C
HAPTER
4
| Configuring the Switch
Configuring 802.1X Port Authentication
– 82 –
The operation of 802.1X on the switch requires the following:
◆
The switch must have an IP address assigned (see
page 56
).
◆
RADIUS authentication must be enabled on the switch and the IP
address of the RADIUS server specified. Backend RADIUS servers are
configured on the Authentication configuration page (see
page 65
).
◆
802.1X / MAC-based authentication must be enabled globally for the
switch.
◆
The Admin State for each switch port that requires client authentication
must be set to 802.1X or MAC-based.
◆
When using 802.1X authentication:
■
Each client that needs to be authenticated must have dot1x client
software installed and properly configured.
■
When using 802.1X authentication, the RADIUS server and 802.1X
client must support EAP. (The switch only supports EAPOL in order
to pass the EAP packets from the server to the client.)
■
The RADIUS server and client also have to support the same EAP
authentication type - MD5, PEAP, TLS, or TTLS. (Native support for
these encryption methods is provided in Windows XP, and in
Windows 2000 with Service Pack 4. To support these encryption
methods in Windows 95 and 98, you can use the AEGIS dot1x client
or other comparable client software.)
MAC-based authentication allows for authentication of more than one user
on the same port, and does not require the user to have special 802.1X
software installed on his system. The switch uses the client's MAC address
to authenticate against the backend server. However, note that intruders
can create counterfeit MAC addresses, which makes MAC-based
authentication less secure than 802.1X authentication.
Summary of Contents for 8028L2
Page 1: ...MANAGEMENT GUIDE TigerSwitchTM 10 100 1000 28 Port Gigabit Ethernet Switch SMC8028L2 ...
Page 6: ...ABOUT THIS GUIDE 6 ...
Page 22: ...FIGURES 22 ...
Page 26: ...SECTION Getting Started 26 ...
Page 46: ...CHAPTER 2 Initial Switch Configuration Managing System Files 46 ...
Page 48: ...SECTION Web Configuration 48 ...
Page 144: ...CHAPTER 4 Configuring the Switch Configuring DHCP Relay and Option 82 Information 144 ...
Page 184: ...CHAPTER 6 Performing Basic Diagnostics Running Cable Diagnostics 184 ...
Page 238: ...CHAPTER 12 Port Commands 238 ...
Page 244: ...CHAPTER 13 Link Aggregation Commands 244 ...
Page 262: ...CHAPTER 15 RSTP Commands 262 ...
Page 272: ...CHAPTER 16 IEEE 802 1X Commands 272 ...
Page 282: ...CHAPTER 17 IGMP Commands 282 ...
Page 290: ...CHAPTER 18 LLDP Commands 290 ...
Page 296: ...CHAPTER 19 MAC Commands 296 ...
Page 306: ...CHAPTER 21 PVLAN Commands 306 ...
Page 318: ...CHAPTER 22 QoS Commands 318 ...
Page 352: ...CHAPTER 26 SNMP Commands 352 ...
Page 355: ...CHAPTER 27 HTTPS Commands 355 EXAMPLE HTTPS redirect enable HTTPS ...
Page 356: ...CHAPTER 27 HTTPS Commands 356 ...
Page 362: ...CHAPTER 29 UPnP Commands 362 ...
Page 370: ...CHAPTER 31 Firmware Commands 370 ...
Page 372: ...SECTION Appendices 372 ...
Page 386: ...GLOSSARY 386 ...
Page 391: ...INDEX 391 ...
Page 392: ...149100000079A R01 SMC8028L2 ...