Setting radius parameters, Supported radius attributes – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 184

Advertising
background image

164

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

802.1X port security configuration

Configuring an authentication method list for 802.1X

To use 802.1X port security, you must specify an authentication method to be used to authenticate
Clients. Brocade supports RADIUS authentication with 802.1X port security. To use RADIUS
authentication with 802.1X port security, you create an authentication method list for 802.1X and
specify RADIUS as an authentication method, then configure communication between the Brocade
device and RADIUS server.

Example

Brocade(config)# aaa authentication dot1x default radius

Syntax: [no] aaa authentication dot1x default method-list

For the method-list, enter at least one of the following authentication methods

radius – Use the list of all RADIUS servers that support 802.1X for authentication.

none – Use no authentication. The Client is automatically authenticated by other means, without
the device using information supplied by the Client.

NOTE

If you specify both radius and none, make sure radius comes before none in the method list.

Setting RADIUS parameters

To use a RADIUS server to authenticate access to a Brocade device, you must identify the server to
the Brocade device.

Example

Brocade(config)# radius-server host 10.157.22.99 auth-port 1812 acct-port 1813
default key mirabeau dot1x

Syntax: radius-server host ip-addr | ipv6-addr | server-name [auth-port num | acct-port num |

default] [key 0 | 1 string] [dot1x]

The host ip-addr | ipv6-addr | server-name parameter is either an IP address or an ASCII text
string.

The dot1x parameter indicates that this RADIUS server supports the 802.1X standard. A RADIUS
server that supports the 802.1X standard can also be used to authenticate non-802.1X
authentication requests.

NOTE

To implement 802.1X port security, at least one of the RADIUS servers identified to the Brocade
device must support the 802.1X standard.

Supported RADIUS attributes

Many IEEE 802.1X Authenticators will function as RADIUS clients. Some of the RADIUS attributes
may be received as part of IEEE 802.1X authentication. Brocade devices support the following
RADIUS attributes for IEEE 802.1X authentication:

Username (1) – RFC 2865

Advertising
Popular Brands
Popular manuals