D-Link DGS-1510 User Manual - Page 466
Tag field value, String field format, RADIUS Tunnel Attribute, Description, Value, Usage
View all D-Link DGS-1510 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 466 highlights
DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Tag field value (0x00, 0x03 ~ 0x1F, >0x1F) String field format VLAN IDs and check if there is one matched. If the switch can find one matched, it will move to that VLAN. If the switch cannot find the matched VLAN ID, it will think the VLAN setting string as a "VLAN Name". Then it will check that it can find out a matched VLAN Name. NOTE: A tag field of greater than 0x1F is interpreted as the first octet of the following field. If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3), and the 802.1X, MAC-based Access Control, JWAC or WAC authentication is successful, the port will be assigned to VLAN 3. However if the user does not configure the VLAN attributes, when the port is not guest VLAN member, it will be kept in its current authentication VLAN, and when the port is guest VLAN member, it will be assigned to its original VLAN. To assign the ACL by the RADIUS server, the proper parameters should be configured on the RADIUS server. The table below shows the parameters for an ACL. VSA14 ACL Script The parameters of the Vendor-Specific Attribute are: RADIUS Tunnel Attribute Description Vendor-ID Defines the vendor. Vendor-Type Defines the attribute. Attribute-Specific Field Used to assign the ACL script. The format is based on Access Control List (ACL) Commands. Value Usage 171 (DLINK) Required 14 (for ACL script) Required ACL Script Required For example: ip access-list a1;permit host 10.90.90.100;exit; mac access-list extended m1;permit host 00-00-00-01-90-10 any; exit; If the user has configured the ACL attribute of the RADIUS server (for example, ACL script: ip access- list a1;permit host 10.90.90.100;exit; mac access-list extended m1;permit host 00-00-00-01-90-10 any; exit;), and the 802.1X, MAC-based Access Control, JWAC or WAC authentication is successful, the device will assign the ACL script according to the RADIUS server. The enter Access-List Configuration Mode and exit Access-List Configuration Mode must be a pair, otherwise the ACP script will be reject. For more information about the ACL module, please refer to Access Control List (ACL) Commands chapter. NAS-Filter-Rule (92) The table below shows the parameters for NAS-Filter-Rule: RADIUS Tunnel Attribute Description NAS-Filter-Rule This attribute indicates the filter rules to be applied for the user. Value Usage A string (concatenating the Required individual filter rules, separated by a NULL (0x00) octet) 455