• Wireless Network Manager
• Getting Started with Wireless Network Manager
  • About Wireless Network Manager
  • Using the Wireless Network Manager Interface
  • Using Wireless Network Manager Guide
• Overview
  • Dashboard
  • Alerts
  • Threats
  • Logs
  • Audit
• Using Air Marshal
  • RF Survey
    • Discovered Aps
    • Discover and Report Unassociated Wireless Clients
  • RF Spectrum
  • RF Monitor
  • Packet Capture
    • Wireless
    • Ethernet
  • Bluetooth LE
• Managing Your Network
  • Network Hierarchy
  • Network Topology
  • Zones
  • Devices
    • Managing Access Points
      • Managing the Configuration of Access Points
        • General
          • Bridge Mode
          • NAT Mode
        • Radio
        • SSL VPN
          • Activating SSL VPN
          • Editing SSL-VPN
      • Upgrading the Firmware for Specific Access Points
      • SonicWave Diagnostics
        • Testing Connectivity With Your Gateway or DNS Addresses
        • Testing Connectivity With Ping, Traceroute, or NSLookup
    • Viewing the Wireless Client Journey
    • Port Settings
    • Managing Switches
    • Managing Switch Clients
• Managing Policies
  • Policy Hierarchy
    • Select an AP Policy
      • General
      • System
      • Radio
      • Mesh Network
      • Bluetooth
      • • Certificate
        • Others
      • RRM (Radio Resource Management)
      • WIDP
      • 802.1X
      • Port Setting
      • ALG
      • SNMP
      • Syslog
    • Select a Switch Policy
      • General
      • System
        • Spanning Tree Protocol
        • Link Layer Discovery Protocol
        • Voice VLAN
        • Quality of Service (QoS)
        • Internet Group Management Protocol (IGMP) Snooping
        • Dynamic Host Configuration Protocol (DHCP) Snooping
        • Dynamic Host Configuration Protocol (DHCP) Relay
        • Loopback Detection
        • Jumbo Frames
        • Multicast Filtering
        • 802.1X
        • Static Route IPV4
        • DoS
        • Radius Server
        • Mirror Settings
        • Address Resolution Protocol
        • Static MAC Address Table
        • SNMP
      • Ports
        • Classic Switch Policy
          • General
          • VLAN
          • QoS
          • QoS Storm Control
          • Security
          • ACL
          • 802.1X
      • Port Policy
      • Link Aggregation
        • LACP
        • Group
        • Trunk Port Settings
        • VLAN
      • VLAN
        • General
        • Network
        • IGMP
    • Select an SSID
      • SSID Policies
        • Adding SSID Security Policies
        • Editing SSID Security Policies
      • General
        • Basic
        • Authentication
          • Disabling the Strict Rekey
        • Others
        • VLAN
        • Dynamic VLAN Support
      • Advanced
        • Band Selection
        • IEEE802.11R
        • IEEE 802.11K
        • IEEE802.11V
        • SSL-VPN Security Tunnel Access
        • DNS
        • Agile Multiband
      • Security Policies
      • Guest Portal
        • Sign-on Settings
          • Sign-on with One-Time Passwords
          • Configuring Twilio Billing for SMS
          • Sign-on with LDAP Server Authentication
          • Sign-on with Active Directory Server Authentication
          • Sign-on with RADIUS Server Authentication
          • Sign-on with SAML Authentication
          • Wireless Guest TOTP Authentication
        • Customized Splash Page
          • Use a Linked Image on the Customized Splash Page
          • Collect User Feedback from a Customized Splash Page
    • Select a Security Policy
      • CFS (Content Filtering Service)
        • General
        • Category
        • Enabling or Disabling Reputation
        • URI List
        • Customize Block Page
      • CATP (Capture Advanced Threat Protection)
        • General
        • File Types
        • Protocols
        • MD5 Exclusion List
        • Customize Block Page
      • CAV (Cloud Gateway Anti-Virus)
        • General
        • File Types
        • Protocols
        • MD5 Exclusion List
        • Customize Block Page
      • ACL
        • General
        • Authentication/Association MAC Filtering
        • ACL
        • Bandwidth Management
      • Geo-IP & Botnet
      • APP Control Security Policy
  • AP Policies
  • Using Tags to Manage Access Points and SSIDs
    • Using Tags to Manage Access Points
      • Adding Tags to an Access Point
      • Removing Tags Associated with an Access Point
      • Viewing Tags Associated with an Access Point
    • Using Tags to Manage SSIDs
      • Adding Tags to an SSID Group
      • Removing Tags from an SSID Group
      • Viewing Tags Associated with an SSID Group
  • QoS Policies
  • Wi-Fi Multimeda (WMM) Profiles
    • Creating Wi-Fi Multimeda (WMM) Policies
    • Enabling Wi-Fi Multimeda (WMM) Policies
  • Managing Switch Policies
    • Adding Switch Policies
    • Editing Switch Policies
  • Managing Switch Port Policies
    • Adding Switch Port Policies
      • General
      • VLAN
      • QoS
      • QoS Storm Control
      • Security
      • ACL
      • 802.1X
      • POE
    • Editing Switch Port Policies
  • Security Policies
    • Content Filtering Service
      • Creating Content Filtering Service Security Policies
      • Editing Content Filtering Service Categories
      • Adding Sites to the Allowlists and Blocklists
    • Customizing Blockpage
    • Applying a Security Policy to an SSID Group
    • Capture Advanced Threat Protection
      • Creating Capture Advanced Threat Protection Security Policies
      • Adding an MD5 Hash to the Exclusion List
    • Cloud Anti-Virus
    • Access Control Policies
      • Creating and Editing Access Control Policies
    • Geo-IP & Botnet
    • Application Control
  • Managing SNMP Policies
    • Setting the SNMP ID
    • Adding SNMP Policies
    • Editing SNMP Policies
    • Deleting SNMP Policies
    • Setting SNMP Policies
  • Managing Switch SNMP Policies
    • Adding Switch SNMP Policies
    • Editing Switch SNMP Policies
    • Applying Switch SNMP Policies
• Objects
  • Address Objects
    • Creating Mac Address Objects
    • Creating Address Object Groups
  • Service Objects
  • Matched Objects
  • QoS Objects
  • Schedule Objects
    • Scheduling VAP Security Policy
  • App Objects
  • VLAN Objects
• Admin
  • Reports
    • Generating Report Tasks
    • General Settings
  • Users
    • Configuring User Quota Control
  • Settings
    • General
      • Client Timezone
    • Firmware
    • Notification Center
      • Alert
      • Threat
      • Log
      • Email
      • SMS Event Notifications
  • Certificates
    • Batch Import
    • Import Certificates
  • Using the WiFi Planner
• SonicWall Support
  • About This Document

802.1X

802.1X is currently only for SonicWave 224 models.

802.1X is an IEEE standard for media-level (Layer 2) access control, offering the capability to permit or deny network connectivity based on the identity of the end user or device.

802.1X enables port-based access control using authentication. An 802.1X-enabled port can be dynamically enabled or disabled based on the identity of the user or device that connects to it.

802.1X uses these protocols:

• Extensible Authentication Protocol (EAP): The message format and framework defined by RFC 4187 that provides a way for the supplicant and the authenticator to negotiate an authentication method (the EAP method).
• EAP method: Defines the authentication method; that is. the credential type and how it is submitted from the supplicant to the authentication server using the EAP framework. Common EAP methods used in 802.1X networks are EAP-Transport Layer Security (EAP-TLS) and Protected EAP-Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MSCHAPv2).
• EAP over LAN (EAPoL): An encapsulation defined by 802.1X for the transport of the EAP from the supplicant to the switch over IEEE 802 networks. EAPoL is a Layer 2 protocol.
• RADIUS: The de facto standard for communication between the switch and the authentication server. The authenticator extracts the EAP payload from the Layer 2 EAPoL frame and encapsulates the payload inside a Layer 7 RADIUS packet.

To activate 802.1X support for a device

1. Navigate to Policies > Policy Hierarchy.
2. Select the AP Policy.
3. Scroll to and click the 802.1X tab.
4. Fill in the values needed for the EAP Settings and RADIUS Server, and RADIUS Accounting Server.
5. Click the Port Setting tab.
6. Select the device you want to configure.
7. In the 802,1X column, activate the slider for the ports for which you want to use the 802.1X protocol.
8. Click OK.