D-Link DGS-1510 Series Web Ui Reference Manual page 428
Gigabit ethernet smartpro switch
Hide thumbs
Also See for DGS-1510 Series:
- Reference manual (711 pages) ,
- Getting started manual (65 pages) ,
- Hardware installation manual (64 pages)
Table of Contents
Advertisement
DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide
The table below shows the definition of Tag field (different with RFC 2868):
Tag field value
0x01
0x02
Others
(0x00, 0x03 ~ 0x1F, >0x1F)
NOTE: A tag field of greater than 0x1F is interpreted as the first octet of the following field.
If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3), and the 802.1X,
MAC-based Access Control, JWAC or WAC authentication is successful, the port will be assigned to
VLAN 3. However if the user does not configure the VLAN attributes, when the port is not guest VLAN
member, it will be kept in its current authentication VLAN, and when the port is guest VLAN member, it
will be assigned to its original VLAN.
To assign the ACL by the RADIUS server, the proper parameters should be configured on the RADIUS
server. The table below shows the parameters for an ACL.
The parameters of the Vendor-Specific Attribute are:
RADIUS Tunnel Attribute
Vendor-ID
Vendor-Type
Attribute-Specific Field
If the user has configured the ACL attribute of the RADIUS server (for example, ACL script: ip access-list
a1;permit host 10.90.90.100;exit; mac access-list extended m1;permit host 00-00-00-01-90-10 any; exit;),
and the 802.1X, MAC-based Access Control, JWAC or WAC authentication is successful, the device will
assign the ACL script according to the RADIUS server. The enter Access-List Configuration Mode and
exit Access-List Configuration Mode must be a pair, otherwise the ACP script will be reject. For more
information about the ACL module, please refer to Access Control List (ACL) Commands chapter.
String field format
VLAN name (ASCII)
VLAN ID (ASCII)
When the switch receives the VLAN setting string, it will think it is the
VLAN ID first. In other words, the switch will check all existing VLAN
IDs and check if there is one matched. If the switch can find one
matched, it will move to that VLAN. If the switch cannot find the
matched VLAN ID, it will think the VLAN setting string as a "VLAN
Name". Then it will check that it can find out a matched VLAN Name.
Description
Defines the vendor.
Defines the attribute.
Used to assign the ACL
script. The format is based
on Access Control List
(ACL) Commands.
420
Value
171 (DLINK)
14 (for ACL script)
ACL Script
For example:
ip access-list a1;permit
host 10.90.90.100;exit;
mac access-list
extended m1;permit host
00-00-00-01-90-10 any;
exit;
Usage
Required
Required
Required
Advertisement
Table of Contents
