What are the 802.1x port states, What is mac-based 802.1x authentication – Dell POWEREDGE M1000E User Manual

Configuring 802.1X and Port-Based Security

511

What are the 802.1X Port States?

The 802.1X port state determines whether to allow or prevent network traffic

on the port. The 802.1X state of a port can be one of the following:

• Authorized
• Unauthorized
• Automode
• MAC-Based

If the port is in the authorized state, the port sends and receives normal

traffic without client port-based authentication. When a port is in an

unauthorized state, it ignores supplicant authentication attempts and does

not provide authentication services to the client. By default, when 802.1X is

globally enabled on the switch, all ports are in automode, which means the

port will be unauthorized until a successful authentication exchange has

taken place.
In addition to authorized, unauthorized, and automode, the 802.1X mode of

a port can be MAC based, as the following section describes.

What is MAC-Based 802.1X Authentication?

MAC-based authentication allows multiple supplicants connected to the

same port to each authenticate individually. For example, a PC attached to

the port might be required to authenticate in order to gain access to the

network, while a VoIP phone might not need to authenticate in order to send

voice traffic through the port.
The hosts are distinguished by their MAC addresses.

When multiple hosts (for example, a PC, a printer, and a phone in the same

office) are connected to the switch on the same port, each of the connected

hosts authenticates separately with the RADIUS server.

NOTE:

Only MAC-Based and Automode actually use 802.1X to authenticate.

Authorized and Unauthorized modes are manual overrides.

NOTE:

By default, all ports are in VLAN Access mode. A port that uses MAC-

based authentication should be configured to be in General mode.