ZyXEL XGS4700-48F User Guide - Page 193
Guest VLAN
View all ZyXEL XGS4700-48F manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 193 highlights
Chapter 18 Port Authentication Table 44 Advanced Application > Port Authentication > 802.1x (continued) LABEL Max-Req DESCRIPTION Specify the number of times the Switch tries to authenticate client(s) before sending unresponsive ports to the Guest VLAN. Reauth Reauth-period Quiet-period Tx-period Supp-Timeout Apply Cancel This is set to 2 by default. That is, the Switch attempts to authenticate a client twice. If the client does not respond to the first authentication request, the Switch tries again. If the client still does not respond to the second request, the Switch sends the client to the Guest VLAN. The client needs to send a new request to be authenticated by the Switch again. Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to the port. Specify the length of time required to pass before a client has to re-enter his or her username and password to stay connected to the port. Specify the number of seconds the port remains in the HELD state and rejects further authentication requests from the connected client after a failed authentication exchange. Specify the number of seconds the Switch waits for client's response before re-sending an identity request to the client. Specify the number of seconds the Switch waits for client's response to a challenge request before sending another request. Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 18.2.2 Guest VLAN When 802.1x port authentication is enabled on the Switch and its ports, clients that do not have the correct credentials are blocked from using the port(s). You can configure your Switch to have one VLAN that acts as a guest VLAN. If you enable the guest VLAN (102 in the example) on a port (2 in the example), the user (A in the example) that is not IEEE 802.1x capable or fails to enter the correct username and password can still access the port, but traffic from the user is forwarded to the guest VLAN. That is, unauthenticated users can have access to limited network resources in the same guest VLAN, such as the Internet. The XGS4700-48F User's Guide 193