C
ONFIGURING
THE
S
WITCH
6-60
either 802.1X-aware or otherwise. (This is the default setting.)
- Force-Unauthorized - Forces the port to deny access to all
clients, either 802.1X-aware or otherwise.
• Port State - Administrative state for port access control.
• Reset - The two available options include:
- Re-Authenticate - Schedules a re-authentication to whenever the
quiet-period of the port runs out.
- Force-Reinitialize - Bypasses the quiet-period of the port and
enables immediate re-authentication regardless of the status for
the quiet-period.
The re-authentication process verifies the connected client’s user ID and
password on the RADIUS server. During re-authentication, the client
remains connected the network and the process is handled transparently
by the dot1x client software. Only if re-authentication fails is the port
blocked.
If a re-authentication fails, the IEEE802.1X standard enforces a
so-called “quiet-period” in which the authenticator (switch) shall be
quiet and not re-try another authentication – also packets from the
supplicant are discarded during this quiet period – this way 'brute-force'
attacks are prevented.
Web – Click 802.1X, Settings. Enable 802.1X globally for the switch,
modify the global and port-specific parameters required, and click APPLY.
To Next Page
Loading...
