Download
Share
Print this page
  1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Switch
  5. DWS-3160 Series
  6. Configuration manual

D-Link DWS-3160 Configuration Manual

Unified switch
Hide thumbs Also See for DWS-3160:

Advertisement

Quick Links

Download this manual See also: Reference Manual, Cli Reference Manual

Configuration Guide

How to Configure a BYOD Environment with the DWS-3160
(RADIUS Server)
Overview
This guide describes how to configure and implement BYOD environment with the D-Link
DWS-3160 Unified Switch for user and device authentication.

Advertisement

loading

Related Manuals for D-Link DWS-3160

Summary of Contents for D-Link DWS-3160

  • Page 1: Configuration Guide

    Configuration Guide How to Configure a BYOD Environment with the DWS-3160 (RADIUS Server) Overview This guide describes how to configure and implement BYOD environment with the D-Link DWS-3160 Unified Switch for user and device authentication.
  • Page 2 If authentication info doesn’t match either username or password, the user doesn’t get any access. NOTE: The screenshots in this guide are from the DWS-3160’s firmware version 4.3.0.5. If you are using an earlier version of the firmware, the screenshots may not be identical to what you see on your browser.
  • Page 3 How to Configure a BYOD Environment with the DWS-3160 Configuration Steps (FreeRADIUS) 1. Basic Requirement In order to setup the RADIUS server, the following is the minimum requirement.  A standard x86/x86-64 PC  Installed Fedora Linux distribution ( Fedora 18+ is preferred) ...
  • Page 4 How to Configure a BYOD Environment with the DWS-3160 4. Manual-Installation Procedure Install FreeRADIUS steps-by-steps through the following description. 4-1. Open a terminal console and switch to root account Use the command and enter root’s password to get the root privilege as the following steps are...
  • Page 5 How to Configure a BYOD Environment with the DWS-3160 4-2. Install the required package (the table listed in above) Use the following command to install freeradius, postgresql, and the libraries. In default, the installation path for FreeRADIUS is /etc/raddb. -----------------------...
  • Page 6 How to Configure a BYOD Environment with the DWS-3160 --------------------------------------- In this case, add VLAN1 IP subnet. For example, add a new entry named test1, secret is testing123, and the subnet is 192.168.10.0/24 --------------------------------------- client test1{ secret=testing123 ipaddr=192.168.10.0 netmask=24 --------------------------------------- 4-4.
  • Page 7 How to Configure a BYOD Environment with the DWS-3160 Edit below info under /etc/raddb/sql.conf. And save. 4-5-1. Set “database” = “postgresql” 4-5-2. Set “server” = the database server ip. Leave it as “localhost” if you don’t have separate database. 4-5-3. Change “password” as desired. Suggest keep it as “radpass”...
  • Page 8 How to Configure a BYOD Environment with the DWS-3160 4-7-2. Please insert text below to the /etc/raddb/sites-enabled/default after line 511 and save change. ----------------------------------------------------------------------------- if ( "%{request:Calling-Station-Id}" != "" && "%{request:Calling-Station-Id}" == "%{sql: SELECT callingstationid FROM radmacvlan WHERE username='%{User-Name}' and callingstationid=upper('%{request:Calling-Station-Id}')}"...
  • Page 9 How to Configure a BYOD Environment with the DWS-3160 Remove “#” in the beginning of “sql” in the sections of “authorize” 5. Setup PostgreSQL server 5-1. Start Postgresql service Execute the following commands to init and start postgresql. And save.
  • Page 10 How to Configure a BYOD Environment with the DWS-3160 ---------------------------- sudo -u postgres createdb radius --owner=radius ---------------------------- 5-2-2-1. Modify PostgreSQL listen address Set IP address that PostgreSQL are listened on. Edit /var/lib/pgsql/data/postgresql.conf. Remove “#” in the beginning listen_addresses. And save.
  • Page 11 --------------------------------- 5-2-3. Import FreeRADIUS schemas. Create a default group and insert a test user into the database. Please copy the schema.sql file which provide by D-Link to replace the existence one under /etc/raddb/sql/postgresql/. --------------------------------- cd /etc/raddb/sql/postgresql/ chown root:radius schema.sql --------------------------------- Use the command below to create the table schema for database.
  • Page 12 How to Configure a BYOD Environment with the DWS-3160 Please use commands below to add the 3 default attributes to default group. The values need to change:  groupname: Define by user. We can only define one default vlan in the demo scenario.
  • Page 13 How to Configure a BYOD Environment with the DWS-3160 5-2-5. Create accounts in the database. Please use command below to create accounts (username/ password/ MAC address) in database for testing users. The values need to change:  Username: Define by user.
  • Page 14 How to Configure a BYOD Environment with the DWS-3160 The values need to change:  Username: Define by user.  Macaddr: MAC address of device  Vlanid: Define by user --------------------------- echo “insert into radmacvlan (username,callingstationid,tunnelprivategroupid) values('username','macaddr','vlanid');” |psql -U radius radius --------------------------- In this case, set the username/ password are as test/ test.
  • Page 15 How to Configure a BYOD Environment with the DWS-3160 service firewalld stop --------------------------- 7. Start FreeRADIUS service 7-1. Enable and start FreeRADIUS sevice Use the following commands to enable and start FreeRADIUS service --------------------------- service radiusd enable service radiusd start --------------------------- 7-2.
  • Page 16 How to Configure a BYOD Environment with the DWS-3160 8. Post check after installation with RADIUS client 8-1. Download the FreeRadius client There are many FreeRadius clients can be used for testing. The example in below is using NTRadPing which is downloaded from internet.
  • Page 17 9. Set up VLAN based on the network architecture. VLAN1 is the default VLAN for AP management. Associate VLAN1 on Port1. Navigate to LAN> DWS-3160-24PC> L2 Feature> VLAN> 802.1Q VLAN Settings. 10. Create SSID. Enable security mode WPA2 Enterprise. Navigate to WLAN> DWS-3160-24PC> Administration> Advanced Configuration> Networks.
  • Page 18 How to Configure a BYOD Environment with the DWS-3160 11. Create an AP Profile and associate the SSID on it. 3-1. Create an AP Profile “BYOD”. Navigate to WLAN> DWS-3160-24PC> Administration> Advanced Configuration> AP Profiles> BYOD> Global.
  • Page 19 3-2. Associate SSID dlink_employee on this AP Profile. Navigate to WLAN> DWS-3160-24PC> Administration> Advanced Configuration> AP Profiles> BYOD> VAP. 12. Set RADIUS server. Fill in RADIUS server IP address, and Key. Navigate to LAN> DWS-3160-24PC> Security> RADIUS> Authentication RADIUS Server Settings. 13. Discover and manage an AP from the network.
  • Page 20 NB with full access on internal resources (for example, internet and printer), and VLAN3 is for the user using private NB with limited access (for example, internet). As DWS-3160 VLAN1 is un-tag VLAN, set VLAN1 as un-tag VLAN on switch. The VLAN table is as below.
  • Page 21 How to Configure a BYOD Environment with the DWS-3160 2. (Option) Enable PoE on the ports which connect with APs if needed. In default, all ports are enabled auto PoE detection. Configuration Steps (DSR-500N) 1. Set up VLANs based on the network architecture. Create three VLANs. VLAN1 is the default...
  • Page 22 How to Configure a BYOD Environment with the DWS-3160 1-2. Enable DHCP server on default VLAN, VLAN2 and VLAN3. Navigate to SETUP> VLAN Settings> Multiple VLAN Subnets.
  • Page 23 How to Configure a BYOD Environment with the DWS-3160 1-3. Associate VLAN1 to 3 in Trunk mode on Port1.
  • Page 24 How to Configure a BYOD Environment with the DWS-3160 Configuration Steps (Notebook, Microsoft/ Win7) 1. Set up wireless security. 1-1. Navigate to START> Control Panel> Network and Sharing Center. Click “Manage wireless network”. Click “Add” to add a new wireless network. Select “Manually create a network...
  • Page 25 How to Configure a BYOD Environment with the DWS-3160 1-2. Fill in the network name. Select security type as WPA2-Enterprise. Select the Encryption is AES. Click “Next”. 1-3. Click “Change connection settings”. 1-3-1. Click tab “Security”. (Option) Tick “Remember my credentials for the connection each time I’m logged on”...
  • Page 26 How to Configure a BYOD Environment with the DWS-3160 1-3-3. Click “Configure..” of Select Authentication Method”. (Option) Un-check “Automatically use my Windows logon name and password (and domain if any)” if the username/ password is not the same as Windows logon information.
  • Page 27 How to Configure a BYOD Environment with the DWS-3160 2. Fill in the network name. Select security type as WPA2-Enterprise. Click “Join”. 3. Click “Cancel” on Verify Certificate. Proof of Concept The NB with MAC 08:11:96:71, which is the corporate-provided device, is assigned VLAN2 after pass the authentication.
  • Page 28 How to Configure a BYOD Environment with the DWS-3160 www.dlink.com D-Link, D-Link logo, D-Link sub brand logos and D-Link product trademarks are trademarks or registered trademarks of D-Link Corporation and its subsidiaries. All other third party marks mentioned herein are trademarks of the respective owners.