beautypg.com

Fortinet MR1 User Manual

Page 573

background image

573

Command Buttons

Submit - Sends the updated screen to the switch and causes the changes to take effect on the switch
but these changes will not be retained across a power cycle unless a save is performed.

Configuring each Port Access Control Configuration Page

Selection Criteria

Port - Selects the port to be configured. When the selection is changed, a screen refresh will occur
causing all fields to be updated for the newly selected port. All physical interfaces are valid.

Configurable Data

Control Mode - This selector lists the options for control mode. The control mode is only set if the link
status of the port is link up. The options are:

force unauthorized: The authenticator port access entity (PAE) unconditionally sets the controlled port to
unauthorized

force authorized: The authenticator PAE unconditionally sets the controlled port to authorized.

auto: The authenticator PAE sets the controlled port mode to reflect the outcome of the authentication
exchanges between the supplicant, authenticator, and the authentication server.

Quiet Period - This input field allows the user to configure the quiet period for the selected port. This
command sets the value, in seconds, of the timer used by the authenticator state machine on this port to
define periods of time in which it will not attempt to acquire a supplicant. The quiet period is the period for
which the authenticator does not attempt to acquire a supplicant after a failed authentication exchange
with the supplicant. The quiet period must be a number in the range of 0 and 65535. A quiet period value
of 0 means that the authenticator state machine will never acquire a supplicant. The default value is 60.
Changing the value will not change the configuration until the Submit button is pressed.

Transmit Period - This input field allows the user to configure the transmit period for the selected port.
The transmit period is the value, in seconds, of the timer used by the authenticator state machine on the
specified port to determine when to send an EAPOL EAP Request/Identity frame to the supplicant. The
transmit period must be a number in the range of 1 to 65535. The default value is 30. Changing the value
will not change the configuration until the Submit button is pressed.

Supplicant Timeout - This input field allows the user to enter the supplicant timeout for the selected port.
The supplicant timeout is the value, in seconds, of the timer used by the authenticator state machine on
this port to timeout the supplicant. The supplicant timeout must be a value in the range of 1 to 65535. The
default value is 30. Changing the value will not change the configuration until the Submit button is
pressed.

Server Timeout - This input field allows the user to enter the server timeout for the selected port. The
server timeout is the value, in seconds, of the timer used by the authenticator on this port to timeout the
authentication server. The server timeout must be a value in the range of 1 to 65535. The default value is
30. Changing the value will not change the configuration until the Submit button is pressed.