-30-
3.3.8 Egress Tagging Rules
Egress Tagging rules are used to make change to the packet before it is stored into egress queue of an
egress port. Three egress settings are provided for each port and are described as follows:
3.3.8.1 Egress Settings
Insert Tag (per port setting)
Enable
-
Insert the Tag data of the associated Packet Tag information into the packet
Disable
-
No tagging is performed.
Untagging Specific VID (per port setting)
Enable
-
No tag insertion if the VID data of the associated Packet Tag information matches the
Untagged VID configured in next setting even
[Insert Tag]
is enabled.
Disable
-
This rule is not applied.
3.3.9 Summary of VLAN Function
VLAN Modes
Port-based VLAN Mode :
simple port-based 2-VLAN-groups mode
Port-based VLAN ISP Mode :
simple port-based 5-VLAN-groups mode
Advanced VLAN Mode :
Full VLAN configuration for port-based and Tag-based VLAN
Advanced VLAN Mode
Egress Settings (per port) :
[Tag Aware], [Keep Tag], [Drop Untag], [Drop Tag]
Ingress Default Tag (per port) :
[PVID], [CFI], [User Priority]
VLAN Groups (global) :
8 VLAN groups
VLAN Group Settings (per group) :
[VID], [Member Ports], [Source Port Check]
Egress Settings :
[Insert Tag], [Untagging Specific VID], [Untagged VID]
VLAN range supported :
1 ~ 4095 (eight VLANs at the same time)
[PVID] [VID] [Untagged VID] value range :
1 ~ 4095
3.4 802.1X Authentication
For some IEEE 802 LAN environments, it is desirable to restrict access to the services offered by the
LAN to those users and devices that are permitted to make use of those services. IEEE 802.1X Port-
based network access control function provide a means of authenticating and authorizing devices at-
tached to a LAN port that has point-to-point connection characteristics, and of preventing access to that
port in cases in which the authentication and authorization process fails. The 802.1X standard relies on
the client to provide credentials in order to gain access to the network. The credentials are not based on
a hardware address. Instead, they can be either a username/password combination or a certificate. The
credentials are not verified by the switch but are sent to a Remote Authentication Dial-In User Service
(RADIUS) server, which maintains a database of authentication information. 802.1X consists of three
components for authentication exchange, which are as follows: