Guest Vlan; Configuring The Guest Vlan By Using The Cli - D-Link DWS-3000 Series Configuration Manual

Unified wired & wireless access system

Hide thumbs Also See for DWS-3000 Series:

User manual (266 pages)

Deployment manual (7 pages)

Configuration manual (61 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

page of 192

/ 192
Contents
Table of Contents
Bookmarks

Table of Contents

Guest VLAN

The Guest VLAN feature allows a switch to provide a distinguished service to unauthenticated

users. This feature provides a mechanism to allow visitors and contractors to have network

access to reach external network with no ability to surf internal LAN.

When a client that does not support 802.1X is connected to an unauthorized port that is

802.1X-enabled, the client does not respond to the 802.1X requests from the switch.

Therefore, the port remains in the unauthorized state, and the client is not granted access to the

network. If a guest VLAN is configured for that port, then the port is placed in the configured

guest VLAN and the port is moved to the authorized state, allowing access to the client.

Client devices that are 802.1X-supplicant-enabled authenticate with the switch when they are

plugged into the 802.1X-enabled switch port. The switch verifies the credentials of the client

by communicating with an authentication server. If the credentials are verified, the

authentication server informs the switch to 'unblock' the switch port and allows the client

unrestricted access to the network; i.e., the client is a member of an internal VLAN.

Guest VLAN Supplicant mode is a global configuration for all the ports on the switch. When a

port is configured for Guest VLAN in this mode, if a client fails authentication on the port, the

client is assigned to the guest VLAN configured on that port. The port is assigned a Guest

VLAN ID and is moved to the authorized status. Disabling the supplicant mode does not clear

the ports that are already authorized and assigned Guest VLAN IDs.

Configuring the Guest VLAN by Using the CLI

To enable the Guest VLAN Supplicant Mode, use the

command in Global Config mode.

To configure a VLAN as guest VLAN on a per port basis, enter the Interface Config mode for

the port and use the

dot1x guest-vlan <vlan-id>

802.1X Network Access Control

dot1x guest-vlan supplicant

command.

Guest VLAN

107

Table of Contents

Guest Vlan; Configuring The Guest Vlan By Using The Cli - D-Link DWS-3000 Series Configuration Manual

Guest VLAN

Configuring the Guest VLAN by Using the CLI

Related Manuals for D-Link DWS-3000 Series

Related Content for D-Link DWS-3000 Series

Table of Contents