Ieee 802.1x (port based network access control), How 802.1x authentication works, Ieee 802.1x (port based network access – Avaya C360 User Manual
Page 123: Control)
IEEE 802.1x (Port Based Network Access Control)
Issue 1 July 2006
123
IEEE 802.1x (Port Based Network Access Control)
Port Based Network Access Control (IEEE 802.1x) is a method for performing authentication to
obtain access to IEEE 802 LANs. The protocol defines an interaction between 3 entities:
●
Supplicant - an entity at one end of a point-to-point LAN segment that is being
authenticated by an authenticator attached to the other end of that link.
●
Authenticator - an entity at one end of a point-to-point LAN segment that facilitates
authentication of the entity attached to the other end of that link; in this case, the C360.
●
Authentication (RADIUS) Server - an entity that provides an authentication service to an
authenticator. This service determines, from the credentials provided by the supplicant,
whether the supplicant is authorized to access the services provided by the authenticator.
The process begins with the supplicant trying to access a certain restricted network resource,
and upon successful authentication by the authentication server, the supplicant is granted
access to the network resources.
How 802.1x Authentication Works
802.1x provides a means of authenticating and authorizing users attached to a LAN port and of
preventing access to that port in cases where the authentication process fails. The
authentication procedure is port based, which means:
●
access control is achieved by enforcing authentication on connected ports
●
if an end-point station that connects to a port is not authorized, the port state is set to
"unauthorized" which closes the port to any traffic.
Clear a VLAN statically
configured on a port
clear port static-vlan
Clear the dynamic vlans learned
by the switch from incoming
traffic
clear dynamic vlans
Display the MAC addresses
learned on a specific VLAN
show cam vlan
Table 32: VLAN CLI Commands 2 of 2
In order to...
Use the following command...
2 of 2