Filter
Top Products
5 Configuration D-Link Web Smart Switch User Manual
Figure 5.78 – Security > 802.1X > 802.1X Settings
By default, 802.1X is disabled. To use EAP for security, select enabled and set the 802.1X Global Settings
for the Radius Server and applicable authentication information.
RADIUS Server IP: The IP address of the external Radius Server. You need to specify an RADIUS server to
enable 802.1X authentication.
Key: Masked password matching the Radius Server Key. The max. length is 32 characters.
Confirm Key: Enter the Key a second time for confirmation.
TxPeriod (1 – 65535 sec): This sets the TxPeriod of time for the authenticator PAE state machine. This
value determines the period of an EAP Request/Identity packet transmitted to the client. Default is 24
seconds.
ReAuthEnabled: This function is to determine whether regular re-authentication will take place on this
port(s). When the 802.1X function is enabled, the switch sends an EAP-request/identity packet to client. The
ReAuthEnabled function is by default disabled.
QuietPeriod (0 – 65535 sec): Sets the number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client. Default is 60 seconds.
SuppTimeout (1 – 65535 sec): This value determines timeout conditions in the exchanges between the
Authenticator and the client. Default is 30 seconds.
ServerTimeout (1 – 65535 sec): Sets the amount of time the switch waits for a response from the client
before resending the response to the authentication server. Default is 30 seconds.
MaxReq (1 – 10): This parameter specifies the maximum number of times that the switch retransmits an
EAP request (md-5challnege) to the client before it times out the authentication session. Default is 2 times.
ReAuthPeriod (1 – 4294967295 sec): This command affects the behavior of the switch only if periodic re-
authentication is enabled. Default is 3600.
To establish 802.1X port-specific assignments, select the From Ports / To Ports and select Enable.
802.1X Port Access Control: Three type of Port Access Control State can be "Force Authorized", "Force
UnAuthorized", and "Auto".
Select Force Authorized to disable 802.1X and cause the port to transition to the authorized state without
any authentication exchange required. This means the port transmits and receives normal traffic without
802.1X-based authentication of the client.
If Force Unauthorized is selected, the port will remain in the unauthorized state ignoring all attempts by the
client to authenticate. The Switch cannot provide authentication services to the client through the interface.
If Auto is selected, it will enable 802.1X and cause the port to begin in the unauthorized state, allowing only
EAPOL frames to be sent and received through the port. The authentication process begins when the link
state of the port transitions from down to up, or when an EAPOL-start frame is received. The Switch then
requests the identity of the client and begins relaying authentication messages between the client and the
authentication server.The default setting is Auto.
60