D-Link DES-1210-28P Switch User Manual


 
5 Configuration D-Link Web Smart Switch User Manual
Security > 802.1X > 802.1X Settings
Network switches provide easy and open access to resources by simply attaching a client PC. Unfortunately
this automatic configuration also allows unauthorized personnel to easily intrude and possibly gain access to
sensitive data.
IEEE-802.1X provides a security standard for network access control, especially in Wi-Fi wireless networks.
802.1X holds a network port disconnected until authentication is completed. The switch uses Extensible
Authentication Protocol over LANs (EAPOL) to exchange authentication protocol client identity (such as a
user name) with the client, and forward it to another remote RADIUS authentication server to verify access
rights. The EAP packet from the RADIUS server also contains the authentication method to be used. The
client can reject the authentication method and request another, depending on the configuration of the client
software and the RADIUS server. Depending on the authenticated results, the port is either made available
to the user, or the user is denied access to the network.
The RADIUS servers make the network a lot easier to manage for the administrator by gathering and storing
the user lists.
Figure 91 – Security > 802.1X > 802.1X Setting
By default, 802.1X is disabled. To use EAP for security, select enabled and set the 802.1X Global Settings
for the Radius Server and applicable authentication information.
RADIUS Server IP: The IP address of the external Radius Server. You need to specify an RADIUS server to
enable 802.1X authentication.
Key: Masked password matching the Radius Server Key. The max. length is 32 characters.
Confirm Key: Enter the Key a second time for confirmation.
TxPeriod (1 – 65535 sec): This sets the TxPeriod of time for the authenticator PAE state machine. This
value determines the period of an EAP Request/Identity packet transmitted to the client. Default is 24
seconds.
ReAuthEnabled: This function is to determine whether regular re-authentication will take place on this
port(s). When the 802.1X function is enabled, the switch sends an EAP-request/identity packet to client. The
ReAuthEnabled function is by default disabled.
54