MAC-Based Network Access Control, 103 | D-Link DES-3250TG specs

D-Link DES-3250TG Standalone Layer 2 Switch

MAC-Based Network Access Control

RADIUS

Server

Ethernet Switch

									…
802.1X	802.1X	802.1X	802.1X	802.1X	802.1X	802.1X	802.1X	802.1X	802.1X	802.1X	802.1X
Client	Client	Client	Client	Client	Client	Client	Client	Client	Client	Client	Client

Network access controlled port

Network access uncontrolled port

Figure 7- 64. Example of Typical MAC-Based Configuration

In order to successfully make use of 802.1X in a shared media LAN segment, it would be necessary to create “logical” Ports, one for each attached device that required access to the LAN. The Switch would regard the single physical Port connecting it to the shared media segment as consisting of a number of distinct logical Ports, each logical Port being independently controlled from the point of view of EAPOL exchanges and authorization state. The Switch learns each attached devices’ individual MAC addresses, and effectively creates a logical Port that the attached device can then use to communicate with the LAN via the Switch.

Configure Authenticator

Existing 802.1x port settings are displayed and can be configured using the window below.

Click Configure Authenticator on the PAE Access Entity folder on the Configuration menu to open the 802.1X Authenticator Settings window:

103

Image 113

D-Link DES-3250TG manual MAC-Based Network Access Control, Configure Authenticator, 103

Contents

User’s Guide Link DES-3250TG Standalone Layer 2 Switch Table of Contents Igmp SNMPV3 Link DES-3250TG Standalone Layer 2 Switch Vii PrefaceIntended Readers Viii Safety InstructionsSafety Cautions Safety Instructions General Precautions for Rack-Mountable Products Protecting Against Electrostatic Discharge Section Introduction Switch StackingFast Ethernet Technology Gigabit Ethernet Technology Ports Features Management Traffic Classification and Prioritization Installation Section Unpacking and SetupDesktop or Shelf Installation Unpacking Installation Power On Installing rubber feet for desktop installation Rack Installation Power Failure Power on Rear Panel Section Identifying External ComponentsFront Panel Gigabit Combo Ports LED IndicatorsSide Panels Link DES-3250TG Standalone Layer 2 Switch Switch to Hub or Switch Section Connecting the SwitchSwitch to End Node 100BASE-TX Device Stacking vs. Standalone Operation10BASE-T Device Managing Switch Stacks Convert a Standalone Switch to a Stacked Switch Changes to Switch Stack Structure Convert a Standalone Switch to a Stacked Switch Add a Switch to a Stack Swap a Master from a Stack Download configuration ipaddr pathfilename Stacking with DGS-3312SR DES-3250TG Switches with DGS-3312SR Command Line Console Interface Through the Serial Port Section Introduction to Switch ManagementManagement Options Web-based Management Interface Connecting the Console Port RS-232 DCE Initial screen after first connection First Time Connecting to The Switch Initial screen, first time connecting to the Switch Password Protection Creation of a new Admin level account Snmp Settings MIBs IP Address AssignmentTraps Show switch command Connecting Devices to the Switch Introduction Section Web-based Switch ManagementLogin to Web Manager User Accounts Management Admin and User Privileges User Account Management Save Changes Area Areas of the User Interface Web Pages Access Profile Table System Log Hosts PAE Access Entity Section Configuration IP Address To set the switch’s IP address Manual Default GatewayIP Address Subnet Mask Advanced Settings Switch InformationAdmin. State Click the Switch Information link in the Configuration menu Algorithm Mac Link Aggregation MAC Notification Serial Port Settings Click the Port Configuration link in the Configuration menu Port ConfigurationMAC Notification Interval MAC Notification History Size Port Configuration window Port Description State EnabledFrom and To Speed/Duplex Auto Port Mirroring Click Port Mirroring on the Configuration menu None Source PortIngress Egress Click Stack Setting on the Configuration menu Stack SettingTarget Port Status Auto MAC Address Port Range Mode Version RPS Status Static ARP Settings Igmp Snooping Igmp Query Interval Vlan ID State Static Router Ports Entry Member Ports Spanning Tree Port Transition States 802.1w Rapid Spanning TreeEdge Port P2P Port 802.1d/802.1w Compatibility STP Switch Settings Bridge Forward Delay Protocol DisabledSpanning Tree Bridge Max Age STP Port Settings 17. STP Port Settings window Priority CostMigration No Edge No Unicast Forwarding Forwarding FilteringMulticast Forwarding MAC Address Port 19. Static Multicast Forwarding Settings window VLANs on the DES-3250TG VLANsIeee 802.1Q VLANs 802.1Q Vlan Packet Forwarding 21. Ieee 802.1Q Packet Forwarding 802.1Q Vlan Tags 23. Adding an Ieee 802.1Q Tag Static Vlan Entry 25. Add 802.1Q Static Vlan window Advertisement Port Settings Tagged/None Forbidden Port Vlan IdpvidNone Egress Ingress Checking Default VlanTagging and Untagging 26 .1Q Port Settings window Port Bandwidth Ingress Disabled Acceptable Frame Types 27. Bandwidth Settings window Current Time Settings Sntp Settings Time Zone and DST Port Security From & To Port Security Settings Port Security Clear Admin StateMax Learning Addr.0-10 Lock Address Mode 31. Port Security Clear window Traffic Control QOS Quality of Service Parameter Description 802.1p Default Priority 33 .1p defaultpriority Settings window QOS Output Scheduling 802.1p User Priority Traffic Segmentation 36. Traffic Segmentation Setting window Link Aggregation Lacp 38. Port Link Aggregation Group window Group ID1-6 39. Port Link Aggregation Settings Add window Lacp Port 41. Link Aggregation Settings window Configuring the Access Profile Table Ethernet Part Type Profile IDSource MAC Destination MAC 802.1p Ethernet type Port 44. Access Profile Configuration IP Protocol Source IP Mask Destination IP Mask Psh Packet Content Mask 45. Access Profile Configuration window Packet Content Mask Offset Port 46. Access Rule Table window IP Priority Replace Dscp Access IDMode Vlan Name Source IP Destination IP Dscp Protocol 48. Access Rule Display window IP 49. Access Rule Table Ethernet 802.1p Ethernet Type Priority0-7 Vlan Name Source MAC Destination MAC 51. Access Rule Display window Ethernet 53. Access Rule Configuration window Packet Content Mask Access ID Type Offset 54. Access Rule Display window Packet Content Mask System Log Hosts Port Access Entity802.1x Port-Based and MAC-Based Access Control 57. The Eapol Packet Authentication Server 59. The Authentication Server Authenticator 100 Client 101 Authentication Process 102 Port-Based Network Access Control 103 MAC-Based Network Access ControlConfigure Authenticator 104 65. First 802.1X Authenticator Settings window 105 AdmDirCtl Stat PortControl TxPeriod QuietPeriod 106 Port Capability Settings 107 67 .1X Capability Settings window Capability Initialize Ports for Port BasedAuth PAE State BackendState Oper Dir PortStatus 109 Reauthenticate Ports for Port BasedInitializing Ports for MAC Based Radius Server Reauthenticate Ports for MAC-basedAuth State 110 111 Security IP Section ManagementUser Accounts Security IP User Accounts 113 Snmp User Table 114 Snmp User Table window 115 Snmp View Table Subtree OID View NameView Type 116 117 Snmp Group Table 118 119 Snmp Community Table 120 Access RightSnmp Host Table 121 Snmp Engine ID 122 Section MonitoringCPU Utilization Time Interval 1s Port UtilizationRecord Number Utilization Record Number Time Interval 1sShow/Hide Clear 125 PacketsReceived RX Packets BytesView Table 126 127 View Line ChartUMB-cast RX Multicast UnicastBroadcast 128 129 Transmitted TXView Table 130 Tx Packets Analysis window table for Bytes and Packets 131 Errors UnderSize CrcErrorOverSize Fragment Drop JabberShow/Hide Clear 134 ExDeferLateColl 135 SizePacket Size 128-255 65-127256-511 136 512-1023 MAC Address1024-1518 137 138 15. MAC Address Table window Find ARP TableLearned Next 140 Igmp Snooping Group 141 Igmp Snooping Forwarding 142 Vlan Status Authenticator Status Port Access ControlRouter Port 143 144 21. Authenticator Status window Tftp Utilities Section MaintenanceDownload Firmware from Server 145 Upload Settings to Tftp Server Download Settings from Tftp ServerUpload Log to Tftp Server 146 147 Switch HistoryPing Test 148 Reboot Services Reset RebootReset System 149 Reset Config Technical SpecificationsAppendix a Logout 151 Physical and Environmental 152 Performance Blocking State Appendix BPort in the blocking state does the following 153 Port in the listening state does the following Listening State 155 Learning StatePort in the learning state does the following Port in the forwarding state does the following Forwarding State 157 Disabled StateDisabled port does the following Troubleshooting STP Spanning Tree Protocol Failure 159 Full/Half Duplex MismatchUnidirectional Link Identifying a Data Loop Resource ErrorsPacket Corruption 161 Warnung Warranty and RegistrationPrecaución Attenzione Warranty and Registration Information Warranties Exclusive Page Page Product Registration Link Europe Limited Product Warranty Page Link Europe Limited Produktgarantie Link Europe a limité la garantie des produits Garante Link Europe Termini di Garanzia dei Prodotti Link International Offices All Countries and Regions excluding USA Registration Card