Fortinet 548B User Manual

- 840 -

Selection Criteria

Port - Selects the port to be configured. When the selection is changed, a screen refresh will occur
causing all fields to be updated for the newly selected port. All physical interfaces are valid.

Control Mode - This selector lists the options for control mode. The control mode is only set if the
link status of the port is link up. The options are:



force unauthorized: The authenticator port access entity (PAE) unconditionally sets the
controlled port to unauthorized



force authorized: The authenticator PAE unconditionally sets the controlled port to
authorized.



auto: The authenticator PAE sets the controlled port mode to reflect the outcome of the
authentication exchanges between the supplicant, authenticator, and the authentication
server.



mac based: The authenticator PAE sets the controlled port mode to reflect the outcome of
the authentication exchanges between the supplicant, authenticator, and the authentication
server on a per supplicant basis.

Reauthentication Enabled - This field allows the user to enable or disable reauthentication of the
supplicant for the specified port. The selectable values are 'true' and 'false'. If the value is 'true'
reauthentication will occur. Otherwise, reauthentication will not be allowed. The default value is false.
Changing the selection will not change the configuration until the Submit button is pressed.

Configurable Data

Quiet Period (secs)- This input field allows the user to configure the quiet period for the selected
port. This command sets the value, in seconds, of the timer used by the authenticator state machine
on this port to define periods of time in which it will not attempt to acquire a supplicant. The quiet
period is the period for which the authenticator does not attempt to acquire a supplicant after a failed
authentication exchange with the supplicant. The quiet period must be a number in the range of 0
and 65535. A quiet period value of 0 means that the authenticator state machine will never acquire a
supplicant. The default value is 60. Changing the value will not change the configuration until the
Submit button is pressed.

Transmit Period (secs)- This input field allows the user to configure the transmit period for the
selected port. The transmit period is the value, in seconds, of the timer used by the authenticator
state machine on the specified port to determine when to send an EAPOL EAP Request/Identity
frame to the supplicant. The transmit period must be a number in the range of 1 to 65535. The
default value is 30. Changing the value will not change the configuration until the Submit button is
pressed.

Guest VLAN Id (secs) - This field allows the user to configure Guest Vlan Id on the interface. The
valid range is 0 - L7_PLATFORM_MAX_VLAN_ID.The default value is 0. Changing the value will not
change the configuration until the Submit button is pressed. Enter 0 to reset the Guest Vlan Id on the
interface.

Guest VLAN Period (secs) - This input field allows the user to enter the guest Vlan period for the
selected port. The guest Vlan period is the value, in seconds, of the timer used by the GuestVlan
Authentication. The guest Vlan timeout must be a value in the range of 1 and 300. The default value
is 90. Changing the value will not change the configuration until the Submit button is pressed.

Supplicant Timeout (secs)- This input field allows the user to enter the supplicant timeout for the
selected port. The supplicant timeout is the value, in seconds, of the timer used by the authenticator
state machine on this port to timeout the supplicant. The supplicant timeout must be a value in the
range of 1 to 65535. The default value is 30. Changing the value will not change the configuration
until the Submit button is pressed.

Server Timeout (secs)- This input field allows the user to enter the server timeout for the selected
port. The server timeout is the value, in seconds, of the timer used by the authenticator on this port to