Manuals / MicroNet Technology / Computer Equipment / Switch

MicroNet Technology SP1659P user manual Supplicant, Authenticator, Authentication server

Models: SP1659P

1 123

Download 123 pages 31.25 Kb

Page 46

Supplicant:

Supplicant:

It is an entity being authenticated by an authenticator. It is used to communicate with the Authenticator PAE (Port Access Entity) by exchanging the authentication message when the Authenticator PAE request to it.

Authenticator:

An entity facilitates the authentication of the supplicant entity. It controls the state of the port, authorized or unauthorized, according to the result of authentication message exchanged between it and a supplicant PAE. The authenticator may request the supplicant to re-authenticate itself at a configured time period. Once start re-authenticating the supplicant, the controlled port keeps in the authorized state until re-authentication fails.

A port acting as an authenticator is thought to be two logical ports, a controlled port and an uncontrolled port. A controlled port can only pass the packets when the authenticator PAE is authorized, and otherwise, an uncontrolled port will unconditionally pass the packets with PAE group MAC address, which has the value of 01-80-c2-00-00-03 and will not be forwarded by MAC bridge, at any time.

Authentication server:

A device provides authentication service, through EAP, to an authenticator by using authentication credentials supplied by the supplicant to determine if the supplicant is authorized to access the network resource.

When Supplicant PAE issues a request to Authenticator PAE, Authenticator and Supplicant exchanges authentication message. Then, Authenticator passes the request to RADIUS server to verify. Finally, RADIUS server replies if the request is granted or denied.

While in the authentication process, the message packets, encapsulated by Extensible Authentication Protocol over LAN (EAPOL), are exchanged between an authenticator PAE and a supplicant PAE. The Authenticator exchanges the message to authentication server using EAP encapsulation. Before successfully authenticating, the supplicant can only touch the authenticator to perform authentication message exchange or access the network from the uncontrolled port.

45

Image 46

MicroNet Technology SP1659P user manual Supplicant, Authenticator, Authentication server

Contents

User’s Manual PoE Management SwitchModel No. SP1659P WEB-BASED USER INTERFACE INSTALLATIONINTRODUCTION Table of ContentSPECIFICATION TEXT-BASED USER INTERFACE1.2 Key Features 1.1 Package Content1. Introduction Operation 1.3 Physical DescriptionStatus 10/100M Port #1 - #242.2 Rack-mount Installation 2. Installation2.1 Installation without the Rack 2.3 Installing Network Cables2.4 Installation of mini-GBIC module 2.5 Power Supply over Ethernet cable3.1 Setting up Connection 3. Web-based User Interface3.2 Web Management Overview 3.3 System 3.3.1 System Information3.3.2 IP Configuration y DHCP Settingy IP address 3.3.3 Time Configurationy Subnet mask y Default gateway y DNSy NTP y Manualy Daylight Saving 3.3.4 Account Configuration 3.3.5 Management Policyy VID y Access Type3.3.6 Virtual Stack y IP Range3.4 Port Configuration 3.4.1 Statusy Link y Port Noy Media y StateTx Pause Connector TypeRx Pause Fiber TypeBaud Rate 3.4.2 ConfigurationTemperature Vendor OUIy State 3.4.3 Simple Countery Flow Control y Speed / Duplex3.4.4 Detailed Counter 3.5.1 PoE Status 3.5 PoETx Broadcast Packets 3.5.2 PoE Configuration 3.6 SNMP y Get/Set/Trap Community 3.7 DHCP Booty SNMP y Trap3.8 IGMP Snooping y IGMP snooping mode selectiony IP Address 3.9 VLAN3.9.1 VLAN Mode y VLAN IDy SVL 3.9.2 Tag-based Groupy Symmetric Vlan y Double Tagy VLAN Name y Default Priority3.9.3 PVID y Membery Add Group 3.9.4 Port-based Groupy Drop Untag y Delete Group3.10 MAC 3.10.2 Maintenance3.10.1 Information y Learning Limit 3.10.3 Staticy Aging Time y MACy Forwarding RuleDrop Policy 3.10.4 MAC Aliasy Queue Priority y Port3.11 GVRP 3.11.1 Configy GVRP State Setting address and alias name directly3.11.2 GVRP Counter y Default Applicant Modey Default Registrar Mode y Normaly Transmitted 3.11.3 Groupy Received y VID3.12.1 Status y Edit Administrative Control3.12 STP y Refreshy Root Port 3.12.2 STP Configurationy Current Forward Delay y Root Path Costy Max. Age y Forward Delayy Spanning Tree Protocol y Force Versiony Port Status 3.12.3 STP Port Configurationy Configured Path Cost y Path Cost Status3.13 Trunk y Admin Edge Porty Admin Point To Point y Priority3.13.1 Trunk Port Setting / Status LACP y MethodNone Staticy Member Ports 3.13.2 Aggregator Viewy Aggregator y Ready Portsy Key 3.14 802.1x Configuration3.13.3 LACP System Config y Trunk StatusAuthentication server AuthenticatorSupplicant Page y Port Number 3.14.1 Statey Radius Server y Secret Key3.14.3 Security y Disable Mode3.14.2 Mode y 802.1x Modey Port Control y reAuthEnabledy 802.1x with Multihost mode y reAuthMax1-10y serverTimeout1-65535 s 3.15 Alarmy suppTimeout1-65535 s 3.15.1 Event3.15.2 Email/SMS y Email3.16.1 Save/Restore 3.16 Configurationy SMS 3.17.1 Mirror 3.16.2 Config File3.17 Security y Export File Path3.17.2 Isolated Group 3.17.3 Restricted Group3.18.1 Ingress 3.18 Bandwidth3.18.2 Egress y Storm Type 3.19 QoS3.18.3 Storm y Storm Rate3.19.1 Global 3.19.2 VIP 3.19.3 802.1p3.19.4 D/T/R/M - Type ToS 3.19.5 DSCP 3.20.2 Loopback Test 3.20 Diagnostics3.20.1 Diagnostics 3.20.3 Ping3.21 TFTP Server 3.22 Log3.23 Firmware Upgrade 3.24 Reboot3.25 Logout 4.1 Setup the Connection 4. Text-based User Interface4.2.2 exit 4.2 Global Command4.2.1 end NoneSyntax help 4.2.3 help4.2.4 history ExampleDescription 4.2.5 restore default4.2.6 restore user Possible value None Example4.2.8 save user 4.3 Local Command4.3.1 set max-requestset quiet-period set reAuthEnabledset port-control Syntaxset state set serverTimeoutset reAuthPeriod Argumentshow mode set suppTimeoutset txPeriod show parameterArgument None Possible value None Example show securityshow state Argument None Possible value None Exampleshow 4.3.2 accountmodify Syntax showdel mail-address 4.3.3 alarmemail Possible value # 1 to ExampleExample eventsSyntax SyntaxSyntax show set Syntaxshow Argument None Possible value None Exampleshow Syntax show 4.3.4 autologout4.3.5 bandwidth autologoutExample set ingress-rateset storm-rate Argumentexport user-conf 4.3.6 config-fileexport start import startset export-path 4.3.7 dhcp-bootset dhcp-boot set import-path4.3.9 firmware set upgrade-path4.3.8 diag diagenable upgradedisable 4.3.10 gvrpSyntax set applicant range normalnon-participant set applicantDescription To set default applicant mode for each port. Argument range port range, syntax 1,5-7, available from 1 toPossible value set registrarset restricted ExampleArgument none Possible value none Example set timershow config show countershow group 4.3.11 hostname4.3.12 igmp-snooping hostname4.3.13 ip disable dhcpenable dhcp set dns4.3.14 log disable auto-uploadenable auto-upload Syntax show DescriptionSyntax Upload 4.3.15 mac-tableupload aliasSyntax Show informationsearch set agingPossible value set learningExample ExamplePossible value vid 1 to 4094 queue 0 to 3 rule 0 to 2 port 1 to 4.3.16 Managementstatic-mac ExamplePossible value none Example deleteSyntax delete # editArgument 4.3.17 poeset priority Possible valueExample set statePossible value show4.3.18 port disable stateenable state clear countershow conf set speed-duplexPossible value range 1 to show detail-counter4.3.19 qos disable 1qdisable dscp show simple-counterenable 1q disable qosdisable tos enable dscpset pri-tag enable tosset dscp set schePossible value set vipArgument ExampleDiffServ Queue DiffServ Queue DiffServ Queue DiffServ Queue Syntax reboot 4.3.20 rebootreboot 4.3.21 securitydisable Mirrorenable Argument None Possible value None ExamplePossible value port0 to 4.3.22 snmpRestricted Group disablePossible value range 1 to Example 4.3.23 stpMCheck Syntaxdisable set configset port enableset version show configDescription To display the configuration of STP Possible value Noneset device-name 4.3.24 systemset contact set locationset server 4.3.25 tftp4.3.26 time set daylightsavingset ntp Possible value hr -5 to +5set manual Exampleset hash 4.3.27 trunkdel trunk Possible value method 0~2 Exampleshow aggtr-view show lacp-configset trunk show lacp-detaildel tag-group vid 4.3.28 vlandel port-group name Exampledisable svl disable double-tagdisable drop-untag disable symmetricset port-group enable svlenable symmetric set pvidExample set tag-groupshow config Argument4.3.29 vs Syntax disableSyntax enable show pvidDescription To set role set gidset role Example5. Specification Key Features