D-Link DGS-3100 SERIES Скачать руководство пользователя страница 172 | Manualshive

Страница: 172 / 295

D-Link DGS-3100 SERIES Скачать руководство пользователя страница 172

DGS-3100 Series Gigabit Stackable Managed Switch User Manual

156

Configuring Secure Socket Layer Security

Secure Socket Layer

(SSL) is a security feature that provides a secure communication path between a host and client

through the use of authentication, digital signatures, and encryption. These security functions are implemented using a

Ciphersuite

, which is a security string that determines the exact cryptographic parameters, specific encryption algorithms

and key sizes used for authentication sessions, and that consists of:



Key Exchange

—Cyphersuite strings specify the public key algorithm used. This switch utilizes the

Rivest Shamir

Adleman

(RSA) public key algorithm. This is the first authentication process between client and host as they

“exchange keys” in looking for a match and therefore authentication to be accepted to negotiate encryptions on the
following level.



Encryption:

The second part of the ciphersuite that includes the encryption used for encrypting the messages sent

between client and host. The Switch supports two types of cryptology algorithms:

–

Stream Ciphers

– There are two types of stream ciphers on the Switch,

RC4 with 40-bit keys

and

RC4 with

128-bit keys

. These keys are used to encrypt messages and need to be consistent between client and host for

optimal use.

–

CBC Block Ciphers

–

Cipher Block Chaining

(CBC) links encrypted text blocks. The Switch supports the

3DES EDE

encryption code defined by the

Data Encryption Standard

(DES) to create the encrypted text.



Hash Algorithm

— This part of the ciphersuite allows the user to choose a message digest function which will

determine a Message Authentication Code. This

Message Authentication Code

will be encrypted with a sent

message to provide integrity and prevent against replay attacks. The Switch supports two hash algorithms,

Message

Digest 5

(

MD5

) and

Secure Hash Algorithm

(

SHA

).

The

SSL Configuration Settings Page

permits network managers to enable SSL with all supported ciphersuites on the

Switch. Ciphersuites are security strings that determines the exact cryptographic parameters, specific encryption algorithms
and key sizes to be used for an authentication session. The Switch possesses three possible ciphersuites for the SSL function,
which are enabled by default.

NOTE: Once SSL is enabled, the Web and Telnet are disabled.

To manage the device via an Embedded Web System while SSL is enabled, the web browser must support SSL encryption.
URL headers must begin with

https://

, for example

https://10.90.90.90

.

The system supports up-to five SSH sessions.
To enable SSL on the device:

1.

Click

Security > SSL

. The

SSL Configuration Settings Page

opens

:

«
...
170
171
172
173
174
...
»

Содержание DGS-3100 SERIES

Страница 1: ...D Link DGS 3100 SERIES GIGABIT STACKABLE MANAGED SWITCH User Manual V3 6 ...

Страница 2: ...nd used in accordance with this user s guide may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in which case...

Страница 3: ...he Stack Status 8 Locating Devices 8 Backing up and Restoring Configuration Files 9 Resetting the Device 10 Downloading the Firmware 11 Rebooting the System 13 View Add Update Delete User Accounts Using the Web System Components 14 User Level Support on the WEB 15 CONFIGURING BASIC CONFIGURATION 16 Viewing Device Information 17 Defining System Information 19 Defining IP Addresses 20 Managing Stack...

Страница 4: ...E 802 1p Priority 71 VLAN Description 71 Notes about VLANs on the DGS 3100 Series 71 IEEE 802 1Q VLANs 71 802 1Q VLAN Tags 73 Port VLAN ID 74 Tagging and Untagging 74 Ingress Filtering 74 Default VLANs 75 VLAN and Trunk Groups 75 VLAN Status 75 Defining VLAN Properties 76 Defining Asymmetric VLAN 78 Configuring GVRP 80 Defining Trunking 82 Load Balancing 82 Defining VLAN Trunking 84 Traffic Segmen...

Страница 5: ...Mechanism 135 Defining DSCP User Priority 136 Defining Multi Layer CoS Settings 137 SECURITY FEATURES 138 Configuring Safeguard Engine 139 Configuring Trust Host 140 Configuring Port Security 142 Configuring Guest VLANs 144 Configuring Port Authentication 802 1X 145 Configuring MAC Authentication by using Guest VLAN 802 1X and Radius pages 150 Defining RADIUS Settings 153 Defining EAP Forwarding S...

Страница 6: ...vironment 191 Errors 192 Cable Diagnostics 195 MANAGING POWER OVER ETHERNET DEVICES 197 Defining PoE Port Information 198 Configuring PoE System Settings 200 DEFINING ACCESS PROFILE LISTS 201 Methods for Defining Access Control Lists 202 ACL Configuration Wizard 203 Defining Access Profile Lists 205 Defining Layer 3 IPv6 ACL 218 IP and MAC Based ACLs on the Same Port 224 Adding Access Rules 224 Fi...

Страница 7: ...This preface provides an overview to the guide and includes the following sections System Overview Viewing the Device Device Management Methods User Guide Overview Intended Audience Notes Notices and Cautions Safety Cautions General Precautions for Rack Mountable Products ...

Страница 8: ...igabit Ethernet Switches enhance networks by providing a powerful switch that eliminates network bottlenecks enabling network administrators to fine tune network configurations The DGS 3100 series and the DGS 3100 24TG are perfect for departmental and enterprise connections and are ideal for backbone and server connections ...

Страница 9: ... The DGS 3100 series also provides 4 Mini GBIC SFP combo ports which connect fiber optic media to switches servers or network backbone The DGS 3100 series provides an additional RS 232 port console port for managing the switch via a console terminal or PC with a Terminal Emulation Program Figure 1 DGS 3100 Series 48 Port Front Panel DGS 3100 24TG Front Panel The DGS 3100 24TG provides eight high p...

Страница 10: ... graphically via a web browser including Netscape Navigator version 7 0 and higher Microsoft Internet Explorer version 5 0 and higher Mozilla Firefox version 2 0 and higher Apple Safari SNMP Based Management The system also supports SNMPv1 SNMPv2c and SNMPv3 The SNMP agent decodes the incoming SNMP messages and replies to requests with MIB objects stored in the database The SNMP agent updates the ...

Страница 11: ...s managing stacking defining ports configuring SNMP management and defining the system time settings Section 3 Configuring L2 Features Provides information for enabling and configuring Jumbo frames VLANs Trunks LAGs Traffic Segmentation Multicast forwarding Spanning Tree and LLDP Section 4 Configuring Quality of Service Provides information for ability to implement QoS and priority queuing within ...

Страница 12: ... vi Intended Audience The DGS 3100 series DGS 3100 24TG User Guide contains information for configuring and managing the DGS 3100 series DGS 3100 24TG Switches This guide is intended for network managers familiar with network management concepts and terminology ...

Страница 13: ...E A NOTE indicates important information that helps you make better use of your device NOTICE A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem CAUTION A CAUTION indicates a potential for property damage personal injury or death vii ...

Страница 14: ...ult your service provider or local power company To help avoid damaging your system be sure the voltage selection Switch if provided on the power supply is set to match the power available at your location 115 volts V 60 hertz Hz in most of North and South America and some Far Eastern countries such as South Korea and Taiwan 100 V 50 Hz in eastern Japan and 100 V 60 Hz in western Japan 230 V 50 Hz...

Страница 15: ...he weight of more than one extended component could cause the rack to tip over and may result in serious injury Before working on the rack make sure that the stabilizers are secured to the rack extended to the floor and that the full weight of the rack rests on the floor Install front and side stabilizers on a single rack or front stabilizers for joined multiple racks before working on the rack Al...

Страница 16: ...ed metal surface on the chassis You can also take the following steps to prevent damage from electrostatic discharge ESD 1 When unpacking a static sensitive component from its shipping carton do not remove the component from the antistatic packing material until you are ready to install the component in your system Just before unwrapping the antistatic packaging be sure to discharge static electri...

Страница 17: ...g the device simply run the browser installed on the management station and point it to the IP address defined for the device For example http 123 123 123 123 Please note that the proxy for session connection should be turned off NOTE The Factory default IP address for the Switch is 10 90 90 90 1 ...

Страница 18: ...st be downloaded to replace corrupted files update or upgrade the system software It is recommended to set the Baud Rate to 38400 prior to downloading software therefore allowing the software download to be faster See Set Terminal Baud Rate To download software from the Startup menu 1 On the Startup menu press 1 The following prompt is displayed Downloading code using XMODEM 2 When using HyperTerm...

Страница 19: ...ent stack unit ID list and define an alternative unit ID stack membership number Unit ID 0 is allocated for auto numbering which is the factory default Refer to Managing Stacking for further reference To access the stack menu 1 On the Startup menu press 3 The following prompt is displayed Stack menu 1 Show unit stack id 2 Set unit stack id 3 Back Enter your choice or press ESC to exit 2 To display...

Страница 20: ...DGS 3100 Series Gigabit Stackable Managed Switch User Manual 4 Stack menu 1 Show unit stack id 2 Set unit stack id 3 Back Enter your choice or press ESC to exit Enter unit stack id 0 6 ...

Страница 21: ...pop up blockers are enabled edit add and device information messages may not open 2 Enter the device IP address in the address bar and press Enter The user interface provides access to various switch configuration and management windows allows you to view performance statistics and permits you to graphically monitor the system status The screen captures in this Guide represent the DGS 3100 48 48 p...

Страница 22: ...iguration instructions Stacking Status View Located at the bottom left corner of the home page the stacking status view provides a graphic representation of the stacking links and ports status Table 0 1 Web Interface Views Figure 0 1 Device Information Page The following table describes the main 6 areas on the Device Information Page View Description 1 Tree View Select the folder or window to be d...

Страница 23: ...specified mode Various areas of the graphic can be selected for performing management functions including port configuration 5 Device Application Buttons Provides access to the device logout and provides information about the Safe Guard mode currently enabled on the device 6 Stacking Status View Provides a graphic representation of the stacking links and ports status Table 0 2 Main Areas ...

Страница 24: ...ng the Stack Status The Stacking Information Page provides specific information for stacked devices For more information regarding the stacking setup see Managing Stacking section Locating Devices The Device Locator Page enables locating system devices by activating LED locators To locate devices 1 Click Device Locator The Device Locator Page opens Figure 0 2 Device Locator Page 2 Click The LED lo...

Страница 25: ...e current configuration files via the HTTP server Restore saved setting from file Restores the current configuration files via the HTTP server File Type Specifies the current configuration file type The possible field values are Startup Config and Running Config TFTP Indicates that the system files are backed up or restored via an TFTP server The possible field values are Server IP Specifies the T...

Страница 26: ... files click To restore files click Resetting the Device The Factory Reset Page restores the factory defaults To restore the device to the factory default settings 1 Click Reset The Factory Reset Page opens Figure 0 4 Factory Reset Page 2 Click The factory default settings are restored once it completely reloaded and the device is updated 10 ...

Страница 27: ...UDP port value entries are in decimal value However if the user upgrades the switch firmware from version 1 x x to version 2 x x the value will be retained as hexadecimal value ACLs access rules priority did not work in firmware version 1 x x In firmware version 2 x x the priority is supported and it is not allowed two identical access rules priority from different access profiles If the user down...

Страница 28: ...oaded to the stack or specific device TFTP Download Indicates that the Firmware file is downloaded via a TFTP server Unit Indicates if the Firmware file is downloaded to a specific stacking member or to All stacking members Server IP Address Specifies the TFTP Server IP Address from which files are downloaded File Indicates the Firmware file that is downloaded to the stack or specific device 2 Sel...

Страница 29: ...oted To reboot the system 1 Click System Reboot The System Reboot Page opens Figure 0 6 System Reboot Page The System Reboot Page contains the Select Unit to Reboot field The possible values are Value Description All Reboots all stacking members 01 06 Reboots the specific stack member 2 Define the Select Unit to Reboot field 3 Click The selected unit s is are rebooted 13 ...

Страница 30: ...ckup Evokes backup Cancel Cancels settings Clear Clears selected settings and fields Clear All Clears all settings and fields Delete Deletes selected fields Delete VID Deletes VLAN Identification Download Starts downloading system files Edit Modifies configuration Information Factory Reset Resets the factory defaults Find Finds a table entry System Reboot Reboot the system Refresh Refreshes device...

Страница 31: ...will have access as reader without possibility to change configuration to most of the web pages except the pages that controls the following functionality that will be blocked to user level Update Firmware Modify Delete startup configuration Factory Reset View Add Update Delete User Accounts If the User is trying to modify any configuration by pressing the Apply button the Access Denied page will ...

Страница 32: ...ring and managing system logs defining the system time and configuring SNMP system management This section contains the following topics Viewing Device Information Defining System Information Defining IP Addresses Managing Stacking Defining Ports ARP Settings Configuring User Accounts Managing System Logs Configuring SNTP Configuring SNMP DHCP Relay DHCP Local Relay DHCP Auto Configuration Dual Im...

Страница 33: ...Device Type Displays the factory defined device name and type System Contact Displays the name of the contact person The field range is 0 31 characters System Name Displays the user defined system name The field range is 0 31 characters System Location Displays the location where the system is currently running The field range is 0 31 characters Firmware Version Displays the installed software ver...

Страница 34: ...the device and provides a shortcut to viewing the SSL settings GVRP Setting Indicates if Group VLAN Registration Protocol is enabled Telnet Setting Indicates if Telnet is enabled Jumbo Frame Indicates if Jumbo Frames are enabled on the device and provides a shortcut to viewing the Jumbo Frames settings BPDU Forwarding Indicates if BPDU Forwarding is enabled on the device and provides a shortcut to...

Страница 35: ...e Firmware Version Displays the stacking member s software version number Hardware Version Displays the stacking member s hardware version number System Contact Defines the name of the contact person The field range is 0 160 characters System Name Defines the user defined system name System Location Defines the location where the system is currently running The field range is 0 160 characters Logi...

Страница 36: ... Page contains the following fields Field Description Static When selected the IP address is static and user defined in the IP Address field This is the default value DHCP When selected the IP address is retrieved from a DHCP server IP Address Defines the IP address This field is active if the IP address is static Subnet Mask Defines the address mask that manages sub netting on the network The def...

Страница 37: ... how they are allocated Stacking member start up process This section contains the following topics Allocating Unit IDs Assigning Unit IDs Allocating Unit IDs Switches are shipped from the factory without a Unit ID and in Auto Assign mode All switches must be assigned a Unit ID before switches can operate as stacking members More than one stacking member cannot receive the same Unit ID Unit IDs ar...

Страница 38: ...ster fails or disconnected If the Stack Master fails or disconnected the Backup Master takes over as the Stack Master The Stack Master stores an active configuration which copied on the Backup Master The active configuration copy is used if the Backup Master takes over for the Stack Master Only the configuration file is copied Any dynamically filled tables for example learnt address are not copied...

Страница 39: ... the Backup Master has a Unit ID of 2 if a Backup Master was included in the stack If a Master Enabled stacking member a Unit ID of 1 or 2 is added to a stack and powered on the newly added switch invokes Master Election process The Master Election process occurs even though the stack has an elected master However the newly added switch loses in the election process lower up time and joins the sta...

Страница 40: ...ng member is effectively shut down and does not participate in the stack Stacking members with a conflicting manually set ID are shut down as the Stack Master cannot override the system administrator s Unit ID assignment to resolve the conflict If there are more stacking members than the maximum number allowed in a stack and the incoming stacking members are already in Factory Default mode the Sta...

Страница 41: ...operational with one of the units selected as the Master of the stack The Master and Backup selection is known as Master Election Master Election takes place if there are one or more eligible candidates contending to be the Master unit The Master Unit is indicated by the green Master LED on the front panel The Master LED is located near the Unit ID LEDs If a serial console is connected the serial ...

Страница 42: ...Ds were manually configured while others are self assigned 5 Reboot the stacking members to ensure the Unit ID is permanent Stack Management Examples This section contains information for troubleshooting stacking and includes the following topics Replacing Failed Stacking Members in a Running Stack Replacing a Failed Stack Master Dividing Stacks Merging Stacks Stacking Cable Failure Inserting Exce...

Страница 43: ... stack reverts to the stacking state it was running in before stacking member failed However sometimes the new stacking member is not identical to the failed stacking member The Stack Master applies the configuration as follows If a 24 port switch replaces a failed 48 port switch then the new stacking member s ports are configured according first 24 ports configuration of the failed stacking membe...

Страница 44: ...is divided either by a failed stacking link connected to two stacking members in the stack or by a failed stacking members in a chain topology which causes disconnection between two units in the stack In this case we should consider each sub group as an independent running stack configuration For each sub group we should consider three sub options Both the Stack Master and the Backup Master are pa...

Страница 45: ...rning process Traffic can be halted for a short period until the stack is synchronized i e stacking member and port configuraiton is completed New stacking members are learnt by the Backup Master are notified to the system administrator using SYSLOG messages and SNMP traps The divided stack continues to operate normally the only difference is there are less stacking members than prior to the stack...

Страница 46: ... be two stacking members with the same Unit ID at the process end The Stacking Master that loses the Master election process is shut down if the Unit ID was manually allocated It is recommended that the administrator configure the switch to Auto Assign mode before reconnecting the switch to the stack When two stacks are combined all of the configuration information for one of the stacks is lost Af...

Страница 47: ... Election processes determine the master out of one of two combined stacking groups When switches are added to a running stack the Unit ID Allocation and Duplicate ID Conflict Resolution process detects an error if too many switches are present in the stack and no changes are to stacking members that originally belonged to the group managed by the newly elected master The original switches retain ...

Страница 48: ...it 1 Defines the member with the Unit ID 1 as the Stacking Master if unit ID 2 will be selected unit ID 1 will be reboot and ID 2 will become stack master Unit 2 Defines the member with the Unit ID 2 as the Stacking Master if unit ID 1 will be selected unit ID 2 will be reboot and ID 1 will become stack master Current Stack ID Displays the Stacking Member ID that the new Unit ID will replace after...

Страница 49: ...following fields Field Description Unit Defines the stacking member or LAG for which the port settings are displayed From Port Defines the port number from which the port configuration will apply This field appears only if a unit number is selected in the Unit field From LAG Defines the LAG number from which the port configuration will apply This field appears only if LAG is selected in the Unit f...

Страница 50: ...de 1000M Full Indicates the interface is currently operating at 1000 Mbps and full duplex mode Auto Indicates the interface is automatically configured to the fastest network traffic the interface can manage Flow Control Defines the flow control scheme used for the various port configurations Interface configured for full duplex use 802 3x flow control half duplex interfaces use backpressure flow ...

Страница 51: ...Port Description Page The Port Description Page contains the following fields Field Description Unit Defines the stacking member for which the port settings are displayed From Port Defines the port number from which the port parameters are configured To Port Defines the port number to which the port parameters are configured Description Defines a user defined port description 2 Define the Unit Fro...

Страница 52: ... Aging Time 1 65535 Defines the amount of time in seconds that passes between ARP Table entry requests Following the ARP Entry Age period the entry is deleted from the table The range is 1 65535 The default value is 300 seconds IP Address Defines the station IP address associated with the MAC address MAC Address Defines the station MAC address associated in the ARP table with the IP address Static...

Страница 53: ...t Displays the user access level The possible field values are Admin Assigns the user full administrative access through both the Web Interface and the CLI Operator Assigns the user operator level access which is similar to Admin access except that the operator cannot update the firmware startup configuration user accounts or restore factory reset User Assigns the user read only access through bot...

Страница 54: ...s are defined and the device is updated NOTE You are not required to enter a User Name However if you do not enter a User Name you cannot perform the following actions Create a monitor or operator level 1 or level 14 users until an administrator user level 15 is defined Delete the last administrator user if there are monitor and or operator users defined To edit the User Accounts Page 1 Select a n...

Страница 55: ...ins the following fields Field Description Index Defines syslog host index 1 out of 4 Severity Defines the minimum severity from which warning logs are sent to the server There are two levels warning high and informational low Warning The device is functioning but an operational problem has occurred Informational Provides device information through system logs All Sends system logs for all levels ...

Страница 56: ...DGS 3100 Series Gigabit Stackable Managed Switch User Manual 40 To delete a log entry 4 Select the entry 5 Click The entry is deleted and the device is updated ...

Страница 57: ...Stratum Example Stratum 0 A real time clock such as a GPS system is used as the time source Stratum 1 A server that is directly linked to a Stratum 0 time source is used as the time source Stratum 1 time servers provide primary network time standards Stratum 2 The time source is distanced from the Stratum 1 server over a network path For example a Stratum 2 server receives the time over a network ...

Страница 58: ... system time is retrieved from a SNTP server System Clock Indicates that the system time is set locally by the device Current Time Displays the current date and time SNTP Settings Section Field Description SNTP First Server Defines the IP address of primary SNTP server from which the system time is retrieved SNTP Second Server Defines the IP address of secondary SNTP server from which the system t...

Страница 59: ...ight savings Chile Easter Island from March 9 until October 12 The rest of the country from the first Sunday in March or after March 9 China China does not use daylight saving time Canada From the first Sunday in April until the last Sunday of October Daylight saving times are usually regulated by provincial and territorial governments Exceptions may exist in certain municipalities Cuba From the l...

Страница 60: ...e last weekend of March until the last weekend of October Romania From the last weekend of March until the last weekend of October Russia From the last weekend of March until the last weekend of October Serbia From the last weekend of March until the last weekend of October Slovak Republic From the last weekend of March until the last weekend of October South Africa South Africa does not use dayli...

Страница 61: ...nutes Defines the local DST offset in minutes The default time is 60 minutes The possible field values are 30 Defines the local offset for 30 minutes 60 Defines the local offset for 60 minutes 90 Defines the local offset for 90 minutes 120 Defines the local offset for 120 minutes Time Zone Offset from GMT Indicates the difference between Greenwich Mean Time GMT and local time For example the Time ...

Страница 62: ...ds The field range is January December To time in HH MM Defines the time of day DST ends The field format is Hour Minutes based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 DST Annual Settings Section The Annual Mode enables setting a DST seasonal time adjustment This option requires defining begin and end times by the specific dates For example the network administ...

Страница 63: ...USM parameters are defined for SNMPv3 including Parameters Description Authentication Provides data integrity and data origin authentication Privacy Prevents message content disclosure Cipher Block Chaining CBC is used for encryption Either authentication is enabled on a SNMP message or both authentication and privacy are enabled on an SNMP message However privacy cannot be enabled without authent...

Страница 64: ...ou can globally enable or disable SNMP in the SNMP Global Settings Page 1 Click Configuration SNMP Settings SNMP Global Settings The SNMP Global Settings Page opens Figure 0 12 SNMP Global Settings Page 2 Select either Enabled or Disabled to enable disable SNMP 3 Click The SNMP is enabled ...

Страница 65: ...ew Table Page opens Figure 0 13 SNMP View Table Page The SNMP View Table Page contains the following fields Field Description View Name Defines the view name limited to 30 alphanumeric characters Subtree OID Defines the OID included in or excluded from the selected SNMP view View Type Defines whether the defined OID branch will be included in or excluded from the selected SNMP view 2 Define the Vi...

Страница 66: ...p Table Page The SNMP Group Table Page contains the following fields Field Description Group Name Defines the user defined group name to which access control rules are applied limited to 30 alphanumeric characters Read View Name Defines a Read Only view The Read Only view management access is restricted to read only and changes cannot be made to the assigned SNMP view The possible values are Commu...

Страница 67: ...el for the group Security Level Defines the security level attached to the group Security levels apply to SNMPv3 only The possible field values are NoAuthNoPriv Defines that neither the Authentication nor the Privacy security levels are assigned to the group AuthNoPriv Authenticates SNMP messages and ensures that the SNMP message s origin is authenticated AuthPriv Encrypts SNMP messages 2 Define t...

Страница 68: ...ncryption Defines the SNMPv3 user authentication method The possible field values are None No user authentication is used Password Provides user authentication via the HMAC SHA 96 authentication level password or HMAC MD5 96 password Key Provides user authentication via the HMAC MD5 algorithm or the HMAC SHA 96 authentication level Auth Protocol by Password Selects the authentication password type...

Страница 69: ...orithm key SHA Defines that users are authenticated via a HMAC SHA 96 authentication level key Key Defines the authentication key for authentication MD5 32 or 64 digits SHA 40 or 70 digits Confirm Key Confirms the authentication key for authentication 2 Define the User Name Group Name and SNMP V3 Encryption fields 3 Define the authentication password or authentication key 4 Click The SNMP authenti...

Страница 70: ...y Name Defines advanced SNMP community name limited to 20 alphanumeric characters View Name Defines the group of MIB objects that a remote SNMP manager is allowed to access on the switch Access Rights Defines the access rights of the community The possible field values are Read Only Management access is restricted to read only and changes cannot be made to the community Read Write Management acces...

Страница 71: ...Host Table Page contains information for defining filters that determine whether traps are sent to specific host as well as the trap type sent To define the SNMP Host Table Page 1 Click Configuration SNMP Settings SNMP Host Table The SNMP Host Table Page opens Figure 0 17 SNMP Host Table Page 55 ...

Страница 72: ...el will be sent SNMPV3 Auth NoPriv Indicates that the SNMP version 3 is assigned with an Auth NoPriv security level and traps of that level will be sent SNMPV3 Auth Priv Indicates that the SNMP version 3 is assigned with an Auth Priv security level and traps of that level will be sent Community String SNMPv3 User Name Defines the community string or assigned to the SNMP V3 user 2 Define the Host I...

Страница 73: ...adecimal string Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be separated by a period or a colon The Engine ID must be defined before SNMPv3 is enabled Select a default Engine ID that is comprised of an Enterprise number and the default MAC address Use Default When selected provides the device generated Engine ID The default Engine ID is based on the device MA...

Страница 74: ...lds Field Description SNMP Traps Specifies whether the device can send SNMP notifications The possible field values are Enable Enables SNMP notifications This is the default value Disable Disables SNMP notifications SNMP Authentication Traps Specifies whether the device can send traps upon authentication failure notification Enable Enables the device to send authentication failure notifications Th...

Страница 75: ... to the packets relayed to DHCP server Option 82 specifies the relaying switch s MAC address the port identifier and specifies the VLAN forwarding the packet To define DHCP Relay Server Information 1 Click Configuration DHCP Relay The DHCP Relay Page opens Figure 0 20 DHCP Relay Page The DHCP Relay Page contains the following fields Field Description DHCP Relay Status Specifies whether the DHCP is...

Страница 76: ...on DHCP Local Relay Status Specifies whether DHCP Local Relay is enabled on the device The possible field values are Enabled Enables DHCP Local Relay on the device Disabled Disables DHCP Local Relay on the device This is the default value VID List Specifies on which VLAN DHCP Local Relay is enabled VLAN Name Displays the name of the selected VLAN State Specifies whether DHCP Local Relay is enabled...

Страница 77: ...Series Gigabit Stackable Managed Switch User Manual 5 Click DHCP Local Relay is defined on the selected VLAN and it is displayed in the DHCP Local Relay VID List 6 Repeat steps 4 and 5 for all required VLANs 61 ...

Страница 78: ... on the network and the DHCP server s latest instruction file refers to it the device downloads the file as its new Running Configuration and also saves it as the Startup Configuration If Static IP is present in the configuration file it will be ignored To enable DHCP Auto Configuration 1 Click Configuration DHCP Auto Configuration The DHCP Auto Configuration Page opens Figure 0 22 DHCP Auto Confi...

Страница 79: ... Dual Image Services Config Firmware Image This feature includes two screens Firmware InformationConfig Firmware Image Firmware Information The device contains two software images in its flash memory one is for bootup and the other one is for backup When a software download is successfully completed the new image automatically becomes the active image after the reboot The user can also manually co...

Страница 80: ...e the active image at the next bootup Delete Deletes the selected image The image is deleted immediately Config Firmware Image The Config Firmware Image Page allows users to change each device s image file To change the reboot file 1 Click Configuration Dual Image Services Config Firmware Image The Config Firmware Image Page opens Figure 0 24 Config Firmware Image Page The Config Firmware Image Pa...

Страница 81: ... Description Telnet Setting Defines the Telnet status on the device The possible values are Enabled Enables Telnet Disabled Disables Telnet Display Information Logs Defines the Telnet logging on the device The possible values are Enabled Enables all Telnet logging messages to be displayed Disabled Disables Telnet logging so that only high severity messages are displayed If this is selected logging...

Страница 82: ...based feature is enabled The field format is HH MM The possible field values are HH 00 23 hours in military format MM 00 59 minutes End Time HH MM Specifies the time at which the time based feature is disabled The field format is HH MM The possible field values are HH 00 23 hours in military format MM 00 59 minutes Weekdays Specifies the weekdays for which the time range applies Select All Days Sp...

Страница 83: ...ackable Managed Switch User Manual 1 Click The Time Range Edit Page Time Range Edit Page opens Figure 2 177 Time Range Edit Page 2 Define the Time Range Edit fields 3 Click The time range is modified and the device is updated 67 ...

Страница 84: ...t Settings Page opens Figure 0 188 Serial Port Settings Page The Serial Port Page contains the following fields Field Description Baud Rate Defines the Baud Rate on the device The possible values are 2400 4800 9600 19200 38400 Auto Logout Defines the allowable inactivity length before the device automatically logs out The possible values are Never 2 min 5 min 10 min 15 min 2 Select the appropriate...

Страница 85: ...iguring L2 Features This section contains the following topics Enabling Jumbo Frames Configuring VLANs Configuring GVRP Defining Trunking Traffic Segmentation Configuring LACP Defining IGMP Snooping Defining MLD Snooping Configuring Port Mirroring Configuring Spanning Tree Defining Forwarding and Filtering Configuring LLDP Configuring Voice VLAN ...

Страница 86: ...e Jumbo Frames on the device 1 Click L2 Features Jumbo Frame The Jumbo Frame Page opens Figure 0 1 Jumbo Frame Page The Jumbo Frame Page contains the following field Field Description Jumbo Frame Defines whether Jumbo Frames are enabled on the device The possible field values are Enabled Enables Jumbo Frames on the device Disabled Disables Jumbo Frames on the device This is the default value 2 Sel...

Страница 87: ... is 8 1 This means that the highest priority queue Queue 3 clears eight packets for every one packet cleared from Queue 0 It is important that the priority queue settings on the switch are for all ports and all devices connected to the switch are affected The priority queuing system is especially beneficial for networks that employ priority tag assignment capable switches VLAN Description A Virtua...

Страница 88: ... 802 1Q VLANs only deliver packets between stations that are members of the VLAN Any port can be configured as either tagged or untagged The untagging feature of IEEE 802 1Q VLANs allows VLANs to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLANs to span multiple 802 1Q compliant switches through a single physical connection and allows Spann...

Страница 89: ...s so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLANs can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the pac...

Страница 90: ...ut it can have as many VIDs that the switch s memory storage capacity has in its VLAN table to store them As some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted Should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the tra...

Страница 91: ...resses are flooded to all ports Broadcast and multicast packets are also flooded to all ports An example is presented in this table VLAN Name VID Switch Ports System default 1 5 6 7 8 21 22 23 24 Engineering 2 9 10 11 12 Marketing 3 13 14 15 16 Finance 4 17 18 19 20 Sales 5 1 2 3 4 Table 0 1 VLAN Example Assigned Ports VLAN and Trunk Groups Trunk Groups LAGs can be added as member to a VLAN simila...

Страница 92: ...ges is 1 32 characters Untag VLAN Ports Defines the interface is an untagged VLAN member Packets forwarded by the interface are untagged Tag VLAN Ports Defines the interface is a tagged member of a VLAN All packets forwarded by the interface are tagged The packets contain VLAN information Forbidden VLAN Ports Defines the interface VLAN membership even if GVRP indicates the port is to be added NOTE...

Страница 93: ...e are tagged The packets contain VLAN information Forbidden Port Defines the interface VLAN membership even if GVRP indicates the port is to be added Not Member Indicates that the interface is not a member of the VLAN Port Select All Selects all ports and either untags tags excludes or removes the VLAN membership 3 Define the VID VLAN Name and port related fields 4 Select the Tagged Untagged and F...

Страница 94: ...erio Port 1 connect to Server port 1 port 3 port 9 and port 17 are untagged ports PC3 PC4 are in the same VLAN 3 port 1 is a untagged member of VLAN 2 and VLAN 3 untagged member overlap Then the server can talk with VLAN 2 VLAN 3 PC3 and PC4 can talk to the server and to each other PC2 can talk to the Server VLAN 2 can t communicate with VLAN3 In this example port 1 need to be untagged member in V...

Страница 95: ...whether Asymmetric VLAN is enabled on the device The possible field values are Enabled Enables Asymmetric VLAN on the device Disabled Disables Asymmetric VLAN on the device This is the default value 2 Select Enabled Disabled in the Asymmetric VLAN Status field 3 Select Enable in the DLF Filtering see Defining DLF Filtering 4 Click The Asymmetric VLAN option is enabled and the device is updated 79 ...

Страница 96: ... operate successfully GARP VLAN Registration Protocol GVRP is specifically provided for automatic distribution of VLAN membership information between VLAN aware bridges GVRP allows VLAN aware bridges to automatically learn VLANs to bridge port mapping without requiring the individual configuration of each bridge and register VLAN membership To define GVRP on the device 1 Click L2 Features GVRP Set...

Страница 97: ... value Ingress Defines whether Ingress filtering is enabled on the device The possible field values are Enabled Enables Ingress filtering on the device Ingress filtering compares an incoming VID tag packet with the PVID number assigned to the port If the PVIDs vary the port drops the packet This is the default value Disabled Disables Ingress filtering on the device Acceptable Frame Type Defines th...

Страница 98: ... trunk is as follows Layer 2 MAC source and destination addresses Layer 3 IP source and destination addresses Layer 2 and layer 3 can be used either separately or together as needed A hash function based on the above criteria is calculated and saved in the packet descriptor The egress process uses this hash function to select the specific trunk group member as the egress destination link The hash ...

Страница 99: ...the device Ports Displays the ports which are included in the LAG 2 Select a stacking unit in the Unit field 3 Select the Load Balance to use 4 Define the Group ID and Type fields 5 Check the ports to be added to the LAG The port numbers are displayed in the Ports field 6 Click The LAG settings are saved and the device is updated Notes about Trunking on the DGS 3100 Series DGS 3100 series supports...

Страница 100: ...ce The Uplink ports can not be added to a LAG The Port Lock option is disabled on both ports Port Mirroring is disabled on both ports The pass through functionality applies to all VLANs that were not created on the switch for example if only VLAN 1 is defined on the switch VLANs 2 4094 will pass traffic between the Uplink ports In the example below the user defined VLAN Trunking ports Uplinks are ...

Страница 101: ...les VLAN Trunking Settings on the device This is the default value Unit Defines the stacking member s Unit ID for which VLAN Trunking parameters are displayed Uplink Ports Displays the Uplink ports which are included in the VLAN Trunking Ports Displays the ports which are included in VLAN Trunking 2 Enable VLAN Trunking 3 Select a stacking unit in the Unit field 4 Check the ports to be added to th...

Страница 102: ... Description Source Ports The port s from which the traffic is forwarded by the forwarding port s Unit or LAG The stacking member s Unit ID and LAGs on which the source port is located Port The source port number Forwarding Ports The port s from which the traffic from the source port is transmitted Unit or LAG The stacking member s Unit ID and LAGs on which the forwarding port is located Port The ...

Страница 103: ...Defines the stacking member s Unit ID for which LACP parameters are displayed From Port Defines the first port number that is displayed to which timeout and priority values are assigned To Port Defines the last port number that is displayed to which timeout and priority values are assigned Port Priority 1 65535 Displays the LACP priority value for the port The field range is 1 65535 Timeout Define...

Страница 104: ...eatures IGMP Snooping The IGMP Snooping Page opens Figure 0 15 IGMP Snooping Page The IGMP Snooping Page contains the following fields Field Description IGMP Snooping Enables or disables IGMP Snooping Bridge Multicast Filtering must first be enabled in order to enable IGMP Snooping The possible field values are Enabled Enables IGMP Snooping on the device Disabled Disables IGMP Snooping on the devi...

Страница 105: ...N Disable Disables IGMP Snooping on the VLAN This is the default value Querier State Indicates if an IGMP Querier is enabled on the VLAN The possible field values are Enabled An IGMP Querier is enabled on the VLAN Disabled An IGMP Querier is disabled on the VLAN This is the default value Querier Version Indicates the IGMP Querier version on the VLAN The possible field values are IGMPv2 and IGMPv3 ...

Страница 106: ...is 1 16711450 seconds State Indicates if IGMP snooping is enabled on the VLAN The possible field values are Enable Enables IGMP Snooping on the VLAN Disable Disables IGMP Snooping on the VLAN Querier State Defines the IGMP Querier status on the VLAN The possible field values are Enabled Enables an IGMP Querier on the VLAN Disabled Disables an IGMP Querier on the VLAN Querier Version Defines the IG...

Страница 107: ...cility allows a switch to determine the following Where on which ports stations interested in joining a specific multicast group are located Where on which ports multicast routers sending multicast frames are located This knowledge is used to exclude irrelevant ports ports for which no stations have registered to receive a specific multicast group from the forwarding set of an incoming multicast f...

Страница 108: ... Specifies the time interval in seconds after which a port is removed from a Multicast Group Ports are removed if a Multicast group MLD report was not received from a Multicast port within the defined Host Timeout period The possible field range is 60 16711450 seconds The default timeout is 260 seconds Router Timeout Specifies the time interval in seconds the Multicast router waits to receive a me...

Страница 109: ...1450 seconds The default timeout is 10 seconds Host Timeout 60 16711450 sec Defines the time interval in seconds after which a port is removed from a Multicast Group Ports are removed if a Multicast group MLD report was not received from a Multicast port within the defined Host Timeout period The possible field range is 60 16711450 seconds The default timeout is 260 seconds Router Timeout 1 167114...

Страница 110: ... in the selected unit learned as dynamic router ports Ports Displays the unit port numbers defined as dynamic router ports Forbidden Router Ports Defines the port numbers in the selected unit to be added as forbidden router ports Ports Displays the unit port numbers defined as forbidden router ports 3 Define the Done Timer Host Timeout Router Timeout State Static Dynamic and Forbidden Router Ports...

Страница 111: ...py of all traffic passing through a designated source port All ports can be designated as source ports In order to activate Port Mirroring the target port must belong to the default VLAN 1 Click L2 Features Port Mirroring The Port Mirroring Page opens Figure 0 19 Port Mirroring Page The Port Mirroring Page contains the following fields Field Description Status Enables or disables target port setti...

Страница 112: ... transmitting ports None Defines that port mirroring is not applied to the ports 2 Define the Status Unit and Target fields 3 Click to activate the Port Mirroring function 4 Define the Unit Tx and Rx fields under Source Port Setting 5 Click to capture the configured Source Ports in order to display them in the Source Port Setting table ...

Страница 113: ...Version Description Classic STP Provides a single path between end stations preventing loops from occurring Rapid STP Detects and uses network topologies that provide faster convergence of the spanning tree without creating forwarding loops Multiple STP Provides various load balancing scenarios For example if port A is blocked in one STP instance the same port can be placed in Forwarding State in ...

Страница 114: ...TP configuration again The STP Bridge Global Settings Page contains parameters for enabling STP on the device 1 Click L2 Features Spanning Tree STP Bridge Global Settings The STP Bridge Global Settings Page opens Figure 0 20 STP Bridge Global Settings Page The STP Bridge Global Settings Page contains the following fields Field Description STP Status Enable or disables STP globally on the switch Th...

Страница 115: ...issions of BPDU packets sent by the Root Bridge to indicate to all other switches that it is indeed the Root Bridge The default value is 2 Bridge Forward Delay 4 30 Defines the time any port on the switch is in the listening state while moving from the blocking state to learning state and then to the forwarding state The default value is 15 Max Hops 1 20 Specifies the total number of hops that occ...

Страница 116: ...locks redundant links within an STP Group It is advisable to define an STP Group to correspond to a VLAN group of ports 1 Click L2 Features Spanning Tree STP Port Settings The STP Port Settings Page opens Figure 0 21 STP Port Settings Page The STP Port Settings Page contains the following fields Field Description Unit Indicates the stacking member for which the STP port settings are displayed From...

Страница 117: ...warding is enabled on the port if STP is disabled Global BPDU filtering functions according to the device wide setting see STP Bridge Global Settings Page P2P Indicates whether the P2P of selected port is enabled The possible field values are True Indicates a point to point P2P link P2P ports transition to a forwarding state rapidly thus benefiting from RSTP False Indicates that the port cannot ha...

Страница 118: ...Tree MST Configuration Identification The MST Configuration Identification Page opens Figure 0 22 MST Configuration Identification Page The MST Configuration Identification Page contains the following fields Field Description Configuration Name A configured name set on the switch to uniquely identify the MSTI multiple spanning tree instance If a configuration name is not set this field shows the M...

Страница 119: ...ick L2 Features Spanning Tree MSTP Port Information The MSTI Config Information Page opens Figure 0 23 MSTI Config Information Page The MSTI Config Information Page contains the following fields Field Description Unit Defines the unit to find Port Defines the Port to find Instance ID Lists the MSTP instances configured on the device Possible field range is 0 7 Internal Path Cost Indicates the port...

Страница 120: ...to provide to STP paths The possible field values are Enabled Enables the port for the specific instance Root Provides the lowest cost path to forward packets to the root device Designated Indicates the port or LAG through which the designated device is attached to the LAN Alternate Provides an alternate path to the root device from the root interface Backup Provides a backup path to the designate...

Страница 121: ...atures Forward Filtering Unicast Forwarding The Unicast Forwarding Page opens Figure 0 24 Unicast Forwarding Page The Unicast Forwarding Page contains the following fields Field Description Aging Time Defines the aging time of a Unicast packet If the packet is not forwarded after this interval it is discarded Aging time is a global FDB database setting VID Defines the VLAN ID MAC Address Defines t...

Страница 122: ...AGs tables Ports can be added either to existing groups or to new Multicast service groups The Multicast Forwarding Page permits new Multicast service groups to be created The Multicast Forwarding Page also assigns ports to a specific Multicast service address group 1 Click L2 Features Forward Filtering Multicast Forwarding The Multicast Forwarding Page opens Figure 0 25 Multicast Forwarding Page ...

Страница 123: ...tings 1 Click The default settings are restored 2 To edit a VID entry 3 Select the entry 4 Click 5 Define the fields 6 Click The entry is deleted and the device is updated To delete a VID entry 1 Select the entry 2 Click Defining Multicast Filtering The Multicast Filtering Mode Page displays the port filtering mode for unregistered Multicast groups Ports can filter or forward unregistered Multicas...

Страница 124: ...he default mode 2 Define the Unit and Filtering Mode fields 3 Select either All or specify a port LAG range in the From Port From LAG and To Port To LAG fields 4 Click The Multicast filtering settings are applied to the ports LAGs and the device is updated Defining DLF Filtering The Destination Lookup Failure DLF filtering mode allows the user to define egress filtering for unknown unicast packets...

Страница 125: ...ecutive sequence of ports or LAGs All Specifies that the filtering mode applies to all ports or LAGs Filtering Mode Defines the DLF filtering mode for unregistered Multicast groups The possible field values are Filter DLF Packets Prevents DLF Packets flooding Forward DLF Packets Floods DLF packets within the network This is the default mode 2 Define the Unit and Filtering Mode fields 3 Select eith...

Страница 126: ...cket The multiple advertisement sets are sent in the packet Type Length Value TLV field LLDP devices must support chassis and port ID advertisement as well as system name system ID system description and system capability advertisements This section contains information for configuring LLDP parameters and includes the following topics Defining LLDP Global Settings Defining LLDP Port Settings Defin...

Страница 127: ... 10 The default is 4 LLDP TX Delay Defines the time delay in seconds between successive LLDP frame transmissions initiated by value or status changes The possible field values are 1 8192 seconds The default is 2 seconds LLDP Reinit Delay Defines the time interval in seconds before reinitializing an LLDP transmission after LLDP is disabled The possible field values are 1 10 seconds The default is 2...

Страница 128: ... Status Specifies the LLDP transmission mode on the port The possible field values are TX Enables transmitting LLDP packets only RX Enables receiving LLDP packets only TX and RX Enables transmitting and receiving LLDP packets This is the default Disabled Disables LLDP on the port Subtype Defines the address subtype For example Always IPv4 Action Specifies whether the management address is advertis...

Страница 129: ...s last port in a consecutive sequence of ports Port Description Specifies whether the Port Description TLV is enabled on the port The possible field values are Enabled Enables the Port Description TLV on the port Disabled Disables the Port Description TLV on the port System Name Specifies whether the System Name TLV is enabled on the port The possible field values are Enabled Enables the System Na...

Страница 130: ...TLVS Setting The LLDP Dot3 TLVS Setting Page opens Figure 0 31 LLDP Dot3 TLVS Setting Page The LLDP Dot3 TLVS Setting Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP dot3 TLV port settings are defined From Port Defines the first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports MAC PHY Con...

Страница 131: ...pens Figure 0 32 LLDP Local Port Brief Page The LLDP Local Port Brief Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP local port information is displayed Port Indicates the port number Port ID Subtype Displays the port ID subtype Port ID Displays the port ID Unit number Port number Port Description Displays the port description 2 Click The...

Страница 132: ...h User Manual 116 Figure 0 33 LLDP Local Port Normal Page 3 To view the detailed MAC PHY Configuration Status for the port click Show Detail The LLDP Local Misc Detail Information Page is displayed Figure 0 34 LLDP Local Misc Detail Information Page ...

Страница 133: ...Medium Attachment Unit MAU type The MAU performs physical layer functions including digital data conversion from the Ethernet interfaces collision detection and bit injection into the network For example 100BASE TX full duplex mode Viewing LLDP Remote Port Information The LLDP Remote Port Brief Page displays LLDP remote neighbor port information 1 Click L2 Features LLDP LLDP Remote Port Brief The ...

Страница 134: ...ype For example IPv4 address Port ID Displays the port ID Unit number Port number of the port transmitting the LLDP frame Port Description Displays the port description 2 Click The LLDP Remote Port Normal Page is displayed Figure 0 36 LLDP Remote Port Normal Page 3 To view the detailed Management Address information for the entry click Show Detail The LLDP Management Address Detail Information Pag...

Страница 135: ...escription Port Indicates the port number Address Subtype Displays the managed address subtype For example MAC or IPv4 Address Displays the managed address Interface Subtype Displays the port subtype 4 Click to return to the LLDP Remote Port Normal Page 5 To view the detailed MAC PHY Configuration Status information for the entry click Show Detail The LLDP Remote Misc Detail Information Page is di...

Страница 136: ...sc Detail Information Page 6 Click to return the LLDP Remote Port Normal Page 7 To view the detailed information for unknown TLVs for the entry click Show Detail The LLDP Remote Unknown TLVs Detailed Information Page is displayed Figure 0 39 LLDP Remote Unknown TLVs Detailed Information Page ...

Страница 137: ...TLVs Detailed Information Page contains the following fields Field Description Port Indicates the port number Entry Indicates the entry number Unknown TLV Type Indicates the unknown TLV type field Unknown TLV Information Bytes Displays the unknown TLV information bytes in hexadecimal format ...

Страница 138: ...ed for all communications If the IP phone s VLAN mode is disabled the phone uses untagged packets The phone uses untagged packets while retrieving the initial IP address through DHCP The phone eventually uses the Voice VLAN and begins sending tagged packets This section contains the following topics Defining Voice VLAN Global Settings Defining Voice VLAN Port Settings Defining OUIs Defining Voice ...

Страница 139: ...AC Address is aged out from the Dynamic MAC Address table The default time is for this is 300 seconds 2 To configure Voice VLAN Global Settings select Create in the Voice VLAN Setting field select a VID enter a VLAN Name 3 To configure the 802 1p Priority select the priority in the 802 1p Priority field and enable or disable Remark 802 1p Priority 4 To configure Voice VLAN Aging define the Voice V...

Страница 140: ...Disables port security on the Voice VLAN Membership Indicates whether the Voice VLAN member is a static or dynamic member Dynamic indicates that the VLAN membership was dynamically created when a packet with Voice VLAN OUI was captured by the device Static indicates that the VLAN membership is user defined An indicates that the port is not a member of the Voice VLAN This is only used when Voice VL...

Страница 141: ...e devices Description Provides a description of the OUI of up to 32 characters 2 To configure a new OUI entry enter the OUI and a description and click The OUI will be added to the list and the device is updated The following OUIs are pre defined OUI Entry Description 00 01 e3 Siemens AG phone 00 03 6b Cisco phone 00 09 6e Avaya phone 00 0f e2 Huawei 3Com phone 00 60 b9 Philips and NEC AG phone 00...

Страница 142: ... the network Circumstances can arise where it is advantageous to group two or more different tagged packets into the same queue Generally however it is recommended that the highest priority queue Queue 1 be reserved for the data packets with a priority value of 7 1 Classes not Queues should be used when explaining traffic handling techniques 2 The ratio is Class0 Class1 Class2 Class3 1 2 4 8 A Wei...

Страница 143: ... us say a user wishes to have a video conference between two remotely set computers The administrator can add priority tags to the video packets being sent out utilizing the Access Profile commands Then on the receiving end the administrator instructs the Switch to examine packets for this tag acquires the tagged packets and maps them to a class queue on the Switch Then in turn the administrator w...

Страница 144: ...ber of packets sent from each priority queue depends upon the assigned weight For weighted round robin queuing if each CoS queue has the same weight value then each CoS queue has an equal opportunity to send packets just like round robin queuing For weighted round robin queuing if the weight for a CoS is set to 0 then it will stop processing the packets from this CoS The other CoS queues that have...

Страница 145: ...ndwidth limitation is assigned to the port The field value options are Enabled Ensures no bandwidth limitations on the port This is the default value Disabled Enables ingress bandwidth limitations on the port When disabled user can enter a limit value in the RX Rate field RX Rate 3500 1000000 kbps Specifies the maximum ingress rate on the port The possible field range is 3500 1000000 Kbps TX No Li...

Страница 146: ...DGS 3100 Series Gigabit Stackable Managed Switch User Manual 130 2 Define the Unit From Port To Port No Limit and Ingress Rate fields 3 Click The bandwidth settings are defined and the device is updated ...

Страница 147: ... Control Settings Page The Traffic Control Settings Page contains the following fields Field Description Traffic Trap Settings Defines whether to send out a trap when a Traffic Storm occurs The possible field values are None Do not send out traps when a Traffic Storm occurs Storm Occurred Send out traps SNMP and Syslog when a Traffic Storm occurs These traps are sent only on ports on which the act...

Страница 148: ...e this port Time Interval 5 30 The time in seconds that the port counts the incoming traffic rate in accordance to the storm control type Threshold 3500 1000000 Indicates the maximum rate kilobits per second at which storm packets are forwarded The range is 3500 1 000 000 The default value is 3 500 2 Define the Unit From Port To Port Storm Control Type State and Threshold fields 3 Click The storm ...

Страница 149: ...ge The 802 1P Default Priority Page contains the following fields Field Description Unit Defines the stacking member for which the port packet priorities are displayed From Port Defines the starting port for which the port packet priorities are defined To Port Defines the ending port to which the port packet priorities are defined Priority Defines the priority assigned to the port The field range ...

Страница 150: ...iority 4 5 is assigned to Q2 Priority 6 7 is assigned to Q3 This is the highest priority queue To map priority to queues 1 Click QoS 802 1p User Priority The 802 1P User Priority Page opens Figure 4 5 802 1P User Priority Page The 802 1P User Priority Page contains the following fields Field Description Priority Indicates the packet priority that is assigned to the queue Class ID Defines the class...

Страница 151: ...ld values are Strict Specifies whether traffic scheduling is based strictly on the queue priority Traffic with the highest Class of Service is the first traffic That is the highest class of service will finish before other queues empty Round Robin Assigns WRR weights to queues This field is enabled only for queues in WRR queue mode If a queue is set to 0 weight the queue is not operational and is ...

Страница 152: ... DSCP User Priority Page opens Figure 4 7 DSCP User Priority Page The DSCP User Priority Page contains the following fields Parameter Description DSCP In Displays the incoming packet s DSCP value Queue Specifies the traffic forwarding queue to which the DSCP priority is mapped Four traffic priority queues are supported Restore Defaults Restores the Switch factory defaults for mapping DSCP values t...

Страница 153: ...les the utilization of existing ACL rules to perform traffic classification and the other to the ACL Configuration Wizard which enables network administrators to create new ACL traffic classification rules To define CoS QoS settings 1 Click QoS Multi Layer CoS Settings The Multi Layer CoS Setting Page opens Figure 4 8 Multi Layer CoS Setting Page The Multi Layer CoS Setting Page contains the follo...

Страница 154: ...iguring device security including user accounts Configuring Safeguard Engine Configuring Trust Host Configuring Port Security Configuring Guest VLANs Configuring Port Authentication 802 1X Defining EAP Forwarding Settings Configuring Secure Socket Layer Security Configuring Secure Shell Security Defining Application Authentication Settings ...

Страница 155: ...tains the following field Field Description Safeguard Engine Indicates if the safeguard engine is enabled on the device The possible field values are Enabled Enables the safeguard engine on the device This is the default value Disabled Disables the safeguard engine on the device Rising Threshold 20 100 Indicates the rising CPU Utilization thresholds enabling Safegard The possible field range is be...

Страница 156: ...usted Host Page contains the following fields Field Description IP Address 1 30 Defines the management station IP address from which the device can be managed Network Mask 1 30 Defines the management station IP Subnet Mask from which the device can be managed Telnet If selected permits Telnet access to be used for management access to the device SNMP If selected permits SNMP access to be used for ...

Страница 157: ...nual 2 Define the IP 1 30 Address fields and Subnet Mask to define the remote management stations 3 Click The management stations are defined and the device is updated 4 To remove a station from the Trusted Hosts list clear the IP Address field and click 141 ...

Страница 158: ... can provide various options Unauthorized packets arriving at a locked port are either Discarded with no trap Discarded with a trap Locked port security also enables storing a list of MAC addresses in the configuration file The MAC address list can be restored after the device has been reset To define port security 1 Click Security Port Security The Port Security Page opens Figure 5 3 Port Securit...

Страница 159: ...eset Deletes the current dynamic MAC addresses associated with the port Learn up to the maximum addresses allowed on the port this number is also configurable Aging is disabled the addresses are deleted on reset Delete on Timeout Deletes the current dynamic MAC addresses associated with the port The port learns up to the maximum addresses allowed on the port Re learned MAC addresses and address ag...

Страница 160: ...ns Figure 5 4 Guest VLAN Page The Guest VLAN Page contains the following fields Field Description VID Defines the VLAN ID on which the Guest VLAN is created VLAN Name Defines the user defined VLAN name assigned to the guest VLAN Unit Defines the stacking member for which the Guest VLAN parameters are displayed Port Defines the ports included in the Guest VLAN 2 Define the VLAN ID in the VID field ...

Страница 161: ... system services Authentication Server Specifies the server that performs the authentication on behalf of the authenticator and indicates whether the supplicant is authorized to access system services The Authentication Server is a remote device connected to the Client network and Authenticator The Authentication Server must have RADIUS Server application enabled and configured Clients connected t...

Страница 162: ...uests are resent to the supplicant The field value is in seconds The field default is 30 seconds ServerTimeout 1 65535 sec Defines the amount of time that lapses before the device re sends a request to the authentication server The field value is specified in seconds The field default is 30 seconds MaxReq 1 10 times Displays the total amount of EAP requests sent If a response is not received after...

Страница 163: ... the last port for which the 802 1X parameters are defined Mode Indicates the 802 1X mode enabled on the device The possible field values are Port Base Enables 802 1X on ports This is the default value MAC Base Enables 802 1xon MAC addresses Dynamic VLAN Assignment Indicates if Dynamic VLAN Assignment is enabled on the device The possible field values are Enabled Enables Dynamic VLAN Assignment on...

Страница 164: ...uests are resent to the supplicant The field value is in seconds The field default is 30 seconds ServerTimeout 1 65535 sec Defines the amount of time that lapses before the device re sends a request to the authentication server The field value is specified in seconds The field default is 30 seconds MaxReq 1 10 times Displays the total amount of EAP requests sent If a response is not received after...

Страница 165: ...ned From Port Indicates the first port for which the 802 1X parameters are defined To Port Indicates the last port for which the 802 1X parameters are defined Mode Indicates the 802 1X mode enabled on the device The possible field values are Port Base Enables 802 1X on ports This is the default value MAC Base Enables 802 1X on MAC addresses 2 Enable or disable the 802 1X status in the 802 1X field...

Страница 166: ... operatons required to configure MAC Authentication in DGS 3100 series 1 In order to configure a guest VLAN the user is required to create a VLAN first in the following example the user creates VLAN 100 via click L2 Features 802 1Q VLAN The 802 1Q VLAN page opens 2 Assign ports to the Guest VLAN via click Security Guest VLAN and according to the following example ...

Страница 167: ...ne via click Security 802 1X Authentic RADIUS Server page according to the example below 4 Click Security 802 1X 802 1X Setting page first 802 1x should be enabled globally and in the port level 802 1x Control should be configured as ForceAuthorized 5 The second step on Security 802 1X 802 1X Setting page will be configuration of the required ports as MAC Based authentication opposite to Port Base...

Страница 168: ...gabit Stackable Managed Switch User Manual 152 6 The last step on Security 802 1X 802 1X Setting page should be setting the port control to Auto this will complete the setting of MAC Authentication for the required ports ...

Страница 169: ... server to configure Network managers use up to 3 RADIUS servers for port authentication The possible field values are First Indicates the RADIUS parameters are defined for the first RADIUS server Second Indicates the RADIUS parameters are defined for the second RADIUS server Third Indicates the RADIUS parameters are defined for the third RADIUS server RADIUS Server Defines the RADIUS server IP ad...

Страница 170: ...field 4 Define the authentication port in the Authentic Port field 5 Define the accounting port in the Accounting Port field 6 Define the authentication and encryption key in the Key field 7 Reenter the RADIUS Key in the Confirm Key field 8 Click To edit the Radius Server list click adjacent to the required listed server The upper fields display the current values which then can be edited To delet...

Страница 171: ...urity 802 1X Forwarding EAP The Forwarding EAP Page opens Figure 0 7 Forwarding EAP Page The Forwarding EAP Page contains the following field Field Description Forwarding EAP Specifies whether forwarding of EAP packets is enabled on the device The possible field values are Enabled Enables forwarding of EAP packets Disabled Disables forwarding of EAP packets This is the default 2 Define the EAP pac...

Страница 172: ...encrypt messages and need to be consistent between client and host for optimal use CBC Block Ciphers Cipher Block Chaining CBC links encrypted text blocks The Switch supports the 3DES EDE encryption code defined by the Data Encryption Standard DES to create the encrypted text Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function which will determine a Mess...

Страница 173: ...5 Combines the RSA key exchange stream cipher RC4 encryption with 128 bit keys and the MD5 Hash Algorithm RSA with 3DES EDE CBC SHA This ciphersuite combines the RSA key exchange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm RSA EXPORT with RC4 40 MD5 This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption with 40 bit keys Status Indicates if the se...

Страница 174: ...s window in the Administration folder This is identical to creating any other admin level User Account on the Switch including specifying a password This password is used to logon to the Switch once a secure communication path has been established using the SSH protocol Configure the User Account to use a specified authorization method to identify users that are allowed to establish SSH connection...

Страница 175: ...h for Message Authentication Code HMAC Digital Signature Algorithm DSA encryption algorithm Data Integrity Algorithm Validates message authentication information transmitted between two parties which share the same key The following Data Integrity Algorithms are supported HMAC SHA Supports the Hash for Message Authentication Code HMAC Secure Hash Algorithm SHA mechanism HMAC MD5 Supports the Hash ...

Страница 176: ... SSH User Authentication on the device Disable Disables Publickey SSH User Authentication on the device Disable is the default value Public Key Algorithm Displays the currently enabled Public Key Algorithms Data Integrity Algorithm Displays the currently enabled Data Integrity Algorithms Encryption Algorithm Displays the currently enabled Encryption Algorithms 2 Enable or disable the public key st...

Страница 177: ...thod or Enable Method lists are defined The possible field values are Console Indicates that Authentication profiles are used to authenticate console users Telnet Indicates that Authentication profiles are used to authenticate Telnet users Secure Telnet SSH Indicates that Authentication profiles are used to authenticate Secure Shell SSH users SSH provides clients secure and encrypted remote connec...

Страница 178: ...DGS 3100 Series Gigabit Stackable Managed Switch User Manual 162 4 Click The Application Authentication settings are defined and the device is updated ...

Страница 179: ...Description IP Address Defines the IP address of the RADIUS or TACACS server authenticating network users Protocol Indicates the authentication protocol used to authenticate network users The possible field values are RADIUS Indicates that network users are authenticated via a RADIUS server TACACS Indicates that network users are authenticated via a TACACS server Key Defines the key used to authen...

Страница 180: ...t IP Address on the list The Authentication Server settings are defined and the device is updated Defining Login Methods Network users must first login to the device on the Login Method Lists Page Access as non administrative users is granted To configure the device as a Network Administrator the user must also log on to the device on the Enable Method Lists Page User authentication occurs in the ...

Страница 181: ... the third method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 4 Indicates the fourth method used to aut...

Страница 182: ...lected method is used For example if the selected authentication method is RADIUS Local and the RADIUS server is not available the user is authenticated locally To define authentication methods 1 Click Security Access Authentication Control Enable Method Lists The Enable Method Lists Page opens Figure 5 14 Enable Method Lists Page The Enable Method Lists Page contains the following fields Field De...

Страница 183: ...evel The device checks the user name and password for authentication Method 4 Indicates the fourth method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the us...

Страница 184: ... The Configure Local Enable Password Page contains the following fields Field Description Old Local Enable Password Provide the current network Enable password New Local Enable Password Defines the new network Enable password The field range is 1 15 characters Confirm Local Enable Password Confirms the new network Enable password 2 Enter the old local enable password In the Old Local Enable Passwo...

Страница 185: ...parameters Up to 240 entries can be defined To define ARP Spoofing Prevention 1 Click Security Arp Spoofing Prevention The Arp Spoofing Prevention Page opens Figure 5 16 Arp Spoofing Prevention Page The Arp Spoofing Prevention Page contains the following fields Field Description IP Address Specifies IP addresses included in ARP Binding Lists that are checked against ARP requests MAC address Specif...

Страница 186: ...DGS 3100 Series Gigabit Stackable Managed Switch User Manual 170 Field Description ARP requests 2 Click The device is updated with the ARP Spoofing Prevention configuration ...

Страница 187: ...t Errors Cable Diagnostics Viewing Stacking Information Viewing CPU Utilization Viewing Port Utilization Viewing Packet Size Information Viewing Received Packet Statistics Viewing RADIUS Authenticated Session Statistics Viewing ARP Table Viewing MLD Router Ports Viewing Router Ports Viewing Session Table Viewing IGMP Group Information Viewing MLD Group Information Defining Dynamic and Static MAC A...

Страница 188: ...ormation in the Tree View The Stacking Information Page opens Figure 6 1 Stacking Information Page The Stacking Information Page contains the following fields Field Description Master ID Displays the Stacking Master Unit ID number unit ID 1 or 2 Backup ID Displays the Backup Master Unit ID number unit ID 1 or 2 Box ID Displays the Unit ID numbers assigned to the stacking members Runtime version In...

Страница 189: ...utilization by percentage Time Interval Defines the 1 60 second time intervals in which the usage samples are taken as follows 1 2 3 4 5 10 20 30 40 50 60 Record Number Defines the record number Show Hide Displays the CPU utilization information The possible fields are Utilization checked Utilization information is enabled This is the default value Utilization unchecked Utilization information is ...

Страница 190: ... number Utilization Displays current CPU utilization by percentage Time Interval Defines the 1 60 second time intervals in which the usage samples are taken as follows 1 2 3 4 5 10 20 30 40 50 60 Record Number Defines the record number Show Hide Displays the CPU utilization information The possible fields are Utilization checked Utilization information is enabled This is the default value Utilizat...

Страница 191: ...Port Defines the port number Packet Size Analysis Selected Port Number Displays current packet size for ports Time Interval Displays the time intervals at which the packet samples are taken The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Displays the packet size record number Show Hide Displays or hides packets size The following packet length ranges can be displa...

Страница 192: ...ed Bytes Indicates the total number of bytes that were received on the port Packets Indicates the total number of packets that were received on the port Time Interval Indicates the time interval for which the received packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number Show Hide Displays the bytes packets r...

Страница 193: ...Unicast packets received and transmitted through the device Multicast Indicates the number of Multicast packets received and transmitted through the device Broadcast Indicates the number of Broadcast packets received and transmitted through the device Time Interval Indicates the time interval for which the UMB_cast packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s a...

Страница 194: ...llowing fields Field Description Unit Indicates the stacking member ID for which the transmitted packets parameters are displayed Port Indicates the port for which the transmitted packets parameters are displayed Bytes Indicates the total number of bytes that were transmitted through the port Packets Indicates the total number of packets that were transmitted through the port Time Interval Indicat...

Страница 195: ...nit and Port fields 3 Click to load the defined parameters 4 To clear the Unit and Port fields 5 Click The fields are cleared 6 Define the Time Interval and Record Number fields 7 Click The transmitted packet graph is updated 8 To view the graph as a table click View Table 179 ...

Страница 196: ... Interval Indicates the how often the RADIUS authentication session information is updated The various time intervals are 15 30 60 no refresh Server Displays the RADIUS server IP address UDP Port Displays the UDP port through which the RADIUS session was initiated Timeouts Indicates the number of session timeouts that occurred during the authentication session Requests Indicates the amount of time...

Страница 197: ...or which the ARP mappings are defined IP Address Defines the station IP address which is associated with the MAC address Total Entries Displays current ARP table entries detailing the user defined interface name IP address MAC address and type dynamic or static of each entry MAC Address Displays the MAC address associated with the IP address Type Indicates how the MAC was assigned The possible val...

Страница 198: ...ge opens Figure 0 10 Browse MLD Router Port Page The Browse MLD Router Port Page contains the following fields Field Description VID Indicates the VLAN identification Unit Indicates the stacking member for which the router ports information is displaying Port Indicates the port for which the router port settings are displayed Ports have the following settings S Indicates a statically configured po...

Страница 199: ...Figure 0 11 Browse Router Port Page The Browse Router Port Page contains the following fields Field Description VID Indicates the VLAN identification Unit Indicates the stacking member for which the router ports information is displaying Port Indicates the port for which the router port settings are displayed Ports have the following settings S Indicates a static port D Indicates a dynamic port F ...

Страница 200: ...se Session Table The Browse Session Table Page opens Figure 6 12 Browse Session Table Page The Browse Session Table Page contains the following fields Field Description ID Displays the browse session table entry From Indicates the type of interface from which the system session was initiated User Privilege Indicates the user privileged assigned to the user who imitated the system session Name Disp...

Страница 201: ...13 IGMP Snooping Group Page The IGMP Snooping Group Page contains the following fields Field Description VID Defines the VLAN ID for the IGMP Snooping Group VLAN Name Defines the VLAN name VLAN Name Displays the currently selected user defined VLAN name Multicast Group Displays the IP address assigned to the Multicast group MAC Address Displays the MAC address assigned to the Multicast group Port ...

Страница 202: ...114 MLD Snooping Group Page The MLD Snooping Group Page contains the following fields Field Description VID Defines the VLAN ID for the MLD Snooping Group VLAN Name Defines the VLAN name VLAN Name Displays the currently selected user defined VLAN name Multicast Group Displays the IP address assigned to the Multicast group MAC Address Displays the MAC address assigned to the Multicast group Port Di...

Страница 203: ...od is erased To prevent static MAC addresses from being deleted when the device is reset ensure that the port attached to the MAC address is locked 1 Click Monitoring MAC Address Table The MAC Address Table Page opens Figure 6 15 MAC Address Table Page The MAC Address Table Page contains the following fields Field Description Unit Displays the Stacking member Unit 1 for which the MAC address param...

Страница 204: ...er Manual 188 4 Click To view all entries click To clear static entries click To clear dynamic entries click To clear all entries click The MAC Address Table updates and displays total entries To scroll down the table click To scroll up the table click ...

Страница 205: ...gure 6 16 System Log Page The System Log Page contains the following fields Field Description ID Displays the system log table entry Time Displays the time in days hours and minutes the log was entered in the Switch History Log Table Log Description Displays a description event recorded in the System Log Page Severity The following are the available log severity levels Warning The lowest level of ...

Страница 206: ...feiting network integrity To enable Green Ethernet 1 Click Monitoring Green Ethernet The Green Ethernet Page opens Figure 0 12 Green Ethernet Page The Green Ethernet Page contains the following fields Field Description Power Consumption Displays the device power consumption The power consumption is displayed in percentage as well as in Watts Cumulative Energy saved Displays the cumulative power co...

Страница 207: ...ns the following fields Field Description Unit Indicates the stacking member for which the device environment is displayed Side Fan Status Displays the side fan status The possible values are OK Indicates the fan is operating normally Fail Indicates the fan is not operating normally N A Indicates a fan is not installed on the device Temperature The current temperature of the device Each device typ...

Страница 208: ...rror counters are displayed Time Interval Indicates the time interval for which packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number CRCError Displays the number of packets received whose length excluding framing bits but including FCS octets was between 64 and 1518 octets inclusive but had either a bad Fram...

Страница 209: ...FCS octets and had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Drop Displays the number of events in which packets were dropped by the probe due to lack of resources Note that this number is not necessarily the number of packets dropped it is just the number of times that this condition was dete...

Страница 210: ...m is busy LateColl ber of times that a collision is detected later than one time slot into the Displays the num transmission of a packet ExColl mes for which transmission fails due to excessive collisions Displays the number of fra SingColl uently Displays the number of frames that are involved in a single collision and are subseq transmitted successfully MultColl ames that are involved in more th...

Страница 211: ...agnostics 1 Click Monitoring Cable Diagnostics The Cable Diagnostics Page opens Figure 6 16 Cable Diagnostics Page The Cable Diagnostics Page contains the following fields Fields Description Unit Defines the stacking member for which the port settings are displayed From Port Defines the port number from which the diagnostics will apply To Port Defines the port number to which ports the diagnostics...

Страница 212: ...tackable Managed Switch User Manual 196 2 Ensure that both ends of the copper cable are connected to a device 3 Define the Unit From Port and To Ports fields 4 Click The diagnostic tests are carried out and the list is updated ...

Страница 213: ...plications IP Phones Wireless Access Points IP Gateways Audio and Video Remote Monitoring Powered Devices are devices that receive power from the device power supplies for example IP phones Powered Devices are connected to the device via Ethernet ports Guard Band protects the device from exceeding the maximum power level For example if 400W is the maximum power level and the Guard Band is 20W if t...

Страница 214: ...E is enabled on the ports This is the default value Disabled PoE is disabled on the ports Power Limit Defines whether a Power Limit will be set This enables saving power when the PoE devices are typically not in use The possible field values are Unchecked The Power Limit Time Range is disabled on the ports This is the default value Checked The Power Limit Time Range is enabled on the ports Time Ra...

Страница 215: ...abit Stackable Managed Switch User Manual 2 Define the Unit From Port To Port and PoE Enable fields 3 Define the Power Limit and Time Range Name fields 4 Click The PoE Port Settings are saved and the device is updated 199 ...

Страница 216: ...tion Unit Defines the unit number System Power Threshold Indicates the power in Watts consumed before an alarm is generated The possible field values are 50W Indicates 50 watts 100W Indicates 100 watts 170W Indicates 170 watts Disconnect Method Defines the method used to deny power to a port once the threshold is reached The possible fields are Deny next port Denies power to the next port that mak...

Страница 217: ...er admitted denied or subject to Quality of Service action For example a network administrator defines an ACL rule that states port number 20 can receive TCP packets however if a UDP packet is received the packet is dropped Access Profiles and Access Rules that are made of the filters determine traffic classifications This section cotains the following topics Methods for Defining Access Control Li...

Страница 218: ...eates both Access Profiles and their rules After the system creates an Access Profile and an Access Rule it binds it to a port LAG or a group of ports LAG Each operation via the Wizard can create either a MAC based ACL or IP based ACL The user cannot combine both types of ACLs in the same operation This feature is described below ACL Profile List This feature is used to manually create profiles an...

Страница 219: ... from this MAC address IPv4 Addresses Indicates ACL action will be on packets from this IPv4 source address IPv6 Addresses Indicates ACL action will be on packets from this IPv6 source address To Defines the destination of accessible packets The possible values are Any Indicates ACL action will take placed for packets with any destination MAC Address Indicates ACL action will take place for packet...

Страница 220: ...r ACL criteria is met Rate Limiting Rate limiting is activated if all other ACL criteria is met Change 1p Priority VPT CoS value is changed if all other ACL criteria is met Replace DSCP Reassigns a new DSCP value to the packet if all other ACL criteria are met Ports Defines ports to be configured An example of possible values is 1 1 1 4 6 and 2 6 Time Range Specifies whether the configured ACL is ...

Страница 221: ...d define how packets are forwarded if they match the ACL criteria 1 Click ACL Access Profile List The ACL Profile List Page opens Figure 0 2 ACL Profile List Page The ACL Profile List Page contains the following fields Field Description Profile ID Displays the profile Identification number Profile Summary Displays the access rule 2 To display an ACL s profile details click The ACL profile details ...

Страница 222: ...fies ICMP as the Layer 4 protocol that the access profile checks IGMP Specifies IGMP as the Layer 4 protocol that the access profile checks TCP Specifies TCP as the Layer 4 protocol that the access profile checks UDP Specifies UDP as the Layer 4 protocol that the access profile checks L3 IPv6 ACL Defines the IPv6 ACL profile Layer 3 IPv6 protocols The possible fields are ICMP Specifies ICMP as the...

Страница 223: ...witch User Manual Defining Layer 2 ACL If L2 ACL Tagged is selected the page updates as follows Figure 0 4 ACL Profile L2 ACL Tagged Page If L2 ACL Untagged is selected the page updates as follows Figure 0 5 ACL Profile L2 ACL Untagged Page 207 ...

Страница 224: ...sk FF FF FF FF FF 00 Destination MAC Mask Defines the range of destination addresses relative to the ACL rules 0 ignore 1 check For example to set 00 00 00 00 10 XX use mask FF FF FF FF FF 00 2 Select Source MAC Mask and or Destination MAC Mask The Mask Generate button is active 3 Enter a MAC mask in the box adjacent to the Mask Generate button Alternatively click The Generate Mask by range fields...

Страница 225: ...ld as an essential field to match VLAN VID Sets the VLAN VID field as an essential field to match 2 Define the 802 1p and VLAN VID fields 3 Click The ACL profile is added and the device is updated To define L2 Ether Type ACL profile This option defines whether or not the Ether Type field is checked for a match 1 Click the Ether Type button The 8 ACL Profile L2 ACL Tagged Ether Type Page updates to...

Страница 226: ... or several filtering masks can be selected simultaneously The page updates with the relevant field s Defining Layer 3 IPv4 ACL Layer 3 IPv4 ACLs can be defined using the following filtering criteria ICMP IGMP TCP UDP The following sections describe each of these filtering options ICMP Filtering To define ICMP filtering select the ICMP option If L3IPv4 ACL ICMP is selected the page updates as foll...

Страница 227: ...CP field is checked for a match 1 Click the IPv4 Class button The ACL Profile L3 Ipv4 ACL ICMP Class Page updates to show the following Figure 0 6 ACL Profile L3 Ipv4 ACL ICMP Class Page 2 Click The ACL profile is added and the device is updated To define L3 IPv4 Address ACL profile This option defines whether or not the address field is checked for a match 1 Click the IPv4 Address button The ACL ...

Страница 228: ...stination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 176 212 XX XX use mask 255 255 0 0 2 Select Source IP Mask and or Destination IP Mask The Mask Generate button is active 3 Enter an IP mask in the box adjacent to the Mask Generate button 4 Alternatively click The Generate Mask by range fields appear 5 Enter an IP address range into the Generate Mask by range fiel...

Страница 229: ...ype Sets the ICMP Type field as an essential field to match ICMP Code Sets the ICMP code field as an essential field to match 2 Select the ICMP Type and or ICMP Code fields 3 Click The ACL profile is added and the device is updated IGMP Filtering To define IGMP filtering select the IGMP option To define L3 IPv4 IGMP ACL profile 1 Select IGMP The ACL Profile L3 IPv4 IGMP Page updates as follows 213...

Страница 230: ...he IGMP button The ACL Profile L3 IPv4 IGMP Selected Page updates to show the following Figure 0 10 ACL Profile L3 IPv4 IGMP Selected Page 3 Click The ACL profile is added and the device is updated TCP Filtering To define TCP filtering select the TCP option If L3 IPv4 ACL TCP is selected the page updates as follows ...

Страница 231: ...ort Page The ACL Profile L3 Ipv4 TCP Port Page contains the following fields Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of FFF0 Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of FFF0 2 Select Source Po...

Страница 232: ...Click The ACL profile is added and the device is updated To define L3 IPv4 TCP Flag ACL Profile This option defines whether or not the TCP Flag field is checked for a match 1 Click the TCP Flag button The ACL Profile L3 Ipv4 TCP Flag Page updates to show the following Figure 0 13 ACL Profile L3 Ipv4 TCP Flag Page 2 Click The ACL profile is added and the device is updated UDP Filtering To define UD...

Страница 233: ...P Port Page The ACL Profile L3 IPv4 UDP Port Page contains the following fields Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of F Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of F 2 Select Source Port ...

Страница 234: ...ering masks can be selected simultaneously The page updates with the relevant field s Defining Layer 3 IPv6 ACL Layer 3 IPv6 ACLs can be defined using the following filtering criteria ICMP TCP UDP The following sections describe each of these filtering options ICMP Filtering If L3 IPv6 ACL ICMP is selected the page updates as follows Figure 0 16 Add L3 IPv6 ACL Profile Page To define L3 IPv6 Class...

Страница 235: ...v4 ACL ICMP Address Page updates to show the following Figure 0 18 ACL Profile L3 IPv6 ACL ICMP Address Page The ACL Profile L3 IPv4 ACL ICMP Address Page contains the following fields Field Description Source IP Prefix Defines the range of source IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 2002 0 0 0 0 0 b0d4 0 use mask 128 Destination IP Prefix Defines the range of...

Страница 236: ...ask is generated 6 Click The ACL profile is added and the device is updated To define L3 IPv6 ICMP ACL profile 1 Click the ICMP button The ACL Profile L3 IPv4 ACL ICMP Page updates to show the following Figure 0 19 ACL Profile L3 IPv6 ACL ICMP Page The ACL Profile L3 IPv4 ACL ICMP Page contains the following fields Field Description ICMP Type Sets the ICMP Type field as an essential field to match...

Страница 237: ...ort Page The ACL Profile L3 Ipv4 TCP Port Page contains the following fields Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of FFF0 Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of FFF0 2 Select Source Po...

Страница 238: ...The mask is generated 6 Click The ACL profile is added and the device is updated To define L3 IPv6TCP Flag ACL Profile This option defines whether or not the TCP Flag field is checked for a match 1 Click the TCP Flag button The ACL Profile L3 Ipv4 TCP Flag Page updates to show the following Figure 0 22 ACL Profile L3 IPv6 TCP Flag Page 2 Click The ACL profile is added and the device is updated UDP...

Страница 239: ...P Port Page The ACL Profile L3 IPv4 UDP Port Page contains the following fields Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of F Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of F 2 Select Source Port ...

Страница 240: ...both profiles and apply it on the same port s LAG s Now you have both an IPv4 based ACL and MAC based ACL on the port s LAG s NOTE Adding rules to specific profile generates a unique Access ID in the range 1 240 When the user adds a rule to different profiles he cannot use the same Access ID for different rules Adding Access Rules The following conditions can be defined as Access Rules Filter Desc...

Страница 241: ... 3100 Series Gigabit Stackable Managed Switch User Manual Figure 0 25 Access Profile List Page 1 Select a profile and click The Access Rule List Page opens Figure 0 26 Add Access Rule Page IP based ACL 225 ...

Страница 242: ...4 IPv6 Address Defines the address on which the rule is defined TCP Source Port Displays The TCP Source Port TCP Flag Mask Indicates if TCP flag mask is active Access ID Defines the Access ID Type Displays the profile type IP based TCP Flag Defines the indicated TCP flag that can be triggered Source Port Displays the TCP source port Ports Defines the ports or LAGs on which the access profile will ...

Страница 243: ...ess rule is time based Range Name Selects the user defined time range name to apply to the access rule 3 Define the Rule Detail fields 4 Click The rule is changed and the device is updated NOTE Each Access Profile must create rules with unique Access IDs Access IDs cannot overlap in two different Access Profiles 227 ...

Страница 244: ...for the search Ports Indicates the ports or LAGs for which rules are sought Profile ID Indicates the Profile ID Access ID Indicates the ACL rule ID number Profile Type Indicates if the profile is IP or Ethernet Summary Displays the access rule Action Displays the action chosen for the profile 2 Define the Profile ID and Ports fields 3 Click The ACL rule is displayed To delete an ACL Profile entry ...

Страница 245: ...ject to action Source MAC Address Matches the source MAC address to which packets will be subject to action Ether Type Defines the code type used Ports Indicates the ports or LAGs for which rules are sought Action Defines the action for the profile The possible fields are Permit Forwards packets if all other ACL criteria are met Deny Drops packets if all other ACL criteria is met Rate Limiting Rat...

Страница 246: ...DGS 3100 Series Gigabit Stackable Managed Switch User Manual 230 2 Define the Rule Detail fields 3 Click The rule is defined and the device is update ...

Страница 247: ...s 31 40 this is another unique set of rules and the count of additional rules will be 2 Totally in the system we will use 6 rules out of the available 240 Example 2 Assume that Access IDs 1 2 3 4 are bound to ports 1 10 this is a unique set of rules and the count of rules in this case is 4 Assume that Access IDs 4 5 6 are bound to ports 11 20 this is another unique set of rules and the count of ad...

Страница 248: ... about cable connections Stations are connected to the device ports through the physical interface ports on the front panel whereas devices are connected to create stacking by connecting the HDMI interface ports located on back panel The following pin connectors are described Pin Connections for the 10 100 1000 Ethernet Interface Pin Connections for the HDMI Connector ...

Страница 249: ...ed with standard RJ 45 Ether straight or crossed cables The following figure illustrates the pin allocation Figure A 1 RJ 45 Pin Allocation RJ 45 Ports Pinout The following table describes the pin allocation of the RJ 45 and the console ports PIN SIGNAL NAME 1 TxRx 1 2 TxRx 1 3 TxRx 2 4 TxRx 2 5 TxRx 3 6 TxRx 3 7 TxRx 4 8 TxRx 4 Table 2 RJ 45 Pin Assignments 233 ...

Страница 250: ...HDMI Pin Allocation HDMI Ports Pinout The following table describes the pin allocation of the HDMI connector PIN SIGNAL NAME PIN SIGNAL NAME 1 TMDS Data 2 11 TMDS Clock Shield 2 TMDS Data 2 Shield 12 TMDS Clock 3 TMDS Data 2 13 CEC 4 TMDS Data 1 14 No Connect 5 TMDS Data 1 Shield 15 DDC Clock 6 TMDS Data 1 16 DDC Data 7 TMDS Data 0 17 Ground 8 TMDS Data 0 Shield 18 5V Power 9 TMDS Data 0 19 Hot Pl...

Страница 251: ...CRIPTION SYSLG6 4 0 Critical 1 s SYSLG8 16 10 Critical No memory 1 SYSLG8 16 11 Critical No memory 2 SYSLG8 16 16 Critical web No free connection at the moment wait one minute and retry Currently there is no free connection available Wait one minute and retry SYSLG8 16 17 Critical System No free memory No free memory available SYSLG8 16 18 Critical System No free UDP port The system must be restar...

Страница 252: ...tical Up Download Illegal file type Illegal file type SYSLG8 16 9 Critical Up Download Duplication of file name A file name is duplicated SYSLG8 47 35 Critical IP Select master IP failed on ifIndex 1 j Selected master IP failed on the specified ifIndex SYSLG8 47 37 Critical IP Primary IP address could not be obtained Primary IP address could not be obtained SYSLG8 47 8 Critical Table is empty The ...

Страница 253: ... invalid The Auto update process is aborted SYSLG1 0 61 Error AAA Can t restore factory defaults during auto update operation The system could not restore the factory defaults during the auto update operation SYSLG1 5 21 Error Stack Lost connection with unit 1 d reason 0x 2 x Unit will be rebooted Connection with the specified unit has been lost due to the specified reason The unit will be reboote...

Страница 254: ...mming process failed because it is not valid any more SYSLG7 0 121 Error System Memory overflow There has been a memory overflow SYSLG7 0 130 Error FDB No free mac address There is no free MAC address SYSLG7 0 78 Error SNMP Port 1 j doesn t accept administrative parameter 2 s The specified administrative parameter is not accepted SYSLG7 0 79 Error Interface Port 1 j doesn t support 2 s parameter T...

Страница 255: ... occurred during initialization The specified errors occurred during the initialization process SYSLG8 31 12 Error AAA Authentication failed for 1 s source 2 s SYSLG8 31 29 Error AAA Radius returned attribute error The RADIUS has found an erroneous attribute SYSLG8 31 30 Error SNMP Unknown variable Unknown code or status is encountered SYSLG8 31 31 Error AAA User name received empty string The use...

Страница 256: ...an entry into Hash SYSLG8 5 162 Error System Cannot delete entry from Hash Cannot delete an entry from Hash SYSLG8 5 180 Error System GCLIP_mib2cli_analyze_ command Cannot insert entry to Hash Cannot insert an entry to Hash SYSLG8 5 181 Error SNMP Length is limited by 160 characters The field length is limited by 160 characters SYSLG8 56 3 Error Interface Failed to set default priority Failed to s...

Страница 257: ...ocess encountered memory problems while extracting the specified file SYSLG8 75 21 Error 1 s SYSLG8 75 3 Error IP SVNZIP found CRC Error extracting file 1 s SVNZIP found a CRC error while extracting the specified file SYSLG8 75 33 Error Web PGPRCS Found no end tag between two tags No end tag encountered between two tags SYSLG8 75 4 Error IP Can t get hostname A hostname cannot be received SYSLG8 7...

Страница 258: ... on port 2 d Could not open a socket on the specified port The socket will be opened on the second specified port SYSLG8 75 70 Error Web GOAHEADG Received HTTP header request exceeded allowed size Received an HTTP header request to exceeded allowed size SYSLG8 75 71 Error Web GOAHEADG Couldn t find web service struct entry Could not find a web service struct entry SYSLG8 75 72 Error Web GOAHEADG C...

Страница 259: ... 3 d Size 4 d Unfreed block 5 s SYSLG8 86 29 Error SNMP Package 1 s Routine 2 d Location 3 d Error 4 s SYSLG8 86 3 Error SNMP Not enough space for instance id of variable 1 lu of trap 2 lu There is not enough space for the instance ID of the specified variable of the specified trap SYSLG8 86 7 Error SNMPCOMMG_StoreInit ialCommunityEntry no free community entry available No free community entry is ...

Страница 260: ...e PSE power used by the specified unit is below the threshold SYSLG1 5 23 Information al Interface Unit 1 d was shutdown JUMBO frames not supported The specified unit is shutdown because Jumbo frames are not supported SYSLG1 5 24 Information al Stack Master switchover unit 1 d is now master The specified unit is now the Master unit SYSLG1 5 25 Information al Stack Backup master unit 1 d was remove...

Страница 261: ...ate A new file can be downloaded from a TFTP server The message appears when this procedure starts SYSLG6 0 3 Information al Up Download Boot image download completed The Boot image download is completed successfully The system supports the boot image update A new file can be downloaded from a TFTP server The message appears when this procedure is completed successfully SYSLG6 1 1 Information al P...

Страница 262: ... SYSLG7 5 68 Information al VLAN 1 j changed from Dynamic to Static A dynamically configured VLAN was deleted from the list of dynamic VLANs and was then added to the statically configured VLANs during a GVRP protocol operation SYSLG7 5 69 Information al VLAN 1 j changed from Static to Dynamic A statically configured VLAN was deleted from the list of static VLANs and was then added to the dynamica...

Страница 263: ... NVRAM section only All data from all user sections can be deleted from NVRAM then NVRAM is set to default values SYSLG8 26 5 Information al NVRAM section 1 s is erased The system supports a few NVRAM users Each user can access its NVRAM section only A given user section can be erased from NVRAM SYSLG8 26 7 Information al System Initialization task is completed The system informs that tasks are cr...

Страница 264: ...tion 5 s 4 y TERMINATED The Telnet SSH session may still be connected The CLI session for the specified user between the specified source and destination addresses is terminated The Telnet SSH session may still be connected SYSLG8 31 64 Information al AAA User CLI session for user 2 s over 1 s source 3 y destination 5 s 4 y ACCEPTED The CLI session for the specified user between the specified sour...

Страница 265: ...stackable projects only See the relevant trap message as in the case when the specified stack member operating in the standalone mode issues it SYSLG8 63 6 Information al Stack UNIT ID 1 d Trap 2 s Valid for stackable projects only See the relevant trap message as in the case when the specified stack member operating in the standalone mode issues it SYSLG8 74 51 Information al Interface Interface ...

Страница 266: ...Up Download Configuration Download has been completed The configuration file download process has been successfully completed SYSLG8 95 9 Information al Up Download Configuration Upload has been started The configuration file upload process has started SYSLG8 96 8 Information al Starting autogeneration of self signed certificate 1 u bits SYSLG8 96 9 Information al AAA Autogeneration of self signed...

Страница 267: ...rmation al Stack Stack cable 1 s link 2 s on unit 3 d The specified stacking cable is connected to the specified unit SYSLG1 6 11 Information al PS 1 d status changed 2 s The system uses two power supply sources 1 and 2 The system can operate with one or both power supply units The power supply has changed SYSLG1 6 8 Information al System FAN 1 d status changed 2 s The specified fan status has cha...

Страница 268: ...ation al 1x Port 1 j is Authorized The specified port is authorized SYSLG7 13 26 Information al 1x MAC 1 m is authorized on port 2 j The specified MAC is authorized on the specified port SYSLG7 15 0 Information al Security Port 1 s suspended by Loopback Detection The specified port is suspended by Loopback Detection SYSLG7 2 0 Information al Interface Port 1 j added to 2 j A physical port is added...

Страница 269: ...located memory for key The system did not provide sufficient memory for the key SYSLG8 10 37 Information al bootup The device has been configured via BOOTP The device has been configured via BOOTP SYSLG8 10 38 Information al DHCP The device has been configured on interface 1 j IP 2 y mask 3 y DHCP server 4 y The device has been configured on the specified interface with the specified IP address an...

Страница 270: ...Information al AAA User created successfully A new user is created in the current table of authenticated users SYSLG8 31 11 Information al AAA Authentication succeeded Authentication with the current method succeeded SYSLG8 31 3 Information al AAA Request for authentication The user authentication process is started SYSLG8 31 40 Information al AAA New 1 s connection for user 2 s source 5 s 3 y des...

Страница 271: ... Attention port 1 j from which the bpdu was received is configured as Fast Port A received BPDU message indicates that the specified port is configured as the Fast port SYSLG8 49 11 Information al sshpClientId illegal connection id 1 d SYSLG8 49 14 Information al Security Closed SSH connection to 1 y SYSLG8 49 2 Information al SSH SSH log 1 s The string parameter describes the reason this message ...

Страница 272: ...specified unit has failed SYSLG8 83 3 Information al Stack Synchronization with unit 1 d is finished successfully Synchronization with the specified unit has succeeded SYSLG8 83 4 Information al Stack Wrong source unit id 1 d message discarted The specified source unit ID is incorrect the message is discarded SYSLG8 84 0 Information al IP NTP Packet received from UDP The NTP packet is received fro...

Страница 273: ...SYSLG8 89 2 Notice SNMP End conversion of old format CDB The conversion of old format CDB has finished SYSLG8 9 10 Notice Interface Type 1 u not supported The specified type is not supported SYSLG8 9 12 Notice Illegal chksum igmp_size 1 lu SYSLG7 14 0 Notice LLDP status 1 s SYSLG8 1 0 Notice Bad msg received from 1 y on intf 2 y SYSLG8 1 1 Notice Ignoring msg from 1 y on intf 2 y SYSLG8 105 1 Noti...

Страница 274: ...ch requires authorization and which is disabled for multiple hosts SYSLG5 3 10 Warning Interface Sum of the committed BW on interface 1 d is more than port speed all the services applied to it will scaled down The sum of the committed BW on the specified interface d is more than port speed all the services applied to it will scaled down SYSLG5 3 12 Warning Security Service 1 d is partially active ...

Страница 275: ...rate with one or both power supply units SYSLG7 0 161 Warning 1 s 2 s SYSLG7 0 2 Warning 1 s 2 s SYSLG7 0 3 Warning 1 s 2 s SYSLG7 0 4 Warning 1 s 2 s SYSLG7 0 5 Warning 1 s 2 s SYSLG7 0 6 Warning 1 s 2 s SYSLG7 0 7 Warning 1 s 2 s SYSLG7 0 8 Warning 1 s 2 s SYSLG7 0 9 Warning 1 s 2 s SYSLG7 10 8 Warning Security failed to allocate rules in Asic for ifIndex 1 d Failed to allocate ASIC rules in a s...

Страница 276: ...e not on the same subnet Error in the BOOTP server configuration where the IP interface and default router are not on the same subnet SYSLG8 10 21 Warning bootup BOOTP msg indicates that IP interface and TFTP server are not on the same subnet Error in the BOOTP server configuration where the IP interface and TFTP server are not on the same subnet SYSLG8 10 22 Warning DHCP DHCP msg on interface 1 j...

Страница 277: ...hange required A Privacy key change is required SYSLG8 10 34 Warning AAA Privacy Key change length 1 u does not fit privacy protocol The modified Privacy Key length does not fit the privacy protocol SYSLG8 10 35 Warning AAA Authentication password required An authentication key is received but not configured SYSLG8 10 36 Warning SSH Privacy password required A Privacy password change is required S...

Страница 278: ...thentication method is unsupported SYSLG8 31 37 Warning AAA Unsupported arguments for adding received in authorization RESPONSE msg 1 s Received a message indicating the additional authentication argument is not supported SYSLG8 31 38 Warning AAA Unsupported arguments for replacement received in authorization RESPONSE msg 1 s Received a message indicating the replacement authentication argument is...

Страница 279: ...cket received on interface 1 s 2 j from 3 y to 4 y protocol 5 d service 6 s A Management ACL drop packet is received on the specified interface SYSLG8 48 35 Warning STP 1 j STP status Blocking STP status is in Blocking mode SYSLG8 48 36 Warning STP 1 j STP status Forwarding STP status is in Forwarding mode SYSLG8 48 37 Warning STP 1 j of instance 2 d STP status Blocking For the specified instance ...

Страница 280: ...MP router table is full SYSLG8 51 10 Warning FDB IGMP Snooping in version 3 received version 1 query msg Version 3 IGMP Snooping received a Version 1 query message SYSLG8 51 11 Warning FDB IGMP Snooping in version 3 received version 2 query msg Version 3 IGMP Snooping received a Version 2 query message SYSLG8 51 39 Warning FDB BIGMPP_indication warning Unknown value of frame type received for igmp...

Страница 281: ...6 Warning SSH Packet RX on virtual interface 1 s area 2 s type 3 s 4 s Key IDs do not match keys are expired or some other key configuration problems SYSLG8 74 60 Warning SSH Packet RX on virtual interface 1 s area 2 s type 3 s 4 s Key IDs do not match keys are expired or some other key configuration problems SYSLG8 74 65 Warning AAA Packet TX from interface 1 s md5 auth key not found Md5 keys are...

Страница 282: ...eived from the specified server SYSLG8 78 2 Warning AAA No TACACS server is configured cannot start authentication No TACACS server is configured so authentication cannot be performed SYSLG8 78 23 Warning AAA Connection to server 1 s is aborted Single Connection mode may not be supported by this server A connection attempt to a specified server is terminated Single connection mode is not supported...

Страница 283: ... Access attempted by unauthorized NMS Access attempted by an unauthorized NMS SYSLG8 86 9 Warning Up Download Error encountered while downloading config 1 s An error occurred while downloading the specified configuration SYSLG8 89 8 Warning SNMP Overflow in CDB There is an overflow in CDB SYSLG8 89 9 Warning SNMP Overflow in startup CDB offset 1 lu file end 2 lu SYSLG8 9 11 Warning FDB Timer alloc...

Страница 284: ... is authorize and multiple host disable A packet with a specified MAC address attempted to gain access through a port which requires authorization and which is disabled for multiple hosts SYSLG5 3 10 Warning Interface Sum of the committed BW on interface 1 d is more than port speed all the services applied to it will scaled down The sum of the committed BW on the specified interface d is more than...

Страница 285: ...rning Power Power Supply 1 d is down The specified power supply is down The system uses two power supply sources 1 and 2 The system can operate with one or both power supply units SYSLG7 0 161 Warning 1 s 2 s SYSLG7 0 2 Warning 1 s 2 s SYSLG7 0 3 Warning 1 s 2 s SYSLG7 0 4 Warning 1 s 2 s SYSLG7 0 5 Warning 1 s 2 s SYSLG7 0 6 Warning 1 s 2 s SYSLG7 0 7 Warning 1 s 2 s SYSLG7 0 8 Warning 1 s 2 s SY...

Страница 286: ...client received an illegal IP address in the DHCP message SYSLG8 10 20 Warning bootup BOOTP msg indicates that IP interface and default router are not on the same subnet Error in the BOOTP server configuration where the IP interface and default router are not on the same subnet SYSLG8 10 21 Warning bootup BOOTP msg indicates that IP interface and TFTP server are not on the same subnet Error in the...

Страница 287: ... via BOOTP DHCP client not allowed A Privacy key change via BOOTP DHCP client not allowed SYSLG8 10 33 Warning SSH Privacy key change required A Privacy key change is required SYSLG8 10 34 Warning AAA Privacy Key change length 1 u does not fit privacy protocol The modified Privacy Key length does not fit the privacy protocol SYSLG8 10 35 Warning AAA Authentication password required An authenticati...

Страница 288: ...ause of AAA low resources SYSLG8 31 36 Warning AAA Received unsupported authentication REPLY msg status 1 u server msg 2 s Received a message indicating that authentication method is unsupported SYSLG8 31 37 Warning AAA Unsupported arguments for adding received in authorization RESPONSE msg 1 s Received a message indicating the additional authentication argument is not supported SYSLG8 31 38 Warni...

Страница 289: ...ration has failed SYSLG8 45 9 Warning Up Download The configuration file has failed to download The configuration file has failed to download SYSLG8 46 10 Warning Security Management ACL drop packet received on interface 1 s 2 j from 3 y to 4 y protocol 5 d service 6 s A Management ACL drop packet is received on the specified interface SYSLG8 48 35 Warning STP 1 j STP status Blocking STP status is...

Страница 290: ... number of multicast entries is limited SYSLG8 51 0 Warning FDB IGMP group table overflow The IGMP group table is full SYSLG8 51 1 Warning FDB IGMP router table overflow The IGMP router table is full SYSLG8 51 10 Warning FDB IGMP Snooping in version 3 received version 1 query msg Version 3 IGMP Snooping received a Version 1 query message SYSLG8 51 11 Warning FDB IGMP Snooping in version 3 received...

Страница 291: ...s the specified number of bytes SYSLG8 74 55 Warning Interface Packet RX on interface 1 s from 2 s type 3 s 4 s Packets corrupted and or network problems SYSLG8 74 56 Warning SSH Packet RX on virtual interface 1 s area 2 s type 3 s 4 s Key IDs do not match keys are expired or some other key configuration problems SYSLG8 74 60 Warning SSH Packet RX on virtual interface 1 s area 2 s type 3 s 4 s Key...

Страница 292: ...specified TACACS server has failed SYSLG8 78 18 Warning IP Unexpected TCP msg was received from server 1 s Unexpected TCP message was received from the specified server SYSLG8 78 2 Warning AAA No TACACS server is configured cannot start authentication No TACACS server is configured so authentication cannot be performed SYSLG8 78 23 Warning AAA Connection to server 1 s is aborted Single Connection ...

Страница 293: ...s full SYSLG8 86 0 Warning Up Download Configuration update of unit 1 lu failed Reason 2 s The specified unit configuration update failed SYSLG8 86 4 Warning SNMP Access attempted by unauthorized NMS Access attempted by an unauthorized NMS SYSLG8 86 9 Warning Up Download Error encountered while downloading config 1 s An error occurred while downloading the specified configuration SYSLG8 89 8 Warni...

Страница 294: ... Configuration file upload has been aborted SYSLG8 95 1 Warning Up Download Configuration download has been aborted Configuration file download has been aborted SYSLG8 95 6 Warning 1 s SYSLG8 96 7 Warning Unknown certificate subject field SYSLG8 98 6 Warning System Bad OS status Bad OS status SYSLG8 98 7 Warning FDB Reached Maximum number of IGMP memberships The IGMP database is full No entry can ...

Страница 295: ...le when there is a direct connection to the console port of the device It is necessary for the user needs to attach a terminal or PC with terminal emulation to the console port of the switch 5 Power on the switch After the boot image is loaded to 100 the Switch will allow 2 seconds for the user to press the hotkey Shift 6 to enter the Password Recovery Mode Once the Switch enters the Password Reco...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды