manualshive.com logo in svg

D-Link DUA-2000, User Manual

The D-Link DUA-2000 is a versatile networking device designed to enhance your internet connection. With our comprehensive User Manual available for download, you can easily set up and optimize your device for free. Get the most out of your D-Link DUA-2000 by visiting manualshive.com to download the manual today.

Share
Download
background image

D-Link DUA-2000 Policy Manager User Manual

 

5.

 

Network Configuration Example 

The D-Link DUA-2000 Policy Manager is a highly integrated solution which requires access 
to multiple services, such as Wireless Controllers, Unified Access Points (APs) and Layer 2 
and 3 switches. This high level of integration requires careful planning and knowledge of 
multiple products and technologies to implement. An example of how to configure the 
network topology for use with the DUA-2000 is shown below. 
 

 

NOTE:

 This configuration applies to the network only and information for 

configuring the Policy Manager follows later in the document. It is designed to 
illustrate what is required to support a Wireless Controller with external 
authentication and captive portal. 

Network Requirements 

In this example, the following elements are required: 
 

Convention 

Description 

DHCP Server

 

This is a Dynamic Host Configuration Protocol (DHCP) server for 
dynamically assigning IP addresses to wireless clients. In the 
example below, a router is used for this function. 

PoE Switch 

This is a Layer 2 device that supplies Power over Ethernet (PoE) to 
the Wireless APs and performs switching and VLAN tagging 
functions. 

Wireless AP

 

This advertises the two Service Set Identifiers (SSIDs) for the 
wireless Employee (corporate) and Personal (BYOD) networks. 

Wireless Controller

 

This controls access to wireless networks and manages wireless 
clients and APs. Clients can be authenticated against a number of 
sources, including the Policy Manager. 

Policy Manager

 

This is responsible for serving the captive portal and providing a 
RADIUS source to the Wireless Controller. It itself can be pointed 
to a number of authentication sources, including RADIUS, AD 
(LDAP), POP3 and RADIUS. 

Table 6-1 – Network Requirements 

 
The following are optional but useful for testing: 
 

Convention 

Description 

Wireless device 
(laptop, tablet or 
smartphone)

 

This is used to join the wireless networks and test captive portal 
and network functionality. 

Internet access

 

This can be used to test Internet access for authenticated clients. 

TFTP Server

 

This is used for testing the policy that has been applied to client 
devices. 

HTTP Server

 

This is used for testing the policy that has been applied to client 
devices. 

Table 6-2 – Optional Requirements 

 
 

 

Summary of Contents for DUA-2000

Page 1: ...Policy Manager User Manual DUA 2000 Ver 1 0 Business Wireless Solution Building Networks for People ...

Page 2: ...stalled and used in accordance with this user s guide may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in w...

Page 3: ...ging on to the Web User Interface 5 Changing the Default IP Address 6 5 System Overview 7 6 Network Configuration Example 9 Network Requirements 9 Network Topology 10 Network Configuration 11 Wireless Controller 11 Policy Manager 11 Network Environment 12 7 Status Monitor 13 Dashboard 13 Dashboard 13 Network 14 Interface Utilization 14 System 14 Device Status 14 Logs 15 8 Network 17 Device 17 IP I...

Page 4: ...rization 47 Authorization Profile 47 Authorization Profile 47 ACL Profile 49 ACL Rule 51 Schedule 54 Schedule Profile 54 Add Schedule Profile 55 10 Maintenance 57 Administration 57 System Information 57 Change Password 58 System Account 58 Date and Time 60 Session 62 Management 63 SNMP 63 SNMP v3 User 63 SNMP Traps 65 SNMP Host List 66 Access Control List 68 SNMP Community 69 Telnet SSH 71 Web Ser...

Page 5: ...82 Syslog Server 82 System Logs 83 Alert 84 Email Alert 84 Alert Type 86 Utilities 87 Logo Setting 87 Ping 88 11 Appendix A Technical Specifications 89 Capacity 89 Hardware Specification 89 Processor and System Memory 89 I O Interface 89 Physical Environment 89 12 Appendix B Rack Mount Instructions 90 ...

Page 6: ...d with the Policy Manager or from the D Link website Other documents related to the device are Quick Installation Guide Conventions Convention Description Boldface Font Indicates a button a toolbar icon menu or menu item For example Open the File menu and choose Cancel Used for emphasis May also indicate system messages or prompts appearing on screen For example You have mail Bold font is also use...

Page 7: ...u should pay special attention to these indicators Each example below provides an explanatory remark regarding each type of indicator NOTE A note indicates important information that helps you make better use of your device NOTICE A notice indicates either potential damage to hardware or loss of data and tells you how to avoid the problem CAUTION A caution indicates a potential for property damage...

Page 8: ...product portfolio It is a fully featured Policy Manager capable of assigning permissions based on who you are where you are when you connect the type of device and the device ownership Policy enforcement is implemented through the network layer removing the need for client software and ensuring compatibility with a wide range of devices The DUA 2000 provides multiple authentication options and can...

Page 9: ... sure that there is proper heat dissipation and adequate ventilation around the server Do not place heavy objects on the server Rack Installation The Policy Manager can be mounted in an EIA standard size 19 inch rack which can be placed in a server room with other equipment To install attach the mounting brackets to the Policy Manager s side panels one on each side and secure them with the screws ...

Page 10: ...able from the Wireless Controller to support authentication authorization and accounting This can either be in the same management subnet or another subnet altogether Connect to the Policy Manager using its default IP address and change this to be in line with your own network policies NOTE The default IP address is 10 90 90 90 with a subnet mask of 255 0 0 0 Logging on to the Web User Interface T...

Page 11: ...ur network topology It is recommended that this is completed before the device is connected to the production network 1 Navigate to Network Device IP Interface 2 Click Edit next to the System interface 3 Change the address type from DHCP to Static 4 Enter an IP Address Mask Gateway and DNS server 5 Press Apply Ensure that you can connect to the Policy Manager using the new IP address ...

Page 12: ...o the Policy Manager as the username the Policy Device User Type is applied to the account and the device is authenticated using the Policy Rule If a username and password is supplied to the Policy Manager then either the Policy User or Policy Guest User Types are applied to the account depending on whether the user has been configured as a guest If it has then the user is authenticated using the ...

Page 13: ...D Link DUA 2000 Policy Manager User Manual 8 Figure 5 1 Logical System Overview ...

Page 14: ...tion PoE Switch This is a Layer 2 device that supplies Power over Ethernet PoE to the Wireless APs and performs switching and VLAN tagging functions Wireless AP This advertises the two Service Set Identifiers SSIDs for the wireless Employee corporate and Personal BYOD networks Wireless Controller This controls access to wireless networks and manages wireless clients and APs Clients can be authenti...

Page 15: ...AN 192 168 10 110 150 192 168 10 1 30 Seconds VLAN 20 Employee VLAN 192 168 20 110 150 192 168 20 1 Default VLAN 30 Personal VLAN 192 168 30 110 150 192 168 30 1 Default Table 6 3 VLANs and DHCP Ranges The addresses assigned to devices are as follows VLAN Number Device Address Netmask Default Gateway VLAN 1 DHCP Server 192 168 10 1 255 255 255 0 192 168 10 1 VLAN 1 PoE Switch 192 168 10 2 255 255 ...

Page 16: ...ress default entry to edit CP configuration Enter Configuration name and Verification mode choose Policy Manager Choose RADIUS Auth Server then press submit button 4 Configure a RADIUS Authentication Server Navigate to LAN Security RADIUS RADIUS Authentication Server Configuration Select Add item then enter RADIUS Server Host Address then chose Yes for Policy Manager Enter RADIUS Server Name then ...

Page 17: ...ployee VLAN for authenticated corporate clients and a personal VLAN for authenticated personal clients The DHCP server needs to offer an IP address in the range configured for each VLAN and so the switch port connecting the DHCP server to the local switch needs to be set up for VLAN tagging The Wireless APs also need to advertise more than one SSID one for each VLAN The DHCP release time should be...

Page 18: ...ing in to the Policy Manager To get to the following page browse to Status Monitor Dashboard Dashboard Figure 7 1 Dashboard The following fields are available Field Description CPU Status The CPU utilization measured in percent RAM Status Memory utilization measured in percent System Network Status kbit s Combined network utilization of all 4 interfaces measured in kilobits per second kbit s Hard ...

Page 19: ...resh automatically To get to the following page browse to Status Monitor Network Interface Utilization Figure 7 2 Interface Utilization System Device Status This provides a device overview for the system and includes the system name time location contact information software and hardware versions and MAC and IP address information To get to the following page browse to Status Monitor System Device...

Page 20: ...stem firmware version Hardware Version The system hardware version MAC Adddress The system MAC address of the active LAN interface s IPv4 Address The IP address of the active LAN interface s Netmask The netmask of the active LAN interface s Gateway The default gateway address of the active LAN interface s Serial Number The serial number of the device HDD The serial number of the hard disk driver u...

Page 21: ...Logs Click Get Log to display logs of the chosen type The following fields are available in the results Field Description Index The log entry index Higher index values are more recent Date Time The date and time of the log entry Severity The Syslog severity Type The type of log entry Info The log entry contents Table 7 4 Log Results Click Get Log to display logs of the chosen type Click Export to ...

Page 22: ...ace Figure 8 1 IP Interface Setting The following fields are available Field Description Name The name of the network interface or Port Trunk IP Address The IP address of the interface Netmask The netmask of the interface DNS The Domain Name System DNS servers for the interface MAC Address The Media Access Control MAC address of the interface Port The ports that the interface configuration applies...

Page 23: ...ddress or dynamically assigned IP address DHCP If Static is chosen it is possible to enter values into the fields below Is DHCP is chosen it is only possible to select ports to apply the settings to and create a Port Trunk Interface Name Name the interface IP Address Enter the IPv4 address for the interface Port Select Select the physical switch port on the DUA 2000 to assign the IP address to At ...

Page 24: ...port trunk with the network switch without any negotiation Selecting Link Aggregation Control Protocol LACP allows the DUA 2000 to negotiate a port trunk with the network switch Table 8 2 Add IP Interface Click Apply to apply the settings Port Trunking Advance Setting Click the Port Trunking Advance Setting tab to view the following window Figure 8 3 Port Trunk Advance Setting The following fields...

Page 25: ...00 To get to the following page browse to Network Device RADIUS Client Figure 8 4 RADIUS Server Setting The following fields are available Field Description Name The name of the RADIUS client that will connect to the RADIUS server IP Address The IP address of the client Subnet Mask The subnet mask of the client Shared Secret The shared secret for the RADIUS client and server Table 8 4 RADIUS Serve...

Page 26: ...Figure 8 5 Add RADIUS Server Client The following fields can be configured Field Description Name Name the RADIUS client that will connect to the RADIUS server IP Address Enter the IP address of the client Subnet Mask Enter the subnet mask of the client Shared Secret Enter a shared secret for the RADIUS client and server Table 8 5 Add RADIUS Server Client Click Apply to apply the settings ...

Page 27: ...authenticated against the Identity Domain This can be Disabled Local Server or one of the Identity Domains entered The default is Disabled Table 8 6 Identity Domain 1 Click Add to add an Identity Domain The following fields are available Field Description Identity Domain The name of the Identity Domain Server Group The Server Group used for authentication defined on the External Server page The lo...

Page 28: ...g window Figure 8 7 Add Identity Domain The following fields can be configured Field Description Identity Domain The name of the Identity Domain Server Group The Server Group to authenticate against This is configured on the External Server page Status The status of the Identity Domain This can be Enabled or Disabled Captive Portal String The Captive Portal String This is appended to the client s ...

Page 29: ...used to group the LDAP servers defined on this page Up to 3 Server Groups can be defined Primary IP Address The IP address of the primary LDAP server Port The port to connect to on the LDAP server Default is 389 The range is 1 65535 LDAP Base DN The LDAP search base for the container that contains the users or devices to be authenticated on the LDAP server Identity The username of the administrati...

Page 30: ...f the third LDAP server Port The port to connect to on the LDAP server Default is 389 The range is 1 65535 LDAP Base DN The LDAP search base for the container that contains the users or devices to be authenticated on the LDAP server Identity The username of the administrative user that is used to log in to the LDAP server and authenticate the client Password The password of the administrative user...

Page 31: ...ated on the AD server Identity The username of the administrative user that is used to log in to the AD server and authenticate the client Password The password of the administrative user that is used to log in to the AD server and authenticate the client SSL Enabled Click to enable or disable SSL for AD authentication The options are Enabled or Disabled Secondary IP Address The IP address of the ...

Page 32: ...log in to the AD server and authenticate the client Password The password of the administrative user that is used to log in to the AD server and authenticate the client SSL Enabled Click to enable or disable SSL for AD authentication The options are Enabled or Disabled Table 8 10 AD Server Setting Click Save to save the changes made Click Cancel to revert the settings to their previous state POP3 ...

Page 33: ...y POP3 server Authentication Port The TCP port to use for POP3 authentication Range 1 65535 The default is 110 SSL Enable Click to enable or disable SSL for POP3 authentication The options are Enabled or Disabled Third IP Address The IP address of the third POP3 server Authentication Port The TCP port to use for POP3 authentication Range 1 65535 The default is 110 SSL Enable Click to enable or dis...

Page 34: ... Key The password of the administrative user that is used to log in to the RADIUS server and authenticate the client Range 1 32 characters Confirm Key Confirm the password of the administrative user that is used to log in to the RADIUS server and authenticate the client Range 1 32 characters Secondary IP Address The IP address of the secondary RADIUS server Authentication Port The TCP port to use ...

Page 35: ...nting Range 1 65535 The default is 1813 Key The password of the administrative user that is used to log in to the RADIUS server and authenticate the client Range 1 32 characters Confirm Key Confirm the password of the administrative user that is used to log in to the RADIUS server and authenticate the client Range 1 32 characters Table 8 12 RADIUS Server Client Click Save to save the changes made ...

Page 36: ...e then the Authorization Profile is returned to the Wireless Controller NOTE It is not possible to deny access to a user or device using the Policy Rule This is done by the Wireless Controller and is based on the Policy Rule being unable to authenticate the device or user To get to the following page browse to Policy Object Policy Rule Rule Figure 9 1 Rule The following fields are available Field ...

Page 37: ...e Policy Rule Device Type The Device Type the Policy Rule applies to This is applied in the Device section Location Profile The Location Profile the Policy Rule applies to Schedule The Schedule Profile that applies to the Policy Rule Authorization Profile The Authorization Profile that applies to the Policy Rule Status The status of the Policy Rule This can be Enabled or Disabled Table 9 2 Rule 2 ...

Page 38: ...ich to authenticate devices It can be set to Others Used to classify any device which is not a mobile phone or laptop on the Device page Mobile Used to classify a device as a mobile phone on the Device page Laptop Used to classify a device as a mobile phone on the Device page Location Profile The Location Profile the Policy Rule applies to Click Create Location Profile to create a new Location Pro...

Page 39: ...ent User Database Figure 9 3 Group The following fields are available Field Description Group Name The name of the user group Description The description of the user group User Type The type of user This can be Policy User This is a user based account on the Policy Manager Policy Device This is a device based account on the Policy Manager Status The user status This can be Enabled or Disabled MAC ...

Page 40: ...up User Type The type of user This can be Policy User This is a user based account on the Policy Manager Policy Device This is a device based account on the Policy Manager Status The user status This can be Enabled or Disabled Mac Binding This is whether any devices are associated with the user accounts If it is set to On then it s possible to assign devices to the account and both the user and de...

Page 41: ...n Username Prefix Enter a Username Prefix and select Case Sensitive Case Insensitive or Match Exactly for the search type Select the group from the Group menu or choose All groups to search for all accounts on the Policy Manager Table 9 6 Account 1 Click Get Accounts to retrieve user account information for the specified group The following fields are available Field Description User Name MAC The ...

Page 42: ...lowing fields can be configured Field Description Group Select Select the group that the user belongs to User Name Enter the user name of the user First Name Enter the first name of the user Last Name Enter the last name of the user Password Enter the password for the user Confirm Password Confirm the password for the user Binding Device List The devices that a user is permitted to log in from Tab...

Page 43: ...feature and the Binding Device List To get to the following page browse to Policy Object Client Device Database Figure 9 7 Property Group The following fields are available Field Description Group Name The name of the Property Group Usage This is the device usage This is a way of restricting the devices that a user can log in from and can be set to the following Single User A personal device that ...

Page 44: ... be set to the following Single User A personal device that is used by a single person Multiple users A corporate device used by multiple people Public users Any device that can be used by both corporate and non corporate users Description The description of the Property Group Table 9 10 Add Property Group Click Apply to apply the settings Device Devices are created on the Device page and consist ...

Page 45: ... of the device in the format xx xx xx xx xx xx This is used to uniquely identify the device Device Type The type of device This is used by the Policy Rule and is another parameter through which to authenticate devices It can be set to Others Use this to classify any device which is not a mobile phone or laptop Mobile Use this to classify a device as a mobile phone Laptop Use this to classify a dev...

Page 46: ...d Description MAC Address The MAC address of the device in the format xx xx xx xx xx xx Device Type The type of device This is used by the Policy Rule and is another parameter through which to authenticate devices It can be set to Others Use this to classify any device which is not a mobile phone or laptop Mobile Use this to classify a device as a mobile phone Laptop Use this to classify a device ...

Page 47: ... wireless APs a client can authenticate from and which switch ports a client can authenticate from based on the Policy Rule To get to the following page browse to Policy Object Endpoint Location Profile Figure 9 11 Location Profile The following fields are available Field Description Profile Name The name of the Location Profile Description The description of the Location Profile Table 9 14 Locati...

Page 48: ...rofile Table 9 15 Add Location Profile Click Apply to apply the settings Endpoint List The Endpoint List is a list of Endpoints that are assigned to the Location Profile The Endpoint List page can be used to add scan edit or delete Endpoints NOTE A maximum of 10 Endpoints can be configured in one Location Profile To get to the following page browse to Policy Object Endpoint Location Profile and cl...

Page 49: ...nts that have already been added to the Endpoint List will display a red circle in the search results Click the green circle to add the device to the Endpoint List The MAC Address field will be populated with the MAC address of the discovered device Table 9 17 Endpoint List 2 Click Scan to scan the subnet for endpoints The following fields are available Field Description Import Endpoint Import end...

Page 50: ...5 on switch 2 in the stack could be another location The Port List is comma separated and is in the format switch stack ID port ID A hyphen can be used to specify a range For example 1 1 1 4 2 5 Description The description of the Endpoint Location Profile The Location Profile this Endpoint has been added to Table 9 19 Endpoint List 4 Click Edit to edit existing Endpoint List settings Click Delete ...

Page 51: ...ould be one location and port 5 on switch 2 in the stack could be another location The Port List is comma separated and is in the format switch stack ID port ID A hyphen can be used to specify a range For example 1 1 1 4 2 5 Description The description of the Endpoint Table 9 20 Add Endpoint to List Click Apply to apply the settings Endpoint to Location Profile This is used to bind an Endpoint to ...

Page 52: ... switch stack ID port ID A hyphen can be used to specify a range For example 1 1 1 4 2 5 Description The description of the Endpoint Location Profile The Location Profile this Endpoint has been added to Table 9 22 Endpoint to Location Profile 2 Select the check boxes for the endpoints you wish to add to a Location Profile and choose the Location Profile from the Location Profile menu Click Save to...

Page 53: ...p The Layer 2 Class of Service level that is applied to traffic from clients that the Authorization Profile applies to Session Timeout The maximum length of the client session measured in seconds Idle Timeout The length of time to keep the client session active if not activity is detected before ending the session measured in seconds ACL Profile The ACL Profile applied to the Authorization Profile...

Page 54: ... 1 409 600 000 bps 1 bps 409 6 Mbps 802 1p The Layer 2 Class of Service level that is applied to traffic from clients that the Authorization Profile applies to Session Timeout The maximum length of the client session Range 0 86400 seconds Idle Timeout The length of time to keep the client session active if not activity is detected before ending the session Range 0 900 seconds ACL Profile The ACL P...

Page 55: ...ields are available Field Description ACL Profile Name The name of the ACL Profile ACL Rule This is the list of the ACL Rules in the ACL Profile with the ACL Profile on the left being matched first and the ACL Profile on the right being matched last Table 9 25 ACL Profile Click Add to add an ACL Profile Click Delete to delete an ACL Profile Add ACL Profile Click the Add button to view the followin...

Page 56: ...1 to 10 with 1 being matched first and 10 being matched last Table 9 26 Add ACL Profile Click Apply to apply the settings ACL Rule The ACL Rule can permit or deny traffic based on the destination MAC or IP address and Layer 4 information such as TCP and UDP port number A mask can also be defined to match TCP or UDP port numbers in a range To get to the following page browse to Policy Object Author...

Page 57: ...ffff then a logical AND operation is performed between the port number in hex notation and the port mask also in hex notation UDP Port The destination UDP port that the rule matches UDP Port Mask A mask defining the range of UDP ports allowed in the range 0000 ffff If ffff is defined then only the port specified is allowed If the mask is not ffff then a logical AND operation is performed between t...

Page 58: ...ning the range of TCP ports allowed in the range 0000 ffff If ffff is defined then only the port specified is allowed If the mask is not ffff then a logical AND operation is performed between the port number in hex notation and the port mask also in hex notation UDP Port The destination UDP port that the rule matches Range 0 65535 UDP Port Mask A mask defining the range of UDP ports allowed in the...

Page 59: ... of the Schedule Profile Description The description of the Schedule Profile Rule1 Rule 1 in the Schedule Profile A green background means it is enabled and a red background means it is disabled Rule2 Rule 2 in the Schedule Profile A green background means it is enabled and a red background means it is disabled Rule3 Rule 3 in the Schedule Profile A green background means it is enabled and a red b...

Page 60: ...e applies to From The start time of the schedule measured in 24 hour format To The end time of the schedule measured in 24 hour format Enabled Rule 2 Tick this box to enable the rule in the Schedule Profile and un tick it to disable it Weekday The day of the week that this schedule applies to From The start time of the schedule measured in 24 hour format To The end time of the schedule measured in...

Page 61: ...D Link DUA 2000 Policy Manager User Manual 56 Table 9 30 Add Schedule Profile Click Apply to apply the settings ...

Page 62: ...g page browse to Maintenance Administration System Information Figure 10 1 System Information The following fields are available Field Description System Name The hostname of the Policy Manager System Location The location of the Policy Manager System Contact The contact information for the Policy Manager Table 10 1 System Information Click Save to save the changes made Click Cancel to revert the ...

Page 63: ...ing fields are available Field Description Old Password The existing password for the guest user New Password The new password for the guest user Confirmed Password The confirmed password for the guest user Table 10 2 Change Password Click Save to save the changes made Click Cancel to revert the settings to their previous state System Account This is used to add edit or delete system accounts whic...

Page 64: ...at the user is in This can be Admin This permission level has access to all parts of the system and can change the system configuration Guest This permission level is only able to view the system configuration and cannot make any changes Fisrt Name The first name of the user Last Name The last name of the user Description The description of the user Table 10 3 System Account Click Add to add a Sys...

Page 65: ...the system configuration Guest This permission level is only able to view the system configuration and cannot make any changes First Name The first name of the user Last Name The last name of the user Description The description of the user Password The password for the user Confirm Password The confirmed password for the user Table 10 4 Add System Account Click Apply to apply the settings Date an...

Page 66: ... The following fields are available Date Setting MM DD YYYY Set the date in the appropriate format Time Setting HH MM Set the time in the appropriate format SNTP Type The SNTP type This can be Default Use the default settings Custom Specify the SNTP settings These are as follows Primary SNTP Server The primary SNTP server to synchronize with Secondary SNTP Server The secondary SNTP server to synch...

Page 67: ... all accounts logged in to the system To get to the following page browse to Maintenance Administration Session Figure 10 6 Session The following fields are available Field Description Live Time How long the session has been active for From The source device IP address Level The permission level of the account Name The name of the user logged in Table 10 6 Session Click Next to view the next page ...

Page 68: ...ollowing fields are available Field Description Name The name of the SNMP user account This is either admin or guest Privilege The access level of the user This cannot be changed and is set to read only rouser Security Level The security level of the user account This dictates the security requirements of the SNMP account access It can be set to No Auth no authentication and no privacy Auth No Pri...

Page 69: ...Edit SNMP V3 User The following fields can be configured Field Description User Name The name of the SNMP user account This is either admin or guest Access Privilege The access level of the user This cannot be changed and is set to read only rouser Security Level The security level of the user account This dictates the security requirements of the SNMP account access It can be set to No Auth no au...

Page 70: ...s This is used to enable and disable SNMP traps on the Policy Manager To get to the following page browse to Maintenance Management SNMP and click on the SNMP Traps tab Figure 10 9 SNMP Traps The following fields are available Field Description SNMP Traps This is used to enable or disable SNMP traps and can be set to Enabled Disabled SNMP Authentication Trap This is used to enable or disable SNMP ...

Page 71: ...if the system was rebooted and can be set to Enabled Disabled Table 10 9 SNMP Traps Click Save to save the changes made Click Cancel to revert the settings to their previous state SNMP Host List This is used to define Network Management Systems NMSs that will receive SNMP traps from the Policy Manager To get to the following page browse to Maintenance Management SNMP and click on the SNMP Host Lis...

Page 72: ...g window Figure 10 11 Add SNMP Host The following fields can be configured Field Description IP Address The IP address of the SNMP host receiving the traps from the Policy Manager Port The TCP port to use for SNMP traps Default 162 range 1 65535 Community The community string to use for SNMP traps If the Authentication Type is set to V1 or V2 this is taken from the SNMP Community Table Setting on ...

Page 73: ...ck on the Access Control List tab Figure 10 12 Access Control List The following fields are available Field Description IP Address The IP address of the network host Mask The netmask of the network host Table 10 12 Access Control List Click Add to add an Access Control List Click Edit to edit existing Access Control List settings Click Delete to delete an Access Control List Click Save to save the...

Page 74: ... The IP address of the network host Mask The netmask of the network host Table 10 13 Add Access Control List Click Apply to apply the settings SNMP Community The SNMP community strings are a way of authenticating client devices They can be used to enable read only or read write access to the Policy Manager To get to the following page browse to Maintenance Management SNMP and click on the SNMP Com...

Page 75: ...ommunity string This can only be read only It can be set to rocommunity Table 10 14 SNMP Community NOTE It is recommended that the default SNMP community strings are changed on the Policy Manager Click Add to add an SNMP Community Click Edit to edit existing SNMP Community settings Click Delete to delete an SNMP Community Click Save to save the changes made Click Cancel to revert the settings to t...

Page 76: ...cate client devices connecting to the Policy Manager using SNMP Access Right The access rights of the community string This can only be read only It can be set to rocommunity Table 10 15 Add SNMP Community Click Apply to apply the settings Telnet SSH Telnet and Secure Shell SSH are protocols for remote management of IP devices To get to the following page browse to Maintenance Management Telnet SS...

Page 77: ...fault 23 range 1 65535 Table 10 16 Telnet Setting The following fields are available in the SSH Setting section Field Description SSH Status The status of the SSH server on the Policy Manager This can be set to Enabled Disabled Re generate SSH key This is used to re generate the private SSH key used by the Policy Manager SSH Port Number The SSH port number Default 22 range 1 65535 Table 10 17 SSH ...

Page 78: ... the HTTPS server on the Policy Manager The default is Disabled This can be set to Enabled Disabled Certificate This field appears if the HTTPS status is set to Enabled The following fields are available Select self signed certificate to use a self signed SSL TLS certificate Select Re generate self signed key to re generate the self signed key used to sign SSL TLS certificates used by the Policy M...

Page 79: ...vailable in the DDP Global Setting section Field Description D Link Report Timer The amount of time to wait between scans of the directly connected local devices Table 10 19 DDP Global Setting The following fields are available in the DDP Per Port Setting section Field Description Port 1 State Enable of disable DNA on port 1 This can be set to Enabled Disabled Port 2 State Enable of disable DNA on...

Page 80: ...browse to Maintenance System Firmware Upgrade Figure 10 19 Firmware Info The following fields are available in the Current Firmware Information section Field Description Image1 Boot This is the firmware image for Image 1 If this has been set as the default image to boot from the word Boot will be displayed next to the image name The image properties are as follows Firmware The firmware version Dat...

Page 81: ...on Click Save to save the changes made Click Cancel to revert the settings to their previous state Firmware Upgrade This page can be used to upgrade the Policy Manager s firmware using TFTP HTTP and USB devices To get to the following page browse to Maintenance System Firmware Upgrade and click on the Firmware Upgrade tab Figure 10 20 Firmware Upgrade The following fields are available in the Firm...

Page 82: ...s can be set to Image1 Image2 Table 10 23 Firmware Upgrade From HTTP Upload Click Upload to upgrade the firmware The following fields are available in the Firmware Upgrade From USB 1 section Field Description USB Device Status The USB device status of USB port 1 This can be Connected Disconnected Select Firmware The folder on the USB drive where the backup files are located Upload to The image to ...

Page 83: ...Backup System The following fields are available in the Auto Backup section Field Description Status The status of the backup schedule This can be Enabled Disabled Weekday The day of the week the backup takes place on This can be any day from Mon Sun Time The time that the backup takes place at This is in 24 h format Save to The USB port to save the system configuration to This can be USB1 USB2 Ta...

Page 84: ... can be used to restore the system configuration from a previous back up To get to the following page browse to Maintenance Management Backup Restore System and click on the Restore System tab Figure 10 22 Restore System The following fields are available in the Restore from USB Port 1 section Field Description USB Device Status The USB device status of USB port 1 This can be Connected Disconnecte...

Page 85: ...ory defaults To get to the following page browse to Maintenance System Reboot Figure 10 23 Reboot Click Soft Reboot to reboot the Policy Manager keeping the current configuration Click Factory Reboot to reboot the Policy Manager restoring the factory default configuration NOTICE Clicking Factory Reboot will restore the Policy Manager to the factory default configuration This will lose any configur...

Page 86: ...quests This is allocated to whichever Policy Manager is the Active server in the pair Service Interface The interface that is used to respond to clients Heartbeat Remote IP The remote IP to poll for heartbeat signals If this fails then the current server is assumed to be the Active one and assumes the Active role Heartbeat Interface The interface used for heartbeat signals Heartbeat Timeout This i...

Page 87: ... the HA service on the Policy Manager Logs Syslog Server This page can be used to configure Syslog servers and the severity of the logs per server Up to 3 Syslog servers can be defined To get to the following page browse to Maintenance Logs Syslog Server Figure 10 25 Syslog Server The following fields are available Field Description SysLog Server 1 The status of SysLog Server 1 This can be set to ...

Page 88: ...log server SysLog Server 3 The status of SysLog Server 3 This can be set to Disabled Disable Syslog logging Enabled Enable Syslog logging The following fields are available FQDN IP Address The DNS name or IP address of the Syslog server Severity The severity of the logging sent to the Syslog server Table 10 32 Syslog Server Click Save to save the changes made Click Cancel to revert the settings to...

Page 89: ...ature logs This can be set to Enabled Disabled Fan Enable or disable Fan logs This can be set to Enabled Disabled HDD Enable or disable HDD logs This can be set to Enabled Disabled Bootup Enable or disable Bootup logs This can be set to Enabled Disabled System Backup Restore Enable or disable System Backup Restore logs This can be set to Enabled Disabled HA Enable or disable HA logs This can be se...

Page 90: ...on the SMTP server Default 25 range 1 65535 Use TLS Use TLS for SMTP communication This can be set to Enabled or Disabled Use STARTTLS Use STARTTLS for SMTP communication This can be set to Enabled or Disabled Return E Mail Address The return email address of the email Send to E Mail Address 1 Recipient email address 1 Send to E Mail Address 2 Recipient email address 2 Send to E Mail Address 3 Rec...

Page 91: ...ion Temperature Enable or disable Temperature alerts This can be set to Enabled Disabled Fan Enable or disable Fan alerts This can be set to Enabled Disabled HDD Enable or disable HDD alerts This can be set to Enabled Disabled Link Up Down Enable or disable Link Up Down alerts This can be set to Enabled Disabled Bootup Enable or disable Bootup alerts This can be set to Enabled Disabled Table 10 35...

Page 92: ...he status of the image file A will be shown next to the image in use Logo Display The image that has been uploaded Table 10 36 Logo Setting Click the green tick next to the image to use it as the logo at the top of the web page Click the red cross next to the image to delete the image Click Upload logo to upload a new image file NOTE It is recommend that the image size is less than 200 px x 80 px ...

Page 93: ...form ping tests To get to the following page browse to Maintenance Utilities Ping Figure 10 30 Ping The following fields are available Field Description Ping Address The IP address to ping Result The results of the ping test Table 10 37 Ping Click Ping to perform the ping test ...

Page 94: ...xternal USB Port o 2 USB 2 0 port Type A Host Serial port o 1 RJ 45 connector Ethernet connector o 4 10 100 1000 Mbps Gigabit Ethernet ports o 4 100 1000 Mbps SFP combo ports Storage o Hard drive 256GB Power Supply o Internal universal power supply 100 240VAC 50 60Hz Power Jack o AC Power Jack with ON OFF switch Physical Environment Internal Power o AC Input 100 240 50 60Hz Operating Temperature o...

Page 95: ...uld be such that the amount of air flow required for safe operation of the equipment is not compromised C Mechanical Loading Mounting of the equipment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading D Circuit Overloading Consideration should be given to the connection of the equipment to the supply circuit and the effect that overloading of th...

Reviews:

No comments

Related manuals for DUA-2000

N'oveen SB210 Use Instructions preview
SB210
Brand: N'oveen Pages: 24
Cuizimate RBSMULTIMIX Instruction Manual preview
RBSMULTIMIX
Brand: Cuizimate Pages: 20
rako WA-NEX Instruction Manual preview
WA-NEX
Brand: rako Pages: 6
cable matters 103078 User Manual preview
103078
Brand: cable matters Pages: 12
PTN TPHD-BYH-ARC User Manual preview
TPHD-BYH-ARC
Brand: PTN Pages: 15
Artsound EXT 5.4 Quick Start Manual preview
EXT 5.4
Brand: Artsound Pages: 3
Wavlink WL-WN523N2 Quick Start Manual preview
WL-WN523N2
Brand: Wavlink Pages: 2
Ihse DXXi K472-SSH Quick Setup preview
DXXi K472-SSH
Brand: Ihse Pages: 2
Bialetti FMX35 Instructions For Use Manual preview
FMX35
Brand: Bialetti Pages: 110
Emeril Lagasse Blender & Beyond Plus HB2248 Owner'S Manual preview
Blender & Beyond Plus HB2248
Brand: Emeril Lagasse Pages: 20
Calphalon ME250IB User Manual preview
ME250IB
Brand: Calphalon Pages: 20
Vitamix Certified Reconditioned 780 Owner'S Manual preview
Certified Reconditioned 780
Brand: Vitamix Pages: 40
Hamilton Beach 58148 Use & Care Manual preview
58148
Brand: Hamilton Beach Pages: 32
Maxim Integrated icron Ranger 2311 Quick Start Manual preview
icron Ranger 2311
Brand: Maxim Integrated Pages: 2
Brandt BLE615EG Instruction Manual preview
BLE615EG
Brand: Brandt Pages: 15
Lancom AirLancer 0-D9a Brochure & Specs preview
AirLancer 0-D9a
Brand: Lancom Pages: 3
OBH Nordica Legacy 7749 Instructions Of Use preview
Legacy 7749
Brand: OBH Nordica Pages: 40
HAEGER Titan HB-11B.014A User Instructions preview
Titan HB-11B.014A
Brand: HAEGER Pages: 20

Brands by name

Popular brands

Load more brands