D-Link DWS-1008 CLI Manual
MAC Address Globs
A media access control (MAC) address glob is a similar method for matching some authentication,
authorization, and accounting (AAA) and forwarding database (FDB) commands to one or more 6-byte
MAC addresses. In a MAC address glob, you can use a single asterisk (*) as a wildcard to match all
MAC addresses, or as follows to match from 1 byte to 5 bytes of the MAC address:
00:*
00: 01: *
00:01:02:*
00: 01: 02 : 03:*
00: 01: 02 : 03 : 04:*
For example, the MAC address glob 02:06:8c* represents all MAC addresses starting with 02:06:8c.
Specifying only the first 3 bytes of a MAC address allows you to apply commands to MAC addresses
based on an organizationally unique identity (OUI).
VLAN Globs
A VLAN glob is a method for matching one of a set of local rules on a DWS-1008 switch, known as
the location policy, to one or more users. MSS compares the VLAN glob, which can optionally contain
wildcard characters, against the VLAN-Name attribute returned by AAA, to determine whether to apply
the rule.
To match all VLANs, use the double-asterisk (**) wildcard characters with no delimiters. To match any
number of characters up to, but not including, a delimiter character in the glob, use the single-asterisk
(*) wildcard. Valid VLAN glob delimiter characters are the at (@) sign and the period (.).
For example, the VLAN glob bldg4. * matches bldg4.security and bldg4.hr and all other VLAN names
with bldg4. at the beginning.
Matching Order for Globs
In general, the order in which you enter AAA commands determines the order in which MSS matches
the user, MAC address, or VLAN to a glob. To verify the order, view the output of the show aaa or show
config command. MSS checks globs that appear higher in the list before items lower in the list and uses
the first successful match.
Содержание DWS-1008
Страница 1: ......
Страница 27: ...D Link DWS 1008 CLI Manual 24 ...