D-Link DGS-1250 User Manual - Page 319
Appendix C - RADIUS Attributes Assignment
View all D-Link DGS-1250 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 319 highlights
DGS-1250 Series Gigabit Ethernet Smart Managed Switch Web UI Reference Guide Appendix C - RADIUS Attributes Assignment The RADIUS Attributes Assignment on the Switch is used in the 802.1X module. The descriptions that follow explain the VLAN RADIUS Attributes Assignment type. To assign the VLAN by the RADIUS server, the proper parameters should be configured on the RADIUS server. To use VLAN assignment, RFC 3580 defines the following tunnel attributes in RADIUS packets. The table below shows the parameters for a VLAN: RADIUS Tunnel Attribute Tunnel-Type Tunnel-Medium-Type Tunnel-Private-Group-ID Description This attribute indicates the tunneling protocol(s) to be used (in the case of a tunnel initiator) or the tunneling protocol in use (in the case of a tunnel terminator). This attribute indicates the transport medium being used. This attribute indicates group ID for a particular tunneled session. Value 13 (VLAN) 6 (802) A string (VID) Usage Required Required Required A summary of the Tunnel-Private-Group-ID Attribute format is shown below. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | Type | Length | Tag | String... The table below shows the definition of Tag field (different with RFC 2868): Tag field value 0x01 0x02 Others (0x00, 0x03 ~ 0x1F, >0x1F) String field format VLAN name (ASCII) VLAN ID (ASCII) When the Switch receives the VLAN setting string, it will think it is the VLAN ID first. In other words, the Switch will check all existing VLAN IDs and check if there is one matched. If the Switch can find one matched, it will move to that VLAN. If the Switch cannot find the matched VLAN ID, it will think the VLAN setting string as a "VLAN Name". Then it will check that it can find out a matched VLAN Name. NOTE: A tag field of greater than 0x1F is interpreted as the first octet of the following field. If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3) and the 802.1X authentication is successful, the port will be assigned to VLAN 3. However if the user does not configure the VLAN attributes, when the port is not guest VLAN member, it will be kept in its current authentication VLAN, and when the port is guest VLAN member, it will be assigned to its original VLAN. 310