials to be checked, which determines the authorization state of the port.
The authenticator PAE controls the authorized/unauthorized state of the controlled port
depending on the outcome of the RADIUS-based authentication process.

Figure 1. 802.1X authentication roles

802.1X example configuration

This example shows how to configure the switch so that 802.1X-based authentication
is required on the ports in a corporate conference room (5 through 8). These ports are
available to visitors and must be authenticated before access is granted to the network.

Main User Manual

777

Configuration Examples

AV Line of Fully Managed Switches M4250 Series Main User Manual