Filter
Top Products
Update with your book title 97
–
None
— No authentication method is used to authenticate the port.
–
RADIUS
— Port authentication is performed using the RADIUS server.
–
RADIUS, None
— Port authentication is performed first using the RADIUS server. If the port is
not authenticated, then no authentication method is used, and the session is permitted.
•
Guest VLAN
— Specifies whether the Guest VLAN is enabled on the device. The possible field values
are:
–
Enable
— Enables using a Guest VLAN for unauthorized ports. If a Guest VLAN is enabled, the
unauthorized port automatically joins the VLAN selected in the VLAN List field.
–
Disable
— Disables using a Guest VLAN for unauthorized ports. This is the default.
•
VLAN List
— When Guest VLAN is enabled, this field specifies which VLAN the guest will belong to.
•
Interface
— Contains an interface list.
•
User Name
— The user name as configured in the RADIUS server.
•
Admin Interface Control
— Defines the port authorization state. The possible field values are:
–
Auto
— Enables port-based authentication on the device. The interface moves between an
authorized or unauthorized state based on the authentication exchange between the device and
the client.
–
ForceAuthorized
— Indicates the interface is in an authorized state without being authenticated.
The interface re-sends and receives normal traffic without client port-based authentication.
–
ForceUnauthorized
— Denies the selected interface system access by moving the interface into
unauthorized state. The device cannot provide authentication services to the client through the
interface.
•
Current Interface Control
— The currently configured port authorization state.
• Authentication Type
— Specifies the type of authentication on the port. The possible field values are:
–
802.1x Only
— Sets the authentication type to 802.1x based authentication only.
–
MAC Only
— Sets the authentication type to MAC based authentication only.
–
802.1x & MAC
— Sets the authentication type to 802.1x based authentication and MAC based
authentication.
•
Dynamic VLAN Assignment
— Indicates whether dynamic VLAN assignment is enabled for this port.
This feature allows network administrators to automatically assign users to VLANs during the RADIUS
server authentication. When a user is authenticated by the RADIUS server, the user is automatically
joined to the VLAN configured on the RADIUS server.
– Port Lock and Port Monitor should be disabled when DVA is enabled.
– Dynamic VLAN Assignment (DVA) can occur only if a RADIUS server is configured, and port
authentication is enabled and set to 802.1x multi-session mode.
– If the Radius Accept Message doesn’t contain the supplicant’s VLAN, the supplicant is rejected.
– Authenticated ports are added to the supplicant VLAN as untagged.