Specifications
Table Of Contents
- Table of Contents
- Preface Template Formats
- Web-based (GUI) Configuration
- Configuration
- Device Information
- System Information
- Serial Port Settings
- IP Address Settings
- IPv6 Address Settings
- IPv6 Route Settings
- IPv6 Neighbor Settings
- Port Configuration Folder
- Static ARP Settings
- User Accounts
- System Log Configuration Folder
- DHCP Relay Folder
- MAC Address Aging Time
- Web Settings
- Telnet Settings
- CLI Paging Settings
- Firmware Information
- SNTP Settings Folder
- SMTP Settings Folder
- SNMP Settings Folder
- Layer 2 Features
- Jumbo Frame
- VLANs
- 802.1Q Static VLAN
- Q-in-Q Folder
- 802.1v Protocol VLAN Folder
- GVRP Settings
- Asymmetric VLAN Settings
- MAC-based VLAN Settings
- PVID Auto Assign Settings
- Port Trunking
- LACP Port Settings
- Traffic Segmentation
- IGMP Snooping Folder
- MLD Snooping Settings
- Port Mirror
- Loopback Detection Settings Page
- Spanning Tree Folder
- Forwarding & Filtering Folder
- LLDP Folder
- Quality of Service (QoS)
- Security
- Access Control List (ACL)
- Monitoring
- Save and Tools
- System Log Entries
- Trap List
Chapter 5: Security
Extreme Networks EAS 100-24t Switch Software Manual
106
In this window, the following parameters can be configured:
Click on the Apply button to accept the changes made.
802.1X Folder
802.1X (Port-Based and Host-Based Access Control)
The following section will explain the three roles of Client, Authenticator and Authentication Server in
greater detail.
Parameters Description
From Port ~ To Port Here will be displayed the list of ports used for this configuration. This list is
fixed on using all the ports.
Authorized Mode Specifies the authentication mode used.
Host-based - Every user can be authenticated individually.
Port-based - If one of the attached hosts passes the authentication, all hosts
on the same port will be granted to access network. If the user fails to
authorize, this port will keep trying the next authentication. The default value is
host-based.
The IEEE 802.1X standard is a security measure
for authorizing and authenticating users to gain
access to various wired or wireless devices on a
specified Local Area Network by using a Client
and Server based access control model. This is
accomplished by using a RADIUS server to
authenticate users trying to access a network by
relaying Extensible Authentication Protocol
over LAN (EAPOL) packets between the Client
and the Server. The following figure represents
a basic EAPOL packet:
Utilizing this method, unauthorized devices are
restricted from connecting to a LAN through a
port to which the user is connected. EAPOL
packets are the only traffic that can be
transmitted through the specific port until
authorization is granted. The 802.1X Access
Control method has three roles, each of which
are vital to creating and up keeping a stable
and working Access Control security method.