![Dell PowerConnect 8024 User Configuration Manual Download Page 471](http://html.mh-extra.com/html/dell/powerconnect-8024/powerconnect-8024_user-configuration-manual_84530471.webp)
Configuring Port and System Security
471
As shown in Figure 20-1, the PowerConnect 8000/8100-series switch is the
authenticator and enforces the supplicant (a PC) that is attached to an
802.1X-controlled port to be authenticated by an authentication server (a
RADIUS server). The result of the authentication process determines
whether the supplicant is authorized to access services on that controlled
port. PowerConnect switches support authentication using remote RADIUS
or TACACS servers and also support authentication using a local
authentication service.
Supported security methods for communication with remote servers include
MD5, PEAP, EAP-TTL, EAP-TTLS, and EAP-TLS. Only EAP-MD5 is
supported when using the local authentication server (IAS).
For a list of RADIUS attributes that the switch supports, see
Servers to Control Management Access
What are the 802.1X Port States?
The 802.1X port state determines whether to allow or prevent network traffic
on the port. A port can configured to be in one of the following 802.1X
control modes:
• Auto (default)
• MAC-based
• Force-authorized
• Force-unauthorized.
These modes control the behavior of the port. The port state is either
Authorized or Unauthorized.
If the port is in the authorized state, the port sends and receives normal
traffic without client port-based authentication. When a port is in an
unauthorized state, it ignores supplicant authentication attempts and does
not provide authentication services to the client. By default, when 802.1X is
globally enabled on the switch, all ports are in Auto, which means the port will
be unauthorized until a successful authentication exchange has taken place.
In addition to authorized, unauthorized, and automode, the 802.1X mode of
a port can be MAC based, as the following section describes.
NOTE:
Only MAC-Based and Automode actually use 802.1X to authenticate.
Authorized and Unauthorized modes are manual overrides.
Summary of Contents for PowerConnect 8024
Page 48: ...48 Contents ...
Page 52: ...52 Introduction ...
Page 86: ...86 Switch Features ...
Page 140: ...140 Setting Basic Network Information ...
Page 178: ...178 Managing a Switch Stack ...
Page 204: ...204 Configuring Authentication Authorization and Accounting ...
Page 272: ...272 Managing General System Settings ...
Page 308: ...308 Configuring SNMP ...
Page 336: ...336 Managing Images and Files ...
Page 354: ...354 Auto Image and Configuration Update ...
Page 468: ...468 Configuring Port Characteristics ...
Page 512: ...512 Configuring Port and System Security ...
Page 550: ...550 Configuring Access Control Lists ...
Page 580: ...580 Configuring VLANs Figure 22 17 GVRP Port Parameters Table ...
Page 586: ...586 Configuring VLANs Figure 22 24 Double VLAN Port Parameter Table ...
Page 618: ...618 Configuring VLANs ...
Page 631: ...Configuring the Spanning Tree Protocol 631 Figure 23 5 Spanning Tree Global Settings ...
Page 637: ...Configuring the Spanning Tree Protocol 637 Figure 23 11 RSTP LAG Settings ...
Page 685: ...Configuring Port Based Traffic Control 685 Figure 25 3 Storm Control 5 Click Apply ...
Page 776: ...776 Snooping and Inspecting Traffic Figure 27 17 DAI Interface Configuration Summary ...
Page 790: ...790 Snooping and Inspecting Traffic ...
Page 797: ...Configuring Link Aggregation 797 To view or edit settings for multiple LAGs click Show All ...
Page 894: ...894 Configuring DHCP Server Settings ...
Page 928: ...928 Configuring L2 and L3 Relay Features Figure 34 3 DHCP Relay Interface Summary ...
Page 955: ...Configuring OSPF and OSPFv3 955 Figure 35 1 OSPF Configuration ...
Page 1030: ...1030 Configuring OSPF and OSPFv3 ...
Page 1068: ...1068 Configuring VRRP ...
Page 1092: ...1092 Configuring IPv6 Routing ...
Page 1119: ...Configuring Differentiated Services 1119 Figure 40 5 DiffServ Class Criteria ...
Page 1126: ...1126 Configuring Differentiated Services Figure 40 14 DiffServ Service Summary ...
Page 1142: ...1142 Configuring Differentiated Services ...
Page 1148: ...1148 Configuring Class of Service Figure 41 1 Mapping Table Configuration CoS 802 1P ...
Page 1160: ...1160 Configuring Class of Service ...
Page 1164: ...1164 Configuring Auto VoIP Figure 42 2 Auto VoIP Interface Configuration ...
Page 1230: ...1230 Managing IPv4 and IPv6 Multicast Figure 43 51 DVMRP Next Hop Summary ...
Page 1256: ...1256 Managing IPv4 and IPv6 Multicast ...
Page 1266: ...1266 Feature Limitations and Platform Constants ...
Page 1274: ...1274 System Process Definitions ...
Page 1294: ...Index 1294 ...