EdgeSwitch
Administration Guide
™
Field
Control Mode
Operating Control Mode
PAE State
Backend State
Command buttons
(for each interface)
Use the buttons to perform the following tasks:
• To change the port-based access control settings for a port, select the port and click Edit. The UI
automatically redirects to the Port Access Control Port Configuration page for the selected port. For
information on using this page, refer to "Global Port Access Control Configuration" on page 205.
• To view additional information about the port-based access control settings for a port, select the port
with the information to view and click Details. You are automatically redirected to the Port Access Control
Port Details page for the selected port.
• Click Refresh to refresh the page with the most current data from the switch.
To retain the changes across the switch's next power cycle, click System > Configuration Storage > Save.
Ubiquiti Networks, Inc.
Port Access Control Port Summary Fields (Continued)
Description
The port-based access control mode configured on the port, which is one of the following:
Auto
•
The port is unauthorized until a successful authentication exchange has taken place.
•
Force Unauthorized
The port ignores supplicant authentication attempts and does not provide
authentication services to the client.
•
Force Authorized
The port sends and receives normal traffic without client port-based
authentication.
•
MAC-Based
This mode allows multiple supplicants connected to the same port to each
authenticate individually. Each host connected to the port must authenticate separately in order
to gain access to the network. The hosts are distinguished by their MAC addresses.
The control mode under which the port is actually operating, which is one of the following:
•
Auto
•
Force Unauthorized
•
Force Authorized
•
MAC-Based
•
N/A
If the mode is N/A, port-based access control is not applicable to the port. If the port is in detached
state it cannot participate in port access control. Additionally, if port-based access control is globally
disabled, the status for all ports is N/A.
The current state of the authenticator PAE state machine, which is the 802.1X process that controls
access to the port. The state can be one of the following:
•
Initialize
•
Disconnected
•
Connecting
•
Authenticating
•
Authenticated
•
Aborting
•
Held
•
ForceAuthorized
•
ForceUnauthorized
The current state of the back-end authentication state machine, which is the 802.1X process that
controls the interaction between the 802.1X client on the local system and the remote authentication
server. The state can be one of the following:
•
Request
•
Response
•
Success
•
Fail
•
Timeout
•
Initialize
Idle
•
Click this button to reset the 802.1X state machine on the associated interface to the
initialization state. Traffic sent to and from the port is blocked during the authentication process.
This button can be clicked only when the port is an authenticator and the operating Control
Mode is Auto.
Click this button to force the associated interface to restart the authentication process.
Managing Device Security
207