ProSafe 7000 Managed Switch Software Administration Manual, Release 8.0.3
Security Management
13-27
v1.0, June 2010
b.
In the Radius Server IP Address field, enter
192.168.0.1
.
c.
Select
Yes
in the Secret Configured field.
d.
In the Secret field, enter
12345
.
e.
Click
Add
.
7.
Configure the Guest VLAN.
a.
From the main menu, select Security > Port Authentication > Advanced>Port Authentication. A
screen similar to the following displays.
Figure
13-29
b.
Under Port Authentication, scroll down to interface 1/0/1 and 1/0/24, select the checkbox for that
interface.
c.
Under the Port Authentication, in the
Guest VLAN ID
field, enter
2000
.
d.
Click
Apply
to save your settings.
VLAN Assignment via RADIUS
This feature implies that the client can connect from any port and can get assigned to the appropriate VLAN
that it is supposed to be in, this is configured in the RADIUS server. This gives flexibility for the clients to
move around the network without requiring the administrator to do much configuration. When multiple
hosts are connected to the switch on the same port, only one host uses authentication. If any VLAN
information is applied on the port based on the authenticated host, the VLAN applies that information to all
the hosts that are connected to that port.
•
If any client initiates dot1x authentication again on the port after the port being in authorized state, then
the port clears all first authenticated clients states, and in the process clears the VLAN assigned to the
port (if any) and continues with the new client authentication and authorization process.
•
When a client authenticates itself initially on the network, the switch acts as the authenticator to the
clients on the network and forwards the authentication request to the RADIUS server in the network.