xStack® DGS-3620 Series Layer 3 Managed Stackable Gigabit Switch CLI Reference Guide
1164
A tag field of greater than 0x1F is
interpreted as the first octet of the
following field.
Others
(0x00, 0x03 ~
0x1F, >0x1F)
1. When the switch receives the
VLAN setting string, it will think it is
the VLAN ID first. In other words, the
switch will check all existed VLAN ID
and check if there is one matched.
2. If the switch can find one
matched, it will move to that VLAN.
3. If the switch can not find the
matched VLAN ID, it will think the
VLAN setting string as a “VLAN
Name”.
4. Then it will check that it can find
out a matched VLAN Name.
If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3) and the
802.1X, or MAC-based Access Control, or WAC/JWAC authentication is successful, the port will
be assigned to VLAN 3. However if the user does not configure the VLAN attributes, when the port
is not guest VLAN member, it will be kept in its current authentication VLAN, and when the port is
guest VLAN member, it will be assigned to its original VLAN.
To assign ACL by RADIUS Server, the proper parameters should be configured on the RADIUS
Server. The table below shows the parameters for an ACL.
The parameters of the Vendor-Specific Attribute are:
12 (for ACL profile)
13 (for ACL rule)
Used to assign the ACL
profile or rule.
ACL Command
For example:
ACL profile: create
access_profile
ethernet vlan 0xFFF
profile_id 100;
ACL rule: config
access_profile
profile_id 100 add
access_id
auto_assign ethernet
vlan_id default port
all deny;
If the user has configured the ACL attribute of the RADIUS server (for example, ACL profile:
create access_profile ethernet vlan 0xFFF profile_id 100; ACL rule: config access_profile
profile_id 100 add access_id auto_assign ethernet), and the 802.1X or MAC-based Access
To Next Page
Loading...
