Configuration Guide User guide
BigIron RX Series Configuration Guide 1045
53-1002484-04
Chapter
34
Configuring 802.1x Port Security
In this chapter
•Overview of 802.1x port security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045
•How 802.1x port security works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045
•802.1x port security and sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1052
•Configuring 802.1x port security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1052
•Displaying 802.1x information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1064
•Sample 802.1x configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1072
•Using multi-device port authentication and 802.1X security on the same port 1076
Overview of 802.1x port security
BigIron RX supports the IEEE 802.1x standard for authenticating devices attached to LAN ports.
Using 802.1x port security, you can configure a BigIron RX to grant access to a port based on
information supplied by a client to an authentication server.
When a user logs on to a network that uses 802.1x port security, the device grants (or does not
grant) access to network services after the user is authenticated by an authentication server. The
user-based authentication in 802.1x port security provides an alternative to granting network
access based on a user’s IP address, MAC address, or subnetwork.
BigIron RX Series supports 802.1x authentication on untagged ports only.
IETF RFC support
Brocade’s implementation of 802.1x port security supports the following RFCs:
• RFC 2284 PPP Extensible Authentication Protocol (EAP)
• RFC 2865 Remote Authentication Dial In User Service (RADIUS)
• RFC 2869 RADIUS Extensions
How 802.1x port security works
This section explains the basic concepts behind 802.1x port security, including device roles, how
the devices communicate, and the procedure used for authenticating clients.