Manualsbrain.com
  1. Manuels
  2. Marques
  3. 3com
  4. S7906E
  5. Manuel De Montage

3com S7906E Manuel De Montage

Télécharger
Page de 2621
 
1-2 
If the type of username is fixed username, a single username and optionally a single password are 
required for the device to authenticate all users.  
Related Concepts 
MAC Authentication Timers 
The following timers function in the process of MAC authentication: 
Offline detect timer: At this interval, the device checks to see whether there is traffic from a user. 
Once detecting that there is no traffic from a user within this interval, the device logs the user out 
and sends to the RADIUS server a stop accounting request.  
Quiet timer: Whenever a user fails MAC authentication, the device does not perform MAC 
authentication of the user during such a period.  
Server timeout timer: During authentication of a user, if the device receives no response from the 
RADIUS server in this period, it assumes that its connection to the RADIUS server has timed out 
and forbids the user to access the network.  
Quiet MAC Address 
When a user fails MAC authentication, the MAC address becomes a quiet MAC address, which means 
that any packets from the MAC address will be discarded silently by the device until the quiet timer 
expires. This prevents the device from authenticating an illegal user repeatedly in a short time. 
 
 
If a quiet MAC address is the same as a static MAC address configured or an MAC address that has 
passed another type of authentication, the quiet function does not take effect. 
 
VLAN Assigning 
For separation of users from restricted network resources, users and restricted resources are usually 
put into different VLANs. After a user passes identity authentication, the authorization server assigns to 
the user the VLAN where the restricted resources reside as an authorized VLAN, and the port through 
which the user accesses the device will be assigned to the authorized VLAN. As a result, the user can 
access those restricted network resources.  
ACL Assigning 
ACLs assigned by an authorization server are referred to as authorization ACLs, which are designed to 
control access to network resources. If the RADIUS server is configured with authorization ACLs, the 
device will permit or deny data flows traversing through the port through which a user accesses the 
device according to the authorization ACLs. You can change access rights of users by modifying 
authorization ACL settings on the RADIUS server.