beautypg.com

Allied Telesis AT-S62 User Manual

Page 478

background image

Chapter 24: 802.1x Port-based Access Control

Section VI: Port Security

478

2 - Quiet Period
Sets the number of seconds that the port remains in the quiet state
following a failed authentication exchange with the clien

t. The

default value is 60 seconds. The range is 0 to 65,535 seconds.

3 - TX Period
Sets the number of seconds that the switch waits for a response to an
EAP-request/identity frame from the client before retransmitting the
request. The default value is 30 seconds. The range is 1 to 65,535
seconds.

4 - Reauth Period
Enables periodic reauthentication of the client, which is disabled by
default. The default value is 3600 seconds. The range is 1 to 65,535
seconds.

5 - Supplicant Timeout
Sets the switch-to-client retransmission time for the EAP-request
frame. The default value for this parameter is 30 seconds. The range is
1 to 600 seconds.

6 - Server Timeout
Sets the timer used by the switch to determine authentication server
timeout conditions. The default value for this parameter is 30
seconds. The range is 1 to 65,535 seconds.

7 - Max Requests
Specifies the maximum number of times that the switch retransmits
an EAP Request packet to the client before it times out the
authentication session. The default value for this parameter is 2
retransmissions. The range is 1 to 10 retransmissions.

8 - Control Direction
Specifies how the port is to handle ingress and egress broadcast and
multicast packets when in the unauthorized state. When a port is set
to the Authenticator role, it remains in the unauthorized state until
the client logs on by providing a username and password
combination. In the unauthorized state, the port will only accept EAP
packets from the client. All other ingress packets that the port might
receive from the client, including multicast and broadcast traffic, is
discarded until the supplicant has logged on.

You can use this selection to control how an Authenticator port will
handle egress broadcast and multicast traffic when in the
unauthorized state. You can instruct the port to forward this traffic to
the client, even though the client has not logged on, or you can have
the port discard the traffic.

See also other documents in the category Allied Telesis Computer hardware: