Table of Contents
Advertisement
•
Admin Port Control — Indicates the port state. The possible field values are:
–
Auto —Enables port-based authentication on the device. The interface moves between an authorized or
unauthorized state based on the authentication exchange between the device and the client.
–
ForceAuthorized — Indicates the interface is in an authorized state without being authenticated. The
interface re-sends and receives normal traffic without client port-based authentication.
–
ForceUnauthorized — Denies the selected interface system access by moving the interface into
unauthorized state. The device cannot provide authentication services to the client through the interface.
•
Enable Guest VLAN — Indicates if the Guest VLAN is enabled. The possible field values are:
–
Checked — Enables the Guest VLAN.
–
Unchecked — Disables the Guest VLAN. This is the default value.
•
Authentication Method — Defines the user authentication methods. MAC authentication ensures that end-
user stations meet security policies criteria, and protects networks from viruses.
To activate MAC authentication first define the following:
1.
Enable Guest VLAN.
2.
Set the Admin Port Control option to Auto.
The possible values are:
–
802.1X Only – Enables only 802.1X authentication on the device.
–
MAC Only — Enables only MAC authentication on the device.
–
MAC + 802.1X – Enables MAC Authentication + 802.1X authentication on the device. In case of MAC+
802.1x, 802.1x takes precedence.
•
Enable Periodic Reauthentication — Permits port reauthentication. The possible field values are:
–
Enable — Enables port reauthentication. This is the default value.
–
Disable — Disables port reauthentication.
•
Reauthentication Period — Displays the time span (in seconds) in which the selected port is
reauthenticated. The field default is 3600 seconds.
•
Reauthenticate Now — Reauthenticates the port immediately.
•
Authenticator State — Displays the current authenticator state (as defined in Admin Port Control).
•
Quiet Period — Displays the number of seconds that the device remains in the quiet state following a failed
authentication exchange. The possible field range is 0-65535. The field default is 60 seconds.
•
Resending EAP — Defines the amount of time (in seconds) that lapses before EAP requests are resent.
The field default is 30 seconds.
•
Max EAP Requests — Displays the total amount of EAP requests sent. If a response is not received after the
defined period, the authentication process is restarted. The field default is 2 retries.
•
Supplicant Timeout — Displays the amount of time (in seconds) that lapses before EAP requests are resent
to the supplicant. The field default is 30 seconds.
•
Server Timeout — Displays the amount of time (in seconds) that lapses before the device re-sends
a request to the authentication server. The field default is 30 seconds.
•
Termination Cause — Indicates the reason for which the port authentication was terminated.
2.
Click Apply. The port authentication configuration is saved and the device is updated.
3.
Click Save Config on the menu to save the changes permanently.
Page 52
Configuring Device Security
Configuring Network Security
Advertisement
Table of Contents
