User Manual
Table Of Contents
- S3300 Smart Managed Pro Switch
- Contents
- 1. Getting Started
- Getting Started with the NETGEAR Switch
- Switch Management Interface
- Connect the Switch to the Network
- Discover a Switch in a Network with a DHCP Server
- Discover a Switch in a Network without a DHCP Server
- Configure the Network Settings on the Administrative System
- Access the Management Interface from a Web Browser
- Understand the User Interfaces
- Interface Naming Convention
- Configuring Interface Settings
- Online Help
- Registration
- 2. Configure System Information
- 3. Configuring Switching
- 4. Configuring Routing
- 5. Configuring Quality of Service
- 6. Managing Device Security
- 7. Maintenance
- 8. Monitoring the System
- A. Configuration Examples
- B. Hardware Specifications and Default Values
Managing Device Security
258
S3300 Smart Managed Pro Switch
Port Authentication
In port-based authentication mode, when 802.1X is enabled globally and on the port,
successful authentication of any one supplicant attached to the port results in all users being
able to use the port without restrictions. At any given time, only one supplicant is allowed to
attempt authentication on a port in this mode. Ports in this mode are under bidirectional
control. This is the default authentication mode.
The 802.1X network has three components:
• Authenticators. Specifies the port that is authenticated before permitting system access.
• Supplicants. Specifies the host connected to the authenticated port requesting access to
the system services.
• Authentication Server. Specifies the external server, for example, the RADIUS server
that performs the authentication on behalf of the authenticator, and indicates whether the
user is authorized to access system services.
The Port Authentication menu contains links to the features described in the following
sections.
• 802.1X Configuration on page 258
• Port Authentication on page 259
• Port Summary on page 262
• Client Summary on page 263
802.1X Configuration
Use the 802.1X Configuration screen to configure global port access control settings on the
switch. The switch software supports.
To globally enable all 802.1X features:
1. Select Security > Port Authentication > Basic > 802.1X Configuration.
2. Next to Port Based Authentication State, select Enable.
Note: If 802.1X is enabled, authentication is performed by a RADIUS server.
This means the primary authentication method must be RADIUS. To
set the method, select Security > Management Security >
Authentication List and select RADIUS as method 1 for defaultList.
For more information, see
Authentication List Configuration on
page 249.
When port-based authentication is globally disabled, the switch does not check for
802.1X authentication before allowing traffic on any ports, even if the ports are configured
to allow only authenticated users.