Allied Telesis AT-S63 User Manual

Contents

12

Chapter 31: 802.1x Port-based Network Access Control .........................................................................721
IEEE 802.1x Port-based Network Access Control Overview ..........................................................................722

Authentication Process.............................................................................................................................723
Port Roles.................................................................................................................................................724
None Role.................................................................................................................................................724
Authenticator Role ....................................................................................................................................724
Supplicant Role ........................................................................................................................................726
Authenticator Ports with Single and Multiple Supplicants.........................................................................727
Supplicant and VLAN Associations ..........................................................................................................733
Guest VLAN..............................................................................................................................................735
RADIUS Accounting .................................................................................................................................736
General Steps...........................................................................................................................................737
802.1x Port-based Network Access Control Guidelines...........................................................................738

Setting Port Roles ...........................................................................................................................................741
Enabling or Disabling 802.1x Port-based Network Access Control ................................................................743
Configuring Authenticator Port Parameters ....................................................................................................744
Configuring Supplicant Port Parameters.........................................................................................................750
Displaying the Port Access Parameters..........................................................................................................753
Configuring RADIUS Accounting ....................................................................................................................755

Section IX: Management Security .........................................................................757

Chapter 32: Web Server ..............................................................................................................................759
Web Server Overview .....................................................................................................................................760

Supported Protocols .................................................................................................................................760

Configuring the Web Server............................................................................................................................761
General Steps for Configuring the Web Server for Encryption .......................................................................764

General Steps for a Self-signed Certificate ..............................................................................................764
General Steps for a Public or Private CA Certificate ................................................................................764

Chapter 33: Encryption Keys ......................................................................................................................767
Basic Overview ...............................................................................................................................................768

Encryption Key Length .............................................................................................................................769
Encryption Key Guidelines .......................................................................................................................769

Technical Overview.........................................................................................................................................770

Data Encryption ........................................................................................................................................770
Data Authentication ..................................................................................................................................772
Key Exchange Algorithms ........................................................................................................................773

Creating an Encryption Key ............................................................................................................................775
Deleting an Encryption Key.............................................................................................................................779
Modifying an Encryption Key ..........................................................................................................................780
Exporting an Encryption Key...........................................................................................................................781
Importing an Encryption Key...........................................................................................................................784
Displaying the Encryption Keys ......................................................................................................................787

Chapter 34: PKI Certificates and SSL ........................................................................................................789
Basic Overview ...............................................................................................................................................790

Types of Certificates.................................................................................................................................790
Distinguished Names................................................................................................................................791
SSL and Enhanced Stacking....................................................................................................................792
Guidelines.................................................................................................................................................793

Technical Overview.........................................................................................................................................794

SSL Encryption.........................................................................................................................................794
User Verification .......................................................................................................................................795
Authentication...........................................................................................................................................795
Public Key Infrastructure ..........................................................................................................................796