DGS-3000 Series Layer 2 Managed Gigabit Switch CLI Reference Guide
726
Used to assign the 802.1p default
priority of the port.
If the user has configured the 802.1p priority attribute of the RADIUS server (for example, priority 7)
and the 802.1X, or MAC-based authentication is successful, the device will assign the 802.1p
default priority (according to the RADIUS server) to the port. However, if the user does not
configure the priority attribute and authenticates successfully, the device will not assign a priority to
this port. If the priority attribute is configured on the RADIUS server is a value out of range (>7), it
will not be set to the device.
To assign VLAN by RADIUS Server, the proper parameters should be configured on the RADIUS
Server. To use VLAN assignment, RFC3580 defines the following tunnel attributes in RADIUS
packets.
The table below shows the parameters for a VLAN:
This attribute indicates the tunneling
protocol(s) to be used (in the case of a
tunnel initiator) or the tunneling protocol
in use (in the case of a tunnel
This attribute indicates the transport
medium being used.
This attribute indicates group ID for a
particular tunneled session.
If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3) and the
802.1X, or MAC-based Access Control authentication is successful, the port will be added to VLAN
3. However, if the user does not configure the VLAN attribute and authenticates successfully, the
port will be kept in its original VLAN. If the VLAN attribute configured on the RADIUS server does
not exist, the port will not be assigned to the requested VLAN.
To assign ACL by RADIUS Server, the proper parameters should be configured on the RADIUS
Server. The table below shows the parameters for an ACL.
The parameters of the Vendor-Specific Attribute are:
12 (for ACL profile)
13 (for ACL rule)
For example:
ACL profile: create
access_profile profile_id 1
To Next Page
Loading...
