Chapter 7: Security
Figure 7-11. The Network Access Server Configuration screen.
Parameter Description
Mode: Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports can forward frames.
Reauthentication Enabled: Check this box to reauthenticate successfully authenticated supplicants/clients after the interval specified by the Reauthentication Period. Reauthentication for 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached.
For MAC-based ports, reauthentication is only useful if the RADIUS server configuration has changed. It does not involve communication between the switch and the client, and doesn't imply that a client is still present on a port (see Aging Period below).
Reauthentication Period: Determines the period, in seconds, after which a connected client must be reauthenticated. This is only active if the Reauthentication Enabled checkbox is checked. Valid values are in the range of 1 to 3600 seconds.
EAPOL Timeout: Determines the time for retransmission of Request Identity EAPOL frames. Valid values are in the range of 1 to 255 seconds. This does not affect MAC-based ports.
Aging Period: This setting applies to the following modes, that is, modes using the Port Security functionality to secure MAC addresses:
• Single 802.1X
LGB5028A User‘s Manual | Page 183 | |
|
|
