![D-Link DES-1228/ME [174/267] X host based access control](/img/pdf.png)
D-Link DES-1228/ME [174/267] X host based access control
![D-Link DES-1228/ME [174/267] X host based access control](/views2/1013273/page174/bgae.png)
DES-1228/ME Layer 2 Fast Ethernet Managed Switch
161
802.1X Host-based Access Control
Figure 10-19. Example of Typical Host-Based Configuration
In order to successfully make use of 802.1X in a shared media LAN segment, it would be necessary to create “logical” Ports, one
for each attached device that required access to the LAN. The Switch would regard the single physical Port connecting it to the
shared media segment as consisting of a number of distinct logical Ports, each logical Port being independently controlled from
the point of view of EAPOL exchanges and authorization state. The Switch learns each attached devices’ individual MAC
addresses, and effectively creates a logical Port that the attached device can then use to communicate with the LAN via the
Switch.
NOTE: To enable Host-based 802.1X, select the MAC-based option in the Switch 802.1X field in
the Device Information window.
RADIUS Attributes Assignment
To assign Ingress/Egress bandwidth by RADIUS server, the proper parameters should be configured on the RADIUS Server. The
tables below show the parameters for bandwidth and default priority:
The parameters of the Vendor-Specific attribute are:
Vendor-Specific attribute Description Value Usage
Vendor-ID Defines the vendor 171 (DLINK) Required
Vendor-Type
The definition of this
attribute
2 (for ingress bandwidth)
3 (for egress bandwidth)
Required
Содержание
- Des 1228 me 1
- User manual 1
- Copyright 2009 all rights reserved 2
- ________________________________________________________________________________________________________ 2
- Connecting the switch 10 3
- Installation 7 3
- Introduction 1 3
- Introduction to switch management 12 3
- Table of contents 3
- Web based switch configuration 18 3
- Administration 22 4
- Acl 127 5
- Cos 113 5
- L2 features 68 5
- Monitoring 185 6
- Security 143 6
- Cable lengths 229 7
- Glossary 230 7
- System log entries 218 7
- Technical specifications 214 7
- Warranties tech support registration 232 7
- Preface 8
- Intended readers 9
- Notes notices and cautions 9
- Typographical conventions 9
- Safety cautions 10
- Safety instructions 10
- General precautions for rack mountable products 11
- Protecting against electrostatic discharge 12
- Des 1228 me 13
- Des 1228 me switch description 13
- Features 13
- Front panel description 13
- Installing sfp ports 13
- Introduction 13
- Led indicators 13
- Rear panel description 13
- Section 1 13
- Side panel description 13
- Des 1228 me layer 2 fast ethernet managed switch 14
- Efficient self learning and address recognition mechanism enables forwarding rate at wire speed 14
- Full and half duplex for both 10mbps and 100mbps connections full duplex allows the switch port to simultaneously transmit and receive data it only works with connections to full duplex capable end stations and switches connections to a hub must take place at half duplex 14
- High performance switching engine performs forwarding and filtering at wire speed maximum 14 881 packets sec on each 10mbps ethernet port maximum 148 810 packet sec on 100mbps fast ethernet port and 1 488 100 for each gigabit port 14
- Ieee 802 10base t compliant 14
- Ieee 802 p priority queues 14
- Ieee 802 u 100base tx compliant 14
- Ieee 802 x flow control in full duplex mode 14
- Non blocking store and forward switching scheme capability to support rate adaptation and protocol conversion 14
- Provides parallel led display for port status such as link act speed etc 14
- Rfc2674 for 802 p 8 ieee 802 x mib 14
- Rs 232 dce console port for switch management 14
- Support broadcast multicast storm control 14
- Supports by port egress ingress rate control 14
- Led indicators 16
- Des 1228 me 17
- Front panel description 17
- Rear panel description 17
- Side panel description 17
- Gigabit combo ports 18
- Installing the sfp ports 19
- Before you connect to the network 20
- Installation 20
- Installing the switch without the rack 20
- Package contents 20
- Power on 20
- Rack installation 20
- Section 2 20
- Installing the switch in a rack 21
- Installing the switch without the rack 21
- Mounting the switch in a standard 19 rack 22
- Power failure 22
- Power on ac power 22
- Connecting the switch 23
- Connecting to network backbone or server 23
- Section 3 23
- Switch to end node 23
- Switch to hub or switch 23
- Switch to hub or switch 24
- Command line console interface through the serial port 25
- Connecting the console port rs 232 dce 25
- First time connecting to the switch 25
- Introduction to switch management 25
- Ip address assignment 25
- Management options 25
- Managing user accounts 25
- Password protection 25
- Section 4 25
- Snmp based management 25
- Snmp settings 25
- Web based management interface 25
- First time connecting to the switch 27
- Password protection 27
- Snmp settings 28
- Ip address assignment 29
- Basic setup 31
- Basic switch setup 31
- Igmp snooping status 31
- Introduction 31
- Login to web manager 31
- Network management 31
- Network monitoring 31
- Reboot 31
- Section 5 31
- Switch utilities 31
- Web based switch configuration 31
- Web based user interface 31
- Area 3 32
- Areas of the user interface 32
- Web based user interface 32
- Web pages 34
- Administration 35
- Cable diagnostics 35
- Dhcp bootp relay 35
- Forwarding filtering 35
- Ip address 35
- Log settings 35
- Mac notification settings 35
- Multiple image services 35
- Ping test 35
- Port configuration 35
- Port mirroring 35
- Safeguard engine 35
- Section 6 35
- Smtp service 35
- Snmp manager 35
- Sntp settings 35
- System log settings 35
- Tftp services 35
- User accounts 35
- Device information 36
- Ip address 38
- Setting the swith s ip address using the console interface 40
- Port configuration 41
- Port settings 41
- Port description 43
- Port error disabled 43
- Dhcp bootp relay 45
- Dhcp bootp relay global settings 45
- The implementation of dhcp information option 82 in the des 1228 me switches 47
- Dhcp bootp relay interface settings 48
- Dhcp local relay settings 48
- User accounts 50
- Cable diagnostics 52
- Port mirroring 54
- System log settings 55
- Log settings 57
- Sntp settings 58
- Time settings 58
- Time zone and dst 59
- Global settings 61
- Mac notification settings 61
- Port settings 61
- Tftp services 62
- Config firmware image 63
- Firmware information 63
- Multiple image services 63
- Ping test 64
- Safeguard engine 64
- Snmp manager 67
- Snmp settings 67
- Snmp traps settings 68
- Snmp user table 68
- Snmp view table 70
- Snmp group table 71
- Snmp community table configuration 72
- Snmp host table 73
- Forwarding filtering 74
- Snmp engine id 74
- Unicast forwarding 74
- Multicast forwarding 75
- Multicast filtering mode 77
- Smtp service 78
- Smtp server settings 79
- Smtp service 79
- Ieee 802 q vlans 81
- Igmp snooping 81
- L2 features 81
- Loopback detection 81
- Notes about vlans on the switch 81
- Section 7 81
- Spanning tree 81
- Trunking 81
- Q vlan tags 82
- Default vlans 83
- Ingress filtering 83
- Tagging and untagging 83
- Vlan segmentation 84
- Asymmetric vlans 85
- Static vlan entry 85
- Vlan and trunk groups 85
- Gvrp settings 88
- Vlan trunk settings 90
- Trunking 91
- Lacp port settings 92
- Link aggregation 92
- Igmp snooping 94
- Router ports settings 96
- Dynamic ip multicast learning 98
- Ism vlan settings 99
- Restrictions and provisos 99
- Q mstp 101
- Spanning tree 101
- W rapid spanning tree 101
- D 802 w 802 s compatibility 102
- Edge port 102
- P2p port 102
- Port transition states 102
- Regulations and restrictions for the loopback detection function 103
- Setting the loopback timer 103
- Stp bridge global settings 103
- Stp loopback prevention 103
- Stp port settings 107
- Mst configuration identification 109
- Stp instance settings 111
- Mstp port information 112
- Loopback detection settings 114
- Lldp global settings 115
- Basic lldp port settings 117
- Extension lldp port settings 118
- Extension lldp port settings 120
- Lldp management address settings 122
- Lldp statistics 123
- Lldp local port table 124
- Lldp management address table 124
- Lldp remote port table 125
- Advantages of cos 126
- Cos output scheduling 126
- Cos scheduling mechanism 126
- Dscp priority settings 126
- Mac priority 126
- P default priority 126
- P user priority 126
- Port bandwidth 126
- Port mapping priority settings 126
- Priority settings 126
- Section 8 126
- Tos priority settings 126
- Understanding ieee 802 p priority 126
- Understanding cos 127
- Port bandwidth 129
- P default priority 130
- Cos scheduling mechanism 132
- P user priority 132
- Cos output scheduling 133
- Priority settings 134
- Tos priority settings 136
- Dscp priority settings 137
- Port mapping priority settings 138
- Mac priority 139
- Access profile table 140
- Cpu interface filtering 140
- Section 9 140
- Cpu interface filtering 148
- Cpu interface filtering profile table 148
- Cpu interface filtering state 148
- Access authentication control 156
- Ip mac port binding 156
- Port lock entries 156
- Port security 156
- Section 10 156
- Security 156
- Traffic control 156
- Traffic segmentation 156
- Trusted host 156
- Port security 160
- Port lock entries 161
- Imp global settings 162
- Imp port settings 162
- Ip mac port binding 162
- Imp entry settings 164
- Mac block list 165
- Ssh server configuration 166
- Ssh authentication mode and algorithm settings 167
- Ssh user authentication 169
- X port based and host based access control 170
- Authentication server 171
- Authenticator 171
- Authentication process 172
- Client 172
- Understanding 802 x port based and host based access control 172
- X port based access control 173
- Radius attributes assignment 174
- X host based access control 174
- Guest vlans 175
- Limitations using the guest vlan 176
- X authenticator settings 177
- Local users 180
- Configure 802 x guest vlan 181
- X capability settings 181
- Radius server 182
- Access authentication control 184
- Trusted host 184
- Application authentication settings 186
- Authentication policy and parameter settings 186
- Authentication server group 187
- Authentication server host 188
- Login method lists 191
- Enable method lists 192
- Configure local enable password 195
- Enable admin 195
- Traffic segmentation 196
- Cpu utilization 198
- Monitoring 198
- Port access control 198
- Section 11 198
- Port utilization 199
- Packets 200
- Received rx 201
- Umb cast rx 203
- Transmitted tx 205
- Packet errors 207
- Received rx 207
- Transmitted tx 209
- Packet size 211
- Mac address 213
- Switch log 215
- Igmp snooping group 216
- Browse router port 217
- Vlan status 217
- Arp fdb 218
- Static arp settings 218
- Gratuitous arp settings 220
- Port access control 221
- Radius authentication 221
- Session table 221
- Radius accounting 223
- Reboot system 225
- Save changes 225
- Logout 226
- Appendix a 227
- Technical specifications 227
- Appendix b 231
- System log entries 231
- Proprietary trap list 240
- Standard trap list 240
- Proprietary trap list project dependent 241
- Appendix c 242
- Cable lengths 242
- Appendix d 243
- Glossary 243
- For detailed warranty information applicable to products purchased outside the united states please contact the corresponding local d link office 246
- Product registration 247
- Limited warranty exclude usa europe china and taiwan 248
- Fcc warning 250
- Information or data contained in stored on or integrated with any product returned to d link for warranty service resulting from the use of the product relating to warranty service or arising out of any breach of this limited warranty even if d link has been advised of the possibility of such damages the sole remedy for a breach of the foregoing limited warranty is repair replacement or refund of the defective or non conforming product governing law this limited warranty shall be governed by the laws of the state of singapore trademarks d link is a registered trademark of d link corporation d link international ptd ltd all other trademarks belong to their respective proprietors copyright statement no part of this publication may be reproduced in any form or by any means or used to make any derivative such as translation transformation or adaptation without permission from d link corporation d link international ptd ltd 250
- This equipment has been tested and found to comply with the limits for a class a digital device pursuant to part 15 of the fcc rules these limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment this equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with this manual may cause harmful interference to radio communications operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense 250
- Tech support 251
- Tech support for customers within canada 251
- Tech support for customers within the united states 251
- Technical support 251
- Technical support 252
- Technische unterstützung 252
- Asistencia técnica 253
- Assistance technique 253
- Supporto tecnico 253
- Technical support 253
- Pomoc techniczna 254
- Technická podpora 254
- Technikai t á mogat á s 254
- Teknisk support 254
- Assist ê ncia t é cnica 255
- Teknisk support 255
- Teknist ä tukea asiakkaille suomessa 255
- Τεχνική υποστήριξη 255
- Suport tehnica 256
- Tehni č na podpora 256
- Tehnička podrška 256
- Technical support 257
- Tech support for customers in 258
- Technical support 258
- You can find software updates and user documentation on the d link website 258
- Техническая поддержка 259
- Soporte técnico 260
- Soporte técnico a través de los siguientes teléfonos de d link 260
- Soporte técnico de d link a través de internet 260
- Soporte técnico para usuarios en latino america 260
- Usted puede encontrar actualizaciones de softwares o firmwares y documentación para usuarios a través de nuestro sitio www dlinkla com 260
- Www dlinkla com e mail soporte dlinkla com consultas dlinkla com 260
- Suporte t é cnico para clientes no brasil 261
- Suporte técnico 261
- D link 友訊科技 台灣分公司 技術支援資訊 262
- Dukungan teknis 263
- Dukungan teknis d link melalui internet 263
- Dukungan teknis d link melalui telepon 263
- Dukungan teknis untuk pelanggan 263
- Email support dlink co id 263
- Tel 62 21 5731610 263
- Update perangkat lunak dan dokumentasi pengguna dapat diperoleh pada situs web d link 263
- Website http support dlink co id 263
- Technical support 264
- Url http www dlink jp com 264
- この度は弊社製品をお買い上げいただき 誠にありがとうご ざいます 下記弊社 web サイトからユーザ登録及び新製品登録を 行っていただくと ダウンロードサービスにて サポート情報 ファームウェア ユーザマニュアルを ダウンロードすることができます 264
- ディーリンクジャパン web サイト 264
- 技术支持 265
- All countries and regions excluding usa 266
- Registration card 266
Похожие устройства
- Champion SH250 Инструкция по эксплуатации
- Бирюса 200 НК Инструкция по эксплуатации
- Yamaha MW8CX Инструкция по эксплуатации
- Horizont 20MW800-1378 Инструкция по эксплуатации
- D-Link DGS-3312SR Инструкция по эксплуатации
- LG LH-T3635X Инструкция по эксплуатации
- Akai TN-3306P Инструкция по эксплуатации
- Viking GE 345 Инструкция по эксплуатации
- Electrolux EMS 20405 X Инструкция по эксплуатации
- D-Link DNS-1100-04 Инструкция по эксплуатации
- LG LH-T3630X Инструкция по эксплуатации
- Akai TN-3245P Инструкция по эксплуатации
- Yamaha EMX-212S Инструкция по эксплуатации
- Craftsman 29802 Инструкция по эксплуатации
- Elenberg MGC-9025D Инструкция по эксплуатации
- LG LH-T3605X Инструкция по эксплуатации
- Yamaha EMX-312SC Инструкция по эксплуатации
- Akai TN-3174P Инструкция по эксплуатации
- D-Link DNS-1200-05 Инструкция по эксплуатации
- Patriot -Garden T 6,5/800 FB PG California Инструкция по эксплуатации
Скачать
Случайные обсуждения