Dell PowerEdge VRTX User Manual
Page 237
237
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Plasma\User
Guide\Plasma_UGSwitching_NetworkSecurity.fm
D E L L CO N F I D E N T I A L – P R E L I MI N A RY 4/ 1 8 /1 3 - F O R PR O O F O N LY
–
Dynamic VLAN Assignment — Enable/disable dynamic VLAN
assignment for this port. This feature enables you to automatically
assign users to VLANs during the RADIUS server authentication.
When a user is authenticated by the RADIUS server, the user is
automatically joined to the VLAN configured on a RADIUS server.
• Port Lock and Port Monitor should be disabled when DVA is
enabled.
• Dynamic VLAN Assignment (DVA) can occur only if a RADIUS
server is configured, and port authentication is enabled and set to
802.1x multi-session mode.
• If the RADIUS Accept Message does not contain the supplicant’s
VLAN, the supplicant is rejected.
• Authenticated ports are added to the supplicant VLAN as
untagged.
• Authenticated ports remain unauthenticated VLAN and Guest
VLAN members. Static VLAN configuration is not applied to the
port.
• The following list of VLANs cannot participate in DVA: an
Unauthenticated VLAN, a Dynamic VLAN that was created by
GVRP, a Voice VLAN, a Default VLAN and a Guest VLAN.
• Delete the supplicant VLAN while the supplicant is logged in.
The supplicant is authorized during the next re-authentication if
this supplicant VLAN is re-created, or a new VLAN is configured
on the RADIUS server.
NOTE:
DVA provides the same functionality as the MAC to VLAN Assignment
feature, but does so in a standard way. Therefore, when DVA is available,
MAC to VLAN Assignment is not available.
–
Guest VLAN — Enable/disable port access to the Guest VLAN. If
enabled, unauthorized users, connected to this interface, can access
the Guest VLAN.
–
Dynamic Policy / ACL Assignment — Enable/disable this feature.
–
Periodic Reauthentication — Select to enable port re-authentication
attempts after the specified Reauthentication Period.
–
Reauthentication Period (300-4294967295) — Enter the number of
seconds after which the selected port is reauthenticated.