User guide
68
Configuring the Access Point
Configuring Ethernet Ports
Working with 802.1X on Wired Ethernet Ports
802.1X authentication consists of the following three components:
■ Supplicant: The supplicant sends access request messages along with credentials,
such as user name / password or digital certificate, to an authenticator, which
forwards the credentials to the authentication server for verification.
■ Authenticator: The authenticator challenges the identity of the supplicant, then
passes its credentials to the AAA server. If the credentials are accepted the
supplicant is allowed access.
■ Authentication Server (AAA Server): The AAA server verifies the supplicant’s
credentials and permits or rejects its request for access.
For wired 802.1X, a Ruckus AP’s Ethernet port can be configured as either an
Authenticator or as a Supplicant, depending on which port type is selected. Ta b le 1 9
and Table 20
describe the 802.1X roles available by port type.
Table 19. Authenticator support by port type
Table 20. Supplicant support by port type
The following considerations apply:
■ A single port cannot be configured as both an Authenticator and Supplicant at
the same time.
■ Only one port per AP can be configured as a Supplicant.
■ If the AP is connecting to a switch port with 802.1X authentication enabled, the
AP’s port type should be configured as a Trunk Port and its role should be
configured as Supplicant. The switch port should be configured as a Trunk port in
Port-based Authenticator mode.
■ If there are multiple devices connected to an AP port (through a downstream
switch), the port can be configured as either Port-based or MAC-based Authen-
ticator. In Port-based mode, only one of the attached MAC hosts must be
authorized for all hosts to be granted access to the network. In MAC-based mode,
each MAC host is individually authenticated.
■ If a Trunk Port is configured as a Supplicant, a user name and password must be
entered to authenticate the port to the 802.1X aware LAN switch.
Trunk Port Access Port General Port
Port-based mode X X X
MAC-based mode X
Trunk Port Access Port General Port
Supplicant X