Manuals / Brands / Computer Equipment / Switch / Planet Technology / Computer Equipment / Switch

Planet Technology WGD-800 „Ports in Authorized and Unauthorized States

1 90

Download 90 pages, 1.87 Mb

dropped. If the client does not receive an EAP-request/identity frame after three attempts to start authentication, the client transmits frames as if the port is in the authorized state. A port in the authorized state effectively means that the client has been successfully authenticated.

When the client supplies its identity, the switch begins its role as the intermediary, passing EAP frames between the client and the authentication server until authentication succeeds or fails. If the authentication succeeds, the switch port becomes authorized. For more information, see the "Ports in Authorized and Unauthorized States" section

The specific exchange of EAP frames depends on the authentication method being used. “Figure 2-43” shows a message exchange initiated by the client using the One-Time-Password (OTP) authentication method with a RADIUS server.

Ports in Authorized and Unauthorized States

The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state. While in this state, the port disallows all ingress and egress traffic except for 802.1X protocol packets. When a client is successfully authenticated, the port transitions to the authorized state, allowing all traffic for the client to flow normally.

Contents

Page Trademarks Disclaimer FCC Warning CE Mark Warning WEEE Warning Table of Contents Page Page 1. INTRODUCTION 1.1 Packet Contents 1.2 How to Use This Manual 1.3Product Feature 1.4Product Specification Standard Compliance 2. INSTALLATION 2.1 Product Description 2.1.1 Product Overview 2.1.2 Switch Front Panel 2.1.3 LED Indications 2.2 Install the Switch 2.2.1 Desktop Installation 2.2.2 Rack Mounting 3.CONSOLE MANAGEMENT 3.1Connecting to the Switch 3.2 Login in the Console Interface 3.3 Console Management 3.4 Telnet login 3.5 Commands 3.5.2 Privileged Command 3.5.2.1 Clear command 3.5.2.2 Copy command 3.5.2.3 Disable command 3.5.2.4 Reboot command 3.5.2.5 Set command Page Page 3.5.2.6 Show command Page 4. WEB-BASEDMANAGEMENT 4.1 About Web-basedManagement 4.2 Preparing for Web Management 4.3 System Login 4.4 System 4.4.1 IP Configuration 4.4.2 SNMP 4.4.2.1 Theory 4.2.2.2 SNMP Configuration Contact: “OK” 3. Community Configuration Add Community: Read only: 4.4.3 Password 4.4.4 CONSOLE 4.4.5 System Upgrade 4.4.6 Saving Parameters 4.4.7 Parameters Backup & Recovery 4.4.8 Load Default 4.4.9 Reboot 4.5 Port Management 4.5.1 Port Configuration 4.5.2 Port Statistics 4.5.3 Port Band Restrict 4.6 Redundancy 4.6.1 Spanning Tree 1. Spanning Tree Protocol Bridge Protocol Data Units Creating a Stable STP Topology STP Port States Each port on a switch using STP exists is in one of the following five states: Blocking Listening Learning Forwarding 2. STP Parameters Port Priority Port Cost Default Spanning-TreeConfiguration Feature User-ChangeableSTA Parameters 3. Illustration of STP 4.6.2 Spanning Tree Configuration 1. Spanning Tree Configuration 2. Bridge Information 3. STP Port Configuration 4.6.3 Link Aggregation 4.7 Security 4.7.1 VLAN 4.7.1.1 Theory VLAN Description Port-basedVLAN IEEE 802.1Q VLANs Tagging Untagging 802.1Q VLAN Tags 802.1Q Tag Adding an IEEE802.1Q Tag Port VLAN ID 4.7.1.2 VLAN Configuration VLAN Confirutation Port List VLAN Member “Close” “Show VLAN Member” Understand nomenclature of the Switch Port Mode VLAN Membership Frame Leave single multiple Link Type Acces Trunk Access Trunk configuration: 4.7.2 MAC Address Bind 4.7.3 MAC Address Filtering 4.7.4 MAC Address Learning 4.7.5 MAC Address Aging Time 4.7.6 802.1X Port-BasedNetwork Access Control 4.7.6.1 Theory Authentication server Switch (802.1X device) „Ports in Authorized and Unauthorized States Page 4.7.6.2 802.1X Configuration Page Radius Server •RADIUS Server IP Address •Authentication Port(1-65535) •Share Key Page Active Directory Users and Computers 4.7.6.3 802.1X Client Configuration •Configure Sample: EAP-MD5Authentication Page Page 4.8 QoS 4.8.1 Understand QOS QoS Terminology 4.8.2 QOS Configuration 1. MAC-COSMapping 2. VLAN-COSMapping 3. 802.1p-CoSMapping 4. Port-COSMapping 5. COS-QueueMapping 6. Queue Management 4.9 Multicast 4.9.1 IGMP Snooping Theory IGMP Versions 1 and “report” “leave” IGMP Snooping Configuration “Enable” IGMP Snooping Status 4.10 Port Analysis 4.10.1 Port Analysis 4.10.2 Port Mirror 4.11 Storm Control 4.12 IP Stacking 4.12.1 About IP Stacking 4.12.2 IP Stacking Configuration •Master Switch configuration •Client Switch configuration Master switch “Saving parameters” 5. TROUBLE SHOOTING 5.1 Incorrect connections 5.1.1 Faulty or loose cables 5.1.2 Non-standardcables 5.1.3 Improper Network Topologies Page 6. APPENDIX 6.1 Console Port Pin Assignments 6.2 100BASE-TX/10BASE-TPin Assignments 7. APPENDIX-B „802.1Q VLAN Multi-UntaggedVLAN setting sample Add/Modify add close Egress Policy PVID=2 PVID=3 Part No. 2081-A92310-001