Administrator Guide
RADIUS Attributes for 802.1 Support
Dell Networking systems include the following RADIUS attributes in all 802.1X-triggered Access-Request messages:
Attribute 31 Calling-station-id: relays the supplicant MAC address to the authentication server.
Attribute 41 NAS-Port-Type: NAS-port physical port type. 15 indicates Ethernet.
Attribute 61 NAS-Port: the physical port number by which the authenticator is connected to the supplicant.
Attribute 81 Tunnel-Private-Group-ID: associate a tunneled session with a particular group of users.
Conguring 802.1X
Conguring 802.1X on a port is a one-step process.
For more information, see Enabling 802.1X.
Related Conguration Tasks
• Conguring a dot1x Prole
• Conguring MAC addresses for a dot1x Prole
• Conguring static MAB and MAB prole
• Enabling Critical-VLAN
• Conguring Request Identity Re-Transmissions
• Forcibly Authorizing or Unauthorizing a Port
• Conguring a Quiet Period after a Failed Authentication
• Re-Authenticating a Port
• Conguring Timeouts
• Conguring a Guest VLAN
• Conguring an Authentication-Fail VLAN
Important Points to Remember
• The system supports 802.1X with EAP-MD5, EAP-OTP, EAP-TLS, EAP-TTLS, PEAPv0, PEAPv1, and MS-CHAPv2 with PEAP.
• All platforms support only RADIUS as the authentication server.
• If the primary RADIUS server becomes unresponsive, the authenticator begins using a secondary RADIUS server, if congured.
• 802.1X is not supported on port-channels or port-channel members.
• 802.1X is not supported on a port when you congure the port as cascaded.
802.1X
91