User manual

HAPTER

| Security Measures

Configuring 802.1X Port Authentication

– 192 –

ES-2000 Series

Figure 112: Configuring Global Settings for 802.1X Port Authentication

CONFIGURING PORT

AUTHENTICATOR

SETTINGS FOR 802.1X

Use the Security > Port Authentication (Configure Interface –

Authenticator) page to configure 802.1X port settings for the switch as the

local authenticator. When 802.1X is enabled, you need to configure the

parameters for the authentication process that runs between the client and

the switch (i.e., authenticator), as well as the client identity lookup process

that runs between the switch and authentication server.

COMMAND USAGE

◆ When the switch functions as a local authenticator between supplicant

devices attached to the switch and the authentication server, configure

the parameters for the exchange of EAP messages between the

authenticator and clients on the Authenticator configuration page.

◆ When devices attached to a port must submit requests to another

authenticator on the network, configure the Identity Profile parameters

on the Configure Global page (see "Configuring 802.1X Global Settings"

on page 191) which identify this switch as a supplicant, and configure

the supplicant parameters for those ports which must authenticate

clients through the remote authenticator (see "Configuring Port

Supplicant Settings for 802.1X" on page 196).

◆ This switch can be configured to serve as the authenticator on selected

ports by setting the Control Mode to Auto on this configuration page,

and as a supplicant on other ports by the setting the control mode to

Force-Authorized on this page and enabling the PAE supplicant on the

Supplicant configuration page.

PARAMETERS

These parameters are displayed:

◆ Port – Port number.

◆ Status – Indicates if authentication is enabled or disabled on the port.

The status is disabled if the control mode is set to Force-Authorized.