Filter
Top Products
Chapter 31: 802.1x Port-based Network Access Control
366 Section VIII: Port Security
If the clients are connected to an 802.1x-compliant device, such as
another AT-9400 Switch, you can automate the initial log on and
reauthentications by configuring one of the switch ports as a supplicant. In
this manner, the log on and reauthentications are performed
automatically, eliminating the need for relying on an individual to perform
the task. This scenario is illustrated in Figure 42.
Figure 42. Single Operating Mode with Multiple Clients Using the Piggy-
back Feature - Example 2
None of the workstations connected to switch B need to be authenticated
or require 802.1x client software when accessing switch A because the log
on to switch A and the subsequent reauthentications are performed
automatically by the supplicant port on switch B, which is connected to an
authenticator port on switch A with piggy-back mode enabled. It should be
noted, however, that in this particular scenario the clients have full access
to the resources of switch B even if the switch fails to log on or
reauthenticate to switch A.
The example in the next figure again illustrates two 802.1x-compliant
switches. The primary difference between this and the previous example
is that the clients in the previous example did not have to log on to access
switch B. In this example the clients have to log on to have any access at
all to the network.
AT-9400 Switch (A)
FAULT
RPS
MASTER
POWER
CLASS 1
LASER PRODUCT
STATUS
TERMINAL
PORT
1357911
2 4 6 8 10 12
13 15 17 19 21 23R
14 16 18 20 22 24R
AT-9424T/SP
Gigabit Ethernet Switch
1357911131517192123R
2 4 6 8 10121416 18202224R
23 24
L/A
D/C
D/C
L/A
D/C
L/A
1000 LINK / ACT
HDX /
COL
FDX
10/100 LINK / ACT
PORT ACTIVITY
L/A
1000 LINK / ACT
SFP
SFP
24
SFP
23
RADIUS
Authentication
Server
Port 6
Role: Authenticator
Operating Mode: Single
Piggy-back Mode: Enabled
Port 11
Role: Supplicant
Username: sales_switch
Password: wind4411
FAULT
RPS
MASTER
POWER
CLASS 1
LASER PRODUCT
STATUS
TERMINAL
PORT
1357911
2 4 6 8 10 12
13 15 17 19 21 23R
14 16 18 20 22 24R
AT-9424T/SP
Gigabit Ethernet Switch
1357911131517192123R
2 4 6 8 10121416 18202224R
23 24
L/A
D/C
D/C
L/A
D/C
L/A
1000 LINK / ACT
HDX /
COL
FDX
10/100 LINK / ACT
PORT ACTIVITY
L/A
1000 LINK / ACT
SFP
SFP
24
SFP
23
Client Ports:
Role: None
Unauthenticated
Clients
AT-9400 Switch (B)