2 802.1x setting – Interlogix NS3500-28T-4S User Manual User Manual

Page 225

Advertising
background image

225

initiates the authentication process by sending the EAPOL-start frame. When no response is received, the client sends

the request for a fixed number of times. Because no response is received, the client begins sending frames as if the

port is in the authorized state

If the client is successfully authenticated (receives an Accept frame from the authentication server), the port state

changes to authorized, and all frames from the authenticated client are allowed through the port. If the authentication

fails, the port remains in the unauthorized state, but authentication can be retried. If the authentication server cannot

be reached, the switch can retransmit the request. If no response is received from the server after the specified

number of attempts, authentication fails, and network access is not granted.

When a client logs off, it sends an EAPOL-logoff message, causing the switch port to transition to the unauthorized

state.

If the link state of a port transitions from up to down, or if an EAPOL-logoff frame is received, the port returns to the

unauthorized state.

4.9.1.2 802.1X Setting

This page allows you to configure the IEEE 802.1X authentication system.

The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a

network by requiring users to first submit credentials for authentication. One or more central servers, the backend

servers, determine whether the user is allowed access to the network. These backend (RADIUS) servers are

configured on the "Security→802.1X Access Control→802.1X Setting" page. The IEEE802.1X standard defines

port-based operation, but non-standard variants overcome security limitations as shall be explored below.

The 802.1X Setting and Information screens in

Figure 4-9-3

&

Figure 4-9-4

appear.

Figure 4-9-3

802.1X Setting Page Screenshot

The page includes the following fields:

Object

Description

802.1X

Indicates if NAS is globally enabled or disabled on the switch. If globally

disabled, all ports are allowed forwarding of frames.

Advertising
Popular Brands
Popular manuals