beautypg.com

1x example configuration – NETGEAR MS510TXPP 8 Port Gigabit PoE Managed Switch User Manual

Page 344

background image

Smart Managed Pro Switches MS510TX and MS510TXPP

Configuration Examples

User Manual

344

controls the authorized/unauthorized state of the controlled port depending on the outcome of
the RADIUS-based authentication process.

Supplicant

Authenticator switch

Supplicant

Radius

authentication

server

(192.100.10.23)

Figure 1. 802.1X authentication roles

802.1X Example Configuration

This example shows how to configure the switch so that 802.1X-based authentication is
required on the ports in a corporate conference room (mg7–mg8). These ports are available
to visitors and must be authenticated before access is granted to the network. The
authentication is handled by an external RADIUS server. When the visitor is successfully
authenticated, traffic is automatically assigned to the guest VLAN. This example assumes
that a VLAN was configured with a VLAN ID of 150 and VLAN name of Guest.

1.

On the Port Authentication page, select ports

mg6

through

mg8

.

2.

From the

Port Control

menu, select

Auto

.

The selection from the

Port Control

menu for all other ports on which authentication is

not needed must be

Authorized

. When the selection from the

Port Control

menu is

Authorized

, the port is unconditionally put in a force-authorized state and does not

require any authentication. When the selection from the

Port Control

menu is

Auto

, the

authenticator PAE sets the controlled port mode.

3.

In the

Guest VLAN

field for ports mg7–mg8, enter

150

to assign these ports to the guest

VLAN.

You can configure additional settings to control access to the network through the ports.
See

Configure a Port Security Interface on page

251

for information about the settings.

4.

Click the

Apply

button.