PLANET XGS3-24040 User Manual

Chapter 47 802.1x Configuration

47-21

47.3.4 802.1x Web Proxy Authentication Sample Application

In the network topology shown as above, Ethernet 1/1 on SWITCH1 is connected to the Web server whose IP

address is 192.168.20.20/24, Ethernet 1/2 on SWITCH1 is connected to the RADIUS server whose IP

address is 192.168.20.88/24 and authentication port is 1812. PC is connected to Ethernet 1/16 on SWITCH1

through an unknown network. The Web server and the authentication server are connected to VLAN 1, while

PC is connected to VLAN 2. 802.1x Web authentication can be enabled through the following configuration.

The re-authentication function is disabled by default. To enable this, corresponding 802.1x configuration

should be issued first.

Configuration task list on SWITCH1

Switch(config)#dot1x enable

Switch(config)#dot1x web authentication enable

Switch(config)#dot1x web redirect http://192.168.20.20/WebSupplicant/

Switch(config)#interface ethernet 1/16

Switch(Config-If-Ethernet1/16)#dot1x enable

Switch(Config-If-Ethernet1/16)#dot1x port-method webbased

Web Server

192.168.20.88/24

RADIUS Server

192.168.20.20/24

PC

SWITCH1

eth1/16

Figure 47-1 802.1x Web Proxy Authentication

eth1/1

eth1/2