DELL N3000 User Manual

Configuring Port and System Security

The Dell Networking series switches allow the external 802.1X Authenticator 

or RADIUS server to assign DiffServ policies to users that authenticate to the 

switch. When a host (supplicant) attempts to connect to the network 

through a port, the switch contacts the 802.1X authenticator or RADIUS 

server, which then provides information to the switch about which DiffServ 

policy to assign the host (supplicant). The application of the policy is applied 

to the host after the authentication process has completed. 
For additional guidelines about using an authentication server to assign 

DiffServ policies, see "Configuring Authentication Server DiffServ Filter 

Assignments" on page 535.

The Internal Authentication Server (IAS) is a dedicated database for localized 

authentication of users for network access through 802.1X. In this database, 

the switch maintains a list of username and password combinations to use for 

802.1X authentication. You can manually create entries in the database, or 

you can upload the IAS information to the switch. 
If the authentication method for 802.1X is IAS, the switch uses the locally 

stored list of username and passwords to provide port-based authentication to 

users instead of using an external authentication server. Authentication using 

the IAS supports the EAP-MD5 method only.

Table 19-2 lists the default values for the 802.1X features.

Port/Client 

Authenticated 

on Guest VLAN

Delete Guest 

VLANID through 

Dot1Q

Port State: Deny

Port State: Permit
VLAN: Default PVID 

of the port

The IAS database does not handle VLAN assignments or DiffServ policy 

assignments.