Filter
Top Products
Chapter 31: 802.1x Port-based Network Access Control
374 Section VIII: Port Security
General Steps
Here are the general steps to implementing 802.1x Port-based Network
Access Control and RADIUS accounting on the switch:
1. You must install a RADIUS server on one or more of your network
servers or management stations. Authentication protocol server
software is not available from Allied Telesis. Funk Software Steel-
Belted Radius and Free Radius have been verified as fully compatible
with the AT-S63 Management Software.
Note
This feature is not supported with the TACACS+ authentication
protocol.
2. Those clients connected to an authenticator port set to the 802.1x
authentication method will need 802.1x client software. Microsoft
WinXP client software and Meeting House Aegis client software have
been verified as fully compatible with the AT-S63 Management
Software. (802.1x client software is not required when an authenticator
port is set to the MAC address-based authentication method.)
3. You must configure and activate the RADIUS client software in the
AT-S63 Management Software. The default setting for the
authentication protocol is disabled. You will need to provide the
following information:
The IP addresses of up to three RADIUS servers.
The encryption key used by the authentication servers.
4. You must configure the port access control settings on the switch. This
involves the following:
Specifying the port roles.
Configuring 802.1x port parameters.
Enabling 802.1x Port-based Network Access Control.
The instructions for this step are found in this chapter.
5. If you want to use RADIUS accounting to monitor the clients
connected to the switch ports, you must configure the service on the
switch.