Configure 802.1X Port Authentication using Moxa Managed Switch Local Database

Many managed switches support 802.1X authentication; however, most require an external Radius server to perform the authentication while the switch simply relays the requests and responses, ultimately activating the connection after successful authentication of the supplicant.

Moxa managed switches have a local database option such that the switch itself can authenticate the users based on a local database of usernames/passwords managed and stored in the switch.

In the following example, we will configure 802.1X Authentication on Port 3 of a Moxa EDS-508A managed switch.

First navigate to the Port Access Control-802.1X Setting page and set the Database Option to “Local” and enable authentication for Port 3. Make sure to hit Activate when complete.

Next navigate to the Port Access Control-Local User Database page and add the desired users. Make sure to hit Activate when complete.

Next we need to configure the client side.  Check to see whether an Authentication tab is available in the Local Area Connection Properties.

If the client PC does not have an Authentication tab available in the Local Area Connection Properties, you will first need to start the “Wired AutoConfig” windows service. This service is only available beginning with Windows XP SP3.

After starting the Wired AutoConfig service, you should now see the Authentication tab. Choose “MD-5-Challenge” as the network authentication method and decide whether the user needs to enter the authentication info each time. The default is to cache user information with the bottom checkbox.

When the user plugs in, he will see the following prompt in the system tray.

Clicking on the systray icon brings up the “Enter Credentials” screen (this window sometimes gets hidden behind the Local Area Connection Status window, simply drag it out of the way).

Once the user types in the proper username and password, and ONLY after doing so, the user will have access to the LAN!