manualshive.com logo in svg

D-Link DWS-3160 Series, Configuration Manual, Page: 15 / 28

Share
Download
D-Link DWS-3160 Series Configuration Manual Download Page 15

 

How to Configure a BYOD Environment  with the DWS-3160 

 

service firewalld stop 

--------------------------- 

 

7.

 

Start FreeRADIUS service 
 
7-1. Enable and start FreeRADIUS sevice 
 
Use the following commands to enable and start FreeRADIUS service 
 
--------------------------- 

service radiusd enable 
service radiusd start 

--------------------------- 
 
7-2. Test FreeRADIUS 
 
Use the tool 

radtest

 of FreeRADIUS to check if FreeRADIUS run well.  The example command is 

as below.  
 
--------------------------- 

radtest username password radius_ip 0 shared_secret 

--------------------------- 
 
If the test is passed, it will show Access-Accept as below: 

 

 

Summary of Contents for DWS-3160 Series

Page 1: ...How to Configure a BYOD Environment with the DWS 3160 RADIUS Server Overview This guide describes how to configure and implement BYOD environment with the D Link DWS 3160 Unified Switch for user and d...

Page 2: ...SSID required performing authentication before granted authority The security protocol on SSID dlink_employee is WPA2 Enterprise The authentication database is external RADIUS server In the RADIUS da...

Page 3: ...ion Operation System Fedora 3 9 5 301 fc19 x86_64 FreeRadius freeradius 2 2 0 6 fc19 x86_64 FreeRadius freeradius utils 2 2 0 6 fc19 x86_64 FreeRadius freeradius postgresql 2 2 0 6 fc19 x86_64 Postgre...

Page 4: ...tallation Procedure Install FreeRADIUS steps by steps through the following description 4 1 Open a terminal console and switch to root account Use the su command and enter root s password to get the r...

Page 5: ...ius utils 4 3 Configure FreeRADIUS All configuration files for FreeRADIUS will be stored under etc raddb Add the management VLAN in the FreeRADIUS Edit etc raddb client conf Add shared secret for each...

Page 6: ...and the subnet is 192 168 10 0 24 client test1 secret testing123 ipaddr 192 168 10 0 netmask 24 4 4 Setup SQL server is as source database Uncomment sql conf in etc raddb radiusd conf Remove in the b...

Page 7: ...desired Suggest keep it as radpass 4 6 Edit log in format Edit below info under etc raddb sql postgresql dialup conf And save 4 6 1 Remove in the beginning of sql_user_name Stripped User Name User Nam...

Page 8: ...e sql select value from radgroupreply right outer join radusergroup on radgroupreply groupname radusergroup groupname where radusergroup username User Name and radgroupreply attribute Tunnel Medium Ty...

Page 9: ...l start 5 2 Create a database user for FreeRADIUS 5 2 1 Create a database user for FreeRADIUS Please note that the username and password must be matched with username password which set in etc raddb s...

Page 10: ...s that PostgreSQL are listened on Edit var lib pgsql data postgresql conf Remove in the beginning listen_addresses And save 5 2 2 2 Edit var lib pgsql data pg_hba conf Remove in the beginning of local...

Page 11: ...he database Please copy the schema sql file which provide by D Link to replace the existence one under etc raddb sql postgresql cd etc raddb sql postgresql chown root radius schema sql Use the command...

Page 12: ...alue values groupname Tunnel Private Group Id default_vlan_id psql U radius radius echo insert into radgroupreply groupname attribute op value values groupname Tunnel Type 13 psql U radius radius echo...

Page 13: ...d to change Username Define by user Groupname Define by user We can only define one default vlan in the demo scenario echo insert into radusergroup username groupname priority values username groupnam...

Page 14: ...ationid tunnelprivategroupid values username macaddr vlanid psql U radius radius In this case set the username password are as test test The MAC address is the one of the corporate provided NB 08 11 9...

Page 15: ...e Use the following commands to enable and start FreeRADIUS service service radiusd enable service radiusd start 7 2 Test FreeRADIUS Use the tool radtest of FreeRADIUS to check if FreeRADIUS run well...

Page 16: ...ning with Win7 After installed you can configure RADIUS client through GUI Set few parameters when before start testing RADIUS Server port 192 168 10 15 Port No need to change default is 1812 RADIUS S...

Page 17: ...1 on Port1 Navigate to LAN DWS 3160 24PC L2 Feature VLAN 802 1Q VLAN Settings 10 Create SSID Enable security mode WPA2 Enterprise Navigate to WLAN DWS 3160 24PC Administration Advanced Configuration N...

Page 18: ...e a BYOD Environment with the DWS 3160 11 Create an AP Profile and associate the SSID on it 3 1 Create an AP Profile BYOD Navigate to WLAN DWS 3160 24PC Administration Advanced Configuration AP Profil...

Page 19: ...s AP Profile Navigate to WLAN DWS 3160 24PC Administration Advanced Configuration AP Profiles BYOD VAP 12 Set RADIUS server Fill in RADIUS server IP address and Key Navigate to LAN DWS 3160 24PC Secur...

Page 20: ...AN for AP management and external RADIUS server VLAN2 is for the user using corporate provided NB with full access on internal resources for example internet and printer and VLAN3 is for the user usin...

Page 21: ...VLANs based on the network architecture Create three VLANs VLAN1 is the default VLAN for AP management and external RADIUS server VLAN2 is for the user using corporate provided NB with full access on...

Page 22: ...How to Configure a BYOD Environment with the DWS 3160 1 2 Enable DHCP server on default VLAN VLAN2 and VLAN3 Navigate to SETUP VLAN Settings Multiple VLAN Subnets...

Page 23: ...How to Configure a BYOD Environment with the DWS 3160 1 3 Associate VLAN1 to 3 in Trunk mode on Port1...

Page 24: ...3160 Configuration Steps Notebook Microsoft Win7 1 Set up wireless security 1 1 Navigate to START Control Panel Network and Sharing Center Click Manage wireless network Click Add to add a new wireless...

Page 25: ...e Encryption is AES Click Next 1 3 Click Change connection settings 1 3 1 Click tab Security Option Tick Remember my credentials for the connection each time I m logged on to keep the username passwor...

Page 26: ...Un check Automatically use my Windows logon name and password and domain if any if the username password is not the same as Windows logon information 2 Connect the wireless Insert the username and pas...

Page 27: ...fter pass the authentication The NB would get IP address of VLAN2 subnet for example 192 168 0 x It can access resources on VLAN2 for example printer and internet The NB with MAC 00 13 02 69 7F E9 whi...

Page 28: ...logo D Link sub brand logos and D Link product trademarks are trademarks or registered trademarks of D Link Corporation and its subsidiaries All other third party marks mentioned herein are trademark...

Reviews:

No comments