Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility RFS Controller System Reference Guide

397

53-1003099-01

8

NOTE

Some vendor solutions with VRRP enabled send ARP packets with Ethernet SMAC as a physical MAC
and inner ARP SMAC as VRRP MAC. If this configuration is enabled, a packet is allowed, despite a
conflict existing.

15. Set the following 802.1X Settings:

16. Select Enable within the 802.1x supplicant (client) field to enable a username and password

pair used when authenticating users on this port. This setting is disabled by default. The
password cannot exceed 32 characters.

17. Select OK to save the changes made to the Ethernet port’s security configuration. Select Reset

to revert to the last saved configuration.

18. Select the Spanning Tree tab.

Host Mode

Use the drop-down menu to select the host mode configuration to apply to this port. Options include
single-host or multi-host. The default setting is single-host.

Guest VLAN

Specify a guest VLAN for this port from 1 - 4094. This is the VLAN traffic is bridged on if this port is
unauthorized and the guest VLAN is globally enabled.

Port Control

Use the drop-down menu to set the port control state to apply to this port. Options include
force-authorized, force-unauthorized and automatic. The default setting is force-authorized.

Re Authenticate

Select this setting to force clients to reauthenticate on this port. The default setting is disabled, thus
clients do not need to reauthenticate for connection over this port until this setting is enabled.

Max Reauthenticate
Count

Set the maximum reauthentication attempts (1 - 10) before this port is moved to unauthorized. The
default setting is 2.

Maximum Request

Set the maximum number of authentication requests (1 - 10) before returning a failed message to the
requesting client. The default setting is 2.

Quiet Period

Set the quiet period for this port from 1 - 65,535 seconds.This is the maximum wait time 802.1x waits
upon a failed authentication attempt. The default setting is 60 seconds.

Reauthenticate
Period

Use the spinner control to set the reauthentication period for this port from 1 - 65,535 seconds. The
default setting is 60 seconds.

Port MAC
Authentication

When enabled, a port’s MAC address is authenticated, as only one MAC address is supported per wired
port. When successfully authenticated, packets from the source are processed. Packets from all other
sources are dropped. Port MAC authentication is supported on RFS4000, RFS6000 model controllers
and NX4500, NX6500 and NX9000 series service platforms.
Port MAC authentication may be enabled on ports in conjunction with Wired 802.1x settings for a MAC
Authentication AAA policy.