D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch
80
Figure 17-5. 802.1X Authenticator Settings
This window allows you to set the following features:
•
From [
] To [ ]
– Enter the port or ports to be set.
•
AdmDir [
both
]
– Sets the administrative-controlled direction to either
in
or
both
. If
in
is selected, control is
only exerted over incoming traffic through the port you selected in the first field. If
both
is selected, control
is exerted over both incoming and outgoing traffic through the controlled port selected in the first field.
•
PortControl [
auto
]
– This allows you to control the port authorization state. Select
forceAuthorized
to
disable 802.1X and cause the port to transition to the authorized state without any authentication exchange
required. This means the port transmits and receives normal traffic without 802.1X-based authentication of
the client. If
forceUnauthorized
is selected, the port will remain in the unauthorized state, ignoring all
attempts by the client to authenticate. The switch cannot provide authentication services to the client through
the interface. The third option is
auto
. This enables 802.1X and causes the port to begin in the unauthorized
state, allowing only EAPOL frames to be sent and received through the port. The authentication process
begins when the link state of the port transitions from down to up, or when an EAPOL-start frame is
received. The switch then requests the identity of the client and begins relaying authentication messages
between the client and the authentication server.
•
TxPeriod [
30
]
– This sets the TxPeriod of time for the authenticator PAE state machine. This value
determines the period an EAP Request/Identity packet is transmitted to the client.
•
QuietPeriod [
60
]
– This allows you to set the number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client.
•
SuppTimeout [
30
]
– This value determines timeout conditions in the exchanges between the Authenticator
and the client.
•
ServerTimeout [
30
]
– This value determines timeout conditions in the exchanges between the
Authenticator and the client.
•
MaxReq [
2
]
– The maximum number of times that the switch will retransmit an EAP Request packet to the
client before it times out the authentication session.
•
ReAuthPeriod [
3600
]
– A constant that defines a nonzero number of seconds between periodic
reauthentications of the client.