Dell 3548 Manual

A SERVICE OF

next previous

Configuring Switch Information 265

•

Dynamic VLAN Assignment

— Indicates whether dynamic VLAN assignment is enabled for this port.

This feature allows network administrators to automatically assign users to VLANs during the RADIUS

server authentication. When a user is authenticated by the RADIUS server, the user is automatically

joined to the VLAN configured on a RADIUS server.

– Port Lock and Port Monitor should be disabled when DVA is enabled.

– Dynamic VLAN Assignment (DVA) can occur only if a RADIUS server is configured, and port

authentication is enabled and set to 802.1x multi-session mode.

– If the Radius Accept Message doesn’t contain the supplicant’s VLAN, the supplicant is rejected.

– Authenticated ports are added to the supplicant VLAN as untagged.

– Authenticated ports remain unauthenticated VLAN and Guest VLAN members. Static VLAN

configuration is not applied to the port.

– The following list of VLANs cannot participate in DVA: an Unauthenticated VLAN, a Dynamic

VLAN that was created by GVRP, a Voice VLAN, a Default VLAN and a Guest VLAN.

– Network administrators can delete the supplicant VLAN while the supplicant is logged in.

The supplicant is authorized during the next re-authentication if this supplicant VLAN is

re-created or a new VLAN is configured on the RADIUS server.

•

Guest VLAN

— If enabled, indicates that unauthorized users connected to this interface can access

the Guest VLAN.

–

Enable

— Enables unauthorized users to access the guest VLAN.

–

Disable

— Prevents unauthorized users from accessing the guest VLAN.

•

Periodic Reauthentication

— Reauthenticates the selected port periodically. The reauthentication

period is defined in the

Reauthentication Period (300-4294967295)

field.

–

Enable

— Enables periodic port reauthentication.

–

Disable

— Disables periodic port reauthentication.

•

Reauthentication Period (300-4294967295)

— Indicate the time span in which the selected port is

reauthenticated. The field value is seconds. The field default is 3600 seconds.

•

Reauthenticate Now

— Permits immediate port reauthentication.

–

Checked

— Enables immediate port reauthentication.

–

Disable

— Disables immediate port reauthentication.

•

Authentication Server Timeout (1-65535)

— Defines the amount of time that lapses before the

device resends a request to the authentication server. The field value is specified in seconds. The field

default is 30 seconds.

•

Resending EAP Identity Request (1-65535)

— Defines the amount of time that lapses before

EAP request are resent. The field default is 30 seconds.

•

Quiet Period (0-65535)

— Indicates the number of seconds that the device remains in the quiet state

following a failed authentication exchange. The possible field range is 0-65535. The field default is

60 seconds.