Manageable Mosaic switch Installation and User Guide
Page 64 of 87
Figure 5-
5 802.1X Access Authentication Scheme
The
802.1X Supplicant workstation
is the device that needs authentication in order to access the
network. This device must have operational 802.1X Supplicant service. Consult the network
administrator to assure that the 802.1X Supplicant is installed and properly configured on the
workstation(s).
Upon connecting the workstation to an 802.1X enabled port in the manageable Mosaic switch, the Local
Area Connection log-in window should appear to enable the user to log-in to the network. Devices
which do not have 802.1X Supplicant service will not be able to access the network.
The
Authenticator
(manageable Mosaic switch) is the device performing the 802.1 X port access
securities and controlling access to the network. The Authenticator invokes the 802.1X Supplicant on
the workstation and waits to receive the login information from the user. After receiving the login
information the Authenticator checks with the Authentication Server and performs the necessary action
(block or permit) based on the results received from the Authentication Server. The Authenticator uses
RADIUS (Remote Authentication Dial-in User Service) to communicate with the Authentication Server
(such as, Freeradius, Winradius or Radiator servers). The Authenticator (manageable Mosaic switch
should be configured with the Authentication Server address and shared password in order to enable
communication between them.
The
Authentication Server
is a central network device which maintains the login information of
permitted users. The Authentication Server validates the username and password information of the
client and instructs the Authenticator whether or not to block or permit network access to each specific
client.
5.2.2.2 Defining the Radius Server via Telnet
1. From the Windows
Start
Menu select
Run
and type
Telnet
then the IP address of the
manageable Mosaic switch device.
2. At the prompt, enter the default password,
mypass
(case sensitive) or the new Telnet
access password you may have defined.
802.1 X Supplicant clients
Authenticator
Authentication Server
SUMMARY