802.1x Configuration Page Options

  1. Select Configure>Security>802.1x.

    The 802.1x configuration page appears. Table 103 explains the contents of this page.

  2. Click one:
    • RADIUS Servers—Adds a new or duplicate RADIUS servers configuration. Enter information as specified in Table 104.
    • Exclusion List—Adds a new or duplicate exclusion list configuration. Enter information as specified in Table 105.
    • Add—Adds a new or duplicate 802.1x configuration. Enter information as specified in Table 106.
    • Edit—Edits the selected 802.1x configuration.
    • Delete—Deletes the selected 802.1x configuration.
  3. Click one:
    • OK—Saves the configuration and returns to the main configuration page.
    • Commit Options>Commit—Commits the configuration and returns to the main configuration page.
    • Cancel—Cancels your entries and returns to the main configuration page.

Table 103: 802.1x Configuration Page

Field

Function

Port

Displays the ports.

802.1X Status

Displays the status of the port as Disabled or Enabled.

Details of 802.1X configuration on port

Name

Displays the name of the settings.

Value

Displays the Value of the settings.

Table 104: Add Radius Server Configuration Details

Field FunctionAction

IP Address

Specifies the IP address of the server.

Enter the IP address in dotted decimal notation.

Password

Specifies the login password.

Enter the password.

Confirm Password

Verifies the login password for the server.

Re-enter the password.

Server Port Number

Specifies the port with which the server is associated.

Enter the port number.

Source Address

Specifies the source address of the SRX Series device for communicating with the server.

Enter the IP address in dotted decimal notation.

Retry Attempts

Specifies the number of login retries allowed after a login failure.

Enter the number.

Timeout

Specifies the time interval to wait before the connection to the server is closed.

Enter the interval in seconds.

Table 105: Add 802.1X Exclusion List Configuration Details

Field FunctionAction

MAC Address

Specifies the media access control address to be excluded from 802.1X authentication.

Enter the MAC address.

Exclude if connected through the port

Specifies that a supplicant can bypass authentication if it is connected through a particular interface.

Select the option and then select the port through which the supplicant is connected.

Move the host to the VLAN

Moves the host to a specific virtual LAN once the host is authenticated.

Select the option and then select the VLAN from the list.

Table 106: Add 802.1X Port Settings Configuration Details

Field FunctionAction
   

Supplicant Mode

Specifies the authentication strategy and the number of hosts permitted on the port.

The options available are:

  • Single— Allows only one host for authentication.
  • Multiple—Allows multiple hosts for authentication. Each host is checked before being admitted to the network.
  • Single authentication for multiple hosts—Allows multiple hosts but only the first is authenticated.

Select an option.

Enable re-authentication

Specifies enabling re-authentication on the selected interface.

Select enable reauthentication. Enter the timeout for reauthentication in seconds.

Action for nonresponsive hosts

Specifies the action to be taken in case a supplicant is non-responsive.

The options available are:

  • Move to the Guest VLAN— Moves the supplicant to the specified Guest VLAN.
  • Deny—Blocks access to the supplicant.

Select an action.

Timeouts

Specifies timeout values for the following options:

  • Number of retries.
  • Maximum EAPOL requests.
  • Quiet period after authentication failure, in seconds.
  • Transmit period for initial EAPOL PDUs, in seconds.
  • Supplicant timeout, in seconds.
  • RADIUS server timeout, in seconds.

Enter timeout values for all options.

Related Documentation