D-Link DGS-3612G Product Manual - Page 421
Compound Authentication Global Settings, 1X & IMPB Mode, IMPB & WAC/JWAC Mode
UPC - 790069296390
View all D-Link DGS-3612G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 421 highlights
xStack® DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.1X & IMPB Mode This mode adds an extra layer of security by checking the IP MAC-Binding Port Binding (IMPB) table before trying one of the supported authentication methods. The IMPB Table is used to create a "white list" that checks if the IP streams being sent by authorized hosts have been granted or not. In the above diagram the Switch port has been configured to allow clients to authenticate using 802.1X. If the client is in the IMPB table and tries to connect to the network using this authentication method and the client is listed in the white list for legal IP/MAC/port checking, access will be granted. If a client fails one of the authentication methods, access will be denied. Figure 7- 72. 802.1X & IMPB Mode example IMPB & WAC/JWAC Mode This mode adds an extra layer of security by checking the IP MAC-Binding Port Binding (IMPB) table before trying one of the supported authentication methods. The IMPB Table is used to create a 'white-list' that checks if the IP streams being sent by authorized hosts have been granted or not. In the above diagram, the Switch port has been configured to allow clients to authenticate using either WAC or JWAC. If the client is in the IMPB table and tries to connect to the network using either of these supported authentication methods and the client is listed in the white list for legal IP/MAC/port checking, access will be granted. If a client fails one of the authentication methods, access will be denied. Figure 7- 73. IMPB & WAC/JWAC Mode example Compound Authentication Global Settings To view this window, click Security > Compound Authentication > Compound Authentication Global Settings, as shown below: Figure 7- 74. Compound Authentication Global Settings window The following parameters may be set: Parameter Description Block If Block is selected, the client is always regarded as an un-authenticated. Local If Local is selected, the Switch will resort to using the local database to authenticate the client. If the client fails on local authentication, the client is regarded as un-authenticated. Otherwise, the client is regarded as an authenticated. Permit If Permit is selected, the client is always regarded as an authenticated. If the guest VLAN enabled, the client will stay at the guest VLAN, otherwise, it will stay at the original VLAN. 405