Table of Contents
Advertisement
Item
Description
Authenticator Options
Control Mode
The port-based access control mode on the port, which is one of the
following:
Quiet Period (Sec-
The number of seconds that the port remains in the quiet state follow-
onds)
ing a failed authentication exchange.
Transmit Period
The value, in seconds, of the timer used by the authenticator state
(Seconds)
machine on the port to determine when to send an EAPOL EAP
Request/Identity frame to the supplicant.
Guest VLAN ID
The VLAN ID for the guest VLAN. The guest VLAN allows the port to
provide a distinguished service to unauthenticated users. This feature
provides a mechanism to allow users access to hosts on the guest
VLAN. To set the guest VLAN ID, click the Edit icon associated with the
field and specify the ID value in the available field. To reset the guest
VLAN ID to the default value, click the Reset icon associated with the
field and confirm the action.
Guest VLAN Period
The value, in seconds, of the timer used for guest VLAN authentica-
(Seconds)
tion.
Unauthenticated
The VLAN ID of the unauthenticated VLAN. Hosts that fail the authen-
VLAN ID
tication might be denied access to the network or placed on a VLAN
created for unauthenticated clients. This VLAN might be configured
with limited network access. To set the unauthenticated VLAN ID, click
the Edit icon associated with the field and specify the ID value in the
available field. To reset the unauthenticated VLAN ID to the default
value, click the Reset icon associated with the field and confirm the
action.
Supplicant Timeout
The amount of time that the port waits for a response before retrans-
(Seconds)
mitting an EAP request frame to the client.
Server Timeout
The amount of time the port waits for a response from the authentica-
(Seconds)
tion server.
Maximum Requests The maximum number of times that the port sends an EAP request
frame (assuming that no response is received) to the client before
restarting the authentication process.
MAB Mode
The MAC-based Authentication Bypass (MAB) mode on the port,
which can be enabled or disabled.
Re-Authentication
The amount of time that clients can be connected to the port without
Period (Seconds)
being reauthenticated. If this field is disabled, connected clients are not
forced to reauthenicate periodically. To change the value, click the Edit
icon associated with the field and specify a value in the available field.
To reset the reauthentication period to the default value, click the
Reset icon associated with the field and confirm the action.
Maximum Users
The maximum number of clients supported on the port if the Control
Mode on the port is MAC-based 802.1X authentication.
Auto: The port is unauthorized until a successful authentication
exchange has taken place.
Force Unauthorized: The port ignores supplicant authentication
attempts and does not provide authentication services to the cli-
ent.
Force Authorized: The port sends and receives normal traffic
without client port-based authentication.
MAC-Based: This mode allows multiple supplicants connected to
the same port to each authenticate individually. Each host con-
nected to the port must authenticate separately in order to gain
access to the network. The hosts are distinguished by their MAC
addresses.
263
EKI-9500 Series User Manual
Advertisement
Table of Contents
