xStack
®
DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch
266
The following parameters may be viewed or set:
Parameter Description
MAC-based Access Control Global Settings
State
Use the pull-down menu to globally enable or disable the MAC-based Access Control
function on the Switch.
Method
Use the pull-down menu to choose the type of authentication to be used when
authentication MAC addresses on a given port. The user may choose between the
following methods:
Local – Use this method to utilize the locally set MAC address database as the
authenticator for MAC-based Access Control. This MAC address list can be
configured in the MAC-based Access Control Local Database Settings window.
RADIUS – Use this method to utilize a remote RADIUS server as the authenticator for
MAC-based Access Control. Remember, the MAC list must be previously set on the
RADIUS server and the settings for the server must be first configured on the Switch.
Password
Enter the password for the RADIUS server, which is to be used for packets being sent
requesting authentication. The default password is “default”.
Guest VLAN
Displays the name of the previously configured Guest VLAN being used for this
function. Clicking the hyperlinked name will send the web manager to Guest VLAN
configuration screen for MAC-based Authentication.
Guest VLAN ID
Displays the VLAN ID of the previously configured Guest VLAN being used for this
function. Clicking the hyperlinked Guest VLAN ID will send the Web manager to
Guest VLAN configuration window for MAC-based Authentication.
Guest VLAN Member Ports
Displays the list of ports that have been configured for the Guest VLAN.
Max User(1-4000)
Specifies to set the maximum number of authorized clients on the device. The default
value is 128. “No limit” means 4000, the maximum number of authenticated users on
the device.
Authentication FailOver
When Authentication FailOver is Disabled, if the RADIUS servers are unreachable,
the authentication will fail. When the authentication FailOver is Enabled, if the
RADIUS servers are unreachable, the local database will be used to do the
authentication. Authentication FailOver is Disabled by default.
MAC-based Access Control Authorization Network Settings
Radius Authorization
If Enabled, the authorized data assigned by the RADIUS server will be accepted when
the global authorization network is enabled. The default state is Enabled.
Local Authorization
If Enabled, the authorized data assigned by the Local database will be accepted if the
global authorization network is enabled. The default state is Enabled.
MAC-based Access Control Port Settings
From Port/To Port
Enter the Port range.
State
Use the pull-down menu to enable or disable the MAC-based Access Control function
on individual ports.
Mode
Port Based: In this mode, if one of the attached hosts is successfully authorized, all
hosts on the same port will be granted access to the network. If the port authorization
fails, this port will continue authenticating.
Host Based: In this mode, every user can individually authenticate and access the
network.
To Next Page
Loading...
Need help?
General