Fortinet MR1 User Manual

575

Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur
causing all fields to be updated for the newly selected port. All physical interfaces are valid.

Non-Configurable Data

Control Mode - Displays the configured control mode for the specified port. Options are:

force unauthorized: The authenticator port access entity (PAE) unconditionally sets the controlled
port to unauthorized

force authorized: The authenticator PAE unconditionally sets the controlled port to authorized.

auto: The authenticator PAE sets the controlled port mode to reflect the outcome of the
authentication exchanges between the supplicant, authenticator, and the authentication server.

Quiet Period - This field displays the configured quiet period for the selected port. This quiet period is the
value, in seconds, of the timer used by the authenticator state machine on this port to define periods of
time in which it will not attempt to acquire a supplicant. The quiet period is the period for which the
authenticator does not attempt to acquire a supplicant after a failed authentication exchange with the
supplicant. The quiet period is a number in the range of 0 and 65535.

Transmit Period - This field displays the configured transmit period for the selected port. The transmit
period is the value, in seconds, of the timer used by the authenticator state machine on the specified port
to determine when to send an EAPOL EAP Request/Identity frame to the supplicant. The transmit period
is a number in the range of 1 to 65535.

Supplicant Timeout - This field displays the configured supplicant timeout for the selected port. The
supplicant timeout is the value, in seconds, of the timer used by the authenticator state machine on this
port to timeout the supplicant. The supplicant timeout is a value in the range of 1 to 65535.

Server Timeout - This field displays the configured server timeout for the selected port. The server
timeout is the value, in seconds, of the timer used by the authenticator on this port to timeout the
authentication server. The server timeout is a value in the range of 1 to 65535.

Maximum Requests - This field displays the configured maximum requests for the selected port. The
maximum requests value is the maximum number of times the authenticator state machine on this port
will retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The maximum requests
value is in the range of 1 to 10.

Reauthentication Period - This field displays the configured reauthentication period for the selected
port. The reauthentication period is the value, in seconds, of the timer used by the authenticator state
machine on this port to determine when reauthentication of the supplicant takes place. The
reauthentication period is a value in the range of 1 to 65535.

Reauthentication Enabled - This field displays if reauthentication is enabled on the selected port. This
is a configurable field. The possible values are 'true' and 'false'. If the value is 'true' reauthentication will
occur. Otherwise, reauthentication will not be allowed.

Control Direction - This displays the control direction for the specified port. The control direction
dictates the degree to which protocol exchanges take place between Supplicant and Authenticator. This
affects whether the unauthorized controlled port exerts control over communication in both directions
(disabling both incoming and outgoing frames) or just in the incoming direction (disabling only the
reception of incoming frames). This field is not configurable on some platforms.

Protocol Version - This field displays the protocol version associated with the selected port. The only
possible value is 1, corresponding to the first version of the 802.1x specification. This field is not
configurable.

PAE Capabilities - This field displays the port access entity (PAE) functionality of the selected port.
Possible values are "Authenticator" or "Supplicant". This field is not configurable.

Authenticator PAE State - This field displays the current state of the authenticator PAE state machine.
Possible values are: