D-Link DGS-1510 User Manual - Page 467
Filter Rule Format, Parameter, Description, RADIUS Tunnel Attribute, Value, Usage
View all D-Link DGS-1510 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 467 highlights
DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Filter Rule Format Use the permit command to add a permit entry. Use the deny command to add a deny entry. {permit | deny} in tcp from any to {any | DST-IP-ADDR | DST-IP-NET-ADDR | DST-IPV6-ADDR | DST-IPV6-NET-ADDR} [TCP-PORT-RANGE] {permit | deny} in udp from any to {any | DST-IP-ADDR | DST-IP-NET-ADDR | DST-IPV6-ADDR | DST-IPV6-NET-ADDR} [UDP-PORT-RANGE] {permit | deny} in icmp from any to {any | DST-IP-ADDR | DST-IP-NET-ADDR | DST-IPV6-ADDR | DST-IPV6-NET-ADDR} [ICMP-TYPE] {permit | deny} in ip from any to {any | DST-IP-ADDR | DST-IP-NET-ADDR | DST-IPV6-ADDR | DST-IPV6-NET-ADDR} {permit | deny} in IP-PROT-VALUE from any to {any | DST-IP-ADDR | DST-IP-NET-ADDR | DSTIPV6-ADDR | DST-IPV6-NET-ADDR} Parameters Parameter in any DST-IP-ADDR DST-IP-NET-ADDR DST-IPV6-ADDR DST-IPV6-NET-ADDR tcp, udp, icmp ip IP-PROT-VALUE TCP-PORT-RANGE UDP-PORT-RANGE ICMP-TYPE Description Specifies the ingress traffic. Specifies any source IP address or any destination IP address to be configured. Specifies a specific destination host IP address. Specifies a group of destination IP addresses with a mask width of the form 1.2.3.4/24. Specifies a specific destination host IPv6 address. Specifies a group of destination IPv6 network of the form 2000::1/64. Specifies Layer 4 protocols. Specifies that any protocol will match. Specifies the IP protocol value. The valid value is from 0 to 255. (Optional) Specifies to match TCP port or port range. The form is like: 22-23, 80. (Optional) Specifies to match UDP port or port range. The form is like: 56, 67-68. (Optional) Specifies the ICMP message type. The valid number for the message type is from 0 to 255. Example This example shows how to deny host's telnet service on the RADIUS server. Nas-filter-Rule="deny in tcp from any to any 23" Nas-filter-Rule+="permit in ip from any to any" This example shows how to limit host to access a group of IP address on the RADIUS server. Nas-filter-Rule="permit in ip from any to 10.10.10.1/24" Nas-filter-Rule+="permit in ip from any to fe80::d1:1/64" The parameters of the Vendor-Specific Attribute are: RADIUS Tunnel Attribute Description Vendor-ID Defines the vendor. Value 171 (DLINK) Usage Required 456