beautypg.com

Allied Telesis AT-S62 User Manual

Page 304

background image

Chapter 25: 802.1x Port-based Access Control

Section VI: Port Security

304

regardless of the client. If set to Disabled, then the switch port
forwards only those packets from the client who was
authenticated and discards packets from all other users.

Quiet Period
Sets the number of seconds that the port remains in the quiet
state following a failed authentication exchange with the clien

t.

The range is 0 to 65,535 seconds. The default value is 60 seconds.

Control Direction
Specifies how the port is to handle ingress and egress broadcast and
multicast packets when in the unauthorized state. When a port is set
to the Authenticator role, it remains in the unauthorized state until
the client logs on by providing a username and password
combination. In the unauthorized state, the port will only accept EAP
packets from the client. All other ingress packets that the port might
receive from the client, including multicast and broadcast traffic, is
discarded until the supplicant has logged on.

You can use this selection to control how an Authenticator port will
handle egress broadcast and multicast traffic when in the
unauthorized state. You can instruct the port to forward this traffic to
the client, even though the client has not logged on, or you can have
the port discard the traffic.

The two selections are:

Ingress - An authenticator port, when in the unauthorized state,

will discard all ingress broadcast and multicast packets from the
client. while forwarding all egress broadcast and multicast traffic
to the same client.

Both - An authenticator port, when in the unauthorized state, will

not forward ingress or egress broadcast and multicast packets
from or to the client until the client has logged on. This is the
default.

Max Requests
Specifies the maximum number of times that the switch
retransmits an EAP Request packet to the client before it times out
the authentication session. The range is 1 to 10 retransmissions.
The default value is 2 retransmissions.

Server Timeout
Sets the timer used by the switch to determine authentication
server timeout conditions. The range is 1 to 65,535 seconds. The
default value is 30 seconds.

4. Click Apply.

See also other documents in the category Allied Telesis Computer hardware: