Chapter 4

Advanced Configuration

RADIUS UDP Port  Enter the UDP Port of the server. The UDP port is used to verify the RADIUS server authentication. The default value is 1812.

Key String  Enter the secret key string as defined on the RADIUS server. The secret key string is used for authenticating and encrypting communications between the device and the RADIUS server.

Admin State  Sets the authentication mode to one of the following options:

AutoRequires a dot1x-aware client to be authorized by the authentication server. Clients that are not dot1xaware will be denied access.

Force-AuthorizedForces the port to grant access to all clients, either dot1x-aware or otherwise. (This is the default setting.)

Force-UnauthorizedForces the port to deny access to all clients, either dot1x-aware or otherwise.

Port State  Displays the state of the 802.1X for each port.

Re-authenticateIt will trigger the switch to ask a connected client to restart authentication process.

Force Reinitialize  It will trigger the specific port of the switch to restart 802.1X process.

Statistics  The Switch can display statistics for 802.1X protocol exchanges for any port.

Click Save Settings to save any changes.

Security > 802.1X Parameter

When 802.1X is enabled, you need to configure the parameters for the authentication process that runs between the client and the Switch. The client identity lookup process that runs between the Switch and authentication server also needs to be configured. These parameters are described in this section.

Security > 802.1X Parameter

Enable Reauthentication  Enables re-authentication.

Reauthtentication Period (1-3600 seconds)  Sets the time period after which a connected client must be reauthenticated. The default value is 3600 seconds.

EAP Timeout (1-255 seconds)  Sets the time period during an authentication session that the Switch waits before retransmitting an EAP packet. The default value is 30 seconds.

Click Save Settings to save any changes.

Security > Static MAC Address

Static MAC Address allows you to configure a switch port with the MAC address of one or more devices that are authorized to access the network through that port. The MAC address is bound to the ingress port specified on the list and does not allow the MAC address to change ports. Only incoming traffic with source addresses already stored in the static address table will be accepted as authorized to access the network through that port. MAC addresses on the list do not age out.

Security > Static MAC Address

MAC Address  Enter the specific MAC address for the system to store and decide the destination port to forward.

VLAN ID  Enter the VLAN ID associated with the specific MAC address.

Port  Select the port associated with the specific MAC address.

Click Save Settings to save any changes.

Security > Management Access List

Management Access List specifies which Source IP addresses can manage the device.

Security > Management Access List

Enable Management Access List  Enable IP Access List.

5-Port and 8-Port 10/100/1000 Gigabit Smart Switches with PD and AC Power

Page 13
Image 13
Linksys SLM2008, SLM2005 manual Security 802.1X Parameter, Security Static MAC Address, Security Management Access List