Netgear M5300-52G3 Web Management User Guide - Page 386
Port Authentication, Rule Type, Permit, Service Type, Source IP Address, Priority, APPLY, DELETE
View all Netgear M5300-52G3 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 386 highlights
ProSafe M5300 Switch 1. To add an access profile rule, configure the following settings and click Add. • Rule Type: Specify whether the rule permits or denies access to the ProSafe M5300 management interface. • Select Permit to allow access to the management interface for traffic that meets the criteria you configure for the rule. Any traffic that does not meet the rules is denied. • Select Deny to prohibit access to the management interface for traffic that meets the criteria you configure for the rule. Any traffic that does not meet the rules is allowed access to the switch. Unlike MAC ACLs and IP ACLs, there is no implied deny all rule at the end of the rule list. • Service Type. Select the type of service to allow or prohibit from accessing the switch management interface: • SNMP • HTTP • HTTPS • Source IP Address. Specify the IP Address of the client originating the management traffic. • Mask. Specify the subnet mask associated with the IP address. The subnet mask is a standard subnet mask, and not an inverse (wildcard) mask that you use with IP ACLs. • Priority. Configure priority to the rule. The rules are validated against the incoming management request in the ascending order of their priorities. If a rule matches, action is performed and subsequent rules below are ignored. For example, if a Source IP 10.10.10.10 is configured with priority 1 to permit, and Source IP 10.10.10.10 is configured with priority 2 to Deny, then access is permitted if the profile is active, and the second rule is ignored. 2. To modify an access rule, select the check box next to the Rule Type, update the desired settings, and click APPLY 3. To delete an access rule, select the check box next to the Rule Type, and click DELETE. 4. Click CANCEL to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Port Authentication In port-based authentication mode, when 802.1X is enabled globally and on the port, successful authentication of any one supplicant attached to the port results in all users being able to use the port without restrictions. At any given time, only one supplicant is allowed to attempt authentication on a port in this mode. Ports in this mode are under bidirectional control. This is the default authentication mode. The 802.1X network has three components: • Authenticators - Specifies the port that is authenticated before permitting system access. Managing Device Security 386