Dynamic VLAN 802.1X Switchport Behavior with Unmanaged Switch Downlinked

  • 1
  • Question
  • Updated 1 week ago
  • Answered
Does anyone know what happens to the VLAN assignment of a DVLAN 802.1X wired port when connected it's downlinked to an unmanaged switch with multiple devices connected? Does the VLAN assignment of first device to perform the 802.1X authentication get assigned to all other devices on that port? Does the VLAN keep changing as different devices come online and authenticate? I can't imagine that the switch can perform multiple 802.1X auths on a single port, right? 
Photo of Eric Markow

Eric Markow

  • 2 Posts
  • 0 Reply Likes

Posted 1 week ago

  • 1
Photo of Simon

Simon, Employee

  • 18 Posts
  • 7 Reply Likes
Hi Eric

An ICX switch can authenticate up to 32 devices on a single port and assign each one to a different VLAN. Full details are here 
http://docs.ruckuswireless.com/fastiron/08.0.80/fastiron-08080-securityguide/GUID-EA4E5652-0CEE-420E... 


Photo of Eric Markow

Eric Markow

  • 2 Posts
  • 0 Reply Likes
Hi Simon, thanks for the answer! I am wondering if the capability is the same when the switch port is used as the supplicant, and performing authentication based on the MAC address of the device connecting. This is how we have our networks configured, as some wired clients do not have an 802.1X support (smart TV's, printers, etc). 
Photo of Simon

Simon, Employee

  • 18 Posts
  • 7 Reply Likes
Multiple host authentication works for .1x and MAC authenticated clients. If multiple hosts are connected to a .1x or or MAC authentication-enabled port, then each is authenticated individually. 

You can download the security config guide from the link that I included in my previous response.