Allied Telesis AT-S63 User Manual

Contents

12

Chapter 31: 802.1x Port-based Network Access Control .........................................................................723
IEEE 802.1x Port-based Network Access Control Overview ..........................................................................724

Authentication Process.............................................................................................................................725
Port Roles.................................................................................................................................................726
None Role.................................................................................................................................................726
Authenticator Role ....................................................................................................................................726
Supplicant Role ........................................................................................................................................728
Authenticator Ports with Single and Multiple Supplicants.........................................................................729
Supplicant and VLAN Associations ..........................................................................................................735
Guest VLAN..............................................................................................................................................737
RADIUS Accounting .................................................................................................................................738
General Steps...........................................................................................................................................739
802.1x Port-based Network Access Control Guidelines...........................................................................740

Setting Port Roles ...........................................................................................................................................743
Enabling or Disabling 802.1x Port-based Network Access Control ................................................................745
Configuring Authenticator Port Parameters ....................................................................................................746
Configuring Supplicant Port Parameters.........................................................................................................752
Displaying the Port Access Parameters..........................................................................................................755
Configuring RADIUS Accounting ....................................................................................................................757

Section IX: Management Security .........................................................................759

Chapter 32: Web Server ..............................................................................................................................761
Web Server Overview .....................................................................................................................................762

Supported Protocols .................................................................................................................................762

Configuring the Web Server............................................................................................................................763
General Steps for Configuring the Web Server for Encryption .......................................................................766

General Steps for a Self-signed Certificate ..............................................................................................766
General Steps for a Public or Private CA Certificate ................................................................................766

Chapter 33: Encryption Keys ......................................................................................................................769
Basic Overview ...............................................................................................................................................770

Encryption Key Length .............................................................................................................................771
Encryption Key Guidelines .......................................................................................................................771

Technical Overview.........................................................................................................................................772

Data Encryption ........................................................................................................................................772
Data Authentication ..................................................................................................................................774
Key Exchange Algorithms ........................................................................................................................775

Creating an Encryption Key ............................................................................................................................777
Deleting an Encryption Key.............................................................................................................................781
Modifying an Encryption Key ..........................................................................................................................782
Exporting an Encryption Key...........................................................................................................................783
Importing an Encryption Key...........................................................................................................................786
Displaying the Encryption Keys ......................................................................................................................789

Chapter 34: PKI Certificates and SSL ........................................................................................................791
Basic Overview ...............................................................................................................................................792

Types of Certificates.................................................................................................................................792
Distinguished Names................................................................................................................................793
SSL and Enhanced Stacking....................................................................................................................794
Guidelines.................................................................................................................................................795

Technical Overview.........................................................................................................................................796

SSL Encryption.........................................................................................................................................796
User Verification .......................................................................................................................................797
Authentication...........................................................................................................................................797
Public Key Infrastructure ..........................................................................................................................798