D-Link DES-6500 Router Manual PDF (Setup & Configuration Guide)

Page 86 / 216 Scroll up to view Page 81 - 85

D-Link DES-6500 Layer 3 Stackable Gigabit Ethernet Switch

68

Figure 4- 37. Access Profile Configuration (IP)

The following parameters can be set:

Parameter

Description

Profile ID(1-8)

Type in a unique identifier number for this profile set. This value can be set

from 1 – 8.

Type

Select profile based on Ethernet (MAC Address) or IP address. This will

change the menu according to the requirements for the type of profile.

Select Ethernet to instruct the switch to examine the layer 2 part of each

packet header. Select IP to instruct the switch to examine the IP address in

each frame’s header.

Vlan

Selecting this option instructs the switch to examine the VLAN part of each

packet header and use this as the, or part of the criterion for forwarding.

Source IP Mask

Source IP Mask - Enter an IP address mask for the source IP network

address.

Destination IP Mask

Destination IP Mask - Enter an IP address mask for the destination IP

network address.

Dscp

Selecting this option instructs the switch to examine the DiffServ Code part

of each packet header and use this as the, or part of the criterion for

forwarding.

Page 87 / 216

D-Link DES-6500 Layer 3 Stackable Gigabit Ethernet Switch

69

Protocol

Selecting this option instructs the switch to examine the protocol type value

in each frame’s header. You must then specify what protocol(s) to include

according to the following guidelines:

Select

ICMP

to instruct the switch to examine the Internet Control Message

Protocol (ICMP) field in each frame’s header.

Select

Type

to further specify that the access profile will apply an ICMP

type value, or specify

Code

to further specify that the access profile will

apply an ICMP cod value.

Select

IGMP

to instruct the switch to examine the Internet Group

Management Protocol (ICMP) field in each frame’s header.

Select

Type

to further specify that the access profile will apply an IGMP

type value

Select

TCP

to use the TCP port number contained in an incoming packet

as the forwarding criterion. Selecting TCP requires that you specify a

source port mask and/or a destination port mask.

src port mask

−

Specify a TCP port mask for the source port in hex form

(hex 0x0-0xffff).

dest port mask

−

Specify a TCP port mask for the destination port in hex

form (hex 0x0-0xffff).

Select

UDP

to use the UDP port number contained in an incoming packet

as the forwarding criterion. Selecting UDP requires that you specify a

source port mask and/or a destination port mask.

src port mask

−

Specify a TCP port mask for the source port in hex form

(hex 0x0-0xffff).

dest port mask

−

Specify a TCP port mask for the destination port in hex

form (hex 0x0-0xffff).

protocol id

−

Specify a Layer 4 port mask for the destination port in hex

form (hex 0x0-0xffffffff).

To modify the rule for a previously created Access Profile:

In the

Configuration

folder, click the

Access Profile Table

link opening the

Access Profile

Table

. Under the heading

Access Rule

, click

Modify

.

This will open the following window.

Figure 4- 38. Access Rule Table window

If you want to modify an access rule, click the Modify button.

This will open the following

screen (for IP access profiles

−

a corresponding screen will be opened for Ethernet profiles):

Page 88 / 216

D-Link DES-6500 Layer 3 Stackable Gigabit Ethernet Switch

70

Figure 4- 39. Access Rule Configuration window

−

Modify

To modify a rule set for the access profile enter the new settings in the appropriate fields.

This screen is the only place you can specify whether a rule will Permit or Deny access.

Click

the Apply button to make the changes current.

Remember to Save the settings to the switch’s

NV-RAM.

Configure the following

Access Rule Configuration

settings:

Parameter

Description

Profile ID

This is the identifier number for this profile set.

Access ID

Type in a unique identifier number for this access. This value can be set

from 1 – 50.

Permit/Deny

Specify if packets that match this Access profile will be permitted or denied

access.

Type

Select profile based on Ethernet (MAC Address) or IP address. This will

change the menu according to the requirements for the type of profile.

Select Ethernet to instruct the switch to examine the layer 2 part of each

packet header. Select IP to instruct the switch to examine the layer 3 (IP

address) in each frame’s header.

Priority (0-7)

This instructs the switch to examine the priority tag of incoming packets to

determine if they match the value specified.

The replace priority click-box

instructs the switch to replace the 802.1p priority tag with a DSCP value,

as specified below.

Replace Dscp (0-63)

Selecting this option instructs the switch to replace the DiffServ Code part

of each packet header that meets the criteria of this access profile with the

specified value, if the

replace priority

click-box is clicked (above).

Page 89 / 216

D-Link DES-6500 Layer 3 Stackable Gigabit Ethernet Switch

71

Vlan Name

This instructs the switch to examine the VLAN tag in the header of

incoming packets to determine if they meet the specified name.

Source IP

Source IP Mask - Enter an IP address mask for the source IP network

address.

Destination IP

Destination IP Mask - Enter an IP address mask for the destination IP

network address.

Dscp (0-63)

Selecting this option instructs the switch to examine the DiffServ Code part

of each packet header and use this as the, or part of the criterion for

forwarding.

Protocol

Protocol ID

User define

This allows you to specify a value

−

in hex

−

that the switch will compare

with the value in the Protocol field in the header of incoming packets.

If the

switch finds a match, then the actions specified in this access profile will be

taken.

Page 90 / 216

D-Link DES-6500 Layer 3 Stackable Gigabit Ethernet Switch

72

Configuring The Port Access Entity

802.1X Port-based Network Access Control

The Switch is an implementation of the server side of IEEE 802.1X-Port Based Network

Access Control. Through this mechanism, users have to be authorized before being able to

access the network. See the following figure:

Figure 4- 40. Typical 802.1X Configuration Prior to User Authentication

Once the user is authenticated, the switch unblocks the port that is connected to the user as

shown in the next figure.

Rate

Popular D-Link Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share