Dell 28xx Network Router User Manual


 
Update with your book title 97
None
— No authentication method is used to authenticate the port.
RADIUS
— Port authentication is performed using the RADIUS server.
RADIUS, None
— Port authentication is performed first using the RADIUS server. If the port is
not authenticated, then no authentication method is used, and the session is permitted.
Guest VLAN
— Specifies whether the Guest VLAN is enabled on the device. The possible field values
are:
Enable
— Enables using a Guest VLAN for unauthorized ports. If a Guest VLAN is enabled, the
unauthorized port automatically joins the VLAN selected in the VLAN List field.
Disable
— Disables using a Guest VLAN for unauthorized ports. This is the default.
VLAN List
— When Guest VLAN is enabled, this field specifies which VLAN the guest will belong to.
Interface
— Contains an interface list.
User Name
— The user name as configured in the RADIUS server.
Admin Interface Control
— Defines the port authorization state. The possible field values are:
Auto
— Enables port-based authentication on the device. The interface moves between an
authorized or unauthorized state based on the authentication exchange between the device and
the client.
ForceAuthorized
— Indicates the interface is in an authorized state without being authenticated.
The interface re-sends and receives normal traffic without client port-based authentication.
ForceUnauthorized
— Denies the selected interface system access by moving the interface into
unauthorized state. The device cannot provide authentication services to the client through the
interface.
Current Interface Control
— The currently configured port authorization state.
Authentication Type
— Specifies the type of authentication on the port. The possible field values are:
802.1x Only
— Sets the authentication type to 802.1x based authentication only.
MAC Only
— Sets the authentication type to MAC based authentication only.
802.1x & MAC
— Sets the authentication type to 802.1x based authentication and MAC based
authentication.
Dynamic VLAN Assignment
— Indicates whether dynamic VLAN assignment is enabled for this port.
This feature allows network administrators to automatically assign users to VLANs during the RADIUS
server authentication. When a user is authenticated by the RADIUS server, the user is automatically
joined to the VLAN configured on the RADIUS server.
Port Lock and Port Monitor should be disabled when DVA is enabled.
Dynamic VLAN Assignment (DVA) can occur only if a RADIUS server is configured, and port
authentication is enabled and set to 802.1x multi-session mode.
If the Radius Accept Message doesn’t contain the supplicant’s VLAN, the supplicant is rejected.
Authenticated ports are added to the supplicant VLAN as untagged.