27
GigaX2008EX L2 Managed Switch User Manual
4.7 Security
The switch has the 802.1x port-based security feature. Only authorized hosts
are allowed to access the switch port. Traffic is blocked for hosts failed to
authenticate themselves. The authentication service is provided by a RADIUS
server or the local database in the switch.
The switch also supports dynamic VALN assignment through 802.1x
authentication process. The VLAN information for the users/ports should be
configured in the authentication server properly before enabling this feature.
4.7.1 Port Access Control
Port Access Control is used to configure various 802.1x parameters. 802.1x
uses either RADIUS server or local database to authenticate port users.
The first part is the Bridge (Global) settings:
Reauthentication:
Once enabled, the switch will try to authenticate the port user
again when the re-authentication time is up.
Reauthentication Time:
If ʻReauthenticationʼ is enabled, this is the interval
for the switch to re-send authentication request to the port user.(see above)
Authentication Method:
RADIUS or Local database can be used to
authenticate the port user.
Quiet Period:
If authentication failed either from RADIUS or local database,
the switch waits upon this time period before sending another authentication
request to the port user.
Retransmission Time:
If the port user failed to respond to authentication
request from the switch, the switch waits upon this time period before sending
another authentication request to the port user.
Max Reauthentication Attempts:
Retry count if the port user failed to
respond to authentication requests from the switch.
The second part is the port settings. Please click
Modify
when you have finished
the modifications.
Port:
Specify which port to be configured.
Multi-host:
If enabled, all hosts connected to the selected port are allowed to
use the port if one of the hosts passed the authentication. If disabled, only one
host among other hosts passed the authentication is allowed to use the port.
Authentication Control:
If ʻforce authorizedʼ is selected, the selected port is
forced to be authorized. Thus, traffic from all hosts is allowed to pass. Otherwise,
if ʻforce unauthorizedʼ is selected, the selected port is blocked and no traffic can