beautypg.com

Allied Telesis AT-S63 User Manual

Page 338

background image

Chapter 23: 802.1x Port-based Network Access Control

338

Section IV: Security

Port Control
The possible settings are:

Force-authorized - Disables IEEE 802.1X port-based
authentication and causes the port to transition to the authorized
state without any authentication exchange required. The port
transmits and receives normal traffic without 802.1x-based
authentication of the client. This is the default setting

Force-unauthorized - Causes the port to remain in the
unauthorized state, ignoring all attempts by the client to
authenticate. The switch cannot provide authentication services
to the client through the interface

Auto - Enables 802.1x port-based authentication and causes the
port to begin in the unauthorized state, allowing only EAPOL
frames to be sent and received through the port. The
authentication process begins when the link state of the port
changes or the port receives an EAPOL-Start packet from a
supplicant. The switch requests the identity of the client and
begins relaying authentication messages between the client and
the authentication server. Each client that attempts to access the
network is uniquely identified by the switch using the client's MAC
address.

Quiet Period
Sets the number of seconds that the port remains in the quiet
state following a failed authentication exchange with the clien

t.

The default value is 60 seconds. The range is 0 to 65,535 seconds.

TX Period
Sets the number of seconds that the switch waits for a response to
an EAP-request/identity frame from the client before
retransmitting the request. The default value is 30 seconds. The
range is 1 to 65,535 seconds.

Reauth Period
Enables periodic reauthentication of the client, which is disabled
by default. The default value is 3600 seconds. The range is 1 to
65,535 seconds.

Supplicant Timeout
Sets the switch-to-client retransmission time for the EAP-request
frame. The default value for this parameter is 30 seconds. The
range is 1 to 600 seconds.

Server Timeout
Sets the timer used by the switch to determine authentication
server timeout conditions. The default value for this parameter is
10 seconds. The range is 1 to 60 seconds.

See also other documents in the category Allied Telesis Computer hardware: