PORT AUTHENTICATION

371 Views

The Port Authentication page empowers the arrangement of parameters for each port. Since a portion of the setup changes are just conceivable while the port is in Force Authorized state, for example, have verification, it is suggested that you change the port control to Force Authorized before making changes. At the point when the arrangement is finished, return the port control to its past state.

Note: A port with 802.1x characterized on it can’t turn into an individual from a LAG. 802.1x and Port Security can’t be empowered on a similar port simultaneously. On the off chance that you empower port security on an interface, the Administrative Port Control can’t be changed to Auto mode.

To characterize 802.1X verification:

STEP 1: Click Security > 802.1X Authentication > Port Authentication.

This page shows verification settings for all ports. Notwithstanding the fields portrayed on the Add page, the accompanying fields are shown for each port:

  • Supplicant Status—Either Authorized or Unauthorized for an interface on which 802.1x supplicant has been empowered.
  • Credentials—Name of the certification structure utilized for the supplicant interface, so the conceivable worth is any name or N/An if the supplicant isn’t empowered. On the off chance that a port has an arranged supplicant qualification name, the incentive for the port control parameters is Supplicant. This worth supersedes some other port control data got from the port.

STEP 2: Select a port (barring the OOB port) and snap Edit.

STEP 3: Enter the parameters.

Interface—Select a port (barring the OOB port).

802.1x and port security
Figure: 802.1x and port security

Current Port Control— Displays the present port approval state. On the off chance that the state is Authorized, the port is either verified or the Administrative Port Control is Force Authorized. Alternately, in the event that the state is Unauthorized, at that point, the port is either not validated or the Administrative Port Control is Force Unauthorized. On the off chance that supplicant is empowered on an interface, the present port control will be Supplicant.

Administrative Port Control—Select the Administrative Port Authorization state. The alternatives are:

  • Force Unauthorized— Denies the interface access by moving the interface into the unapproved state. The gadget doesn’t give verification administrations to the customer through the interface.
  • Auto— Enables port-put together verification and approval with respect to the gadget. The interface moves between an approved or unapproved state dependent on the confirmation trade between the gadget and the customer.
  • Force Authorized— Authorizes the interface without verification.

RADIUS VLAN Assignment

Select to empower the Dynamic VLAN task on the chose port:

  • Disable—Feature isn’t empowered.
  • Reject—If the RADIUS server approved the supplicant, yet didn’t give a supplicant VLAN, the supplicant is dismissed.
  • Static—If the RADIUS server approved the supplicant, yet didn’t give a supplicant VLAN, the supplicant is acknowledged.

Guest VLAN—Select to empower utilizing a visitor VLAN for unapproved ports. In the event that a visitor VLAN is empowered, the unapproved port consequently joins the VLAN chose in the Guest VLAN ID field in the Port Authentication page. After a confirmation disappointment, and if visitor VLAN is enacted universally on a given port, the visitor VLAN is naturally allocated to the unapproved ports as an Untagged VLAN.

Open Access—Select to adequately confirm the port in spite of the way that confirmation crashes and burns. See Open Access.

802.1X Based Authentication—Select to empower 802.1X verification on the port.

Macintosh Based Authentication—Select to empower port verification dependent on the supplicant MAC address. Just 8 MAC-put together verifications can be utilized with respect to the port.

NOTE: For MAC validation to succeed, the RADIUS server supplicant username and secret phrase must be the supplicant MAC address. The MAC address must be in lower case letters and entered without the. or on the other hand – separators; for instance: 0020aa00bbcc.

Leave a Comment

Your email address will not be published. Required fields are marked *

This div height required for enabling the sticky sidebar