D-Link DSL-G604T manual Login Method Lists, Protocol, Timeout, Retransmit, Key

Page 113

 

 

DGS-3024 Gigabit Ethernet Switch Manual

 

 

 

 

IP Address

The IP address of the remote server host the user wishes to add.

 

 

 

 

Protocol

The protocol used by the server host. The user may choose one of the following:

 

 

TACACS - Enter this parameter if the server host utilizes the TACACS protocol.

 

 

XTACACS - Enter this parameter if the server host utilizes the XTACACS protocol.

 

 

TACACS+ - Enter this parameter if the server host utilizes the TACACS+ protocol.

 

 

RADIUS - Enter this parameter if the server host utilizes the RADIUS protocol.

 

 

 

 

Port (1-65535)

Enter a number between 1 and 65535 to define the virtual port number of the

 

 

authentication protocol on a server host. The default port number is 49 for

 

 

TACACS/XTACACS/TACACS+ servers and 1813 for RADIUS servers but the user

 

 

may set a unique port number for higher security.

 

 

 

 

Timeout (1-255)

Enter the time in seconds the Switch will wait for the server host to reply to an

 

 

authentication request. The default value is 5 seconds.

 

 

 

 

Retransmit (1-255)

Enter the value in the retransmit field to change how many times the device will resend

 

 

an authentication request when the TACACS server does not respond.

 

 

 

 

Key

Authentication key to be shared with a configured TACACS+ or RADIUS servers only.

 

 

Specify an alphanumeric string up to 254 characters.

 

 

 

 

Click Apply to add the server host.

 

 

NOTE: More than one authentication protocol can be run on the same

 

 

physical server host but, remember that TACACS/XTACACS/TACACS+

 

 

are separate entities and are not compatible with each other

Login Method Lists

This command will configure a user-defined or default Login Method List of authentication techniques for users logging on to the Switch. The sequence of techniques implemented in this command will affect the authentication result. For example, if a user enters a sequence of techniques, for example TACACS - XTACACS- local, the Switch will send an authentication request to the first TACACS host in the server group. If no response comes from the server host, the Switch will send an authentication request to the second TACACS host in the server group and so on, until the list is exhausted. At that point, the Switch will restart the same sequence with the following protocol listed, XTACACS. If no authentication takes place using the XTACACS list, the local account database set in the Switch is used to authenticate the user. When the local method is used, the privilege level will be dependant on the local account privilege configured on the Switch.

Successful login using any of these techniques will give the user a "User" privilege only. If the user wishes to upgrade his or her status to the administrator level, the user must use the Enable Admin window, in which the user must enter a previously configured password, set by the administrator. (See the Enable Admin part of this section for more detailed information concerning the Enable Admin command.)

To view the following screen click Security > Access Authentication Control > Login Method Lists:

99

Image 113
Contents Manual Managed 24-Port Gigabit Ethernet SwitchVcci Warning FCC WarningCE Mark Warning Table of Contents Spanning Tree Sntp Settings Secure Shell SSH 117 141 Intended Readers PrefaceDGS-3024 Gigabit Ethernet Switch Manual Safety Cautions Safety InstructionsGeneral Precautions for Rack-Mountable Products Safety Instructions Battery Handling Reminder Performance Features FeaturesPorts ManagementDGS-3024 Gigabit Ethernet Switch Manual Packing List Unpacking and SetupInstallation Rack Installation Desktop or Shelf InstallationExternal Redundant Power System Power onPower Failure DPS-300 in DPS-900 case with DGS-3024 Side Panels Front PanelRear Panel Side panel views of the Switch LED IndicatorsSwitch connected to an End Node Switch to End NodeSwitch to Hub or Switch DGS-3024 Gigabit Ethernet Switch Manual Connecting the Console Port RS-232 DCE Command Line Console Interface Through the Serial PortManagement Options Web-based Management InterfaceInitial screen after first connection Password Protection First Time Connecting to The SwitchSnmp Settings IP Address Assignment TrapsMIBs Show Switch command Assigning the Switch an IP Address Connecting Devices to the SwitchIntroduction Login to Web ManagerAreas of the User Interface Web-based User InterfaceArea IP Address Default GatewayParameter Description Get IP From IP AddressSwitch Information Igmp Snooping Multicast Router Only Advanced SettingsTelnet Status SwitchTelnet TCP Port NumberParameter Description Port ConfigurationLearning Flow ControlLink Aggregation Port MirroringExample of Port Trunk Group Type Parameter Description Group IDState Igmp Snooping Igmp SnoopingMaster Port Port MapRoute Timeout Host TimeoutVlan Name Query IntervalQuerier State Leave TimerStatic Router Ports Entry 802.1w Rapid Spanning Tree Spanning Tree802.1s Mstp Edge Port Port Transition StatesP2P Port 802.1d/802.1w/802.1s Compatibility13. STP Bridge Global Settings window STP compatible STP Bridge Global SettingsParameter Description STP Status Forward Delay 4STP Version Hello Time 1-10 SecParameterDescription Configuration Name MST Configuration TableTX Hold Count Forwarding BpduVID List Revision Level19. Instance ID Settings window Modify Internal cost Msti SettingsParameter Description Instance ID Priority Parameter Description Instance Type STP Instance SettingsInstance Status Instance PriorityBridge External Root Cost Parameter Description Designated RootRegional Root Bridge Internal Root CostMax Age Forward DelayLast Topology Change Topology Changes25. STP Port Settings window STP Port SettingsExternal Cost 0 = Parameter Description From/ToAuto Hello TimeUnicast Forwarding ForwardingMulticast Forwarding Allowed to go portVLANs Port SettingsUnderstanding Ieee 802.1p Priority Multicast MACIeee 802.1Q VLANs Vlan DescriptionDGS-3024 Gigabit Ethernet Switch Manual 29. Ieee 802.1Q Packet Forwarding 802.1Q Vlan Tags30. Ieee 802.1Q Tag Port Vlan IDIngress Filtering Tagging and UntaggingSwitch Ports Default VLANsVlan and Trunk Groups Static Vlan Entry32. first 802.1Q Static VLANs window 8021Q Port Settings Ingress Check 35. Gvrp Settings windowFrame Type Sntp SettingsTime Setting 36. Current Time Status window Time Zone and DST ParameterDescription Time Zone and DST SettingsMonth DayTime State Daylight Saving Daylight SavingTime Offset Minutes Time Zone OffsetUnderstanding QoS QoSAdvantages of QoS DGS-3024 Gigabit Ethernet Switch Manual Traffic Control 39. Storm Control Type Setting window802.1p Default Priority 802.1p User Priority 40. Port Default Priority assignment windowRoundRobin QoS Scheduling MechanismParameter Description Strict MAC Notification MAC Notification Global SettingsQoS Output Scheduling ParameterDescription Max. PacketsParameter Description State MAC Notification Port SettingsInterval sec ~2147483647 History size 1~500Parameter Description From and To 45. MAC Notification Port Settings windowParameter Description Index System Log ServerServer IP SeverityStatus Choose Enabled or Disabled to activate or deactivateAuthentication Server Port Access Entity802.1x Port-Based Access Control 50. Authentication Server AuthenticatorClient Authentication ProcessPort-Based Network Access Control 53. Example of Typical Port-Based Configuration Configure Authenticator54. First 802.1x Authenticator Settings window PortControl AdmDirLocal users 802.1x Capability Settings57 .1x Capability Settings window Initialize Ports Parameter Description Port Reauthenticate PortsAuth State OpenDirStatus Radius Server61. Static ARP Settings window Static ARP SettingsSecure Socket Layer SSL Trusted HostDownload Certificate ConfigurationRSA with RC4 Parameter Description StatusRSA with 3DES EDE DHS DSS with 3DESSecure Shell SSH SSH ConfigurationMax Session Parameter Description SSH Server StatusTime Out Auth. FailBlow-fish CBC SSH AlgorithmParameterDescription Encryption Algorithm Password Authentication AlgorithmCast128-CBC Twofish128Parameter Description User Name SSH User AuthenticationAuth. Mode Host IP Access Authentication ControlHost Name Parameters Description Authentication Policy Authentication Policy & ParametersResponse Timeout 255Authentication Server Group Application Authentication SettingsLogin Method List Enable Method List10. Authentication Server Group Settings window ParameterDescription Authentication Server HostTimeout Login Method ListsProtocol Retransmit15. Login Method List Settings window 18. Enable Method List Settings window Enable Method Lists20. Enable Method List Add window 19. Enable Method List Edit windowEnable Admin Configure Local Enable Password22. Enable Admin window User Accounts Access RightNew Password Admin and User PrivilegesPassword Access Right Confirm NewAdmin and User Privileges Management Admin UserSnmp Manager User Account ManagementGroup Name Snmp User TableSnmp V3 Encryption Auth-ProtocolSnmp View Table window Snmp View TableParameter Description View Name Snmp Group TableSubtree OID View TypeRead View Name Parameter Description Group NameWrite View Name Notify View NameSecurity Model Snmp Community TableParameter Description Community Name Snmp Host TableParameter Description Host IP Address Snmp Engine IDSnmp Version Community String14. Snmp Engine ID Configuration window Utilization window Port UtilizationReceived RX PacketsPackets BytesUMB Cast RX Broadcast UnicastMulticast Tx Packets Analysis window line graph for Bytes and Packets Transmitted TXTx Packets Analysis window table for Bytes and Packets ErrorsRx Error Analysis window line graph UnderSize CrcErrorOverSize Fragment10. Tx Error Analysis window line graph LateColl ExDeferExColl SingColl12. Packet Size Analysis window line graph Size128-255 65-127256-511 512-1023MAC Address Vlan ID of the Vlan the port is a member 14. MAC Address Table windowLearned Switch History LogNext View All Entry15. Switch History window Multicast Group Igmp Snooping GroupQueries ReportsVlan Status Igmp Snooping ForwardingSession Table Router PortRadius Authentication Port Access ControlDownload Firmware Tftp ServicesDownload Configuration File Save History Log Save SettingsPing Test Ping Test window Save ChangesReset Reboot ServicesReboot Logout Reset ConfigReset System 12. Logout Web Setups window Technical Specifications Protocols StandardsData Transfer Rates Ethernet Fast EthernetMini Gbic Cable LengthsStandard Media Type Maximum Distance Glossary Line speed See baud rate DGS-3024 Gigabit Ethernet Switch Manual Limited Warranty What Is Not Covered Trademarks FCC WarningPage Page Product Registration General Terms Link Europe Limited Product WarrantyWarrantor Allgemeine Bedingungen Link Europe Limited ProduktgarantieGarantiegeber Conditions Générales Link Europe a limité la garantie des produitsGarant Condiciones generales Garantía limitada del producto D-LINK EuropaGarante Generalità Link Europe Termini di Garanzia dei ProdottiPrestazioni della Garanzia limitata Technical Support Emailsupport@dlink.com.sg Tech Support for customers within India Tech Support for customers within the Russia Technical Support Technical Support Technical Support Техническая поддержка через Интернет Техническая поддержка D-LinkAsistencia Técnica Suporte Técnico 友冠技術支援 Technical Support Technische Unterstützung Assistance technique D-Link par téléphone Assistance techniqueAsistencia Técnica de D-Link a través de Internet Asistencia Técnica de D-Link por teléfono 902Supporto tecnico Tech Support for customers within the Netherlands Pomoc techniczna firmy D-Link świadczona przez Internet Telefoniczna pomoc techniczna firmy D-LinkTechnická podpora Technikai Támogatás Teknisk Support Link teknisk support på Internettet 0800-114 Teknistä tukea asiakkaille Suomessa0770-33 00 Teknisk Support för kunder i Sverige技术支持 Tech Support for customers within the United States International Offices Registration Card All Countries and Regions Excluding USA
Related manuals
Manual 26 pages 8.5 Kb