RUGGEDCOM ROX II
CLI User Guide
Chapter 6
Security
Configuring Port Security 133
Parameter Description
• per_macaddress - Only packets from authorized MAC addresses are forwarded.
Authorized MAC addresses are either preconfigured in the static MAC address table or
learned dynamically.
• off - Disables security on the port
auto-learn { auto-learn } Synopsis: A 32-bit signed integer between 0 and 16
Default: 0
The maximum number of MAC addresses that can be learned dynamically by the port.
This includes static MAC addresses defined in the Static MAC Address table. Therefore,
the actual number of learned MAC addresses is this number minus the number of
addresses defined in the Static MAC Address table.
Security Mode must be set to either per_macaddress or dot1x_mac_auth.
shutdown-time { shutdown-time } Synopsis: A 32-bit signed integer between 1 and 86400
The time in seconds (s) the port will be disabled if a security violation occurs.
Shutdown Enable must be enabled.
admin-shutdown When enabled, the port is automatically shut down if a security violation occurs. The port
is enabled automatically after the period of time specified by Shutdown Time.
4. Configure the IEEE 802.1x settings by configuring the following parameter(s) as required:
Parameter Description
tx-period { tx-period } Synopsis: A 32-bit signed integer between 1 and 65535
Default: 30
The maximum time in seconds (s) allowed for one full set of packets to be transferred
between the port and its client.
quiet-period { quiet-period } Synopsis: A 32-bit signed integer between 0 and 65535
Default: 60
The time in seconds (s) to wait before retransmitting EAPoL packets to the client after a
failed authentication session.
reauth-enable When enabled, the port will attempt to reauthenticate the client periodically. The period
of time between each reauthentication attempt is specified by Reauthentication Period.
The port is considered unauthorized when the maximum number of reauthentication
attempts (as defined by Reauthentication Max Attempts) is exceeded.
reauth-period { reauth-period } Synopsis: A 32-bit signed integer between 60 and 86400
Default: 3600
The period of time in seconds (s) the port will wait before attempting to reauthenticate
the client.
Reauthentication must be enabled.
reauth-max { reauth-max } Synopsis: A 32-bit signed integer between 1 and 10
Default: 2
The maximum number of unsuccessful reauthentication attempts allowed, after which
the client is considered unauthorized.
Reauthentication must be enabled.
supp-timeout { supp-timeout } Synopsis: A 32-bit signed integer between 1 and 300
Default: 30
The period of time in seconds (s) the port will wait to receive the client's response to the
authentication server's request. If no response is received by the end of this period, the
authentication session fails.
server-timeout { server-timeout } Synopsis: A 32-bit signed integer between 1 and 300
Default: 30
To Next Page
Loading...
Need help?
General
