Cisco SD208T-EU User Guide - Page 41
Security > 802.1x Settings, Setting Timer, Security > Ports Security
View all Cisco SD208T-EU manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 41 highlights
Chapter 5 Advanced Configuration Security > 802.1x Settings Security > 802.1x Settings Port based authentication enables authenticating system users on a per-port basis via an external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the RADIUS server using the Extensible Authentication Protocol (EAP). Enable 802.1x Place a checkmark in the check box to enable 802.1x authentication. Port Indicates the port name. Status Port Control Specifies the port authorization state. The possible field values are as follows: •• Force-Authorized The controlled port state is set to Force-Authorized (forward traffic). •• Force-Unauthorized The controlled port state is set to Force-Unauthorized (discard traffic). Enable Periodic Reauthentication Permits immediate port reauthentication. Setting Timer The Setting Timer button opens the Setting Timer screen to configure ports for 802.1x functionality. Setting Timer 802.1x Settings > Setting Timer Port Indicates the port name. 8-Port 10/100 Ethernet Switch with Webview Reauthentication Period Specifies the number of seconds in which the selected port is reauthenticated (Range: 300-4294967295). The field default is 3600 seconds. Quiet Period Specifies the number of seconds that the switch remains in the quiet state following a failed authentication exchange (Range: 0-65535). Resending EAP Specifies the number of seconds that the switch waits for a response to an EAP - request/identity frame, from the supplicant (client), before resending the request. Max EAP Requests The total amount of EAP requests sent. If a response is not received after the defined period, the authentication process is restarted. The field default is 2 retries. SupplicantTimeout Displays the number of seconds that lapses before EAP requests are resent to the supplicant (Range: 1-65535). The field default is 30 seconds. Server Timeout Specifies the number of seconds that lapses before the switch resends a request to the authentication server (Range: 1-65535). The field default is 30 seconds. Security > Ports Security Security > Ports Security Network security can be increased by limiting access on a specific port only to users with specific MAC addresses. MAC addresses can be dynamically learned or statically configured. Locked port security monitors both received and learned packets that are received on specific ports. Access to the locked port is limited to users with specific MAC addresses. These addresses are either manually defined on the port, or learned on that port up to the point when it is locked. When a packet is received on a locked port, and the packet source MAC address is not tied 35