Manuals / D-Link / Computer Equipment / Switch

D-Link DWS/DXS-3200 manual Defining TACACS+ Authentication, Tacacs+

Models: DWS/DXS-3200

1 372

Download 372 pages 43.39 Kb

Page 93

DXS/DWS 3200 Series User Guide

Defining TACACS+ Authentication

Terminal Access Controller Access Control System (TACACS+) provides centralized security user access valida- tion. The sytem supports up-to 4 TACACS+ servers.

TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services:

•Authentication — Provides authentication during login and via user names and user-defined passwords.

•Authorization — Performed at login. Once the authentication session is completed, an authorization session starts using the authenticated user name.

The TACACS+ protocol ensures network integrity through encrypted protocol exchanges between the client and TACACS+ server.

The TACACS+ default parameters are user-assigned defaults. The default settings are applied to newly defined TACACS+ servers. If default values are not defined, the system defaults are applied to the new TACACS+ new servers.

To define TACACS+ authentication settings:

1.Click System > Management Security > Authentication > TACACS+. The TACACS+ Page opens.

Figure 45: TACACS+ Page

The Default Parameters section contains the following fields:

•Source IP Address — Defines the default device source IP address used for the TACACS+ session between the device and the TACACS+ server.

•Key String — Defines the default authentication and encryption key for TACACS+ communication between the device and the TACACS+ server.

•Timeout for Reply — Defines the default time that passes before the connection between the device and the TACACS+ times out. The default is 5.

Page 92

Image 93

D-Link DWS/DXS-3200 manual Defining TACACS+ Authentication, Tacacs+

Contents

Web/Installation Guide Table of Contents Managing Device Information Configuring Ports 115 Configuring IP Information 171 Configuring Quality of Service 237 Configuring System Time 281 Preface DXS/DWS-3227/3227P, DXS/DWS-3250 User Guide OverviewDXS/DWS-3227/3227P, DXS/DWS-3250 User Guide Overview DXS/DWS 3200 Series User Guide Intended AudienceViewing the Device Device DescriptionDXS-3250/DWS Front Panel Viewing the DeviceDXS/DWS-3227P Front Panel DXS/DWS-3227 Front PanelDXS/DWS-3227P Front Panel Back Panels1000Base-T Gigabit Ethernet Ports Ports Description10G XFP Fiber port Optional ModulesSFP Ports 10G XFP Fiber portPorts Description Stacking Ports RS-232 Console PortStacking Kit Optional LED Definitions Cable SpecificationsPort LEDs 1000Base-T Gigabit Ethernet RJ-45 Port LEDsLED Definitions 1000Base-T Gigabit Ethernet RJ-45 Port LED IndicationsPort Description LED Indication SFP LEDs System LEDsSFP LED Indications Description Indication System’s LED Indications LED DescriptionCable, Port, and Pinout Information Pin Connections for the 10/100/1000 Ethernet InterfaceRJ-45 Pin Connections for 10/100/1000 Base-TX Use Cable, Port, and Pinout Information CX-4 Port Pin ConnectionsPin Use DXS/DWS 3250 / DXS/DWS 3227P Physical DimensionsDXS/DWS DB-9 Port Pin Connections UsePhysical Dimensions DXS/DWS 3200 Series User Guide Installation Precautions Preparing for InstallationPreparing for Installation Mounting DeviceSite Requirements Package ContentsUnpacking Unpacking EssentialsDesktop or Shelf Installation Installing the DeviceRack Installation Installing the DeviceAttaching the Mounting Brackets Mounting Device in a Rack Connecting the Device Connecting the Switch to a TerminalAC Power Connection General Configuration Information Initial ConfigurationGeneral Configuration Information Auto-NegotiationBooting the Switch Device Port Default SettingsDevice Port Default Settings Function Booting the Switch Configuration Overview Initial Configuration Configuration OverviewStatic IP Address and Subnet Mask Snmp Community Strings User NameFollowing screen displays the default device configuration Retrieving an IP Address From a Dhcp Server Advanced ConfigurationAdvanced Configuration Receiving an IP Address From a Bootp ServerSecurity Management and Password Configuration Configuring Security Passwords IntroductionConfiguring an Initial Console Password Configuring an Initial SSH password Configuring an Initial Telnet PasswordConfiguring an Initial Http Password Configuring an initial Https PasswordSoftware Download and Reboot Software Download through XModemSoftware Download Through Tftp Server Software Download and Reboot Boot Image DownloadConfiguring Stacking Configuring Stacking Download Software Startup Menu FunctionsErase Flash File Erase Flash SectorsStartup Menu Functions Wlan Licence Key Password RecoveryPress Escape Press EnterThis page is left blank intentionally Getting Started Click . The D-Link Embedded Web Interface Home Page opens Starting the D-Link Embedded Web InterfaceStarting the D-Link Embedded Web Interface Link Embedded Web Interface HomeUnderstanding the D-Link Embedded Web Interface Interface ComponentsView Description Understanding the D-Link Embedded Web Interface Device RepresentationUsing the D-Link Embedded Web Interface Management Buttons Adding Configuration Information Using Screen and Table OptionsModifying Configuration Information Using Screen and Table OptionsIP Interface Settings Deleting Configuration InformationResetting the Device Resetting the DeviceClick System General Reset. The Reset page opens Click . The D-Link Embedded Web Interface Home Page closes Logging Off from the DeviceManaging Device Information Defining the System DescriptionDefining the System Description DXS/DWS 3200 Series User Guide Defining Advanced System Settings Defining Advanced System SettingsClick System General Mode. The Mode Page opens Check the Enable Jumbo Frames fieldThis page is left blank intentionally Managing Power over Ethernet Devices Defining PoE System Information Modify the Unit No., Power Status, and Powered Device fieldsDefine the Unit No. and the System Usage Threshold field Defining PoE System InformationPoE Interface Displaying and Editing PoE System InformationClick . The PoE Interface Edit Page opens Displaying and Editing PoE System InformationDXS/DWS 3200 Series User Guide Managing Stacking Understanding the Stack Topology Stacking Failover TopologyStacking Members and Unit ID Stacking Failover Topology Removing and Replacing Stacking MembersExchanging Stacking Members Switching the Stacking MasterClick System General tab. The Stack Page opens Stack Page contains the following fieldsThis page is left blank intentionally Configuring Device Security Configuring Authentication Methods Configuring Management SecurityConfiguring Management Security Defining Access ProfilesClick . The Add Access Profile Page opens Add Access ProfileConfiguring Device Security Profile Rules Defining Profile RulesClick . The Add Profile Rule Page opens Add Profile RuleClick . The Profile Rules Setting Page opens Authentication Profile Defining Authentication ProfilesClick . The Add Authentication Profile Page opens Add Authentication ProfileAuthentication Mapping Mapping Authentication MethodsDefine the Console, Telnet, and Secure Telnet SSH fields Radius Defining Radius SettingsClick . The Add Radius Server Page opens Add Radius ServerClick . The Radius Server Settings Page opens Radius Server SettingsTACACS+ Defining TACACS+ AuthenticationAdd TACACS+ Host TACACS+ Host Settings Configuring Passwords Defining Local UsersClick . The Add Local User Page opens Click . The Local User Settings Page opens Local User SettingsLine Password Defining Line PasswordsEnable Password Defining Enable PasswordsPort-Based Authentication Configuring Network SecurityAdvanced Port-Based Authentication Configuring Network SecurityDXS/DWS 3200 Series User Guide Network Authentication Properties Defining Network Authentication PropertiesDXS/DWS 3200 Series User Guide Port Authentication Defining Port AuthenticationClick . The Port Authentication Settings Page opens Supplicant Timeout Server TimeoutMultiple Host Configuring Multiple HostsMultiple Host Settings Authenticated Host Defining Authentication HostsConfiguring Traffic Control Port Security Managing Port SecurityClick . The Port Security Settings Page opens Port Security SettingsStorm Control Enabling Storm ControlClick . The Storm Control Settings Page opens Storm Control SettingsDefining DOS Protection Security Defining DOS Protection SecurityClick . The Add Martian Addresses Page opens Add Martian AddressesInterface Configuration Configuring PortsClick . The Port or LAG Interface Settings Page opens Port Configuration SettingsConfiguring Ports Interface Properties Viewing Port PropertiesViewing Port Properties Port PropertiesThis page is left blank intentionally Aggregating Ports Click . The Lacp Parameters Settings Page opens Configuring LacpEdit the Port Priority and Lacp Timeout fields Configuring LacpLAG Membership Defining LAG MembersConfiguring VLANs Vlan Properties Defining Vlan PropertiesDefining Vlan Properties Add VlanVlan Membership Defining Vlan MembershipDefining Vlan Membership Vlan Interface Settings Defining Vlan Interface SettingsClick . The Vlan Interface Settings Page opens Defining Vlan Interface SettingsDefining Garp Configuring GarpClick . The Garp Parameters Settings Page opens Configuring GarpGvrp Parameters Defining GvrpClick . The Gvrp Parameters Settings Page opens Gvrp Parameters SettingsConfiguring Multicast VLANs Defining Vlan Groups Defining Protocol Based VLANsDefining Vlan Groups Add Protocol Group Defining Vlan Protocol Ports Click . The Vlan Protocol Port Setting Page opensClick . The Protocol Group Settings Page opens Vlan Protocol Port SettingDefining Wlan Enabling Wlan Defining Wlan System PropertiesDefining Wlan Security Defining Wlan System PropertiesClick Wlan System ESS/Security. The ESS Security Page opens Click . The Create ESS Configuration Page opens Create ESS ConfigurationESS Settings DXS/DWS 3200 Series User Guide Click Wlan System Rogues. The Wlan Rogues Page opens Viewing Wlan RoguesDXS/DWS 3200 Series User Guide Monitor Wlan Stations Viewing Wlan StationsDefining Wlan Access Points Defining Wlan Access Points Defining Wlan Access Point PropertiesWTP Edit Screen Adding a New Access pointWlan Access Point VLANs Configuring Wlan VLANsClick . The Create Wlan Template Page opens Configuring Wlan Template SettingsCreate Wlan Template Defining Wlan Radio Settings Configuring Wlan Radio SettingsClick . The Modify Radio Setting Page opens Configuring Wlan Radio SettingsClick Wlan Radio BSS Settings. The BSS Settings Page opens Defining BSS SettingsClick . The Create AP BSS Configuration Page opens Click . The Edit BSS Settings Page opens Create AP BSS ConfigurationEdit BSS Settings Wlan Radio Power Settings Defining Wlan Power SettingsDefining Wlan Viewing Wlan Statistics Viewing Access Point StatisticsViewing Wlan Statistics Wlan Radio Interface Statistics Viewing Radio Interfaces StatisticsDefining Wlan Click Wlan Monitor BSS. The BSS Information Page opens Viewing BSS StatisticsWlan Stations Statistics DXS/DWS 3200 Series User Guide Configuring IP Information Configuring IP InterfacesConfiguring IP Interfaces Click . The Add IP Interface Page opens Defining IP AddressesAdd IP Interface Click . The IP Interface Settings Page opensDefault Gateway Defining Default GatewaysClick . The Add Dhcp IP Interface Page opens Configuring DhcpAdd Dhcp IP Interface ARP Configuring ARPARP Settings Configuring Domain Name Servers Configuring Domain Name ServersDefining DNS Servers Click . The Add DNS Server Page opens RemoveDNS Host Mapping Defining DNS Host MappingAdd DNS Host Defining the Forwarding Database and Static Routes Forwarding Database Static Addresses Defining Static Forwarding Database EntriesDefining Static Forwarding Database Entries Add Forwarding DatabaseDynamic Addresses Defining Dynamic Forwarding Database EntriesDefining Dynamic Forwarding Database Entries IP Static Route Configuring RoutingConfiguring Routing DXS/DWS 3200 Series User Guide Configuring Spanning Tree STP Properties Defining Classic Spanning TreeDefining Classic Spanning Tree Select Enable in the Spanning Tree State fieldSTP Interface Defining STP on InterfacesDefining STP on Interfaces Click . The STP Interface Settings Page opensDXS/DWS 3200 Series User Guide Defining Rapid Spanning Tree Defining Rapid Spanning TreeDefining Multiple Spanning Tree Click . The Rstp Settings Page opensDefine the Region Name, Revision, and Max Hops fields Defining Multiple Spanning TreeClick . The Mstp Instance Configuration Table opens Defining Mstp Instance SettingsMstp Instance Configuration Table Mstp Interface Settings Page contains the following fields Defining Mstp Interface SettingsClick . The Mstp Interface Table opens This page is left intentionally Configuring Multicast Forwarding Igmp Snooping Defining Igmp SnoopingDefining Igmp Snooping Multicast Global Parameters SettingsMulticast Group Defining Multicast Bridging GroupsClick . The Add Multicast Group Page opens Defining Multicast Bridging GroupsMulticast Forward All Defining Multicast Forward All SettingsForbidden Defining Igmp Snooping for Multicast TV Configuring Multicast TVClick . The Add Igmp Snooping Mapping Page opens Configuring Multicast TVMulticast TV Membership Viewing Multicast TV MembersConfiguring Snmp Security Configuring SnmpSnmp v1 and v2c SnmpDefining Snmp Security Define the Local Engine ID and Use Default fieldsDefining Snmp Views Configuring Snmp SecurityAdd Snmp View Snmp Group Profile Defining Snmp Group ProfilesClick . The Add Snmp Group Profile Page opens Click . The Snmp Group Profile Settings Page opensSnmp Group Profile Settings Snmp Group Membership Defining Snmp Group MembersClick . The Add Snmp Group Membership Page opens Click . The Snmp Group Membership Settings Page opensSnmp Group Membership Settings Snmp Communities Basic Table Defining Snmp CommunitiesClick . The Add Snmp Community Page opens Snmp Communities Advanced TablesConfiguring Snmp Notifications Configuring Snmp NotificationsClick . The Snmp Community Settings Page opens Snmp Notification Properties Defining Snmp Notification Global ParametersClick . The Add Snmp Notification Filter Page opens Defining Snmp Notification FiltersAdd Snmp Notification Filter Snmp Notification Receiver Defining Snmp Notification RecipientsSNMPv1,2c Notification Recipient Click . The Add Snmp Notification Receiver Page opens SNMPv3 Notification RecipientAdd Snmp Notification Receiver Click . The Snmp Notification Receiver Settings Page opensSnmp Notification Receiver Settings This page is left blank intentionally Configuring Quality of Service Defining General QoS Settings Quality of Service OverviewCoS Services Configuring QoS General SettingsCoS Defining General QoS SettingsSelect Enable in the Quality of Service field Configure Bandwidth Settings Restoring Factory Default QoS Interface SettingsClick . The Bandwidth Settings Edit Page opens Bandwidth Settings EditSelect Strict Priority or WRR Fields Defining QueuesMapping CoS Values to Queues Configuring QoS MappingMapping Dscp Values to Queues Configuring QoS MappingDefining Policy Properties Configuring Advanced QoS SettingsMapping Dscp Values Configuring Advanced QoS SettingsTail Drop Defining Tail DroppingClass maps Creating Class MapsAdd Class Map Click . The Add Aggregated Policier Page opens Aggregating PoliciersAdd Aggregated Policier Defining Policies Defining Policy ProfilesClick . The Add QoS Policy Profile Page opens Add QoS Policy ProfilePolicy Binding Attaching Policies to InterfacesDXS/DWS 3200 Series User Guide Managing System Files File Management OverviewFile Management Overview Firmware Download Downloading System FilesDownloading System Files Configuration DownloadOpen the File Download Define the Source File Name and Destination File fieldsUpload Type Uploading System FilesSoftware Image Upload Configuration UploadUploading System Files Open the File UploadActive Image Activating Image FilesSelect Copy Configuration Restoring the Default Configuration FileSelect Restore Configuration Factory Defaults Copying FilesFile System Managing System FilesSystem Log Severity Levels Message Managing System LogsSyslog Properties Enabling System LogsEnabling System Logs Clearing Device Memory Logs Viewing the Device Memory LogsViewing the Flash Logs Clearing Flash LogsViewing the Flash Logs Click . The Add Syslog Server Page opens Defining Servers Log ParametersDefining Servers Log Parameters Add Syslog ServerThis page is left blank intentionally Managing Device Diagnostics Port Mirroring Configuring Port MirroringClick . The Add Port Mirroring Page opens Configuring Port MirroringClick . The Port Mirroring Settings Page opens Port Mirroring SettingsViewing Integrated Cable Tests Viewing Integrated Cable TestsDXS/DWS 3200 Series User Guide Viewing Optical Transceivers Viewing Optical TransceiversOptical Transceivers Page contains the field CPU Utilization Viewing the CPU UtilizationConfiguring System Time Configuring Daylight Savings TimeConfiguring Daylight Savings Time Click System General Time. The Time Page opens Time Define the Date, Local Time and Time Zone Offset fields Configuring Sntp Configuring SntpPolling for Unicast Time Information Polling for Anycast Time InformationSntp Properties Defining Sntp Global SettingsDefining Sntp Global Settings Sntp Authentication Defining Sntp AuthenticationClick . The Section Add Sntp Authentication page opens Defining Sntp AuthenticationClick System Sntp Servers. The Sntp Servers Page opens Defining Sntp ServersClick . The Add Sntp Server Page opens Defining Sntp ServersClick . The Add Sntp Interface Page opens Defining Sntp Interface SettingsDefine the Interface and Receive Server Updates fields Defining Sntp Interface SettingsThis page is left blank intentionally Viewing Statistics Viewing Interface StatisticsViewing Interface Statistics Receive Statistics Viewing Device Interface StatisticsResetting Interface Statistics Counters Transmit StatisticsOpen the Interface Statistics Port Utilization Viewing Port Utilization StatisticsEtherlike Statistics Viewing Etherlike StatisticsOpen the Etherlike Statistics Resetting Etherlike Statistics CountersGvrp Statistics Viewing Gvrp StatisticsOpen the Gvrp Statistics Resetting Gvrp Statistics CountersEAP Statistics Viewing EAP StatisticsDXS/DWS 3200 Series User Guide Managing Rmon Statistics Managing Rmon StatisticsRmon Statistics Viewing Rmon StatisticsOpen the Rmon Statistics Resetting Rmon Statistics CountersDefining Rmon History Control Configuring Rmon HistoryClick . The Rmon History Control Settings Page opens Rmon History Control SettingsRmon History Table Viewing the Rmon History TableViewing Statistics Defining Rmon Events Control Configuring Rmon EventsViewing Statistics Rmon Events Logs Viewing the Rmon Events LogsClick Advanced Setup Rmon Alarm. The Rmon Alarm Page opens Defining Rmon AlarmsAdd Alarms Entry Appendix A, Wlan Country Settings Czech CyprusRepublic GermanyAppendix A, Wlan Country Settings Israel E q u e n c y R a n g e IrelandIndia IcelandKorea E q u e n c y R a n g eLithuania LuxembourgNew Zealand NorwayPhilippines PolandSingapore E q u e n c y R a n g e SwedenSlovenia SlovakE q u e n c y R a n g e United States AmericaSouth Africa Appendix B, Device Specifications & Features Hardware SpecificationsAppendix B, Device Specifications & Features A t u r e S c r i p t i o n DXS-3227, DXS-3227P, and DXS-3250 FeaturesLacp Active underlying Spanning Tree Protocol Features topologyMedia-Dependent Interface with Crossover Mdix MDI/MDIX SupportSimple Network Management Protocol Snmp over the UDP/IP Security Global ParametersSntp Based on either the Vlan tag or based on a combination This page is left blank intentionally Appendix B, Troubleshooting Appendix B, TroubleshootingProblem Management Troubleshooting SolutionsProblems Possible Cause Solution Troubleshooting Solutions Console #reload Contacting D-Link Technical Support Contacting D-Link Technical SupportDXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Contacting D-Link Technical Support DXS/DWS 3200 Series User Guide Warranty WarrantyDXS/DWS 3200 Series User Guide Warranty DXS/DWS 3200 Series User Guide Product Registration Product RegistrationDXS/DWS 3200 Series User Guide International Offices International Offices