D-Link DFL-1600 User Manual page 159

17.4. Scenarios: User Authentication Configuration
Example:
An external user authentication server can be configured by following the
steps below:
WebUI
:
User Authentication
External User Database:
General
Name: Enter a name for the server here.
Type: The only type supported currently is Radius.
IP Address: Enter the IP address of the server here, or enter the symbolic
name if the server's address has previously been defined in the Address
Book.
Port: 1812 (RADIUS service uses registered UDP port 1812 by default.)
Retry Timeout: 2 (The firewall will resend authentication request to the
sever if there is no response after the timeout, e.g. every 2 seconds. The
firewall will retry three times as maximum.)
Shared Secret: Enter a text string here for basic encryption of the
RADIUS messages.
Confirm Secret:Retype the string to confirm the one typed above.
and then click OK
Example:
database
To enable user authentication via a Web page, first, we need to add an
Allow rule in the firewall's IP rules to let the firewall accept user's Web
browsing to its HTTP(TCP port 80) agent; second, we specify a user
authentication rule to tell the firewall how to perform the authentication,
such as which database to take for user's profile lookup, and also the
timeout restrictions; Third, another IP rule for dealing with service
requests from authenticated users should be appended under the Allow
rule from the first step. As explained in
that are not explicitly allowed by the IP rule, for example, the
unauthenticated traffic coming from the interface where authentication is
Configuring a RADIUS server
External User Databases
Enabling HTTP authentication via local user
D-Link Firewalls User's Guide
14 IP Rules, all the other traffics
139
Add