TRENDnet TPE-1620WS User's Guide - Page 69

Security, Con Port Access Control, Port Access Control

Get TRENDnet TPE-1620WS PDF manuals and user guides View all TRENDnet TPE-1620WS manuals
Add to My Manuals
Save this manual to your list of manuals

Page 69 highlights

TRENDnet User's Guide Security This chapter contains information about the Port-based security features and the procedures for setting this feature. Configure Port Access Control Security > Port Access Control This section contains information and configuration procedures for the Port-based Access Control. Port-based Network Access Control (IEEE 802.1x) is used to control who can send traffic through and receive traffic from a switch port. With this feature, the switch does not allow an end node to send or receive traffic through a port until the user of the node logs on by entering a user name and password. This feature can prevent an unauthorized individual from connecting a computer to a port or using an unattended workstation to access your network resources. Only those users to whom you have assigned a user name and password are able to use the switch to access the network. This feature can be used with one of two authentication methods: • The RADIUS authentication protocol requires that a remote RADIUS server is present on your network. The RADIUS server performs the authentication of the user name and password combinations. • The Dial-in User (local) authentication method allows you to set up the authentication parameters internally in the switch without an external server. In this case, the user name and password combinations are entered in the associated with an optional VLAN when they are defined. Based on these entries, the authentication process is done locally by the Web Management Utility using a standard EAPOL transaction. Note: RADIUS with Extensible Authentication Protocol (EAP) extensions is the only supported authentication server for this feature. 1. Log into your switch management page (see "Access your switch management page" on page 11). 2. Click on Security and click on Port Access Control. © Copyright 2013 TRENDnet. All Rights Reserved. TPE-1620WS 3. Review the settings. Click Apply to save the settings. Configure the following parameters as required: • NAS ID - This parameter assigns an 802.1x identifier to the switch that applies to all ports. The NAS ID can be up to sixteen characters. Valid characters are 0 to 9, a to z, and A to Z. Spaces are allowed. Specifying an NAS ID is optional. • Port Access Control - This parameter enables or disables Port Access Control. Select one of the following choices from the pulldown menu: o Enable: The Port Access Control feature is activated. o Disable: The Port Access Control feature is de-activated. • Authentication Method - This parameter indicates the authentication method used by the switch. Select one of the following choices: o RADIUS: This parameter configures port security for remote authentication. After completing steps, you must configure the "RADIUS Client" section. o Local: This parameter configures port security for local authentication. After completing steps, you must configure the parameters for "Dial-in User- Local Authentication" section. o TACACS+: This parameter configures port security for terminal authentication. After completing steps, you must configure the "TACACS+ Settings" section. 4. Click Save Settings to Flash (menu). 5. Click Save Settings to Flash (button), then click OK. Note: This step saves all configuration changes to the NV-RAM to ensure that if the switch is rebooted or power cycled, the configuration changes will still be applied. 69

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
© Copyright 2013 TRENDnet. All Rights Reserved.
TRENDnet User’s Guide
TPE-1620WS
69
Security
This chapter contains information about the Port-based security features and the
procedures for setting this feature.
Configure Port Access Control
Security > Port Access Control
This section contains information and configuration procedures for the
Port-based Access Control. Port-based Network Access Control (IEEE 802.1x) is used to
control who can send traffic through and receive traffic from a switch port. With this
feature, the switch does not allow an end node to send or receive traffic through a port
until the user of the node logs on by entering a user name and password.
This feature can prevent an unauthorized individual from connecting a computer to a
port or using an unattended workstation to access your network resources. Only those
users to whom you have assigned a user name and password are able to use the switch
to access the network.
This feature can be used with one of two authentication methods:
The RADIUS authentication protocol requires that a remote RADIUS server is
present on your network. The RADIUS server performs the authentication of
the user name and password combinations.
The Dial-in User (local) authentication method allows you to set up the
authentication parameters internally in the switch without an external server.
In this case, the user name and password combinations are entered in the
associated with an optional VLAN when they are defined. Based on these
entries, the authentication process is done locally by the Web Management
Utility using a standard EAPOL transaction.
Note:
RADIUS with Extensible Authentication Protocol (EAP) extensions is the only
supported authentication server for this feature.
1. Log into your switch management page (see “
Access your switch management page
on page 11).
2. Click on
Security
and click on
Port Access Control
.
3. Review the settings. Click
Apply
to save the settings.
Configure the following parameters as required:
NAS ID
- This parameter assigns an 802.1x identifier to the switch that applies
to all ports. The NAS ID can be up to sixteen characters. Valid characters are 0
to 9, a to z, and A to Z. Spaces are allowed. Specifying an NAS ID is optional.
Port Access Control
- This parameter enables or disables Port Access Control.
Select one of the following choices from the pulldown menu:
o
Enable:
The Port Access Control feature is activated.
o
Disable:
The Port Access Control feature is de-activated.
Authentication Method
- This parameter indicates the authentication method
used by the switch. Select one of the following choices:
o
RADIUS:
This parameter configures port security for remote
authentication. After completing steps, you must configure the
“RADIUS Client” section.
o
Local:
This parameter configures port security for local authentication.
After completing steps, you must configure the parameters for “Dial-in
User— Local Authentication” section.
o
TACACS+:
This parameter configures port security for terminal
authentication. After completing steps, you must configure the
“TACACS+ Settings” section.
4. Click
Save Settings to Flash (menu)
.
5. Click
Save Settings to Flash (button)
, then click
OK.
Note:
This step saves all configuration changes to the NV-RAM to ensure that if the
switch is rebooted or power cycled, the configuration changes will still be applied.