Chapter 4. Web Configuration & Operation
246
CHAPTER 4
WEB OPERATION & CONFIGURATION
MAC Count (Current/Limit):
The two columns indicate the number of currently learned MAC addresses (forwarding as
well as blocked) and the maximum number of MAC addresses that can be learned on the port, respectively. If no user
modules are enabled on the port, the Current column will show a dash (-). If the Limit Control user module is not
enabled on the port, the Limit column will show a dash (-).
4.5.5.1.3 Port Statistics
This page shows MAC addresses learned on a particular port.
MAC Address:
When “Port Security Limit Control” is enabled globally and on a port, MAC addresses learned on a port
show in here.
VLAN ID:
Display VLAN ID that is seen on this port.
State:
Display whether the corresponding MAC address is forwarding or blocked. In the blocked state, it will not be
allowed to transmit or receive traffic.
Time of Addition:
Display the date and time when this MAC address was seen on the port.
Age/Hold:
If at least one user module has decided to block this MAC address, it will stay in the blocked state until the
hold time (measured in seconds) expires. If all user modules have decided to allow this MAC address to forward, and
aging is enabled, the Port Security module will periodically check that this MAC address is still forwarding traffic. If the
age period (measured in seconds) expires and no frames have been seen, the MAC address will be removed from the
MAC table. Otherwise a new age period will begin. If aging is disabled or a user module has decided to hold the MAC
address indefinitely, a dash (-) will be shown.
4.5.5.2 NAS
Network Access Server configuration is useful to the networking environment that wants to authenticate clients
(supplicants) before they can access resources on the protected network. To effectively control access to unknown
clients, 802.1X defined by IEEE provides a port-based authentication procedure that can prevent unauthorized access
to a network by requiring users to first submit credentials for authentication purposes.
A switch interconnecting clients and radius server usually acts as an authenticator and uses EAPOL (Extensible
Authentication Protocol over LANs) to exchange authentication protocol messages with clients and a remote RADIUS
authentication server to verify user identity and user’s access right. This section is for setting up authenticator’s
configurations either on the system or on a per port basis. To configure backend server, please go to RADIUS
configuration page.
Содержание IFS-1604GSM Series
Страница 385: ......