Ethernet 802.1X configuration – Brocade
In this topic, you will learn how to configure Brocade switches to work together with Portnox™ Cloud and 802.1X RADIUS authentication for wired Ethernet connections.
Important: This guide provides general instructions for integrating Portnox Cloud with specific
third-party devices. While we aim to provide helpful examples for commonly used models, configurations may vary across
manufacturers, models, and environments. As a result, we cannot guarantee that these steps will work in every
scenario. For questions or issues related to RADIUS setup – which is an industry standard and not specific to
Portnox – or device-specific settings and troubleshooting, we recommend consulting the device manufacturer’s documentation
and contacting their support team. While Portnox Support is happy to assist where possible, please note that detailed
configuration of third-party devices is typically best handled by the manufacturer.
Warning: This topic contains documentation prepared by our support agents more than 12 months ago. It
may not cover the newest models or the newest interfaces of NAS devices. We’re working on bringing you updated documentation
for NAS devices in the near future. However, the methods of setting up third-party devices may still change when the
manufacturers update their firmware or release new models.
Important: All values in this configuration are examples. Make sure to adjust the configuration to your individual
profile names, RADIUS server addresses, ports, and keys by replacing the values that are presented as underlined
italics.
Brocade ICX 6450
This is a general configuration template for Brocade 6450 switches. This process applies to other Brocade ICX switches as well.
-
Add the Portnox Cloud RADIUS servers to the configuration.
aaa authentication dot1x default radius
radius-server host 20.119.69.248 auth-port 10322 acct-port 10323 default key rTHO9HEo9BcqfC9Yg0hHFelK6o0tH8N1
radius-server host 52.232.122.157 auth-port 10476 acct-port 10477 default key fnSrSEHhXFZ5Rqpz756NJhkeVqIHTlPt
-
Configure the authentication and restricted VLANs.
vlan 2 name auth-default-vlan
vlan 20 name restricted-vlan
-
Configure the authentication process.
authentication
auth-default-vlan 2
restricted-vlan 20
auth-fail-action restricted-vlan
dot1x enable
dot1x enable ethernet 1/1/11
-
Configure MAC-based authentication if needed.
mac-authentication enable
mac-authentication enable ethernet 1/1/11
-
Configure the port to authenticate users.
interface ethernet 1/1/11
dot1x port-control auto