Edge-Core ECS4620-28T Quick Start Manual page 309
28/52-port l3 stackable gigabit ethernet switch
Hide thumbs
Also See for ECS4620-28T:
- Installation manual (59 pages) ,
- Quick start manual (9 pages) ,
- Cli reference manual (1260 pages)
Table of Contents
Advertisement
Intrusion – Sets the port response to a host MAC authentication failure to
■
either block access to the port or to pass traffic through. (Options: Block,
Pass; Default: Block)
Max MAC Count
■
be authenticated on a port via MAC authentication; that is, the Network
Access process described in this section. (Range: 1-1024; Default: 1024)
◆
Network Access Max MAC Count
addresses that can be authenticated on a port interface via all forms of
authentication (including Network Access and IEEE 802.1X). (Range: 1-2048;
Default: 1024)
◆
Guest VLAN – Specifies the VLAN to be assigned to the port when 802.1X
Authentication fails. (Range: 0-4094, where 0 means disabled;
Default: Disabled)
The VLAN must already be created and active (see
on page
166). Also, when used with 802.1X authentication, intrusion action
must be set for "Guest VLAN" (see
802.1X" on page
356).
◆
Dynamic VLAN – Enables dynamic VLAN assignment for an authenticated
port. When enabled, any VLAN identifiers returned by the RADIUS server
through the 802.1X authentication process are applied to the port, providing
the VLANs have already been created on the switch. (GVRP is not used to create
the VLANs.) (Default: Enabled)
The VLAN settings specified by the first authenticated MAC address are
implemented for a port. Other authenticated MAC addresses on the port must
have the same VLAN configuration, or they are treated as authentication
failures.
If dynamic VLAN assignment is enabled on a port and the RADIUS server
returns no VLAN configuration, the authentication is still treated as a success,
and the host is assigned to the default untagged VLAN.
When the dynamic VLAN assignment status is changed on a port, all
authenticated addresses mapped to that port are cleared from the secure MAC
address table.
◆
Dynamic QoS – Enables dynamic QoS assignment for an authenticated port.
(Default: Disabled)
◆
MAC Filter ID – Allows a MAC Filter to be assigned to the port. MAC addresses
or MAC address ranges present in a selected MAC Filter are exempt from
authentication on the specified port (as described under
MAC Address
Filter"). (Range: 1-64; Default: None)
7.
The maximum number of MAC addresses per port is 1024, and the maximum number of secure
MAC addresses supported for the switch system is 1024. When the limit is reached, all new MAC
addresses are treated as authentication failures.
Network Access (MAC Address Authentication)
7
– Sets the maximum number of MAC addresses that can
7
– Sets the maximum number of MAC
"Configuring Port Authenticator Settings for
– 303 –
Chapter 12
| Security Measures
"Configuring VLAN Groups"
"Configuring a
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
