8 security, 1 port access control – Asus GigaX2024B User Manual
Page 56
![background image](/manuals/300350/56/background.png)
44
GigaX2024B L2 Managed Switch User Manual
4.8 Security
The switch supports the 802.1x port-based security feature. Only authorized
hosts are allowed to access the switch port. Traffic will be blocked from
unauthenticated host. Authentication can be provided via a RADIUS server or
the local database in the switch.
The switch also supports dynamic VALN assignment through 802.1x
authentication process. The VLAN information for the users/ports should be
configured in the authentication server properly before enabling this feature.
4.8.1 Port access control
Port Access Control is used to configure various 802.1x parameters. 802.1x
uses either RADIUS server or local database to authenticate port users.
The first part is the Bridge (Global) settings:
Sys-Auth-Control: checks it to enable the authentication
Authentication Method: RADIUS or Local database can be used to
authenticate the port user.
The second part is the port settings. Please click
Modify when youʼre done with
the modifications:
Port: Specify which port to configure from port list window.
Multi-host: If enabled, ALL hosts connected to the selected port are allowed
to use the port if ONE of the hosts passed the authentication. If disabled,
only ONE host is allowed to use the port.
Authentication Control: If “ForceAuthorized” is selected, the selected
port is forced authorized. Thus, traffic from all hosts is allowed to pass.
Otherwise, if “ForceUnauthorized” is selected, the selected port is blocked
and no traffic can go through. If “Auto” is selected, the behavior of the
selected port is controlled by 802.1x protocol. All ports should be set to “Auto”
under normal conditions.
Reauthentication: Once enabled, the switch will try to authenticate the port
user again when the re-authentication time is up.
ReAuthentication Time: If “Reauthentication” is enabled, this is the time
period the switch uses to re-send authentication request to the port user (see
above).
Quiet Period: If authentication failed, the switch waits upon this time period
before sending another authentication request to the port user.
Retransmission Time: If the port user failed to respond to authentication