D-Link DWS-3160-24TC DWS-3160 Series Web UI Reference Guide - Page 499

DWS-3160 Series Gigabit Ethernet Unified Switch Web UI Reference Guide Client-ACL-Up (121) Vendor-Specific (26), D-Link (171), Client-Policy-Dn (122) Vendor-Specific (26), D-Link (171), Client-Policy-Up (123) Tunnel-Type (64) Tunnel-Medium-Type (65) Tunnel-Private-Group-ID (81) inbound (up) direction. If this attribute is not present then the Client QoS Default ACL Up Type and Name parameters defined in the Network configuration are used instead. If this attribute is present but refers to an undefined access list name in the system, all packets for this client will be dropped until the ACL is defined. Name of DiffServ policy to be applied to 802.1X authenticated wireless client traffic in the outbound (down) direction. If this attribute is not present then the Client QoS Default Policy Down parameter defined in the Network configuration is used instead. If this attribute is present but refers to an undefined policy name in the system, all packets for this client will be dropped until the DiffServ policy is defined. Name of DiffServ policy to be applied to 802.1X authenticated wireless client traffic in the inbound (up) direction. If this attribute is not present then the Client QoS Default Policy Up parameter defined in the Network configuration is used instead. If this attribute is present but refers to an undefined policy name in the system, all packets for this client will be dropped until the DiffServ policy is defined. For dynamic VLAN usage. For dynamic VLAN usage. For dynamic VLAN usage. terminated) The string is of the form "type:name" where: • type = ACL type identifier: IPV4, IPV6, MAC • : = required separator character • name = 1-31 alphanumeric characters, specifying the ACL number (IPV4) or name (IPV6, MAC) Type: string 1-31 characters (not nullterminated) Type: string 1-31 characters (not nullterminated) VLAN (13) 802 VLANID Optional Optional Optional Optional Optional Known Client and MAC Authentication RADIUS Attributes The database is used to retrieve client descriptive names from the RADIUS server as well as implement MAC Authentication. An Access Point can be configured to use MAC authentication via the RADIUS to allow or deny specific client stations access to the wireless network. This is less secure but can be used for client stations that do not support 802.1X. The following table indicates the attributes that are configured in the RADIUS server entry. Attribute User-Name (1) User-Password (2) Vendor-Specific (26), D-Link (171), MAC-Authentication-Action (114) Vendor-Specifc (26), D-Link (171), Client-Nickname (115) Description Ethernet Address of the client station. A fixed password used to lookup an client MAC entry. Flag indicating what action to take if MAC authentication is enabled on the network. Descriptive Name of the client. Range Valid Ethernet MAC Address. "NOPASSWORD" 0-Global Action 1-Grant Access 2-Deny Access 0-32 Character String 494 Usage Required Required Optional Optional Default None None 0 ""