D-Link DGS-3620-52P-SE-LIC Reference Guide - Page 352
ND Snooping Entry, MAC-based Access Control (MAC)
View all D-Link DGS-3620-52P-SE-LIC manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 352 highlights
xStack® DGS-3620 Series Managed Switch Web UI Reference Guide maximum number of the learned entries. Click the Apply button to accept the changes made. ND Snooping Entry This window is used to view dynamic entries on specific ports. To view this window, click Security > IP-MAC-Port Binding (IMPB) > ND Snooping > ND Snooping Entry as shown below: Figure 8-33 ND Snooping Entry window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. Port Use the drop-down menu to select the desired port. Ports Specify the ports for ND snooping entries. Tick the All Ports check box to select all entries for all ports. Click the Find button to locate a specific entry based on the port number selected. Click the Clear button to clear all the information entered in the fields. Click the View All button to display all the existing entries. MAC-based Access Control (MAC) MAC-based access control is a method to authenticate and authorize access using either a port or host. For portbased MAC-based access control, the method decides port access rights, while for host-based MAC-based access control, the method determines the MAC access rights. A MAC user must be authenticated before being granted access to a network. Both local authentication and remote RADIUS server authentication methods are supported. In MAC-based access control, MAC user information in a local database or a RADIUS server database is searched for authentication. Following the authentication result, users achieve different levels of authorization. Notes about MAC-based Access Control There are certain limitations and regulations regarding MAC-based access control: 1. Once this feature is enabled for a port, the Switch will clear the FDB of that port. 2. If a port is granted clearance for a MAC address in a VLAN that is not a Guest VLAN, other MAC addresses on that port must be authenticated for access and otherwise will be blocked by the Switch. 3. Ports that have been enabled for Link Aggregation and Port Security cannot be enabled for MAC-based Authentication. 4. Ports that have been enabled for GVRP cannot be enabled for Guest VLAN. 342