D-Link DGS-3120-24PC-EI Product Manual - Page 221
DHCP Snooping Entry, MAC-based Access Control (MAC)
View all D-Link DGS-3120-24PC-EI manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 221 highlights
xStack® DGS-3120 Series Managed Switch Web UI Reference Guide From Port / To Port Use the drop-down menus to select a range of ports to use. Maximum Entry Enter the maximum entry value. Click the Apply button to accept the changes made. DHCP Snooping Entry This window is used to view dynamic entries on specific ports. To view this window, click Security > IP-MAC-Port Binding (IMPB) > DHCP Snooping > DHCP Snooping Entry as shown below: Figure 8-24 DHCP Snooping Entry window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select the desired port. Ports (e.g.: 1, 7-12) Specify the ports for which to view DHCP snooping entries. Tick the All check box to clear entries for all ports. Click the Find button to locate a specific entry based on the port number selected. Click the Clear button to clear all the information entered in the fields. Click the View All button to display all the existing entries. MAC-based Access Control (MAC) MAC-based access control is a method to authenticate and authorize access using either a port or host. For portbased MAC-based access control, the method decides port access rights, while for host-based MAC-based access control, the method determines the MAC access rights. A MAC user must be authenticated before being granted access to a network. Both local authentication and remote RADIUS server authentication methods are supported. In MAC-based access control, MAC user information in a local database or a RADIUS server database is searched for authentication. Following the authentication result, users achieve different levels of authorization. Notes about MAC-based Access Control There are certain limitations and regulations regarding MAC-based access control: 1. Once this feature is enabled for a port, the Switch will clear the FDB of that port. 2. If a port is granted clearance for a MAC address in a VLAN that is not a Guest VLAN, other MAC addresses on that port must be authenticated for access and otherwise will be blocked by the Switch. 3. Ports that have been enabled for Link Aggregation and Port Security cannot be enabled for MAC-based Authentication. 4. Ports that have been enabled for GVRP cannot be enabled for Guest VLAN. MAC-based Access Control Settings This window is used to set the parameters for the MAC-based access control function on the Switch. The user can set the running state, method of authentication, RADIUS password, view the Guest VLAN configuration to be 213