Network Router User Manual
Table Of Contents
- Router Platform User Interface Reference
- NAT Policy Page
- Router Interfaces Page
- Advanced Interface Settings Page
- AIM-IPS Interface Settings Page
- Dialer Policy Page
- ADSL Policy Page
- SHDSL Policy Page
- PVC Policy Page
- PPP/MLP Policy Page
- AAA Policy Page
- Accounts and Credential s Policy Page
- Bridging Policy Page
- Clock Policy Page
- CPU Policy Page
- HTTP Policy Page
- Console Policy Page
- VTY Policy Page
- Secure Shell Policy Page
- SNMP Policy Page
- DNS Policy Page
- Hostname Policy Page
- Memory Policy Page
- Secure Device Provisioning Policy Page
- DHCP Policy Page
- NTP Policy Page
- 802.1x Policy Page
- Network Admission Control Policy Page
- Logging Setup Policy Page
- Syslog Servers Policy Page
- Quality of Service Policy Page
- BGP Routing Policy Page
- EIGRP Routing Policy Page
- OSPF Interface Policy Page
- OSPF Process Policy Page
- RIP Routing Policy Page
- Static Routing Policy Page
K-181
User Guide for Cisco Security Manager 3.2
OL-16066-01
Appendix K Router Platform User Interface Reference
802.1x Policy Page
Interface The trusted, physical interface that provides VPN access to authenticated
traffic. Enter the name of an interface or interface role, or click Select to
display an Object Selectors, page F-593.
If the interface role you want is not listed, click the Create button in the
selector to display the Interface Role Dialog Box, page F-464. From here
you can create an interface role object.
Note The pattern defined in the interface role must represent only one
physical interface on the selected device. This interface should be the
internal protected interface that you configured as part of the VPN
topology. For more information, see Endpoints Page, page G-13.
Number of retries The number of times the physical interface resends an Extensible
Authentication Protocol (EAP) request/identity frame to a client if a
response is not received before restarting authentication.
Valid values range from 1 to 10. The default is 2.
Note You should change the default only to adjust for unusual
circumstances, such as unreliable links or specific problems with
certain clients and authentication servers.
Control type The control state of the interface, which determines whether the host is
granted access to the network. Options are:
• Force Authorize—Disables 802.1x authentication and causes the
interface to move to the authorized state without requiring any
authentication exchange. This means the interface transmits and
receives normal traffic without 802.1x-based authentication of the host.
This is the default.
• Auto—Enables 802.1x authentication and causes the interface to begin
in the unauthorized state, allowing only EAPOL frames to be sent and
received through the interface. If a host is successfully authenticated, the
interface state changes to authorized, which enables all frames from the
host through the interface.
Enable client
reauthentication
When selected, enables periodic reauthentication of client PCs on the 802.1x
interface. Reauthentication is performed after the interval defined in the
Client reauthentication period timeout field. The default period is 3600
seconds (1 hour).
When deselected, periodic reauthentication is not performed.
Table K-79 802.1x Page (Continued)