George Persian Logout

04-Fast 802.1X Authentication

Download Book

Fast 802.1X Authentication

To view this video, click the download link.

 

Software Version Used

This video was recorded based on the following versions:

iMC: iMC PLAT 3.20-E2501, iMC UAM 3.60-E6101

iNode: iNode 3.60-E6101

Web interfaces of different versions may vary.

 

Application Scenario

An enterprise may have visitors now and then, and these visitors may need network access services. However, allowing visitors to access the enterprise network may bring security problems. Thus, how to provide visitors with network access services while ensuring the security of the enterprise network becomes a concern.

iMC UAM provides a good solution. It allows you to create a single fast access account for all visitors and confine the use of the account within public areas, reducing the access management of all visitors to a single account and ensuring the network security.

A fast access account is easy to configure and easy to use. When you create a fast access account, the iMC UAM will generate a username and password for the account automatically, and when using the account, visitors do not need to input any username or password. In addition, you can specify some public areas for visitors, deploy some access devices in these areas, and configure certain special security policies on the access devices to ensure the security of the enterprise network. For example, you can bind the access devices in the public areas with the service for the fast access account to confine the use of the fast access account within the public areas.

 

Recommended Configuration Flow

 

Step1   Add Access Device

Add an access device that supports 802.1X and AAA to the iMC system, so that the access device can cooperate with the iMC system to deliver 802.1X and AAA features.

Step2   Add Service

A service is a set of policies for user authentication and authorization. This step shows how to add a service with access device IP address binding enabled.

Step3   Add Account

A fast access account is very easy to use. It does not require users to provide username and password. 

This step shows how to add a fast access account to the iMC system, apply for the service configured at step 2, and bind the IP address of the access device in the public area. 

Step4   Configure Access Device

An access device is used to control access of users. This step illustrates how to configure a RADIUS scheme, an ISP domain, and the 802.1X feature on the device.

Step5   Verify Configuration

1)        Create an 802.1X connection on the iNode client.

2)        Use the fast access account to initiate authentication in the public area and the office area respectively.

You should be able to pass 802.1X authentication and access the network in the public area but fail the authentication in the office area.