manualshive.com logo in svg

D-Link xStack DES-3228PA, Web/Installation Manual, Page: 129 / 274

Share
Download
D-Link xStack DES-3228PA Web/Installation Manual Download Page 129

Configuring Device Security

Configuring Network Security

 

Page 126 

Configuring Network Security

Network security manages both access control lists and locked ports. This section contains the following topics: 

Network Security Overview

Defining Network Authentication Properties

Defining Port Authentication

Configuring Traffic Control

Network Security Overview

This section provides an overview of network security and contains the following topics: 

Port-Based Authentication

Advanced Port-Based Authentication

Port-Based Authentication

Port-based authentication authenticates users on a per-port basis via an external server. Only authenticated and 
approved system users can transmit and receive data. Ports are authenticated via the RADIUS server using the 

Extensible Authentication Protocol 

(EAP). Port-based authentication includes:

Authenticators

 — Specifies the device port which is authenticated before permitting system access.

Supplicants

 — Specifies the host connected to the authenticated port requesting to access the system ser-

vices.

Authentication Server 

— Specifies the server that performs the authentication on behalf of the authentica-

tor, and indicates whether the supplicant is authorized to access system services. 

Port-based authentication creates two access states:

Controlled Access

 — Permits communication between the supplicant and the system, if the supplicant is 

authorized. 

Uncontrolled Access

 — Permits uncontrolled communication regardless of the port state.

The device currently supports port-based authentication via RADIUS servers. 

Advanced Port-Based Authentication

Advanced port-based authentication enables multiple hosts to be attached to a single port. Advanced port-based 
authentication requires only one host to be authorized for all hosts to have system access. If the port is unautho-
rized, all attached hosts are denied access to the network.

Advanced port-based authentication also enables user-based authentication. Specific VLANs in the device are 
always available, even if specific ports attached to the VLAN are unauthorized. For example, Voice over IP does 
not require authentication, while data traffic requires authentication. VLANs for which authorization is not required 
can be defined. Unauthenticated VLANs are available to users, even if the ports attached to the VLAN are defined 
as authorized.

Summary of Contents for xStack DES-3228PA

Page 1: ... Copyright 2005 All rights reserved Web Installation Guide ProductModel TM DES 3228PA Layer2Stackable10 100MbpsEthernetSwitchwithPoE Release1 0 ...

Page 2: ...ice 21 Initial Configuration 22 Getting Started 37 Starting the D Link Embedded Web Interface 38 Understanding the D Link Embedded Web Interface 40 Using Screen and Table Options 43 Resetting the Device 45 Logging Off from the Device 46 Managing Device Information 47 Configuring System Time 49 Configuring Daylight Savings Time 50 Resetting the Device 54 Configuring SNTP 55 Defining SNTP Global Set...

Page 3: ...panning Tree 96 Defining Multiple Spanning Tree 98 Configuring Device Security 105 Configuring Management Security 106 Configuring Network Security 126 Configuring IP Information 139 Configuring Multicast Forwarding 149 Defining IGMP Snooping 150 Defining Multicast Bridging Groups 152 Managing Power over Ethernet Devices 157 Defining PoE System Information 158 Displaying and Editing PoE System Inf...

Page 4: ...ring SNMP Notifications 191 Managing System Logs 199 Enabling System Logs 200 Viewing the Device Memory Logs 202 Managing Device Diagnostics 207 Configuring Port Mirroring 208 Viewing Integrated Cable Tests 210 Viewing Optical Transceivers 211 Viewing Statistics 213 Viewing Interface Statistics 213 Managing RMON Statistics 216 Appendix A Device Specifications Features 230 Appendix B Troubleshootin...

Page 5: ...Page 4 ...

Page 6: ...remote web browser The D Link Embedded Web Interface web pages are easy to use and easy to navigate In addition The D Link Embedded Web Interface pro vides real time graphs and RMON statistics to help system administrators monitor network performance This preface provides an overview to the D Link Embedded Interface User Guide and includes the following sec tions DES 3228PA User Guide Overview Int...

Page 7: ...ides information about managing stacking Section 7 Configuring Ports Provides information about configuring ports Section 8 Aggregating Ports Provides information about configuring Link Aggregated Groups and LACP Section 9 Configuring VLANs Provides information about configuring and managing VLANs including information about GARP and GVRP and defining VLAN groups Section 10 Defining the Forwarding...

Page 8: ...g Statistics Provides information about viewing device statistics including RMON sta tistics device history events and port and LAG utilization statistics Appendix B Troubleshooting Provides basic troubleshooting for installing the device Appendix A Device Specifications Features Provides device Specifications Features Intended Audience This guide is intended for network administrators familiar wi...

Page 9: ...ptions for the following Front Panel Back Panel Front Panel DES 3228PA is a high performance Fast Ethernet switch that provides 24 Port 10 100Mbps 2 Combo Copper SFP 100BASE FX 1000BASE X Fiber ports 2 1000 Mbps Copper stacking ports The following figure illustrates the DES 3228PA front panel Figure 1 DES 3228PA Front Panel The device front panel is configured as follows 24 10 100Base T ports RJ 4...

Page 10: ...connector Power Connector AC power supply interface Ports Description This section describes the device ports and includes the following topics 10 100Base T Fast Ethernet Ports Combo Copper SFP Port 100Base FX 1000Base X Fiber Ports 1000Base T Stacking Ports RS 232 Console Port 10 100Base T Fast Ethernet Ports The device contains 10 100 Base TX Fast Ethernet ports The ports are an RJ 45 ports whic...

Page 11: ... port provides an Up connection while the second provides a Down stacking connection RS 232 Console Port The RS 232 port is an asynchronous serial console port supporting the RS 232 electrical specification The port is used to connect the device to a console managing the device This interface configuration is as follows Eight data bits One stop bit No parity Baud rate is 9600 default The range is ...

Page 12: ...A 10 100Base T Fast Ethernet RJ 45 Port LEDs Table 1 DES 3228PA Cable Specifications Cable Type Description 10 100Base T UTP CAT 3 4 5 100 meters maximum 1000Base T UTP Cat 5e 100 meters maximum UTP Cat 5 100 meters maximum EIA TIA 568B 150 ohm STP 100 meters maximum 1000BASE LX Single mode fiber module 10km 1000BASE SX Multi mode fiber module 550m 1000BASE LH Single mode fiber module 40km 1000BAS...

Page 13: ...r cannot be provided to the device connected to the port Off Indicates that there is no device connecting to the port Table 3 DES 3228PA Copper Copper SFP Port LED Indications Port Description LED Indication Description Link Activity Green Indicates there is currently a link is established on the port Flashing green Indicates that there is data transmission on the port Off Indicates that there is ...

Page 14: ...ot a stack member and is currently is stand alone mode PWR MAX Amber Indicates that the device is operating at the maximum power output limit Off Indicates that the device is operating at the normal power output limit RPS Green Indicates that the device is being powered from a Redundant Power Supply Off Indicates that the device is being powered from a standard AC power supply FAN Amber Indicates ...

Page 15: ...ions for the 10 100 1000 Ethernet Interface The switching port can connect to stations wired in standard RJ 45 Ethernet station mode using straight cables Transmission devices connected to each other use crossed cables The following figure illustrates the pin allocation Figure 6 RJ 45 Pin Allocation The following table describes the pin allocation Physical Dimensions The device has the following p...

Page 16: ...DES 3228PA Embedded Web System User Guide Page 15 ...

Page 17: ...nents are to be serviced by trained service technicians only Ensure the power cable extension cable and or plug is not damaged Ensure the product is not exposed to water Ensure the device is not exposed to radiators and or heat sources Do not push foreign objects into the device as it may cause a fire or electric shock Use the device only with approved equipment Allow the product to cool before re...

Page 18: ...casing Unpacking This section contains information for unpacking the device and includes the following topics Package Contents Unpacking Essentials Package Contents While unpacking the device ensure that the following items are included The device Four rubber feet with adhesive backing Rack kit An AC power cable Console RS 232 cable with DB 9 connector Documentation CD Unpacking Essentials Note Be...

Page 19: ... feet on the bottom at each corner of the device Ensure the surface is be able to support the weight of the device and the device cables To install the device on a surface perform the following 1 Attach the rubber feet on the bottom of the device The following figure illustrates the rubber feet installation on the device Figure 7 Installing Rubber Feet 2 Set device down on a flat surface while lea...

Page 20: ...a rack perform the following 1 Place the supplied rack mounting bracket on one side of the device ensuring the mounting holes on the device line up to the mounting holes on the rack mounting bracket The following figure illustrates where to mount the brackets Figure 8 Attaching the Mounting Brackets 2 Insert the supplied screws into the rack mounting holes and tighten with a screwdriver 3 Repeat t...

Page 21: ...in a Rack 5 Secure the unit to the rack with the rack screws not provided Fasten the lower pair of screws before the upper pair of screws This ensures that the weight of the unit is evenly distributed during installation Ensure that the ventilation holes are not obstructed ...

Page 22: ...nnect to the device b Set the data rate to 9600 baud c Set the data format to 8 data bits 1 stop bit and no parity d Set flow control to none e Under Properties select VT100 for Emulation mode f Select Terminal keys for Function Arrow and Ctrl keys Ensure that the setting is for Terminal keys not Windows keys Note When using HyperTerminal with Microsoft Windows 2000 ensure that you have Windows 20...

Page 23: ...nk segment This automatically configures both devices to take maximum advantage of their abilities Auto negotiation is performed completely within the physical layers during link initiation without any additional overhead to either the MAC or higher protocol layers Auto negotiation allows the ports to do the following Advertise their abilities Acknowledge receipt and understanding of the common mo...

Page 24: ...cle When the power is turned on with the local terminal already connected the switch goes through Power On Self Test POST POST runs every time the device is initialized and checks hardware components to determine if the device is fully operational before completely booting If a critical problem is detected the program flow stops If POST passes successfully a valid executable image is loaded into R...

Page 25: ... auto boot message is displayed For information on the Startup menu see Startup Menu Functions If the system boot is not interrupted by pressing Esc or Enter the system continues operation by decom pressing and loading the code into RAM The code starts running from RAM and the list of numbered system ports and their states up or down are displayed Performing the Power On Self Test POST UART Channe...

Page 26: ...ize is 47104K bytes Dram first PTR is 0x1200000 Flash size is xM Devices on SMI BUS smi dev id 16 dev type 0xd0411ab dev revision 0x1 Device configuration Prestera based Back to back system Slot 1 DB DX240 24G HW Rev xx xx Tapi Version xx x x x Core Version xx x x x 01 Jan 200x 01 01 22 INIT I InitCompleted Initialization task is completed Console 01 Jan 200x 01 01 23 LINK I Up e1 01 Jan 200x 01 0...

Page 27: ...IP address and subnet mask configuration and setting user name and privilege level to allow remote management If the device is to be managed from an SNMP based management station SNMP community strings must also be configured The fol lowing configurations are completed Static IP Address and Subnet Mask Static Route Configuration User Name SNMP Community strings Static IP Address and Subnet Mask IP...

Page 28: ...software agent The SNMP agents maintain a list of variables used to manage the device The variables are defined in the Management Information Base MIB The MIB presents the variables controlled by the agent The SNMP agent defines the MIB specification format as well as the format used to access the information over the network Access rights to the SNMP agents are controlled by access strings and SN...

Page 29: ...s and the other private community with read write access The public string allows authorized management sta tions to retrieve MIB objects while the private string allows authorized management stations to retrieve and mod ify MIB objects During initial configuration it is recommended to configure the device according to the network administrator requirements in accordance with using an SNMP based m...

Page 30: ...address and may include subnet mask and default gateway Retrieving an IP Address From a DHCP Server When using the DHCP protocol to retrieve an IP address the device acts as a DHCP client To retrieve an IP address from a DHCP server perform the following steps 1 Select and connect any port to a DHCP server or to a subnet that has a DHCP server on it in order to retrieve the IP address 2 Enter the ...

Page 31: ...ving an IP Address From a BOOTP Server The standard BOOTP protocol is supported and enables the switch to automatically download its IP host configu ration from any standard BOOTP server in the network In this case the device acts as a BOOTP client To retrieve an IP address from a BOOTP server 1 Select and connect any port to a BOOTP server or subnet containing such a server to retrieve the IP add...

Page 32: ...be invoked from the Startup menu The procedure is appli cable for the local terminal only and allows a one time access to the device from the local terminal with no pass word entered Configuring Security Passwords Introduction The security passwords can be configured for the following services Console Telnet SSH HTTP HTTPS Passwords are user defined When creating a user name the default priority i...

Page 33: ...jones Configuring an Initial HTTP Password To configure an initial HTTP password enter the following commands Console config aaa authentication login default line Console config aaa authentication enable default line Console config line console Console config line login authentication default Console config line enable authentication default Console config line password george Console config aaa a...

Page 34: ...nsfer protocol for updating back up configuration files To download a boot file using XModem 1 Enter the command xmodem boot The switch is ready to receive the file via the XModem protocol and dis plays text similar to the following 2 Specify the path of the source file within 20 seconds If the path is not specified within 20 seconds the com mand times out To download a software image file using X...

Page 35: ...w system image to the device When the new image is downloaded it is saved in the area allocated for the other copy of system image image 2 as given in the example The following is an example of the information that appears Exclamation symbols indicate that a copying process is in progress A period indicates that the copying process is timed out Many periods in a row indicate that the copying proce...

Page 36: ...lowing is an example of the information that appears 5 Enter the command reload The following message is displayed 6 Enter Y to reboot the switch Startup Menu Functions Additional configuration functions can be performed from the Startup menu To display the Startup menu 1 During the boot process after the first part of the POST is completed press Esc or Enter within two sec onds after the followin...

Page 37: ...sfer menu click Send File The Send File window is displayed 4 Enter the file path for the file to be downloaded 5 Ensure the protocol is defined as Xmodem 6 Click Send The software is downloaded Software downloading takes several minutes The terminal emulation applica tion such as HyperTerminal may display the progress of the loading process After software downloads the device reboots automaticall...

Page 38: ...he last flash block to be erased and press Enter The following message is displayed 5 Confirm by pressing Y The following message is displayed Password Recovery If a password is lost use the Password Recovery option on the Startup menu The procedure enables the user to enter the device once without a password To recover a lost password for the local terminal only 1 From the Startup menu select 4 a...

Page 39: ...Initial Configuration Page 38 ...

Page 40: ...tarted This section provides an introduction to the user interface and includes the following topics Starting the D Link Embedded Web Interface Understanding the D Link Embedded Web Interface Using Screen and Table Options Resetting the Device Logging Off from the Device ...

Page 41: ... up blockers are disabled If pop up blockers are enable edit add and device information messages may not open 3 Enter the device IP address in the address bar and press Enter The Enter Network Password Page opens Figure 10 Enter Network Password Page 4 Enter your user name and password Notes The device is configured with a user name that is admin and a password that is blank and can be configured ...

Page 42: ...DES 3228PA Embedded Web System User Guide Page 39 Figure 11 D Link Embedded Web Interface Home Page ...

Page 43: ...rmation or table area and configuration instructions Figure 12 D Link Embedded Web Interface Components The following table lists the user interface components with their corresponding numbers Table 6 Interface Components View Description 1 Tree View Tree View provides easy navigation through the configurable device features The main branches expand to display the sub features 2 Device View Device...

Page 44: ...nagement Buttons Provides instructions for adding modifying and deleting configuration parameters Device Representation The D Link Embedded Web Interface Home Page contains a graphical panel representation of the device Figure 13 Device Representation 4 Zoom View Provides a graphic of the device on which D Link Web Interface runs 5 D Link Web Interface Infor mation Tabs Provide access to online he...

Page 45: ...the following Table 7 D Link Web Interface Configuration Buttons Button Button Name Description Clear Logs Clears system logs Create Enables creation of configuration entries Edit Modifies configuration settings Submit Saves configuration changes to the device Test Performs cable tests Query Queries the device table Table 8 D Link Web Interface Information Tabs Tab Tab Name Description Help Opens ...

Page 46: ...k Web Interface pages by opening a new Add page To add information to tables or D Link Web Interface pages 1 Open an D Link Web Interface page 2 Click System SNTP Interface Setting The Add SNTP Interface page opens 3 Click An add page opens such as the Add SNTP Interface Page Figure 14 Add SNTP Interface 4 Define the fields 5 Click The configuration information is saved and the device is updated M...

Page 47: ...age 6 Modify the fields 7 Click The fields are modified and the information is saved to the device Deleting Configuration Information 1 Open The D Link Embedded Web Interface page 2 Select a table row 3 Select the Remove checkbox 4 Click The information is deleted and the device is updated ...

Page 48: ...figuration file to the startup configuration file before resetting the device For instructions see Copying Files To reset the device 1 Click System General Reset The Reset page opens Figure 16 Reset Page 2 Click A confirmation message is displayed Figure 17 Reset Confirmation Message 3 Click The device is reset and a prompt for a user name and password is displayed 4 Enter a user name and password...

Page 49: ...Getting Started Logging Off from the Device Page 46 Logging Off from the Device 1 Click The Logout Page opens Figure 18 Logout Page 2 Click The D Link Embedded Web Interface Home Page closes ...

Page 50: ...iption The System Description Page opens Figure 19 System Description Page The System Description Page contains the following fields Model Name Displays the device model number and name System Name Defines the user defined device name The field range is 0 160 characters System Location Defines the location where the system is currently running The field range is 0 160 characters System Contact Def...

Page 51: ...C Address Displays the device MAC address Hardware Version Displays the installed device hardware version number Software Version Displays the installed software version number Boot Version Displays the current boot version running on the device ...

Page 52: ...DES 3228PA Embedded Web System User Guide Page 49 Configuring System Time This section provides information for configuring system time parameters including Configuring Daylight Savings Time ...

Page 53: ...he first Sunday in April until the last Sunday of October Daylight Saving Time is usually regulated by provincial and territorial governments Exceptions may exist in certain municipalities Cuba From the last Sunday of March to the last Sunday of October Cyprus From the last weekend of March until the last weekend of October Denmark From the last weekend of March until the last weekend of October E...

Page 54: ...il the last weekend of October Russia From the last weekend of March until the last weekend of October Serbia From the last weekend of March until the last weekend of October Slovak Republic From the last weekend of March until the last weekend of October South Africa South Africa does not use Daylight Saving Time Spain From the last weekend of March until the last weekend of October Sweden From t...

Page 55: ...cific setting in a particular year complete the Daylight Savings area and for a recurring setting complete the Recurring area The possible field values are USA The device switches to DST at 2 00 a m on the first Sunday of April and reverts to standard time at 2 00 a m on the last Sunday of October European The device switches to DST at 1 00 am on the last Sunday in March and reverts to standard ti...

Page 56: ...the week from which DST begins every year The possible field range is Sunday Saturday Week The week within the month from which DST begins every year The possible field range is 1 5 Month The month of the year in which DST begins every year The possible field range is Jan Dec Time The time at which DST begins every year The field format is Hour Minute For example 02 10 To The time that DST ends ea...

Page 57: ...to the startup configuration file before resetting the device For instructions see Copying Files To reset the device 1 Click System General Reboot The Reboot Page opens Figure 21 Reboot Page 2 Click A confirmation message is displayed Note To ensure that device configuration changes are saved to the device save the Start Up Configuration file before resetting the device For more information on sav...

Page 58: ...d by the following time levels T1 The time at which the original request was sent by the client T2 The time at which the original request was received by the server T3 The time at which the server sent the client a reply T4 The time at which the client received the server s reply Polling for Unicast Time Information Polling for Unicast information is used for polling a server for which the IP addr...

Page 59: ...ging Device Information Configuring SNTP Page 56 This section contains the following topics Defining SNTP Global Settings Defining SNTP Authentication Defining SNTP Servers Defining SNTP Interface Settings ...

Page 60: ...ormation If both the Enable Receive Anycast Servers Update and the Enable Receive Broadcast Servers Update fields are enabled the system time is set according to the Anycast server time information The possible values are Enable Enables the device to receive Anycast server updates Disable Disables the device from receiving Anycast server updates Enable Receive Unicast Servers Updates Defines wheth...

Page 61: ...ll Interval Enable Receive Broadcast Servers Update Enable Receive Anycast Servers Update Enable Receive Unicast Servers Update and Enable Poll Unicast Servers fields and select at least one of the Enable fields 3 Click The SNTP global settings are defined and the device is updated ...

Page 62: ... sessions between the device and the SNTP server Unchecked Disables authenticating SNTP sessions between the device and the SNTP server Encryption Key ID Indicates if the encryption key identification is used to authenticate the SNTP server and device The field value is up to 4294967295 Authentication Key Indicates the key used for authentication Trusted Key Indicates the encryption key used Unica...

Page 63: ... To define SNTP authentication parameters 1 Click The Add SNTP Authentication page opens Figure 24 Add SNTP Authentication 2 Define the Encryption Key ID Authentication Key and Trusted Key fields 3 Click The SNTP Authentication Key is added and the device is updated ...

Page 64: ...the device polls the selected SNTP server for system time informa tion Encryption Key ID Displays the encryption key identification used to communicate between the SNTP server and device The field range is 1 4294967295 Preference Status Displays the SNTP server operating status Last Response Displays the last time a response was received from the SNTP server Offset Indicates the time difference be...

Page 65: ...evice Information Defining SNTP Servers Page 62 Figure 26 Add SNTP Server Page 3 Define the SNTP Server Enable Poll Interval and Encryption Key ID fields 4 Click The SNTP Server is added and the device is updated ...

Page 66: ... contains the following fields Interface Indicates the interface on which SNTP can be enabled The possible field values are Port Indicates the specific port number on which SNTP is enabled LAG Indicates the specific LAG number on which SNTP is enabled VLAN Indicates the specific VLAN number on which SNTP is enabled Receive Servers Updates Enables the server to receive or not receive updates Remove...

Page 67: ...evice Information Defining SNTP Interface Settings Page 64 Figure 28 Add SNTP Interface Page 3 Define the Interface and Receive Server Updates fields 4 Click The SNTP interface is added and the device is updated ...

Page 68: ... Master and another stacking member can be selected as the Secondary Master All other devices are selected as stack members and assigned a unique Unit ID Switch software is downloaded separately for each stack members However all units in the stack must be run ning the same software version Switch stacking and configuration is maintained by the Stacking Master The Stacking Master detects and recon...

Page 69: ...t action is required However the stacking link or stacking member must be repaired to ensure the stacking integrity After the stacking issues are resolved the device can be reconnected to the stack without interruption and the Ring topology is restored Chain Topology In a chain topology there are two units that have only one neighbor Every unit has an uplink neighbor and a downlink neighbor The ch...

Page 70: ...to the following decision process If only one Stacking Master enabled unit is present it is elected Master If two Stacking Masters enabled stacking members are present and one has been manually configured as the Stacking Master the manually configured member is elected Stacking Master If two Master enabled units are present and neither has been manually configured as the Stacking Master the one wi...

Page 71: ...onfiguration Only ports which are physically present are displayed in the D Link Web Management Interface home page and can be configured through the web management system Non present ports are configured through the CLI or SNMP interfaces Exchanging Stacking Members If a stack member with the same Unit ID replaces an existing Unit ID with the same Unit ID the previous device configuration is appl...

Page 72: ...e Click System General Stack tab The Stack Page opens Figure 30 Stack Page The Stack Page contains the following fields Switch Stack Control from Unit 1 to Unit 2 Switches the stack control from the Stack Master to the Backup Master The possible field values are Unit 1 Enables switching the stack control to the Standby Stack Master Unit 2 Maintains the current stacking control Unit No Displays the...

Page 73: ...Managing Stacking Switching the Stacking Master Page 70 ...

Page 74: ...Status Indicates whether the port is currently operational or non operational The possible field val ues are Up Indicates the port is currently operating Down Indicates the port is currently not operating Port Speed Displays the configured rate for the port The port type determines what speed setting options are available Port speeds can only be configured when auto negotiation is disabled The pos...

Page 75: ...tions are wired so that when a hub or switch is connected to an end station a straight through Ethernet cable can be used and the pairs are matched up properly When two hubs or switches are con nected to each other or two end stations are connected to each other a crossover cable is used to ensure that the correct pairs are connected The possible field values are Auto Use to automatically detect t...

Page 76: ...eactivate Suspended Port or Reactivate Suspended LAG fields to return a suspended port or LAG to active status Figure 32 Port Configuration Settings Page 3 Modify the Admin Speed Admin Duplex and Admin Advertisement fields 4 Click The parameters are saved and the device is updated Viewing Interface Properties The Interface Properties Page contains fields for defining port parameters To define port...

Page 77: ...has a copper port connection 1000M Copper Indicates the port has a 1000M copper port connection 1000M ComboC Indicates the port has a 1000M Combo copper port connection 1000M ComboF Indicates the port has a 1000M Combo fiber port connection Description Provides a user defined port description To edit the port properties 2 Click The Port Properties Page opens Figure 34 Port Properties Page 3 Define...

Page 78: ...e same media type A VLAN is not configured on the port The port is not assigned to a different LAG Auto negotiation mode is not configured on the port The port is in full duplex mode All ports in the LAG have the same ingress filtering and tagged modes All ports in the LAG have the same back pressure and flow control modes All ports in the LAG have the same priority All ports in the LAG have the s...

Page 79: ...ring LACP LAGs To configure LACP for LAGs 1 Click Advanced Setup Interface LACP Parameters The LACP Parameters Page opens Figure 35 LACP Parameters Page The LACP Parameters Page contains the following fields LACP System Priority Specifies system priority value The field range is 1 65535 The field default is 1 Unit No Displays the stacking member unit number Port Displays the port number to which t...

Page 80: ...DES 3228PA Embedded Web System User Guide Page 77 Figure 36 LACP Parameters Settings Page 3 Edit the Port Priority and LACP Timeout fields 4 Click The LACP settings are saved and the device is updated ...

Page 81: ...ne LAG parameters 1 Click Advanced Setup Interface LAG Membership The LAG Membership Page opens Figure 37 LAG Membership Page The LAG Membership Page contains the following fields LAG Port Displays the LAG port Name Displays the port name Link State Displays the link state Members Displays the ports configured to the LAG 2 Defined the relevant fields 3 Click The LAG membership settings are saved a...

Page 82: ... within the VLAN a Layer 3 router working at a protocol level is required to allow traffic flow between VLANs Layer 3 routers identify segments and coordinate with VLANs VLANs are Broadcast and Multicast domains Broadcast and Multicast traffic is transmitted only in the VLAN in which the traffic is generated VLAN tagging provides a method of transferring VLAN information between VLAN groups VLAN t...

Page 83: ... to display ID Displays the VLAN ID Name Displays the user defined VLAN name Type Displays the VLAN type The possible field values are Dynamic Indicates the VLAN was dynamically created through GVRP Static Indicates the VLAN is user defined Default Indicates the VLAN is the default VLAN Authenticated VLAN Indicates whether unauthorized users can access a Guest VLAN The possible field values are Di...

Page 84: ...ck The VLAN ID is defined and the device is updated To edit the VLAN Settings 1 Click System VLAN Membership Properties The Edit VLAN Page opens 2 Click The Edit VLAN Page opens Figure 40 Edit VLAN Page 3 Edit the VLAN Name and Disable Authenticated VLAN fields 4 Click The VLAN Settings are saved and the device is updated ...

Page 85: ...eld values are Dynamic Indicates the VLAN was dynamically created through GARP Static Indicates the VLAN is user defined Default Indicates the VLAN is the default VLAN Port Indicates the port membership LAG Indicates the LAG membership Untagged Brown Indicates the interface is an untagged VLAN member Packets forwarded by the inter face are untagged Tagged Red Indicates the interface is a tagged me...

Page 86: ... the packet types which are accepted on the port cannot be designated Ingress filtering cannot be enabled or disabled on an access port Trunk Indicates the port belongs to VLANs in which all ports are tagged except for one port that can be untagged PVID Assigns a VLAN ID to untagged packets The possible values are 1 4094 VLAN 4095 is defined as per standard and industry practice as the Discard VLA...

Page 87: ...e Settings Page opens Figure 43 VLAN Interface Settings Page 3 Define the Interface Port VLAN Mode Dynamic PVID Frame Type Ingress Filtering Current Reserved VLAN and Reserve VLAN for Internal Use fields 4 Click The VLAN interface settings are modified and the device is updated ...

Page 88: ...re config ured manually An address becomes associated with a port by learning the port from the frame s source address but if a frame that is addressed to a destination MAC address is not associated with a port that frame is flooded to all relevant VLAN ports To prevent the bridging table from overflowing a dynamic MAC address from which no traffic arrives for a set period is erased This section c...

Page 89: ...s to which the entry refers VLAN ID Displays the VLAN ID number to which the entry refers Interface Displays the interface to which the entry refers Port The specific port number to which the forwarding database parameters refer LAG The specific LAG number to which the forwarding database parameters refer Status Displays how the entry was created The possible field values are Secure The MAC Addres...

Page 90: ...rding Database Static Addresses The Forwarding Database Static Addresses Page opens 2 Click The Add Forwarding Database Page opens Figure 45 Add Forwarding Database Page 3 Define the Interface MAC Address VLAN ID or VLAN Name and Status fields 4 Click The forwarding database information is modified and the device is updated ...

Page 91: ...Address Table can be sorted by interface VLAN and MAC Address To configure the Dynamic MAC Address table 1 Click Advanced Setup Forwarding Database Dynamic Addresses The Dynamic Addresses Page opens Figure 46 Dynamic Addresses Page The Dynamic Addresses Page contains the following fields Address Aging Specifies the amount of time the MAC Address remains in the Dynamic Address Table before it times...

Page 92: ... interface 2 Define the fields 3 Click The Dynamic Address Aging field is defined and the device is updated To query the Dynamic MAC Address Table 1 Click Advanced Setup Forwarding Database Dynamic Addresses The Dynamic Addresses Page opens 2 Select a port MAC Address and VLAN ID 3 Select an Address Table Sort Key 4 Click The Dynamic MAC Address Table is queried and the results are displayed ...

Page 93: ...Defining the Forwarding Database Defining Dynamic Forwarding Database Entries Page 90 ...

Page 94: ...voiding and eliminating loops For more infor mation on configuring Classic STP see Defining Classic Spanning Tree Rapid STP Detects and uses network topologies that provide faster convergence of the spanning tree without creating forwarding loops For more information on configuring Rapid STP see Defining Rapid Span ning Tree Multiple STP Provides various load balancing scenarios For example if por...

Page 95: ... STP on the device Disable Disables STP on the device STP Operation Mode Specifies the STP mode that is enabled on the device The possible field values are Classic STP Enables Classic STP on the device This is the default value Rapid STP Enables Rapid STP on the device Multiple STP Enables Multiple STP on the device BPDU Handling Determines how BPDU packets are managed when STP is disabled on the ...

Page 96: ...s The default Maximum Age Time is 20 seconds Forward Delay 4 30 Specifies the device Forward Delay Time The Forward Delay Time is the amount of time in seconds a bridge remains in a listening and learning state before forwarding packets The default is 15 seconds Bridge ID Identifies the Bridge priority and MAC address Root Bridge ID Identifies the Root Bridge priority and MAC address Root Port Ind...

Page 97: ...enabled on the port If Fast Link mode is enabled for a port the Port State is automatically placed in the Forwarding state when the port link is up Fast Link optimizes the STP protocol convergence STP convergence can take 30 60 seconds in large networks Root Guard Restricts the interface from acting as the root port of the switch Port State Displays the current STP state of a port If enabled the p...

Page 98: ... influences the port choice when a bridge has two ports connected in a loop The priority value is between 0 240 The priority value is determined in increments of 16 Designated Bridge ID Indicates the bridge priority and the MAC Address of the designated bridge Designated Port ID Indicates the selected port D Link priority and interface Designated Cost Indicates the cost of the port participating i...

Page 99: ... which Rapid STP is enabled State Displays the current RSTP state of a port If enabled the port state determines what forwarding action is taken on traffic Possible port states are Disabled Indicates that STP is currently disabled on the port The port forwards traffic while learning MAC addresses Blocking Indicates that the port is currently blocked and cannot forward traffic or learn MAC addresse...

Page 100: ...kets to configure and test the data link After a link is established and optional facilities are negotiated as needed by the LCP the originating PPP sends Network Control Protocol NCP packets to select and configure one or more network layer protocols When each of the chosen network layer protocols has been configured packets from each network layer protocol can be sent over the link The link rema...

Page 101: ...erties Page The MSTP Properties Page contains the following fields Region Name User defined STP region name Revision An unsigned 16 bit number that identifies the revision of the current MSTP configuration The revision number is required as part of the MSTP configuration The possible field range is 0 65535 Max Hops Specifies the total number of hops that occur in a specific region before the BPDU ...

Page 102: ...ning Tree MSTP Instance Settings The MSTP Instance Settings Page opens Figure 53 MSTP Instance Settings Page The MSTP Instance Settings Page contains the following fields Instance ID Specifies the VLAN group to which the interface is assigned Included VLAN Maps the selected VLANs to the selected instance Each VLAN belongs to one instance Bridge Priority Specifies the selected spanning tree instanc...

Page 103: ...e MSTP Instances are assigned and the device is updated Defining MSTP Interface Settings Network Administrators can assign MSTP Interface settings in the MSTP Instance Settings Page To define MSTP interface settings 1 Click Advanced Setup Spanning Tree MSTP Interface Settings The MSTP Interface Settings Page opens Figure 55 MSTP Interface Settings Page ...

Page 104: ...the port for the specific instance Disabled Disables the port for the specific instance Type Indicates whether the port is a Boundary or Master port The possible field values are Boundary Port Indicates that the port is a Boundary port A Boundary port attaches MST bridges to LANs in an outlying region If the port is a Boundary port this field also indicates whether the device on the other side of ...

Page 105: ...e device Interface Priority 0 240 in steps of 16 Defines the interface priority for the specified instance The default value is 128 Path Cost 1 200 000 000 Indicates the port contribution to the Spanning Tree instance The range should always be 1 200 000 000 Designated Bridge ID Displays the ID of the bridge that connects the link or shared LAN to the root Designated Port ID Displays the ID of the...

Page 106: ... 3228PA Embedded Web System User Guide Page 103 Figure 56 MSTP Interface Table 3 Define the Port Priority and the Path Cost fields 4 Click The MSTP interface settings are defined and the device is updated ...

Page 107: ...Configuring Spanning Tree Defining Multiple Spanning Tree Page 104 ...

Page 108: ...vice Security This section provides access to security pages that contain fields for setting security parameters for ports device management methods users and server security This section contains the following topics Configuring Management Security Configuring Network Security ...

Page 109: ...is section includes the following topics Configuring Authentication Methods Configuring Passwords Configuring Authentication Methods This section provides information for configuring device authentication methods This section includes the topics Defining Access Profiles Defining Profile Rules Defining Authentication Profiles Mapping Authentication Methods Defining RADIUS Settings ...

Page 110: ...the switch module only via an HTTPS session while User Group 2 can access the switch module via both HTTPS and Telnet sessions The Access Profile Page contains the currently configured access profiles and their activity status Assigning an access profile to an interface denies access via other interfaces If an access profile is assigned to any interface the device can be accessed by all interfaces...

Page 111: ...nt Method Defines the management method for which the rule is defined Users with this access profile can access the device using the management method selected The possible field values are All Assigns all management methods to the rule Telnet Assigns Telnet access to the rule If selected users accessing the device using Telnet meeting access profile criteria are permitted or denied access to the ...

Page 112: ...rofile applies The Source IP Address field is valid for a subnetwork Network Mask Specifies the source IP address subnetwork mask Prefix Length Displays the IP Prefix length The IP Prefix displays IP address bits Action Indicates if management access is permitted or denied to the interface The possible field values are Permit Permits access to the specified interface Deny Denies access to the spec...

Page 113: ... Page The Profile Rules Page contains the following fields Access Profile Name Displays the access profile to which the rule is attached Priority Defines the rule priority When the packet is matched to a rule user groups are either granted per mission or denied device management access The rule number is essential to matching packets to rules as packets are matched on a first fit basis Interface I...

Page 114: ...s to the rule If selected users accessing the device using SNMP meeting access profile criteria are permitted or denied access to the device Source IP Address Defines the interface source IP address to which the rule applies Prefix Length Defines the number of bits that comprise the source IP address prefix or the network mask of the source IP address Action Defines the action attached to the rule...

Page 115: ...k System Management Security Authentication Profile Rules The Access Profile Page opens 2 Click The Profile Rules PageProfile Rule SettingsProfile Rule Settings opens Figure 61 Profile Rule SettingsProfile Rule Settings 3 Modify the fields 4 Click The profile rule is modified and the device is updated ...

Page 116: ...n Profile Page opens Figure 62 Authentication Profile Page The Authentication Profile Page contains the following fields Profile Name Contains a list of user defined authentication profile lists to which user defined authentica tion profiles are added Methods Defines the user authentication methods The possible field values are None Assigns no authentication method to the authentication profile Lo...

Page 117: ... 4 Click The authentication profile is defined and the device is updated To modify an authentication profile 1 Click System Management Security Authentication Authentication Profiles The Authentication Profile Page opens 2 Click The Authentication Profile Settings Page opens Figure 64 Authentication Profile Settings Page 3 Select an authentication method from the Optional Methods list ...

Page 118: ...DES 3228PA Embedded Web System User Guide Page 115 4 Click The authentication method is selected and the device is updated ...

Page 119: ...uthentication Mapping Page The Authentication Mapping Page contains the following fields Console Indicates that Authentication profiles are used to authenticate console users Telnet Indicates that Authentication profiles are used to authenticate Telnet users Secure Telnet SSH Indicates that Authentication profiles are used to authenticate Secure Shell SSH users SSH provides clients secure and encr...

Page 120: ... RADIUS Indicates that Authentication occurs at the RADIUS server 2 Define the Console Telnet and Secure Telnet SSH fields 3 Map the authentication method in the Secure HTTP selection box 4 Map the authentication method in the HTTP selection box 5 Click The authentication mapping is saved and the device is updated ...

Page 121: ... Retries 1 10 Defines the number of transmitted requests sent to the RADIUS server before a failure occurs Possible field values are 1 10 The default value is 3 Timeout for Reply 1 30 Defines the amount of time in seconds the device waits for an answer from the RADIUS server before retrying the query or switching to the next server Possible field values are 1 30 The default value is 3 Dead Time 0 ...

Page 122: ...The possible field values are 1 30 Three is the default value Dead Time Defines the amount of time in minutes that a RADIUS server is bypassed for service requests The range is 0 2000 The default is 0 minutes Key String Defines the authentication and encryption key for communications between the device and the server This key must match the encryption used on the server Source IP Address Defines t...

Page 123: ...uring Management Security Page 120 Figure 67 Add Radius Server Page 3 Define the Host IP Address Priority Authenticated Port Timeout for Reply Dead Time and Usage Type fields 4 Click The RADIUS server is added and the device is updated ...

Page 124: ...dius The RADIUS Page opens 2 Click The RADIUS Server Settings Page opens Figure 68 RADIUS Server Settings Page 3 Define the Host IP Address Priority Source IP Address Key String Number of Retries Authentication Port Timeout for Reply Dead Time and Usage Type fields 4 Click The RADIUS server settings are saved and the device is updated ...

Page 125: ... Local User Page To define local users 1 Click System Management Security Passwords Local Users The Local User Page opens Figure 69 Local User Page The Local User Page contains the following fields User Name Displays the user name Access Level Displays the user access level The lowest user access level is 1 and the highest is 15 Users with access level 15 are Privileged Users Remove Removes the us...

Page 126: ...user password Local user passwords can contain up to 159 characters Confirm Password Verifies the password The password displays in a format To edit the settings for a local user 1 Click System Management Security Passwords Local Users The Local User Page opens 2 Click The Local User Settings Page opens Figure 71 Local User Settings Page 3 Define the User Name Access Level Password and Confirm Pas...

Page 127: ...word Defines the line password for accessing the device via a Console session Pass words can contain a maximum of 159 characters Telnet Line Password Defines the line password for accessing the device via a Telnet session Pass words can contain a maximum of 159 characters Secure Telnet Line Password Defines the line password for accessing the device via a secure Telnet session Passwords can contai...

Page 128: ...age opens Figure 73 Enable Password Page The Enable Password Page contains the following fields Level Defines the access level associated with the enable password Possible field values are 1 15 Password Defines the enable password Confirm Password Confirms the new enable password The password appears in the format 2 Define the Select Enable Access Level Password and Confirm Password fields 3 Click...

Page 129: ...pecifies the server that performs the authentication on behalf of the authentica tor and indicates whether the supplicant is authorized to access system services Port based authentication creates two access states Controlled Access Permits communication between the supplicant and the system if the supplicant is authorized Uncontrolled Access Permits uncontrolled communication regardless of the por...

Page 130: ...r an EAPOL logoff message is received all attached clients are denied access to the network Guest VLANs Provides limited network access to authorized ports If a port is denied network access via port based authorization but the Guest VLAN is enabled the port receives limited network access For exam ple a network administrator can use Guest VLANs to deny network access via port based authentication...

Page 131: ...n the device Authentication Method Specifies the authentication method used for port authentication The possible field values are RADIUS None Provides port authentication first using the RADIUS server If the port is not authenticated then no authentication method is used and the session is permitted RADIUS Provides port authentication using the RADIUS server None Indicates that no authentication m...

Page 132: ... Admin Port Control Status The possible field values are Auto Enables port based authentication on the device The interface moves between an authorized or unauthorized state based on the authentication exchange between the device and the client Authorized Places the interface into an authorized state without being authenticated The interface re sends and receives normal traffic without client port...

Page 133: ...seconds that lapses before EAP requests are resent The field default is 30 seconds Max EAP Requests Displays the total amount of EAP requests sent If a response is not received after the defined period the authentication process is restarted The field default is 2 retries Supplicant Timeout Indicates the amount of time that lapses before EAP requests are resent to the sup plicant The field value i...

Page 134: ...ity on the selected port The possible field values are Multiple Multiple hosts are enabled Disable Multiple hosts are disabled Action on Violation Defines the action to be applied to packets arriving in single host mode from a host whose MAC address is not the supplicant MAC address The possible field values are Forward Forwards the packet Discard Discards the packets This is the default value Shu...

Page 135: ...dicates that the port control is Auto and a single client has been authenticated via the port No Single Host Indicates that Multiple Host is enabled Number of Violations Indicates the number of packets that arrived on the interface in single host mode from a host whose MAC address is not the supplicant MAC address 2 Click The Multiple Host Settings Page opens Figure 78 Multiple Host Settings Page ...

Page 136: ...owing fields User Name Lists the supplicants that were authenticated and are permitted on each port Port Displays the port number Session Time Displays the amount of time in seconds the supplicant was logged on the port Authentication Method Displays the method by which the last session was authenticated The possible field values are Remote 802 1x authentication is not used on this port port is fo...

Page 137: ...Configuring Network Security Page 134 Configuring Traffic Control This section contains information for managing both port security and storm control and includes the following topics Managing Port Security Enabling Storm Control ...

Page 138: ...on mechanism is invoked and can provide various options Unauthorized packets arriving at a locked port are either Forwarded Discarded with no trap Discarded with a trap Shuts down the port Locked port security also enables storing a list of MAC addresses in the configuration file The MAC address list can be restored after the device has been reset Disabled ports are activated from the Port Securit...

Page 139: ...earning the MAC address Discard Discards packets from any unlearned source This is the default value Shutdown Discards packets from any unlearned source and shuts down the port The port remains shut down until reactivated or until the device is reset Trap Enables traps when a packet is received on a locked port The possible field values are Checked Enables traps Unchecked Disables traps Trap Frequ...

Page 140: ... and the rate the packets are transmitted The system measures the incoming Broadcast and Multicast frame rates separately on each port and discards the frames when the rate exceeds a user defined rate The Storm Control Page provides fields for configuring broadcast storm control To enable storm control 1 Click Advanced Setup Security Suite Traffic Control Storm Control The Storm Control Page opens...

Page 141: ... together Broadcast Only Counts only Broadcast traffic Broadcast Rate Threshold Indicates the maximum rate kilobytes per second at which unknown packets are forwarded The range is 0 1 000 000 The default value is zero All values are rounded to the nearest 64 Kbps If the field value is under 64 Kbps the value is rounded up to 64 Kbps with the exception of the value zero 2 Click The Storm Control Se...

Page 142: ...ser Guide Page 139 Section 13 Configuring IP Information This section contains information for defining IP interfaces and includes the following sections Defining IP Addresses Defining Default Gateways Configuring DHCP Configuring ARP ...

Page 143: ...Interface Page contains the following fields IP Address Displays the currently configured IP address Mask Displays the currently configured IP address mask Interface Displays the interface used to manage the device Dynamic Indicates that the IP address is dynamically created Static Indicates the IP address is a static IP address Type Indicates if the IP address has been configured statically or ad...

Page 144: ... Mask or Prefix Length and Interface fields 4 Click The IP configuration fields are saved and the device is updated To modify an IP interface 1 Click Basic Setup IP Configuration IP Addressing IP Interface The IP Interface Page opens 2 Click The IP Interface Settings Page opens Figure 86 IP Interface Settings Page ...

Page 145: ...Configuring IP Information Page 142 3 Modify the IP Address Network Mask or Prefix Length and Interface fields 4 Click The IP Interface is modified and the device is updated ...

Page 146: ...lt Gateway Page opens Figure 87 Default Gateway Page The Default Gateway Page contains the following fields User Defined Default Gateway Defines the default gateway IP address Active Default Gateway Indicates if the default gateway is active The possible field values are Remove User Defined Removes the default gateway The possible field values are Checked Removes the selected default gateway Unche...

Page 147: ...a DHCP Interface 1 Click Basic Setup IP Configuration IP Addressing DHCP The DHCP Page opens Figure 88 DHCP Page The DHCP Page contains the following fields Interface Displays the IP address of the interface which is connected to the DHCP server Host Name Displays the system Host Name Remove Removes DHCP interfaces The possible field values are Checked Removes the selected DHCP interface Unchecked...

Page 148: ...DES 3228PA Embedded Web System User Guide Page 145 Figure 89 Add DHCP IP Interface Page 3 Define the Interface and Host Name fields 4 Click The DHCP interface is added and the device is updated ...

Page 149: ...f ARP entries that are cleared The possible values are None Maintains the ARP entries All Clears all ARP entries Dynamic Clears only dynamic ARP entries Static Clears only static ARP entries Interface Displays the interface type for which ARP parameters are displayed The possible field values are Port Indicates the port for which ARP parameters are defined LAG Indicates the LAG for which ARP param...

Page 150: ...ARP Table Entries fields 3 Click The ARP parameters are defined and the device is updated To create a new ARP entry 1 Click Basic Setup IP Configuration IP Addressing ARP The ARP Page opens 2 Click The Add ARP Settings Page opens Figure 91 Add ARP Settings Page 3 Define the Interface IP Address and MAC Address fields 4 Click The ARP interface is added and the device is updated ...

Page 151: ...Configuring IP Information Page 148 ...

Page 152: ...e registered ports Unregistered Multicast traffic If traffic addressed to an unregistered multicast group is seen it is handled by a special entry in the Multicast Filtering Database The default setting of this is to flood all such traffic traffic in unregistered multicast groups The device supports bullet Forwarding L2 Multicast Packets Enabled by default and not configurable by user The system s...

Page 153: ...age opens Figure 92 IGMP Snooping Page The IGMP Snooping Page contains the following fields Enable IGMP Snooping Status Indicates if IGMP Snooping is enabled on the device IGMP Snooping can be enabled only if Bridge Multicast Filtering is enabled The possible field values are Checked Enables IGMP Snooping on the device Unchecked Disables IGMP Snooping on the device VLAN ID Specifies the VLAN ID IG...

Page 154: ...MP group and not receiving a Join message from another station before timing out If a Leave Timeout occurs the switch notifies the Multicast device to stop sending traffic The Leave Timeout value is either user defined or an immediate leave value The default timeout is 10 seconds 2 Check the Enable IGMP Snooping Status checkbox 3 Click The Multicast Global Parameters Settings Page opens Figure 93 ...

Page 155: ...ticast groups 1 Click Advanced Setup Multicast Support Bridge Multicast Multicast Group The Multicast Group Page opens Figure 94 Multicast Group Page The Multicast Group Page contains the following information Enables Bridge Multicast Filtering Indicate if bridge Multicast filtering is enabled on the device The pos sible field values are Checked Enables Multicast filtering on the device Unchecked ...

Page 156: ...group 5 Define the Multicast port settings 6 Click The Multicast group is defined and the device is updated Table 9 IGMP Port LAG Members Table Control Settings Port Control Definition D Dynamically joins ports LAG to the Multicast group in the Current Row S Attaches the port to the Multicast group as static member in the Static Row The port LAG has joined the Multicast group statically in the Cur...

Page 157: ... packets are forwarded to the appropri ate port or VLAN Unless LAGs are defined only a Multicast Forward All table displays To define Multicast forward all settings 1 Click Advanced Setup Multicast Support Bridge Multicast Multicast Forward All The Multicast Forward All Page opens Figure 96 Multicast Forward All Page The Multicast Forward All Page contains the following fields VLAN ID DIsplays the...

Page 158: ...he VLAN ID drop down box 3 Define the VLAN port settings 4 Click The Multicast forward all settings are defined and the device is updated Table 10 Bridge Multicast Forward All Router Port Control Settings Table Port Control Definition D Attaches the port to the Multicast router or switch as a dynamic port S Attaches the port to the Multicast router or switch as a static port F Forbidden N ...

Page 159: ...Configuring Multicast Forwarding Defining Multicast Bridging Groups Page 156 ...

Page 160: ...necessity of placing network devices next to power sources Power over Ethernet can be used with IP Phones Wireless Access Points IP Gateways PDAs Audio and video remote monitoring Powered Devices are devices which receive power from the device power supplies for example IP phones Pow ered Devices are connected to the device via Ethernet ports This section includes the following topics Defining PoE...

Page 161: ...r supply unit is functioning but an error has occurred For example a power overload or a short circuit Nominal Power Indicates the actual amount of power the device can supply The field value is displayed in Watts Consumed Power Indicates the amount of the power used by the device The field value is displayed in Watts System Usage Threshold Indicates the percentage of power consumed before an alar...

Page 162: ...port is enabled to work on PoE The possible field values are On Indicates the device is delivering power to the interface Off Indicates the device is not delivering power to the interface Test Fail Indicates the powered device test has failed For example a port could not be enabled and cannot be used to deliver power to the powered device Testing Indicates the powered device is being tested For ex...

Page 163: ...ce Page the PoE Interface Edit Page contains the following additional fields Overload Counter Indicates the total power overload occurrences Short Counter Indicates the total power shortage occurrences Denied Counter Indicates times the powered device was denied power Absent Counter Indicates the times the power supply was stopped to the powered device because the powered device was no longer dete...

Page 164: ... stored in the Run ning Configuration file are lost During the startup process all commands in the Startup file are copied to the Running Configuration File and applied to the device During the session all new commands entered are added to the commands existing in the Running Configuration file Commands are not overwritten To update the Startup file before powering down the device the Running Conf...

Page 165: ...s manage the device and the configuration files configure the device for transmissions Only one type of download can be performed at any given time Firmware Download The Firmware Download section contains the following fields Firmware Download Indicates that the download is for firmware If Firmware Download is selected the Configuration Download fields are grayed out TFTP Server IP Address Specifi...

Page 166: ...ss from which the configuration files are downloaded Source File Name Specifies the configuration files to be downloaded Destination File Specifies the destination file to which to the configuration file is downloaded The possi ble field values are New File Name Downloads commands to a new Configuration file Running Configuration Downloads commands into the Running Configuration file Startup Confi...

Page 167: ...ns the following fields Firmware Upload Specifies that the software image file is uploaded If Firmware Upload is selected the Configuration Upload fields are grayed out Configuration Upload Specifies that the Configuration file is uploaded If Configuration Upload is selected the Software Image Upload fields are grayed out Software Image Upload The Software Image Upload section contains the followi...

Page 168: ...e file name to which the Startup Configuration file is uploaded Transfer file name Specifies the Configuration file name that is uploaded The possible field values are Running Configuration Uploads the Running Configuration file Startup Configuration Uploads the Startup Configuration file Backup Configuration Uploads the Backup Configuration file To upload files 1 Open the 2 Define the file type t...

Page 169: ...e opens Figure 102 Active Image Page The Active Image Page contains the following fields Unit No The the stacking member for which the Image file is selected Active Image The Image file which is currently active on the unit After Reset The Image file which is active on the unit after the device is reset The possible field values are Image 1 Activates Image file 1 after the device is reset Image 2 ...

Page 170: ...the Image file Boot Code Downloads the Boot file Destination Indicates the destination Master firmware file is selected Copy Configuration Copies the Running Configuration file to the Startup Configuration file Source Indicates the source running configuration file is selected Destination Indicates the destination configuration file is selected New File Name Indicates the destination configuration...

Page 171: ...ck System File Management File System The File System Page page opens Figure 104 File System Page The File System Page contains the following fields File Name Displays the user defined system file name Size Displays the system file size Modified Displays the last time the system file was modified Permission Displays the permission assigned to the system file Remove Removes system files from the de...

Page 172: ...gned a default VPT value which is set on a per port basis The assigned VPT is used to map the packet to the egress queue CoS Services After packets are assigned to a specific egress queue CoS services can be assigned to the queue Egress queues are configured with a scheduling scheme by one of the following methods Strict Priority Ensures that time sensitive applications are always forwarded Strict...

Page 173: ... CoS Mode Enables CoS Mode on the device The possible CoS Mode values are Disable Disables CoS Mode on the device Basic Mode Enables Basic CoS Mode on the device Advanced Mode Enables Advanced CoS Mode on the device Unit No Displays the stacking member s ID number for which the CoS information is displayed Interface Displays the port or LAG for which the CoS details are displayed Default CoS for I...

Page 174: ...ace Modifying queue scheduling affects the queue settings globally Queue shaping can be based per queue and or per interface Shaping is determined by the lower specified value The queue shaping type is selected in the Bandwidth Settings Page To define bandwidth settings 1 Click Basic Setup Quality of Service Global Parameters Bandwidth The Bandwidth Settings Page opens Figure 106 Bandwidth Setting...

Page 175: ...CIR as the queue shaping type The possible field value is 4096 1 000 000 000 bits per second CBS Defines CBS as the queue shaping type The possible field value is 4096 16 000 000 bytes 2 Select an interface 3 Click The Bandwidth Settings Edit Page opens Figure 107 Bandwidth Settings Edit Page 4 Define the fields 5 Click The bandwidth settings are saved to interface and the device is updated ...

Page 176: ...c scheduling is based strictly on the queue priority SDWRR Assigns Shaped Deficit WRR weights to queues This field is enabled only for queues in SDWRR queue mode Each queue has a predefined weight that cannot be modified Queue Displays the CoS queue for which the queue weight or bandwidth percentage is set Scheduling SDWRR Weight Displays the SDWRR weight assigned to the queue of SDWRR Bandwidth A...

Page 177: ...tup Quality of Service Queue Mapping CoS to Queue The CoS to Queue Page opens Figure 109 CoS to Queue Page The CoS to Queue Page contains the following fields CoS Specifies the CoS priority tag values where zero is the lowest and 7 is the highest Queue Defines the traffic forwarding queue to which the CoS priority is mapped Eight traffic priority queues are supported Restore Defaults Restores the ...

Page 178: ... Basic Setup Quality of Service Queue Mapping DSCP to Queue The DSCP to Queue Page opens Figure 110 DSCP to Queue Page The DSCP to Queue Page contains the following fields DSCP In Displays the incoming packet s DSCP value Queue Specifies the traffic forwarding queue to which the DSCP priority is mapped Eight traffic priority queues are supported 2 Define the queue number in the Queue field next to...

Page 179: ...11 Trust Setup Page The Trust Setup Page contains the following Trust Mode Defines which packet fields to use for classifying packets entering the device When no rules are defined the traffic containing the predefined packet CoS field is mapped according to the relevant trust modes table Traffic not containing a predefined packet field is mapped to best effort The possible Trust Mode field values ...

Page 180: ...p Quality of Service Basic Mode DSCP Rewrite The DSCP Rewrite Page opens Figure 112 DSCP Rewrite Page The DSCP Rewrite Page contains the following DSCP In Displays the incoming packet s DSCP value Queue Specifies the traffic forwarding queue to which the DSCP priority is mapped Eight traffic priority queues are supported 2 Define the DSCP In Queue field 3 Click The DSCP values is reassigned and th...

Page 181: ...Configuring Quality of Service Configuring Basic Mode Page 178 ...

Page 182: ...ined for SNMPv3 including Authentication Provides data integrity and data origin authentication Privacy Protects against the disclosure of message content Cipher Block Chaining CBC is used for encryption Either authentication is enabled on a SNMP message or both authentication and privacy are enabled on a SNMP message However privacy cannot be enabled without authentication Timeliness Protects aga...

Page 183: ...arameters Page contains the following fields Local Engine ID 0 64 Characters Displays the local device Engine ID The field value is a hexadecimal string Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be separated by a period or a colon The Engine ID must be defined before SNMPv3 is enabled Select a default Engine ID that is comprised of an Enterprise number and ...

Page 184: ...urity Views The SNMP Security Views Page opens Figure 114 SNMP Security Views Page The SNMP Security Views Page contains the following fields View Name Displays the user defined views The view name can contain a maximum of 30 alphanumeric characters Object ID Subtree Displays the device feature OID included in or excluded from the selected SNMP view View Type Indicates whether the defined OID bran...

Page 185: ...g SNMP Configuring SNMP Security Page 182 Figure 115 Add SNMP View Page 3 Define the View Name field 4 Define the view using and 5 Define the View Type field 6 Click The view is defined and the device is updated ...

Page 186: ... The possible field values are SNMPv1 SNMPv1 is defined for the group SNMPv2c SNMPv2c is defined for the group SNMPv3 SNMPv3 is defined for the group Security Level Defines the security level attached to the group Security levels apply to SNMPv3 only The possible field values are No Authentication Indicates that neither the Authentication nor the Privacy security levels are assigned to the group A...

Page 187: ...el Security Level and Operation fields 4 Click The SNMP group profile is added and the device is updated To modify SNMP Group Settings 1 Click System SNMP Security Group Profile The SNMP Group Profile Page opens 2 Click The SNMP Group Profile Settings Page opens Figure 118 SNMP Group Profile Settings Page 3 Modify the Group Name Security Model Security Level and Operation fields 4 Click The SNMP g...

Page 188: ...ging or removing the local SNMP Engine ID deletes the SNMPv3 user database Local Indicates that the user is connected to a local SNMP entity Remote Indicates that the user is connected to a remote SNMP entity If the Engine ID is defined remote devices receive inform messages Authentication Displays the method used to authenticate users The possible field values are MD5 Key Authenticates users usin...

Page 189: ...tication are required 32 bytes are defined Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be separated by a period or a colon Privacy Key 16 Hexa Chars Defines the privacy key LSB If only authentication is required 20 bytes are defined If both privacy and authentication are required 36 bytes are defined Each byte in hexadecimal character strings is two hexadecim...

Page 190: ...uide Page 187 Figure 121 SNMP Group Membership Settings Page 3 Modify the Group Name Engine ID Authentication Method Password Authentication Key and Privacy Key fields 4 Click The SNMP group membership is modified and the device is updated ...

Page 191: ...e The SNMP Communities Basic Table contains the following fields Management Station Displays the management station IP address for which the basic SNMP community is defined Community String Defines the password used to authenticate the management station to the device Access Mode Defines the access rights of the community The possible field values are Read Only Management access is restricted to r...

Page 192: ... used to authenticate the management station to the device Group Name Defines advanced SNMP community group names Remove Removes a community The possible field values are Checked Removes the selected SNMP communities Unchecked Maintains the SNMP communities 2 Click The Add SNMP Community Page opens Figure 123 Add SNMP Community Page 3 Define the SNMP Management Station Community String and Basic o...

Page 193: ...nfiguring SNMP Security Page 190 Figure 124 SNMP Community Settings Page 3 Modify the SNMP Management Station Community String and Basic or Advanced fields 4 Click The SNMP community is modified and the device is updated ...

Page 194: ... Configuring SNMP Notifications This section contains information for configuring SNMP Notifications and contains the following topics Defining SNMP Notification Global Parameters Defining SNMP Notification Filters Defining SNMP Notification Recipients ...

Page 195: ...ds Enable SNMP Notifications Specifies whether the device can send SNMP notifications The possible field values are Enable Enables SNMP notifications Disable Disables SNMP notifications Enable Authentication Notifications Specifies whether SNMP authentication failure notification is enabled on the device The possible field values are Enable Enables the device to send authentication failure notific...

Page 196: ...ion Filter Page contains the following fields Filter Name Contains a list of user defined notification filters Object Identifier Subtree Displays the OID for which notifications are sent or blocked If a filter is attached to an OID traps or informs are generated and sent to the trap recipients OIDs are selected from either the Select from field or the Object ID field Filter Type Indicates whether ...

Page 197: ...ring SNMP Notifications Page 194 Figure 127 Add SNMP Notification Filter Page 3 Define the Filter Name New Object Identifier Tree and Filter Type fields 4 Click The SNMP notification filter is defined and the device is updated ...

Page 198: ...lters provide the following services Identifying Management Trap Targets Trap Filtering Selecting Trap Generation Parameters Providing Access Control Checks To define SNMP notification filters 1 Click System SNMP Notification Notification Receiver The SNMP Notification Receiver Page opens Figure 128 SNMP Notification Receiver Page The SNMP Notification Receiver Page is divided into the following t...

Page 199: ... values are SNMP V1 Indicates that SNMP Version 1 traps are sent SNMP V2c Indicates that SNMP Version 2 traps are sent UDP Port Displays the UDP port used to send notifications The default is 162 Filter Name Indicates if the SNMP filter for which the SNMP Notification filter is defined Timeout Indicates the amount of time in seconds the device waits before re sending informs The default is 15 seco...

Page 200: ...entication Indicates that the packet is authenticated UDP Port The UDP port used to send notifications The field range is 1 65535 The default is 162 Filter Name Includes or excludes SNMP filters Timeout The amount of time seconds the device waits before resending informs The field range is 1 300 The default is 10 seconds Retries The amount of times the device resends an inform request The field ra...

Page 201: ...ck System SNMP Notification Notification Receiver The SNMP Notification Receiver Page opens 2 Click The SNMP Notification Receiver Settings Page opens Figure 130 SNMP Notification Receiver Settings Page 3 Modify the Notification Type SNMPV1 v2c or SNMPv3 UPD Port Filter Name TImeout and Retries fields 4 Click The SNMP notification recipients are defined and the device is updated ...

Page 202: ...tered based on their urgency or relevancy Each message severity determines the set of event logging devices that are sent per each event message The following table lists the log severity levels This section includes the following topics Enabling System Logs Viewing the Device Memory Logs Viewing the FLASH LogsDefining Servers Log Parameters Table 11 System Log Severity Levels Severity Level Messa...

Page 203: ...logs Unchecked Disables device logs Severity The following are the available log severity levels Emergency The highest warning level If the device is down or not functioning properly an emergency log message is saved to the specified logging location Alert The second highest warning level An alert log is saved if there is a serious device malfunction for example all device features are down Critic...

Page 204: ...inimum severity level from which logs are sent to the console RAM Logs Defines the minimum severity level from which logs are sent to the RAM Log kept in RAM Cache 2 Log File Defines the minimum severity level from which logs are sent to the log file kept in FLASH mem ory Define the Enable logging and Severity fields 3 Click The global log parameters are set and the device is updated ...

Page 205: ...t which the log was generated Severity Displays the log severity Description Displays the log message text Clearing Device Memory Logs Message logs can be cleared from the Device Memory Log Page To clear message logs 1 Click System Syslog Memory The Device Memory Log Page opens 2 Click The message logs are cleared Viewing the FLASH Logs The Syslog Flash Page contains information about log entries ...

Page 206: ...learing FLASH Logs Message logs can be cleared from the Syslog Flash Page To clear message logs 1 Click System Syslog Flash The Syslog FLASH Page opens 2 Click The message logs are cleared Defining Servers Log Parameters The Syslog Server Settings Page contains information for viewing and configuring the remote log servers New log servers can be defined and the log severity sent to each server To ...

Page 207: ...n All applica tions defined for a device utilize the same facility on a server The field default is Local 7 The possible field values are Local 0 Local 7 Description A user defined server description Minimum Severity Indicates the minimum severity from which logs are sent to the server For example if Notice is selected all logs with a severity level of Notice and higher are sent to the remote serv...

Page 208: ...S 3228PA Embedded Web System User Guide Page 205 3 Define the Log Server IP Address UDP Port Facility Description and Minimum servers fields 4 Click The Syslog Server is defined and the device is updated ...

Page 209: ...Managing System Logs Viewing the Device Memory Logs Page 206 ...

Page 210: ... System User Guide Page 207 Section 20 Managing Device Diagnostics This section contains the following topics Configuring Port Mirroring Viewing Integrated Cable Tests Viewing Optical Transceivers Viewing the CPU Utilization ...

Page 211: ...ring Page contains the following fields Destination Port Defines the port number to which port traffic is copied Source Port Indicates the port from which the packets are mirrored Type Indicates the port mode configuration for port mirroring The possible field values are RX Defines the port mirroring on receiving ports TX Defines the port mirroring on transmitting ports Both Defines the port mirro...

Page 212: ... 5 Click The port mirroring session is defined and the device is updated To edit the port mirroring settings 1 Click System Diagnostics Port Mirroring The Port Mirroring Page opens 2 Click The Port Mirroring Settings Page opens Figure 138 Port Mirroring Settings Page 3 Modify the Type field 4 Click The port mirroring settings are modified and the device is updated ...

Page 213: ...r Cable The Copper Cable Tests Page opens Figure 139 Copper Cable Tests Page The Copper Cable Tests Page contains the following fields Unit No Displays the stacking member for which the Copper Cable Tests are selected Port Specifies the port to which the cable is connected Test Result Displays the cable test results Possible values are No Cable Indicates that a cable is not connected to the port O...

Page 214: ...perature Displays the temperature C at which the cable is operating Voltage Displays the voltage at which the cable is operating Current Displays the current at which the cable is operating Output Power Indicates the rate at which the output power is transmitted Input Power Indicates the rate at which the input power is transmitted Transmitter Fault Indicates if a fault occurred during transmissio...

Page 215: ...ation The possible field values are Enabled Enables viewing CPU utilization information This is the default value Disabled Disables viewing the CPU utilization information Refresh Rate Amount of time that passes before the statistics are refreshed Usage Percentages Indicates the percentage of the CPU s resources consumed by the device Time Indicates the time in 15 second intervals the usage sample...

Page 216: ...tics for RMON interfaces GVRP EAP and Etherlike statistics This section contains the following topics Viewing Interface Statistics Managing RMON Statistics Viewing Interface Statistics This section contains the following topics Viewing Device Interface Statistics Managing RMON Statistics Viewing Etherlike Statistics ...

Page 217: ... passes before the interface statistics are refreshed The possible field values are 15 Sec Indicates that the Interface statistics are refreshed every 15 seconds 30 Sec Indicates that the Interface statistics are refreshed every 30 seconds 60 Sec Indicates that the Interface statistics are refreshed every 60 seconds No Refresh Indicates that the Interface statistics are not refreshed Receive Stati...

Page 218: ...ets Displays the number of Unicast packets transmitted on the selected interface Multicast Packets Displays the number of Multicast packets transmitted on the selected interface Broadcast Packets Displays the number of Broadcast packets transmitted on the selected interface Packets with Errors Displays the number of error packets transmitted from the selected interface ...

Page 219: ...tatistics Managing RMON Statistics Page 216 Managing RMON Statistics This section contains the following topics Viewing RMON Statistics Viewing the RMON History Table Configuring RMON Events Defining RMON Alarms ...

Page 220: ... Refresh Rate Defines the amount of time that passes before the interface statistics are refreshed The possible field values are 15 Sec Indicates that the RMON statistics are refreshed every 15 seconds 30 Sec Indicates that the RMON statistics are refreshed every 30 seconds 60 Sec Indicates that the RMON statistics are refreshed every 60 seconds Drop Events Displays the number of dropped events th...

Page 221: ... last refreshed Fragments Displays the number of fragments packets with less than 64 octets excluding framing bits but including FCS octets received on the interface since the device was last refreshed Jabbers Displays the total number of received packets that were longer than 1518 octets This number excludes frame bits but includes FCS octets that had either a bad Frame Check Sequence FCS with an...

Page 222: ...page Source Interface Displays the interface from which the history samples were taken The possible field values are Port Specifies the port from which the RMON information was taken LAG Specifies the port from which the RMON information was taken Sampling Interval Indicates in seconds the time that samplings are taken from the ports The field range is 1 3600 The default is 1800 seconds equal to 3...

Page 223: ...story Control Settings Page opens Figure 145 RMON History Control Settings Page 3 Define the Source Interface Owner Sampling Interval Max No of Samples to Keep and Samples Requested fields 4 Click The entry is added to the RMON History Control Page and the device is updated ...

Page 224: ...Bytes Octets Displays the number of octets received on the interface since the device was last refreshed This number includes bad packets and FCS octets but excludes framing bits Received Packets Displays the number of packets received on the interface since the device was last refreshed including bad packets Multicast and Broadcast packets Broadcast Packets Displays the number of good Broadcast p...

Page 225: ...ctets This number excludes frame bits but includes FCS octets that had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral octet Alignment Error number The field range to detect jabbers is between 20 ms and 150 ms Collisions Displays the number of collisions received on the interface since the device was last refreshed Utilization Disp...

Page 226: ...ontains the following fields Event Entry Displays the event Community Displays the community to which the event belongs Description Displays the user defined event description Type Describes the event type Possible values are Log Indicates that the event is a log entry Trap Indicates that the event is a trap Log and Trap Indicates that the event is both a log entry and a trap None Indicates that n...

Page 227: ...nt logs Click Advanced Setup RMON Events Events Logs The RMON Events Logs Page opens Figure 148 RMON Events Logs Page The RMON Events Logs Page contains the following fields Event Displays the RMON Events Log entry number Log No Displays the log number Log Time Displays the time when the log entry was entered Description Displays the log entry description ...

Page 228: ... are Delta Subtracts the last sampled value from the current value The difference in the values is compared to the threshold Absolute Compares the values directly with the thresholds at the end of the sampling interval Rising Threshold Displays the rising counter value that triggers the rising threshold alarm The rising threshold is presented on top of the graph bars Each monitored variable is des...

Page 229: ... value threshold Interval Defines the alarm interval time in seconds Owner Displays the device or user that defined the alarm Remove Removes the RMON Alarms Table entry 2 Click The Screen_advanced_InterfaceStatistics_GVRP gif opens Figure 150 RMON Alarms Definition Page 3 Define the Interface Counter Name Sample Type Rising Threshold Rising Event Falling Threshold Falling Event Startup Alarm Inter...

Page 230: ...cates that the Etherlike statistics are refreshed every 15 seconds 30 Sec Indicates that the Etherlike statistics are refreshed every 30 seconds 60 Sec Indicates that the Etherlike statistics are refreshed every 60 seconds Frame Check Sequence FCS Errors Displays the number of FCS errors received on the selected interface Single Collision Frames Displays the number of single collision frames recei...

Page 231: ...ays the number of paused frames transmitted from the selected interface 2 Select an interface in the Interface field The Etherlike statistics are displayed Resetting Etherlike Statistics Counters 1 Open the Etherlike Statistics Page 2 Click The Etherlike statistics counters are cleared ...

Page 232: ...rfaces Statistics Port Utilization The Port Utilization Page opens Figure 152 Port Utilization Page The Port Utilization Page contains the following fields Port Displays the port number Refresh Rate Amount of time that passes before the statistics are refreshed Usage Percentages Indicates the percentage of the CPU s resources consumed by the device Time Indicates the time in 15 second intervals th...

Page 233: ...ions This section contains the DES 3228PA hardware specifications Ports provides 24 Port 10 100Mbps 2 Combo Copper SFP 100BASE FX 1000BASE X Fiber ports 2 1000 Mbps Copper L2 Management Switch CPU DDRAM 64MB Max CPU Flash 16MBb Max PoE Per port power 16 8W PoE Total available power 370W AC Input 110 240V AC Internal universal power supply Operating Temperature 0 50 C Storage Temperature 10 70 C Op...

Page 234: ...ndard for marking and prioritizing network traffic at the data link MAC sub layer 802 1p traffic is classified and sent to the destination No bandwidth reservations or limits are established or enforced 802 1p is a spin off of the 802 1Q VLANs standard 802 1p establishes eight levels of priority similar to the IP Precedence IP Header bit field Command Line Interface Command Line Interface CLI synt...

Page 235: ...dynamic VLAN creation on 802 1Q trunk ports When GVRP is enabled the device registers and propagates VLAN membership on all ports that are part of the active underlying Spanning Tree Protocol Features topology IGMP Snooping IGMP Snooping examines IGMP frame contents when they are forwarded by the device from work stations to an upstream Multi cast router From the frame the device identifies work s...

Page 236: ...ns Regions are one or more MSTP bridges by which frames can be transmitted The standard lets administrators assign VLAN traffic to unique paths Password Management Password management provides increased network security and improved password control Passwords for SSH Telnet HTTP HTTPS and SNMP access are assigned security features For more information on Password Management see Managing Passwords ...

Page 237: ...able faster convergence without creating forwarding loops Remote Monitoring Remote Monitoring RMON is an extension to SNMP which pro vides comprehensive network traffic monitoring capabilities as opposed to SNMP which allows network device management and monitoring RMON is a standard MIB that defines current and historical MAC layer statistics and control objects allowing real time information to ...

Page 238: ...les secure transactions of data through privacy authentica tion and data integrity It relies upon certificates and public and private keys Static MAC Entries MAC entries can be manually entered in the Bridging Table as an alternative to learning them from incoming frames These user defined entries are not subject to aging and are preserved across resets and reboots TCP Transport Control Protocol T...

Page 239: ... Frames addressed to a destination MAC address that is not associated with any port are flooded to all ports of the relevant VLAN Web Based Management With web based management the system can be managed from any web browser The system contains an Embedded Web Server EWS which serves HTML pages through which the sys tem can be monitored and configured The system internally con verts web based input...

Page 240: ...s Listed below are some possible troubleshooting problems and solutions These error messages include Cannot connect to management using RS 232 serial connection Cannot connect to switch management using Telnet HTTP SNMP etc Self test exceeds 15 seconds No connection is established and the port LED is on Device is in a reboot loop No connection and the port LED is off Add and Edit pages do not open...

Page 241: ...proto col Faulty ethernet cable Faulty port Faulty module Incorrect initial configura tion Configure the network address in the workstation Configure the network address in the workstation Configure the workstation with IP protocol Replace the cable Replace the module Replace the module Erase the connection and reconfigure the port Device is in a reboot loop Software fault Download and install a w...

Page 242: ...ng message is displayed Console reload Are you sure you want to reboot the system y n n 2 Enter Y The device reboots After the POST when the text Autoboot in 2 seconds press RETURN or Esc to abort and enter prom is displayed press Enter The Startup Menu is displayed 1 Download software 2 Erase flash file 3 Erase flash sectors 4 Password Recovery Procedure 5 Enter Diagnostic Mode 6 Back 3 Enter 4 w...

Page 243: ...ser documentation can be found on the D Link website D Link provides free technical support for customers within the United States and within Canada for the warranty duration For more information on locating the D Link office in your region see International Offices ...

Page 244: ...DES 3228PA Embedded Web System User Guide Page 2 ...

Page 245: ...Page 3 ...

Page 246: ...DES 3228PA Embedded Web System User Guide Page 4 ...

Page 247: ...Page 5 ...

Page 248: ...DES 3228PA Embedded Web System User Guide Page 6 ...

Page 249: ...Page 7 ...

Page 250: ...DES 3228PA Embedded Web System User Guide Page 8 ...

Page 251: ...Page 9 ...

Page 252: ...DES 3228PA Embedded Web System User Guide Page 10 ...

Page 253: ...Page 11 ...

Page 254: ...DES 3228PA Embedded Web System User Guide Page 12 ...

Page 255: ...Page 13 ...

Page 256: ...DES 3228PA Embedded Web System User Guide Page 14 ...

Page 257: ...Page 15 ...

Page 258: ...DES 3228PA Embedded Web System User Guide Page 16 ...

Page 259: ...Page 17 ...

Page 260: ...DES 3228PA Embedded Web System User Guide Page 18 ...

Page 261: ...Page 19 ...

Page 262: ...DES 3228PA Embedded Web System User Guide Page 20 ...

Page 263: ...Page 21 ...

Page 264: ...DES 3228PA Embedded Web System User Guide Page 22 ...

Page 265: ...Page 23 ...

Page 266: ...DES 3228PA Embedded Web System User Guide Page 24 ...

Page 267: ...Page 25 ...

Page 268: ...DES 3228PA Embedded Web System User Guide Page 26 ...

Page 269: ...Page 27 ...

Page 270: ...e Hardware the actual price paid by the original purchaser for the defective Hardware will be refunded by D Link upon return to D Link of the defective Hardware All Hardware or part thereof that is replaced by D Link or for which the purchase price is refunded shall become the property of D Link upon replacement or refund Limited Software Warranty D Link warrants that the software portion of the p...

Page 271: ...n carrier selected by D Link Return shipping charges shall be prepaid by D Link if you use an address in the United States otherwise we will ship the product to you freight collect Expedited shipping is available upon request and provided shipping charges are prepaid by the customer D Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing req...

Page 272: ...er trademarks or registered trademarks are the property of their respective owners Copyright Statement No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation transformation or adaptation without permission from D Link Corporation D Link Systems Inc as stipulated by the United States Cop...

Page 273: ...t Registration D Link products can be registered online at http support dlink com register Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights ...

Page 274: ...nock Avenue North Ryde NSW 2113 Australia TEL 61 2 8899 1800 FAX 61 2 8899 1868 URL www dlink com au India D Link House Kurla Bandra Complex Road Off CST Road Santacruz East Mumbai 400098 India TEL 91 022 26526696 56902210 FAX 91 022 26528914 URL www dlink co in Middle East Dubai P O Box 500376 Office No 103 Building 3 Dubai Internet City Dubai United Arab Emirates Tel 971 4 3916480 Fax 971 4 3908...

Reviews:

No comments