3

1

The DSA-5100 supports

RADIUS Client to work

with an existing RADIUS

server.(Primary is

required;

Secondary is

optional.)

802.1X Authentication:

Select to enable 802.1X

(in conjunction with a

switch

or AP that supports

802.1X).

Click

Edit

to enter

into the

edit interface of

802.1X.

Trans Full Name:

Enable:

ID and postfix will

transfer to the RADIUS

server for authentication

,

e.g., user@postfix1.

Disable:

Only the ID will transfer to the RADIUS server for authentication. (e.g., user).

Class Configuration: Configuration reads parameters from a configuration file and returns

their values on demand. Set the Max Bandwidth and Request Bandwidth, and assign

group for every class.

Server IP:

P

rovide

the RADIUS server IP Address or Domain

Name.

Authentication Port:

The authentication port for the RADIUS server.

Accounting Port:

The port reading the accounting information.

Secret Key:

This is for encryption and decryption

,

m

ust be configured on both

RADIUS Server and DSA-5100.

Accounting Service:

Select to enable the accounting service (optional).

Using the Configuration Utility (continued)

Authentication Methods > POP3

If a POP3 Server is used for

user authentication, select

POP3 in the interface

shown here. The setup for

the primary server or the

secondary server (optional)

is available. Enter the IP

address or domain name of

the Primary POP3 Server

and its Primary POP3

Server port. Click

Apply

to

enable the setting.

Enable SSL Connection:

If you select this option, the authentication will be done by

POP3 Protocol with SSL Username/Password encryption.

Authentication Methods > RADIUS

32

Using the Configuration Utility (continued)

Authentication Methods > LDAP

You may configure a

primary

and a

secondary server for

LDAP authentication.

If you

select the

LDAP authentication

method, type in the IP

Address

(Domain

Name), Port number,

the Base

DN Data of

LDAP Server,

and

select one of the

Account

Attribute Type.

If you

want to

access the

data from some

LDAP servers which need to

be authenticated,

you have to

enter the

username

and

pass-

word

in the

"Bind RDN"

and

"Bind Password"

fields, or

check

"Anonymous Bind"

to just access the LDAP

servers which don't need to

be authenticated. Click

Apply

to save the changes.

Authentication Methods > NT Domain

Server IP Address:

Enter the IP address of the Domain Controller Server.

Transparent Login:

Select

Enable

or

Disable

.

Assign to Group:

Select the group from the pulldown menu.

Exception Configuration:

Select

Enable

or

Disable

.

Caution:

The NT Domain feature supports only a Windows 2000

controller. To use NT Domain Authentication please ensure the

following conditions:

1. The WAN1 port preferred DNS server IP address must be the

same as the Domain Controller Server IP address.

2. The Free Surfing List must also contain

the Domain Controller

Server IP address.

3. The Policy name must be your complete Domain name.

33

Using the Configuration Utility (continued)

External Web Server

The DSA-5100 supports an external web server function (including database)

which enables a user to put the login page on an external web server, and change

the login page anytime.

Protocol:

Choose from http or https (http protocol is selected here).

Server IP:

External Web server IP.

Server Port:

External Web server Port number.

Login Page:

Login page URL.

User Authentication>Group Configuration

The administrator can configure 5 group profiles and a guest profile here. Click

Edit

next to the group that you want to configure and the screen on the next page will

appear.

34

Using the Configuration Utility (continued)

User Authentication>Edit Group Configuration

Group Name

Guest

:

Assign a group name;

Guest

is selected here.

Firewall Profile:

Select the firewall profile for this group.

Specific Route Profile:

Select the route profile for this group.

Schedule Profile:

Select a schedule for this profile.

T

otal

Bandwidth:

Select the bandwidth limit that goes with this group.

User Authentication>Black List Configuration

The administrator can manage a blacklist of up to 40 users. When a blacklisted user

attempts to logon, he will be denied access.

Select Black List:

Select the blacklist from the pulldown menu.

Add User to List:

35

Using the Configuration Utility (continued)

User Authentication>Black List Configuration

Username:

Enter the username to be blacklisted here.

Remark:

Add a comment (optional).

Apply:

Click

Apply

to add the user to the blacklist.

Previous:

Click

Previous

to return to the Black List Configuration.