Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking X1000 Series
251252253254255256257258259260
252 Network Administration: Security
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Network_Admin_Security.fm
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
Dynamic VLAN Assignment
— Enable/disable dynamic VLAN
assignment for this port. This feature enables you to automatically
assign users to VLANs during the RADIUS server authentication.
When a user is authenticated by the RADIUS server, the user is
automatically joined to the VLAN configured on a RADIUS server.
Port Lock and Port Monitor should be disabled when DVA is
enabled.
Dynamic VLAN Assignment (DVA) can occur only if a RADIUS
server is configured, and port authentication is enabled and set to
802.1x multi-session mode.
If the RADIUS Accept Message does not contain the supplicant’s
VLAN, the supplicant is rejected.
Authenticated ports are added to the supplicant VLAN as
untagged.
Authenticated ports remain unauthenticated VLAN and Guest
VLAN members. Static VLAN configuration is not applied to the
port.
The following list of VLANs cannot participate in DVA: an
Unauthenticated VLAN, a Dynamic VLAN that was created by
GVRP, a Voice VLAN, a Default VLAN and a Guest VLAN.
Delete the supplicant VLAN while the supplicant is logged in.
The supplicant is authorized during the next re-authentication if
this supplicant VLAN is re-created, or a new VLAN is configured
on the RADIUS server.
NOTE: DVA provides the same functionality as the MAC to VLAN Assignment
feature, but does so in a standard way. Therefore, when DVA is available,
MAC to VLAN Assignment is not available.
Guest VLAN
— Enable/disable port access to the Guest VLAN. If
enabled, unauthorized users, connected to this interface, can access
the Guest VLAN.
Dynamic Policy / ACL Assignment
— Enable/disable this feature.
Periodic Reauthentication
— Select to enable port re-authentication
attempts after the specified Reauthentication Period.
Reauthentication Period (300-4294967295)
— Enter the number of
seconds after which the selected port is reauthenticated.