xStack DGS/DXS-3300 Series Layer 3 Stackable Gigabit Ethernet Switch User Manual
134
Authentication Server
The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must
be running a RADIUS Server program and must be configured properly on the Authenticator (Switch). Clients connected
to a port on the Switch must be authenticated by the Authentication Server (RADIUS) before attaining any services offered
by the Switch on the LAN. The role of the Authentication Server is to certify the identity of the Client attempting to access
the network by exchanging secure information between the RADIUS server and the Client through EAPOL packets and, in
turn, informs the Switch whether or not the Client is granted access to the LAN and/or switches services.
Figure 6- 96. The Authentication Server
Authenticator
The Authenticator (the Switch) is an intermediary between the Authentication Server and the Client. The Authenticator
servers two purposes when utilizing 802.1x. The first purpose is to request certification information from the Client
through EAPOL packets, which is the only information allowed to pass through the Authenticator before access is granted
to the Client. The second purpose of the Authenticator is to verify the information gathered from the Client with the
Authentication Server, and to then relay that information back to the Client.
Three steps must be implemented on the Switch to properly configure the Authenticator.
1. The 802.1x State must be
Enabled
. (
Configuration
/
Advanced Settings
)
2. The 802.1x settings must be implemented by port (
Configuration
/
Port Access Entity
/
Configure
Authenticator
)
3. A RADIUS server must be configured on the Switch. (
Configuration
/
Port Access Entity
/
RADIUS Server
)
Figure 6- 97. The Authenticator
Summary of Contents for DGS-3324SR
Page 54: ...xStack DGS DXS 3300 Series Layer 3 Stackable Gigabit Ethernet Switch User Manual 39 ...
Page 373: ...358 ...
Page 390: ...375 ...