Configuration Guide Configuring 802.1X
4 Configuring 802.1X
4.1 Overview
IEEE 802.1X is a standard for port-based network access control that provides secure access service for local area networks
(LANs).
In IEEE 802-compliant LANs, users connecting to the network access devices (NASs) can access network resources without
authentication and authorization, bringing security risks to the network. IEEE 802.1X was proposed to resolve security
problems of such LANs.
802.1X supports three security applications: authentication, authorization, and accounting, which are called AAA.
Authentication: Checks whether to allow user access and restricts unauthorized users.
Authorization: Grants specified services to users and controls permissions of authorized users.
Accounting: Records network resource status of users to provide statistics for charges.
802.1X can be deployed in a network to realize user authentication, authorization and other functions.
Protocols and Standards
IEEE 802.1X: Port-Based Network Access Control
4.2 Applications
Wired 802.1X Authentication
To ensure secure admission on the campus network, 802.1X authentication is
deployed on access switches.
Wireless 802.1X Authentication
When an enterprise deploys a wireless LAN (WLAN), 802.1X authentication should
be enabled on the Access Controller (AC).
4.2.1 Wireless 802.1X Authentication
Scenario
An enterprise deploys a fit-AP wireless authentication environment including fit Access Points (APs) and an AC. 802.1X is
deployed for secure admission. Wireless stations or devices (STAs) should pass 802.1X authentication to access the
enterprise network.
As shown in Figure 4-1:
STAs are installed with 802.1X clients (which can come with the operating system, or others like Ruijie Supplicant).
To Next Page
Loading...
Need help?
General
