D-Link DGS-1520 User Manual - Page 595
Parameter, Description, RADIUS Tunnel Attribute, Value, Usage, Forward IPv4 and IPv6 traffic
View all D-Link DGS-1520 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 595 highlights
DGS-1520 Series Gigabit Ethernet Smart Managed Switch Web UI Reference Guide Parameter any DST-IP-ADDR DST-IP-NET-ADDR DST-IPV6-ADDR DST-IPV6-NET-ADDR tcp, udp, icmp ip IP-PROT-VALUE TCP-PORT-RANGE UDP-PORT-RANGE ICMP-TYPE Description Specifies any source IP address or any destination IP address to be configured. Specifies a specific destination host IP address. Specifies a group of destination IP addresses with a mask width of the form 1.2.3.4/24. Specifies a specific destination host IPv6 address. Specifies a group of destination IPv6 network of the form 2000::1/64. Specifies Layer 4 protocols. Specifies that any protocol will match. Specifies the IP protocol value. The valid value is from 0 to 255. (Optional) Specifies to match TCP port or port range. The form is like 22-23, 80. (Optional) Specifies to match UDP port or port range. The form is like 56, 67-68. (Optional) Specifies the ICMP message type. The valid number for the message type is from 0 to 255. Example This example shows how to deny host's telnet service on the RADIUS server. Nas-filter-Rule="deny in tcp from any to any 23" Nas-filter-Rule+="permit in ip from any to any" This example shows how to limit host to access a group of IP address on the RADIUS server. Nas-filter-Rule="permit in ip from any to 10.10.10.1/24" Nas-filter-Rule+="permit in ip from any to fe80::d1:1/64" The parameters of the Vendor-Specific Attribute are: RADIUS Tunnel Attribute Vendor-ID Vendor-Type Attribute-Specific Field Description Defines the vendor. Defines the attribute. IPv6 filter rule. Used to accept IPv6 address related inputs. Value 171 (DLINK) 14 (for ACL script) This attribute indicates either of the following IP modes for NASFilter-Rule 1=Forward IPv4 and IPv6 traffic 2=Forward IPv4-only traffic (drop any IPv6 traffic) If this attribute is not assigned by RADIUS server, forward IPv4only traffic, any IPv6 packet will be dropped. Usage Required Required Required NOTE: If both proprietary ACL script (VSA14) and standard NAS-Filter-Rule (92) are assigned at the same time, NAS-Filter-Rule (92) will take effect, and VSA14 will be ignored. 585