Home » D-Link Manuals » Wireless » D-Link DGS-1510 » Manual Viewer

D-Link DGS-1510 User Manual - Page 466

Tag field value, String field format, RADIUS Tunnel Attribute, Description, Value, Usage

Add to My Manuals
Save this manual to your list of manuals

Page 466 highlights

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Tag field value (0x00, 0x03 ~ 0x1F, >0x1F) String field format VLAN IDs and check if there is one matched. If the switch can find one matched, it will move to that VLAN. If the switch cannot find the matched VLAN ID, it will think the VLAN setting string as a "VLAN Name". Then it will check that it can find out a matched VLAN Name. NOTE: A tag field of greater than 0x1F is interpreted as the first octet of the following field. If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3), and the 802.1X, MAC-based Access Control, JWAC or WAC authentication is successful, the port will be assigned to VLAN 3. However if the user does not configure the VLAN attributes, when the port is not guest VLAN member, it will be kept in its current authentication VLAN, and when the port is guest VLAN member, it will be assigned to its original VLAN. To assign the ACL by the RADIUS server, the proper parameters should be configured on the RADIUS server. The table below shows the parameters for an ACL. VSA14 ACL Script The parameters of the Vendor-Specific Attribute are: RADIUS Tunnel Attribute Description Vendor-ID Defines the vendor. Vendor-Type Defines the attribute. Attribute-Specific Field Used to assign the ACL script. The format is based on Access Control List (ACL) Commands. Value Usage 171 (DLINK) Required 14 (for ACL script) Required ACL Script Required For example: ip access-list a1;permit host 10.90.90.100;exit; mac access-list extended m1;permit host 00-00-00-01-90-10 any; exit; If the user has configured the ACL attribute of the RADIUS server (for example, ACL script: ip access- list a1;permit host 10.90.90.100;exit; mac access-list extended m1;permit host 00-00-00-01-90-10 any; exit;), and the 802.1X, MAC-based Access Control, JWAC or WAC authentication is successful, the device will assign the ACL script according to the RADIUS server. The enter Access-List Configuration Mode and exit Access-List Configuration Mode must be a pair, otherwise the ACP script will be reject. For more information about the ACL module, please refer to Access Control List (ACL) Commands chapter. NAS-Filter-Rule (92) The table below shows the parameters for NAS-Filter-Rule: RADIUS Tunnel Attribute Description NAS-Filter-Rule This attribute indicates the filter rules to be applied for the user. Value Usage A string (concatenating the Required individual filter rules, separated by a NULL (0x00) octet) 455

Section	Page
Table of Contents	3
1. Introduction	12
Audience	12
Other Documentation	12
Conventions	12
Notes, Notices, and Cautions	12
2. Web-based Switch Configuration	13
Management Options	13
Connecting using the Web UI	13
Logging onto the Web UI	14
Smart Wizard	15
Step 1 - Web Mode	15
Step 2 - System IP Information	16
Step 3 - User Accounts Settings	17
Step 4 - SNMP Settings	18
Web User Interface (Web UI)	20
Areas of the User Interface	20
Standard Mode	20
Surveillance Mode	21
3. System	23
Device Information	23
System Information Settings	23
Peripheral Settings	24
Port Configuration	25
Port Settings	25
Port Status	27
Port GBIC	27
Port Auto Negotiation	28
Error Disable Settings	28
Jumbo Frame	29
Interface Description	30
PoE (PoE Switches Only)	30
PoE System	31
PoE Status	32
PoE Configuration	33
PD Alive	34
PoE Statistics	35
PoE Measurement	36
PoE LLDP Classification	37
System Log	38
System Log Settings	38
System Log Discriminator Settings	40
System Log Server Settings	41
System Log	41
System Attack Log	42
Time and SNTP	42
Clock Settings	42
Time Zone Settings	43
SNTP Settings	44
Time Range	45
4. Management	47
User Account Settings	47
Password Encryption	49
Login Method	49
SNMP	50
SNMP Global Settings	52
SNMP Linkchange Trap Settings	53
SNMP View Table Settings	54
SNMP Community Table Settings	54
SNMP Group Table Settings	56
SNMP Engine ID Local Settings	57
SNMP User Table Settings	57
SNMP Host Table Settings	58
RMON	59
RMON Global Settings	59
RMON Statistics Settings	60
RMON History Settings	61
RMON Alarm Settings	62
RMON Event Settings	63
Telnet/Web	64
Session Timeout	65
DHCP	66
Service DHCP	66
DHCP Class Settings	66
DHCP Server	67
DHCP Server Global Settings	68
DHCP Server Pool Settings	69
DHCP Server Exclude Address	71
DHCP Server Manual Binding	72
DHCP Server Dynamic Binding	73
DHCP Server IP Conflict	73
DHCP Server Statistic	74
DHCPv6 Server	75
DHCPv6 Server Pool Settings	75
DHCPv6 Server Local Pool Settings	77
DHCPv6 Server Exclude Address	77
DHCPv6 Server Binding	78
DHCPv6 Server Interface Settings	79
DHCPv6 Server Operational Information	80
DHCP Relay	80
DHCP Relay Global Settings	80
DHCP Relay Pool Settings	80
DHCP Relay Information Settings	83
DHCP Relay Information Option Format Settings	84
DHCP Relay Information Profile Settings	85
DHCP Local Relay VLAN	88
DHCPv6 Relay	88
DHCPv6 Relay Global Settings	88
DHCPv6 Relay Interface Settings	89
DHCP Auto Configuration	90
DNS	90
DNS Global Settings	91
DNS Name Server Settings	91
DNS Host Settings	92
NTP	93
NTP Global Settings	93
NTP Server Settings	94
NTP Peer Settings	95
NTP Access Group Settings	96
NTP Key Settings	97
NTP Interface Settings	98
NTP Associations	98
NTP Status	99
IP Source Interface	99
File System	100
Physical Stacking	101
Virtual Stacking (SIM)	105
Single IP Settings	108
Topology	109
File	109
Print Topology	109
Preference	110
Group	110
Add to Group	110
Remove from Group	111
Device	111
Configure	111
View	111
Refresh	111
Topology	111
Help	114
About	114
Firmware Upgrade	114
Configuration File Backup/Restore	115
Upload Log File	115
D-Link Discovery Protocol	116
5. Layer 2 Features	117
FDB	117
Static FDB	117
Unicast Static FDB	117
Multicast Static FDB	118
MAC Address Table Settings	118
MAC Address Table	120
MAC Notification	121
VLAN	122
VLAN Configuration Wizard	122
Create/Configure VLAN	122
Create VLAN	123
Configure VLAN	124
802.1Q VLAN	125
VLAN Interface	126
VLAN Interface Settings	126
Port Summary	129
802.1v Protocol VLAN	129
Protocol VLAN Profile	129
Protocol VLAN Profile Interface	130
GVRP	130
GVRP Global	130
GVRP Port	131
GVRP Advertise VLAN	132
GVRP Forbidden VLAN	133
GVRP Statistics Table	134
Asymmetric VLAN	134
MAC VLAN	135
L2VLAN Interface Description	136
Auto Surveillance VLAN	136
Auto Surveillance Properties	136
MAC Settings and Surveillance Device	138
ONVIF IP-Camera Information	139
ONVIF NVR Information	140
Voice VLAN	141
Voice VLAN Global	141
Voice VLAN Port	143
Voice VLAN OUI	144
Voice VLAN Device	144
Voice VLAN LLDP-MED Device	145
STP	145
STP Global Settings	147
STP Port Settings	149
MST Configuration Identification	150
STP Instance	152
MSTP Port Information	152
ERPS (G.8032)	153
ERPS	153
ERPS Profile	156
Loopback Detection	157
Link Aggregation	159
L2 Multicast Control	162
IGMP Snooping	162
IGMP Snooping Settings	162
IGMP Snooping Groups Settings	165
IGMP Snooping Mrouter Settings	166
IGMP Snooping Statistics Settings	167
MLD Snooping	168
MLD Snooping Settings	169
MLD Snooping Groups Settings	171
MLD Snooping Mrouter Settings	172
MLD Snooping Statistics Settings	173
Multicast Filtering	174
LLDP	175
LLDP Global Settings	175
LLDP Port Settings	177
LLDP Management Address List	178
LLDP Basic TLVs Settings	178
LLDP Dot1 TLVs Settings	180
LLDP Dot3 TLVs Settings	181
LLDP-MED Port Settings	182
LLDP Statistics Information	183
LLDP Local Port Information	184
LLDP Neighbor Port Information	185
6. Layer 3 Features	187
ARP	187
ARP Aging Time	187
Static ARP	188
Proxy ARP	188
ARP Table	189
Gratuitous ARP	190
UDP Helper	191
IP Forward Protocol	191
IP Helper Address	191
IPv4 Interface	192
IPv4 Static/Default Route	194
IPv4 Route Table	195
IPv6 Interface	196
IPv6 Neighbor	200
IPv6 Static/Default Route	200
IPv6 Route Table	201
IPMC	202
IP Multicast Global Settings	202
IP Multicast Forwarding Cache	202
7. Quality of Service (QoS)	203
Basic Settings	203
Port Default CoS	203
Port Scheduler Method	204
Queue Settings	205
CoS to Queue Mapping	206
Port Rate Limiting	207
Queue Rate Limiting	208
Advanced Settings	209
DSCP Mutation Map	209
Port Trust State and Mutation Binding	210
DSCP CoS Mapping	211
CoS Color Mapping	212
DSCP Color Mapping	213
Class Map	214
Aggregate Policer	215
Policy Map	218
Policy Binding	221
8. Access Control List (ACL)	222
ACL Configuration Wizard	222
ACL Access List	241
Standard IP ACL	242
Extended IP ACL	245
Standard IPv6 ACL	254
Extended IPv6 ACL	258
Extended MAC ACL	266
Extended Expert ACL	270
ACL Interface Access Group	282
ACL VLAN Access Map	283
ACL VLAN Filter	284
9. Security	286
Port Security	286
Port Security Global Settings	286
Port Security Port Settings	287
Port Security Address Entries	288
802.1X	289
802.1X Global Settings	293
802.1X Port Settings	294
Authentication Session Information	295
Authenticator Statistics	296
Authenticator Session Statistics	296
Authenticator Diagnostics	297
AAA	297
AAA Global Settings	297
Application Authentication Settings	298
Application Accounting Settings	298
Authentication Settings	299
Accounting Settings	301
Server RADIUS Dynamic Author Settings	303
RADIUS	304
RADIUS Global Settings	304
RADIUS Server Settings	305
RADIUS Group Server Settings	306
RADIUS Statistic	307
TACACS+	308
TACACS+ Global Settings	308
TACACS+ Server Settings	309
TACACS+ Group Server Settings	310
TACACS+ Statistic	311
IMPB	311
IPv4	312
DHCPv4 Snooping	312
DHCP Snooping Global Settings	312
DHCP Snooping Port Settings	313
DHCP Snooping VLAN Settings	314
DHCP Snooping Database	314
DHCP Snooping Binding Entry	315
Dynamic ARP Inspection	316
ARP Access List	316
ARP Inspection Settings	317
ARP Inspection Port Settings	319
ARP Inspection VLAN	320
ARP Inspection Statistics	320
ARP Inspection Log	321
IP Source Guard	321
IP Source Guard Port Settings	321
IP Source Guard Binding	322
IP Source Guard HW Entry	323
Advanced Settings	324
IP-MAC-Port Binding Settings	324
IP-MAC-Port Binding Blocked Entry	325
IPv6	326
IPv6 Snooping	326
IPv6 ND Inspection	327
IPv6 RA Guard	328
IPv6 DHCP Guard	328
IPv6 Source Guard	329
IPv6 Source Guard Settings	329
IPv6 Neighbor Binding	330
DHCP Server Screening	331
DHCP Server Screening Global Settings	331
DHCP Server Screening Port Settings	332
ARP Spoofing Prevention	333
BPDU Attack Protection	334
MAC Authentication	335
Web-based Access Control	336
Web Authentication	338
WAC Port Settings	339
WAC Customize Page	340
Japanese Web-based Access Control	341
JWAC Global Settings	341
JWAC Port Settings	343
JWAC Customize Page Language	344
JWAC Customize Page	345
Network Access Authentication	346
Guest VLAN	346
Network Access Authentication Global Settings	347
Network Access Authentication Port Settings	349
Network Access Authentication Sessions Information	350
Safeguard Engine	351
Safeguard Engine Settings	352
CPU Protect Counters	353
CPU Protect Sub-Interface	353
CPU Protect Type	354
Trusted Host	355
Traffic Segmentation Settings	355
Storm Control Settings	357
DoS Attack Prevention Settings	359
SSH	360
SSH Global Settings	361
Host Key	362
SSH Server Connection	362
SSH User Settings	363
SSL	363
SSL Global Settings	364
Crypto PKI Trustpoint	365
SSL Service Policy	366
Network Protocol Port Protection Settings	367
10. OAM	368
Cable Diagnostics	368
DDM	368
DDM Settings	369
DDM Temperature Threshold Settings	370
DDM Voltage Threshold Settings	370
DDM Bias Current Threshold Settings	371
DDM TX Power Threshold Settings	372
DDM RX Power Threshold Settings	372
DDM Status Table	373
11. Monitoring	374
Utilization	374
Port Utilization	374
Statistics	375
Port	375
Port Counters	377
Counters	378
Mirror Settings	379
sFlow	381
sFlow Agent Information	381
sFlow Receiver Settings	382
sFlow Sampler Settings	383
sFlow Poller Settings	384
Device Environment	384
12. Green	385
Power Saving	385
EEE	387
13. Toolbar	388
Save	388
Save Configuration	388
Tools	388
Firmware Upgrade & Backup	388
Firmware Upgrade from HTTP	388
Firmware Upgrade from TFTP	389
Firmware Backup to HTTP	389
Firmware Backup to TFTP	390
Configuration Restore & Backup	391
Configuration Restore from HTTP	391
Configuration Restore from TFTP	391
Configuration Backup to HTTP	392
Configuration Backup to TFTP	393
Log Backup	393
Log Backup to HTTP	393
Log Backup to TFTP	394
Ping	395
Trace Route	397
Language Management	399
Reset	399
Reboot System	400
Wizard	400
Online Help	400
D-Link Support Site	400
User Guide	400
Surveillance Mode	401
Logout	401
14. Surveillance Mode	402
Surveillance Overview	402
Surveillance Topology	402
Device Information	406
Port Information	407
Group Details	408
IP-Camera Information	409
NVR Information	410
PoE Information	412
PoE Scheduling	413
Management	414
File System	414
Time	416
Clock Settings	416
SNTP Settings	417
Surveillance Settings	418
Surveillance Log	419
Health Diagnostic	420
Toolbar	421
Wizard	421
Tools	421
Firmware Upgrade & Backup	421
Firmware Upgrade from HTTP	421
Firmware Backup to HTTP	422
Configuration Restore & Backup	422
Configuration Restore from HTTP	422
Configuration Backup to HTTP	423
Language Management	423
Reset	424
Reboot System	424
Save	425
Save Configuration	425
Help	425
Online Help	426
D-Link Support Site	426
User Guide	426
Standard Mode	426
Logout	426
Appendix A - System Log Entries	427
802.1X	427
AAA	427
ARP Spoofing Prevention	430
Auto Save Configuration	430
Auto Surveillance VLAN	430
BPDU Attack Protection	431
Configuration/Firmware	431
DAI	434
DDM	435
DHCPv6 Client	435
DHCPv6 Relay	436
DNS Resolver	437
DoS Prevention	437
ErrDisable	437
Interface	438
JWAC	438
LACP	439
LBD	439
LLDP-MED	440
Login/Logout CLI	441
MAC-based Access Control	443
MSTP Debug Enhancement	444
Peripheral	446
PoE	447
Port Security	448
Safeguard	448
SNMP	448
SSH	448
Stacking	448
Storm Control	450
System Log Summary	450
Telnet	451
Voice-VLAN	451
Web	452
Web-Authentication	453
Appendix B - Trap Entries	454
802.1X	454
Authentication Fail	454
BPDU Attack Protection	454
DDM	454
DHCP Server Screen Prevention	455
DoS Prevention	455
ErrDisable	455
General Management	456
Gratuitous ARP Function	456
IMPB	456
LACP	456
LBD	457

Match case Limit results 1 per page

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide

455

Tag field value

String field format

(0x00, 0x03 ~ 0x1F, >0x1F)

VLAN IDs and check if there is one matched. If the switch can find

one matched, it will move to that VLAN. If the switch cannot find the

matched VLAN ID, it will think the VLAN setting string as a “VLAN

Name”. Then it will check that it can find out a matched VLAN

Name.

NOTE:

A tag field of greater than 0x1F is interpreted as the first octet of the following

field.

If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3), and the

802.1X, MAC-based Access Control, JWAC or WAC authentication is successful, the port will be

assigned to VLAN 3. However if the user does not configure the VLAN attributes, when the port is not

guest VLAN member, it will be kept in its current authentication VLAN, and when the port is guest

VLAN member, it will be assigned to its original VLAN.

To assign the

ACL

by the RADIUS server, the proper parameters should be configured on the

RADIUS server. The table below shows the parameters for an ACL.

VSA14 ACL Script

The parameters of the Vendor-Specific Attribute are:

RADIUS Tunnel Attribute

Description

Value

Usage

Vendor-ID

Defines the vendor.

171 (DLINK)

Required

Vendor-Type

Defines the attribute.

14 (for ACL script)

Required

Attribute-Specific Field

Used to assign the ACL

script. The format is based

Access Control List

(ACL) Commands

ACL Script

For example:

ip access-list a1;permit

host 10.90.90.100;exit;

mac access-list

extended m1;permit host

00-00-00-01-90-10 any;

exit;

Required

If the user has configured the ACL attribute of the RADIUS server (for example, ACL script: ip access-

list a1;permit host 10.90.90.100;exit; mac access-list extended m1;permit host 00-00-00-01-90-10

any; exit;), and the 802.1X, MAC-based Access Control, JWAC or WAC authentication is successful,

the device will assign the ACL script according to the RADIUS server. The enter

Access-List

Configuration Mode

and exit

Access-List Configuration Mode

must be a pair, otherwise the ACP

script will be reject. For more information about the ACL module, please refer to

Access Control List

(ACL) Commands

chapter.

NAS-Filter-Rule (92)

The table below shows the parameters for NAS-Filter-Rule:

RADIUS Tunnel Attribute

Description

Value

Usage

NAS-Filter-Rule

This attribute indicates the

filter rules to be applied for

the user.

A string (concatenating the

individual filter rules,

separated by a NULL

(0x00) octet)

Required