Cisco SD208T-EU User Guide - Page 41

Security > 802.1x Settings, Setting Timer, Security > Ports Security

Get Cisco SD208T-EU PDF manuals and user guides View all Cisco SD208T-EU manuals
Add to My Manuals
Save this manual to your list of manuals

Page 41 highlights

Chapter 5 Advanced Configuration Security > 802.1x Settings Security > 802.1x Settings Port based authentication enables authenticating system users on a per-port basis via an external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the RADIUS server using the Extensible Authentication Protocol (EAP). Enable 802.1x Place a checkmark in the check box to enable 802.1x authentication. Port Indicates the port name. Status Port Control Specifies the port authorization state. The possible field values are as follows: •• Force-Authorized The controlled port state is set to Force-Authorized (forward traffic). •• Force-Unauthorized The controlled port state is set to Force-Unauthorized (discard traffic). Enable Periodic Reauthentication Permits immediate port reauthentication. Setting Timer The Setting Timer button opens the Setting Timer screen to configure ports for 802.1x functionality. Setting Timer 802.1x Settings > Setting Timer Port Indicates the port name. 8-Port 10/100 Ethernet Switch with Webview Reauthentication Period Specifies the number of seconds in which the selected port is reauthenticated (Range: 300-4294967295). The field default is 3600 seconds. Quiet Period Specifies the number of seconds that the switch remains in the quiet state following a failed authentication exchange (Range: 0-65535). Resending EAP Specifies the number of seconds that the switch waits for a response to an EAP - request/identity frame, from the supplicant (client), before resending the request. Max EAP Requests The total amount of EAP requests sent. If a response is not received after the defined period, the authentication process is restarted. The field default is 2 retries. SupplicantTimeout Displays the number of seconds that lapses before EAP requests are resent to the supplicant (Range: 1-65535). The field default is 30 seconds. Server Timeout Specifies the number of seconds that lapses before the switch resends a request to the authentication server (Range: 1-65535). The field default is 30 seconds. Security > Ports Security Security > Ports Security Network security can be increased by limiting access on a specific port only to users with specific MAC addresses. MAC addresses can be dynamically learned or statically configured. Locked port security monitors both received and learned packets that are received on specific ports. Access to the locked port is limited to users with specific MAC addresses. These addresses are either manually defined on the port, or learned on that port up to the point when it is locked. When a packet is received on a locked port, and the packet source MAC address is not tied 35

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
Chapter 5
Advanced Configuration
35
8-Port 10/100 Ethernet Switch with Webview
Security > 802.1x Settings
Security > 802.1x Settings
Port based authentication enables authenticating system
users on a per-port basis via an external server. Only
authenticated and approved system users can transmit
and receive data. Ports are authenticated via the RADIUS
server using the Extensible Authentication Protocol
(EAP).
Enable 802.1x
Place a checkmark in the check box to
enable 802.1x authentication.
Port
Indicates the port name.
Status Port Control
Specifies the port authorization
state. The possible field values are as follows:
Force-Authorized
The controlled port state is set to
Force-Authorized (forward traffic).
Force-Unauthorized
The controlled port state is set
to Force-Unauthorized (discard traffic).
Enable Periodic Reauthentication
Permits immediate
port reauthentication.
Setting Timer
The
Setting Timer
button opens the
Setting Timer screen to configure ports for 802.1x
functionality.
Setting Timer
802.1x Settings > Setting Timer
Port
Indicates the port name.
Reauthentication
Period
Specifies
the
number
of
seconds in which the selected port is reauthenticated
(Range: 300-4294967295). The field default is
3600
seconds.
Quiet Period
Specifies the number of seconds that
the switch remains in the quiet state following a failed
authentication exchange (Range: 0-65535).
Resending EAP
Specifies the number of seconds that the
switch waits for a response to an EAP - request/identity
frame, from the supplicant (client), before resending the
request.
Max EAP Requests
The total amount of EAP requests
sent. If a response is not received after the defined period,
the authentication process is restarted. The field default
is
2
retries.
Supplicant Timeout
Displays the number of seconds that
lapses before EAP requests are resent to the supplicant
(Range: 1-65535). The field default is
30
seconds.
Server
Timeout
Specifies
the
number
of
seconds
that lapses before the switch resends a request to the
authentication server (Range: 1-65535). The field default
is
30
seconds.
Security > Ports Security
Security > Ports Security
Network security can be increased by limiting access on
a specific port only to users with specific MAC addresses.
MAC addresses can be dynamically learned or statically
configured. Locked port security monitors both received
and learned packets that are received on specific ports.
Access to the locked port is limited to users with specific
MAC addresses. These addresses are either manually
defined on the port, or learned on that port up to the
point when it is locked. When a packet is received on a
locked port, and the packet source MAC address is not tied