Network Setup 4-53
8. Refer to the Accounting field and define the following credentials for a primary and secondary NAC
Server.
9. Select the Re-authentication checkbox to force a periodic re-authentication with the NAC server.
Periodic repetition of the authentication process provides ongoing security for currently authorized
connections. Define an interval between 30 and 65535 seconds.
10.Refer to the Advanced field to define the authentication protocol used with the NAC Server.
Server Timeout
Enter a value (between 1 and 300 seconds) to indicate the number of elapsed
seconds causing the switch to time out on a request to the primary or secondary
NAC server.
Server Retries
Enter a value between 1 and 100 to indicate the number of times the switch
attempts to reach the primary or secondary server before giving up.
CAUTION: The server’s Timeout and Retries should be less than what is defined for an
MU’s timeout and retries. If the MU’s time is less than the server’s, a fall back to the
secondary server will not work.
Accounting Server
Address
Enter the IP address of the primary and secondary server acting as the NAC
accounting server.
Accounting Port
Enter the TCP/IP port number for the primary and secondary server acting as the
NAC accounting data source. The default port is 1813.
Accounting Shared
Secret
Provide a shared secret (password) for user credential authentication with the
primary or secondary NAC accounting server.
Accounting Timeout
Enter a value (between 1 and 300 seconds) to indicate the number of elapsed
seconds causing the switch to time out a request to the primary or secondary
accounting server.
Accounting Retries
Enter a value between 1 and 100 to indicate the number of times the switch
attempts to reach the primary or secondary NAC accounting server before giving
up.
Accounting Mode
Use the Accounting Mode drop-down menu to define the accounting mode as
either Start-Stop, Stop Only, or Start-Interim-Stop. Define the interval (in
seconds) used with the selected accounting mode.
PAP
PAP - Password Authentication Protocol sends a username and password over a
network to a server that compares the username and password to a table of
authorized users. If the username and password are matched in the table, server
access is authorized.
CHAP
CHAP is an encrypted authentication method based on Microsoft's challenge/
response authentication protocol.
DSCP/TOS
Optionally mark packets with a DiffServ CodePoint (DSCP) in its header. The DSCP
value is stored in the first 6 bits of the Type of Service (ToS) field that is part of the
standard IP header. The DCSP values are associated with a forwarding treatment
called Per Hop Behaviors (PHB). Service can be provisioned (if necessary) by
assigning a DCSP point code from 1 - 6.
To Next Page
Loading...
Need help?
General
