Dell PowerConnect 3524P User Manual page 265

• Dynamic VLAN Assignment — Indicates whether dynamic VLAN assignment is enabled for this port.
This feature allows network administrators to automatically assign users to VLANs during the RADIUS
server authentication. When a user is authenticated by the RADIUS server, the user is automatically
joined to the VLAN configured on a RADIUS server.
– Port Lock and Port Monitor should be disabled when DVA is enabled.
– Dynamic VLAN Assignment (DVA) can occur only if a RADIUS server is configured, and port
authentication is enabled and set to 802.1x multi-session mode.
– If the Radius Accept Message doesn't contain the supplicant's VLAN, the supplicant is rejected.
– Authenticated ports are added to the supplicant VLAN as untagged.
– Authenticated ports remain unauthenticated VLAN and Guest VLAN members. Static VLAN
configuration is not applied to the port.
– The following list of VLANs cannot participate in DVA: an Unauthenticated VLAN, a Dynamic
VLAN that was created by GVRP, a Voice VLAN, a Default VLAN and a Guest VLAN.
– Network administrators can delete the supplicant VLAN while the supplicant is logged in.
The supplicant is authorized during the next re-authentication if this supplicant VLAN is
re-created or a new VLAN is configured on the RADIUS server.
• Guest VLAN — If enabled, indicates that unauthorized users connected to this interface can access
the Guest VLAN.
– Enable — Enables unauthorized users to access the guest VLAN.
– Disable — Prevents unauthorized users from accessing the guest VLAN.
• Periodic Reauthentication — Reauthenticates the selected port periodically. The reauthentication
period is defined in the Reauthentication Period (300-4294967295) field.
– Enable — Enables periodic port reauthentication.
– Disable — Disables periodic port reauthentication.
• Reauthentication Period (300-4294967295) — Indicate the time span in which the selected port is
reauthenticated. The field value is seconds. The field default is 3600 seconds.
• Reauthenticate Now — Permits immediate port reauthentication.
– Checked — Enables immediate port reauthentication.
– Disable — Disables immediate port reauthentication.
• Authentication Server Timeout (1-65535) — Defines the amount of time that lapses before the
device resends a request to the authentication server. The field value is specified in seconds. The field
default is 30 seconds.
• Resending EAP Identity Request (1-65535) — Defines the amount of time that lapses before
EAP request are resent. The field default is 30 seconds.
• Quiet Period (0-65535) — Indicates the number of seconds that the device remains in the quiet state
following a failed authentication exchange. The possible field range is 0-65535. The field default is
60 seconds.
Configuring Switch Information
265