C
HAPTER
4
| Configuring the Switch
Configuring 802.1X Port Authentication
– 86 –
◆ Port State - The current state of the port:
■
Disabled - 802.1X and MAC-based authentication are globally
disabled. (This is the default state.)
■
Link Down - 802.1X or MAC-based authentication is enabled, but
there is no link on the port.
■
Authorized - The port is authorized. This state exists when 802.1X
authentication is enabled, the port has a link, the Admin State is
“802.1X,” and the supplicant is authenticated, or when the Admin
State is “Authorized.”
■
Unauthorized - The port is unauthorized. This state exists when
802.1X authentication is enabled, the port has link, and the Admin
State is “Auto,” but the supplicant is not (or not yet) authenticated,
or when the Admin State is “Unauthorized”.
■
X Auth/Y Unauth - X clients are currently authorized and Y are
unauthorized. This state is shown when 802.1X and MAC-based
authentication is globally enabled and the Admin State is set to
“MAC-Based.”
◆ Max Clients - The maximum number of hosts that can connect to a
port when the Admin State is set to “MAC-Based.” (Range: 1-112;
Default: 112)
The switch has a fixed pool of state-machines, from which all ports
draw whenever a new client is seen on the port. When a given port's
maximum is reached (counting both authorized and unauthorized
clients), further new clients are disallowed access. Since all ports draw
from the same pool, it may happen that a configured maximum cannot
be granted, if the remaining ports have already used all available state-
machines.
◆ Restart - Restarts client authentication using one of the methods
described below. Note that the restart buttons are only enabled when
the switch’s authentication mode is globally enabled (under System
Configuration) and the port's Admin State is “802.X” or “MAC-Based.”
■
Reauthenticate - Schedules reauthentication to whenever the
quiet-period of the port runs out (port-based authentication). For
MAC-based authentication, reauthentication will be attempted
immediately. The button only effects successfully authenticated
ports/clients and will not cause the port/client to be temporarily
unauthorized.
■
Reinitialize - Forces reinitialization of the port/clients, and
therefore immediately starts reauthentication. The port/clients are
set to the unauthorized state while reauthentication is ongoing.
To Next Page
Loading...
Need help?
General