manualshive.com logo in svg

D-Link DES-3550, Руководство пользователя, Страница: 117 / 192

Поделиться
Скачать
D-Link DES-3550 Скачать руководство пользователя страница 117

DES-3550 Layer 2 

Fast Ethernet Switch User’s Guide

 

 

117

User Account Management 

Add/Update/Delete User Accounts 

Yes No 

View User Accounts 

Yes No 

Admin and User Privileges 

After establishing a 

User Account

 with 

Admin

-level privileges, be sure to save the changes by 

opening the 

Maintenance

 folder, opening the 

Save Changes

 window and clicking the 

Save 

Configuration

 button.  

Access Authentication Control 

The TACACS / XTACACS / commands let you secure access to the Switch using 
the TACACS / XTACACS /  protocols. When a user logs in to the Switch or tries 
to access the administrator level privelege, he or she is prompted for a password. If TACACS 
/ XTACACS / authentication is enabled on the Switch, it will contact a TACACS / 
XTACACS / server to verify the user. If the user is verified, he or she is granted 
access to the Switch. 
There are currently three versions of the TACACS security protocol, each a separate entity. 
The Switch’s software supports the following versions of TACACS: 

 TACACS (Terminal Access Controller Access Control System) — Provides 

password checking and authentication, and notification of user actions for security purposes 
utilizing via one or more centralized TACACS servers, utilizing the UDP protocol for packet 
transmission. 

 Extended TACACS (XTACACS) — An extension of the TACACS protocol with 

the ability to provide more types of authentication requests and more types of response codes 
than TACACS. This protocol also uses UDP to transmit packets. 

  (Terminal Access Controller Access Control System plus) — Provides 

detailed access control for authentication for network devices. is facilitated 
through Authentication commands via one or more centralized servers. The  
protocol encrypts all traffic between the Switch and the daemon, using the TCP 
protocol to ensure reliable delivery. 
In order for the TACACS / XTACACS / security function to work properly, a 
TACACS / XTACACS /  server must be configured on a device other than the 
Switch, called an 

Authentication

  S

erver Host

, and it must include usernames and passwords 

for authentication. When the user is prompted by the Switch to enter usernames and 
passwords for authentication, the Switch contacts the TACACS / XTACACS /  
server to verify, and the server will respond with one of three messages: 
 

 The server verifies the username and password, and the user is granted normal user 

privileges on the Switch.  

 

 The server will not accept the username and password and the user is denied access to 

the Switch. 

 

 The server does not respond to the verification query. At this point, the Switch receives 

the timeout from the server and then moves to the next method of verification configured 
in the method list. 

The Switch has three built-in 

Authentication Server Groups

, one for each of the TACACS,  

XTACACS, and  protocols. These built-in 

Authentication Server Groups

 are used 

to authenticate users trying to access the Switch. The users will set 

Authentication Server 

Содержание DES-3550

Страница 1: ...D Link DES 3550 Managed 48 port 10 100Mbps and 2GE ports Layer 2 Ethernet Switch Manual...

Страница 2: ...can radiate radio frequency energy and if not installed and used in accordance with this manual may cause harmful interference to radio communications Operation of this equipment in a residential are...

Страница 3: ...es 15 Ports 16 FRONT PANEL COMPONENTS 17 LED Indicators 17 REAR PANEL DESCRIPTION 18 SIDE PANEL DESCRIPTION 18 GIGABIT COMBO PORTS 18 INSTALLATION 20 Package Contents 20 BEFORE YOU CONNECT TO THE NETW...

Страница 4: ...ON 40 Switch Information 40 Advanced Settings 41 PORT CONFIGURATIONS 43 PORT MIRRORING 45 PORT DESCRIPTION 46 IGMP 48 IGMP Snooping 48 Static Router Ports 49 SPANNING TREE 51 802 1w Rapid Spanning Tre...

Страница 5: ...S ENTITY 802 1X 104 Understanding 802 1x Port based Network Access Control 104 Configure Authenticator 106 Port Capability Settings 109 Initializing Ports 111 Reauthenticate Port s 112 RADIUS Server 1...

Страница 6: ...OOPING GROUP 152 IGMP SNOOPING FORWARDING 153 VLAN STATUS 153 BROWSE ROUTER PORT 154 PORT ACCESS CONTROL 155 Authenticator State 155 MAINTENANCE 156 TFTP SERVICES 156 Download Firmware From TFTP Serve...

Страница 7: ...Topology 166 Tool Tips 168 Right Click 170 Menu Bar 174 FIRMWARE UPGRADE 175 CONFIGURATION FILE BACKUP RESTORE 176 CABLES AND CONNECTORS 179 CABLE LENGTHS 180 GLOSSARY 180...

Страница 8: ...y of Service The Access Profile Table port mirroring and configuring the Spanning Tree Section 7 Management A discussion of the security features of the Switch including Security IP User Accounts Acce...

Страница 9: ...tes a window name or a field Also can indicate a variable or parameter that is replaced with an appropriate word or string For example type filename means that you should type the actual filename inst...

Страница 10: ...electric shock by shorting out interior components Use the product only with approved equipment Allow the product to cool before removing covers or touching internal components Operate the product onl...

Страница 11: ...asters and or stabilizers are firmly connected to the system Avoid sudden stops and uneven surfaces General Precautions for Rack Mountable Products Observe the following precautions for rack stability...

Страница 12: ...t from the antistatic packing material until you are ready to install the component in your system Just before unwrapping the antistatic packaging be sure to discharge static electricity from your bod...

Страница 13: ...packet structure format and support for CSMA CD protocol full duplex flow control and management objects but with a tenfold increase in theoretical throughput over 100Mbps Fast Ethernet and a one hund...

Страница 14: ...eliminating problems of chaining hubs beyond the two repeater limit A switch can be used to split parts of the network into different collision domains for example making it possible to expand your Fa...

Страница 15: ...cation Control utilizing TACACS XTACACS and TACACS Dual Image Firmware Simple Network Time Protocol support MAC Notification support Asymmetric VLAN support System and Port Utilization support System...

Страница 16: ...display for port status such as link act speed etc Ports Forty eight 48 high performance MDI X MDI II ports for connecting to end stations servers hubs and other networking devices All UTP ports can...

Страница 17: ...ate of the device The indicator is dark when the Switch is powered off Console This LED should blink during the Power On Self Test POST When the POST is finished the LED goes dark This indicator is li...

Страница 18: ...openings and leave at least 6 inches of space at the rear and sides of the Switch for proper ventilation Be reminded that without proper heat dissipation and air circulation system components might o...

Страница 19: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 19 Figure 1 5 Mini GBIC modules plug in to the Switch Figure 1 6 Installing the Mini GBIC Module...

Страница 20: ...where you install the Switch may greatly affect its performance Please follow these guidelines for setting up the Switch Install the Switch on a sturdy level surface that can support at least 3 kg 6...

Страница 21: ...When installing the Switch on a desktop or shelf the rubber feet included with the Switch should first be attached Attach these cushioning feet on the bottom at each corner of the device Allow enough...

Страница 22: ...tandard 19 rack Figure 2 3 Installing Switch in a rack Power On Plug one end of the AC power cord into the power connector of the Switch and the other end into the local power source outlet After the...

Страница 23: ...be connected to any of the ports of the Switch Figure 3 1 Switch connected to an end node The Link Act LEDs for each UTP port will light green or amber when the link is valid A blinking LED indicates...

Страница 24: ...ports are ideal for uplinking to a network backbone or server The copper ports operate at a speed of 1000 100 or 10Mbps in ful l or half duplex mode The fiber optic ports can operate at 1000Mbps in fu...

Страница 25: ...graphically using a Web browser such as Netscape Navigator version 6 2 and higher or Microsoft Internet Explorer version 5 0 SNMP Based Management You can manage the Switch with an SNMP compatible con...

Страница 26: ...ww microsoft com for information on Windows 2000 service packs 8 After you have correctly set up the terminal plug the power cable into the power receptacle on the back of the Switch The boot sequence...

Страница 27: ...or password and therefore just press enter twice to access the command line interface Figure 4 1 Initial screen after first connection First Time Connecting to the Switch The Switch supports user base...

Страница 28: ...d Password fields You will be given access to the command prompt DES 3550 4 shown below There is no initial username or password Leave the Username and Password fields blank Figure 4 3 Command Prompt...

Страница 29: ...the same password and press the Enter key 4 Successful creation of the new administrator account will be verified by a Success message User names and passwords can be up to 15 characters in length Th...

Страница 30: ...llows authorized management stations to retrieve and modify MIB objects SNMP V3 uses a more sophisticated authentication process that is separated into two parts The first part is to maintain a list o...

Страница 31: ...ddress is 10 90 90 90 You can change the default Switch IP address to meet the specification of your networking address scheme The Switch is also assigned a unique MAC address by the factory This MAC...

Страница 32: ...n IP Address In the above example the Switch was assigned an IP address of 10 53 13 175 with a subnet mask of 255 0 0 0 The system message Success indicates that the command was executed successfully...

Страница 33: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 33...

Страница 34: ...ate directly with the Switch using the HTTP protocol The Web based management module and the Console program and Telnet are different ways to access the same internal switching software and configure...

Страница 35: ...are explained below Web based User Interface The user interface provides access to various Switch configuration and management screens allows you to view performance statistics and permits you to grap...

Страница 36: ...management mode Below is a list and description of the main folders available in the web interface Configurations Contains screens concerning configurations for IP Address Switch Information Advanced...

Страница 37: ...ddress may initially be set using the console interface prior to connecting to it through the Ethernet If the Switch IP address has not yet been changed read the Introduction of the CLI Manual or retu...

Страница 38: ...which it is installed you can leave the default address 0 0 0 0 in this field If no VLANs have been previously configured on the Switch you can use the default VLAN Name default The default VLAN conta...

Страница 39: ...ubnet that the Switch is on Should be of the form xxx xxx xxx xxx where each xxx is a number represented in decimal between 0 and 255 The value should be 255 0 0 0 for a Class A network 255 255 0 0 fo...

Страница 40: ...interface named System and the y s represent the corresponding subnet mask Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s represent the IP address to be assig...

Страница 41: ...nformation is helpful to keep track of PROM and Firmware updates and to obtain the Switch s MAC address for entry into another network device s address table if necessary The user may also enter a Sys...

Страница 42: ...g is 300 seconds IGMP Snooping To enable system wide IGMP Snooping capability select Enabled IGMP snooping is Disabled by default Enabling IGMP snooping allows you to specify use of a multicast router...

Страница 43: ...d will enable or disable Asymmetric VLANs on the Switch The default is Disabled Syslog Global State Enables or disables Syslog State default is Disabled Click Apply to implement changes made to this w...

Страница 44: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 44 Figure 6 4 Port Configuration and The Port Information Table window...

Страница 45: ...rt configurations Ports configured for full duplex use 802 3x flow control half duplex ports use backpressure flow control and Auto ports use an automatic selection of the two The default is Disabled...

Страница 46: ...onto a slower port For example if you try to mirror the traffic from a 100 Mbps port onto a 10 Mbps port this can cause throughput problems The port you are copying frames from should always support...

Страница 47: ...Figure 6 6 Port Description Setting and Port Description Table Use the From and To pull down menu to choose a port or range of ports to describe and then enter a description of the port s Click Apply...

Страница 48: ...in the Configuration folder When enabled for IGMP snooping the Switch can open or close a port to a specific Multicast group member based on IGMP messages sent from the device to the IGMP host or vic...

Страница 49: ...ount of time in seconds allowed for a host to continue membership in a multicast group without the Switch receiving a host membership report Default 260 Route Timeout This is the maximum amount of tim...

Страница 50: ...to open the Current Static Router Ports Entries page as shown below Figure 6 9 Current Static Router Ports Entries window The Current Static Router Ports Entries page shown above displays all of the...

Страница 51: ...strates the main differences between the two protocols Port Transition States An essential difference between the two protocols is in the way ports transition to a forwarding state and in the way this...

Страница 52: ...ceives a BPDU packet immediately becoming a normal spanning tree port P2P Port A P2P port is also capable of rapid transition P2P ports may be used to connect to other bridges Under RSTP all ports ope...

Страница 53: ...Bridge Max Age 6 40 sec 20 The Max Age can be set from 6 to 40 seconds At the end of the Max Age if a BPDU has still not been received from the Root Bridge your Switch will start sending its own BPDU...

Страница 54: ...parameters in the same way RSTP is fully compatible with IEEE 802 1d STP and will function with legacy equipment Tx Hold Count 3 This is the maximum number of Hello packets transmitted per interval Th...

Страница 55: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 55 Figure 6 12 STP Port Settings and The STP Port Information window...

Страница 56: ...rts Cost 0 A Port Cost can be set from 1 to 200000000 The lower the number the greater the probability the port will be chosen to forward packets Default port cost 100Mbps port 200000 Gigabit ports 20...

Страница 57: ...his must be a unicast MAC address Allowed to Go Port Allows the selection of the port number on which the MAC address entered above resides Click Apply to implement the changes made To delete an entry...

Страница 58: ...ically using GMRP The options are None no restrictions on the port dynamically joining the multicast group When None is chosen the port will not be a member of the Static Multicast Group Egress the po...

Страница 59: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 59 Figure 6 16 Multicast Port Filtering Mode Setup and Multicast port Filtering Mode Table...

Страница 60: ...The quality of applications that are dependent on such time critical data such as video conferencing can be severely and adversely affected by even very small delays in transmission Network devices th...

Страница 61: ...rity by limiting traffic to specific domains A VLAN is a collection of end nodes grouped by logic instead of physical location End nodes that frequently communicate with each other are assigned to the...

Страница 62: ...N Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLANs allows VLANs to work with legacy switches that do not recognize VLAN tags in packet headers The t...

Страница 63: ...tag The tag is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried...

Страница 64: ...2 1Q compliant network device to another with the VLAN information intact This allows 802 1Q VLANs to span network devices and indeed the entire network if all network devices are 802 1Q compliant Unf...

Страница 65: ...VID for tagged packets tag aware and tag unaware network devices can coexist on the same network A switch port can have only one PVID but can have as many VIDs as the Switch has memory in its VLAN ta...

Страница 66: ...he ingress port If it does not the packet is dropped If it has the same VID the packet is forwarded and the destination port transmits it on its attached network segment This process is referred to as...

Страница 67: ...its destination If Port 10 is a member of VLAN 2 the packet will go through This selective forwarding feature based on VLAN criteria is how VLANs segment networks The key point being that Port 1 will...

Страница 68: ...w to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new menu Figure 6 21 802 1Q Static VLANs Add To r...

Страница 69: ...function will allow the Switch to send out GVRP packets to outside sources notifying that they may join the existing VLAN Port Settings Allows an individual port to be specified as member of a VLAN Ta...

Страница 70: ...termine whether the Switch will share its VLAN configuration information with other GARP VLAN Registration Protocol GVRP enabled switches In addition Ingress Checking can be used to limit traffic by f...

Страница 71: ...are the VID of the incoming packet to its PVID If the two are unequal the port will drop the packet If the two are equal the port will receive the packet GVRP The Group VLAN Registration Protocol GVRP...

Страница 72: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 72 Figure 6 24 Bandwidth Settings and Port Bandwidth Table...

Страница 73: ...u allows you to specify that the selected port will have no bandwidth limit Enabled disables the limit Rate This field allows you to enter the data rate in kb s that will be the limit for the selected...

Страница 74: ...oll Interval in Seconds This is the interval in seconds between requests for updated SNTP information Year Enter the current year if you want to update the system clock Month Enter the current month i...

Страница 75: ...cal DST offset 30 60 90 or 120 minutes Time Zone Offset from GMT in HH MM Use these pull down menus to specify your local time zone s offset from Greenwich Mean Time GMT DST Repeating Settings Using r...

Страница 76: ...ear From Day Enter the day of the week DST will start on each year From Time in HH MM Enter the time of day DST will start on each year To Month Enter the month DST will end on each year To Day Enter...

Страница 77: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 77 Figure 6 27 Port Security Settings window...

Страница 78: ...y 4 is assigned to the Switch s Q2 queue Priority 5 is assigned to the Switch s Q2 queue Priority 6 is assigned to the Switch s Q3 queue Priority 7 is assigned to the Switch s Q3 queue For strict prio...

Страница 79: ...ve this section is set by 8 specified groups of ports on the Switch Group 1 refers to ports 1 through 8 Group 2 refers to ports 9 through 16 Group 3 refers to ports 17 through 24 Group 4 refers to por...

Страница 80: ...igure 6 29 802 1p Default Priority window This page allows you to assign a default 802 1p priority to any given port on the Switch The priority queues are numbered from 0 the lowest priority to 7 the...

Страница 81: ...witch As with any changes to QoS implementation careful consideration should be given to how network traffic in lower priority queues is affected Changes in scheduling may result in unacceptable level...

Страница 82: ...3 X 16 48 ms The queue will continue transmitting the last packet until it is finished when the max latency timer expires Note The settings you assign to the queues numbers 0 7 represent the IEEE 802...

Страница 83: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 83 Figure 6 32 Traffic Segmentation Setting and Traffic Segmentation Table window...

Страница 84: ...Traffic Segmentation Table MAC Notification MAC Notification is used to monitor MAC addresses learned and entered into the forwarding database Global Settings To globally set MAC notification on the S...

Страница 85: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 85 Figure 6 34 MAC Notification Port Settings and Port State Table...

Страница 86: ...nk Groups Port trunk groups are used to combine a number of ports together to make a single high bandwidth data pipeline The DES 3550 supports up to 6 port trunk groups with 2 to 8 ports in each group...

Страница 87: ...is to be configured by the user and all configuration options including the VLAN configuration that can be applied to the Master Port are applied to the entire link aggregation group Load balancing i...

Страница 88: ...he group between 1 and 6 State Trunk groups can be toggled between Enabled and Disabled This is used to turn a port trunking group on or off This is useful for diagnostics to quickly isolate a bandwid...

Страница 89: ...ows for the automatic detection of links in a Port Trunking Group After setting the previous parameters click Apply to allow your changes to be implemented Successfully created trunk groups will be sh...

Страница 90: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 90 Figure 6 39 Lacp Port Settings and LACP Port Table...

Страница 91: ...files allow you to establish criteria to determine whether or not the Switch will forward packets based on the information contained in each packet s header These criteria can be specified on a basis...

Страница 92: ...pecify a mask to hide the content of the packet header Vlan Selecting this option instructs the Switch to examine the VLAN part of each packet header and use this as the full or partial criterion for...

Страница 93: ...address or packet content mask This will change the menu according to the requirements for the type of profile Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header...

Страница 94: ...a source port mask and or a destination port mask The user may also identify which flag bits to deny Flag bits are parts of a packet that determine what to do with the packet The user may deny packet...

Страница 95: ...ifier number for this profile set This value can be set from 1 255 Type Select profile based on Ethernet MAC Address IP address or packet content mask This will change the menu according to the requir...

Страница 96: ...to mask the packet from byte 16 to byte 31 Port The user may set the Access Profile Table on a per port basis by entering an entry in this field Entering all will denote all ports on the Switch Click...

Страница 97: ...Content Mask Ethernet instructs the Switch to examine the layer 2 part of each packet header IP instructs the Switch to examine the IP address in each frame s header Packet Content Mask instructs the...

Страница 98: ...otocol the user has chosen in the Access Profile Table In the example above IGMP is the protocol chosen and therefore the user may modify the IGMP settings for this access profile To view the settings...

Страница 99: ...This value can be set from 1 50 Type Selected profile based on Ethernet MAC Address IP address or Packet Content Mask Ethernet instructs the Switch to examine the layer 2 part of each packet header IP...

Страница 100: ...hich means the user may choose any combination of letters and numbers ranging from a f and from 0 9999 To view the settings of a previously correctly configured rule click in the Access Rule Table to...

Страница 101: ...the Switch according to any additional rule added see below Select Deny to specify that packets that do not match the access profile are not forwarded by the Switch and will be filtered Access ID Typ...

Страница 102: ...lue 0 15 Enter a value in hex form to mask the packet from the beginning of the packet to the 16th byte value 16 31 Enter a value in hex form to mask the packet from byte 16 to byte 31 value 32 47 Ent...

Страница 103: ...wing parameters can be set Parameter Description Index Syslog server settings index 1 4 Server IP The IP address of the Syslog server Severity This drop down menu allows you to select the level of mes...

Страница 104: ...l6 23 local use 7 local7 UDP Port 514 or 6000 65535 Type the UDP port number used for sending Syslog messages The default is 0 Status Choose Enabled or Disabled to activate or deactivate To set the Sy...

Страница 105: ...is authenticated the Switch unblocks the port that is connected to the user as shown in the next figure Figure 6 56 Typical 802 1x Configuration with User Authentication The user s information includ...

Страница 106: ...plements the server side of the IEEE 802 1x Port based Network Access Control This mechanism is intended to allow only authorized users or other network devices access to network resources by establis...

Страница 107: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 107 Figure 6 58 802 1X Authenticator Settings window...

Страница 108: ...to control the port authorization state Select forceAuthorized to disable 802 1X and cause the port to transition to the authorized state without any authentication exchange required This means the p...

Страница 109: ...nticator and the authentication server MaxReq 2 The maximum number of times that the Switch will retransmit an EAP Request to the client before it times out of the authentication sessions ReAuthPeriod...

Страница 110: ...DES 3550 Layer 2 Fast Ethernet Switch User s Guide 110 Figure 6 60 802 1x Capability Settings and Table window...

Страница 111: ...ator A user must pass the authentication process to gain access to the network None The port is not controlled by the 802 1x functions Initializing Ports Existing 802 1x port settings are displayed an...

Страница 112: ...be authorized unauthorized or N A Note The user must first globally enable 802 1X in the Advanced Settings window in the Configuration folder before initializing ports Information in the Initialize Po...

Страница 113: ...nDIr Operational Controlled Directions are both and in PortStatus The status of the controlled port can be authorized unauthorized or N A RADIUS Server The RADIUS feature of the Switch allows you to f...

Страница 114: ...server IP Authentic Port 1812 Set the RADIUS authentic server s UDP port The default is 1812 Accounting Port 1813 Set the RADIUS account server s UDP port The default is 1813 Key Set the key the same...

Страница 115: ...nt to permit remote stations to manage the Switch If you choose to define one or more designated management stations only the chosen stations as defined by IP address will be allowed management privil...

Страница 116: ...ange the password type in the New Password and retype it in the Confirm New Password entry field Choose the level of privilege Admin or User from the Access Right drop down menu Admin and User Privile...

Страница 117: ...nd more types of response codes than TACACS This protocol also uses UDP to transmit packets TACACS Terminal Access Controller Access Control System plus Provides detailed access control for authentica...

Страница 118: ...has been verified or denied or the list is exhausted Please note that users granted access to the Switch will be granted normal user privileges on the Switch To gain access to administrator level pri...

Страница 119: ...Line Interface application the Telnet application and the WEB HTTP application Login Method List Using the pull down menu configure an application for normal login on the user level utilizing a previo...

Страница 120: ...dd this Authentication Server Host to the group Authentication Server Hosts This window will set user defined Authentication Server Hosts for the TACACS XTACACS TACACS security protocols on the Switch...

Страница 121: ...rs to add an Authentication Server Host Parameter Description IP Address The IP address of the remote server host the user wishes to add Protocol The protocol used by the server host The user may choo...

Страница 122: ...ist the local account database set in the Switch is used to authenticate the user When the local method is used the privilege level will be dependant on the local account privilege configured on the S...

Страница 123: ...the user to be authenticated using the tacacs protocol from a remote tacacs server xtacacs Adding this parameter will require the user to be authenticated using the xtacacs protocol from a remote xta...

Страница 124: ...st TACACS host in the server group If no verification is found the Switch will send an authentication request to the second TACACS host in the server group and so on until the list is exhausted At tha...

Страница 125: ...password database on the Switch The local enable password must be set by the user in the next section entitled Local Enable Password none Adding this parameter will require no authentication to access...

Страница 126: ...sword of up to 15 characters Confirm Local Enabled Confirm the new password entered above Entering a different password here from the one set in the New Local Enabled field will result in a fail messa...

Страница 127: ...em features for proper operation monitor performance and detect potential problems in the switch switch group or network Managed devices that support SNMP include software referred to as an agent whic...

Страница 128: ...ect Identifier OID associated with a specific MIB An additional layer of security is available for SNMP v 3 in that SNMP messages may be encrypted Traps Traps are messages that alert network personnel...

Страница 129: ...MP User Table To delete an existing SNMP User Table entry click the below the Delete heading corresponding to the entry you wish to delete To display the detailed entry for a given user click on the h...

Страница 130: ...s will open the SNMP User Table Configuration page as shown below Figure 7 22 SNMP User Table Configuration The following parameters can be set Parameter Description User Name An alphanumeric string o...

Страница 131: ...cessed by a remote SNMP manager To view the SNMP View Table open the SNMP V3 folder and click the SNMP View Table entry The following screen should appear Figure 7 23 SNMP View Table To delete an exis...

Страница 132: ...list of objects that an SNMP manager can access To implement your new settings click Apply To return to the SNMP View Table click the Show All SNMP View Table Entries link SNMP Group Table A SNMP Grou...

Страница 133: ...used to identify the new SNMP group of SNMP users Read View Name This name is used to specify that the SNMP group created can request SNMP messages Write View Name Specify a SNMP group name for users...

Страница 134: ...es link SNMP Community Table Configuration Use this table to create an SNMP community string to define the relationship between the SNMP manager and an agent The community string acts like a password...

Страница 135: ...om the SNMP Community Table click the under the Delete heading corresponding to the entry you wish to delete SNMP Host Table Use the SNMP Host Table to set up SNMP trap recipients Open the SNMP V3 fol...

Страница 136: ...be used with an Auth Priv security level Community String or SNMP V3 User Name Type in the community string or SNMP V3 user name as appropriate To implement your new settings click Apply To return to...

Страница 137: ...us Router Port Port Access Control Port Utilization The Port Utilization page displays the percentage of the total available bandwidth being used on the port Port utilization statistics may be viewed...

Страница 138: ...an integer percentage and calculated as a simple average by time interval To view the CPU Utilization window open the Monitoring folder and click the CPU Utilization link Figure 8 2 CPU Utilization g...

Страница 139: ...or a table Six windows are offered Received RX Click the Received RX link in the Packets folder of the Monitoring menu to view the following graph of packets received on the Switch Figure 8 3 Rx Packe...

Страница 140: ...lect number of times the Switch will be polled between 20 and 200 The default value is 20 Bytes Counts the number of bytes received on the port Packets Counts the number of packets received on the por...

Страница 141: ...the Packets folder of the Monitoring menu to view the following graph of UMB cast packets received on the Switch Figure 8 5 Rx Packets Analysis window line graph for Unicast Multicast and Broadcast P...

Страница 142: ...is 20 Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast Cou...

Страница 143: ...itted TX link in the Packets folder of the Monitoring menu to view the following graph of packets transmitted from the Switch Figure 8 6 Tx Packets Analysis window line graph for Bytes and Packets To...

Страница 144: ...f times the Switch will be polled between 20 and 200 The default value is 20 Bytes Counts the number of bytes successfully sent from the port Packets Counts the number of packets successfully sent on...

Страница 145: ...d as either a line graph or a table Four windows are offered Received RX Click the Received RX link in the Error folder of the Monitoring menu to view the following graph of error packets received on...

Страница 146: ...mitted packets size of 64 bytes and have a good CRC Undersize packets usually indicate collision fragments a normal network occurrence OverSize Counts packets received that were longer than 1518 octet...

Страница 147: ...graph View Line Chart Clicking this button instructs the Switch to display a line graph rather than a table Transmitted TX Click the Transmitted TX link in the Error folder of the Monitoring menu to...

Страница 148: ...hat a collision is detected later than 512 bit times into the transmission of a packet ExColl Excessive Collisions The number of packets for which transmission failed due to excessive collisions SingC...

Страница 149: ...itch arranged in six groups and classed by size to be viewed as either a line graph or a table Two windows are offered Figure 8 12 Rx Size Analysis window line graph To view the Packet Size Analysis T...

Страница 150: ...usive excluding framing bits but including FCS octets 512 1023 The total number of packets including bad packets received that were between 512 and 1023 octets in length inclusive excluding framing bi...

Страница 151: ...able to be browsed by Find Allows the user to move to a sector of the database corresponding to a user defined port VLAN or MAC address VID The VLAN ID of the VLAN the port is a member of MAC Address...

Страница 152: ...g field can be viewed Parameter Description VLAN ID The VLAN ID VID of the multicast group Multicast Group The IP address of the multicast group MAC Address The MAC address of the multicast group Quer...

Страница 153: ...the top left hand corner Search The following field can be viewed Parameter Description VLAN ID The VLAN ID VID of the multicast group Multicast Group The IP address of the multicast group MAC Addres...

Страница 154: ...onfigured as router ports A router port configured by a user using the console or Web based management interfaces is displayed as a static router port designated by S A router port that is dynamically...

Страница 155: ...can be set using the drop down menu at the top of the window and clicking OK The information on this window is described as follows Parameter Description Auth PAE State The Authenticator PAE state val...

Страница 156: ...Switch to the TFTP server Download Firmware From TFTP Server To update the Switch s firmware open the TFTP Services folder in the Maintenance folder and click the Download Firmware from TFTP link Figu...

Страница 157: ...n bytes of the firmware Date The date that the firmware was added to the Switch From The IP address of the Server from which the firmware came User The name of the user who downloaded the firmware Set...

Страница 158: ...TFTP server open the TFTP Service folder in the Maintenance folder and then click the Upload log to TFTP Server link Figure 9 4 Upload Log to TFTP Server window Enter the IP address of the TFTP serve...

Страница 159: ...to the Switch s history log is made The table displays the last entry highest sequence number first Time Displays the time in days hours and minutes since the Switch was last restarted Log Text Displ...

Страница 160: ...he Apply button When this is done the settings will be immediately applied to the switching software in RAM and will immediately take effect Some settings though require you to restart the Switch befo...

Страница 161: ...on parameters to their factory defaults Reset gives the option of retaining the Switch s User Accounts and History Log while resetting all other configuration parameters to their factory defaults If t...

Страница 162: ...without saving these default values to the Switch s non volatile RAM If the Switch is reset with this option enabled and Save Changes is not executed the Switch will return to the last saved configur...

Страница 163: ...CS which is the master switch of the group Member Switch MS which is a switch that is recognized by the CS as a member of a SIM group and a Candidate Switch CaS which is a Switch that has a physical l...

Страница 164: ...onfigured through the CS to become a MS After configuring one switch to operate as the CS of a SIM group additional DES 3550 switches may join the group either by an automatic method or by manually co...

Страница 165: ...Switch a Commander Switch CS The user may join other switches to this Switch over Ethernet to be part of its SIM group Choosing this option will also enable the Switch to be configured for SIM Discov...

Страница 166: ...ormation under the Data tab Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user If no Device Name is configured by the nam...

Страница 167: ...then Topology which will produce the following screen The Topology View will refresh itself periodically 20 seconds by default Figure 10 5 Topology view This screen will display how the devices within...

Страница 168: ...h of other group Layer 2 candidate switch Layer 3 candidate switch Unknown device Non SIM devices Tool Tips In the Topology view window the mouse plays an important role in configuration and in viewin...

Страница 169: ...er s Guide 169 Figure 10 6 Device Information Utilizing the Tool Tip Setting the mouse cursor over a line between two devices will display the connection speed between two devices as shown below Figur...

Страница 170: ...IM group and the icon associated with it Group Icon Figure 10 8 Right Clicking a Group Icon The following options may appear for the user to configure Collapse To collapse the group that will be repre...

Страница 171: ...ions may appear for the user to configure Collapse To collapse the group that will be represented by a single icon Expand To expand the group in detail CS MS and CaS in this group are shown Configure...

Страница 172: ...Right Clicking a Member icon The following options may appear for the user to configure Remove from group Remove a member from a group Configure Launch the web management to configure the Switch Prop...

Страница 173: ...his option will reveal the following screen for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group Click OK to enter the password or Cancel t...

Страница 174: ...this field MAC Address Displays the MAC Address of the corresponding Switch Model Name Displays the full Model Name of the corresponding Switch Click Close to close the Property window Menu Bar The Si...

Страница 175: ...Switch to the Member Switch Member switches will be listed in the table and will be specified by Port port on the CS where the MS resides MAC Address Model Name and Version To specify a certain Switch...

Страница 176: ...table and will be specified by Port port on the CS where the MS resides MAC Address Model Name and Version To specify a certain Switch for upgrading configuration files click its corresponding radio...

Страница 177: ...EE 802 3 Nway auto negotiation Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Half duplex Full duplex 10 Mbps 20 Mbps 100 Mbps 200 Mbps 2000 Mbps Full duplex only Topolo...

Страница 178: ...Number of Ports 48 10 100 1000 Mbps ports 2 1000BASE T Mini GBIC Combo Ports Performance Transmission Method Store and forward Packet Buffer 64 MB per device Packet Filtering Forwarding Rate Full wire...

Страница 179: ...ng diagrams and tables show the standard RJ 45 receptacle connector and their pin assignments The standard RJ 45 port and connector RJ 45 Pin Assignments Contact MDI X Port MDI II Port 1 RD receive TD...

Страница 180: ...0 Mbps 100m 328ft 10BASE T Category 3 UTP Cable 10 Mbps 100m 328ft Glossary 1000BASE LX A short laser wavelength on multimode fiber optic cable for a maximum length of 550 meters 1805 feet 1000BASE SX...

Страница 181: ...tination devices on the network broadcast storm Multiple simultaneous broadcasts that typically absorb available network bandwidth and can cause network failure console port The port on the Switch acc...

Страница 182: ...addresses are specified in the destination address field of the packet protocol A set of rules for communication between devices on a network The rules dictate format timing sequencing and error contr...

Страница 183: ...computer system and access a host as if the user were connected directly to the host TFTP Trivial File Transfer Protocol Allows you to transfer files such as software upgrades from a remote device us...

Страница 184: ...tario L6H 5W1 Canada TEL 1 905 829 5033 FAX 1 905 829 5223 BBS 1 965 279 8732 FTP ftp dlinknet com TOLL FREE 1 800 354 6522 URL www dlink ca E MAIL techsup dlink ca Chile D Link South America Sudam ri...

Страница 185: ...many TEL 49 6196 77990 FAX 49 6196 7799300 BBS 49 0 6192 971199 analog BBS 49 0 6192 971198 ISDN INFO 00800 7250 0000 toll free HELP 00800 7250 4000 toll free REPAIR 00800 7250 8000 HELP support dlink...

Страница 186: ...TEL 65 6774 6233 FAX 65 6774 6322 E MAIL info dlink com sg URL www dlink intl com South Africa D Link South Africa Einstein Park II Block B 102 106 Witch Hazel Avenue Highveld Technopark Centurion Gau...

Страница 187: ...3 4234 FAX Jebel Ali 971 4 883 4394 Dubai 971 4 335 2464 E MAIL dlinkme dlink me com support dlink me com U K D Link Europe United Kingdom Ltd 4th Floor Merit House Edgware Road Colindale London NW9 5...

Страница 188: ...ine Verbesserung erzielen e Das Ger t ist gefallen und oder das Geh use ist besch digt f Wenn das Ger t deutliche Anzeichen eines Defektes aufweist 16 Bei Reparaturen d rfen nur Orginalersatzteile bzw...

Страница 189: ...g costs Software Warranty service for software products may be obtained by contacting a D Link office within the applicable warranty period A list of D Link offices is provided at the back of this man...

Страница 190: ...that case the product is being sold As Is without any warranty whatsoever including without limitation the Limited Warranty as described herein notwithstanding anything stated herein to the contrary S...

Страница 191: ...ate Trademarks D Link is a registered trademark of D Link Systems Inc Other trademarks or registered trademarks are the property of their respective manufacturers or owners Copyright Statement No part...

Страница 192: ...192 Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights...

Отзывы:

Нет отзывов