Requiring 802.1x login before allowing access to network resources

Question

I have a ZyXel GS2200-24 managed switch, and a free-radius server running on Ubuntu 11.10. Radius is configured and when I log into the switch the authentication goes through Radius.

Now, I'm trying to ensure that access to web resources (as an example, I set up a web server on the ip 192.168.1.2) requires first authenticating with radius, before the switch will allow the connection.

Am I correct that this should be handled at the switch level? What are these rules usually called / how are they usually defined?

score 1 · Answer 1 · answered Nov 26 '11 at 02:14

My switch supports port based authentication, meaning you can require 802.1x authentication (or not) for each physical connection to the switch itself. You simply need to have a switch that supports this.

In the Zyxel Web Configurator, you can do this under Advanced Application > Port Authentication

Requiring 802.1x login before allowing access to network resources

1 Answers1