8 security, 1 port access control – Asus GigaX2048 User Manual

GigaX Series L2 Managed Switch User Guide

4.8 Security

The switch has the 802.1x port-based security feature. Only authorized
hosts are allowed to access the switch port. Traffic is blocked for hosts
failed to authenticate themselves. The authentication service is provided by
a RADIUS server or the local database (support MD5 authentication) in the
switch.

The switch also supports dynamic VLAN assignment through 802.1x
authentication process. The VLAN information for the users/ports should
be configured in the authentication server properly before enabling this
feature.

The switch has the port security feature. Users can use the port security
feature to restrict input to an interface by limiting and identifying MAC
addressed of the stations allowed to access the port. When you assign
secure MAC addresses to a secure port, the port does not forward with
source addresses outside the group of defined addresses.

4.8.1 Port Access Control

Port Access Control is used to configure various 802.1x parameters.
802.1x uses either RADIUS server or local database to authenticate
port users.

The first part is the Bridge (Global) settings:

• Reauthentication: Once enabled, the switch will try to authenticate

the port user again when the re-authentication time is up.

• Reauthentication Time: If 'Reauthentication' is enabled, this is the

time period the switch uses to re-send authentication request to the
port user. (See above)

• Authentication Method: RADIUS or Local database can be used to

authenticate the port user.

• Quiet Period: If authentication failed either from RADIUS or local

database, the switch waits upon this time period before sending
another authentication request to the port user.

• Retransmission Time: If the port user failed to respond to

authentication request from the switch, the switch waits upon this
time period before sending another authentication request to the port
user.