Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsC1048P Port Extender
919293949596979899100
server and the supplicant. The authenticator also changes the status of the port based on the results of
the authentication process. The Dell Networking switch is the authenticator.
The authentication-server selects the authentication method, verifies the information the supplicant
provides, and grants it network access privileges.
Ports can be in one of two states:
Ports are in an unauthorized state by default. In this state, non-802.1X traffic cannot be forwarded in or
out of the port.
The authenticator changes the port state to authorized if the server can authenticate the supplicant. In
this state, network traffic can be forwarded normally.
NOTE: The switch places 802.1X-enabled ports in the unauthorized state by default.
Topics:
The Port-Authentication Process
Configuring 802.1X
Important Points to Remember
Enabling 802.1X
Configuring dot1x Profile
Configuring MAC addresses for a do1x Profile
Configuring the Static MAB and MAB Profile
Configuring Critical VLAN
Configuring Request Identity Re-Transmissions
Configuring a Quiet Period after a Failed Authentication
Forcibly Authorizing or Unauthorizing a Port
Re-Authenticating a Port
Configuring Dynamic VLAN Assignment with Port Authentication
Guest and Authentication-Fail VLANs
Multi-Host Authentication
Multi-Supplicant Authentication
MAC Authentication Bypass
Dynamic CoS with 802.1X
The Port-Authentication Process
The authentication process begins when the authenticator senses that a link status has changed from down
to up:
1 When the authenticator senses a link state change, it requests that the supplicant identify itself using an
EAP Identity Request frame.
2 The supplicant responds with its identity in an EAP Response Identity frame.
3 The authenticator decapsulates the EAP response from the EAPOL frame, encapsulates it in a RADIUS
Access-Request frame and forwards the frame to the authentication server.
802.1X 99