background image

DGS-3024 Gigabit Ethernet Switch Manual 

Parameter                    Description 

Application 

Lists the configuration applications on the Switch. The user may configure the Login Method 
List and Enable Method List for authentication for users utilizing the Console (Command Line 
Interface) application, the Telnet application, SSH and the Web (HTTP) application. 

Login Method List 

Using the pull down menu, configure an application for normal login on the user level, utilizing 
a previously configured method list. The user may use the default Method List or other Method 
List configured by the user. See the 

Login Method Lists 

window, in this section, for more 

information. 

Enable Method List 

Using the pull down menu, configure an application for normal login on the user level, utilizing 
a previously configured method list. The user may use the default Method List or other Method 
List configured by the user. See the 

Enable Method Lists

 window, in this section, for more 

information 

Click 

Apply

 to implement changes made. 

Authentication Server Group 

This window will allow users to set up 

Authentication Server Groups

 on the Switch. A server group is a technique used to group 

TACACS/XTACACS//RADIUS server hosts into user-defined categories for authentication using method lists. The 
user may define the type of server group by protocol or by previously defined server group. The Switch has three built-in 
Authentication Server Groups that cannot be removed but can be modified. Up to eight authentication server hosts may be added 
to any particular group. 

To view the following window, click 

Security > Access Authentication Control > Authentication Server Group

 

Figure 8- 10. Authentication Server Group Settings window 

This window displays the Authentication Server Groups on the Switch. The Switch has four built-in Authentication Server 
Groups that cannot be removed but can be modified. To modify a particular group, click its hyperlinked Group Name, which will 
then display the following window. 

98 

Summary of Contents for DGS-3024

Page 1: ...D Link DGS 3024 Managed 24 Port Gigabit Ethernet Switch Manual ...

Page 2: ... used in accordance with this user s guide may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in which case t...

Page 3: ...5 External Redundant Power System 6 Identifying External Components 7 Front Panel 7 Rear Panel 7 Side Panels 8 LED Indicators 8 Connecting the Switch 9 Switch to End Node 9 Switch to Hub or Switch 10 Switch to Core Router Switch 10 Introduction to Switch Management 11 Management Options 11 Web based Management Interface 11 SNMP Based Management 11 Command Line Console Interface Through the Serial ...

Page 4: ...gs 24 Port Configuration 26 Port Description 28 Port Mirroring 29 Link Aggregation Port Trunking 30 LACP Port Settings 33 IGMP Snooping 34 IGMP Snooping 34 Static Router Ports Entry 36 Spanning Tree 37 802 1s MSTP 37 802 1w Rapid Spanning Tree 37 Port Transition States 38 Edge Port 38 P2P Port 38 802 1d 802 1w 802 1s Compatibility 38 STP Loopback Detection 39 STP Bridge Global Settings 40 MST Conf...

Page 5: ...ges of QoS 64 Understanding QoS 65 Port Bandwidth 66 Traffic Control 67 802 1p Default Priority 68 802 1p User Priority 69 QoS Scheduling Mechanism 69 QoS Output Scheduling 70 MAC Notification 71 MAC Notification Global Settings 71 MAC Notification Port Settings 72 System Log Server 73 Port Access Entity 75 802 1x Port Based Access Control 75 Authentication Server 76 Authenticator 76 Client 77 Aut...

Page 6: ...pplication Authentication Settings 97 Authentication Server Group 98 Authentication Server Host 100 Login Method Lists 101 Enable Method Lists 103 Configure Local Enable Password 104 Enable Admin 105 Management 106 User Accounts 106 Admin and User Privileges 107 SNMP Manager 109 SNMP User Table 109 SNMP View Table 111 SNMP Group Table 112 SNMP Community Table 114 SNMP Host Table 115 SNMP Engine ID...

Page 7: ...33 VLAN Status 133 Router Port 134 Session Table 134 Port Access Control 135 RADIUS Authentication 135 Maintenance 136 TFTP Services 136 Download Firmware 136 Download Configuration File 136 Save Settings 137 Save History Log 137 Ping Test 138 Save Changes 138 Reboot Services 140 Reboot 140 Reset 140 Reset Config 141 Reset System 141 Logout 141 Technical Specifications 142 Cable Lengths 144 ...

Page 8: ...DGS 3024 Gigabit Ethernet Switch Manual viii Glossary 145 Warranty and Registration Information 148 Product Registration 153 Tech Support 164 ...

Page 9: ...Section 7 Configuration A detailed discussion about configuring some of the basic functions of the Switch including accessing the Switch information using the Switch s utilities and setting up network configurations such as Quality of Service Port Mirroring and configuring the Spanning Tree Section 8 Security Provides a description of the security features of the Switch including Trusted Host Secu...

Page 10: ...k managers familiar with network management concepts and terminology Notes Notices and Cautions NOTE A NOTE indicates important information that helps you make better use of your device NOTICE A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem CAUTION A CAUTION indicates a potential for property damage personal injury or death ...

Page 11: ...nt If the system gets wet see the appropriate section in your troubleshooting guide or contact your trained service provider Do not push any objects into the openings of your system Doing so can cause a fire or an electric shock by shorting out interior components Use the product only with approved equipment Allow the product to cool before removing covers or touching internal components Operate t...

Page 12: ... to the power supply Unplug the power cable before removing the power supply If the system has multiple sources of power disconnect power from the system by unplugging all power cables from the power supplies Move products with care ensure that all casters and or stabilizers are firmly connected to the system Avoid sudden stops and uneven surfaces General Precautions for Rack Mountable Products Ob...

Page 13: ...low is provided to components in the rack Do not step on or stand on any component when servicing other components in a rack NOTE A qualified electrician must perform all connections to DC power and to safety grounds All electrical wiring must comply with applicable local or national codes and practices CAUTION Never defeat the ground conductor or operate the equipment in the absence of a suitably...

Page 14: ... carton do not remove the component from the antistatic packing material until you are ready to install the component in your system Just before unwrapping the antistatic packaging be sure to discharge static electricity from your body 2 When transporting a sensitive component first place it in an antistatic container or packaging 3 Handle all sensitive components in a static safe area If possible...

Page 15: ...me Switching fabric 48Gbps Max Forwarding Rate 35 7 million packets per second High speed data forwarding rate of 1 488 095 pps per port at 100 of wire speed for 1000 Mbps speed Supports 8K MAC address Supports four priority queues per port Supports 512Kbytes buffer memory per Switch 802 1D Spanning Tree support Can be disabled on the entire Switch or on a per port basis 802 1Q Tagged VLAN support...

Page 16: ...eceive functions only However the DGS 3024 provides counters for both receive and transmit functions Supports Web based management TFTP Client support BOOTP Client support DHCP Client support Password enabled Telnet remote control console Broadcast storm control Multicast storm control Command Line Interface support Syslog support SNTP support SNMP Trap on MAC Notification support Jumbo frame supp...

Page 17: ...ords A printed Quick Installation Guide D View 5 1 demo CD ROM This Manual with Registration Card on CD ROM If any item is found missing or damaged please contact your local D Link reseller for replacement Installation Use the following guidelines when choosing a place to install the Switch The surface must support at least 4 kg The power outlet should be within 1 82 meters 6 feet of the device Vi...

Page 18: ...een the device and the objects around it Figure 2 1 Installing rubber feet for desktop installation Rack Installation The DGS 3024 can be mounted in an EIA standard sized 19 inch rack which can be placed in a wiring closet with other equipment To install attach the mounting brackets on the Switch s side panels one on each side and secure them with the screws provided Figure 2 2A Attaching the moun...

Page 19: ...except console will momentarily blink This blinking of the LEDs indicates a reset of the system The console LED indicator will blink while the Switch loads onboard software and performs a self test When the POST is passed the LED will become dark If the POST fails the indicator will light solid amber This indicator lights solid green when the Switch is being logged in via out of band local console...

Page 20: ...supports an external redundant power system Figure 2 3 DPS 300 in DPS 900 case with DGS 3024 Figure 2 4 DPS 300 in DPS 800 case with DGS 3024 NOTE See the DPS 300 documentation for more information CAUTION Do not use the Switch with any redundant power system other than the DPS 300 6 ...

Page 21: ...0 connections to a backbone end stations and servers Four mini GBIC combo ports to connect fiber optic media to another Switch server core router Switch or network backbone Rear Panel The rear panel of the Switch contains an external Redundant Power Supply connector and an AC power connector Figure 3 2 Rear panel view The external Redundant Power Supply connector is used to connect the DGS 3024 to...

Page 22: ...h an explanation of each indicator Figure 3 4 LED indicators Power This indicator on the front panel lights solid green when the system is powered up and remains dark when the system is not powered on RPS This indicator is lit solid amber when the external Redundant Power Supply is in operation and remains dark when it is not in use or the main power is working normally Console This indicator blin...

Page 23: ... routers An end node can be connected to the Switch via a Category 3 4 5 or 5e UTP STP cable for optimal performance Category 5e is recommended The end node should be connected to any of the ports of the Switch Figure 4 1 Switch connected to an End Node The Link Act LEDs light green when the link is valid A blinking green LED indicates packet activity on that port The Speed LEDs indicate port spee...

Page 24: ...TP cable Figure 4 2 Switch connected to a normal non Uplink port on a hub or Switch using a straight or crossover cable Switch to Core Router Switch This connection can be accomplished using the following fiber optic media SFP Transceiver for 1000BASE LX Single mode fiber module 10km SFP Transceiver for 1000BASE SX Multi mode fiber module 550m SFP Transceiver for 1000BASE LHX Single mode fiber mod...

Page 25: ... port to access the Switch The command line driven interface provides complete access to all Switch management features Connecting the Console Port RS 232 DCE The Switch provides an RS 232 serial port that enables a connection to a computer or terminal for monitoring and configuring the Switch This port is a female DB 9 connector implemented as a data terminal equipment DTE connection To use the c...

Page 26: ... for more information on setting up user accounts See the DGS 3024 Command Line Interface Reference Manual on the documentation CD for a list of all commands and additional information on using the CLI 13 When you have completed your tasks exit the session with the logout command or close the emulator program Make sure the terminal or PC you are using to make this connection is configured to match...

Page 27: ...ou will be presented with the first login screen shown below NOTE Press Ctrl R to refresh the screen This command can be used at any time to force the console program in the Switch to refresh the console screen Press Enter in both the Username and Password fields You will be given access to the command prompt DGS 3024 4 shown below There is no initial username or password Leave the Username and Pa...

Page 28: ...strator account being created and press the Enter key You will be prompted to enter the same password again to verify it Type the same password and press the Enter key Successful creation of the new administrator account will be verified by a Success message NOTE Passwords are case sensitive User names and passwords can be up to 15 characters in length The sample below illustrates a successful cre...

Page 29: ... into two parts The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers The second part describes what each user on that list can do as an SNMP manager The Switch allows groups of users to be listed and configured with a shared set of privileges The SNMP version may also be set for a listed group of SNMP managers Thus you may create a group of SN...

Page 30: ...t before it can be managed with the Web based manager The Switch IP address can be automatically set using BOOTP or DHCP protocols in which case the actual address assigned to the Switch must be known The IP address may be set using the Command Line Interface CLI over the console serial port as follows Starting at the command line prompt enter the commands config ipif System ipaddress xxx xxx xxx ...

Page 31: ... and managed via Telnet and the CLI or via the Web based management Connecting Devices to the Switch After you assign IP addresses to the Switch you can connect devices to the Switch To connect a device to an SFP transceiver port Use your cabling requirements to select an appropriate SFP transceiver type Insert the SFP transceiver sold separately into the SFP transceiver slot Use the appropriate n...

Page 32: ...ose found in the console program NOTE This Web based Management module does not accept Chinese language input or other languages requiring 2 bytes per character NOTE The Web browser needs to be upgraded to the latest Java version JavaTM Plug in version 1 5 0 or later Login to Web Manager To begin managing your Switch simply run the browser you have installed on your computer and point it to the IP...

Page 33: ... displayed The folder icons can be opened to display the hyper linked menu buttons and subfolders contained within them Area 2 Presents a graphical near real time image of the front panel of the Switch This area displays the Switch s ports and expansion modules showing port activity duplex mode or flow control depending on the specified mode Various areas of the graphic can be selected for perform...

Page 34: ...ddress Open the Configuration folder and click the IP Address link The web manager will display the Switch s current IP settings in the IP configuration menu as seen below To manually assign the Switch s IP address subnet mask and default gateway address 1 Select Manual from the Get IP From drop down menu 2 Enter the appropriate IP Address and Subnet Mask 3 If the user wants to access the Switch f...

Page 35: ...trator Subnet Mask A Bitmask that determines the extent of the subnet that the Switch is on Should be of the form xxx xxx xxx xxx where each xxx is a number represented in decimal between 0 and 255 The value should be 255 0 0 0 for a Class A network 255 255 0 0 for a Class B network and 255 255 255 0 for a Class C network but custom subnet masks are allowed Default Gateway IP address that determin...

Page 36: ...DGS 3024 Gigabit Ethernet Switch Manual 22 ...

Page 37: ...rmware chip This information is needed for new runtime software downloads Firmware Version Version number of the firmware installed on the Switch This can be updated by using the Download Firmware from TFTP Server window in the TFTP Services folder Maintenance TFTP Services Download Firmware from TFTP Server Hardware Version Version of the Switch hardware System Name A user assigned name for the S...

Page 38: ...f time a learned MAC Address will remain in the forwarding table without being accessed that is how long a learned MAC Address is allowed to remain idle To change this type in a different value representing the MAC address age out time in seconds The MAC Address Aging Time can be set to any value between 0 and 14 400 The default setting is 5 IGMP Snooping This indicates if Internet Group Managemen...

Page 39: ... dynamically join VLANs The Switch s GVRP settings can be changed on the GVRP Settings window Configuration VLANs 802 1Q Port Settings The default is Disabled Link Aggregation Algorithm The algorithm that the Switch uses to balance the load across the ports that make up the port trunk group is defined by this definition Choose MAC Source MAC Destination or MAC Src Dest For further information see ...

Page 40: ...ding port speed and flow control Clicking Configuration Port Configurations Port Settings in the menu will display the following window for the user Figure 7 4 Port Configuration window To configure Switch ports 1 Choose the port or sequential range of ports using the From and To pull down menus 2 Use the remaining pull down menus to configure the parameters described below 26 ...

Page 41: ...ies related to duplex speed and physical layer type The master setting will also determine the master and slave relationship between the two connected physical layers This relationship is necessary for establishing the timing control between the two physical layers The timing control is set on a master physical layer by a local source The slave setting 1000M Full_S uses loop timing where the timin...

Page 42: ...h To assign names to various ports click the Port Description in the Port Configuration folder of the Configuration menu Use the From and To pull down menu to choose a port or range of ports to describe and then enter a description of the port s Click Apply to set the descriptions in the Port Description Table Figure 7 5 Port Description Settings window 28 ...

Page 43: ...nfigure a mirror port 1 Select the Source Port from where you want to copy frames and the Target Port which receives the copies from the source port 2 Select Ingress Egress or None and change the Status drop down menu to Enabled 3 Click Apply to let the changes take effect NOTE A fast port cannot be mirrored onto a slower port For example trying to mirror the traffic from a 100 Mbps port onto a 10...

Page 44: ...s Link Aggregation and Port Trunking will be used synonymously The DGS 3024 supports up to four port trunk groups with 2 to 8 ports in each group A potential bit rate of 8000 Mbps can be achieved Figure 7 7 Example of Port Trunk Group The Switch treats all ports in a trunk group as a single port Data transmitted to a specific host will always be transmitted over the same port in a trunk group This...

Page 45: ... duplex The Master Port of the group is to be configured by the user and all configuration options including the VLAN configuration that can be applied to the Master Port are applied to the entire port trunking group Load sharing is automatically applied to the ports in the trunking group and a link failure within the group causes the network traffic to be directed to the remaining links in the gr...

Page 46: ...network device or to have an absolute backup aggregation group that is not under automatic control Type The types of port trunking supported by the DGS 3024 are Static and LACP Master Port Choose the Master Port for the trunk group using the pull down menu Port Map Choose the members of a trunked group Up to eight ports per group can be assigned to a group Active Port Shows the port that is curren...

Page 47: ...d sending LACP control frames This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require In order to utilize the ability to change an aggregated port group that is to add or subtract ports from the group at least one of the participating devices must designate LACP ports as active Both devices must support LACP Passive LACP ports th...

Page 48: ...ng the IGMP Snooping link in the Configuration folder When enabled for IGMP snooping the Switch can open or close a port to a specific multicast group member based on IGMP messages sent from the device to the IGMP host or vice versa The Switch monitors IGMP messages and discontinues forwarding multicast packets when there are no longer hosts requesting that they continue IGMP Snooping Use the Curr...

Page 49: ...oup specific query messages including those sent in response to leave group messages A value between 1 and 25 The default is 1 second Host Timeout This is the maximum amount of time in seconds allowed for a host to continue membership in a multicast group without the Switch receiving a host membership report The default is 260 Route Timeout This is the maximum amount of time in seconds a route is ...

Page 50: ...UDP multicast packets were all forwarded to the router port A router port will be dynamically configured when IGMP query packets RIPv2 multicast DVMRP multicast or PIM DM multicast packets are detected flowing into a port Open the IGMP folder and the click on the Static Router Ports Entry link to open the Current Static Router Ports Entries window as shown below Figure 7 13 Current Static Router P...

Page 51: ...ngle MSTP configuration that will have the following three attributes 1 A configuration name defined by an alphanumeric string of up to 32 characters defined in the Current MST Configuration Identification window in the Configuration Name field 2 A configuration revision number named here as a Revision Level 0 65535 and found in the Current MST Configuration Identification window and 3 A 4096 elem...

Page 52: ...ble of a more rapid transition to a forwarding state it no longer relies on timer configurations RSTP compliant bridges are sensitive to feedback from other RSTP compliant bridge links Ports do not need to wait for the topology to stabilize before transitioning to a forwarding state In order to allow this rapid transition the protocol introduces two new variables the edge port and the point to poi...

Page 53: ...te If another returning BPDU packet is received the port will remain in a blocked state the timer will reset to the specified value restart and the process will begin again For those who choose not to employ this function the Loopback Recovery time must be set to zero In this case when a BPDU packet is returned to the Switch the port will be placed in a blocking state and a message will be sent to...

Page 54: ...ing window open the Spanning Tree folder in the Configuration menu and click the STP Bridge Global Settings link Figure 7 15 STP Bridge Global Settings window STP compatible Figure 7 16 STP Bridge Global Settings window RSTP default Figure 7 17 STP Bridge Global Settings window MSTP 40 ...

Page 55: ...Delay 4 30 Sec The Forward Delay can be from 4 to 30 seconds Any port on the Switch spends this time in the listening state while moving from the blocking state to the forwarding state Max Hops 1 20 Used to set the number of hops between devices in a spanning tree region before the BPDU bridge protocol data unit packet sent by the Switch will be discarded Each Switch on the hop count will reduce t...

Page 56: ...A previously configured name set on the Switch to uniquely identify the MSTI Multiple Spanning Tree Instance If a configuration name is not set this field will show the MAC address to the device running MSTP Revision Level This value along with the Configuration Name will identify the MSTP region configured on the Switch MSTI ID This field shows the MSTI IDs currently set on the Switch This field ...

Page 57: ...r in the Current MST Configuration Identification window which will reveal the following window to configure Figure 7 20 Instance ID Settings window CIST modify The user may configure the following parameters to configure the CIST on the Switch Parameter Description MSTI ID The MSTI ID of the CIST is 0 and cannot be altered Type This field allows the user to choose a desired method for altering th...

Page 58: ...he user to choose a desired method for altering the MSTI settings The user has two choices Add VID Select this parameter to add VIDs to the MSTI ID in conjunction with the VID List parameter Remove VID Select this parameter to remove VIDs from the MSTI ID in conjunction with the VID List parameter VID List 1 4094 This field is used to specify the VID range from configured VLANs set on the Switch t...

Page 59: ...ick on its hyperlinked MSTI ID which will reveal the following window Figure 7 23 MSTI Settings window Parameter Description Instance ID Displays the MSTI ID of the instance being configured An entry of 0 in this field denotes the CIST default MSTI Internal cost This parameter is set to represent the relative cost of forwarding packets to specified ports when an interface is selected within a STP ...

Page 60: ...Instance Status Displays the current status of the corresponding MSTI ID Instance Priority Displays the priority of the corresponding MSTI Instance Type The lowest priority will be the root bridge Priority Click the Modify button to change the priority of the MSTI This will open the Instance ID Settings window to configure The Type field in this window will be permanently set to Set Priority Only ...

Page 61: ...n a STP instance The default setting is 0 auto There are two options 0 auto Selecting this parameter for the internalCost will set quickest route automatically and optimally for an interface The default value is derived from the media speed of the interface value 1 2000000 Selecting this parameter with a value in the range of 1 to 2000000 will set the quickest route when a loop occurs A lower Inte...

Page 62: ... the listening state while moving from the blocking state to the forwarding state Last Topology Change This field shows the time in seconds since the last spanning tree topology change Topology Changes Count This field displays the number of times that the spanning tree topology has changed since the original initial boot up of the Switch 48 ...

Page 63: ...ers entered above with the addition of Port Priority and Port Cost An STP Group spanning tree works in the same way as the Switch level spanning tree but the root bridge concept is replaced with a root port concept A root port is a port of the group that is elected based on port priority and port cost to be the connection to the network for the group Redundant links will be blocked just as redunda...

Page 64: ...the port as an edge port Edge ports cannot create loops however an edge port can lose edge port status if a topology change creates a potential for a loop An edge port normally should not receive BPDU packets If a BPDU packet is received it automatically loses edge port status Choosing the False parameter indicates that the port does not have edge port status P2P Choosing the True parameter indica...

Page 65: ... This must be a unicast MAC address Allowed to go port Allows the selection of the port number on which the MAC address entered above resides Click Apply to implement the changes made To delete an entry in the Static Unicast Forwarding Table click the corresponding under the Delete heading Multicast Forwarding The following window describes how to set up Multicast Forwarding on the Switch Open the...

Page 66: ...orresponding under the Delete heading Click the Show All Multicast Forwarding Entries link to return to the Static Multicast Forwarding Settings window Multicast Filtering The DGS 3024 can be set to either forward unregistered multicast packets or to filter unregistered multicast packets from the switch Filtering unregistered multicast packets from the switch can be useful to eliminate loops and f...

Page 67: ...the lowest priority for delivery A weighted round robin system is employed on the Switch to determine the rate at which the queues are emptied of packets The ratio used for clearing the queues is 4 1 This means that the highest priority queue Queue 1 will clear 4 packets for every 1 packet cleared from Queue 0 Remember the priority queue settings on the Switch are for all ports and all devices con...

Page 68: ... level of security to your network IEEE 802 1Q VLANs will only deliver packets between stations that are members of the VLAN Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLANs allows VLANs to work with legacy Switches that don t recognize VLAN tags in packet headers The tagging feature allows VLANs to span multiple 802 1Q compliant Switches through...

Page 69: ...can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLANs can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is ret...

Page 70: ...ave as many VIDs as the Switch has memory in its VLAN table to store them Because some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected...

Page 71: ...configured on the Switch then all packets will be forwarded to any destination port Packets with unknown source addresses will be flooded to all ports Broadcast and multicast packets will also be flooded to all ports An example is presented below VLAN Name VID Switch Ports System default 1 5 6 7 8 21 22 23 24 Engineering 2 9 10 11 12 Marketing 3 13 14 15 16 Finance 4 17 18 19 20 Sales 5 1 2 3 4 Ta...

Page 72: ...st 802 1Q Static VLANs window A new window will appear as shown below to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new window Figure 7 36 802 1Q Static VLANs window Add To return to the first 802 1Q Static VLANs window click the Show All Static VLAN Entries link To change an existing 802 1Q VLAN...

Page 73: ...ow the Switch to send out GVRP packets to outside sources notifying that they may join the existing VLAN Port Settings Allows an individual port to be specified as member of a VLAN Tag Specifies the port as either 802 1Q tagging or 802 1Q untagged Checking the box will desig nate the port as Tagged None Allows an individual port to be specified as a non VLAN member Egress Select this to specify th...

Page 74: ...type of frame that will be accepted by the port The user may choose between Tagged Only which means only VLAN tagged frames will be accepted and Admit_All which means both tagged and untagged frames will be accepted Admit_All is enabled by default PVID This field in the 802 1Q Port Table shows the current PVID assignment for each port which may be manually assigned to a VLAN when created in the 80...

Page 75: ... State Use this pull down menu to Enabled or Disabled SNTP SNTP Primary Server This is the IP address of the primary server the SNTP information will be taken from SNTP Secondary Server This is the IP address of the secondary server the SNTP information will be taken from SNTP Poll Interval in Seconds This is the interval in seconds between requests for updated SNTP information Current Time Set Cu...

Page 76: ...Time Zone and DST Settings window The following parameters can be set Parameter Description Time Zone and DST Settings Daylight Saving Time State Use this pull down menu to enable or disable the DST Settings Daylight Saving Time Offset in Minutes Use this pull down menu to specify the amount of time that will constitute your local DST offset 30 60 90 or 120 minutes Time Zone Offset from GMT in HH ...

Page 77: ...he DST will end To Which Day Enter the day of the week that DST will end To Which Month Enter the month that DST will end To What Time HH MM Enter the time DST will end DST Annual Settings Using annual mode will enable DST seasonal time adjustment Annual mode requires that the DST beginning and ending date be specified concisely For example specify to begin DST on April 3 and end DST on October 14...

Page 78: ...picture above shows the default priority setting for the Switch Class 3 has the highest priority of the four priority queues on the Switch In order to implement QoS the user is required to instruct the Switch to examine the header of a packet to see if it has the proper identifying tag tagged Then the user may forward these tagged packets to designated queues on the Switch where they will be empti...

Page 79: ...y when these queues are empty are packets of lower priority transmitted For weighted round robin queuing the number of packets sent from each priority queue depends upon the assigned weight For a configuration of eight CoS queues A H with their respective weight value 8 1 the packets are sent in the following sequence A1 B1 C1 D1 E1 F1 G1 H1 A2 B2 C2 D2 E2 F2 G2 A3 B3 C3 D3 E3 F3 A4 B4 C4 D4 E4 A5...

Page 80: ...is only supported for Rx or receiving frames on this Switch No Limit This drop down menu allows the user to specify that the selected port will have no bandwidth limit Enabled disables the limit Rate This field allows the user to select the data rate in Mbit s that will be the limit for the selected port The user may select one of the following Rx rates no_limit 64K 128K 256K 512K 1M 2M 4M 8M 16M ...

Page 81: ...ast_dlf The Threshold value is the upper threshold at which the specified traffic control is Switched on This is the number of Broadcast Broadcast Multicast Broadcast DLF and Broadcast Multicast DLF packets received by the Switch that will trigger the storm traffic control measures The Threshold value can be set from 10 to 15000 packets per second The default setting is 15000 The settings of each ...

Page 82: ...ration folder open the QoS folder and click 802 1p Default Priority to view the window shown below Figure 7 44 Port Default Priority assignment window This window allows you to assign a default 802 1p priority to any given port on the Switch The priority queues are numbered from 0 the lowest priority to 7 the highest priority Click Apply to implement your settings 68 ...

Page 83: ...iguration window Once you have assigned a priority to the port groups on the Switch you can then assign this Class to each of the four levels of 802 1p priorities Click Apply to set your changes QoS Scheduling Mechanism This window allows you to select between a RoundRobin and a Strict mechanism for emptying the priority classes In the Configuration menu open the QoS folder and click QoS Schedulin...

Page 84: ...tation careful consideration should be given to how network traffic in lower priority classes of service is affected Changes in scheduling may result in unacceptable levels of packet loss or significant transmission delay If you choose to customize this setting it is important to monitor network performance especially during peak demand as bottlenecks can quickly develop if the QoS settings are no...

Page 85: ...ning the MAC Notification folder and clicking the MAC Notification Global Settings link Figure 7 48 MAC Notification Global Settings window The following parameters may be modified Parameter Description State Enable or disable MAC notification globally on the Switch Interval sec 1 2147483647 The time in seconds between notifications History size 1 500 The maximum number of entries listed in the hi...

Page 86: ...e MAC Notification folder which will display the following window Figure 7 49 MAC Notification Port Settings window The following parameters may be set Parameter Description From and To Select a port or group of ports to enable for MAC notification using the pull down menus State Enable MAC Notification for the ports selected using the pull down menu Click Apply to implement changes made 72 ...

Page 87: ... description of the parameters in the following window Figure 7 51 System Log Server Add window The following parameters can be set Parameter Description Index Syslog server settings index Server IP The IP address of the Syslog server Severity This drop down menu allows you to select the level of messages that will be sent The options are Warning Informational and ALL Facility Some of the operatin...

Page 88: ...cal use 0 local0 17 local use 1 local1 18 local use 2 local2 19 local use 3 local3 20 local use 4 local4 21 local use 5 local5 22 local use 6 local6 23 local use 7 local7 UDP Port Enter the UDP port number used for sending Syslog messages The default is 514 Status Choose Enabled or Disabled to activate or deactivate To set the System Log Server configuration click Apply To delete an entry from the...

Page 89: ...POL packets between the Client and the Server The following figure represents a basic EAPOL packet Figure 7 52 EAPOL Packet Utilizing this method unauthorized devices are restricted from connecting to a LAN through a port to which the user is connected EAPOL packets are the only traffic that can be transmitted through the specific port until authorization is granted The 802 1x Access Control proto...

Page 90: ...or the Switch is an intermediary between the Authentication Server and the Client The Authenticator serves two purposes when utilizing 802 1x The first purpose is to request certification information from the Client through EAPOL packets which is the only information allowed to pass through the Authenticator before access is granted to the Client The second purpose of the Authenticator is to verif...

Page 91: ...uthentication Process Utilizing the three components stated above the 802 1x protocol provides a stable and secure way of authorizing and authenticating users attempting to access the network Only EAPOL traffic is allowed to pass through the specified port before a successful authentication is made This port is locked until the point when a Client with the correct username and password is granted ...

Page 92: ...Network Access Control 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client Network access controlled port Network access uncontrolled port RADIUS Server Ethernet Switch Figure 7 57 Example of Typical Port Based Configuration Once the connected Client has successfully been authenticated the Port then becomes Authorized and al...

Page 93: ...igure the 802 1x Authenticator Settings click Configure Authenticator Figure 7 58 First 802 1x Authenticator Settings window To configure the settings by port click on the hyperlinked port number under the Port heading which will display the following table to configure 79 ...

Page 94: ... attempts by the client to authenticate The Switch cannot provide authentication services to the client through the interface If auto is selected it will enable 802 1x and cause the port to begin in the unauthorized state allowing only EAPOL frames to be sent and received through the port The authentication process begins when the link state of the port transitions from down to up or when an EAPOL...

Page 95: ...nt The default setting is 3600 seconds ReAuth Determines whether regular reauthentication will take place on this port The default setting is Disabled Click Apply to implement your configuration changes To view configurations for the 802 1x Authenticator Settings click Show Authenticators Setting Local Users To configure local users for the 802 1X function click Configuration Port Access Entity Lo...

Page 96: ...the From and To fields Next enable the ports by selecting Authenticator from the drop down menu under Capability Click Apply to make your change take effect Configure the following 802 1x capability settings Parameter Description From and To Ports being configured for 802 1x settings Capability Two role choices can be selected Authenticator A user must pass the authentication process to gain acces...

Page 97: ...rts to be initialized Port A read only field indicating a port on the Switch MAC Address The MAC address of the Switch connected to the corresponding port if any Auth PAE State The Authenticator PAE State will display one of the following Initialize Disconnected Connecting Authenticating Authenticated Aborting Held ForceAuth ForceUnauth and N A Backend_State The Backend Authentication State will d...

Page 98: ...nticate Port window This window displays the following information Parameter Description Port The port number of the reauthenticated port MAC Address Displays the physical address of the Switch where the port resides Auth State The Authenticator State will display one of the following Initialize Disconnected Connecting Authenticating Authenticated Aborting Held ForceAuth ForceUnauth and N A Backen...

Page 99: ... displays the following information Parameter Description Succession First Choose the desired RADIUS server to configure First Second or Third RADIUS Server 0 0 0 0 Set the RADIUS server IP Authentic Port 1812 Set the RADIUS authentic server s UDP port The default port is 1812 Accounting Port 1813 Set the RADIUS account server s UDP port The default port is 1813 Key Set the key the same as that of...

Page 100: ... to MAC addresses To open the Static ARP Table open the Configuration folder and click on the Static ARP Settings link Figure 7 65 Static ARP Settings window To add a new entry click the Add button revealing the following window to configure Figure 7 66 Static ARP Table Add a New Entry window The following fields can be set Parameter Description IP Address The IP address of the ARP entry MAC Addre...

Page 101: ... Security folder and click on the Trusted Host link the following window will appear Figure 8 1 Security IP Management window Use security IP management to permit remote stations to manage the Switch If you choose to define one or more designated management stations only the chosen stations as defined by IP address will be allowed management privilege through the web manager or Telnet session To d...

Page 102: ...his part of the ciphersuite allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks The Switch supports two hash algorithms MD5 Message Digest 5 and SHA Secure Hash Algorithm These three parameters are uniquely assembled in fo...

Page 103: ...leaving the desired one for authentication When the SSL function has been enabled the web will become disabled To manage the Switch through the web based management while utilizing the SSL function the web browser must support SSL encryption and the header of the URL must begin with https Ex https 10 90 90 90 Any other method will result in an error and no access can be authorized for the web base...

Page 104: ...phersuite This field is Enabled by default NOTE Certain implementations concerning the function and configuration of SSL are not available on the web based management of this Switch and need to be configured using the command line interface For more information on SSL and its functions see the DGS 3024 Command Line Interface Reference Manual located on the documentation CD of this product NOTE Ena...

Page 105: ...unts window in the Security folder This is identical to creating any other admin level User Account on the Switch including specifying a password This password is used to logon to the Switch once a secure communication path has been established using the SSH protocol 2 Configure the User Account to use a specified authorization method to identify users that are allowed to establish SSH connections...

Page 106: ...timeout The user may set a time between 120 and 600 seconds The default setting is 120 seconds Auth Fail 2 20 Allows the Administrator to set the maximum number of attempts that a user may try to log on to the SSH Server utilizing the SSH authentication After the maximum number of attempts has been exceeded the Switch will be disconnected and the user must reconnect to the Switch to attempt anothe...

Page 107: ...g algorithms may be set Parameter Description Encryption Algorithm 3DES CBC Use the pull down to enable or disable the Triple Data Encryption Standard encryption algorithm with Cipher Block Chaining The default is Enabled Blow fish CBC Use the pull down to enable or disable the Blowfish encryption algorithm with Cipher Block Chaining The default is Enabled AES128 CBC Use the pull down to enable or...

Page 108: ...ication Code mechanism utilizing the MD5 Message Digest encryption algorithm The default is Enabled Public Key Algorithm HMAC RSA Use the pull down to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing the RSA encryption algorithm The default is Enabled HMAC DSA Use the pull down to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing...

Page 109: ... a remote SSH server for authentication purposes Choosing this parameter requires the user to input the following information to identify the SSH user Host Name Enter an alphanumeric string of no more than 32 characters to identify the remote SSH user Host IP Enter the corresponding IP address of the SSH user Password This parameter should be chosen if the administrator wishes to use an administra...

Page 110: ...erver will not accept the username and password and the user is denied access to the Switch The server doesn t respond to the verification query At this point the Switch receives the timeout from the server and then moves to the next method of verification configured in the method list The Switch has four built in Authentication Server Groups one for each of the TACACS XTACACS TACACS and RADIUS pr...

Page 111: ...ser Attempts 1 255 This command will configure the maximum number of times the Switch will accept authentication attempts Users failing to be authenticated after the set amount of attempts will be denied access to the Switch and will be locked out of further authentication attempts Command line interface users will have to wait 60 seconds before another authentication attempt Telnet and web users ...

Page 112: ... the Enable Method Lists window in this section for more information Click Apply to implement changes made Authentication Server Group This window will allow users to set up Authentication Server Groups on the Switch A server group is a technique used to group TACACS XTACACS TACACS RADIUS server hosts into user defined categories for authentication using method lists The user may define the type o...

Page 113: ...ntication Server Group Table Add Settings window Enter a group name of up to 15 characters into the Group Name field and click Apply The entry should appear in the Authentication Server Group Settings window NOTE The user must configure Authentication Server Hosts using the Authentication Server Hosts window before adding hosts to the list Authentication Server Hosts must be configured for their s...

Page 114: ...r Host Figure 8 13 Authentication Server Host Settings window To add an Authentication Server Host click the Add button revealing the following window Figure 8 14 Authentication Server Host Setting Add window Configure the following parameters to add an Authentication Server Host Parameter Description IP Address The IP address of the remote server host the user wishes to add Protocol The protocol ...

Page 115: ...n authentication request to the second TACACS host in the server group and so on until the list is exhausted At that point the Switch will restart the same sequence with the following protocol listed XTACACS If no authentication takes place using the XTACACS list the local account database set in the Switch is used to authenticate the user When the local method is used the privilege level will be ...

Page 116: ...mote TACACS server xtacacs Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server radius Adding this parameter will require the user to be authenticated using the RADIUS protocol from a remote RADIUS server ser...

Page 117: ... in the server group If no verification is found the Switch will send an authentication request to the second TACACS host in the server group and so on until the list is exhausted At that point the Switch will restart the same sequence with the following protocol listed XTACACS If no authentication takes place using the XTACACS list the Local Enable password set in the Switch is used to authentica...

Page 118: ...rver tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server xtacacs Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server server_group Addi...

Page 119: ...ng on to the Switch users will have only user level privileges To gain access to administrator level privileges the user will open this window and will have to enter an authentication password Possible authentication methods for this function include TACACS XTACACS TACACS RADIUS user defined server groups local enable local account on the Switch or no authentication none Because XTACACS and TACACS...

Page 120: ...lays all current users for the Switch Access Right Displays the current access level assigned to each corresponding user There are two access levels User and Admin Admin has full read write access while a User has read only access Figure 9 2 User Account Modify Table window Add To add a User Account fill in the appropriate information in the Username New Password and Confirm New Password fields Th...

Page 121: ...ndow is described as follows Parameter Description User Name The user name being edited Old Password Enter the last password used in this field New Password Enter the desired new password in this field Confirm New Password Enter the new password a second time Admin and User Privileges There are two levels of user privileges Admin and User Some menu selections available to users with Admin privileg...

Page 122: ... Accounts Yes No View User Accounts Yes No Table 9 1 Admin and User Privileges After establishing a User Account with Admin level privileges be sure to save the changes by opening the Maintenance folder opening the Save Configuration window and clicking the Save Configuration button 108 ...

Page 123: ...ult community strings for the Switch used for SNMP v 1 and v 2 management access are public Allows authorized management stations to retrieve MIB objects private Allows authorized management stations to retrieve and modify MIB objects SNMPv3 uses a more sophisticated authentication process that is separated into two parts The first part is to maintain a list of users and their attributes that are ...

Page 124: ...ield has been checked This field will require the user to enter a password SHA Specifies that the HMAC SHA authentication protocol will be used This field is only operable when the Encryption field has been checked This field will require the user to enter a password Priv Protocol None Specifies that no authorization protocol is in use DES Specifies that DES 56 bit encryption is in use based on th...

Page 125: ...dow The SNMP Group created with this table maps SNMP users identified in the SNMP User Table to the views created in the previous window The following parameters can be set Parameter Description View Name Type an alphanumeric string of up to 32 characters This is used to identify the new SNMP view being created Subtree OID Type the Object Identifier OID Subtree for the view The OID identifies an o...

Page 126: ... window should appear Figure 9 8 SNMP Group Table window To delete an existing SNMP Group Table entry click the corresponding under the Delete heading To display the current settings for an existing SNMP Group Table entry click the hyperlink for the entry under the Group Name Figure 9 9 SNMP Group Table Display window To add a new entry to the Switch s SNMP Group Table click the Add button in the ...

Page 127: ...alized and distributed network management strategies It includes improvements in the Structure of Management Information SMI and adds some security features SNMPv3 Specifies that the SNMP version 3 will be used SNMPv3 provides secure access to devices through a combination of authentication and encrypting packets over the network Security Level The Security Level settings only apply to SNMPv3 NoAu...

Page 128: ...window Figure 9 11 SNMP Community Table Configuration window The following parameters can be set Parameter Description Community Name Type an alphanumeric string of up to 32 characters that is used to identify members of an SNMP community This string is used like a password to give remote SNMP managers access to MIB objects in the Switch s SNMP agent View Name Type an alphanumeric string of up to ...

Page 129: ...e Configuration window as shown below Figure 9 13 SNMP Host Table Configuration window The following parameters can be set Parameter Description Host IP Address Type the IP address of the remote management station that will serve as the SNMP host for the Switch SNMP Version V1 To specifies that SNMP version 1 will be used V2 To specify that SNMP version 2 will be used V3 NoAuth NoPriv To specify t...

Page 130: ...NMP engine on the Switch To display the Switch s SNMP Engine ID open the SNMP Manager folder located in the Management folder and click on the SNMP Engine ID link This will open the SNMP Engine ID Configuration window as shown below Figure 9 14 SNMP Engine ID Configuration window To change the Engine ID type the new Engine ID in the space provided and click the Apply button 116 ...

Page 131: ...he port To view the port utilization open the Monitoring folder and then click the Port Utilization link Figure 10 1 Utilization window The following fields can be set Parameter Description Time Interval Select the desired setting between 1s and 60s where s stands for seconds The default value is one second Record Number Select the number of times the Switch will be polled between 20 and 200 The d...

Page 132: ...e Six windows are offered Received RX Click the Received RX link in the Packets folder of the Monitoring menu to view the following graph of packets received on the Switch Figure 10 2 Rx Packets Analysis window line graph for Bytes and Packets To view the Received Packets Table click the link View Table which will show the following table 118 ...

Page 133: ...er of times the Switch will be polled between 20 and 200 The default value is 20 Bytes Counts the number of bytes received on the port Packets Counts the number of packets received on the port Show Hide Check whether to display Bytes and Packets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather th...

Page 134: ...ets folder of the Monitoring menu to view the following graph of UMB cast packets received on the Switch Figure 10 4 Rx Packets Analysis window line graph for Unicast Multicast and Broadcast Packets To view the UMB Cast Table click the View Table link which will show the following table 120 ...

Page 135: ...cast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast Counts the total number of good packets that were received by a broadcast address Show Hide Check whether or not to display Multicast Broadcast and Unicast Packets Clear Clicking this button clears all statistics ...

Page 136: ...k in the Packets folder of the Monitoring menu to view the following graph of packets transmitted from the Switch Figure 10 6 Tx Packets Analysis window line graph for Bytes and Packets To view the Transmitted TX Table click the link View Table which will show the following table 122 ...

Page 137: ...e Switch will be polled between 20 and 200 The default value is 20 Bytes Counts the number of bytes successfully sent from the port Packets Counts the number of packets successfully sent on the port Show Hide Check whether or not to display Bytes and Packets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a ta...

Page 138: ...r a line graph or a table Four windows are offered Received RX Click the Received RX link in the Errors folder of the Monitoring menu to view the following graph of error packets received on the Switch Figure 10 8 Rx Error Analysis window line graph To view the Received Error Packets Table click the link View Table which will show the following table 124 ...

Page 139: ...s packets received that were longer than 1518 octets or if a VLAN frame is 1522 octets and less than the MAX_PKT_LEN Internally MAX_PKT_LEN is equal to 1522 Fragment The number of packets less than 64 bytes with either bad framing or an invalid CRC These are normally the result of collisions Jabber The number of packets with lengths more than the MAX_PKT_LEN bytes Internally MAX_PKT_LEN is equal t...

Page 140: ...TX link in the Errors folder of the Monitoring menu to view the following graph of error packets received on the Switch Figure 10 10 Tx Error Analysis window line graph To view the Transmitted Error Packets Table click the link View Table which will show the following table 126 ...

Page 141: ...into the transmission of a packet ExColl Excessive Collisions The number of packets for which transmission failed due to excessive collisions SingColl Single Collision Frames The number of successfully transmitted packets for which transmission is inhibited by more than one collision Coll An estimate of the total number of collisions on this network segment CRCError Counts otherwise valid packets ...

Page 142: ... by the Switch arranged in six groups and classed by size to be viewed as either a line graph or a table Two windows are offered Figure 10 12 Packet Size Analysis window line graph To view the Packet Size Analysis Table click the link View Table which will show the following table 128 ...

Page 143: ...255 octets in length inclusive excluding framing bits but including FCS octets 256 511 The total number of packets including bad packets received that were between 256 and 511 octets in length inclusive excluding framing bits but including FCS octets 512 1023 The total number of packets including bad packets received that were between 512 and 1023 octets in length inclusive excluding framing bits ...

Page 144: ...ding table to be browsed by MAC Address Enter a MAC address for the forwarding table to be browsed by Find Allows the user to move to a sector of the database corresponding to a user defined port VLAN or MAC address VID The VLAN ID of the VLAN the port is a member of MAC Address The MAC address entered into the address table Port The port that the MAC address above corresponds to Learned How the S...

Page 145: ...p receiving stations and to the PC connected to the console manager Click Next to go to the next page of the Switch History Log Clicking Clear will allow the user to clear the Switch History Log The information is described as follows Parameter Description Sequence A counter incremented whenever an entry to the Switch s history log is made The table displays the last entry highest sequence number ...

Page 146: ...lowing field can be viewed Parameter Description VLAN ID The VLAN ID VID of the multicast group Multicast Group The IP address of the multicast group MAC Address The MAC address of the multicast group Queries A read only field showing the status of the Querier State Disabled implies that the Switch is not transmitting IGMP Snooping Query packets while Enabled means those packets are being transmit...

Page 147: ... hand corner Search button The following field can be viewed Parameter Description VLAN ID The VLAN ID VID of the multicast group Multicast Group The IP address of the multicast group MAC Address The MAC address of the multicast group Port Map These are the ports where the IGMP packets were snooped are displayed VLAN Status This allows the VLAN status for each of the Switch s ports to be viewed by...

Page 148: ...nt interfaces is displayed as a static router port designated by an S A router port that is dynamically configured by the Switch is designated by D To view the following window open the Monitoring folder and click the Router Port link Figure 10 19 Browse Router Port window Session Table Figure 10 20 Current Session Table window This window displays a list of all the users that are currently logged...

Page 149: ... viewed Parameter Description Server The identification number assigned to each RADIUS Authentication server that the client shares a secret with UDP Port The UDP port the client is using to send requests to this server Timeouts The number of authentication timeouts to this server After a timeout the client may retry to the same server send to a different server or give up A retry to the same serv...

Page 150: ...itch s firmware open the TFTP Services folder in the Maintenance folder and click the Download Firmware link Figure 11 1 Download Firmware from TFTP Server window To download firmware configure the following fields and click Start Parameter Description Server IP Address Enter the IP address of the server from which to download firmware File Name Specify the path and filename of the firmware on the...

Page 151: ...itch settings on the TFTP server Click Start to record the IP address of the TFTP server and to initiate the file transfer Save History Log To upload the Switch history log file to a TFTP server open the TFTP Services folder in the Maintenance folder and then click the Upload Log to TFTP Server link Figure 11 4 Upload Log to TFTP Server window Enter the IP address of the TFTP server and the path a...

Page 152: ...cking its radio button and entering a number between 1 and 255 Click Start to initiate the Ping program Save Changes The DGS 3204 has two levels of memory normal RAM and non volatile or NV RAM Configuration changes are made effective by clicking the Apply button When this is done the settings will be immediately applied to the Switching software in RAM and will immediately take effect Some setting...

Page 153: ...llowing dialog box will confirm that the configuration has been saved Figure 11 7 Save Configuration Confirmation dialog box Click the OK button to continue Once the Switch configuration settings have been saved to NV RAM they become the default settings for the Switch These settings will be used every time the Switch is rebooted 139 ...

Page 154: ...factory defaults NOTE Only the Reset System option will enter the factory default parameters into the Switch s non volatile RAM and then restart the Switch All other options enter the factory defaults into the current configuration but do not save this configuration Reset System will return the Switch s configuration to the state it was when it left the factory Reset gives the option of retaining ...

Page 155: ... the last saved configuration when rebooted Figure 11 10 Reset Config window Reset System In addition the Reset System option is added to reset all configuration parameters to their factory defaults save these parameters to the Switch s non volatile RAM and then restart the Switch This option is equivalent to Reset Config followed by Save Changes Figure 11 11 Reset System window Logout Use the Log...

Page 156: ...ding Table Age Time Max age 10 1000000 seconds Default 300 Physical and Environmental AC Inputs 100 240 VAC 50 60 Hz internal universal power supply Power Consumption 45 watts maximum DC Fans 2 built in 40 x 40 x 10 mm fans Operating Temperature 0 to 40 degrees Celsius 32 to 104 degrees Fahrenheit Storage Temperature 40 to 70 degrees Celsius 40 to 158 degrees Fahrenheit Humidity Storage 5 to 95 no...

Page 157: ...ASE TX 1000BASE T 2 pair UTP Cat 3 4 5 100 meters maximum EIA TIA 568 100 ohm STP 100 meters maximum UTP Cat 5 100 meters maximum EIA TIA 568 100 ohm STP 100 meters maximum UTP Cat 5e 100 meters maximum UTP Cat 5 100 meters maximum EIA TIA 568 100 ohm STP 100 meters maximum Fiber Optic SFP Mini GBIC Support IEEE 802 3z 1000BASE LX DEM 310GT Transceiver IEEE 802 3z 1000BASE SX DEM 311GT Transceiver...

Page 158: ... LX Single mode fiber module 10km SFP Transceiver for 1000BASE SX Multi mode fiber module 550m SFP Transceiver for 1000BASE LHX Single mode fiber module 50km Mini GBIC SFP Transceiver for 1000BASE ZX Single mode fiber module 80km 1000BASE T Category 5e UTP Cable Category 5 UTP Cable 1000 Mbps 100m 100BASE TX Category 5 UTP Cable 100 Mbps 100m 10BASE T Category 3 UTP Cable 10 Mbps 100m 144 ...

Page 159: ...work segments BOOTP The BOOTP protocol allows you to automatically map an IP address to a given MAC address each time a device is started In addition the protocol can assign the subnet mask and default gateway to a device bridge A device that interconnects local or remote networks no matter what higher level protocols are involved Bridges form a single logical network centralizing network administ...

Page 160: ...ains its own internal MIB multicast Single packets copied to a specific subset of network addresses These addresses are specified in the destination address field of the packet protocol A set of rules for communication between devices on a network The rules dictate format timing sequencing and error control resilient link A pair of ports that can be configured so that one will take over data trans...

Page 161: ...e using your Switch s local management capabilities UDP User Datagram Protocol An Internet standard protocol that allows an application program on one device to send a datagram to an application program on another device VLAN Virtual LAN A group of location and topology independent devices that communicate as if they are on a common physical LAN VLT Virtual LAN Trunk A Switch to Switch link which ...

Page 162: ...eitung keine Verbesserung erzielen e Das Gerät ist gefallen und oder das Gehäuse ist beschädigt f Wenn das Gerät deutliche Anzeichen eines Defektes aufweist 16 Bei Reparaturen dürfen nur Orginalersatzteile bzw den Orginalteilen entsprechende Teile verwendet werden Der Einsatz von ungeeigneten Ersatzteilen kann eine weitere Beschädigung hervorrufen 17 Wenden Sie sich mit allen Fragen die Service un...

Page 163: ...urned to D Link without an RMA number will be rejected and shipped back to Purchaser at Purchaser s expense and D Link reserves the right in such a case to levy a reasonable handling charge in addition mailing or shipping costs Software Warranty service for software products may be obtained by contacting a D Link office within the applicable warranty period A list of D Link offices is provided at ...

Page 164: ...t is attributable to the Software Except as otherwise agreed by D Link in writing the replacement Software is provided only to the original licensee and is subject to the terms and conditions of the license granted by D Link for the Software Replacement Software will be warranted for the remainder of the original Warranty Period and is subject to the same limitations and exclusions If a material n...

Page 165: ...ce Damage that occurs in shipment due to act of God failures due to power surge and cosmetic damage Any hardware software firmware or other products or services provided by anyone other than D Link and Products that have been purchased from inventory clearance or liquidation sales or other sales in which D Link the sellers or the liquidators expressly disclaim their warranty obligation pertaining ...

Page 166: ...opyright Statement No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation transformation or adaptation without permission from D Link Corporation D Link Systems Inc as stipulated by the United States Copyright Act of 1976 and any amendments thereto Contents are subject to change without...

Page 167: ...Registration Register your D Link product online at http support dlink com register Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights ...

Page 168: ...liates authorized resellers or country distributors collectively referred to in this limited warranty as D LINK with this limited warranty The Term D LINK Hardware Product is limited to the hardware components and all its internal components including firmware The term D LINK Hardware Product DOES NOT include any software applications or programs Geographical Scope of the Limited Product Warranty ...

Page 169: ...nagement software Five 5 years All other products Two 2 years Spare parts i e External Power Adapters Fans One 1 year The warranty period stated in this card supersedes and replaces the warranty period as stated in the user s manual or in the purchase contract for the relevant products For the avoidance of doubt if you have purchased the relevant D LINK product as a consumer your statutory rights ...

Page 170: ...te Garantie findet überall Anwendung wo D LINK oder dessen autorisierte Servicepartner Garantiedienste gemäß den Bestimmungen dieser eingeschränkten Garantie erbringen Gleichwohl kann sich die Verfügbarkeit von Garantiediensten und die Bearbeitungszeit von Land zu Land unterscheiden und von Registrierungsanforderungen abhängig sein Einschränkung der Garantie D LINK gewährleistet dass die nachstehe...

Page 171: ...g von D LINK darin dem ursprünglichen Käufer das defekte Produkt kostenlos zu reparieren oder es auszutauschen Voraussetzung hierfür ist dass das Produkt während der Garantielaufzeit einem autorisierten D LINK Servicecenter übergeben wird Reparatur oder Austausch werden von D LINK durch ein autorisiertes D LINK Servicecenter durchgeführt Bauteile oder Hardware Produkte die gemäß dieser eingeschrän...

Page 172: ...ées dans la présente Garantie Produit Limitée Cependant la disponibilité du service de garantie et les temps de réponse varient d un pays à l autre et peuvent également être assujettis à un enregistrement Limitation de la Garantie Produit D LINK garantit que les produits décrits ci dessous dans le cadre d une utilisation normale sont dénués de défauts conséquents tant au niveau de leurs composants...

Page 173: ... légaux demeurent inchangés Exécution de la Garantie Produit Limitée En cas de défaut ou d erreur d un produit l unique obligation de D LINK se limite à la réparation ou au remplacement gratuit du produit défectueux au bénéfice de l acheteur initial sous réserve que le produit soit rapporté à un Centre de Service Agréé D LINK pendant la période de garantie D LINK assure la réparation ou le remplac...

Page 174: ...l producto será válida en cualquier país en el que D LINK o sus proveedores autorizados de servicios ofrezcan un servicio de garantía sujeto a los términos y condiciones recogidos en esta garantía limitada del producto Sin embargo la disponibilidad del servicio de garantía así como el tiempo de respuesta pueden variar de un país a otro y pueden estar sujetos a requisitos de registro Limitación de ...

Page 175: ...que consta en el manual del usuario o en el contrato de compra de los productos correspondientes Para evitar dudas si usted ha comprado el producto D LINK correspondiente como consumidor sus derechos legales no se ven afectados Uso de la garantía limitada del producto Si un producto presenta algún defecto la obligación exclusiva de D LINK será reparar o reemplazar sin coste alguno para el comprado...

Page 176: ...ai paesi nominati in questa appendice La Garanzia verrà riconosciuta in tutti i paesi nei quail D LINK o i suoi Centri di Assistenza autorizzati offrono assistenza conformemente alle condizioni e ai termini stabiliti nella presente Garanzia Tuttavia la disponibilità all assistenza e i tempi di intervento variano da paese a paese e possono essere soggetti a eventuali requisiti di registrazione Limi...

Page 177: ... uso o nel contratto di acquisto del prodotto Se avete acquistato un prodotto DLINK in qualità di consumatore i Vostri diritti rimangono invariati Prestazioni della Garanzia limitata Qualora comparisse un difetto o una non conformità D LINK avrà l unico obbligo di riparare o sostituire il prodotto non conforme senza alcun costo per l acquirente a condizione che il prodotto venga restituito a un Ce...

Page 178: ...nday to Friday 8 00am to 8 00pm EST Saturday 9 00am to 1 00pm EST D Link Technical Support over the Internet http www dlink com au email support dlink com au Tech Support for customers within New Zealand D Link Technical Support over the Telephone 0800 900 900 Monday to Friday 8 30am to 8 30pm Saturday 9 00am to 5 00pm D Link Technical Support over the Internet http www dlink co nz email support d...

Page 179: ...bsite Tech Support for customers within South Eastern Asia and Korea D Link South Eastern Asia and Korea Technical Support over the Telephone 65 6895 5355 Monday to Friday 9 00am to 12 30pm 2 00pm 6 00pm Singapore Time D Link Technical Support over the Internet email support dlink com sg ...

Page 180: ... customers within India D Link Technical Support over the Telephone 91 22 26526741 91 22 26526696 ext 161 to 167 Monday to Friday 9 30AM to 7 00PM D Link Technical Support over the Internet http ww dlink co in http www dlink co in dlink drivers support asp ftp support dlink co in email techsupport dlink co in ...

Page 181: ...he duration of the warranty period on this product Customers can contact D Link technical support through our web site or by phone Tech Support for customers within the Russia D Link Technical Support over the Telephone 495 744 00 99 Monday to Friday 10 00am to 6 30pm D Link Technical Support over the Internet http www dlink ru email support dlink ru ...

Page 182: ...Link Technical Support over the Telephone 972 9 9715701 Sunday to Thursday 9 00am to 5 00pm D Link Technical Support over the Internet http www dlink co il support e mail support dlink co il Tech Support for customers within Turkey D Link Technical Support over the Telephone 0090 312 473 40 55 Monday to Friday 9 00am to 6 00pm D Link Technical Support over the Internet http www dlink com tr e mail...

Page 183: ...stomers within South Africa and Sub Sahara Region D Link South Africa and Sub Sahara Technical Support over the Telephone 27 12 665 2165 08600 DLINK For South Africa only Monday to Friday 8 30am to 9 00pm South Africa Time D Link Technical Support over the Internet http www d link co za email support d link co za ...

Page 184: ...vador 800 6137 Monday to Friday 06 00am to 19 00pm Guatemala 1800 300 0017 Monday to Friday 06 00am to 19 00pm Panama 0800 560 0193 Monday to Friday 07 00am to 20 00pm Peru 0800 52049 Monday to Friday 07 00am to 20 00pm Venezuela 0800 100 3470 Monday to Friday 08 00am to 21 00pm D Link Technical Support over the Internet www dlinkla com www dlinklatinamerica com email support dlink cl Tech Support...

Page 185: ...Link D Link предоставляет бесплатную поддержку для клиентов в течение гарантийного срока Клиенты могут обратиться в группу технической поддержки D Link по телефону или через Интернет Техническая поддержка D Link 495 744 00 99 Техническая поддержка через Интернет http www dlink ru email support dlink ru ...

Page 186: ...elp Desk Chile Teléfono 800 8 35465 Lunes a Viernes 08 00 am a 21 00 pm Soporte Técnico Help Desk Colombia Teléfono 01800 7001588 Lunes a Viernes 07 00 am a 20 00 pm Soporte Técnico Help Desk Ecuador Teléfono 1800 777 711 Lunes a Viernes 07 00 am a 20 00 pm Soporte Técnico Help Desk El Salvador Teléfono 800 6137 Lunes a Viernes 06 00 am a 19 00 pm Soporte Técnico Help Desk Guatemala Teléfono 1800 ...

Page 187: ...kbrasil com br A D Link fornece suporte técnico gratuito para clientes no Brasil durante o período de vigência da garantia deste produto Suporte Técnico para clientes no Brasil Telefone São Paulo 11 2185 9301 Segunda à sexta Das 8h30 às 18h30 Demais Regiões do Brasil 0800 70 24 104 E mail email suporte dlinkbrasil com br ...

Page 188: ......

Page 189: ...support through our website or by phone Tech Support for customers within the United States D Link Technical Support over the Telephone 888 843 6100 Hours of Operation 8 00AM to 6 00PM PST D Link Technical Support over the Internet http support dlink com email support dlink com Tech Support for customers within Canada D Link Technical Support over the Telephone 800 361 5265 Monday to Friday 7 30am...

Page 190: ...s within The United Kingdom Ireland D Link UK Ireland Technical Support over the Internet http www dlink co uk ftp ftp dlink co uk D Link UK Ireland Technical Support over the Telephone 08456 12 0003 United Kingdom 1890 886 899 Ireland Lines Open 8 00am 10 00pm Mon Fri 10 00am 7 00pm Sat Sun For Customers within Canada D Link Canada Technical Support over the Telephone 1 800 361 5265 Canada Mon to...

Page 191: ...upport dlink de Telefon 49 1805 2787 0 12 Min aus dem Festnetz der Deutschen Telekom Telefonische technische Unterstützung erhalten Sie Montags bis Freitags von 09 00 bis 17 30 Uhr Unterstützung erhalten Sie auch bei der Premiumhotline für D Link Produkte unter der Rufnummer 09001 475767 Montag bis Freitag von 6 22 Uhr und am Wochenende von 11 18 Uhr 1 75 Min aus dem Festnetz der Deutschen Telekom...

Page 192: ...Assistance technique D Link par téléphone 0820 0803 03 N INDIGO 0 12 TTC min Prix en France Métropolitaine au 3 mars 2005 Du lundi au samedi de 9h00 à 19h00 Assistance technique D Link sur internet http www dlink fr e mail support dlink fr Support technique destiné aux clients établis au Canada Assistance technique D Link par téléphone 800 361 5265 Lun Ven 7h30 à 21h00 HNE Assistance technique D L...

Page 193: ... Link ofrece asistencia técnica gratuita para clientes residentes en España durante el periodo de garantía del producto Asistencia Técnica de D Link por teléfono 34 902 30 45 45 Lunes a Viernes de 9 00 a 14 00 y de 15 00 a 18 00 Asistencia Técnica de D Link a través de Internet http www dlink es support e mail soporte dlink es ...

Page 194: ...ito D Link Supporto tecnico per i clienti residenti in Italia D Link Mediterraneo S r L Via N Bonnet 6 B 20154 Milano Supporto Tecnico dal lunedì al venerdì dalle ore 9 00 alle ore 19 00 con orario continuato Telefono 02 39607160 URL http www dlink it supporto html Email tech dlink it ...

Page 195: ...herlands D Link Technical Support over the Telephone 0900 501 2007 Monday to Friday 9 00 am to 10 00 pm D Link Technical Support over the Internet www dlink nl Tech Support for customers within Belgium D Link Technical Support over the Telephone 070 66 06 40 Monday to Friday 9 00 am to 10 00 pm D Link Technical Support over the Internet www dlink be Tech Support for customers within Luxemburg D Li...

Page 196: ...ą pomoc techniczną klientom w Polsce w okresie gwarancyjnym produktu Klienci z Polski mogą się kontaktować z działem pomocy technicznej firmy D Link za pośrednictwem Internetu lub telefonicznie Telefoniczna pomoc techniczna firmy D Link 48 12 25 44 000 Pomoc techniczna firmy D Link świadczona przez Internet URL http www dlink pl e mail dlink fixit pl ...

Page 197: ...my D Link D Link poskytuje svým zákazníkům bezplatnou technickou podporu Zákazníci mohou kontaktovat oddělení technické podpory přes webové stránky mailem nebo telefonicky Web http www dlink cz suppport E mail support dlink cz Telefon 224 247 503 Telefonická podpora je v provozu PO PÁ od 09 00 do 17 00 ...

Page 198: ...t munkanapokon hétfőtől csütörtökig 9 00 16 00 óráig és pénteken 9 00 14 00 óráig kérhet a 1 461 3001 telefonszámon vagy a support dlink hu emailcímen Magyarországi technikai támogatás D Link Magyarország 1074 Budapest Alsóerdősor u 6 R70 Irodaház 1 em Tel 06 1 461 3001 Fax 06 1 461 3004 email support dlink hu URL http www dlink hu ...

Page 199: ...sider D Link tilbyr sine kunder gratis teknisk support under produktets garantitid Kunder kan kontakte D Links teknisk support via våre hjemmesider eller på tlf Teknisk Support D Link Teknisk telefon Support 800 10 610 Hverdager 08 00 20 00 D Link Teknisk Support over Internett http www dlink no ...

Page 200: ...byder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode Danske kunder kan kontakte D Link s tekniske support via vores hjemmeside eller telefonisk D Link teknisk support over telefonen Tlf 7026 9040 Hverdager kl 08 00 20 00 D Link teknisk support på Internettet http www dlink dk ...

Page 201: ...a teknistä tukea asiakkailleen Tuotteen takuun voimassaoloajan Tekninen tuki palvelee seuraavasti Arkisin klo 9 21 numerosta 0800 114 677 Internetin kautta Ajurit ja lisätietoja tuotteista http www dlink fi Sähköpostin kautta voit myös tehdä kyselyitä ...

Page 202: ... annan användarinformation D Link tillhandahåller teknisk support till kunder i Sverige under hela garantitiden för denna produkt Teknisk Support för kunder i Sverige D Link Teknisk Support via telefon 0770 33 00 35 Vardagar 08 00 20 00 D Link Teknisk Support via Internet http www dlink se ...

Page 203: ... site de D Link Portugal http www dlink pt A D Link fornece suporte técnico gratuito para clientes no Portugal durante o período de vigência de garantia deste produto Suporte Técnico para clientes no Portugal Assistência Técnica Email soporte dlink es http www dlink pt support ftp ftp dlink es ...

Page 204: ...δωρεάν υποστήριξη στον Ελλαδικό χώρο Μπορείτε να επικοινωνείτε µε το τµήµα τεχνικής υποστήριξης µέσω της ιστοσελίδας ή µέσω τηλεφώνου Για πελάτες εντός του Ελλαδικού χώρου Τηλεφωνική υποστήριξη D Link Τηλ 210 86 11 114 Φαξ 210 86 53 172 ευτέρα Παρασκευή 09 00 17 00 e mail support dlink gr Τεχνική υποστήριξη D Link µέσω Internet http www dlink gr ftp ftp dlink it ...

Page 205: ...International Offices ...

Page 206: ...1 FAX 32 0 2 517 6500 URL www dlink be Poland Budynek Aurum ul Walic w 11 PL 00 851 Warszawa Poland TEL 48 0 22 583 92 75 FAX 48 0 22 583 92 76 URL www dlink pl Hungary R k czi t 70 72 HU 1074 Budapest Hungary TEL 36 0 1 461 30 00 FAX 36 0 1 461 30 09 URL www dlink hu Singapore 1 International Business Park 03 12 The Synergy Singapore 609917 TEL 65 6774 6233 FAX 65 6774 6322 URL www dlink intl com...

Page 207: ...________________________ Answers to the following questions help us to support your product 1 Where and how will the product primarily be used Home Office Travel Company Business Home Business Personal Use 2 How many employees work at installation site 1 employee 2 9 10 49 50 99 100 499 500 999 1000 or more 3 What network protocol s does your organization use XNS IPX TCP IP DECnet Others__________...

Page 208: ......

Reviews: