Security > Mac-Based Access Control (Mac) > Mac-Based Access Control Local Settings; Security > Mac-Based Access Control (Mac) > Mac-Based Access Control Authentication State - D-Link DGS-1210/ME User Manual
Metro ethernet switch series
Hide thumbs
Also See for DGS-1210/ME:
- Reference manual (522 pages) ,
- Hardware installation manual (53 pages) ,
- Reference manual (465 pages)
Table of Contents
Advertisement
4 Configuration
DGS-1210 series Metro Ethernet Managed Switch User Manual
Security > MAC-based Access Control (MAC) > MAC-based Access Control Local Settings
Users can set a list of M AC addresses, along with their corresponding target VLAN, which will be
authenticated for the Switch. Once a queried MAC address is matched in this window, it will be placed in the
VLAN associated with it he re. The Switch administrator may enter up to 128 MAC addresses to be
authenticated using the local method configured here.
Figure 4.144 – Security > MAC-based Access Control (MAC) > MAC-based Access Control Local Settings
To add a MAC address to the local authentication list, enter the MAC address and the target VLAN ID into
their appropriate fields and click Add. To search for a specific MAC Address, enter the MAC address in the
first field and then click the Find By MAC button. To search for a specific VLAN Name, enter the VID in the
second field and then click the Find By VLAN button.
Security > MAC-based Access Control (MAC) > MAC-based Access Control Authentication State
The MAC-based Access Control Authentication State page allows user to configure the authentication state
of ports.
Figure 4.145 – Security > MAC-based Access Control (MAC) > MAC-based Access Control Authentication State
Web-based Access Control (WAC)
Web-based Authentication Login is a feature designed to authenticate a user when the user is trying to
access the Internet via the Switch. The authentication process uses the HTT P protocol. The Switch enters
the authenticating stage when users attempt to browse Web pages (e.g., http://www.dlink.com) through a
Web browser. When the Switch detects HTTP packets and this port is un-authenticated, the Switch will
launch a pop-up user name and password window to query users. Users are not able to access the Internet
until the authentication process is passed.
The Switch can be the authentication server itself and do the authentication based on a local database, or be
a RADIUS client and perform the authentication process via the RADIUS protocol with a remote RADIUS
server. The client user initiates the authentication process of WAC by attempting to gain Web access.
D-Link's implementation of WAC uses a virtual IP that is exclusively used by the WAC function and is not
known by any other modules of the Switch. In fact, to avoid affecting a Switch's other features, WAC will only
use a virtual IP address to communicate with hosts. Thus, all authentication requests must be sent to a
virtual IP address but not to the IP address of the Switch's physical interface. Virtual IP works like this, when
a host PC communicates with the WAC Switch through a virtual IP, the virtual IP is transformed
into the physical IPIF (IP interface) address of the Switch to make the communication possible. The host PC
and other servers' IP configurations do not depend on the virtual IP of WAC. The virtual IP does not respond
to any ICMP packets or ARP requests,
which means it is not allowed to configure a virtual IP on the same subnet as the Switch's IPIF (IP interface)
or the same subnet as the host PCs' subnet.
84
Hide quick links:
Advertisement
Table of Contents
