xStack
®
DGS-3200 Series Layer 2 Gigabit Ethernet Managed Switch
146
This mode adds an extra layer of security by checking the IP MAC-Binding Port Binding (IMPB) table before trying one of the
supported authentication methods. The IMPB Table is used to create a ‘white-list’ that checks if the IP streams being sent by
authorized hosts have been granted or not. In the above diagram, the Switch port has been configured to allow clients to
authenticate using either WAC or JWAC. If the client is in the IMPB table and tries to connect to the network using either of these
supported authentication methods and the client is listed in the white list for legal IP/MAC/port checking, access will be granted.
If a client fails one of the authentication methods, access will be denied.
The
Multiple Authentication
folder contains three windows:
Authorization Network State Settings
,
Multiple Authentication
Settings
, and
Guest VLAN Settings
.
Authorization Network State Settings
Users can configure Authorization Network State Settings for the Switch.
To view the following window, click
Security > Multiple Authentication > Authorization Network State Settings
:
Figure 5 - 58. Authorization Network State Settings window
Multiple Authentication Settings
Users can configure multiple authentication methods for a port or ports.
To view the following window, click
Security > Multiple Authentication > Multiple Authentication Settings
:
Figure 5 - 59. Multiple Authentication Settings window
To set up multiple authentication on individual ports for the Switch, complete the following fields:
Parameter Description
From Port
Use this drop-down menu to select the beginning port of a range of ports to be enabled as
multiple authentication ports.
To Port
Use this drop-down menu to select the ending port of a range of ports to be enabled as
multiple authentication ports.
Methods
The multiple authentication method options include:
None
,
Any (MAC, 802.1X or
WAC/JWAC)
,
802.1X+IMPB
,
IMPB+JWAC
, and
IMPB+WAC
.
y
None
means all multiple authentication methods are disabled.
y
Any (MAC, 802.1X or WAC/JWAC)
means if any of the authentication methods
pass, then access will be granted. In this mode, MBAC, 802.1X and WAC/JWAC)
Содержание DGS-3200-16 - Switch - Stackable
Страница 1: ...Manual ProductModel xStack DGS 3200 Series Layer2ManagedGigabit Ethernet Switch Release 1 35 ...
Страница 235: ......