Assigning Authorization Attributes - D-Link DWS-1008 User Manual
Wireless 8 port switch with poe
Hide thumbs
Also See for DWS-1008:
- Cli reference manual (531 pages) ,
- Product manual (502 pages) ,
- Installation manual (17 pages)
Table of Contents
Advertisement
DWS-1008 User's Manual
Configuring Access for Any Users of a Non-Tagged SSID
If SSID traffic from the third-party AP is untagged, use the same configuration commands
as the ones required for 802.1X users, except the set radius proxy port command. This
command is not required and is not applicable to untagged SSID traffic. In addition, when
configuring the wired authentication port, use the auth-fall-thru option to change the fallthru
authentication type to last-resort or web-portal.
On the RADIUS server, configure username web-portal-wired or last-resort-wired,
depending on the fallthru authentication type specified for the wired authentication port.
Assigning Authorization Attributes
Authorization attributes can be assigned to users in the local database or on remote servers.
The attributes, which include access control list (ACL) filters, VLAN membership, encryption
type, session time-out period, and other session characteristics, let you control how and
when users access the network. When a user or group is authenticated, the local database
or RADIUS server passes the authorization attributes to MSS to characterize the user's
session.
The VLAN attribute is required. MSS can authorize a user to access the network only if the
VLAN to place the user on is specified.
The table below lists the authorization attributes supported by MSS. (For brief descriptions
of all the RADIUS attributes and D-link vendor-specific attributes supported by MSS, as well
as the vendor ID and types for D-link VSAs configured on a RADIUS server, see Appendix B,
"Supported RADIUS Attributes").
D-Link Systems, Inc.
Configuring AAA for Network Users
294
Advertisement
Table of Contents
