1x multiple authentication mode, Figure 10-5 – Dell POWEREDGE M1000E User Manual

Page 274

Advertising
background image

10-12

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide

OL-13270-03

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication

Understanding IEEE 802.1x Port-Based Authentication

unauthorized (re-authentication fails or an EAPOL-logoff message is received), the switch denies
network access to all of the attached clients. In this topology, the wireless access point is responsible for
authenticating the clients attached to it, and it also acts as a client to the switch.

With the multiple-hosts mode enabled, you can use IEEE 802.1x authentication to authenticate the port
and port security to manage network access for all MAC addresses, including that of the client.

Figure 10-5

Multiple Host Mode Example

802.1x Multiple Authentication Mode

Multiple-authentication (multiauth) mode allows one client on the voice VLAN and multiple
authenticated clients on the data VLAN. When a hub or access point is connected to an 802.1x-enabled
port, multiple-authentication mode provides enhanced security over multiple-hosts mode by requiring
authentication of each connected client. For non-802.1x devices, you can use MAC authentication
bypass or web authentication as the fallback method for individual host authentications to authenticate
different hosts through by different methods on a single port.

Note

Multiple-authentication mode is limited to eight authentications (hosts) per port.

Multiple-authentication mode also supports MDA functionality on the voice VLAN by assigning
authenticated devices to either a data or voice VLAN, depending on the VSAs received from the
authentication server.

Note

When a port is in multiple-authentication mode, all the VLAN assignment features, including the
RADIUS server supplied VLAN assignment, the Guest VLAN, the Inaccessible Authentication Bypass,
and the Authentication Failed VLAN do not activate.

For more information see the

“Configuring the Host Mode” section on page 10-42.

101227

Wireless clients

Access point

Authentication

server

(RADIUS)

Advertising
Popular Brands
Popular manuals