Chapter 4. Web Configuration & Operation
232
CHAPTER 4
WEB OPERATION & CONFIGURATION
None:
Do not allow more than the specified limit of MAC addresses to access on a port. No action is further taken.
Trap:
If Limit + 1 MAC addresses are seen on the port, send an SNMP trap. If Aging is disabled, only one SNMP
trap will be sent, but with Aging enabled, new SNMP traps will be sent every time the limit is exceeded.
Shutdown:
If Limit + 1 MAC addresses is seen on the port, shut down the port. This implies that all secured MAC
addresses will be removed from the port, and no new addresses will be learned. Even if the link is physically
disconnected and reconnected on the port (by disconnecting the cable), the port will remain shut down. There
are three ways to re-open the port:
* Boot the switch
* Disable and re-enable Limit Control on the port or the switch
* Click the “Reopen” button
Trap & Shutdown:
If Limit + 1 MAC addresses is seen on the port, both the “Trap” and the “Shutdown” actions
described above will be taken.
State:
Display the current state of the port from the port security limit control's point of view. The displayed state
might be one of the following:
Disabled:
Limit control is either globally disabled or disabled on a port.
Ready:
The limit is not reached yet.
Limit Reached:
The limit is reached on a port. This state can only be shown if Action is set to None or Trap.
Shutdown:
The port is shut down by the Limit Control module. This state can only be shown if Action is set to
Shutdown or Trap & Shutdown.
Re-open Button:
If a port is shut down by this module, you may reopen it by clicking this button, which will only be
enabled if this is the case. For other methods, refer to Shutdown in the Action section. Note that clicking the Reopen
button causes the page to be refreshed, so non-committed changes will be lost.
4.3.4.2.2 NAS
Network Access Server configuration is useful to the networking environment that wants to authenticate clients
(supplicants) before they can access resources on the protected network. To effectively control access to unknown
clients, 802.1X defined by IEEE provides a port-based authentication procedure that can prevent unauthorized access
to a network by requiring users to first submit credentials for authentication purposes.
A switch interconnecting clients and radius server usually acts as an authenticator and uses EAPOL (Extensible
Authentication Protocol over LANs) to exchange authentication protocol messages with clients and a remote RADIUS
authentication server to verify user identity and user’s access right. This section is for setting up authenticator’s
configurations either on the system or on a per port basis. To configure backend server, please go to RADIUS
configuration page.
Содержание MSW-4424C Series
Страница 1: ...1 MSW 4424C MSW 4424CS L2 Gigabit Carrier Ethernet Switch ...
Страница 382: ......