beautypg.com

3 configuring management vlan example, Table 71 radius vlan – ZyXEL Communications NWA3550 User Manual

Page 207

background image

Chapter 17 VLAN

NWA3550 User’s Guide

207

The following table describes the labels in this screen.

17.2.3 Configuring Management VLAN Example

This section shows you how to create a VLAN on an Ethernet switch.
By default, the port on the ZyXEL Device is a member of the management VLAN (VLAN ID
1). The following procedure shows you how to configure a tagged VLAN.

"

Use the out-of-band management port or console port to configure the switch if
you misconfigure the management VLAN and lock yourself out from
performing in-band management.

On an Ethernet switch, create a VLAN that has the same management VLAN ID as the
ZyXEL Device. The following figure has the ZyXEL Device connected to port 2 of the switch
and your computer connected to port 1. The management VLAN ID is ten.

Table 71 RADIUS VLAN

LABEL

DESCRIPTION

Block station if

RADIUS server

assigns VLAN name

error!

Select this to have the ZyXEL Device forbid access to wireless clients when

the VLAN attributes sent from the RADIUS server do not match a configured

Name field.
When you select this check box, only users with names configured in this

screen can access the network through the ZyXEL Device.

VLAN Mapping Table

Use this table to map names to VLAN IDs so that the RADIUS server can

assign each user or user group a mapped VLAN ID. See your RADIUS server

documentation for more information on configuring VLAN ID attributes.
See

Section 17.2.4 on page 210

for more information.

Index

This is the index number of the VLAN mapping profile.

Active

Select a check box to enable the VLAN mapping profile.

VLAN ID

Type a VLAN ID. Incoming traffic from the WLAN is authorized and assigned

a VLAN ID before it is sent to the LAN.

Name

Type a name to have the ZyXEL Device check for specific VLAN attributes on

incoming messages from the RADIUS server. Access-accept packets sent by

the RADIUS server contain VLAN related attributes. The configured Name

fields are checked against these attributes. If a configured Name field

matches these attributes, the corresponding VLAN ID is added to packets

sent from this user to the LAN.
If the VLAN-related attributes sent by the RADIUS server do not match a

configured Name field, a wireless station is assigned the wireless VLAN ID

associated with its SSID (unless the Block station if RADIUS server

assigns VLAN error! check box is selected).

Apply

Click Apply to save your changes to the ZyXEL Device.

Reset

Click Reset to begin configuring this screen afresh.

See also other documents in the category ZyXEL Communications Hardware: