User Guide
Table Of Contents
- Contents
- Ethernet Switch Features
- System
- L2 Feature
- VLAN
- Management
- ACL
- QoS
- Security
- Monitoring
- Diagnostics
- Maintenance
- Status
- Mode
- Report
- Suppression
86
Unknown Multicast
Enter the Unknown Multicast rate in kilobits per second. The gigabit
Ethernet ports have a maximum speed of 1000000 kilobits per
second. If the rate of broadcast traffic ingress on the interface
increases beyond the configured threshold, the traffic is dropped.
Unknown Unicast
Enter the Unknown Unicast rate in kilobits per second. The gigabit
Ethernet ports have a maximum speed of 1000000 kilobits per
second. If the rate of broadcast traffic ingress on the interface
increases beyond the configured threshold, the traffic is dropped.
Click Apply to update the system settings.
Security
802.1x
The IEEE 802.1X standard authentication uses the RADIUS (Remote Authentication Dial In User
Service) protocol to validate users and provide a security standard for network access control.
The user that wishes to be authenticated is called a supplicant. The actual server doing the
authentication, typically a RADIUS server, is called the authentication server. The mediating
device, such as a Switch, is called the authenticator. Clients connected to a port on the Switch
must be authenticated by the Authentication server (RADIUS) before accessing any services
offered by the Switch on the LAN. Use a RADIUS server to authenticate users trying to access a
network by relaying Extensible Authentication Protocol over LAN (EAPOL) packets between the
client and server. This establishes the requirements needed for a protocol between the
authenticator (the system that passes an authentication request to the authentication server) and
the supplicant (the system that requests authentication), as well as between the authenticator
and the authentication server.
Global Settings
When a supplicant is connected to a Switch port, the port issues an 802.1X authentication
request to the attached the 802.1X supplicant. The supplicant replies with the given username
and password in an authentication request, then passed to a configured RADIUS server. The
authentication server's user database supports Extended Authentication Protocol (EAP), which
allows particular guest VLAN memberships to be defined based on each individual user. Before
successful authorization, the port connected to the authenticated supplicant becomes a member
of the specified guest VLAN. When the supplicant is successfully authenticated, traffic will be
automatically assigned to the VLAN user configured in 802.1Q VLAN. The EAP authentication
methods supported by the Switch are: EAP-MD5, EAPTLS, EAP-TTLS, and EAP-PEAP.