3Com NJ220 manual Using the Central Configuration Manager

Page 54

50CHAPTER 4: USING THE CENTRAL CONFIGURATION MANAGER

RADIUS clients. The authenticator controls port access for the network client devices connected to the switch.

When the option is set to Disable 802.1X, all packets are processed as a normal

Ethernet switch; no 802.1X control applies.

With Standard 802.1X selected, control is enabled. Once the device is authorized, the port it connects to is in the authorized state and all packets entering the port are allowed to pass through.

When the Secure 802.1X option is selected, control is enabled. In addition, the IntelliJack will check its ATU to determine if packets entering the port should be forwarded. If the device is authorized, the IntelliJack will put the MAC address of the device in the ATU and allow its packets to pass through. The NJ220 will block all other packets that don’t have the correct MAC address specified in the ATU.

You can select the MAC address filter option if a client device does not support 802.1X and wishes to connect to the network through the IntelliJack (e.g., a network printer). In this case, you can manually add the device’s MAC address associated to the port in the ATU, and packets from the network to this port will be blocked unless their MAC addresses are listed in the ATU.

802.1X with IP Phone is a special case of 802.1X secure mode. In this mode, when a 3Com IP phone is connected to the IntelliJack, the phone’s MAC address will be locked into the ATU automatically. Therefore, packets sent from the phone can pass through by default without further authentication. If 802.1X control is not required, an IP phone can connect to a port with 802.1X disabled and voice traffic will pass through without authentication.

24When 802.1X security is applied, authentication is required and reauthentication is required at specific intervals. The IntelliJack disables reauthentication by default.

When reauthentication is enabled, the default period is 3600 seconds. You could select an interval ranging from 10 to 65535 seconds. If you prefer that a supplicant device authenticates itself on a frequent basis, you would choose a small reauthentication interval. Likewise, you would increase the interval or disable the function if you were not concerned about regular authentication of the devices on your network.

25To use 802.1X, you must select a RADIUS server to act as authenticator to devices connected to the NJ220. To select a Primary or Secondary RADIUS server, click the box and the Configure button. This will open a separate window.

In this box you can Enable or Disable the server, enter the server’s IP address and the Shared Secret.

Image 54
Contents 3Com IntelliJack Switch NJ220 Marlborough, MA 3Com CorporationCampus Drive 01752-3064Contents Troubleshooting the NJ220 Installing the NJ220 Intellijack Using a particular port Following diagram shows the back view of the IntelliJack Before You Begin Component Purpose 3C NumbersInstalling Using an Integrated Switch with Power Over Ethernet Using a Multi-port Ethernet Power SupplySupply Using a Single-port Ethernet Power Supply Using the 3Com Local Power SupplyInstalling the NJ220 Intellijack Commercial Building Telecommunications Cabling Standard Installing the NJ220 Intellijack Installing the IntelliJack Installing the NJ220 Intellijack Checking the LEDs Connecting Devices toIntelliJack DescriptionInstalling the NJ220 Intellijack Installing Configuration Managers Installing the Configuration Managers Installing the Local and Central Configuration Managers Installing the Configuration Managers Installing the Local and Central Configuration Managers Installing the Configuration Managers Installing the Web Http//java.sun.com Http//YourServerIPAddress8080/3ComIJNJ/main/index.jsp Installing the Configuration Managers Using Local Configuration Manager Using the Local Configuration Manager Setting Advanced Using the Local Configuration Manager Using Central Configuration Manager Using the Central Configuration Manager Discovering NJ220 Devices on Your Network Using the Central Configuration Manager Viewing Device General Tab Port InformationProduct Information Hardware Settings Viewing Device Properties Using the Central Configuration Manager Statistics Log Snmp Settings Advanced Settings Alert Level Notifying Event Changing Device General Configuration Identification SettingsChanging Device Configuration Priority & Vlan Configuration Port Based SettingsOther Priority & Vlan Settings Using the Central Configuration Manager Security Configuration Password802.1X Using the Central Configuration Manager Changing Device Configuration Snmp Configuration Advanced Configuration Event Alert LevelsPort Based Controls Restoring Default Values Global Setting Default ValuePriority Option Multiplier Rate limiting option Port Setting Default Value Changing Device Configuration Using the Central Configuration Manager Finding Computers Upgrading the NJ220 Upgrading the NJ220 Firmware Using the Central Configuration Manager Upgrading the NJ220 Firmware Using the Central Configuration Manager Troubleshooting the NJ220 Troubleshooting the NJ220 Your 3COM Products Access Software Country Telephone Number Asia, Pacific Rim Telephone Technical Support and RepairContract requests emeacontract@3com.com US and Canada Telephone Technical Support and RepairHardware Network InterfacePerformance Environment FeaturesMIB Support Standards ConformanceRmon Counters FfffffffffffCollisions are not included but are counted in the Excessive Page Product Specifications Regulatory Information Japan Vcci Compliance