ZyXEL Communications MES3500-24 User Manual
MES3500-24/24F User’s Guide
156
C
H A P T E R
1 8
Port Authentication
This chapter describes the IEEE 802.1x and MAC authentication methods.
18.1 Port Authentication Overview
Port authentication is a way to validate access to ports on the Switch to clients based on an external
server (authentication server). The Switch supports the following methods for port authentication:
server (authentication server). The Switch supports the following methods for port authentication:
• IEEE 802.1x
2
- An authentication server validates access to a port based on a username and
password provided by the user.
• MAC - An authentication server validates access to a port based on the MAC address and
password of the client.
Both types of authentication use the RADIUS (Remote Authentication Dial In User Service, RFC
2138, 2139) protocol to validate users. See
2138, 2139) protocol to validate users. See
configuring your RADIUS server settings.
Note: If you enable IEEE 802.1x authentication and MAC authentication on the same
port, the Switch performs IEEE 802.1x authentication first. If a user fails to
authenticate via the IEEE 802.1x method, then access to the port is denied.
18.1.1 IEEE 802.1x Authentication
The following figure illustrates how a client connecting to an IEEE 802.1x authentication enabled
port goes through a validation process. The Switch prompts the client for login information in the
form of a user name and password after the client responds to its identity request. When the client
port goes through a validation process. The Switch prompts the client for login information in the
form of a user name and password after the client responds to its identity request. When the client
2.
At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system documentation. If
your operating system does not support 802.1x, then you may need to install 802.1x client software.