1. Manuals
  2. Brands
  3. ORiNG Manuals
  4. Switch
  5. DGS-7084GCP-AIO_S SERIES
  6. User manual

ORiNG DGS-7084GCP-AIO_S SERIES User Manual page 99

Industrial managed gigabit bypass ethernet switch
Hide thumbs
Table of Contents

Advertisement

Hold Time
Port
Admin State
ORing Industrial Networking Corp
DGS-7084GCP-AIO_S SERIES User's Manual
only.
Suppose a client is connected to a 3rd party switch or hub, which
in turn is connected to a port on this switch that runs MAC-based
authentication, and suppose the client gets successfully
authenticated. Now assume that the client powers down his PC.
What should make the switch forget about the authenticated
client? Reauthentication will not solve this problem, since this
doesn't require the client to be present, as discussed under
Reauthentication Enabled above. The solution is aging of
authenticated clients. The Age Period, which can be set to a
number between 10 and 1000000 seconds, works like this: A
timer is started when the client gets authenticated. After half the
age period, the switch starts looking for frames sent by the client.
If another half age period elapses and no frames are seen, the
client is considered removed from the system, and it will have to
authenticate again the next time a frame is seen from it. If, on the
other hand, the client transmits a frame before the second half of
the age period expires, the switch will consider the client alive,
and leave it authenticated. Therefore, an age period of T will
require the client to send frames more frequent than T/2 for him to
stay authenticated.
This setting applies to ports running MAC-based authentication,
only.
If the RADIUS server denies a client access, or a RADIUS server
request times out (according to the timeout specified on the
Authentication configuration page), the client is put on hold in the
Unauthorized state. In this state, frames from the client will not
cause the switch to attempt to reauthenticate the client. The Hold
Time, which can be set to a number between 10 and 1000000
seconds, determines the time after an EAP Failure indication or
RADIUS timeout that a client is not allowed access.
The port number for which the configuration below applies.
Sets the authentication mode to one of the following options (only
used when 802.1X or MAC-based authentication is globally
enabled):
Auto: Requires an 802.1X-aware client (supplicant) to be
authorized by the authentication server. Clients that are not
98

Advertisement

Table of Contents
loading

Related Manuals for ORiNG DGS-7084GCP-AIO_S SERIES

Table of Contents