58
C
3: M
HAPTER
ANAGING
Advanced Port-based
Authentication
D
S
EVICE
ECURITY
Enable — Enables using a Guest VLAN for unauthorized ports. If a
■
Guest VLAN is enabled, the unauthorized port automatically joins
the VLAN selected in the VLAN List field.
Disable — Disables port-based authentication on the device. This is
■
the default.
Enable Periodic Reauthentication — Permits immediate port
■
reauthentication.
Reauthentication Period — Displays the time span (in seconds) in
■
which the selected port is reauthenticated. The field default is 3600
seconds. The field range is 300-4294967295 seconds.
Authenticator State — Displays the current authenticator state.
■
Quiet Period — Displays the Quiet Period. The field range is 0-65535
■
Resending EAP — Defines the amount of time (in seconds) that
■
lapses before EAP requests are resent. The field default is 30 seconds.
The field range is 0-65535
Max EAP Requests — Displays the total amount of EAP requests
■
sent. If a response is not received after the defined period, the
authentication process is restarted. The field default is 2 retries. The
field range is 0-65535
Supplicant Timeout — Displays the Supplicant Timeout. The field
■
range is 0-65535
Server Timeout— Displays the Server Timeout. The field range is
■
0-65535
.
Termination Cause — Indicates the reason for which the port
■
authentication was terminated.
2 Click
updated.
Advanced port-based authentication enables multiple hosts to be
attached to a single port. Advanced port-based authentication requires
only one host to be authorized for all hosts to have system access. If the
port is unauthorized, all attached hosts are denied access to the network.
Advanced port-based authentication also enables user-based
authentication. Specific VLANs in the device are always available, even if
specific ports attached to the VLAN are unauthorized. For example, Voice
over IP does not require authentication, while data traffic requires
authentication. VLANs for which authorization is not required can be
.
.
.
. Port Authentication is enabled, and the device is
.