C
HAPTER
13
| Security Measures
Network Access (MAC Address Authentication)
– 265 –
â—† While a port has an assigned dynamic QoS profile, any manual QoS
configuration changes only take effect after all users have logged off
the port.
CONFIGURING GLOBAL
SETTINGS FOR
NETWORK ACCESS
MAC address authentication is configured on a per-port basis, however
there are two configurable parameters that apply globally to all ports on
the switch. Use the Security > Network Access (Configure Global) page to
configure MAC address authentication aging and reauthentication time.
CLI REFERENCES
â—† "Network Access (MAC Address Authentication)" on page 711
PARAMETERS
These parameters are displayed in the web interface:
◆ Aging Status – Enables aging for authenticated MAC addresses stored
in the secure MAC address table. (Default: Disabled)
This parameter applies to authenticated MAC addresses configured by
the MAC Address Authenticataion process described in this section, as
well as to any secure MAC addresses authenticated by 802.1X,
regardless of the 802.1X Operation Mode (Single-Host, Multi-Host, or
MAC-Based authentication as described on page 316).
Authenticated MAC addresses are stored as dynamic entries in the
switch’s secure MAC address table and are removed when the aging
time expires.
The maximum number of secure MAC addresses supported for the
switch system is 1024.
◆ Reauthentication Time – Sets the time period after which a
connected host must be reauthenticated. When the reauthentication
time expires for a secure MAC address, it is reauthenticated with the
RADIUS server. During the reauthentication process traffic through the
port remains unaffected. (Default: 1800 seconds;
Range: 120-1000000 seconds)
WEB INTERFACE
To configure aging status and reauthentication time for MAC address
authentication:
1. Click Security, Network Access.
2. Select Configure Global from the Step list.
3. Enable or disable aging for secure addresses, and modify the
reauthentication time as required.
4. Click Apply.
To Next Page
Loading...
Need help?
General
