Appendix D - Radius Attributes Assignment - D-Link xStack DGS-3620 Series Reference Manual
Layer 3 managed stackable gigabit switch
Hide thumbs
Also See for xStack DGS-3620 Series:
- Reference manual (1371 pages) ,
- Manual (1170 pages) ,
- Product manual (502 pages)
Table of Contents
Advertisement
®
xStack
DGS-3620 Series Layer 3 Managed Stackable Gigabit Switch Web UI Reference Guide
Appendix D – RADIUS Attributes Assignment
The RADIUS Attributes Assignment on the Switch is used in the following modules: 802.1X (Port-based and Host-
based), Japanese Web-based Access Control, Web-based Access Control, and MAC-based Access Control.
The description that follows explains the following RADIUS Attributes Assignment types:
1.
Ingress/Egress Bandwidth
2.
802.1p Default Priority
3.
VLAN
4.
ACL
To assign Ingress/Egress bandwidth by RADIUS Server, the proper parameters should be configured on the
RADIUS Server. The tables below show the parameters for bandwidth.
The parameters of the Vendor-Specific attributes are:
Vendor-Specific Attribute
Vendor-ID
Vendor-Type
Attribute-Specific Field
If the user has configured the bandwidth attribute of the RADIUS server (for example, ingress bandwidth 1000Kbps)
and the 802.1X authentication is successful, the device will assign the bandwidth (according to the RADIUS server)
to the port. However, if the user does not configure the bandwidth attribute and authenticates successfully, the
device will not assign any bandwidth to the port. If the bandwidth attribute is configured on the RADIUS server with
a value of "0", the effective bandwidth will be set "no_limited", and if the bandwidth is configured less than "0" or
greater than maximum supported value, the bandwidth will be ignored.
To assign 802.1p default priority by RADIUS Server, the proper parameters should be configured on the
RADIUS Server. The tables below show the parameters for 802.1p default priority.
The parameters of the Vendor-Specific attributes are:
Vendor-Specific Attribute
Vendor-ID
Vendor-Type
Attribute-Specific Field
If the user has configured the 802.1p priority attribute of the RADIUS server (for example, priority 7) and the 802.1X,
or MAC based authentication is successful, the device will assign the 802.1p default priority (according to the
RADIUS server) to the port. However, if the user does not configure the priority attribute and authenticates
successfully, the device will not assign a priority to this port. If the priority attribute is configured on the RADIUS
server is a value out of range (>7), it will not be set to the device.
To assign VLAN by RADIUS Server, the proper parameters should be configured on the RADIUS Server. To use
VLAN assignment, RFC3580 defines the following tunnel attributes in RADIUS packets.
Description
Defines the vendor.
Defines the attribute.
Used to assign the bandwidth of
a port.
Description
Defines the vendor.
Defines the attribute.
Used to assign the 802.1p default
priority of the port.
Value
171 (DLINK)
2 (for ingress
bandwidth)
3 (for egress
bandwidth)
Unit (Kbits)
Value
171 (DLINK)
4
0-7
632
Usage
Required
Required
Required
Usage
Required
Required
Required
Advertisement
Table of Contents
