8 security, 1 port access control – Asus GigaX2024B User Manual

Page 56

Advertising
background image

44

GigaX2024B L2 Managed Switch User Manual

4.8 Security

The switch supports the 802.1x port-based security feature. Only authorized

hosts are allowed to access the switch port. Traffic will be blocked from

unauthenticated host. Authentication can be provided via a RADIUS server or

the local database in the switch.
The switch also supports dynamic VALN assignment through 802.1x

authentication process. The VLAN information for the users/ports should be

configured in the authentication server properly before enabling this feature.

4.8.1 Port access control

Port Access Control is used to configure various 802.1x parameters. 802.1x

uses either RADIUS server or local database to authenticate port users.
The first part is the Bridge (Global) settings:

Sys-Auth-Control: checks it to enable the authentication
Authentication Method: RADIUS or Local database can be used to

authenticate the port user.

The second part is the port settings. Please click

Modify when youʼre done with

the modifications:

Port: Specify which port to configure from port list window.
Multi-host: If enabled, ALL hosts connected to the selected port are allowed

to use the port if ONE of the hosts passed the authentication. If disabled,

only ONE host is allowed to use the port.
Authentication Control: If “ForceAuthorized” is selected, the selected

port is forced authorized. Thus, traffic from all hosts is allowed to pass.

Otherwise, if “ForceUnauthorized” is selected, the selected port is blocked

and no traffic can go through. If “Auto” is selected, the behavior of the

selected port is controlled by 802.1x protocol. All ports should be set to “Auto”

under normal conditions.
Reauthentication: Once enabled, the switch will try to authenticate the port

user again when the re-authentication time is up.
ReAuthentication Time: If “Reauthentication” is enabled, this is the time

period the switch uses to re-send authentication request to the port user (see

above).
Quiet Period: If authentication failed, the switch waits upon this time period

before sending another authentication request to the port user.
Retransmission Time: If the port user failed to respond to authentication

Advertising
Popular Brands
Popular manuals