5 - 28 WiNG 5.6 Access Point System Reference Guide
19. Select the Enable option within the 802.1x supplicant (client) feature to enable a username and password pair to be
used when authenticating users on this port. Use the Show option to view the actual characters comprising the password
entered in the Password field.
20. Select the Spanning Tree tab.
Spanning Tree Protocol (STP) (IEEE 802.1D standard) configures a meshed network for robustness by eliminating loops
within the network and calculating and storing alternate paths to provide fault tolerance.
STP calculation happens when a port comes up. As the port comes up and STP calculation happen, the port is set to Blocked
state. In this state, no traffic can pass through the port. Since STP calculations take up to a minute to complete, the port is
not operational there by effecting the network behind the port. Once the STP calculation is complete, the port's state is
changed to Forwarding and traffic is allowed.
Rapid Spanning Tree Protocol (RSTP) (IEEE 802.1w standard) is an evolution over the standard STP where the primary aim
was to reduce the time taken to respond to topology changes while being backward compatible with STP. PortFast quickly
changes the port state from Blocked to Forwarding to allow traffic while the STP calculation occurs.
Multiple Spanning Tree Protocol (MSTP) provides an extension to RSTP to optimize the usefulness of VLANs. MSTP allows
for a separate spanning tree for each VLAN group, and blocks all but one of the possible alternate paths within each
spanning tree topology.
If there is just one VLAN in the access point managed network, a single spanning tree works fine. However, if the network
contains more than one VLAN, the network topology defined by single STP would work, but it is possible to make better
use of the alternate paths available by using an alternate spanning tree for different VLANs or groups of VLANs.
A MSTP supported deployment uses multiple MST regions with multiple MST instances (MSTI). Multiple regions and other
STP bridges are interconnected using one single common spanning tree (CST)
MSTP includes all of its spanning tree information in a single Bridge Protocol Data Unit (BPDU) format. BPDUs are used to
exchange information bridge IDs and root path costs. Not only does this reduce the number of BPDUs required to
communicate spanning tree information for each VLAN, but it also ensures backward compatibility with RSTP. MSTP
Port Control Use the drop-down menu to set the port control state to apply to this port. Options include
force-authorized, force-unauthorized and automatic. The default setting is port-authorized.
Re Authenticate Select this setting to force clients to reauthenticate on this port. The default setting is disabled,
thus clients do not need to reauthenticate for connection over this port until this setting is
enabled.
Max Reauthenticate
Count
Set the maximum reauthentication attempts (1 - 10) before this port is moved to unauthorized.
The default setting is 2.
Maximum Request Set the maximum number of authentication requests (1 - 10) before returning a failed message
to the requesting client. The default setting is 2.
Quiet Period Set the quiet period for this port from 1 - 65,535 seconds. This is the maximum wait time 802.1x
waits upon a failed authentication attempt. The default setting is 60 seconds.
Reauthenticate
Period
Use the spinner control to set the reauthentication period for this port from 1 - 65,535 seconds.
The default setting is 60 seconds.
Port MAC
Authentication
When enabled, a port’s MAC address is authenticated, as only one MAC address is supported
per wired port. When successfully authenticated, packets from the source are processed.
Packets from all other sources are dropped. Port MAC authentication is supported on RFS4000,
RFS6000 model controllers and NX4500, NX6500 and NX9000 series service platforms.
Port MAC authentication may be enabled on ports in conjunction with Wired 802.1x settings
for a MAC Authentication AAA policy.
To Next Page
Loading...
