beautypg.com

Allied Telesis AT-GS950/48 User Manual

Page 288

background image

Chapter 21: Security

288

Multiple: The port is set to permit multiple clients on an
authenticator port. An authenticator mode forwards packets
from all clients once one client has successfully logged on.

Piggyback Mode: This mode is used in conjunction with the
Multiple Supplicant Mode. This mode is typically used in situations
where you want to add 802.1x port-based network access control
to a switch port that is supporting multiple clients, but do not want
to create individual accounts for all the clients on the RADIUS
server. After one client has successfully logged on, the port
permits the other clients to piggy-back onto the initial client’s log
on, so that they can forward packets through the port without being
authenticated.

Enabled: The Piggyback Mode is enabled.

Disabled: The Piggyback Mode is disabled.

VLAN Assignment: This parameter enables the VLAN
assignment that you select with the Guest VLAN ID parameter.
Choose from the following:

Enabled: The VLAN Assignment is enabled.

Disabled: The VLAN Assignment is disabled.

Secure VLAN: This field is inactive.

Guest VLAN ID: This parameter specifies the VLAN ID that is
designated as a Guest VLAN. The range is 0 to 4093, where 0 is
disabled.

When a supplicant account is created on the RADIUS server, a
VLAN identifier must be entered along with a user name and
password combination or MAC address information. If the switch
receives a valid VLAN ID or VLAN name from the RADIUS server,
it moves the authenticator port to the designated Guest VLAN and
changes the port to the authorized state.

Transmission Period: Sets the switch-to-client retransmission
time for EAP request frames. The range is 1 to 65535 seconds.

Quiet Period: Sets the number of seconds that authenticator ports
wait after a failed authentication before accepting authentication
requests again. The range is 1 to 65535 seconds.

Supplicant Timeout: Sets the switch-to-client retransmission time
for EAP request frames. The range is 1 to 65535 seconds.

Maximum Request: Specifies the maximum number of times
authenticator ports transmit EAP Request packets to clients before
timing out authentication sessions. The range is 1 to 10.

See also other documents in the category Allied Telesis Computer hardware: