PLANET XGSW-28040 User Manual

Page 230

Advertising
background image

User’s Manual of XGSW-28040

Single 802.1X

Multi 802.1X

MAC-Based Auth

.

If a client is denied access - either because the RADIUS server denies the client

access or because the RADIUS server request times out (according to the

timeout specified on the "Configuration→Security→AAA" page) - the client is put

on hold in the Unauthorized state. The hold timer does not count during an

on-going authentication.

In MAC-based Auth. mode, the The switch will ignore new frames coming from

the client during the hold time.

The Hold Time can be set to a number between 10 and 1000000 seconds.

RADIUS-Assigned QoS

Enabled

RADIUS-assigned QoS provides a means to centrally control the traffic class to

which traffic coming from a successfully authenticated supplicant is assigned on

the switch. The RADIUS server must be configured to transmit special RADIUS

attributes to take advantage of this feature (see RADIUS-Assigned QoS Enabled

below for a detailed description).

The "RADIUS-Assigned QoS Enabled" checkbox provides a quick way to

globally enable/disable RADIUS-server assigned QoS Class functionality. When

checked, the individual ports' ditto setting determine whether RADIUS-assigned

QoS Class is enabled for that port. When unchecked, RADIUS-server assigned

QoS Class is disabled for all ports.

RADIUS-Assigned

VLAN Enabled

RADIUS-assigned VLAN provides a means to centrally control the VLAN on

which a successfully authenticated supplicant is placed on the switch. Incoming

traffic will be classified to and switched on the RADIUS-assigned VLAN. The

RADIUS server must be configured to transmit special RADIUS attributes to take

advantage of this feature (see RADIUS-Assigned VLAN Enabled below for a

detailed description).

The "RADIUS-Assigned VLAN Enabled" checkbox provides a quick way to

globally enable/disable RADIUS-server assigned VLAN functionality. When

checked, the individual ports' ditto setting determine whether RADIUS-assigned

VLAN is enabled for that port. When unchecked, RADIUS-server assigned VLAN

is disabled for all ports.

Guest VLAN Enabled

A Guest VLAN is a special VLAN - typically with limited network access - on

which 802.1X-unaware clients are placed after a network administrator-defined

timeout. The switch follows a set of rules for entering and leaving the Guest

VLAN as listed below.

The "Guest VLAN Enabled" checkbox provides a quick way to globally

enable/disable Guest VLAN functionality. When checked, the individual ports'

230

Advertising
Popular Brands
Popular manuals