Manuals / D-Link / Computer Equipment / Switch

D-Link DES-3250TG manual Authenticator, The Authentication Server

Models: DES-3250TG

1 186

Download 186 pages 33.46 Kb

Page 109

D-Link DES-3250TG Standalone Layer 2 Switch

Figure 7- 59. The Authentication Server

Authenticator

The Authenticator (the Switch) is an intermediary between the Authentication Server and the Client. The Authenticator serves two purposes when utilizing 802.1x. The first purpose is to request certification information from the Client through EAPOL packets, which is the only information allowed to pass through the Authenticator before access is granted to the Client. The second purpose of the Authenticator is to verify the information gathered from the Client with the Authentication Server, and to then relay that information back to the Client.

Three steps must be implemented on the Switch to properly configure the Authenticator.

1.The 802.1x State must be Enabled. (Configuration / Advanced Settings)

2.The 802.1x settings must be implemented by port (Configuration / Port Access Entity / Configure Authenticator)

3.A RADIUS server must be configured on the Switch. (Configuration / Port Access Entity / RADIUS Server)

Figure 7- 60. The Authenticator

99

Image 109

D-Link DES-3250TG manual Authenticator, The Authentication Server

Contents

User’s Guide Link DES-3250TG Standalone Layer 2 Switch Table of Contents Igmp SNMPV3 Link DES-3250TG Standalone Layer 2 Switch Intended Readers PrefaceVii Safety Cautions Safety InstructionsViii Safety Instructions General Precautions for Rack-Mountable ProductsProtecting Against Electrostatic Discharge Section Introduction Switch StackingFast Ethernet Technology Gigabit Ethernet TechnologyPorts FeaturesManagement Traffic Classification and PrioritizationInstallation Section Unpacking and SetupDesktop or Shelf Installation Unpacking Installation Power OnInstalling rubber feet for desktop installation Rack InstallationPower Failure Power onFront Panel Section Identifying External ComponentsRear Panel Side Panels LED IndicatorsGigabit Combo Ports Link DES-3250TG Standalone Layer 2 Switch Switch to End Node Section Connecting the SwitchSwitch to Hub or Switch 10BASE-T Device Stacking vs. Standalone Operation100BASE-TX Device Managing Switch Stacks Convert a Standalone Switch to a Stacked Switch Changes to Switch Stack StructureConvert a Standalone Switch to a Stacked Switch Add a Switch to a StackSwap a Master from a Stack Download configuration ipaddr pathfilenameStacking with DGS-3312SR DES-3250TG Switches with DGS-3312SRCommand Line Console Interface Through the Serial Port Section Introduction to Switch ManagementManagement Options Web-based Management InterfaceConnecting the Console Port RS-232 DCE Initial screen after first connection First Time Connecting to The SwitchInitial screen, first time connecting to the Switch Password ProtectionCreation of a new Admin level account Snmp SettingsTraps IP Address AssignmentMIBs Show switch command Connecting Devices to the Switch Login to Web Manager Section Web-based Switch ManagementIntroduction User Accounts Management Admin and User PrivilegesUser Account Management Save ChangesArea Areas of the User InterfaceWeb Pages Access Profile Table System Log Hosts PAE Access Entity Section ConfigurationIP Address To set the switch’s IP addressManual Default GatewayIP Address Subnet MaskAdvanced Settings Switch InformationAdmin. State Click the Switch Information link in the Configuration menuAlgorithm Mac Link AggregationMAC Notification Serial Port SettingsClick the Port Configuration link in the Configuration menu Port ConfigurationMAC Notification Interval MAC Notification History SizePort Configuration window Port Description State EnabledFrom and To Speed/Duplex AutoPort Mirroring Click Port Mirroring on the Configuration menuNone Source PortIngress EgressClick Stack Setting on the Configuration menu Stack SettingTarget Port StatusAuto MAC Address Port Range Mode Version RPS Status Static ARP SettingsIgmp Snooping IgmpQuery Interval Vlan IDState Static Router Ports EntryMember Ports Spanning TreePort Transition States 802.1w Rapid Spanning TreeEdge Port P2P Port802.1d/802.1w Compatibility STP Switch SettingsBridge Forward Delay Protocol DisabledSpanning Tree Bridge Max AgeSTP Port Settings 17. STP Port Settings window Priority CostMigration No Edge NoUnicast Forwarding Forwarding FilteringMulticast Forwarding MAC AddressPort 19. Static Multicast Forwarding Settings windowVLANs on the DES-3250TG VLANsIeee 802.1Q VLANs 802.1Q Vlan Packet Forwarding21. Ieee 802.1Q Packet Forwarding 802.1Q Vlan Tags23. Adding an Ieee 802.1Q Tag Static Vlan Entry25. Add 802.1Q Static Vlan window Advertisement Port Settings Tagged/NoneNone Egress Port Vlan IdpvidForbidden Tagging and Untagging Default VlanIngress Checking 26 .1Q Port Settings window Port Bandwidth Ingress Disabled Acceptable Frame Types27. Bandwidth Settings window Current Time Settings Sntp SettingsTime Zone and DST Port SecurityFrom & To Port Security SettingsMax Learning Addr.0-10 Lock Address Mode Admin StatePort Security Clear 31. Port Security Clear window Traffic Control QOS Quality of ServiceParameter Description 802.1p Default Priority 33 .1p defaultpriority Settings window QOS Output Scheduling 802.1p User PriorityTraffic Segmentation 36. Traffic Segmentation Setting windowLink Aggregation Lacp38. Port Link Aggregation Group window Group ID1-6 39. Port Link Aggregation Settings Add windowLacp Port 41. Link Aggregation Settings window Configuring the Access Profile TableEthernet PartType Profile IDSource MAC Destination MAC 802.1p Ethernet type Port44. Access Profile Configuration IP Protocol Source IP Mask Destination IP MaskPsh Packet Content Mask45. Access Profile Configuration window Packet Content Mask Offset Port 46. Access Rule Table window IP Mode Access IDPriority Replace Dscp Vlan Name Source IP Destination IP Dscp Protocol 48. Access Rule Display window IP49. Access Rule Table Ethernet 802.1p Ethernet Type Priority0-7 Vlan Name Source MAC Destination MAC51. Access Rule Display window Ethernet 53. Access Rule Configuration window Packet Content Mask Access ID Type Offset 54. Access Rule Display window Packet Content Mask 802.1x Port-Based and MAC-Based Access Control Port Access EntitySystem Log Hosts 57. The Eapol Packet Authentication Server59. The Authentication Server Authenticator100 Client101 Authentication Process102 Port-Based Network Access ControlConfigure Authenticator MAC-Based Network Access Control103 104 65. First 802.1X Authenticator Settings windowCtl Stat PortControl TxPeriod QuietPeriod AdmDir105 106 Port Capability Settings107 67 .1X Capability Settings windowCapability Initialize Ports for Port BasedAuth PAE State BackendState Oper Dir PortStatusInitializing Ports for MAC Based Reauthenticate Ports for Port Based109 Radius Server Reauthenticate Ports for MAC-basedAuth State 110111 Security IP Section ManagementUser Accounts Security IP User Accounts113 Snmp User Table114 Snmp User Table window115 Snmp View TableSubtree OID View NameView Type 116117 Snmp Group Table118 119 Snmp Community TableSnmp Host Table Access Right120 121 Snmp Engine IDCPU Utilization Section Monitoring122 Time Interval 1s Port UtilizationRecord Number UtilizationRecord Number Time Interval 1sShow/Hide ClearReceived RX Packets125 Packets BytesView Table 126UMB-cast RX View Line Chart127 Multicast UnicastBroadcast 128View Table Transmitted TX129 130 Tx Packets Analysis window table for Bytes and Packets131 ErrorsUnderSize CrcErrorOverSize FragmentDrop JabberShow/Hide ClearLateColl ExDefer134 Packet Size Size135 128-255 65-127256-511 136512-1023 MAC Address1024-1518 137138 15. MAC Address Table windowFind ARP TableLearned Next140 Igmp Snooping Group141 Igmp Snooping Forwarding142 Vlan StatusAuthenticator Status Port Access ControlRouter Port 143144 21. Authenticator Status windowTftp Utilities Section MaintenanceDownload Firmware from Server 145Upload Settings to Tftp Server Download Settings from Tftp ServerUpload Log to Tftp Server 146Ping Test Switch History147 148 Reboot ServicesReset RebootReset System 149Reset Config Technical SpecificationsAppendix a Logout151 Physical and Environmental152 PerformanceBlocking State Appendix BPort in the blocking state does the following 153Port in the listening state does the following Listening StatePort in the learning state does the following Learning State155 Port in the forwarding state does the following Forwarding StateDisabled port does the following Disabled State157 Troubleshooting STP Spanning Tree Protocol Failure Unidirectional Link Full/Half Duplex Mismatch159 Packet Corruption Resource ErrorsIdentifying a Data Loop 161 Warnung Warranty and RegistrationPrecaución AttenzioneWarranty and Registration Information Warranties Exclusive Page Page Product Registration Link Europe Limited Product Warranty Page Link Europe Limited Produktgarantie Link Europe a limité la garantie des produits Garante Link Europe Termini di Garanzia dei Prodotti Link International Offices All Countries and Regions excluding USA Registration Card