Manualshelf

User`s manual

ManualsBrandsD-Link ManualsComputer equipmentDWL-8220AP - AirPremier Wireless Switch Dualband Access Point
291292293294295296297298299300
294
DWS-1008 User’s Manual
D-Link Systems, Inc.
Conguring AAA for Network Users
Conguring Access for Any Users of a Non-Tagged SSID
If SSID trafc from the third-party AP is untagged, use the same conguration commands
as the ones required for 802.1X users, except the set radius proxy port command. This
command is not required and is not applicable to untagged SSID trafc. In addition, when
conguring the wired authentication port, use the auth-fall-thru option to change the fallthru
authentication type to last-resort.
On the RADIUS server, congure username last-resort-wired, depending on the fallthru
authentication type specied for the wired authentication port.
Assigning Authorization Attributes
Authorization attributes can be assigned to users in the local database or on remote servers.
The attributes, which include access control list (ACL) lters, VLAN membership, encryption
type, session time-out period, and other session characteristics, let you control how and
when users access the network. When a user or group is authenticated, the local database
or RADIUS server passes the authorization attributes to MSS to characterize the user’s
session.
The VLAN attribute is required. MSS can authorize a user to access the network only if the
VLAN to place the user on is specied.
The table below lists the authorization attributes supported by MSS. (For brief descriptions
of all the RADIUS attributes and D-link vendor-specic attributes supported by MSS, as well
as the vendor ID and types for D-link VSAs congured on a RADIUS server, see Appendix B,
“Supported RADIUS Attributes”).