1x port security and sflow, Configuring 802.1x port security – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 984

Advertising
background image

950

Brocade TurboIron 24X Series Configuration Guide

53-1003053-01

Configuring 802.1X port security

802.1X port security and sFlow

sFlow is a standards-based protocol that allows network traffic to be sampled at a user-defined rate
for the purpose of monitoring traffic flow patterns and identifying packet transfer rates on
user-specified interfaces.

When you enable sFlow forwarding on an 802.1X-enabled interface, the samples taken from the
interface include the user name string at the inbound or outbound port, or both, if that information
is available.

For more information on sFlow, refer to

Appendix 13, “Network Monitoring”

.

Configuring 802.1X port security

Configuring 802.1X port security on a device consists of the following tasks.

1. Configure the device interaction with the Authentication Server:

“Configuring an authentication method list for 802.1X”

on page 950

“Setting RADIUS parameters”

on page 951

“Configuring dynamic VLAN assignment for 802.1X ports”

on page 954 (optional)

“Dynamically applying IP ACLs and MAC filters to 802.1X ports”

on page 958

2. Configure the device role as the Authenticator:

“Enabling 802.1X port security”

on page 961

“Initializing 802.1X on a port”

on page 966 (optional)

3. Configure the device interaction with Clients:

“Configuring periodic re-authentication”

on page 963 (optional)

“Re-authenticating a port manually”

on page 963 (optional)

“Setting the quiet period”

on page 964 (optional)

“Setting the wait interval for EAP frame retransmissions”

on page 964 (optional)

“Setting the maximum number of EAP frame retransmissions”

on page 964 (optional)

“Specifying a timeout for retransmission of messages to the authentication server”

on

page 966 (optional)

“Allowing access to multiple hosts”

on page 966 (optional)

Configuring an authentication method list for 802.1X

To use 802.1X port security, you must specify an authentication method to be used to authenticate
Clients. The device supports RADIUS authentication with 802.1X port security. To use RADIUS
authentication with 802.1X port security, you create an authentication method list for 802.1X and
specify RADIUS as an authentication method, then configure communication between the device
and RADIUS server.

Example

TurboIron(config)#aaa authentication dot1x default radius

Syntax: [no] aaa authentication dot1x default <method-list>

Advertising
Popular Brands
Popular manuals