1 802.1x authentication, 1 enabling 802.1x, 2 configuring radius server – Siemens S223 User Manual

User Manual UMN:CLI
SURPASS hiD 6615 S223/S323 R1.5

A50010-Y3-C150-2-7619 65

4.5.1 802.1x

Authentication

4.5.1.1 Enabling

802.1x

To configure 802.1x, the user should enable 802.1x daemon first. In order to enable
802.1x daemon, use the following command.

Command Mode

Description

dot1x system-auth-control

Enables 802.1x daemon.

no dot1x system-auth-control

Global

Disables 802.1x daemon.

4.5.1.2 Configuring

RADIUS

Server

As RADIUS server is registered in authenticator, authenticator also can be registered in
RADIUS server.

Here, authenticator and RADIUS server need extra data authenticating each other be-
sides they register each other’s IP address. The data is the key and should be the same
value for each other. For the key value, every kinds of character can be used except for
the space or special character.

[Suppliant]

[Authenticator]

[Authentication Server]

RADIUS
Server

RADIUS Servers

A : 10.1.1.1

B : 20.1.1.1

C : 30.1.1.1

:

J : 100.1.1.1

Response

Authentication request

in order

Designate as default

RADIUS server

Fig. 4.2

Multiple Authentication Servers

If you register in several servers, the authentication server starts form RADIUS server
registered as first one, then requests the second RADIUS server in case there’s no re-
sponse. According to the order of registering the authentication request, the authentica-
tion request is tried and the server which responds to it becomes the default server from
the point of response time.