Cisco Systems SLM248G4PS, SLM224G4PS manual Security Port Security, Setting Timer

Page 37

Chapter 5

Configuration Using the Web-based Utility

Setting Timer

The Setting Timer screen appears when you click Setting Timer on the 802.1x Settings screen. You use the Setting Timer screen to configure a port’s 802.1x functionality.

Security > 802.1x Settings > Setting Timer Port  Displays the port name.

Reauthentication Period  Specifies the number of seconds after which a connected client must be reauthenticated. The range is 300 to 4294967295 seconds. The default value is 3600 seconds.

Quiet Period  Specifies the time that a switch port waits after Max EAP Requests is exceeded before attempting to acquire a new client. The range is 1 to 65535 seconds. The default is 60 seconds.

Resending EAP  Specifies the time that the switch waits for a response to an EAP request/identity frame from the client before retransmitting an EAP packet. The range is 1 to 65535 seconds. The default is 30 seconds.

Max EAP Requests  Specifies the maximum number of times the switch port will retransmit an EAP request packet to the client before it times out the authentication session. The range is 1 to 10 times. The default is 2 retries.

SupplicantTimeout  Displays the number of seconds that lapses before EAP requests are resent to the supplicant.The range is 1 to 65535 seconds. The default is 30 seconds.

Server Timeout  The number of seconds that lapses before the switch resends a request to the authentication server The range is 1 to 65535. The default is 30 seconds.

Click Save to save your changes and leave the screen open. Click Save & Close to save your changes and close the screen. Click Close to close the screen without saving your changes.

Security > Port Security

The Port Security screen is used to configure a port’s security settings.

Network security can be increased by limiting access on a specific port only to users with specific MAC addresses. MAC addresses can be dynamically learned or statically configured.

Security > Port Security

Locked port security monitors both received and learned packets that are received on specific ports. Access to the locked port is limited to users with specific MAC addresses. These addresses are either manually defined on the port, or learned on that port up to the point when it is locked. When a packet is received on a locked port, and the packet’s source MAC address is not tied to that port (either it was learned on a different port, or it is unknown to the system), the protection mechanism is invoked, and can provide various options. Unauthorized packets arriving at a locked port are either:

Forwarded

Discarded

Cause the port to be shut down

Locked port security also enables storing a list of MAC addresses in the configuration file. The MAC address list can be restored after the device has been reset.

Disabled ports can be reactivated from the Port Settings screen of the Port Management tab.

Interface  Select Unit No. or LAG, then select the desired interface from the appropriate drop-down menu.

Lock Interface  Select this option to lock the interface. The default is not selected (interface not locked).

Learning Mode  Defines the locked port type. This field is enabled only if Lock Interface is not selected. The possible values are:

Classic Lock  Locks the port using the classic lock mechanism. The port is immediately locked, regardless of how many addresses have already been learned.

Limited Dynamic Lock  Locks the port by deleting the current dynamic MAC addresses associated with the port. The port learns up to the maximum number of addresses allowed on the port. Both relearning and aging MAC addresses are enabled.

In order to change the Learning Mode, the Lock Interface must be unselected. Once the Learning Mode is changed, the Lock Interface can be reinstated.

24/48-Port 10/100 + 4-Port Gigabit Smart Switch with Resilient Clustering Technology and PoE

31

Page 36 Page 38
Image 37
Page 36 Page 38
Contents Port or 48-Port 10/100 + About This Guide About This GuideIcon Descriptions Online ResourcesTable of Contents Snmp Global Parameters Snmp Views Snmp Group Profile SnmpGigabit Ethernet Fiber Optic Cabling Appendix B About Switch StackingAppendix G Contact Information Appendix C Glossary Appendix D SpecificationsIntroduction ChapterChapter Product Overview Switch LEDs and ports are located on the front panelProduct Overview Front PanelSwitch’s LEDs and ports are located on the front panel Power The Power port is where you connect the AC powerBack Panel Product Overview Installation Chapter InstallationPre-Installation Considerations Placement OptionsDesktop Placement Hardware InstallationRack-Mount Placement Configuring Stack Mode Uplinking the SwitchTo set up a stack with six switches, follow these steps Connect port G1 on Unit 2 to port G2 on Unit Power off the new unit 5 the former master unitConnect port G1 on Unit 3 to port G2 on Unit Using telnet Chapter Configuration Using Console InterfaceLogin screen appears. Proceed to the Login section below Login How to Use the Console InterfaceSwitch Main Menu System Configuration MenuSystem Information Management SettingsSecurity Settings User & Password SettingsIP Configuration Http Reboot System Restore System Default SettingsStack Configuration File ManagementPort Status Menu Port ConfigurationPoE Settings System ModeHelp LogoutSetup Chapter Configuration Using Web-based UtilitySetup Summary Device InformationSetup Network Settings Setup ZoomOrange The administrator has closed down this port Clicking on a port displays the Port Configuration screenSet Time Setup TimeLocal Time Daylight SavingPort Management Port Settings Setup Stack ManagementPort Management Sntp ServersPort Management Port Settings Port Configuration Port Management Link Aggregation LAG ConfigurationPort Management Lacp Port Management PoE Power SettingsVlan Management Vlan Management Port SettingVlan Management Create Vlan Vlan TableVlan Management Vlan to Port Vlan Management Port to VlanJoin Vlan to Port Statistics Rmon Statistics StatisticsStatistics Rmon History Log Table Rmon HistoryRmon History Table Add Alarm Statistics Rmon AlarmsAlarm Table Statistics Port Utilization Statistics Rmon EventsStatistics Interface Statistics Security Security 802.1x SettingsEthernet-like ParametersSecurity Port Security Setting TimerSecurity Storm Control Security Management Access ListSecurity Radius QoSBroadcast Only Counts only Broadcast traffic QoS Queue Settings QoS CoS SettingsCoS Settings CoS DefaultQoS Basic Mode QoS Dscp SettingsQoS Bandwidth Spanning Tree Global SettingSpanning Tree STP Status Spanning Tree Global STPBridge Settings Spanning Tree STP Port SettingsSpeed Displays the speed at which the port is operating Multicast Vlan Igmp SettingsMulticast Igmp Snooping Multicast Bridge MulticastSnmp Global Parameters Multicast Bridge Multicast Forward AllSnmp Group Profile Snmp ViewsSnmp Communities Snmp Group MembershipUser Name Provides a user-defined local user list Snmp Notification Recipient Snmp Notification FilterBase Table Advanced TableAdmin User Authentication AdminUser Authentication Local User EditAdmin Dynamic Address Admin Static AddressSecure The entry is defined for locked ports Admin Cable Test Admin Port MirroringQuery Clear Table If selected, this clears the MAC Address tableAdmin Save Configuration Admin Reboot Admin Firmware UpgradeAdmin Factory Default Admin Server Logs Admin LoggingAdmin Memory Logs Logout Admin Flash LogsAppendix a About Gigabit Ethernet Fiber Optic Cabling Appendix aGigabit Ethernet Fiber Optic CablingAbout Switch Stacking Appendix B About Switch StackingAppendix B Stack Building Quick StartStack Resiliency Advanced StackingUnit IDs Unit ID AllocationMaster Discovery Stack Units Startup ProcessMaster Election User Controls Unit and Port ConfigurationStacking Examples Replacing a Failed Stack Member in a Running StackStack Master Failure and Replacement Splitting a Stack Subgroup Contains Both Master Unit and Backup Master UnitBoth Stacks Kept Running During Insertion Merging Two StacksInserting Too Many Units Stacking Cable FailureAppendix C Glossary Appendix CGlossary Glossary Mail protocol on the Internet Packet a unit of data sent over a networkAppendix C Specifications Appendix D SpecificationsAppendix D Power in compliance with Ieee Class of Service Port-based 802.1p Vlan priority-basedDimensions Management VlanObtaining Warranty Service Warranty InformationAppendix E Exclusions and LimitationsTechnical Support Warranty InformationRegulatory Information Appendix FRegulatory Information Appendix F Norsk Norwegian Miljøinformasjon for kunder i EU Appendix F Contact Information Appendix G
Top Page Image Contents