beautypg.com

7 security, 1 port access control – Asus GigaX2008EX User Manual

Page 37

background image

27

GigaX2008EX L2 Managed Switch User Manual

4.7 Security

The switch has the 802.1x port-based security feature. Only authorized hosts

are allowed to access the switch port. Traffic is blocked for hosts failed to

authenticate themselves. The authentication service is provided by a RADIUS

server or the local database in the switch.
The switch also supports dynamic VALN assignment through 802.1x

authentication process. The VLAN information for the users/ports should be

configured in the authentication server properly before enabling this feature.

4.7.1 Port Access Control

Port Access Control is used to configure various 802.1x parameters. 802.1x

uses either RADIUS server or local database to authenticate port users.
The first part is the Bridge (Global) settings:

Reauthentication: Once enabled, the switch will try to authenticate the port user

again when the re-authentication time is up.
Reauthentication Time: If ʻReauthenticationʼ is enabled, this is the interval

for the switch to re-send authentication request to the port user.(see above)
Authentication Method: RADIUS or Local database can be used to

authenticate the port user.
Quiet Period: If authentication failed either from RADIUS or local database,

the switch waits upon this time period before sending another authentication

request to the port user.
Retransmission Time: If the port user failed to respond to authentication

request from the switch, the switch waits upon this time period before sending

another authentication request to the port user.
Max Reauthentication Attempts: Retry count if the port user failed to

respond to authentication requests from the switch.

The second part is the port settings. Please click

Modify when you have finished

the modifications.

Port: Specify which port to be configured.
Multi-host: If enabled, all hosts connected to the selected port are allowed to

use the port if one of the hosts passed the authentication. If disabled, only one

host among other hosts passed the authentication is allowed to use the port.
Authentication Control: If ʻforce authorizedʼ is selected, the selected port is

forced to be authorized. Thus, traffic from all hosts is allowed to pass. Otherwise,

if ʻforce unauthorizedʼ is selected, the selected port is blocked and no traffic can

See also other documents in the category Asus Communication: