2.5.12 802.1x Configuration

System Configuration

802.1x makes use of the physical access characteristics of IEEE802 LAN infrastructures in order to

provide a means of authenticating and authorizing devices attached to a LAN port that has

point-to-point connection characteristics, and of preventing access to that port in cases in which the

authentication and authorization process fails.

To enable 802.1x, from

Administrator \Switch setting \Advanced

then you still to fill in the

authentication server information

Radius Server IP Address:

the IP address of the authentication server.

Server Port:

The UDP port number used by the authentication server to authenticate.

Accounting

Port:

The UDP port number used by the authentication server to retrieve accounting information.

Shared Key:

A key shared between this switch and authentication server.

NAS, Identifier:

A string used to identify this switch.

Perport Configuration

In this page, you can select the specific port and configure the Authorization State.

Each port can select four kinds of Authorization State:

- 46 -

Fu

Force the specific port to be unauthorized.

Fa

Force the specific port to be authorized.

Au

The state of the specific port was determined by the outcome of the authentication.

No

The specific port didn't support 802.1x function.

Misc Configuration

In this page, you can change the default configuration for the 802.1x standard:

Quiet Period

Used to define periods of time during which it will not attempt to acquire a supplicant

(Default time is 60 seconds).

Tx Period

Used to determine when an EAPOL PDU is to be transmitted (Default value is 30

seconds).

Supplicant Timeout

Used to determine timeout conditions in the exchanges between the supplicant

and authentication server (Default value is 30 seconds).

Server Timeout

Used to determine timeout conditions in the exchanges between the authenticator

and authentication server (Default value is 30 seconds).

Max requests

Used to determine the number of re-authentication attempts that are permitted before

the specific port becomes unauthorized (Default value is 2 times).

Reauth Period

Used to determine a nonzero number of seconds between periodic re-authentication

off the supplications (Default value is 3600 seconds).

- 47 -

2.5.13 Ping

This switch provides a simple ping function for user to check the access of specific host.

Input the host IP and the counts of ping, then press “Apply” and the result comes as following:

User can stop pinging anytime by just press “Stop” button, and it will return to Ping IP Address page.

- 48 -

2.5.14 Agent Management

This switch provides a new management tool for user to manage a group of LAN switches by an IP

agent method. “Single IP” is the name, meaning that the administrator can access other network

devices through one single IP device.

There are maximum 32 sets of information of network devices stored in the single IP switch.

Basically these network devices should provide http or telnet service for the single IP switch to

forward those protocol packets; meanwhile SNMP protocol can be also passed through if they support

SNMP service.

More over, this single IP switch has no exclusiveness, meaning that administrator can group up

network devices of any type (router, switch, gateway...) or brand without worrying their

incompatibility.

- 49 -

Agent Management

In this page, user can add or delete managed network devices here. If user disables the IP agent

function, that is,he/shesets the agent mode to “slave” in the IP setting section; this item will not show

up in the main menu.

There is a list here to display the information of managed hosts, including the IPs and the host names.

There are up to 32 sets of network devices to be clients of the IP agent switch.

Agent Control Port:

The control port defines the specific TCP/UDP port the single IP switch is

listening, which the agent manager sends its command to. Agent manager use this specific port to tell

single IP switch to change the current forwarding target host. The range of available port number is

28000 ~ 30000. The default port number is 28019.

Delete:

To remove hosts, select the hosts to be deleted from the list and press

delete

to remove them.

Launch Agent Manager:

This button launches the agent manager.

Note:

For the cause of http authentication mechanism, it happens that web browser keeps asking

administrator to input login name and password when agent manager changes a new host. Typically

web browser will keep the authentication key of the successful login host and passes it to next other

WebPages. Since single IP switch remains its URL of the master switch IP no matter what the agent

manager has change the forwarding host, new host will still receive the same authentication key as the

master switch when it requests the login authentication. If the new host has the different username and

password from the master switch, authentication failure and reentry thus happens.

It is strongly recommended that the administrator change the usernames and passwords of the

managed hosts to

the same ones

as master switch.

- 50 -