xStack DES-3500 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual
106
MAC-Based Network Access Control
802.1X
Client
Network access controlled port
Network access uncontrolled port
RADIUS
Server
Ethernet Switch
802.1X
Client
802.1X
Client
802.1X
Client
802.1X
Client
802.1X
Client
802.1X
Client
802.1X
Client
802.1X
Client
802.1X
Client
802.1X
Client
802.1X
Client
…
Figure 6- 88. Example of Typical MAC-Based Configuration
In order to successfully make use of 802.1x in a shared media LAN segment, it would be necessary to create “virtual” Ports, one
for each attached device that required access to the LAN. The Switch would regard the single physical Port connecting it to the
shared media segment as consisting of a number of distinct virtual Ports, each virtual Port being independently controlled from the
point of view of EAPOL exchanges and authorization state. The Switch learns each attached device’s individual MAC address,
and effectively creates a virtual Port that the attached device can then use to communicate with the LAN via the Switch.