Page 281 / 794 Scroll up to view Page 276 - 280
Vigor2860 Series User’s Guide
267
After finished the above settings, click
OK
button to save the settings.
TACACS+
It means Terminal Access Controller Access-Control System Plus. It works like RADIUS
does. Click the
TACACS+ Setup
to open the following page:
Available settings are explained as follows:
Item
Description
Enable
Check to enable TACACS+ feature.
Server IP Address
Enter the IP address of TACACS+ server.
Destination Port
The UDP port number that the TACACS+ server is using.
Shared Secret
The TACACS+ server and client share a secret that is used
to authenticate the messages sent between them. Both sides
must be configured to use the same shared secret.
Confirm Shared Secret
Re-type the Shared Secret for confirmation.
After finished the above settings, click
OK
button to save the settings.
Page 282 / 794
Vigor2860 Series User’s Guide
268
3.10.5 LDAP /Active Directory Setup
Lightweight Directory Access Protocol (LDAP) is a communication protocol for using in
TCP/IP network. It defines the methods to access distributing directory server by clients, work
on directory and share the information in the directory by clients. The LDAP standard is
established by the work team of Internet Engineering Task Force (IETF).
As the name described, LDAP is designed as an effect way to access directory service without
the complexity of other directory service protocols. For LDAP is defined to perform, inquire
and modify the information within the directory, and acquire the data in the directory securely,
therefore users can apply LDAP to search or list the directory object, inquire or manage the
active directory.
General Setup
This page allows you to enable the function and specify general settings for LDAP server.
Page 283 / 794
Vigor2860 Series User’s Guide
269
Available settings are explained as follows:
Item
Description
Enable
Check to enable such function.
Bind Type
There are three types of bind type supported.
Simple
Mode
– Just simply do the bind authentication
without any search action.
Anonymous
– Perform a search action first with
Anonymous account then do the bind authentication.
Regular
Mode
– Mostly it is the same with anonymous
mode. The different is that, the server will firstly check if
you have the search authority.
For the regular mode, you’ll need to type in the
Regular DN
and
Regular Password
.
Server Address
Enter the IP address of LDAP server.
Destination Port
Type a port number as the destination port for LDAP server.
Use SSL
Check the box to use the port number specified for SSL.
Regular DN
Type this setting if
Regular
Mode
is selected as
Bind Type.
Regular Password
Specify a password if
Regular
Mode
is selected as
Bind
Type.
After finished the above settings, click
OK
button to save the settings.
Profiles
You can configure eight AD/LDAP profiles. These profiles would be used with User
Management for different purposes in management.
Click any index number link to open the following page.
Page 284 / 794
Vigor2860 Series User’s Guide
270
Available settings are explained as follows:
Item
Description
Name
Type a name for such profile. The length of the user name is
limited to 19 characters.
Common Name
Identifier
Type or edit the common name identifier for the LDAP server.
The common name identifier for most LDAP server is “cn”.
Additional Filter
Type the condition for additional filter.
Base Distinguished
Name / Group
Distinguished Name
Type or edit the distinguished name used to look up entries on
the LDAP server.
Sometimes, you may forget the Distinguished Name since it’s
too long. Then you may click the
button to list all the
account information on the AD/LDAP Server to assist you
finish the setup.
After finished the above settings, click
OK
to save and exit this page. A new profile has been
created.
For detailed information about LDAP application, refer to
section 4.6 How to Implement the
AD/LDAP Authentication for User Management?
Page 285 / 794
Vigor2860 Series User’s Guide
271
3.10.6 UPnP
The
UPnP
(Universal Plug and Play) protocol is supported to bring to network connected
devices the ease of installation and configuration which is already available for directly
connected PC peripherals with the existing Windows 'Plug and Play' system. For NAT routers,
the major feature of UPnP on the router is “NAT Traversal”. This enables applications inside
the firewall to automatically open the ports that they need to pass through a router.
Note
: UPnP is required for some applications such as PPS, Skype, eMule...and etc. If you
are not familiar with UPnP, it is suggested to turn off this function for security.
Available settings are explained as follows:
Item
Description
Enable UPNP Service
Accordingly, you can enable either the
Connection Control
Service
or
Connection Status Service
.
Default WAN
It is used to specify the WAN interface for applying such
function.
The reminder as regards concern about Firewall and UPnP
Can't work with Firewall Software
Enabling firewall applications on your PC may cause the UPnP function not working
properly. This is because these applications will block the accessing ability of some network
ports.
Security Considerations
Activating the UPnP function on your network may incur some security threats. You should
consider carefully these risks before activating the UPnP function.
Some Microsoft operating systems have found out the UPnP weaknesses and hence
you need to ensure that you have applied the latest service packs and patches.
Non-privileged users can control some router functions, including removing and
adding port mappings.
The UPnP function dynamically adds port mappings on behalf of some UPnP-aware
applications. When the applications terminate abnormally, these mappings may not be
removed.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top