Port-based security configuration examples, Configuring 802.1x authentication – Dell POWEREDGE M1000E User Manual

Configuring 802.1X and Port-Based Security

535

Port-Based Security Configuration Examples

This section contains the following examples:

• Configuring 802.1X Authentication
• Configuring MAC-Based Authentication Mode
• Allowing RADIUS-Assigned VLANs and a Guest VLAN
• Configuring Authentication Server Filter Assignments

Configuring 802.1X Authentication

The network in this example requires clients to use 802.1X authentication to

access the network through the switch ports. The administrator must

configure the following settings on systems other than the switch before

configuring the switch:

1 Add the users to the client database on the Authentication Server, such as

a RADIUS server with Cisco

®

Secure Access Control Server (ACS)

software.

2 Configure the settings on the client, such a PC running Microsoft

®

Windows, to require 802.1X authentication.

The switch uses the Authentication Server with an IP address of 10.10.10.10

to authenticate clients. Port 7 is connected to a printer in the unsecured area.

The printer is an 802.1X unaware client, so Port 7 is configured to use MAC-

based authentication with MAB.

Port 9 is connected to a server in a part of the network that has secure physical

access (i.e. the doors to the wiring closet and data center are locked), so this

port is set to the Authorized state, meaning that the device connected to this

port does not need to authenticate using 802.1X. Port 10 is the uplink to a

router and is also in the Authorized state.

NOTE:

The printer requires an entry in the client database that uses the printer

MAC address as the username.