Netgear M4300-28G (GSM4328S) - Stackable Managed Switch with 24x1G and 4x10G including 2x10GBASE-T and 2xSFP+ Layer 3 管理者ガイド

In this example, a visiting client attempts to connect to a corporate network in which the 
authentication manager is enabled. In such a situation, configure the authentication method 
list in the order dot1x, followed by MAB, and followed by captive portal.

If the client is enabled for dot1x but fails to authenticate using dot1x, the authentication 
manager places the port in the unauthorized state and stops the process. If the client is not 
enabled for dot1x, the dot1x authentication process times out, and the authentication 
manager selects the next configured authentication method in the list, which is MAB. 
Because the client’s MAC address is unknown in the corporate network, the MAB 
authentication process also times out.

The authentication manager selects the third configured authentication method in the list, 
which is captive portal. If the client can provide valid credentials for web authentication, the 
client is admitted to the network. If the client cannot provide valid credentials, the 
authentication manager starts a timer for reauthentication because no other authentication 
method is available in the list. At the expiration of the timer, the authentication manager 
restarts the authentication process for the first method in the list.

The CLI command to enable authentication is as follows.

(Netgear Switch)#configure

(Netgear Switch)(Config)#authentication enable