Dell PowerConnect M6348 Configuration Manual
Download Configuration manual of Dell PowerEdge M520 Computer Hardware, Desktop for Free or View it Online on All-Guides.com.
Brand: Dell
Category: Computer Hardware , Desktop , Network Hardware , Network Router , Server , Switch
Type: Configuration manual
Model: Dell PowerEdge M520 , Dell PowerEdge M820 Systems , Dell PowerConnect M6348
Pages: 158 (1.54 Mb)
98 Device Security
Completion of an authentication exchange requires all three roles. The PowerConnect
M6220/M6348/M8024 switches support the authenticator role only, in which the PAE is responsible for
communicating with the supplicant. The authenticator PAE is also responsible for submitting
information received from the supplicant to the authentication server in order for the credentials to be
checked, which determines the authorization state of the port. Depending on the outcome of the
authentication process, the authenticator PAE then controls the authorized/unauthorized state of the
controlled Port.
Authentication is accomplished via an external authentication server:
• Remote Authentication Dial-In User Service (RADIUS)
• Terminal Access Controller Access Control System (TACACS+)
802.1x Network Access Control Examples
This section contains examples of the CLI commands used to configure 802.1X.
Example #1: Configure RADIUS Server for Authentication
This example configures a single RADIUS server used for authentication at 10.10.10.10. The shared
secret is configured to be
secret
. The process creates a new authentication list, called radiusList, which
uses RADIUS as the authentication method. This authentication list is associated with the 802.1x
default login. 802.1x port based access control is enabled for the system, and interface 1/g1 is configured
to be in force-authorized mode because this is where the RADIUS server and protected network
resources are located.
Figure 5-1. Switch with 802.1x Network Access Control
If a user, or supplicant, attempts to communicate via the switch on any interface except interface 1/g1,
the system challenges the supplicant for login credentials. The system encrypts the provided information
and transmits it to the RADIUS server. If the RADIUS server grants access, the system sets the 802.1x
port state of the interface to authorized and the supplicant is able to access network resources.
console(config)#radius-server host 10.10.10.10
console(Config-radius)#exit
console(config)#radius-server key secret
console(config)#exit
console#show radius-servers