Product Manual
Page 15
Software User Manual 12/10/09 D-Link Unified Access System Adding a Local User ...370 Configuring Users in the Local Database 371 Configuring Users in a Remote RADIUS Server 372 Interface Association...373 CP Global Status ...375 Viewing CP Activation ... Supplicant Port Configuration ...387 User Login Configuration ...389 Port Access Privileges ...390 RADIUS Settings ...391 RADIUS Configuration ...391 RADIUS Server Configuration ...392 Viewing Named Server Status Information 394 RADIUS Accounting Server Configuration 395 Viewing Named Accounting Server Status 396 Clear Statistics ...397 ...
Software User Manual 12/10/09 D-Link Unified Access System Adding a Local User ...370 Configuring Users in the Local Database 371 Configuring Users in a Remote RADIUS Server 372 Interface Association...373 CP Global Status ...375 Viewing CP Activation ... Supplicant Port Configuration ...387 User Login Configuration ...389 Port Access Privileges ...390 RADIUS Settings ...391 RADIUS Configuration ...391 RADIUS Server Configuration ...392 Viewing Named Server Status Information 394 RADIUS Accounting Server Configuration 395 Viewing Named Accounting Server Status 396 Clear Statistics ...397 ...
Product Manual
Page 28
... Access Control Supplicant Port Configuration 387 Figure 276: Port Access Control Login ...389 Figure 277: Port Access Privileges ...390 Figure 278: RADIUS Configuration ...391 Page 28 Document 34CSFP6XXUWS-SWUM100-D7 D-Link Unified Access System Software User Manual 12/10/09 Figure 244: IP ACL Rule Configuration (Extended ACL Rule 347 Figure 245...
... Access Control Supplicant Port Configuration 387 Figure 276: Port Access Control Login ...389 Figure 277: Port Access Privileges ...390 Figure 278: RADIUS Configuration ...391 Page 28 Document 34CSFP6XXUWS-SWUM100-D7 D-Link Unified Access System Software User Manual 12/10/09 Figure 244: IP ACL Rule Configuration (Extended ACL Rule 347 Figure 245...
Product Manual
Page 29
...Link Unified Access System Figure 279: RADIUS Server Configuration-Add Server 393 Figure 280: RADIUS Server Configuration-Server Added 393 Figure 281: Named Server Status ...394 Figure 282: Add RADIUS Accounting Server 395 Figure 283: RADIUS Accounting Server Configuration-Server Added 396 Figure 284: RADIUS... Server Configuration-Server Added 397 Figure 285: RADIUS Clear Statistics...397 Figure 286: TACACS+ Configuration ......
...Link Unified Access System Figure 279: RADIUS Server Configuration-Add Server 393 Figure 280: RADIUS Server Configuration-Server Added 393 Figure 281: Named Server Status ...394 Figure 282: Add RADIUS Accounting Server 395 Figure 283: RADIUS Accounting Server Configuration-Server Added 396 Figure 284: RADIUS... Server Configuration-Server Added 397 Figure 285: RADIUS Clear Statistics...397 Figure 286: TACACS+ Configuration ......
Product Manual
Page 39
Software User Manual 12/10/09 D-Link Unified Access System Table 209: Policy Configuration Fields ...331 Table 210: Policy Class Definition Fields ...332 Table 211: Service Configuration Fields...334 Table 212: 802.... Customization ...367 Table 227: Local User Summary ...370 Table 228: Local User Configuration ...370 Table 229: Local User Configuration ...371 Table 230: Captive Portal User RADIUS Attributes 372 Table 231: Global Captive Portal Configuration 374 Table 232: Global Captive Portal Status ...375 Table 233: CP Activation and Activity Status 376 Table...
Software User Manual 12/10/09 D-Link Unified Access System Table 209: Policy Configuration Fields ...331 Table 210: Policy Class Definition Fields ...332 Table 211: Service Configuration Fields...334 Table 212: 802.... Customization ...367 Table 227: Local User Summary ...370 Table 228: Local User Configuration ...370 Table 229: Local User Configuration ...371 Table 230: Captive Portal User RADIUS Attributes 372 Table 231: Global Captive Portal Configuration 374 Table 232: Global Captive Portal Status ...375 Table 233: CP Activation and Activity Status 376 Table...
Product Manual
Page 40
...Link Unified Access System Software User Manual 12/10/09 Table 244: PAE Capability Configuration...387 Table 245: Dot1x Supplicant Port Configuration 387 Table 246: Port Access Control user Login Configuration Fields 389 Table 247: Port Access Privileges Fields...390 Table 248: RADIUS Configuration Fields ...391 Table 249: RADIUS... Server Configuration Fields 393 Table 250: RADIUS Server Configuration Fields 395 Table 251: RADIUS Accounting Server Configuration Fields 396 Table 252: Named...
...Link Unified Access System Software User Manual 12/10/09 Table 244: PAE Capability Configuration...387 Table 245: Dot1x Supplicant Port Configuration 387 Table 246: Port Access Control user Login Configuration Fields 389 Table 247: Port Access Privileges Fields...390 Table 248: RADIUS Configuration Fields ...391 Table 249: RADIUS... Server Configuration Fields 393 Table 250: RADIUS Server Configuration Fields 395 Table 251: RADIUS Accounting Server Configuration Fields 396 Table 252: Named...
Product Manual
Page 43
...of Service, and Auto VoIP features. • Section 6: "Configuring Access Control Lists" on page 344 describes how to manage the D-Link software ACLs. • Section 7: "Managing Device Security" on page 359 contains information about configuring switch security information such as captive ...portal configuration, port access control, TACACS+, and RADIUS server settings. • Section 8: "Configuring the Wireless Features" on page 405 describes how to configure the switch so it can ...
...of Service, and Auto VoIP features. • Section 6: "Configuring Access Control Lists" on page 344 describes how to manage the D-Link software ACLs. • Section 7: "Managing Device Security" on page 359 contains information about configuring switch security information such as captive ...portal configuration, port access control, TACACS+, and RADIUS server settings. • Section 8: "Configuring the Wireless Features" on page 405 describes how to configure the switch so it can ...
Product Manual
Page 73
...3 Figure 22: Authentication List Configuration Table 15: Authentication Profile Fields Description The menu allows you want to assign. If you select RADIUS or TACACS+ as the first method and an error occurs during the authentication, the switch attempts user authentication Method 2. • reject...long and is unspecified. Document 34CSFP6XXUWS-SWUM100-D7 Authentication List Configuration Page 73 Software User Manual 12/10/09 D-Link Unified Access System Field Authentication List Authentication List Name Table 14: Authentication List Configuration Fields Description The menu allows you...
...3 Figure 22: Authentication List Configuration Table 15: Authentication Profile Fields Description The menu allows you want to assign. If you select RADIUS or TACACS+ as the first method and an error occurs during the authentication, the switch attempts user authentication Method 2. • reject...long and is unspecified. Document 34CSFP6XXUWS-SWUM100-D7 Authentication List Configuration Page 73 Software User Manual 12/10/09 D-Link Unified Access System Field Authentication List Authentication List Name Table 14: Authentication List Configuration Fields Description The menu allows you...
Product Manual
Page 77
... authentication, the user's access to an authentication list. Document 34CSFP6XXUWS-SWUM100-D7 User Login Page 77 Software User Manual 12/10/09 D-Link Unified Access System USER LOGIN Each configured user is assigned to a login list that specifies how the user should be authenticated when attempting ... field. 2 To assign the user to a different list, click the list name in "RADIUS Settings" on page 391. 1 Select the user name from all users that specifies authentication via the RADIUS server, you specifically assign them to create an account for all users on the switch to ...
... authentication, the user's access to an authentication list. Document 34CSFP6XXUWS-SWUM100-D7 User Login Page 77 Software User Manual 12/10/09 D-Link Unified Access System USER LOGIN Each configured user is assigned to a login list that specifies how the user should be authenticated when attempting ... field. 2 To assign the user to a different list, click the list name in "RADIUS Settings" on page 391. 1 Select the user name from all users that specifies authentication via the RADIUS server, you specifically assign them to create an account for all users on the switch to ...
Product Manual
Page 359
... from . To configure the global CP settings, click LAN > Security > Captive Portal > Global Configuration. The Captive Portal folder contains links to the following features: • "Captive Portal Configuration" • "Port Access Control" • "RADIUS Settings" • "TACACS+ Settings" • "Secure HTTP" • "Secure Shell" CAPTIVE PORTAL CONFIGURATION The Captive Portal (CP) feature...
... from . To configure the global CP settings, click LAN > Security > Captive Portal > Global Configuration. The Captive Portal folder contains links to the following features: • "Captive Portal Configuration" • "Port Access Control" • "RADIUS Settings" • "TACACS+ Settings" • "Secure HTTP" • "Secure Shell" CAPTIVE PORTAL CONFIGURATION The Captive Portal (CP) feature...
Product Manual
Page 362
...RADIUS database, see "Local User" on the CP Configuration page. Figure 252: Captive Portal Configuration Table 225 describes the fields on page 369. Page 362 Captive Portal Configuration Document 34CSFP6XXUWS-SWUM100-D7 You can change the settings for that are configured for this captive portal. D-Link... be authenticated by a database. • Local: The switch uses a local database to authenticated users. • RADIUS: The switch uses a database on a remote RADIUS server to nine additional portals. After you create a captive portal from the CP Summary page, you can change its...
...RADIUS database, see "Local User" on the CP Configuration page. Figure 252: Captive Portal Configuration Table 225 describes the fields on page 369. Page 362 Captive Portal Configuration Document 34CSFP6XXUWS-SWUM100-D7 You can change the settings for that are configured for this captive portal. D-Link... be authenticated by a database. • Local: The switch uses a local database to authenticated users. • RADIUS: The switch uses a database on a remote RADIUS server to nine additional portals. After you create a captive portal from the CP Summary page, you can change its...
Product Manual
Page 363
...8226; Local: The switch uses a local database to authenticated users. • RADIUS: The switch uses a database on behalf of the portal added from the network. Software User Manual 12/10/09 D-Link Unified Access System Table 225: CP Configuration Field Enable Captive Portal Configuration Name ...Protocol Mode Verification Mode User Logout Mode Enable Redirect Mode Redirect URL RADIUS Auth Server Idle Timeout Session Timeout Max Up ...
...8226; Local: The switch uses a local database to authenticated users. • RADIUS: The switch uses a database on behalf of the portal added from the network. Software User Manual 12/10/09 D-Link Unified Access System Table 225: CP Configuration Field Enable Captive Portal Configuration Name ...Protocol Mode Verification Mode User Logout Mode Enable Redirect Mode Redirect URL RADIUS Auth Server Idle Timeout Session Timeout Max Up ...
Product Manual
Page 364
...CP configurations on the switch. The User Group field also allows you to customize. Note: The User Group fields are listed in a Remote RADIUS Server" on the category you select the language. You can be shared across other CP pages. • Authentication Page-Contains settings that can.... After you modify the fields within a category, make sure you click Submit before you to create pages in a new browser window. D-Link Unified Access System Software User Manual 12/10/09 Field User Group Code Language Table 225: CP Configuration Description If the Verification Mode is Local...
...CP configurations on the switch. The User Group field also allows you to customize. Note: The User Group fields are listed in a Remote RADIUS Server" on the category you select the language. You can be shared across other CP pages. • Authentication Page-Contains settings that can.... After you modify the fields within a category, make sure you click Submit before you to create pages in a new browser window. D-Link Unified Access System Software User Manual 12/10/09 Field User Group Code Language Table 225: CP Configuration Description If the Verification Mode is Local...
Product Manual
Page 369
...Summary page allows you can modify the fields whether the feature is the text that must first be validated against a local database or RADIUS server. Figure 258: Captive Portal Local User Summary Table 227 describes the fields on the Logout Success page. Background Image Branding Image ... user how to 1024 user entries. You can be modified from the Local User Summary page. Software User Manual 12/10/09 D-Link Unified Access System Table 226: CP Web Page Customization Field Description Page Title Instructional Text Button Label Confirmation Text Enter the text to...
...Summary page allows you can modify the fields whether the feature is the text that must first be validated against a local database or RADIUS server. Figure 258: Captive Portal Local User Summary Table 227 describes the fields on the Logout Success page. Background Image Branding Image ... user how to 1024 user entries. You can be modified from the Local User Summary page. Software User Manual 12/10/09 D-Link Unified Access System Table 226: CP Web Page Customization Field Description Page Title Instructional Text Button Label Confirmation Text Enter the text to...
Product Manual
Page 372
... Logout once session timeout is 0 or not present then use the value configured for the captive portal. If the attribute is reached (seconds). D-Link Unified Access System Software User Manual 12/10/09 Field Max Up Rate Max Down Rate Max Receive Max Transmit Max Total Table 229: Local...You must add all users to transfer (sum of bytes that the user can receive traffic when using the captive portal. Table 230 indicates the RADIUS attributes you use the value configured for the captive portal. VSAs are comma delimited (vendor id, attribute id). Enter the maximum number of bytes...
... Logout once session timeout is 0 or not present then use the value configured for the captive portal. If the attribute is reached (seconds). D-Link Unified Access System Software User Manual 12/10/09 Field Max Up Rate Max Down Rate Max Receive Max Transmit Max Total Table 229: Local...You must add all users to transfer (sum of bytes that the user can receive traffic when using the captive portal. Table 230 indicates the RADIUS attributes you use the value configured for the captive portal. VSAs are comma delimited (vendor id, attribute id). Enter the maximum number of bytes...
Product Manual
Page 373
... associate interfaces with a specific physical interface or wireless network (SSID). Software User Manual 12/10/09 D-Link Unified Access System Attribute WISPr-BandwidthMax-Down D-Link-Max-InputOctets D-Link-Max-OutputOctets D-Link-Max-TotalOctets Table 230: Captive Portal User RADIUS Attributes Number 14122, 8 171, 124 171, 125 171, 126 Description Range Maximum client receive rate (b/ s). If...
... associate interfaces with a specific physical interface or wireless network (SSID). Software User Manual 12/10/09 D-Link Unified Access System Attribute WISPr-BandwidthMax-Down D-Link-Max-InputOctets D-Link-Max-OutputOctets D-Link-Max-TotalOctets Table 230: Captive Portal User RADIUS Attributes Number 14122, 8 171, 124 171, 125 171, 126 Description Range Maximum client receive rate (b/ s). If...
Product Manual
Page 376
D-Link Unified Access System Software User Manual 12/10/09 Figure 263: CP Activation and Activity Status The CP Activation and Activity Status page has a drop-... this captive portal and are only available when the CP operational status is saved before a reboot. CP is enabled. • Administratively Disabled • RADIUS Authentication mode enabled, but RADIUS server is blocked, users cannot gain access to temporarily protect the network during unexpected events, such as denial of the selected captive portal...
D-Link Unified Access System Software User Manual 12/10/09 Figure 263: CP Activation and Activity Status The CP Activation and Activity Status page has a drop-... this captive portal and are only available when the CP operational status is saved before a reboot. CP is enabled. • Administratively Disabled • RADIUS Authentication mode enabled, but RADIUS server is blocked, users cannot gain access to temporarily protect the network during unexpected events, such as denial of the selected captive portal...
Product Manual
Page 379
...the network through the captive portal, click LAN > Security > Captive Portal > Client Connection Status. Software User Manual 12/10/09 D-Link Unified Access System If the switch supports clustering and there are peer switches in the cluster, some of the clients displayed on the Client ... MAC address and click Delete. If the MAC address is marked with an asterisk (*), the authenticated client is Guest, Local, or RADIUS. To disconnect all clients from all captive portals, click Delete All. To view information about which switch handled the authentication for the client...
...the network through the captive portal, click LAN > Security > Captive Portal > Client Connection Status. Software User Manual 12/10/09 D-Link Unified Access System If the switch supports clustering and there are peer switches in the cluster, some of the clients displayed on the Client ... MAC address and click Delete. If the MAC address is marked with an asterisk (*), the authenticated client is Guest, Local, or RADIUS. To disconnect all clients from all captive portals, click Delete All. To view information about which switch handled the authentication for the client...
Product Manual
Page 380
... in the cluster. Shows whether the switch handling authentication for a different client, select its MAC address from the list. If clustering is Guest, Local, or RADIUS. D-Link Unified Access System Software User Manual 12/10/09 Figure 267: Client Detail The drop-down menu lists each associated client by MAC address. Page...
... in the cluster. Shows whether the switch handling authentication for a different client, select its MAC address from the list. If clustering is Guest, Local, or RADIUS. D-Link Unified Access System Software User Manual 12/10/09 Figure 267: Client Detail The drop-down menu lists each associated client by MAC address. Page...
Product Manual
Page 382
...current connection protocol, which is either HTTP or HTTPS. Figure 270: CP - Identifies the IP address of the wireless client. D-Link Unified Access System Software User Manual 12/10/09 Field MAC Address IP Address CP Configuration Protocol Verification Table 239: Interface - Identifies... that will generate a trap. If the MAC address is marked with an asterisk (*), the authenticated client is Guest, Local, or RADIUS. Shows the current connection protocol, which is authenticated by a peer switch. Client Status Description Identifies the MAC address of the wireless client...
...current connection protocol, which is either HTTP or HTTPS. Figure 270: CP - Identifies the IP address of the wireless client. D-Link Unified Access System Software User Manual 12/10/09 Field MAC Address IP Address CP Configuration Protocol Verification Table 239: Interface - Identifies... that will generate a trap. If the MAC address is marked with an asterisk (*), the authenticated client is Guest, Local, or RADIUS. Shows the current connection protocol, which is authenticated by a peer switch. Client Status Description Identifies the MAC address of the wireless client...
Product Manual
Page 384
... the Port Based Authentication page, click LAN > Security > Port Access Control > Configuration in a particular VLAN specified by the RADIUS server. Figure 272: Port Access Control-Port Configuration Table 242: Port Access Control-Port Configuration Fields Field Administrative Mode VLAN Assignment ... switch. A port's VLAN assignment is determined by a authentication server, the port that the supplicant is connected to is Disable. D-Link Unified Access System Software User Manual 12/10/09 • Authenticators: Specifies the port that is authenticated before permitting system access. ...
... the Port Based Authentication page, click LAN > Security > Port Access Control > Configuration in a particular VLAN specified by the RADIUS server. Figure 272: Port Access Control-Port Configuration Table 242: Port Access Control-Port Configuration Fields Field Administrative Mode VLAN Assignment ... switch. A port's VLAN assignment is determined by a authentication server, the port that the supplicant is connected to is Disable. D-Link Unified Access System Software User Manual 12/10/09 • Authenticators: Specifies the port that is authenticated before permitting system access. ...