Specifications
Web Configuration
3-25
Field Attributes
System Setting
• Mode - Indicates if 802.1X protocol is globally enabled or disabled on the switch.
• RADIUS IP - Sets the RADIUS server IP address.
• RADIUS UDP Port - Sets the UDP port to the use for the external RADIUS server.
• RADIUS Secret - Sets the text string used for encryption between the switch and
the RADIUS server.
• Reauthentication Enabled - Sets the client to be re-authenticated after the
interval specified by the Re-authentication Period. Re-authentication can be used
to detect if a new device is plugged into a switch port.
• Reauthentication Period - Sets the time period after which a connected client
must be re-authenticated.
• EAP timeout - The time the switch shall wait for the supplicant response before
re-transmitting a packet.
Port Setting
• Port - The port number.
• Admin State - Sets the authentication mode to one of the following options:
• Auto - Requires a 802.1X-aware client to be authorized by the authentication
server. Clients that are not 802.1X-aware will be denied access.
• Force-Authorized - Forces the port to grant access to all clients, either
802.1X-aware or otherwise.
• Force-Unauthorized - Forces the port to deny access to all clients, either
802.1X-aware or otherwise.
• Port State - The state of the port.
• Reset - Two options available:
• Re-Authenticate - Schedules a reauthentication to whenever the quiet-period
of the port runs out.
• Force-Reinitialize - Bypasses the quiet-period of the port and enables
immediate reauthentication regardless of the status for the quiet-period.
Note:
The reason for a “quiet-period” follows: If a re-authentication fails, the IEEE
802.1X standard enforces a so-called “quiet-period” in which the authenticator
(switch) shall be quiet and not re-try another authentication – also packets from
supplicant are discarded – this way “brute-force” attacks are prevented.