D-Link DUA-2000 Скачать руководство пользователя страница 36 | Manualshive

Страница: 36 / 95

background image

D-Link DUA-2000 Policy Manager User Manual

31

8.

Policy & Object

Policy Rule

Rule

The Policy Rule links all of the different configuration elements that are used to authenticate
a user or device. It is based on the User Group, Device Type, Location Profile and Schedule
Profile and references the Authentication Database configured in the Identity Domain. If it is
not possible to authenticate a user or device, then they are denied access by the Wireless
Controller. If it is possible to authenticate a user or device, then the Authorization Profile is
returned to the Wireless Controller.

NOTE:

It is not possible to deny access to a user or device using the Policy

Rule. This is done by the Wireless Controller and is based on the Policy Rule
being unable to authenticate the device or user.

To get to the following page, browse to:

Policy & Object >> Policy Rule >> Rule

:

Figure 9-1 – Rule

The following fields are available:

Field

Description

User Group

Select the User Group to display the policy rules for.

Location Profile

Select the Location Profile to display the policy rules for.

Schedule Profile

Select the Schedule Profile to display the policy rules for.

Table 9-1 – Rule 1

Click

Get Rules

to search for rules using the fields selected.

«
...
34
35
36
37
38
...
»

Содержание DUA-2000

Страница 1: ...Policy Manager User Manual DUA 2000 Ver 1 0 Business Wireless Solution Building Networks for People ...

Страница 2: ...stalled and used in accordance with this user s guide may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in w...

Страница 3: ...ging on to the Web User Interface 5 Changing the Default IP Address 6 5 System Overview 7 6 Network Configuration Example 9 Network Requirements 9 Network Topology 10 Network Configuration 11 Wireless Controller 11 Policy Manager 11 Network Environment 12 7 Status Monitor 13 Dashboard 13 Dashboard 13 Network 14 Interface Utilization 14 System 14 Device Status 14 Logs 15 8 Network 17 Device 17 IP I...

Страница 4: ...rization 47 Authorization Profile 47 Authorization Profile 47 ACL Profile 49 ACL Rule 51 Schedule 54 Schedule Profile 54 Add Schedule Profile 55 10 Maintenance 57 Administration 57 System Information 57 Change Password 58 System Account 58 Date and Time 60 Session 62 Management 63 SNMP 63 SNMP v3 User 63 SNMP Traps 65 SNMP Host List 66 Access Control List 68 SNMP Community 69 Telnet SSH 71 Web Ser...

Страница 5: ...82 Syslog Server 82 System Logs 83 Alert 84 Email Alert 84 Alert Type 86 Utilities 87 Logo Setting 87 Ping 88 11 Appendix A Technical Specifications 89 Capacity 89 Hardware Specification 89 Processor and System Memory 89 I O Interface 89 Physical Environment 89 12 Appendix B Rack Mount Instructions 90 ...

Страница 6: ...d with the Policy Manager or from the D Link website Other documents related to the device are Quick Installation Guide Conventions Convention Description Boldface Font Indicates a button a toolbar icon menu or menu item For example Open the File menu and choose Cancel Used for emphasis May also indicate system messages or prompts appearing on screen For example You have mail Bold font is also use...

Страница 7: ...u should pay special attention to these indicators Each example below provides an explanatory remark regarding each type of indicator NOTE A note indicates important information that helps you make better use of your device NOTICE A notice indicates either potential damage to hardware or loss of data and tells you how to avoid the problem CAUTION A caution indicates a potential for property damage...

Страница 8: ...product portfolio It is a fully featured Policy Manager capable of assigning permissions based on who you are where you are when you connect the type of device and the device ownership Policy enforcement is implemented through the network layer removing the need for client software and ensuring compatibility with a wide range of devices The DUA 2000 provides multiple authentication options and can...

Страница 9: ... sure that there is proper heat dissipation and adequate ventilation around the server Do not place heavy objects on the server Rack Installation The Policy Manager can be mounted in an EIA standard size 19 inch rack which can be placed in a server room with other equipment To install attach the mounting brackets to the Policy Manager s side panels one on each side and secure them with the screws ...

Страница 10: ...able from the Wireless Controller to support authentication authorization and accounting This can either be in the same management subnet or another subnet altogether Connect to the Policy Manager using its default IP address and change this to be in line with your own network policies NOTE The default IP address is 10 90 90 90 with a subnet mask of 255 0 0 0 Logging on to the Web User Interface T...

Страница 11: ...ur network topology It is recommended that this is completed before the device is connected to the production network 1 Navigate to Network Device IP Interface 2 Click Edit next to the System interface 3 Change the address type from DHCP to Static 4 Enter an IP Address Mask Gateway and DNS server 5 Press Apply Ensure that you can connect to the Policy Manager using the new IP address ...

Страница 12: ...o the Policy Manager as the username the Policy Device User Type is applied to the account and the device is authenticated using the Policy Rule If a username and password is supplied to the Policy Manager then either the Policy User or Policy Guest User Types are applied to the account depending on whether the user has been configured as a guest If it has then the user is authenticated using the ...

Страница 13: ...D Link DUA 2000 Policy Manager User Manual 8 Figure 5 1 Logical System Overview ...

Страница 14: ...tion PoE Switch This is a Layer 2 device that supplies Power over Ethernet PoE to the Wireless APs and performs switching and VLAN tagging functions Wireless AP This advertises the two Service Set Identifiers SSIDs for the wireless Employee corporate and Personal BYOD networks Wireless Controller This controls access to wireless networks and manages wireless clients and APs Clients can be authenti...

Страница 15: ...AN 192 168 10 110 150 192 168 10 1 30 Seconds VLAN 20 Employee VLAN 192 168 20 110 150 192 168 20 1 Default VLAN 30 Personal VLAN 192 168 30 110 150 192 168 30 1 Default Table 6 3 VLANs and DHCP Ranges The addresses assigned to devices are as follows VLAN Number Device Address Netmask Default Gateway VLAN 1 DHCP Server 192 168 10 1 255 255 255 0 192 168 10 1 VLAN 1 PoE Switch 192 168 10 2 255 255 ...

Страница 16: ...ress default entry to edit CP configuration Enter Configuration name and Verification mode choose Policy Manager Choose RADIUS Auth Server then press submit button 4 Configure a RADIUS Authentication Server Navigate to LAN Security RADIUS RADIUS Authentication Server Configuration Select Add item then enter RADIUS Server Host Address then chose Yes for Policy Manager Enter RADIUS Server Name then ...

Страница 17: ...ployee VLAN for authenticated corporate clients and a personal VLAN for authenticated personal clients The DHCP server needs to offer an IP address in the range configured for each VLAN and so the switch port connecting the DHCP server to the local switch needs to be set up for VLAN tagging The Wireless APs also need to advertise more than one SSID one for each VLAN The DHCP release time should be...

Страница 18: ...ing in to the Policy Manager To get to the following page browse to Status Monitor Dashboard Dashboard Figure 7 1 Dashboard The following fields are available Field Description CPU Status The CPU utilization measured in percent RAM Status Memory utilization measured in percent System Network Status kbit s Combined network utilization of all 4 interfaces measured in kilobits per second kbit s Hard ...

Страница 19: ...resh automatically To get to the following page browse to Status Monitor Network Interface Utilization Figure 7 2 Interface Utilization System Device Status This provides a device overview for the system and includes the system name time location contact information software and hardware versions and MAC and IP address information To get to the following page browse to Status Monitor System Device...

Страница 20: ...stem firmware version Hardware Version The system hardware version MAC Adddress The system MAC address of the active LAN interface s IPv4 Address The IP address of the active LAN interface s Netmask The netmask of the active LAN interface s Gateway The default gateway address of the active LAN interface s Serial Number The serial number of the device HDD The serial number of the hard disk driver u...

Страница 21: ...Logs Click Get Log to display logs of the chosen type The following fields are available in the results Field Description Index The log entry index Higher index values are more recent Date Time The date and time of the log entry Severity The Syslog severity Type The type of log entry Info The log entry contents Table 7 4 Log Results Click Get Log to display logs of the chosen type Click Export to ...

Страница 22: ...ace Figure 8 1 IP Interface Setting The following fields are available Field Description Name The name of the network interface or Port Trunk IP Address The IP address of the interface Netmask The netmask of the interface DNS The Domain Name System DNS servers for the interface MAC Address The Media Access Control MAC address of the interface Port The ports that the interface configuration applies...

Страница 23: ...ddress or dynamically assigned IP address DHCP If Static is chosen it is possible to enter values into the fields below Is DHCP is chosen it is only possible to select ports to apply the settings to and create a Port Trunk Interface Name Name the interface IP Address Enter the IPv4 address for the interface Port Select Select the physical switch port on the DUA 2000 to assign the IP address to At ...

Страница 24: ...port trunk with the network switch without any negotiation Selecting Link Aggregation Control Protocol LACP allows the DUA 2000 to negotiate a port trunk with the network switch Table 8 2 Add IP Interface Click Apply to apply the settings Port Trunking Advance Setting Click the Port Trunking Advance Setting tab to view the following window Figure 8 3 Port Trunk Advance Setting The following fields...

Страница 25: ...00 To get to the following page browse to Network Device RADIUS Client Figure 8 4 RADIUS Server Setting The following fields are available Field Description Name The name of the RADIUS client that will connect to the RADIUS server IP Address The IP address of the client Subnet Mask The subnet mask of the client Shared Secret The shared secret for the RADIUS client and server Table 8 4 RADIUS Serve...

Страница 26: ...Figure 8 5 Add RADIUS Server Client The following fields can be configured Field Description Name Name the RADIUS client that will connect to the RADIUS server IP Address Enter the IP address of the client Subnet Mask Enter the subnet mask of the client Shared Secret Enter a shared secret for the RADIUS client and server Table 8 5 Add RADIUS Server Client Click Apply to apply the settings ...

Страница 27: ...authenticated against the Identity Domain This can be Disabled Local Server or one of the Identity Domains entered The default is Disabled Table 8 6 Identity Domain 1 Click Add to add an Identity Domain The following fields are available Field Description Identity Domain The name of the Identity Domain Server Group The Server Group used for authentication defined on the External Server page The lo...

Страница 28: ...g window Figure 8 7 Add Identity Domain The following fields can be configured Field Description Identity Domain The name of the Identity Domain Server Group The Server Group to authenticate against This is configured on the External Server page Status The status of the Identity Domain This can be Enabled or Disabled Captive Portal String The Captive Portal String This is appended to the client s ...

Страница 29: ...used to group the LDAP servers defined on this page Up to 3 Server Groups can be defined Primary IP Address The IP address of the primary LDAP server Port The port to connect to on the LDAP server Default is 389 The range is 1 65535 LDAP Base DN The LDAP search base for the container that contains the users or devices to be authenticated on the LDAP server Identity The username of the administrati...

Страница 30: ...f the third LDAP server Port The port to connect to on the LDAP server Default is 389 The range is 1 65535 LDAP Base DN The LDAP search base for the container that contains the users or devices to be authenticated on the LDAP server Identity The username of the administrative user that is used to log in to the LDAP server and authenticate the client Password The password of the administrative user...

Страница 31: ...ated on the AD server Identity The username of the administrative user that is used to log in to the AD server and authenticate the client Password The password of the administrative user that is used to log in to the AD server and authenticate the client SSL Enabled Click to enable or disable SSL for AD authentication The options are Enabled or Disabled Secondary IP Address The IP address of the ...

Страница 32: ...log in to the AD server and authenticate the client Password The password of the administrative user that is used to log in to the AD server and authenticate the client SSL Enabled Click to enable or disable SSL for AD authentication The options are Enabled or Disabled Table 8 10 AD Server Setting Click Save to save the changes made Click Cancel to revert the settings to their previous state POP3 ...

Страница 33: ...y POP3 server Authentication Port The TCP port to use for POP3 authentication Range 1 65535 The default is 110 SSL Enable Click to enable or disable SSL for POP3 authentication The options are Enabled or Disabled Third IP Address The IP address of the third POP3 server Authentication Port The TCP port to use for POP3 authentication Range 1 65535 The default is 110 SSL Enable Click to enable or dis...

Страница 34: ... Key The password of the administrative user that is used to log in to the RADIUS server and authenticate the client Range 1 32 characters Confirm Key Confirm the password of the administrative user that is used to log in to the RADIUS server and authenticate the client Range 1 32 characters Secondary IP Address The IP address of the secondary RADIUS server Authentication Port The TCP port to use ...

Страница 35: ...nting Range 1 65535 The default is 1813 Key The password of the administrative user that is used to log in to the RADIUS server and authenticate the client Range 1 32 characters Confirm Key Confirm the password of the administrative user that is used to log in to the RADIUS server and authenticate the client Range 1 32 characters Table 8 12 RADIUS Server Client Click Save to save the changes made ...

Страница 36: ...e then the Authorization Profile is returned to the Wireless Controller NOTE It is not possible to deny access to a user or device using the Policy Rule This is done by the Wireless Controller and is based on the Policy Rule being unable to authenticate the device or user To get to the following page browse to Policy Object Policy Rule Rule Figure 9 1 Rule The following fields are available Field ...

Страница 37: ...e Policy Rule Device Type The Device Type the Policy Rule applies to This is applied in the Device section Location Profile The Location Profile the Policy Rule applies to Schedule The Schedule Profile that applies to the Policy Rule Authorization Profile The Authorization Profile that applies to the Policy Rule Status The status of the Policy Rule This can be Enabled or Disabled Table 9 2 Rule 2 ...

Страница 38: ...ich to authenticate devices It can be set to Others Used to classify any device which is not a mobile phone or laptop on the Device page Mobile Used to classify a device as a mobile phone on the Device page Laptop Used to classify a device as a mobile phone on the Device page Location Profile The Location Profile the Policy Rule applies to Click Create Location Profile to create a new Location Pro...

Страница 39: ...ent User Database Figure 9 3 Group The following fields are available Field Description Group Name The name of the user group Description The description of the user group User Type The type of user This can be Policy User This is a user based account on the Policy Manager Policy Device This is a device based account on the Policy Manager Status The user status This can be Enabled or Disabled MAC ...

Страница 40: ...up User Type The type of user This can be Policy User This is a user based account on the Policy Manager Policy Device This is a device based account on the Policy Manager Status The user status This can be Enabled or Disabled Mac Binding This is whether any devices are associated with the user accounts If it is set to On then it s possible to assign devices to the account and both the user and de...

Страница 41: ...n Username Prefix Enter a Username Prefix and select Case Sensitive Case Insensitive or Match Exactly for the search type Select the group from the Group menu or choose All groups to search for all accounts on the Policy Manager Table 9 6 Account 1 Click Get Accounts to retrieve user account information for the specified group The following fields are available Field Description User Name MAC The ...

Страница 42: ...lowing fields can be configured Field Description Group Select Select the group that the user belongs to User Name Enter the user name of the user First Name Enter the first name of the user Last Name Enter the last name of the user Password Enter the password for the user Confirm Password Confirm the password for the user Binding Device List The devices that a user is permitted to log in from Tab...

Страница 43: ...feature and the Binding Device List To get to the following page browse to Policy Object Client Device Database Figure 9 7 Property Group The following fields are available Field Description Group Name The name of the Property Group Usage This is the device usage This is a way of restricting the devices that a user can log in from and can be set to the following Single User A personal device that ...

Страница 44: ... be set to the following Single User A personal device that is used by a single person Multiple users A corporate device used by multiple people Public users Any device that can be used by both corporate and non corporate users Description The description of the Property Group Table 9 10 Add Property Group Click Apply to apply the settings Device Devices are created on the Device page and consist ...

Страница 45: ... of the device in the format xx xx xx xx xx xx This is used to uniquely identify the device Device Type The type of device This is used by the Policy Rule and is another parameter through which to authenticate devices It can be set to Others Use this to classify any device which is not a mobile phone or laptop Mobile Use this to classify a device as a mobile phone Laptop Use this to classify a dev...

Страница 46: ...d Description MAC Address The MAC address of the device in the format xx xx xx xx xx xx Device Type The type of device This is used by the Policy Rule and is another parameter through which to authenticate devices It can be set to Others Use this to classify any device which is not a mobile phone or laptop Mobile Use this to classify a device as a mobile phone Laptop Use this to classify a device ...

Страница 47: ... wireless APs a client can authenticate from and which switch ports a client can authenticate from based on the Policy Rule To get to the following page browse to Policy Object Endpoint Location Profile Figure 9 11 Location Profile The following fields are available Field Description Profile Name The name of the Location Profile Description The description of the Location Profile Table 9 14 Locati...

Страница 48: ...rofile Table 9 15 Add Location Profile Click Apply to apply the settings Endpoint List The Endpoint List is a list of Endpoints that are assigned to the Location Profile The Endpoint List page can be used to add scan edit or delete Endpoints NOTE A maximum of 10 Endpoints can be configured in one Location Profile To get to the following page browse to Policy Object Endpoint Location Profile and cl...

Страница 49: ...nts that have already been added to the Endpoint List will display a red circle in the search results Click the green circle to add the device to the Endpoint List The MAC Address field will be populated with the MAC address of the discovered device Table 9 17 Endpoint List 2 Click Scan to scan the subnet for endpoints The following fields are available Field Description Import Endpoint Import end...

Страница 50: ...5 on switch 2 in the stack could be another location The Port List is comma separated and is in the format switch stack ID port ID A hyphen can be used to specify a range For example 1 1 1 4 2 5 Description The description of the Endpoint Location Profile The Location Profile this Endpoint has been added to Table 9 19 Endpoint List 4 Click Edit to edit existing Endpoint List settings Click Delete ...

Страница 51: ...ould be one location and port 5 on switch 2 in the stack could be another location The Port List is comma separated and is in the format switch stack ID port ID A hyphen can be used to specify a range For example 1 1 1 4 2 5 Description The description of the Endpoint Table 9 20 Add Endpoint to List Click Apply to apply the settings Endpoint to Location Profile This is used to bind an Endpoint to ...

Страница 52: ... switch stack ID port ID A hyphen can be used to specify a range For example 1 1 1 4 2 5 Description The description of the Endpoint Location Profile The Location Profile this Endpoint has been added to Table 9 22 Endpoint to Location Profile 2 Select the check boxes for the endpoints you wish to add to a Location Profile and choose the Location Profile from the Location Profile menu Click Save to...

Страница 53: ...p The Layer 2 Class of Service level that is applied to traffic from clients that the Authorization Profile applies to Session Timeout The maximum length of the client session measured in seconds Idle Timeout The length of time to keep the client session active if not activity is detected before ending the session measured in seconds ACL Profile The ACL Profile applied to the Authorization Profile...

Страница 54: ... 1 409 600 000 bps 1 bps 409 6 Mbps 802 1p The Layer 2 Class of Service level that is applied to traffic from clients that the Authorization Profile applies to Session Timeout The maximum length of the client session Range 0 86400 seconds Idle Timeout The length of time to keep the client session active if not activity is detected before ending the session Range 0 900 seconds ACL Profile The ACL P...

Страница 55: ...ields are available Field Description ACL Profile Name The name of the ACL Profile ACL Rule This is the list of the ACL Rules in the ACL Profile with the ACL Profile on the left being matched first and the ACL Profile on the right being matched last Table 9 25 ACL Profile Click Add to add an ACL Profile Click Delete to delete an ACL Profile Add ACL Profile Click the Add button to view the followin...

Страница 56: ...1 to 10 with 1 being matched first and 10 being matched last Table 9 26 Add ACL Profile Click Apply to apply the settings ACL Rule The ACL Rule can permit or deny traffic based on the destination MAC or IP address and Layer 4 information such as TCP and UDP port number A mask can also be defined to match TCP or UDP port numbers in a range To get to the following page browse to Policy Object Author...

Страница 57: ...ffff then a logical AND operation is performed between the port number in hex notation and the port mask also in hex notation UDP Port The destination UDP port that the rule matches UDP Port Mask A mask defining the range of UDP ports allowed in the range 0000 ffff If ffff is defined then only the port specified is allowed If the mask is not ffff then a logical AND operation is performed between t...

Страница 58: ...ning the range of TCP ports allowed in the range 0000 ffff If ffff is defined then only the port specified is allowed If the mask is not ffff then a logical AND operation is performed between the port number in hex notation and the port mask also in hex notation UDP Port The destination UDP port that the rule matches Range 0 65535 UDP Port Mask A mask defining the range of UDP ports allowed in the...

Страница 59: ... of the Schedule Profile Description The description of the Schedule Profile Rule1 Rule 1 in the Schedule Profile A green background means it is enabled and a red background means it is disabled Rule2 Rule 2 in the Schedule Profile A green background means it is enabled and a red background means it is disabled Rule3 Rule 3 in the Schedule Profile A green background means it is enabled and a red b...

Страница 60: ...e applies to From The start time of the schedule measured in 24 hour format To The end time of the schedule measured in 24 hour format Enabled Rule 2 Tick this box to enable the rule in the Schedule Profile and un tick it to disable it Weekday The day of the week that this schedule applies to From The start time of the schedule measured in 24 hour format To The end time of the schedule measured in...

Страница 61: ...D Link DUA 2000 Policy Manager User Manual 56 Table 9 30 Add Schedule Profile Click Apply to apply the settings ...

Страница 62: ...g page browse to Maintenance Administration System Information Figure 10 1 System Information The following fields are available Field Description System Name The hostname of the Policy Manager System Location The location of the Policy Manager System Contact The contact information for the Policy Manager Table 10 1 System Information Click Save to save the changes made Click Cancel to revert the ...

Страница 63: ...ing fields are available Field Description Old Password The existing password for the guest user New Password The new password for the guest user Confirmed Password The confirmed password for the guest user Table 10 2 Change Password Click Save to save the changes made Click Cancel to revert the settings to their previous state System Account This is used to add edit or delete system accounts whic...

Страница 64: ...at the user is in This can be Admin This permission level has access to all parts of the system and can change the system configuration Guest This permission level is only able to view the system configuration and cannot make any changes Fisrt Name The first name of the user Last Name The last name of the user Description The description of the user Table 10 3 System Account Click Add to add a Sys...

Страница 65: ...the system configuration Guest This permission level is only able to view the system configuration and cannot make any changes First Name The first name of the user Last Name The last name of the user Description The description of the user Password The password for the user Confirm Password The confirmed password for the user Table 10 4 Add System Account Click Apply to apply the settings Date an...

Страница 66: ... The following fields are available Date Setting MM DD YYYY Set the date in the appropriate format Time Setting HH MM Set the time in the appropriate format SNTP Type The SNTP type This can be Default Use the default settings Custom Specify the SNTP settings These are as follows Primary SNTP Server The primary SNTP server to synchronize with Secondary SNTP Server The secondary SNTP server to synch...

Страница 67: ... all accounts logged in to the system To get to the following page browse to Maintenance Administration Session Figure 10 6 Session The following fields are available Field Description Live Time How long the session has been active for From The source device IP address Level The permission level of the account Name The name of the user logged in Table 10 6 Session Click Next to view the next page ...

Страница 68: ...ollowing fields are available Field Description Name The name of the SNMP user account This is either admin or guest Privilege The access level of the user This cannot be changed and is set to read only rouser Security Level The security level of the user account This dictates the security requirements of the SNMP account access It can be set to No Auth no authentication and no privacy Auth No Pri...

Страница 69: ...Edit SNMP V3 User The following fields can be configured Field Description User Name The name of the SNMP user account This is either admin or guest Access Privilege The access level of the user This cannot be changed and is set to read only rouser Security Level The security level of the user account This dictates the security requirements of the SNMP account access It can be set to No Auth no au...

Страница 70: ...s This is used to enable and disable SNMP traps on the Policy Manager To get to the following page browse to Maintenance Management SNMP and click on the SNMP Traps tab Figure 10 9 SNMP Traps The following fields are available Field Description SNMP Traps This is used to enable or disable SNMP traps and can be set to Enabled Disabled SNMP Authentication Trap This is used to enable or disable SNMP ...

Страница 71: ...if the system was rebooted and can be set to Enabled Disabled Table 10 9 SNMP Traps Click Save to save the changes made Click Cancel to revert the settings to their previous state SNMP Host List This is used to define Network Management Systems NMSs that will receive SNMP traps from the Policy Manager To get to the following page browse to Maintenance Management SNMP and click on the SNMP Host Lis...

Страница 72: ...g window Figure 10 11 Add SNMP Host The following fields can be configured Field Description IP Address The IP address of the SNMP host receiving the traps from the Policy Manager Port The TCP port to use for SNMP traps Default 162 range 1 65535 Community The community string to use for SNMP traps If the Authentication Type is set to V1 or V2 this is taken from the SNMP Community Table Setting on ...

Страница 73: ...ck on the Access Control List tab Figure 10 12 Access Control List The following fields are available Field Description IP Address The IP address of the network host Mask The netmask of the network host Table 10 12 Access Control List Click Add to add an Access Control List Click Edit to edit existing Access Control List settings Click Delete to delete an Access Control List Click Save to save the...

Страница 74: ... The IP address of the network host Mask The netmask of the network host Table 10 13 Add Access Control List Click Apply to apply the settings SNMP Community The SNMP community strings are a way of authenticating client devices They can be used to enable read only or read write access to the Policy Manager To get to the following page browse to Maintenance Management SNMP and click on the SNMP Com...

Страница 75: ...ommunity string This can only be read only It can be set to rocommunity Table 10 14 SNMP Community NOTE It is recommended that the default SNMP community strings are changed on the Policy Manager Click Add to add an SNMP Community Click Edit to edit existing SNMP Community settings Click Delete to delete an SNMP Community Click Save to save the changes made Click Cancel to revert the settings to t...

Страница 76: ...cate client devices connecting to the Policy Manager using SNMP Access Right The access rights of the community string This can only be read only It can be set to rocommunity Table 10 15 Add SNMP Community Click Apply to apply the settings Telnet SSH Telnet and Secure Shell SSH are protocols for remote management of IP devices To get to the following page browse to Maintenance Management Telnet SS...

Страница 77: ...fault 23 range 1 65535 Table 10 16 Telnet Setting The following fields are available in the SSH Setting section Field Description SSH Status The status of the SSH server on the Policy Manager This can be set to Enabled Disabled Re generate SSH key This is used to re generate the private SSH key used by the Policy Manager SSH Port Number The SSH port number Default 22 range 1 65535 Table 10 17 SSH ...

Страница 78: ... the HTTPS server on the Policy Manager The default is Disabled This can be set to Enabled Disabled Certificate This field appears if the HTTPS status is set to Enabled The following fields are available Select self signed certificate to use a self signed SSL TLS certificate Select Re generate self signed key to re generate the self signed key used to sign SSL TLS certificates used by the Policy M...

Страница 79: ...vailable in the DDP Global Setting section Field Description D Link Report Timer The amount of time to wait between scans of the directly connected local devices Table 10 19 DDP Global Setting The following fields are available in the DDP Per Port Setting section Field Description Port 1 State Enable of disable DNA on port 1 This can be set to Enabled Disabled Port 2 State Enable of disable DNA on...

Страница 80: ...browse to Maintenance System Firmware Upgrade Figure 10 19 Firmware Info The following fields are available in the Current Firmware Information section Field Description Image1 Boot This is the firmware image for Image 1 If this has been set as the default image to boot from the word Boot will be displayed next to the image name The image properties are as follows Firmware The firmware version Dat...

Страница 81: ...on Click Save to save the changes made Click Cancel to revert the settings to their previous state Firmware Upgrade This page can be used to upgrade the Policy Manager s firmware using TFTP HTTP and USB devices To get to the following page browse to Maintenance System Firmware Upgrade and click on the Firmware Upgrade tab Figure 10 20 Firmware Upgrade The following fields are available in the Firm...

Страница 82: ...s can be set to Image1 Image2 Table 10 23 Firmware Upgrade From HTTP Upload Click Upload to upgrade the firmware The following fields are available in the Firmware Upgrade From USB 1 section Field Description USB Device Status The USB device status of USB port 1 This can be Connected Disconnected Select Firmware The folder on the USB drive where the backup files are located Upload to The image to ...

Страница 83: ...Backup System The following fields are available in the Auto Backup section Field Description Status The status of the backup schedule This can be Enabled Disabled Weekday The day of the week the backup takes place on This can be any day from Mon Sun Time The time that the backup takes place at This is in 24 h format Save to The USB port to save the system configuration to This can be USB1 USB2 Ta...

Страница 84: ... can be used to restore the system configuration from a previous back up To get to the following page browse to Maintenance Management Backup Restore System and click on the Restore System tab Figure 10 22 Restore System The following fields are available in the Restore from USB Port 1 section Field Description USB Device Status The USB device status of USB port 1 This can be Connected Disconnecte...

Страница 85: ...ory defaults To get to the following page browse to Maintenance System Reboot Figure 10 23 Reboot Click Soft Reboot to reboot the Policy Manager keeping the current configuration Click Factory Reboot to reboot the Policy Manager restoring the factory default configuration NOTICE Clicking Factory Reboot will restore the Policy Manager to the factory default configuration This will lose any configur...

Страница 86: ...quests This is allocated to whichever Policy Manager is the Active server in the pair Service Interface The interface that is used to respond to clients Heartbeat Remote IP The remote IP to poll for heartbeat signals If this fails then the current server is assumed to be the Active one and assumes the Active role Heartbeat Interface The interface used for heartbeat signals Heartbeat Timeout This i...

Страница 87: ... the HA service on the Policy Manager Logs Syslog Server This page can be used to configure Syslog servers and the severity of the logs per server Up to 3 Syslog servers can be defined To get to the following page browse to Maintenance Logs Syslog Server Figure 10 25 Syslog Server The following fields are available Field Description SysLog Server 1 The status of SysLog Server 1 This can be set to ...

Страница 88: ...log server SysLog Server 3 The status of SysLog Server 3 This can be set to Disabled Disable Syslog logging Enabled Enable Syslog logging The following fields are available FQDN IP Address The DNS name or IP address of the Syslog server Severity The severity of the logging sent to the Syslog server Table 10 32 Syslog Server Click Save to save the changes made Click Cancel to revert the settings to...

Страница 89: ...ature logs This can be set to Enabled Disabled Fan Enable or disable Fan logs This can be set to Enabled Disabled HDD Enable or disable HDD logs This can be set to Enabled Disabled Bootup Enable or disable Bootup logs This can be set to Enabled Disabled System Backup Restore Enable or disable System Backup Restore logs This can be set to Enabled Disabled HA Enable or disable HA logs This can be se...

Страница 90: ...on the SMTP server Default 25 range 1 65535 Use TLS Use TLS for SMTP communication This can be set to Enabled or Disabled Use STARTTLS Use STARTTLS for SMTP communication This can be set to Enabled or Disabled Return E Mail Address The return email address of the email Send to E Mail Address 1 Recipient email address 1 Send to E Mail Address 2 Recipient email address 2 Send to E Mail Address 3 Rec...

Страница 91: ...ion Temperature Enable or disable Temperature alerts This can be set to Enabled Disabled Fan Enable or disable Fan alerts This can be set to Enabled Disabled HDD Enable or disable HDD alerts This can be set to Enabled Disabled Link Up Down Enable or disable Link Up Down alerts This can be set to Enabled Disabled Bootup Enable or disable Bootup alerts This can be set to Enabled Disabled Table 10 35...

Страница 92: ...he status of the image file A will be shown next to the image in use Logo Display The image that has been uploaded Table 10 36 Logo Setting Click the green tick next to the image to use it as the logo at the top of the web page Click the red cross next to the image to delete the image Click Upload logo to upload a new image file NOTE It is recommend that the image size is less than 200 px x 80 px ...

Страница 93: ...form ping tests To get to the following page browse to Maintenance Utilities Ping Figure 10 30 Ping The following fields are available Field Description Ping Address The IP address to ping Result The results of the ping test Table 10 37 Ping Click Ping to perform the ping test ...

Страница 94: ...xternal USB Port o 2 USB 2 0 port Type A Host Serial port o 1 RJ 45 connector Ethernet connector o 4 10 100 1000 Mbps Gigabit Ethernet ports o 4 100 1000 Mbps SFP combo ports Storage o Hard drive 256GB Power Supply o Internal universal power supply 100 240VAC 50 60Hz Power Jack o AC Power Jack with ON OFF switch Physical Environment Internal Power o AC Input 100 240 50 60Hz Operating Temperature o...

Страница 95: ...uld be such that the amount of air flow required for safe operation of the equipment is not compromised C Mechanical Loading Mounting of the equipment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading D Circuit Overloading Consideration should be given to the connection of the equipment to the supply circuit and the effect that overloading of th...

Отзывы:

Нет отзывов

Похожие инструкции для DUA-2000

Бренд: Icron Страницы: 2

Бренд: Skymsen Страницы: 16

Бренд: Icron Страницы: 2

Бренд: C2G Страницы: 12

Бренд: IAGREEA Страницы: 8

Бренд: Bianco di Puro Страницы: 46

CrystalView EX5

Бренд: Rose electronics Страницы: 20

Бренд: Crestron Страницы: 2

Бренд: Hamilton Beach Commercial Страницы: 16

Бренд: Jata electro Страницы: 16

Бренд: Konig Страницы: 42

Бренд: PEPCOOK Страницы: 28

Бренд: Techly Страницы: 12

Бренд: gofanco Страницы: 12

Бренд: Blendtec Страницы: 16

Бренд: Vitamix Страницы: 92

Бренд: MOA Страницы: 24

Бренд: Biochef Страницы: 43

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды