NETGEAR GS700TR Switch User Manual


  Open as PDF
of 276
 
GS700TR Smart Switch Software Administration Manual
6-22 Managing Device Security
v1.0, May, 2008
2. To add an Access Rule, enter information into the appropriate fields and click Add.
3. To delete an Access Rule, select the check box next to the Rule Type, and then click Delete.
4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the
latest value of the switch.
5. If you make changes to the page, click Apply to apply the changes to the system.
Port Authentication
In port-based authentication mode, when 802.1X is enabled globally and on the port, successful
authentication of any one supplicant attached to the port results in all users being able to use the
port without restrictions. At any given time, only one supplicant is allowed to attempt
authentication on a port in this mode. Ports in this mode are under bidirectional control. This is the
default authentication mode.
Table 6-16. Access Rule Configuration Fields
Field Description
Rule Type Select Permit to allow access to the switch administrative pages for
traffic that meets the criteria you configure for the rule. Any traffic that
does not meet the rules is denied.
Select Deny to prohibit access to the switch administrative pages for
traffic that meets the criteria you configure for the rule. Any traffic that
does not meet the rules is allowed access to the switch.
Service Type Select the type of service to allow or prohibit from accessing the switch
management interface:
None
•SNMP
•HTTP
•HTTPS
Source IP Address Enter Source IP Address of the client originating the management
traffic. Fill in the “Source IP address” in the text box provided.
Mask Enter the subnet mask associated with the IP address.
Priority Configure priority to the rule. The rules are validated against the
incoming management request in the ascending order of their priorities.
If a rule matches, action is performed and subsequent rules below are
ignored. For example, if a Source IP 10.10.10.10 is configured with
priority 1 to permit, and Source IP 10.10.10.10 is configured with
priority 2 to Deny, then access is permitted if the profile is active, and
the second rule is ignored.
 previous next