Allied Telesis AT-9000 Series User Manual

Chapter 17: Setting 802.1x Port-based Network Access

192

Both

Specifies that authenticator ports in the
unauthorized state should discard both ingress
and egress broadcast and multicast traffic.



Dynamic VLAN Creation— Activates dynamic VLAN
assignments of authenticator ports. Click the box to activate this
field.



Type— Activates dynamic VLAN assignments of authenticator
ports. Choose from the following:

Single

Specifies that an authenticator port forwards

packets of only those supplicants that have the
same VID as the supplicant who initially
logged on.

Multi

Specifies that an authenticator port forwards

packets of all supplicants, regardless of the
VIDs in their client accounts on the RADIUS
server.



Guest VLAN— Specifies the ID number of a VLAN that is the
guest VLAN of an authenticator port. You can enter only one VID.



Host Mode— Sets the operating modes on authenticator ports.
Choose from the following:

Single-host

Specifies the single-host operating mode.

An authenticator port set to this mode
forwards only those packets from the one
client who initially logs on. This is the
default setting.

Multi-host

Specifies the multiple-host operating

mode. An authenticator port set to this
mode forwards all packets after one client
logs on. This is referred to as piggy-
backing.

Multi-supplicant

Specifies the multiple-supplicant operating

mode. An authenticator port set to this
mode requires that all clients log on.



Mac Authentication— Activates MAC address-based
authentication on authenticator ports. An authenticator port that
uses this type of authentication extracts the source MAC address
from the initial frames from a supplicant and automatically sends it
as the supplicant’s username and password to the authentication
server. This authentication method does not require 802.1x client
software on supplicant nodes. Click the box to activate this field.