KTI Networks KGS-1064-HP User Manual page 58

Web management interface

Hide thumbs Also See for KGS-1064-HP:

User manual (34 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

page of 240

/ 240
Contents
Table of Contents
Bookmarks

Table of Contents

Port Configuration

Port

Admin State

life-time of the port. Once the switch considers whether to enter the Guest VLAN, it

will first check if this option is enabled or disabled. If disabled (unchecked; default),

the switch will only enter the Guest VLAN if an EAPOL frame has not been received

on the port for the life-time of the port. If enabled (checked), the switch will consider

entering the Guest VLAN even if an EAPOL frame has been received on the port for

the life-time of the port. The value can only be changed if the Guest VLAN option is

globally enabled.

Description

The port number for which the configuration below applies.

If NAS is globally enabled, this selection controls the port's authentication mode. The

following modes are available:

Force Authorized: In this mode, the switch will send one EAPOL Success frame

when the port link comes up, and any client on the port will be allowed network

access without authentication.

Force Unauthorized: In this mode, the switch will send one EAPOL Failure frame

when the port link comes up, and any client on the port will be disallowed network

access.

Port-based 802.1X: In the 802.1X-world, the user is called the supplicant, the switch

is the authenticator, and the RADIUS server is the authentication server. The

authenticator acts as the man-in-the-middle, forwarding requests and responses

between the supplicant and the authentication server. Frames sent between the

supplicant and the switch are special 802.1X frames, known as EAPOL (EAP Over

LANs) frames. EAPOL frames encapsulate EAP PDUs (RFC3748). Frames sent

between the switch and the RADIUS server are RADIUS packets. RADIUS packets

also encapsulate EAP PDUs together with other attributes like the switch's IP address,

name, and the supplicant's port number on the switch. EAP is very flexible, in that it

allows for different authentication methods, like MD5-Challenge, PEAP, and TLS.

The important thing is that the authenticator (the switch) doesn't need to know which

authentication method the supplicant and the authentication server are using, or how

-58-

Table of Contents

Show Quick Links

Quick Links:
Start Browser Software and Making Connection
Login to the Switch Unit
Ports

Hide quick links:

Table of Contents

KTI Networks KGS-1064-HP User Manual page 58

Hide quick links:

Related Manuals for KTI Networks KGS-1064-HP

Related Products for KTI Networks KGS-1064-HP

Table of Contents