xStack® DGS-3120 Series Layer 3 Managed Gigabit Ethernet Switch Web UI Reference Guide
496
Tunnel-Private-Group-ID This attribute indicates group ID for a particular tunneled
A string (VID) Required
A summary of the Tunnel-Private-Group-ID Attribute format is shown below.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Tag | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The table below shows the definition of Tag field (different with RFC 2868):
Tag field value String field format Note
A tag field of greater than 0x1F is
interpreted as the first octet of the
following field.
Others
(0x00, 0x03 ~
0x1F, >0x1F)
1. When the switch receives the VLAN
setting string, it will think it is the VLAN ID
first. In other words, the switch will check
all existed VLAN ID and check if there is
one matched.
2. If the switch can find one matched, it
will move to that VLAN.
3. If the switch can not find the matched
VLAN ID, it will think the VLAN setting
string as a “VLAN Name”.
4. Then it will check that it can find out a
If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3) and the 802.1X, or MAC-
based Access Control authentication is successful, the port will be added to VLAN 3. However, if the user does not
configure the VLAN attribute and authenticates successfully, the port will be kept in its original VLAN. If the VLAN
attribute configured on the RADIUS server does not exist, the port will not be assigned to the requested VLAN.
To assign ACL by RADIUS Server, the proper parameters should be configured on the RADIUS Server. The table
below shows the parameters for an ACL.
The parameters of the Vendor-Specific Attribute are:
Vendor-ID Defines the vendor. 171 (DLINK) Required
Vendor-Type Defines the attribute. 12 (for ACL profile)
Required
Attribute-Specific Field Used to assign the ACL profile
or rule.
ACL Command
For example:
ACL profile: create access_profile
profile_id 6 profile_name 1 ethernet
vlan 0xFFF;
ACL rule: config access_profile
profile_id 6 add access_id
auto_assign ethernet vlan_id 1 port
Required
If the user has configured the ACL attribute of the RADIUS server (for example, ACL profile: create
access_profile profile_id 6 profile_name 1 ethernet; ACL rule: config access_profile profile_id 6 add