Chapter 18 Port Authentication

 

 

 

 

Table 47 Advanced Application > Port Authentication > 802.1x (continued)

 

LABEL

DESCRIPTION

 

Max-Req

Specify the number of times the Switch tries to authenticate client(s)

 

 

before sending unresponsive ports to the Guest VLAN.

 

 

This is set to 2 by default. That is, the Switch attempts to authenticate a

 

 

client twice. If the client does not respond to the first authentication

 

 

request, the Switch tries again. If the client still does not respond to the

 

 

second request, the Switch sends the client to the Guest VLAN. The

 

 

client needs to send a new request to be authenticated by the Switch

 

 

again.

 

 

 

 

Reauth

Specify whether a subscriber has to periodically re-enter his or her

 

 

username and password to stay connected to the port.

 

 

 

 

Reauth-period

Specify how often a client has to re-enter his or her username and

 

 

password to stay connected to the port.

 

 

 

 

Quiet-period

Specify the number of seconds the port remains in the HELD state and

 

 

rejects further authentication requests from the connected client after a

 

 

failed authentication exchange.

 

 

 

 

Tx-period

Specify the number of seconds the Switch waits for client’s response

 

 

before re-sending an identity request to the client.

 

 

 

 

Supp-Timeout

Specify the number of seconds the Switch waits for client’s response to a

 

 

challenge request before sending another request.

 

 

 

 

Apply

Click Apply to save your changes to the Switch’s run-time memory. The

 

 

Switch loses these changes if it is turned off or loses power, so use the

 

 

Save link on the top navigation panel to save your changes to the non-

 

 

volatile memory when you are done configuring.

 

 

 

 

Cancel

Click Cancel to begin configuring this screen afresh.

 

 

 

18.2.2 Guest VLAN

When 802.1x port authentication is enabled on the Switch and its ports, clients that do not have the correct credentials are blocked from using the port(s). You can configure your Switch to have one VLAN that acts as a guest VLAN. If you enable the guest VLAN (102 in the example) on a port (2 in the example), the user (A in the example) that is not IEEE 802.1x capable or fails to enter the correct username and password can still access the port, but traffic from the user is forwarded to the guest VLAN. That is, unauthenticated users can have access to limited network resources in the same guest VLAN, such as the Internet. The

MGS3700-12C User’s Guide

199

Page 199
Image 199
ZyXEL Communications metrogigabit switch manual Guest Vlan, 199

metrogigabit switch specifications

ZyXEL Communications has long been a prominent player in the networking hardware industry, providing innovative solutions that cater to both business and consumer markets. Among their notable offerings is the Metrogigabit switch, a device designed to meet the high demands of modern networks.

The ZyXEL Metrogigabit switch is primarily aimed at service providers and large enterprises, recognizing the need for seamless connectivity in an increasingly digital world. This switch is engineered for scalability, enabling users to effortlessly expand their network as their operational needs grow. With support for high bandwidth, it is particularly suited for environments requiring extensive data traffic management, such as data centers and campus networks.

One of the standout features of the Metrogigabit switch is its high-density gigabit Ethernet ports, which provide a backbone for reliable data transmission. The switch typically supports multiple 10G SFP+ uplinks, ensuring fast and efficient connections to upstream devices. This capability allows users to configure their networks to handle large volumes of data quickly and without interruption.

In terms of technology, the Metrogigabit switch leverages advanced Layer 2 and Layer 3 functionalities. This includes features such as VLAN support for traffic segmentation, Quality of Service (QoS) for prioritizing mission-critical applications, and robust multicast management. These capabilities contribute to enhanced network efficiency and performance.

Another characteristic that sets the ZyXEL Metrogigabit switch apart is its built-in security features. The device is designed to protect network integrity through mechanisms like port security, access control lists, and advanced authentication protocols. This focus on security helps prepare businesses to counteract potential threats in a landscape where cyber attacks are increasingly sophisticated.

Moreover, the switch is equipped with a user-friendly management interface, which simplifies the process of monitoring and configuring network settings. This is complemented by support for SNMP and RMON, allowing network administrators to leverage tools for effective performance monitoring.

In summary, the ZyXEL Metrogigabit switch is an essential tool for organizations seeking robust performance, reliability, and security in their networking infrastructure. With its high-density ports, flexible configuration options, and comprehensive management features, it provides a strong foundation for building efficient and scalable networks. Whether for service providers or enterprises, this switch stands out as a reliable choice in the fast-evolving technological landscape.