beautypg.com

1 802.1x port – Signamax Managed Hardened PoE Industrial DIN-rail Mount Switch User Manual

Page 43

background image

8 Security

38

send feedbacks (through a RADIUS access-accept packet and an EAP-success packet)

to the switch to indicate that the supplicant system is authenticated.

The switch changes the state of the corresponding port to accepted state to allow the

supplicant system to access the network.

The supplicant system can also terminate the authenticated state by sending

EAPoL-Logoff packets to the switch. The switch then changes the port state from

accepted to rejected.

8.2.1 802.1x Port

This tab page sets 802.1x port enabling, port control, re-authentication and Guest VLAN for a

specified Ethernet port. There are three choices for Port Control: Auto, Force Authorized

and Force Unauthorized.

Configuration Steps:

Step 1 Specify the port to configure

Caution: The port to configure authentication cannot be link-aggregation port.

Step 2 Enable or disable the 802.1x authentication function

Step 3 If 802.1x is enabled, you can further configure port control, re-authentication and

Guest VLAN;

Auto: Specify to operate in auto access control mode. When one port operates in this

mode, all the unauthenticated hosts connected to it

are unauthorized. In this case,

only EAPoL packets can be exchanged between the switch and the hosts. And the
authenticated hosts connected to the port are authorized to access the network
resources.

Force Authorized:

Specify to operate in authorized-force access control mode. When
one port operates in this mode, all the hosts connected to it can
access the network resources without the need of authentication.

Force Unauthorized:

Specify to operate in unauthorized-force access control mode.
When one port operates in this mode, the hosts connected to it
cannot access the network resources.

Guest VLAN:

A guest VLAN can be enabled for each IEEE 802.1x port on the
switch to provide limited services to the clients.

Step 4

Enable or disable Re-authentication

Step 5

Enable or disable Guest VLAN

The Guest VLAN function enables supplicant systems that that are not authenticated to