Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N3000 Series
261262263264265266267268269270
262 Authentication, Authorization, and Accounting
authenticated client is removed and the authentication process begins again
from the first method in the order. If 802.1X has a lower priority than the
authenticated method, then the client is not removed and the 802.1X frames
are ignored.
If the administrator changes the priority of the methods, then all the users
who are authenticated using a lower-priority method are forced to
reauthenticate. If an authentication session is in progress and the
administrator changes the order of the authentication methods, then the
configuration will take effect for the next session onwards.
Authentication Host Modes
The switch supports multiple modes of authenticating hosts and allowing
access to the network. Access may be restricted to a single data or voice client,
multiple data clients with a single authentication or multiple authentications
with or without voice VLAN access. The host mode is configurable on a per
port basis.
Single-Host Mode
Single-Host mode allows a single device access to the network. The device
may authenticate to either the data or voice VLAN (if configured). The
switch will drop packets from MAC addresses other than the authenticated
device. Additional authentications are rejected.
Single-Host mode does not support RADIUS VLAN assignment in switchport
access mode.
Single-Host mode is supported for interfaces configured in switchport access
and switchport general modes.
MAB is supported for Single-Host mode hosts.
Multi-Auth Mode
Multi-Auth mode supports authentication of multiple data hosts. Once
authentication succeeds for a host, network access is allowed for packets from
the authenticated host. Packets from un-authenticated hosts are dropped.
The number of authenticated hosts may be limited via configuration.