Home » D-Link Manuals » Hubs & Switches » D-Link 3100 24P » Manual Viewer

D-Link 3100 24P User Manual - Page 159

Defining Enable Methods, Security > Access Authentication Control > Enable Method Lists, Field

UPC - 790069304941

Add to My Manuals
Save this manual to your list of manuals

Page 159 highlights

DGS-3100 Series Gigabit Stackable Managed Switch User Manual Defining Enable Methods Network users must first login to the device on the Enable Method Lists Page. Access as non-administrative users is granted. The Enable Method Lists Page allows network mangers to assign user privileges using authentication methods on the device. Once a user is assigned a normal user level privileges the network user is authenticated and granted network access and configuration privileges. A maximum of four Enable Method Lists can be defined on the device. The Enable Method List cannot be deleted but can be configured. User authentication occurs in the order the methods are selected. If the first authentication method is not available, the next selected method is used. For example, if the selected authentication method is RADIUS, Local, and the RADIUS server is not available; the user is authenticated locally. To define authentication methods: 1. Click Security > Access Authentication Control > Enable Method Lists. The Enable Method Lists Page opens: Figure 5-14. Enable Method Lists Page The Enable Method Lists Page contains the following fields: Field Method List Name Description Defines the method list name. The field is user-defined besides the http_method_list and https_method_list which cannot be deleted or renamed. Method 1 Indicates the first method used to authenticate the network user. The possible field values are: RADIUS - User authentication occurs at the RADIUS server. TACACS+ - The user authentication occurs at the TACACS+ server. None - No user authentication occurs. Local - User authentication occurs at the device level. The device checks the user name and password for authentication. 145

Section	Page
Preface	7
System Overview	8
Viewing the Device	8
DGS-3100 Series Front Panel	8
DGS-3100-24TG Front Panel	8
Device Management Methods	9
User Guide Overview	9
Intended Audience	9
Notes, Notices, and Cautions	10
Safety Cautions	11
General Precautions for Rack-Mountable Products	12
GETTING STARTED	15
Accessing the Boot/Startup Menu Functions	16
Downloading Software	16
Set Terminal Baud-Rate	16
Defining Stacking Units	17
Using the Web-Based User Interface	18
Understanding the D-Link Embedded Web Interface	19
Using the Tool Menu	21
Displaying the Stack Status	21
Locating Devices	21
Backing up and Restoring Configuration Files	22
Resetting the Device	23
Downloading the Firmware	24
Rebooting the System	26
Using the Web System Components	27
CONFIGURING BASIC CONFIGURATION	28
Viewing Device Information	29
Defining System Information	31
Defining IP Addresses	32
Managing Stacking	33
Managing Stacking Modes	33
Advanced Stacking	33
Stack Startup Process	35
Building Stacks – Quick Start	37
Stack Management Examples	38
Configuring Stacking	44
Defining Ports	45
Configuring Port Properties	45
Viewing Port Properties	47
ARP Settings	48
Configuring User Accounts	49
Managing System Logs	51
Configuring SNTP	53
Configuring Daylight Savings Time	55
Configuring SNMP	59
Defining SNMP Views	60
Defining SNMP Groups	61
Defining SNMP Users	63
Defining SNMP Communities	65
Defining SNMP Host Table	66
Defining SNMP Engine ID	68
Enabling SNMP Traps	69
DHCP Auto Configuration	70
Dual Image Services	71
Firmware Information	71
Config Firmware Image	72
Telnet Setting	73
CONFIGURING L2 FEATURES	74
Enabling Jumbo Frames	75
Configuring VLANs	76
Understanding IEEE 802.1p Priority	76
VLAN Description	76
Notes about VLANs on the DGS-3100 Series	76
IEEE 802.1Q VLANs	76
802.1Q VLAN Tags	78
Port VLAN ID	79
Tagging and Untagging	79
Ingress Filtering	79
Default VLANs	80
VLAN and Trunk Groups	80
VLAN Status	80
Defining VLAN Properties	81
Configuring GVRP	83
Defining Trunking	85
Traffic Segmentation	87
Configuring LACP	88
Defining IGMP Snooping	89
Defining MLD Snooping	93
Configuring Port Mirroring	97
Configuring Spanning Tree	99
Defining Spanning Tree Global Parameters	100
Defining STP Port Settings	102
Defining Multiple Spanning Tree Configuration Identification	104
Defining MSTP Port Information	105
Defining Forwarding and Filtering	107
Defining Unicast Forwarding	107
Defining Multicast Forwarding	108
Defining Multicast Filtering	109
Configuring LLDP	111
Defining LLDP Global Settings	111
Defining LLDP Port Settings	112
Defining LLDP Basic TLV Settings	114
Defining LLDP Dot3 TLV Settings	115
Viewing LLDP Local Port Information	116
Viewing LLDP Remote Port Information	118
CONFIGURING QUALITY OF SERVICE	123
Understanding QoS	125
Defining Bandwidth Settings	126
Configuring Storm Control	128
Mapping Ports to Packet Priorities	129
Mapping Priority to Classes (Queues)	130
Configuring QoS Scheduling Mechanism	131
Defining Multi-Layer CoS Settings	132
SECURITY FEATURES	133
Configuring Safeguard Engine	134
Configuring Trust Host	135
Configuring Port Security	136
Configuring Guest VLANs	138
Configuring Port Authentication 802.1X	139
Configuring MAC Authentication (by using Guest VLAN, 802.1X and Radius pages)	144
Defining RADIUS Settings	147
Defining EAP Forwarding Settings	149
Configuring Secure Socket Layer Security	150
Configuring Secure Shell Security	152
Defining SSH Algorithm Settings	153
Defining Application Authentication Settings	155
Configuring Authentication Server Hosts	156
Defining Login Methods	157
Defining Enable Methods	159
Configuring Local Enable Password	161
MONITORING THE DEVICE	162
Viewing Stacking Information	163
Viewing CPU Utilization	164
Viewing Port Utilization	165
Viewing Packet Size Information	166
Viewing Received Packet Statistics	167
Viewing UMB_cast Packet Statistics	168
Viewing Transmitted Packet Statistics	169
Viewing RADIUS Authenticated Session Statistics	171
Viewing ARP Table	172
Viewing MLD Router Ports	173
Viewing Router Ports	174
Viewing Session Table	175
Viewing IGMP Group Information	176
Viewing MLD Group Information	177
Defining Dynamic and Static MAC Addresses	178
Viewing System Log	180
MANAGING POWER OVER ETHERNET DEVICES	181
Defining PoE System Information	182
Displaying and Editing PoE System Information	184
DEFINING ACCESS PROFILE LISTS	185
ACL Configuration Wizard	186
Defining Access Profile Lists	188
Defining Access Rules Lists	201
Finding ACL Rules	204
Defining Time Ranges	207
Copyright Statement: No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from D-Link Corporation/D-Link Systems, Inc., as stipulated by the United States Copyright Act of 1976 and any amendments thereto. Contents are subject to change without prior notice. Copyright 2007 by D-Link Corporation/D-Link Systems, Inc. All rights reserved.	212
FCC Statement: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communication. However, there is no guarantee that interference will not occur in a particular installation. Operation of this equipment in a residential environment is likely to cause harmful interference to radio or television reception. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:	212

Match case Limit results 1 per page

DGS-3100 Series Gigabit Stackable Managed Switch User Manual

Defining Enable Methods

Network users must first login to the device on the

Enable Method Lists

Page. Access as non-administrative users is granted.

The

Enable Method Lists

Page

allows network mangers to assign user privileges using authentication methods on the device.

Once a user is assigned a normal user level privileges the network user is authenticated and granted network access and

configuration privileges. A maximum of four Enable Method Lists can be defined on the device. The Enable Method List

cannot be deleted but can be configured.

User authentication occurs in the order the methods are selected. If the first authentication method is not available, the next

selected method is used. For example, if the selected authentication method is RADIUS, Local, and the RADIUS server is

not available; the user is authenticated locally. To define authentication methods:

Click

Security > Access Authentication Control > Enable Method Lists

. The

Enable Method Lists Page

opens:

Figure 5-14. Enable Method Lists Page

The Enable Method Lists Page contains the following fields:

Field

Description

Method List Name

Defines the method list name. The field is user-defined besides the http_method_list and

https_method_list which cannot be deleted or renamed.

Method 1

Indicates the first method used to authenticate the network user. The possible field values are:

RADIUS

— User authentication occurs at the RADIUS server.

TACACS

+ — The user authentication occurs at the TACACS+ server.

None

— No user authentication occurs.

Local

— User authentication occurs at the device level. The device checks the user name

and password for authentication.

145