Table of Contents
Advertisement
Chapter 3
Device Management
Parameter
format { format }
gvrp-mode { gvrp-mode }
NOTE
Once a VLAN ID has been assigned to a switched Ethernet port, a VLAN is created and can be
configured in switch » vlans » all-vlans.
9.
If the port is in switchport mode, configure the VLAN for the port. For more information, refer to
Section 5.37.3.2, "Configuring VLANs for Switch Ethernet
10. Configure the port security settings. For more information, refer to
Security".
11. Configure the spanning tree settings. For more information, refer to
Switched Ethernet Ports and Ethernet Trunk
12. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Section 3.17.3
Configuring Port Security
Port security (or Port Access Control) provides the ability to authenticate access through individual ports, either
through IEEE 802.1x authentication, static MAC address-based authorization, or both.
Using IEEE 802.1x authentication, RUGGEDCOM ROX II authenticates a source device against a remote
RADIUS authentication server. Access is granted if the source device provides the proper credentials.
Using static MAC address-based authorization, RUGGEDCOM ROX II authenticates the source device based on
its MAC address. Access is granted if the MAC address appears on the Static MAC Address table.
NOTE
RUGGEDCOM ROX II only supports the authentication of one host per port that has the port security
mode set to 802.1x or 802.1x/MAC-Auth.
NOTE
RUGGEDCOM ROX II supports both PEAP and EAP-MD5. PEAP is more secure and is recommended
over EAP-MD5.
96
Description
port on all VLANs except the port's native VLAN will be always
tagged. It can also be configured to use GVRP for automatic
VLAN configuration.</listitem></itemizedlist>
Synopsis: { untagged, tagged }
Default: untagged
Whether frames transmitted out of the port on its native VLAN
(specified by the 'PVID' parameter) will be tagged or untagged.
Synopsis: { advertise_only, learn_advertise }
GVRP (Generic VLAN Registration Protocol) operation
on the port. There are several GVRP operation modes:
<itemizedlist><listitem>DISABLED : the port is not capable
of any GVRP processing.</listitem> <listitem>ADVERTISE
ONLY : the port will declare all VLANs existing in the switch
(configured or learned) but will not learn any VLANs.</listitem>
<listitem>ADVERTISE and LEARN : the port will declare all
VLANs existing in the switch (configured or learned) and can
dynamically learn VLANs.</listitem></itemizedlist>
Ports".
Section 3.17.3, "Configuring Port
Section 5.36.5, "Configuring STP for
Interfaces".
RUGGEDCOM ROX II
CLI User Guide
Configuring Port Security
Advertisement
Table of Contents
Troubleshooting
