802.1X is an IEEE standard for media-level (Layer 2) access control, providing the capability to permit or deny connectivity based on user or device identity. 802.1X allows port based access using authentication. An 802.1X enabled port can be dynamically enabled or disabled depending on user identity or device connection.
Before authentication, the endpoint is unknown, and traffic is blocked. Upon authentication, the endpoint is known and traffic is allowed. The controller or service platform uses source MAC filtering to ensure that only the authenticated endpoint is allowed to send traffic.
To configure a device's wired 802.1x configuration:
| Dot1x Authentication Control | Select this option to globally enable 802.1x authentication. 802.1x authentication is disabled by default.. |
| Dot1x AAA Policy | Select a AAA policy to associate with wired 802.1x traffic. If a suitable AAA policy does not exist, click the Create icon to create a new policy or the Edit icon to modify an existing policy. |
| Dot1x Guest VLAN Control | Select this option to globally enable 802.1x guest VLANs for the selected device. |
| MAC Authentication AAA Policy | Select a AAA authentication policy for MAC address authentication. If a suitable MAC AAA policy does not exist, click the Create icon to create a new policy or the Edit icon to modify an existing policy. |
Print
this page
Email this topic
Feedback
View PDF
Download EPUB