1. Home
    2. /
  2. Manuals
    3. /
  3. D-Link
    4. /
  4. DSA-3200
    5. /
  5. 9
Page 41 / 113 Scroll up to view Page 36 - 40
DSA-3200 Wireless Service Gateway User Manual
40
Trans Full Name:
Select whether or not the DSA-3200 will transfer the entire
username or a partial username to the RADIUS server for authentication.
Enable:
ID and postfix will transfer to RADIUS server for authentication.
Disable:
Only ID will transfer to RADIUS server for authentication.
Server IP:
Enter the appropriate IP Address or Fully Qualified Domain Name of the
RADIUS server to be used to authenticate user accounts.
Authentication Port:
The TCP Port that will be used to authenticate users through the
RADIUS server.
Accounting Port:
The TCP Port that will be used to communicate accounting
information to the RADIUS server.
Secret Key:
This shared secret should be configured on both the RADIUS server and
RADIUS client (DSA-3200). The shared secret assures only the RADIUS server and
client can decipher each message.
Accounting Service:
Enabling this feature tells the DSA-3200 to report account
usage statistics to the RADIUS server for each authenticated user that is connected to
the DSA-3200.
Authentication Method:
Choose between CHAP or PAP as the authentication
protocol between the RADIUS Server and Client. In general CHAP is more secure.
Layer 2 Authentications
:
±
Disable:
All authentications will be performed at Layer 3, after the client has
already joined the network.
Page 42 / 113
DSA-3200 Wireless Service Gateway User Manual
41
±
802.1x:
Clients will be unable to join the network until they have been granted
access via successful completion of the 802.1x authentication and accounting
mechanism.
Authentication Server IP:
IP address or FQDN of the server performing User
Authentication Services (can consist of username/password, TLS, etc.).
Authentication Port:
The TCP Port that will be used to authenticate users through the
Authentication server.
Secret Key (Authentication Server):
This shared secret should be configured on
both the Authentication server and Authenticator client (DSA-3200). The shared secret
assures only the Authentication server and client can decipher each message.
Accounting Service:
Click to enable the accounting service.
Page 43 / 113
DSA-3200 Wireless Service Gateway User Manual
42
Accounting Server IP:
Enter the appropriate IP Address or Fully Qualified Domain
Name of the Authentication server to be used to authenticate potential users.
Accounting Port:
The TCP Port that will be used to communicate accounting
information to the Accounting server.
Secret Key (Accounting Server):
This shared secret should be configured on both
the Accounting server and Accounting client (DSA-3200).
Assign to Group:
Users that are authenticated through 802.1x will be assigned the
permissions of the selected group.
±
WPA w/802.1x:
Also known as WPA-EAP, this is a wireless extension of 802.1x
Port Based Authentication.
Group Re-key Time:
Time interval for re-keying broadcast/multicast keys in seconds.
Caution:
Layer 2 authentication mechanisms override any Layer 3 (local user or
RADIUS) mechanisms already configured making them null and void
.
Page 44 / 113
DSA-3200 Wireless Service Gateway User Manual
43
±
WPA-PSK:
Supports WPA-Personal, only requiring users to provide a PSK.
PSK (Pre Shared Key):
This key should be a random sequence of Hexadecimal
characters (upper or lowercase letters and numbers) 64 Characters in length.
Pass-phrase:
Alternatively the Administrator may choose a pass-phrase that will be
used to generate the Pre-Shared Key making user configurations much more
manageable. Enter anywhere from 8 to 63 Alphanumeric characters (including
symbols and white space) to be used by clients to join the network.
Page 45 / 113
DSA-3200 Wireless Service Gateway User Manual
44
4.2.2 Group Configuration
The DSA-3200 provides the ability to configure 2 separate user groups enabling
separate permissions to be assigned to the same user pool. Each user group may be
assigned a specific Firewall profile, time schedule profile, and/or bandwidth maximum.
These permissions will apply to all users assigned to the corresponding group number.
Group Name:
Friendly name to help identify the privileges of the associated user.
Firewall Profile:
A specific firewall profile may be assigned to a user group to allow
differentiated access privileges between groups.
Click the Edit Hyperlink to manage
the Firewall Profiles after all other changes have been applied.
Schedule Profile:
A specific Schedule profile may be assigned to a user group to
allow differentiated timed access privileges between groups.
Click the Edit Hyperlink
to manage the Schedule Profiles after all other changes have been applied.
Bandwidth:
Select the maximum Bandwidth that the corresponding user group will be
able to utilize. Keep in mind that this configures the Ceiling Bandwidth.
±
Firewall Profiles - Edit
The DSA-3200 provides a single Global and 2 custom firewall profiles. The Global
policy will affect all users, whereas the other policies will only affect those user groups
to which they are assigned.

Rate

4 / 5 based on 1 vote.

Popular D-Link Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top