4 Configuration
DGS-1210 series Metro Ethernet Managed Switch User Manual
96
Figure 4.141 - Security > 802.1X > 802.1X Settings
By default, 802.1X is disabled. To use EAP for security, select enabled and set the
Authentication Mode
and
Authentication Protocol
then click
Apply
.
Authentication Mode:
Indicates the 802.1X mode enabled on the device. The possible field values are:
Port Based –
Enables 802.1X on ports. This is the default value.
MAC Based –
Enables 802.1X on MAC addresses.
Authentication Protocol:
Indicates the 802.1X Protocol on the device. The possible field values are
Local
and
RADIUS EAP
.
From Port/To Port:
Enter the port or ports to be set.
QuietPeriod (0 – 65535 sec):
Sets the number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client. Default is
60
seconds.
ServerTimeout (1 – 65535 sec):
Sets the amount of time the switch waits for a response from the client
before resending the response to the authentication server. Default is
30
seconds.
TxPeriod (1 – 65535 sec):
This sets the TxPeriod of time for the authenticator PAE state machine. This
value determines the period of an EAP Request/Identity packet transmitted to the client. Default is
30
seconds.
ReAuthentication:
Determines whether regular reauthentication will take place on this port. The default
setting is
Disabled
.
Capability:
Indicates the capability of the 802.1X. The possible field values are:
Authenticator –
Specify the Authenticator settings to be applied on a per-port basis.
None –
Disable 802.1X functions on the port.
SuppTimeout (1 – 65535 sec):
This value determines timeout conditions in the exchanges between the
Authenticator and the client. Default is
30
seconds.
MaxReq (1 – 10):
This parameter specifies the maximum number of times that the switch retransmits an
EAP request (md-5challnege) to the client before it times out the authentication session. Default is
2
times.
ReAuthPeriod (1 – 65535 sec):
A constant that defines a nonzero number of seconds between periodic
reauthentication of the client. The default setting is
3600
seconds.
Port Control:
This allows user to control the port authorization state.
Select
ForceAuthorized
to disable 802.1X and cause the port to transition to the authorized state
without any authentication exchange required. This means the port transmits and receives normal
traffic without 802.1X-based authentication of the client.
If
ForceUnauthorized
is selected, the port will remain in the unauthorized state, ignoring all
attempts by the client to authenticate. The Switch cannot provide authentication services to the client
through the interface.
If
Auto
is selected, it will enable 802.1X and cause the port to begin in the unauthorized state,
allowing only EAPOL frames to be sent and received through the port. The authentication process
begins when the link state of the port transitions from down to up, or when an EAPOL-start frame is
Summary of Contents for DGS-1210 Series
Page 159: ...140 ...