beautypg.com

Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 267

background image

Brocade Mobility Access Point System Reference Guide

257

53-1003100-01

5

NOTE

Some vendor solutions with VRRP enabled send ARP packets with Ethernet SMAC as a physical MAC
and inner ARP SMAC as VRRP MAC. If this configuration is enabled, a packet is allowed, despite a
conflict existing.

Refer to the 802.1X Settings field to define the following:

Select the Enable option within the 802.1x supplicant (client) feature field to enable a username
and password pair used when authenticating users on this port. Select Show to display the
password being typed in the Password field.

Select the Spanning Tree tab.

Trust DHCP Responses

Select this option to enable DHCP trust on this port. If enabled, only DHCP responses are trusted
and forwarded on this port, and a DHCP server can be connected only to a DHCP trusted port.
The default value is enabled.

ARP header Mismatch
Validation

Select this option to enable a mismatch check for the source MAC in both the ARP and Ethernet
header. The default value is enabled.

Trust 802.1p COS values

Select this option to enable 802.1p COS values on this port. The default value is enabled.

Trust IP DSCP

Select this option to enable IP DSCP values on this port. The default value is enabled.

Host Mode

Select the port mode for 802.1X authentication. Select single-host to bridge traffic from a single
authenticated host. Select multi-host to bridge traffic from any host to this port.

Guest VLAN

Set the Guest VLAN on which traffic is bridged from a wired port when the selected port is considered
unauthorized.

Port Control

Set how the port bridges traffic. Select one of the following options:

Automatic – The port is set to the state as received from the authentication server.

force-authorized – Any traffic on the port is considered authenticated and is bridged as
configured.

force-unauthorized – Any traffic on the port is considered unauthenticated and is not bridged.

Re Authenticate

Select to enable or disable reauthentication. Reauthentication is primarily used to refresh the current
state of the selected port. When enabled the device is forced to reauthenticate. When this happens,
the port is still considered authenticated. If reauthentication fails, the port is considered
unauthorized and devices using the port are denied access.

Max Reauthenticate
Count

Set the number of reauthentication attempts when a port tries to reauthenticate and fails. Once this
count exceeds, the port is considered unauthorized.

Maximum Request

Set the number of times an attempt is made to authenticate with an EAP server before returning an
‘Authentication Failed’ message to the device seeking to authenticate using the controlled port.

Quiet Period

Set the duration in seconds where no attempt is made to reauthenticate a controlled port. Set a
value from 0-65535 seconds.

Reauthenticate Period

Set the duration after which a controlled port is forced to reauthenticate. Set a value from 0-65535
seconds.

See also other documents in the category Brocade Computer Accessories: