DELL N3000 User Manual

Page of 1460
Configuring Port and System Security
505
authentication server (a RADIUS server). The result of the authentication 
process determines whether the supplicant is authorized to access services on 
that controlled port. Dell Networking switches support authentication using 
remote RADIUS or TACACS servers and also support authentication using a 
local authentication service.
Supported security methods for communication with remote servers include 
MD5, PEAP, EAP-TTL, EAP-TTLS, and EAP-TLS. Only EAP-MD5 is 
supported when using the local authentication server (IAS).
For a list of RADIUS attributes that the switch supports, see 
What are the 802.1X Port States?
The 802.1X port state determines whether to allow or prevent network traffic 
on the port. A port can configured to be in one of the following 802.1X 
control modes:
• Auto  (default)
• MAC-based
• Force-authorized
• Force-unauthorized.  
These modes control the behavior of the port.  The port state is either 
Authorized or Unauthorized.
If the port is in the authorized state, the port sends and receives normal 
traffic without client port-based authentication. When a port is in an 
unauthorized state, it ignores supplicant authentication attempts and does 
not provide authentication services to the client. By default, when 802.1X is 
globally enabled on the switch, all ports are in Auto, which means the port will 
be unauthorized until a successful authentication exchange has taken place. 
In addition to authorized, unauthorized, and automode, the 802.1X mode of 
a port can be MAC based, as the following section describes.
NOTE: 
Only MAC-Based and Automode actually use 802.1X to authenticate. 
Authorized and Unauthorized modes are manual overrides.
downloadlike
ArtboardArtboardArtboard
Report Bug