D-Link xStack DGS-3426 страница 221 Скачать руководство пользователя | Manualshive

Страница: 221 / 356

background image

xStack DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch

802.1X

802.1x Port-Based and MAC-Based Access Control

The IEEE 802.1x standard is a security measure for authorizing and authenticating users to gain access to various wired or
wireless devices on a specified Local Area Network by using a Client and Server based access control model. This is
accomplished by using a RADIUS server to authenticate users trying to access a network by relaying Extensible Authentication
Protocol over LAN (EAPOL) packets between the Client and the Server. The following figure represents a basic EAPOL packet:

Figure 10- 5. The EAPOL Packet

Utilizing this method, unauthorized devices are restricted from connecting to a LAN through a port to which the user is connected.
EAPOL packets are the only traffic that can be transmitted through the specific port until authorization is granted. The 802.1x
Access Control method holds three roles, each of which are vital to creating and upkeeping a stable and working Access Control
security method.

Figure 10- 6. The three roles of 802.1x

The following section will explain the three roles of Client, Authenticator, and Authentication Server in greater detail.

Authentication Server

The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be
running a RADIUS Server program and must be configured properly on the Authenticator (Switch). Clients connected to a port on
the Switch must be authenticated by the Authentication Server (RADIUS) before attaining any services offered by the Switch on
the LAN. The role of the Authentication Server is to certify the identity of the Client attempting to access the network by
exchanging secure information between the RADIUS server and the Client through EAPOL packets and, in turn, informs the
Switch whether or not the Client is granted access to the LAN and/or switches services.

207

«
...
219
220
221
222
223
...
»

Содержание xStack DGS-3426

Страница 1: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch User Manual ProductModel TM DGS 3400 Series Layer 2GigabitEthernetManagedSwitch Release2 35 i...

Страница 2: ...ink Computer Corporation is strictly forbidden Trademarks used in this text D Link and the D LINK logo are trademarks of D Link Computer Corporation Microsoft and Windows are registered trademarks of...

Страница 3: ...n Guidelines 9 Installing the Switch without the Rack 10 Installing the Switch in a Rack 10 Mounting the Switch in a Standard 19 Rack 11 Power On 11 Power Failure 11 Installing the SFP ports 12 The Op...

Страница 4: ...IP Address 39 Setting the Switch s IP Address using the Console Interface 40 Interface Settings 41 IPv4 Interface Settings 41 IPv6 Interface Settings 42 Stacking 46 Stack Switch Swapping 47 Stacking...

Страница 5: ...Auto Configuration Settings 82 SNMP Manager 83 SNMP Trap Settings 84 SNMP User Table 84 SNMP View Table 86 SNMP Group Table 87 SNMP Community Table 89 SNMP Host Table 90 SNMP Engine ID 91 IP MAC Port...

Страница 6: ...sed VLAN Settings 129 Trunking 130 Understanding Port Trunk Groups 130 Link Aggregation 131 LACP Port Settings 134 IGMP Snooping 137 IGMP Snooping Settings 137 Router Port Settings 138 ISM VLAN 140 Re...

Страница 7: ...9 CPU Interface Filtering State Settings 189 CPU Interface Filtering Table 189 Security 202 Authorization Network State Settings 202 Traffic Control 203 Port Security 205 Port Security Entries 206 802...

Страница 8: ...nt 245 JWAC Host Information 246 Monitoring 247 Device Status 248 Stacking Information 248 Module Information 249 CPU Utilization 250 Port Utilization 251 Packets 252 Received Rx 252 UMB Cast RX 254 T...

Страница 9: ...anges 283 Configuration Information 284 Current Configuration Settings 285 Logout 285 Appendix A 286 Technical Specifications 286 Appendix B 288 Cables and Connectors 288 Appendix C 289 Cable Lengths...

Страница 10: ...messages or prompts appearing on screen For example You have mail Bold font is also used to represent filenames program names and commands For example use the copy command Boldface Typewriter Font Ind...

Страница 11: ...nd Cautions A NOTE indicates important information that helps make better use of the device A NOTICE indicates either potential damage to hardware or loss of data and tells how to avoid the problem A...

Страница 12: ...penings of the system Doing so can cause fire or electric shock by shorting out interior components Use the product only with approved equipment Allow the product to cool before removing covers or tou...

Страница 13: ...c caution statements and procedures Systems are considered to be components in a rack Thus component refers to any system as well as to various peripherals or supporting hardware CAUTION Installing sy...

Страница 14: ...battery to explode Replace this battery only with the same or equivalent type recommended by the manufacturer Discard used batteries according to the manufacturers instructions Protecting Against Ele...

Страница 15: ...ion D Link s next generation xStack DGS 3400 Series switches are high port density stackable switches that combine the ultimate performance with fault tolerance security management functions with flex...

Страница 16: ...l Image Firmware Simple Network Time Protocol support MAC Notification support System and Port Utilization support System Log Support High performance switching engine performs forwarding and filterin...

Страница 17: ...orts Two slots open for single port 10GE XFP or 10GBASE CX4 modules One RS 232 DB 9 console port DGS 3426P Twenty four PoE Compliant 10 100 1000BASE T Gigabit ports Four Combo SFP Ports Two slots open...

Страница 18: ...ront panel includes a seven segment LED indicating the Stack ID number A separate table below describes LED indicators in more detail DGS 3426P also includes a Mode Select button for changing the mode...

Страница 19: ...The Switch supports LED indicators for Power Console RPS and Port LEDs including 10GE port LEDs for optional module inserts Figure 2 5 LED Indicators on DGS 3450 Figure 2 6 LED Indicators on DGS 3427...

Страница 20: ...king green light indicates activity on the port at 1000Mbps A steady orange light denotes a valid 10 or 100Mbps link on the port while a blinking orange light indicates activity on the port at 100Mbps...

Страница 21: ...l module inserts Figure 2 11 Rear panel view of DGS 3427 DGS 3450 The rear panel of the DGS 3450 contains an AC power connector two empty slots for optional module inserts a redundant power supply con...

Страница 22: ...Leave at least 6 inches of space at the rear and sides of the Switch for proper ventilation Be reminded that without proper heat dissipation and air circulation system components might overheat which...

Страница 23: ...lines Please follow these guidelines for setting up the Switch Install the Switch on a sturdy level surface that can support at least 6 6 lb 3 kg of weight Do not place heavy objects on the Switch The...

Страница 24: ...h ventilation space between the Switch and any other objects in the vicinity Figure 2 16 Prepare Switch for installation on a desktop or shelf Installing the Switch in a Rack The Switch can be mounted...

Страница 25: ...AC power cord into the power connector of the Switch and the other end into the local power source outlet 2 After powering on the Switch the LED indicators will momentarily blink This blinking of the...

Страница 26: ...g in order to uplink various other networking devices for a gigabit link that may span great distances These SFP ports support full duplex transmissions have auto negotiation and can be used with DEM...

Страница 27: ...herefore has a transmit length limit up to 1 meter Compliant with the IEEE802 3ak standard this module uses a 4 laned copper connector for data transfer in full duplex mode within a stacking configura...

Страница 28: ...ches the back as shown in the following figure Gently but firmly push in on the module to secure it to the Switch The module should fit snugly into the corresponding receptors Figure 2 22 Inserting th...

Страница 29: ...edundant power system The diagrams below illustrate a proper RPS power connection to the Switch Please consult the documentation for information on power cabling and connectors and setup procedure Fig...

Страница 30: ...Switch Series the DGS 3426P utilizes the DPS 600 as its External Redundant Power Supply The DPS 600 is the ONLY RPS to be used with the DGS 3426P NOTE See the DPS 500 or DPS 600 documentation for more...

Страница 31: ...acket activity on that port Switch to Switch There is a great deal of flexibility on how connections are made using the appropriate cabling Connect a 10BASE T hub or switch to the Switch via a twisted...

Страница 32: ...e copper ports operate at a speed of 1000 100 or 10Mbps in full or half duplex mode The fiber optic ports can operate at 1000Mbps in full duplex mode only Connections to the Gigabit Ethernet ports are...

Страница 33: ...nfigure the Switch monitor the LED panel and display statistics graphically using a web browser such as Netscape Navigator version 6 2 and higher or Microsoft Internet Explorer version 5 0 and higher...

Страница 34: ...Service Pack 2 or later is installed Windows 2000 Service Pack 2 allows use of arrow keys in HyperTerminal s VT100 emulation See www microsoft com for information on Windows 2000 service packs After...

Страница 35: ...itch supports user based security that can allow prevention of unauthorized users from accessing the Switch or changing its settings This section tells how to log onto the Switch via out if band conso...

Страница 36: ...following 1 At the CLI login prompt enter create account admin followed by the user name and press the Enter key 2 The Switch will then prompt the user to provide a password Type the password used fo...

Страница 37: ...uthentication process that is separated into two parts The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers The second part describes what each u...

Страница 38: ...L status Disabled SSH status Disabled CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All Figure 4 4 show switch command The Switch s MAC address also appears in Switch Information menu of the...

Страница 39: ...command was executed successfully The Switch can now be configured and managed via Telnet and the CLI or via the Web based management NOTE The DGS 3400 series of switches have the capability to be con...

Страница 40: ...s tool and can communicate directly with the Switch using the HTTP protocol The Web based management module and the Console program and Telnet are different ways to access the same internal switching...

Страница 41: ...nagement features available in the web based manager are explained below Web based User Interface The user interface provides access to various Switch configuration and management screens allows the u...

Страница 42: ...ccessible here Area 3 Presents switch information based on user selection and the entry of configuration data Web Pages When connecting to the management mode of the Switch with a web browser a login...

Страница 43: ...entication Control MAC Based Access Control Traffic Segmentation SSL SSH and JWAC Monitoring Contains the following menu pages and sub directories Device Status Stacking Information Module Information...

Страница 44: ...s Stacking Port Configuration User Accounts Port Mirroring System Log System Severity Settings SNTP Settings MAC Notification Settings TFTP Services Multiple Image Services Ping Test Safeguard Engine...

Страница 45: ...OTE DGS 3426 DGS 3427 DGS 3450 DGS 3426P will display the serial number in the Device Information window for Firmware 2 35 B09 Figure 6 1 Device Information window Device Information menu configurable...

Страница 46: ...the Switch The well known TCP port for the Telnet protocol is 80 RMON Status Remote monitoring RMON of the Switch is Enabled or Disabled here Link Aggregation Algorithm The algorithm that the Switch...

Страница 47: ...and the method of assigning an IP address to an interface has become cleaner and quicker Unicast and multicast addresses still exist but in a purer form and multicast addresses now have a scope field...

Страница 48: ...an identical set of options In this way router can process these packets more efficiently once the flow class has been identified and the rest of the packet header no longer needs to be fully process...

Страница 49: ...d to split these packets into fragments in individual packets which will be rebuilt when it reaches its final destination Each of the packets that will be fragmented is given an Identification value b...

Страница 50: ...ing prefixes to produce unique IPv6 addresses which will limit global routing table entries The MAC address of the device is used to produce this address in this form Global Routing Prefix Site Level...

Страница 51: ...he reachability of routers as well as if changes occur within link layer addresses of nodes on the network or identical unicast addresses are present on the local link The functionality of the Neighbo...

Страница 52: ...faces are considered as one interface on the Internet layer multiple unicast addresses may be alloted to multiple physical interfaces which would be beneficial for load sharing on these interfaces Thi...

Страница 53: ...ddress and Subnet Mask 3 If accessing the Switch from a different subnet from the one it is installed on enter the IP address of the Default Gateway If managing the Switch from the subnet on which it...

Страница 54: ...P addresses are entered in the Security IP Management menu If VLANs have not yet been configured for the Switch the default VLAN contains all of the Switch s ports There are no entries in the Security...

Страница 55: ...tings menu link The web manager contains two folders for which to setup IP interfaces on the switch one for IPv4 addresses named IPv4 Interface Settings and one for IPv6 addresses named IPv6 Interface...

Страница 56: ...ss to be assigned to this IP interface Subnet Mask This field allows the entry of a subnet mask to be applied to this IP interface VLAN Name This field states the VLAN Name directly associated with th...

Страница 57: ...Global Ipv6 addresses this field may be omitted Link local Address This field displays the IPv6 address created automatically by the Switch based on the MAC Address of the Switch This is a site local...

Страница 58: ...pull down menu to enable or disable the switch as being capable of accepting solicitation from a neighbor and thus becoming an IPv6 neighbor Once enabled this Switch is now capable of producing Route...

Страница 59: ...seconds and no more than 1800 seconds The user may configure a time between 4 and 1800 seconds with a default setting of 600 seconds RA Min Router AdvInterval Used to set the minimum interval time bet...

Страница 60: ...n then data transfer will obviously be affected Figure 6 9 Switches stacked in a Duplex Ring Figure 6 10 Switches stacked in a Duplex Chain Within each of these topologies each switch plays a role in...

Страница 61: ...ansfer of data between switches in the stack with a few minor provisions When switches are hot inserted into the running stack the new switch may take on the Backup Master or Slave role depending on c...

Страница 62: ...r may configure parameters such as box ID box priority and pre assigning model names to switches to be entered into the switch stack To view this window click Administration Stacking Box Information F...

Страница 63: ...no automatic adjustment of port settings with any option other than Auto The Switch allows the user to configure two types of gigabit connections 1000M Full_M and 1000M Full_S Gigabit connections onl...

Страница 64: ...forwarding table The default setting is Enabled Medium Type If configuring the Combo ports this defines the type of transport medium to be used whether copper or fiber Click Apply to implement the new...

Страница 65: ...choose a port or range of ports to describe Users may then enter a description for the chosen port s Click Apply to set the descriptions in the Port Description Table If configuring the Combo ports th...

Страница 66: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 6 16 Cable Diagnostics window 52...

Страница 67: ...ounts Add Add a new user by typing in a User Name and New Password and retype the same password in the Confirm New Password Choose the level of privilege Admin or User from the Access Right drop down...

Страница 68: ...copied which receives the copies from the source port 2 Select the Source Direction Ingress Egress or Both and change the Status drop down menu to Enabled 3 Click Apply to let the changes take effect...

Страница 69: ...rimary master and the backup master will save and synchronize these mirroring configurations in their respecitve databases Therefore if the primary master is removed the backup master will still hold...

Страница 70: ...em Log Server In the Administration folder click System Log Settings System Log Host to view the window shown below Figure 6 21 System Log Host list The parameters configured for adding and editing Sy...

Страница 71: ...ter subsystem network news subsystem UUCP subsystem clock daemon security authorization messages FTP daemon NTP subsystem log audit log alert clock daemon local use 0 local0 local use 1 local1 local u...

Страница 72: ...5 minutes The default setting is one minute On Demand Users who choose this method will only save log files when they manually tell the Switch to do so using the Save Services folder under the Save Ch...

Страница 73: ...below Parameter Description System Severity Choose how the alerts are used from the drop down menu Select log to send the alert of the Severity Type configured to the Switch s log for analysis Choose...

Страница 74: ...e Current Time Time Source Displays the time source for the system Current Time SNTP Settings SNTP State Use this pull down menu to Enabled or Disabled SNTP SNTP Primary Server The IP address of the p...

Страница 75: ...me adjustment Repeating mode requires that the DST beginning and ending date be specified using a formula For example specify to begin DST on Saturday during the second week of April and end DST on Su...

Страница 76: ...igabit Ethernet Managed Switch 62 To Day Enter the day of the monthDST will end on each year To Time in HH MM Enter the time of day that DST will end on each year Click Apply to implement changes made...

Страница 77: ...Interval sec The time in seconds between notifications The maximum number of entries listed in the history log used for notification Up to 500 entries can be specified History size Port Settings To c...

Страница 78: ...dress of the TFTP server and the path and filename for the switch settings on the TFTP server Click Start to record the IP address of the TFTP server and to initiate the file transfer Upload Log Enter...

Страница 79: ...h to download firmware The Interface field is used for addresses on the link local network It is recommended that the user enter the specific interface for a link local IPv6 address For Global IPv6 ad...

Страница 80: ...Switch s memory The Switch can store 2 firmware images for use Image ID 1 will be the default boot up firmware for the Switch unless otherwise configured by the user Version States the firmware versi...

Страница 81: ...memory and either can be configured to be the boot up firmware for the Switch The user may select a boot up firmware image for the Switch in the switch stack by using the Image pull down window to se...

Страница 82: ...g Test window This window allows the following parameters to be configured Parameter Description Target IP Address Enter the Target IP Address to be pinged Repeat Pinging for The user may use the Infi...

Страница 83: ...e specific interface for a link local IPv6 address For Global IPv6 addresses this field may be omitted Repeat Times Enter the number of times desired to attempt to ping the IPv6 address configured in...

Страница 84: ...many packets flooding the Switch it will stop accepting all ARP and IP broadcast packets and packets from untrusted IP addresses for double the time of the previous stop period This doubling of time f...

Страница 85: ...uard Engine mechanism is enabled Once the CPU utilization reaches this percentage level the Switch will move into Safeguard Engine state based on the parameters provided in this window Falling Thresho...

Страница 86: ...7 Static ARP Settings window To add a new entry click the Add button revealing the following screen to configure Figure 6 38 Static ARP Settings Add window To modify a current entry click the correspo...

Страница 87: ...the Switch To view this window click Administration IPv6 Neighbor IPv6 Neighbor Settings Figure 6 40 IPv6 Neighbor Settings window The following fields can be viewed Parameter Description Neighbor Dis...

Страница 88: ...nter the specific interface for a link local IPv6 address For Global IPv6 addresses this field may be omitted Neighbor IPv6 Address The IPv6 address of the neighbor entry Specify the address using the...

Страница 89: ...down If the primary route is lost the backup route will uplink and its status will become Active IPv4 Static Default Route Settings Entries into the Switch s forwarding table can be made using both MA...

Страница 90: ...Backup entries cannot have the same Gateway Click Apply to implement changes made IPv6 Static Default Route Settings A static entry of an IPv6 address can be entered into the Switch s routing table fo...

Страница 91: ...ter Description Interface The IP Interface where the static IPv6 route is to be created IPv6 Address Prefix Length Specify the address and mask information using the format as IPv6 address prefix leng...

Страница 92: ...between 0 and 65535 seconds and defines the maximum time limit for routing a DHCP BOOTP packet If a value of 0 is entered the Switch will not process the value in the seconds field of the BOOTP or DHC...

Страница 93: ...t Information Option 82 Policy This field can be toggled between Replace Drop and Keep by using the pull down menu It is used to set the Switches policy for handling packets when the DHCP Relay Agent...

Страница 94: ...t 1 2 3 4 5 6 7 1 6 0 4 VLAN Module Port 1 byte 1 byte 1 byte 1 byte 2 bytes 1 byte 1 byte a Sub option type b Length c Circuit ID type d Length e VLAN the incoming VLAN ID of DHCP client packet f Mod...

Страница 95: ...licks the Add button under the Apply heading The user may add up to four server IPs per IP interface on the Switch Entries may be deleted by clicking the corresponding button To enable and configure D...

Страница 96: ...d the necessary configuration file stored in its base directory when the request is received from the Switch For more information about loading a configuration file for use by a client see the DHCP se...

Страница 97: ...e allowed to view read only information or receive traps using SNMPv1 while assigning a higher level of security to another group granting read write privi leges using SNMPv3 Using SNMPv3 individual u...

Страница 98: ...of the SNMP users currently configured on the Switch To view this window click Administration SNMP Manager SNMP User Table Figure 6 51 SNMP User Table window To delete an existing SNMP User Table ent...

Страница 99: ...ted can request SNMP messages SNMP Version V1 Specifies that SNMP version 1 will be used V2 Specifies that SNMP version 2 will be used V3 Specifies that SNMP version 3 will be used Auth Protocol MD5 S...

Страница 100: ...ure 6 55 SNMP View Table Configuration window The SNMP Group created with this table maps SNMP users identified in the SNMP User Table to the views created in the previous window The following paramet...

Страница 101: ...Administration SNMP Manager SNMP Group Table Figure 6 56 SNMP Group Table window To delete an existing SNMP Group Table entry click the corresponding under the Delete heading To display the current se...

Страница 102: ...both centralized and distributed network management strategies It includes improvements in the Structure of Management Information SMI and adds some security features SNMPv3 Specifies that the SNMP ve...

Страница 103: ...ow Figure 6 59 SNMP Community Table Configuration window The following parameters can set Parameter Description Community Name Type an alphanumeric string of up to 32 characters that is used to identi...

Страница 104: ...ndow as shown below Figure 6 61 SNMP IPv4 Host Table Configuration window The following parameters can set Parameter Description Host IPv4 Address Type the IPv4 address of the remote management statio...

Страница 105: ...sed with an Auth NoPriv security level V3 Auth Priv To specify that the SNMP version 3 will be used with an Auth Priv security level Community String or SNMP V3 User Name Type in the community string...

Страница 106: ...is problem for users When enabled in the IP MAC Binding Port window the Switch will create two entries in the Access Profile Table as shown below The entries may only be created if there are at least...

Страница 107: ...inoperable due to the overlapping of settings combined with the ACL entry priority defined by profile ID For more information on ACL settings please see Configuring the Access Profile section mentione...

Страница 108: ...or a range of ports with the From and To fields Enable or disable the port with the State field The user must also enable ports in this window to set the ACL Mode for IP MAC Binding as previously sta...

Страница 109: ...create two ACL packet content mask entries which will aid the user in processing certain IP MAC binding entries created The ACL entries created when this command is enabled can only be automatically...

Страница 110: ...rts window as seen previously IP MAC Binding Blocked To view unauthorized devices that have been blocked by IP MAC binding restrictions open the IP MAC Binding Blocked window show below To view this t...

Страница 111: ...classification PSE provides power according to the following classification 97 Class Max power used by PD 0 0 44 to 12 95W 1 0 44 to 3 84W 2 3 84 to 6 49W 3 6 49 to 12 95W Class Max power supplied by...

Страница 112: ...imit has been exceeded the next port attempting to power up causes the port with the lowest priority to shut down to allow the high priority and critical priority ports to power up Management Mode Use...

Страница 113: ...eries support PoE yet when they are configured in a stack the Primary Master switch will display the PoE settings to be configured for the stack whether or not the Switch is a PoE supported device How...

Страница 114: ...Class as described above Once this threshold has been reached on the port the PoE will go into the Power Disconnect Method as described above The user may alternatively set a limit between 1000 and 16...

Страница 115: ...mander Switch numbered 0 There is no limit to the number of SIM groups in the same IP subnet broadcast domain however a single switch can only belong to one group If multiple VLANs are configured the...

Страница 116: ...the SIM group either through a reboot or web malfunction This feature is accomplished through the use of Discover packets and Maintenance packets that previously set SIM members will emit after a rebo...

Страница 117: ...Web Interface All xStack DGS 3400 Series Switches are set as Candidate CaS switches as their factory default configuration and Single IP Management will be disabled To enable SIM for the Switch using...

Страница 118: ...t to function properly on your computer The Java Runtime Environment on your server should initiate and lead you to the topology window as seen below Figure 6 75 Single IP Management window Tree View...

Страница 119: ...in the toolbar and then Topology which will produce the following screen The Topology View will refresh itself periodically 20 seconds by default Figure 6 76 Topology view This screen will display how...

Страница 120: ...3400 Series Layer 2 Gigabit Ethernet Managed Switch Layer 2 member switch Layer 3 member switch Member switch of other group Layer 2 candidate switch Layer 3 candidate switch Unknown device Non SIM d...

Страница 121: ...Setting the mouse cursor over a specific device in the topology window tool tip will display the same information about a specific device as the Tree view does See the window below for an example Fig...

Страница 122: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 6 78 Port Speed Utilizing the Tool Tip 108...

Страница 123: ...6 80 Property window Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user If no Device Name is configured by the name it wi...

Страница 124: ...on Expand to expand the SIM group in detail Property to pop up a window to display the group information Member Switch Icon Figure 6 82 Right Clicking a Member icon The following options may appear fo...

Страница 125: ...evice information Menu Bar The Single IP Management window contains a menu bar for device configurations as seen below Figure 6 85 Menu Bar of the Topology View The five menus on the menu bar are as f...

Страница 126: ...he Port heading To update the firmware enter the Server IP Address where the firmware resides and enter the Path Filename of the firmware Click Download to initiate the file transfer Figure 6 88 Firmw...

Страница 127: ...w is used to upload log files from SIM member switches to a specified PC To view this window click Single IP Management Upload Log File To upload a log file enter the IP address of the SIM member swit...

Страница 128: ...u to further tailor how priority tagged data packets are handled on your network Using queues to manage priority tagged data allows you to specify its relative priority to suit the needs of your netwo...

Страница 129: ...s them to span the entire network assuming all switches on the network are IEEE 802 1Q compliant VLANs allow a network to be segmented in order to reduce the size of broadcast domains All packets ente...

Страница 130: ...g is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried across Ethe...

Страница 131: ...of the port on which they were received Forwarding decisions are based upon this PVID in so far as VLANs are concerned Tagged packets are forwarded according to the VID contained within the tag Tagged...

Страница 132: ...idth within the Switch by dropping packets that are not on the same VLAN as the ingress port at the point of reception This eliminates the subsequent processing of packets that will just be dropped by...

Страница 133: ...is standard defined by the IEEE 802 1v standard maps packets to protocol defined VLANs by examining the type octet within the packet header to discover the type of protocol associated with it After as...

Страница 134: ...to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new window Figure 7 5 Static VLAN window Add To re...

Страница 135: ...ward packets to this VLAN if the tag in itch to forward packets to this VLAN if the tag The following parameters allow for the creation of proto 14 pre configured protocol based VLANs plus one user de...

Страница 136: ...by the NetBIOS Protocol XNS Using this parameter will instruct the Switch to forward packets to this VLAN if the tag in Switch to forward packets to this VLAN if the tag in ckets to this VLAN if the t...

Страница 137: ...See table below for description of parameters The following fields can be set Parameter Description Unit Select the switch in the switch stack to be modified From To included in the Port based VLAN c...

Страница 138: ...r VLAN configurations to place customer VLANs within a E 802 1Q VLANs which we will call SPVIDs Service AN TPID 802 1Q CEVLAN Tag Ether Type Payload Double or Q in Q VLANs a larger inclusive VLAN whic...

Страница 139: ...regulations apply with the implementation of the Double VLAN procedure 1 All ports must be configured for the SPVID and its corresponding TPID on the Service Provider s edge switch 2 All ports must b...

Страница 140: ...le Parameters shown in the previous window are explained below Parameter Description Double VLAN State Use the pull down menu to enable or disable the Double VLAN function on this Switch Enabling the...

Страница 141: ...ider VLANs on a remote source Access Ports These are the ports that are set as access ports on the Switch Access ports are for connecting Switch VLANs to customer VLANs Unknown Ports These are the por...

Страница 142: ...Protocol ID of the Service Provider VLAN in hex form Port Type Allows the user to choose the type of port being utilized by the Service Provider VLAN The user may choose Access Access ports are for co...

Страница 143: ...earch edit and delete existing entries To view this window click L2 Features VLAN MAC based VLAN Settings Figure 7 15 MAC based VLAN Settings window The following fields can be set To configure a Doub...

Страница 144: ...ies supports up to 32 port trunk groups with 2 to 8 ports in each group A potential bit rate of 8000 Mbps can be achieved Figure 7 16 Example of Port Trunk Group The Switch treats all ports in a trunk...

Страница 145: ...ll duplex The Master Port of the group is to be configured by the user and all configuration options including the VLAN configuration that can be applied to the Master Port are applied to the entire l...

Страница 146: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 7 18 Link Aggregation Settings Add 132...

Страница 147: ...kup aggregation group that is not under automatic control Master Port Choose the Master Port for the trunk group using the pull down menu Unit Select the switch in the switch stack to be modified Memb...

Страница 148: ...ol and select the Link Aggregation Algorithm located on that web page The description for this function may be found in the explanation for the Device Information window located earlier in this manual...

Страница 149: ...ch stack to be modified From To A consecutive group of ports may be configured starting with the selected port Mode Active Active LACP ports are capable of processing and sending LACP control frames T...

Страница 150: ...rt LACP Passive LACP ports that are designated as passive cannot initially send LACP control frames In order to allow the linked port group to negotiate adjustments and make changes dynamically one en...

Страница 151: ...nooping Settings link in the L2 Features folder When enabled for IGMP snooping the Switch can open or close a port to a specific multicast group member based on IGMP messages sent from the device to t...

Страница 152: ...receiving a leave group message from a host and the Switch issuing a group membership query If no response to the membership query is received before the Leave Timer expires the multicast forwarding e...

Страница 153: ...the VLAN where the multicast router is attached VLAN Name This is the name of the VLAN where the multicast router is attached Member Ports Ports on the Switch that will have a multicast router attache...

Страница 154: ...the receiver ports in a much more timely and reliable fashion Restrictions and Provisos The Multicast VLAN feature of this switch does have some restrictions and limitations such as 1 Multicast VLANs...

Страница 155: ...g button which will produce the following window for the user to configure Figure 7 28 IGMP Snooping Multicast VLAN Settings Modify window Parameter Description VLAN Name This is the VLAN Name that al...

Страница 156: ...ponding information and click Add to remove previously configured group entries enter the corresponding information and click Remove All To view the IGMP Snooping Muticast VLAN Entries Table click the...

Страница 157: ...ter the port for which to begin the Limited IP Multicast Range configuration Enter the lowest multicast IP address of the range To Enter the port for which to begin the Limited IP Multicast Range conf...

Страница 158: ...ng multicast data There are two types of MLD query messages emitted by the router The General Query is used to advertise all multicast addresses that are ready to send multicast data to all listening...

Страница 159: ...e tuning to allow for expected packet loss on a subnet The user may choose a value between 1 and 255 with a default setting of 2 If a subnet is expected to be lossy the user may wish to increase this...

Страница 160: ...nterval Querier Present Interval The amount of time that must pass before a multicast router decides that there are no other querier devices present Calculated as robustness variable query interval 0...

Страница 161: ...ne Click this option to not set these ports as router ports Static Click this option to designate a range of ports as being connected to a multicast enabled router This command will ensure that all pa...

Страница 162: ...CTP packet and once a CTP packet has returned to the port from where it originated the Loopback Detection function will disable this port until the anomaly has ceased and the loopback occurrence will...

Страница 163: ...00000 Enter a time in seconds that a port will have to wait before being recovered from a Loopback Detection shutdown The user may set a time between 60 and 1000000 seconds with a default setting of 6...

Страница 164: ...Bridge Global Settings window and 4 A 4096 element table defined here as a VID List in the MST Configuration Identification window which will associate each of the possible 4096 VLANs supported by th...

Страница 165: ...col introduces two new variables the edge port and the point to point P2P port Edge Port The edge port is a configurable designation used for a port that is directly connected to a segment where a loo...

Страница 166: ...dow click Layer 2 Features Spanning Tree STP Bridge Global Settings link Use the STP Status pull down selector to enable or disable STP globally and choose the STP method used with the STP Version men...

Страница 167: ...smissions of BPDU packets sent by the Root Bridge to tell all other switches that it is indeed the Root Bridge This field will only appear here when STP or RSTP is selected for the STP Version For MST...

Страница 168: ...count can be specified from 1 to 10 The default is 3 Forwarding BPDU This field can be Enabled or Disabled When Enabled it allows the forwarding of STP BPDU packets from other network devices The def...

Страница 169: ...tion Configuration Name A previously configured name set on the Switch to uniquely identify the MSTI Multiple Spanning Tree Instance If a configuration name is not set this field will show the MAC add...

Страница 170: ...ure the following parameters to configure the CIST on the Switch Parameter Description MSTI ID The MSTI ID of the CIST is 0 and cannot be altered Type This field allows the user to choose a desired me...

Страница 171: ...lement changes made MSTP Port Information This window displays the current MSTP Port Information and can be used to update the port configuration for an MSTI ID If a loop occurs the MSTP function will...

Страница 172: ...ng is 0 auto There are two options 0 auto Selecting this parameter for the internalCost will set quickest route automatically and optimally for an interface The default value is derived from the media...

Страница 173: ...stance Status Displays the current status of the corresponding MSTI ID Instance Priority Displays the priority of the corresponding MSTI ID The lowest priority will be the root bridge Click Apply to i...

Страница 174: ...red starting with the selected port External Cost This defines a metric that indicates the relative cost of forwarding packets to the specified port list Port cost can be set automatically or as a met...

Страница 175: ...this status for example if the port is forced to half duplex operation the p2p status changes to operate as if the p2p value were false The default setting for this parameter is true State This drop...

Страница 176: ...e switch in the switch stack to be modified Port Allows the selection of the port number on which the MAC address entered above resides Click Add to implement the changes made To delete an entry in th...

Страница 177: ...her forbidden from joining dynamically or that can join the multicast group dynamically using GMRP The options are None No restrictions on the port dynamically joining the multicast group When None is...

Страница 178: ...specified VLAN Forward All Groups This will instruct the Switch to forward a multicast packet to all multicast groups residing within the range of ports specified above Forward Unregistered Groups Thi...

Страница 179: ...E 802 1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority such as VoIP voice over Internet Pro...

Страница 180: ...s being sent out utilizing the Access Profile commands Then on the receiving end the administrator instructs the Switch to examine packets for this tag acquires the tagged packets and maps them to a c...

Страница 181: ...are sent in the following sequence A1 B1 C1 D1 E1 F1 G1 H1 A2 B2 C2 D2 E2 F2 G2 A3 B3 C3 D3 E3 F3 A4 B4 C4 D4 E4 A5 B5 C5 D5 A6 B6 C6 A7 B7 A8 A1 B1 C1 D1 E1 F1 G1 H1 For weighted round robin queuing...

Страница 182: ...ngs and Port Bandwidth Table window The following parameters can be set or are displayed Parameter Description Unit Select the switch in the switch stack to be modified From To A consecutive group of...

Страница 183: ...ntrol for the selected ports Results of configured Bandwidth Settings will be displayed in the Port Bandwidth Table QoS Scheduling Mechanism This drop down menu allows a selection between a Weight Fai...

Страница 184: ...develop if the QoS settings are not suitable Click QoS QoS Output Scheduling to view the screen shown below Figure 8 4 QoS Output Scheduling Configuration window The following values may be assigned...

Страница 185: ...ax Packet field this class of service will automatically begin forwarding packets until it is empty Once a priority class of service with a 0 in its Max Packet field is empty the remaining priority cl...

Страница 186: ...1p Default Priority to view the screen shown below Figure 8 6 802 1p Default Priority window The user may adjust the following parameters Parameter Description Unit Use the pull down menu to choose th...

Страница 187: ...of a class of service to each of the 802 1p priorities Click QoS 802 1p User Priority to view the screen shown below Figure 8 7 802 1p User Priority window Once a priority has been assigned to the por...

Страница 188: ...r Time and SNTP Commands To open the Time Range window click ACL Time Range which will display the following window for the user to configure Figure 9 1 Time Range Settings window The user may adjust...

Страница 189: ...nding days of the week that this time range is to be enabled Click the Select All Days check box to configure this time range for every day of the week Click Apply to implement changes made Currently...

Страница 190: ...he Access Profile Table click the Add Profile button This will open the Access Profile Configuration page as shown below There are three Access Profile Configuration pages one for Ethernet or MAC addr...

Страница 191: ...nation MAC Mask Enter a MAC address mask for the destination MAC address 802 1p Selecting this option instructs the Switch to examine the 802 1p priority value of each packet header and use this as th...

Страница 192: ...stination IP Mask Enter an IP address mask for the destination IP address DSCP Selecting this option instructs the Switch to examine the DiffServ Code part of each packet header and use this as the or...

Страница 193: ...inish Select UDP to use the UDP port number contained in an incoming packet as the forwarding criterion Selecting UDP requires that you specify a source port mask and or a destination port mask src po...

Страница 194: ...IPv6 header This class field is a part of the packet header that is similar to the Type of Service ToS or Precedence bits field in IPv4 Flow Label Checking this field will instruct the Switch to exami...

Страница 195: ...window Ethernet To set the Access Rule for Ethernet adjust the following parameters and click Apply Parameter Description Profile ID This is the identifier number for this profile set Mode Select Per...

Страница 196: ...ccess profile will apply only to packets with this hexadecimal 802 1Q Ethernet type value hex 0x0 0xffff in the packet header The Ethernet type value may be set in the form hex 0x0 0xffff which means...

Страница 197: ...ess Profile Table link opening the Access Profile Table Under the heading Access Rule clicking Modify will open the following window Figure 9 12 Access Rule Table window IP To create a new rule set fo...

Страница 198: ...Pv6 instructs the Switch to examine the IPv6 address in each frame s header Priority 0 7 This parameter is specified if you want to re write the 802 1p default priority previously set in the Switch wh...

Страница 199: ...tch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginni...

Страница 200: ...ded see below Select Deny to specify that packets that match the access profile are not forwarded by the Switch and will be filtered Access ID Type in a unique identifier number for this access rule T...

Страница 201: ...ss by and entering the IP address mask in hex form Port The Access Rule may be configured on a per port basis by entering the port number of the switch in the switch stack into this field When a range...

Страница 202: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 9 17 Access Rule Display IPv6 188...

Страница 203: ...ibed below CPU Interface Filtering State Settings In the following window the user may globally enable or disable the CPU Interface Filtering mechanism by using the pull down menu to change the runnin...

Страница 204: ...to specify a mask to hide the content of the packet header VLAN Selecting this option instructs the Switch to examine the VLAN identifier of each packet header and use this as the full or partial crit...

Страница 205: ...gure 9 22 CPU Interface Filtering Configuration window IP The following parameters may be configured for the IP CPU filter Parameter Description Profile ID 1 5 Type in a unique identifier number for t...

Страница 206: ...frame s header Select Type to further specify that the access profile will apply an IGMP type value Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion Se...

Страница 207: ...igabit Ethernet Managed Switch Figure 9 23 CPU Interface Filtering Entry Display for IP The page shown below is the Packet Content Mask configuration window Figure 9 24 CPU Interface Filtering Configu...

Страница 208: ...he packet header Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified value 0 15 Enter a value in hex form to mask the packet from the beginni...

Страница 209: ...Ethernet IP or Packet Content Each entry will open a new and unique window as shown in the examples below Figure 9 27 CPU Interface Filtering Table Ethernet To create a new rule set for an access pro...

Страница 210: ...header IP instructs the Switch to examine the IP address in each frame s header Packet Content Mask instructs the Switch to examine the packet header VLAN Name Allows the entry of a name for a previou...

Страница 211: ...9 CPU Interface Filtering Rule Display Ethernet The following window is the CPU Interface Filtering Rule Table for IP Figure 9 30 CPU Interface Filtering Rule Table IP To create a new rule set for an...

Страница 212: ...P instructs the Switch to examine the IP address in each frame s header Packet Content Mask instructs the Switch to examine the packet header VLAN Name Allows the entry of a name for a previously conf...

Страница 213: ...iltering Rule Display IP The following window is the CPU Interface Filtering Rule Table for Packet Content Figure 9 33 CPU Interface Filtering Rule Table Packet Content To remove a previously created...

Страница 214: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 9 34 CPU Interface Filtering Rule Configuration Packet Content 200...

Страница 215: ...nstructs the Switch to examine the packet header Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified value 0 15 Enter a value in hex form to...

Страница 216: ...ust Host Access Authentication Control MAC Based Access Control Traffic Segmentation SSL SSH JWAC Authorization Network State Settings This window is used to Enable or Disable the Authorization Networ...

Страница 217: ...using the Countdown field Figure 10 2 Traffic Control Settings window If this field times out and the packet storm continues the port will be placed in a Shutdown Forever mode which will produce a wa...

Страница 218: ...osing this option obligates the user to configure the Interval setting as well which will provide packet count samplings from the Switch s chip to determine if a Packet Storm is occurring Threshold Sp...

Страница 219: ...in the switch stack to be modified From To A consecutive group of ports may be configured starting with the selected port Admin State This pull down menu allows the user to enable or disable Port Sec...

Страница 220: ...sponding MAC address to be deleted Click the Next button to view the next page of entries listed in this table Figure 10 4 Port Lock Entries Table This window displays the following information Parame...

Страница 221: ...rization is granted The 802 1x Access Control method holds three roles each of which are vital to creating and upkeeping a stable and working Access Control security method Figure 10 6 The three roles...

Страница 222: ...ee steps must be implemented on the Switch to properly configure the Authenticator 1 The 802 1x State must be Enabled DGS 3400 Web Management Tool 2 The 802 1x settings must be implemented by port Sec...

Страница 223: ...used on the Switch which are 1 Port Based Access Control This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access...

Страница 224: ...figuration Once the connected device has successfully been authenticated the Port then becomes Authorized and all subsequent traffic on the Port is not subject to access control restriction until an e...

Страница 225: ...r to successfully make use of 802 1x in a shared media LAN segment it would be necessary to create logical Ports one for each attached device that required access to the LAN The Switch would regard th...

Страница 226: ...n the administrator must configure the guest accounts accessing the Switch to be placed in a Guest VLAN when trying to access the Switch Upon initial entry to the Switch the client wishing services on...

Страница 227: ...ick Security 802 1X Configure 802 1X Authenticator Parameter The user may toggle between switches in the switch stack by using the Unit pull down menu Figure 10 14 Configure 802 1X Authenticator Param...

Страница 228: ...ication exchange required This means the port transmits and receives normal traffic without 802 1X based authentication of the client If forceUnauthorized is selected the port will remain in the unaut...

Страница 229: ...work Select None disable 802 1X functions on the port Click Apply to implement your configuration changes To view configurations for the 802 1X Authenticator Settings on a port by port basis see the 8...

Страница 230: ...er and Current RADIUS Server Settings Table window This window displays the following information Parameter Description Succession Choose the desired RADIUS server to configure First Second or Third R...

Страница 231: ...to first enter the IP address of the station you are currently using To view this window click Security Trust Host Figure 10 18 Security IP menu for Trusted Host configuration To configure secure IP a...

Страница 232: ...e Switch The server will not accept the username and password and the user is denied access to the Switch The server doesn t respond to the verification query At this point the Switch receives the tim...

Страница 233: ...e Switch will accept authentication attempts Users failing to be authenticated after the set amount of attempts will be denied access to the Switch and will be locked out of further authentication att...

Страница 234: ...er Group This window will allow users to set up Authentication Server Groups on the Switch A server group is a technique used to group TACACS XTACACS TACACS RADIUS server hosts into user defined categ...

Страница 235: ...ee built in server groups can only have server hosts running the same TACACS daemon TACACS XTACACS TACACS protocols are separate entities and are not compatible with each other Authentication Server H...

Страница 236: ...define the virtual port number of the authentication protocol on a server host The default port number is 49 for TACACS XTACACS TACACS servers and 1813 for RADIUS servers but the user may set a uniqu...

Страница 237: ...od is used the privilege level will be dependant on the local account privilege configured on the Switch Successful login using any of these techniques will give the user a User privilege only If the...

Страница 238: ...e Switch Enable Method Lists The Enable Method Lists window is used to set up Method Lists to promote users with user level privileges to Administrator Admin level privileges using authentication meth...

Страница 239: ...button Both actions will result in the same screen to configure Figure 10 30 Enable Method List Edit window Figure 10 31 Enable Method List Add window To define an Enable Login Method List set the fol...

Страница 240: ...g this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server xtacacs Adding this parameter will require the user to be authenticated using the XTACA...

Страница 241: ...ew Local Enabled field will result in a fail message Click Apply to implement changes made Enable Admin The Enable Admin window is for users who have logged on to the Switch on the normal user level a...

Страница 242: ...ers for the MAC Based Access Control function on the Switch Here the user can set the state password authentication method aswell as create config or delete Guest VLANs To enable the MAC Based Access...

Страница 243: ...splays the name of the previously configured Guest VLAN being used for this function Clicking the hyperlinked name will send the web manager to Guest VLAN configuration screen for MAC Based Authentica...

Страница 244: ...d the target VLAN name into their appropriate fields and click Apply To change a MAC address or a VLAN in the list click the corresponding Modify button To delete a entry by MAC or vlan enter its para...

Страница 245: ...urrent Traffic Segmentation Table Click on the Setup button to open the Setup Forwarding ports menu as shown below Figure 10 37 Setup Forwarding Ports Configuring traffic segmentation on the xStack DG...

Страница 246: ...allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and...

Страница 247: ...e disabled To manage the Switch through the web based management while utilizing the SSL function the web browser must support SSL encryption and the header of the URL must begin with https Ex https x...

Страница 248: ...Enabled by default RSA EXPORT with RC4 40 MD5 This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption with 40 bit keys Use the pull down menu to enable or disable this c...

Страница 249: ...uding specifying a password This password is used to logon to the Switch once a secure communication path has been established using the SSH protocol 2 Configure the User Account to use a specified au...

Страница 250: ...onnect to the Switch to attempt another login The number of maximum attempts may be set between 2 and 20 The default setting is 2 Session Rekeying This field is used to set the time period that the Sw...

Страница 251: ...ion Standard AES192 encryption algorithm with Cipher Block Chaining The default is Enabled AES256 CBC Use the pull down to enable or disable the Advanced Encryption Standard AES 256 encryption algorit...

Страница 252: ...ser To configure the parameters for a SSH user click on the hyperlinked User Name in the Current Accounts window which will reveal the following window to configure NOTE To set the SSH User Authentica...

Страница 253: ...s to identify the remote SSH user Host IP Enter the corresponding IP address of the SSH user Password This parameter should be chosen if the administrator wishes to use an administrator defined passwo...

Страница 254: ...ame time To use the JWAC feature computer users need to pass through two stages of authentication The first stage is to do the authentication with the quarantine server and the second stage is the aut...

Страница 255: ...ine Server or the JWAC Login Page Redirect Delay Time 0 10 This parameter specifies the Delay Time before an unauthenticated host is redirected to the Quarantine Server or JWAC Login Page Enter a valu...

Страница 256: ...Server IP address Mask This parameter specifies the Server IP net mask Update Server Table Index This parameter displays the Index of the Server IP Address This parameter displays the Server IP Addres...

Страница 257: ...after it successes to authenticate Enter a value between 0 and 1440 minutes The default setting is 1440 minutes To maintain a constant Port Configuration check the Infinite box in the JWAC configurati...

Страница 258: ...thernet Managed Switch Figure 10 49 JWAC Port Table window To configure the settings by port click on the Modify button in the corresponding column which will bring you to the following window Figure...

Страница 259: ...JWAC user settings in the table at the bottom of the window click the Delete All button Parameter Description User Name Enter a username of up to 15 alphanumeric characters New Password Enter the pas...

Страница 260: ...o access the JWAC Host Table Settings for the Switch click Security JWAC JWAC Host Information which will open the following window Figure 10 54 JWAC Host Table Settings window To search for hosts han...

Страница 261: ...ation CPU Utilization Port Utilization Packets Errors Packet Size Browse Router Port Browse MLD Router Port VLAN Status VLAN Status Port Port Access Control MAC Address Table IGMP Snooping Group MLD S...

Страница 262: ...rmation To change a switch s default stacking configuration for example the order in the stack see Box Information in the Configuration folder The number of switches in the switch stack up to 12 total...

Страница 263: ...tch This may be different from the values shown in the illustrations H W Version Shows the hardware version in use for the Switch This may be different from the values shown in the illustration Topolo...

Страница 264: ...ization by port use the real time graphic of the Switch and or switch stack at the top of the web page by simply clicking on a port Click Apply to implement the configured settings The window will aut...

Страница 265: ...Switch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The user may also use the real time graphic of the Switch and or switch stack at t...

Страница 266: ...ect a port to view these statistics for first select the Switch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The user may also use the...

Страница 267: ...kets Counts the number of packets received on the port Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that we...

Страница 268: ...and then select the port by using the Port pull down menu The user may also use the real time graphic of the Switch and or switch stack at the top of the web page by simply clicking on a port Click Mo...

Страница 269: ...ue is 200 Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast...

Страница 270: ...he port by using the Port pull down menu The user may also use the real time graphic of the Switch and or switch stack at the top of the web page by simply clicking on a port Click Monitoring Packets...

Страница 271: ...ort Packets Counts the number of packets successfully sent on the port Unicast Counts the total number of good packets that were transmitted by a unicast address Multicast Counts the total number of g...

Страница 272: ...ch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The user may also use the real time graphic of the Switch and or switch stack at the t...

Страница 273: ...lision fragments a nor mal network occurrence OverSize Counts valid packets received that were longer than 1518 octets and less than the MAX_PKT_LEN Internally MAX_PKT_LEN is equal to 1536 Fragment Th...

Страница 274: ...rst select the Switch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The user may also use the real time graphic of the Switch and or sw...

Страница 275: ...undary LateColl Counts the number of times that a collision is detected later than 512 bit times into the transmission of a packet ExColl Excessive Collisions The number of packets for which transmiss...

Страница 276: ...s are offered To select a port to view these statistics for first select the Switch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The u...

Страница 277: ...in length inclusive excluding framing bits but including FCS octets 128 255 The total number of packets including bad packets received that were between 128 and 255 octets in length inclusive excludin...

Страница 278: ...gabit Ethernet Managed Switch 264 View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display...

Страница 279: ...port configured by a user using the console or Web based management interfaces is displayed as a static router port designated by S A router port that is dynamically configured by the Switch is design...

Страница 280: ...A router port configured by a user using the console or Web based management interfaces is displayed as a static router port designated by S A router port that is dynamically configured by the Switch...

Страница 281: ...Status This allows the VLAN status for each of the Switch s ports to be viewed by VLAN This window displays the ports on the Switch that are currently Egress E or Tag T ports To view the following tab...

Страница 282: ...VLAN status for each of the Switch s ports to be viewed To view the following table click Monitoring VLAN Status Port Figure 11 21 VLAN Status Port window Enter the port number and click Find the VLAN...

Страница 283: ...ach RADIUS Authentication server that the client shares a secret with AuthServerAddress The conceptual table listing the RADIUS authentication servers with which the client shares a secret ServerPortN...

Страница 284: ...statistics between 1s and 60s where s stands for seconds The default value is one second To clear the current statistics shown click the Clear button in the top left hand corner The following informat...

Страница 285: ...due to receipt of an Accounting Response a timeout or a retransmission ClientTimeouts The number of accounting timeouts to this server After a timeout the client may retry to the same server send to a...

Страница 286: ...it Port Select the unit of the switch in the switch stach and a port on that switch where to find the MAC address Find Allows the user to move to a sector of the database corresponding to a user defin...

Страница 287: ...e The user may search the IGMP Snooping Group Table by VLAN name by entering it in the top left hand corner and clicking Search The following field can be viewed Parameter Description VLAN Name The VL...

Страница 288: ...the Reports field To view the MLD Snooping Group Table click Monitoring MLD Snooping Group Figure 11 26 MLD Snooping Group Table The following field can be viewed Parameter Description VLAN Name The V...

Страница 289: ...itch History Log The information in the table is categorized as Parameter Description Type Choose the type of log to view There are two choices Regular Log Choose this option to view regular switch lo...

Страница 290: ...Table window will show current ARP entries on the Switch To search a specific ARP entry enter an interface name into the Interface Name or an IP address and click Find To clear the ARP Table click Cl...

Страница 291: ...Layer 2 Gigabit Ethernet Managed Switch Session Table This window displays the management sessions since the Switch was last rebooted To view this table click Monitoring Session Table Figure 11 29 Cur...

Страница 292: ...a read only screen where the user may view IP addresses discovered by the Switch To search a specific IP address enter it into the field labeled IP Address at the top of the screen and click Find to b...

Страница 293: ...Table window shows the current IP routing table of the Switch To find a specific IP route enter an IP address into the IP Address field along with a proper subnet mask into the Netmask field and clic...

Страница 294: ...ol Authentication Status To clear MAC Based Access Control Authentication entries enter the appropriate information and click Clear To view this table click Monitoring MAC Based Access Control Authent...

Страница 295: ...ned while resetting all other configuration parameters to their factory defaults NOTE Only the Reset System option will enter the factory default parameters into the Switch s non volatile RAM and then...

Страница 296: ...box will instruct the Switch to save the current configuration to non volatile RAM before restarting the Switch Clicking the No click box instructs the Switch not to save the current configuration be...

Страница 297: ...nges to NV RAM before rebooting the switch To retain any configuration changes permanently click Save Services Save Changes The save options allow one alternative configuration image to be stored Figu...

Страница 298: ...ime States the specific time the configuration file was downloaded to the Switch From States the origin of the firmware There are five ways configuration files may be uploaded to the Switch R If the I...

Страница 299: ...field has three options for configuration Delete Select this option to delete the configuration file ID specified in the Configuration ID field above Boot_up Select this option to set the configurati...

Страница 300: ...ation Control IEEE 802 3x Full duplex Flow Control IEEE 802 1u Fast Ethernet IEEE 802 3af Power over Ethernet Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Fiber Optic...

Страница 301: ...idity 5 95 non condensing Dimensions 441mm x 389mm x 44mm Weight DGS 3400 Series Switch DGS 3426 5 42 kg DGS 3426P 6 kg DGS 3427 5 51 kg DGS 3450 5 74 kg Module Inserts DEM 410CX 0 16 kg DEM 410X 0 18...

Страница 302: ...following diagrams and tables show the standard RJ 45 receptacle connector and their pin assignments Appendix 1 1 The standard RJ 45 port and connector RJ 45 Pin Assignments Contact MDI X Port MDI II...

Страница 303: ...Media Type Maximum Distance Mini GBIC 1000BASE LX Single mode fiber module 1000BASE SX Multi mode fiber module 1000BASE LHX Single mode fiber module 1000BASE ZX Single mode fiber module 10km 550m 2km...

Страница 304: ...d MAC information for logging Configuration and log saved to flash Unit unitID Configuration and log saved to flash by console Username username IP ipaddr MAC macaddr Informational by console and IP i...

Страница 305: ...console was unsuccessful Username username IP ipaddr MAC macaddr Warning by console and IP ipaddr MAC macaddr are XOR shown in log string which means if user login by console will no IP and MAC infor...

Страница 306: ...console Web Successful login through Web Successful login through Web Username username IP ipaddr MAC macaddr Informational Login failed through Web Login failed through Web Username username IP ipadd...

Страница 307: ...ailed through SSH Login failed through SSH Username username IP ipaddr MAC macaddr Warning Logout through SSH Logout through SSH Username username IP ipaddr MAC macaddr Informational SSH session timed...

Страница 308: ...ethod Username username MAC macaddr Warning Successful login through SSH authenticated by AAA local method Successful login through SSH from userIP authenticated by AAA local method Username username...

Страница 309: ...server serverIP Username username MAC macaddr Informational Login failed through Web authenticated by AAA server Login failed through Web from userIP authenticated by AAA server serverIP Username user...

Страница 310: ...due to AAA server timeout or improper configuration Username username MAC macaddr Warning Successful Enable Admin through Console authenticated by AAA local_enable method Successful Enable Admin thro...

Страница 311: ...local_enable method Enable Admin failed through SSH from userIP authenticated by AAA local_enable method Username username MAC macaddr Warning Successful Enable Admin through Console authenticated by...

Страница 312: ...gh Web authenticated by AAA server Enable Admin failed through Web from userIP authenticated by AAA server serverIP Username username MAC macaddr Warning Enable Admin failed through Web due to AAA ser...

Страница 313: ...ailed through SSH from userIP authenticated by AAA server serverIP Username username MAC macaddr Warning Enable Admin failed through SSH due to AAA server timeout or improper configuration Enable Admi...

Страница 314: ...Invalid TTL packet received Interface string VRID id receives an invalid VRRP TTL packet Warning string is interface name Invalid length packet received Interface string VRID id receives an invalid VR...

Страница 315: ...tID portNum Broadcast storm has cleared Informational Multicast storm occurrence Port unitID portNum Multicast storm is occurring Warning Multicast storm cleared Port unitID portNum Multicast storm ha...

Страница 316: ...ation devices on the network broadcast storm Multiple simultaneous broadcasts that typically absorb available network bandwidth and can cause network failure console port The port on the Switch accept...

Страница 317: ...ly designed to be used in managing TCP IP internets SNMP is presently implemented on a wide range of computers and networking equipment and may be used to manage many aspects of network and end statio...

Страница 318: ...by the original purchaser for the defective Hardware will be refunded by D Link upon return to D Link of the defective Hardware All Hardware or part thereof that is replaced by D Link or for which th...

Страница 319: ...y way that is not contemplated in the documentation for the product or if the model or serial number has been altered tampered with defaced or removed Initial installation installation and removal of...

Страница 320: ...en the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with this manual may cause har...

Страница 321: ...307 BSMI Warning MIC Warning CCC Warning A...

Страница 322: ...ertaining to the product and in that case the product is being sold As Is without any warranty whatsoever including without limitation the Limited Warranty as described herein notwithstanding anything...

Страница 323: ...pyright Statement No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation transformation...

Страница 324: ...egistration Register online your D Link product at http support dlink com register Product registration is entirely voluntary and failure to complete or return this form will not diminish your warrant...

Страница 325: ...fetime hardware warranty Warranty beneficiary The warranty beneficiary is the original end user The original end user is defined as the person that purchases the product as the first owner Duration of...

Страница 326: ...or by other circumstances of which D Link is not responsible Disclaimer of warranty Please note some countries do not allow the disclaimer of implied terms in contracts with consumers and the disclaim...

Страница 327: ...ustomers can contact D Link technical support through our website or by phone Tech Support for customers within the United States D Link Technical Support over the Telephone 877 354 6555 Monday to Fri...

Страница 328: ...BT 10ppm UK Pence per minute other carriers may vary Times Mon Fri 9 00am 6 00pm Sat 10 00am 2 00pm 1890 886 899 Ireland 0 05ppm peak 0 045ppm off peak Times Mon Fri 9 00am 6 00pm Sat 10 00am 2 00pm D...

Страница 329: ...Link D Link bietet kostenfreie technische Unterst tzung f r Kunden innerhalb Deutschlands sterreichs der Schweiz und Osteuropas Unsere Kunden k nnen technische Unterst tzung ber unsere Website per E...

Страница 330: ...z contacter le service technique de D Link par notre site internet ou par t l phone Assistance technique D Link par t l phone 0 820 0803 03 0 12 min Hours Monday Friday 9h to 13h and 14h to 19h Saturd...

Страница 331: ...itio web de D Link D Link ofrece asistencia t cnica gratuita para clientes residentes en Espa a durante el periodo de garant a del producto Asistencia T cnica de D Link por tel fono 34 902 30 45 45 0...

Страница 332: ...Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D Link Supporto Tecnico dal luned al venerd dalle ore 9 00 alle ore 19 00 con orario continuato Telefono 199400057 Web http www...

Страница 333: ...stomers within Benelux for the duration of the warranty period on this product Benelux customers can contact D Link technical support through our website or by phone Netherlands 0900 501 2007 0 15ppm...

Страница 334: ...tn pomoc techniczn klientom w Polsce w okresie gwarancyjnym produktu Klienci z Polski mog si kontaktowa z dzia em pomocy technicznej firmy D Link za po rednictwem Internetu lub telefonicznie Telefonic...

Страница 335: ...tuje sv m z kazn k m bezplatnou technickou podporu Z kazn ci mohou kontaktovat odd len technick podpory p es webov str nky mailem nebo telefonicky Telefon 225 281 553 Land Line 1 78 CZK min Mobile 5 4...

Страница 336: ...gat s Meghajt programokat s friss t seket a D Link Magyarorsz g weblapj r l t lthet le Tel 06 1 461 3001 Fax 06 1 461 3004 Land Line 14 99 HUG min Mobile 49 99 HUF min Web http www dlink hu E mail sup...

Страница 337: ...web sider D Link tilbyr sine kunder gratis teknisk support under produktets garantitid Kunder kan kontakte D Links teknisk support via v re hjemmesider eller p tlf D Link Teknisk telefon Support 800...

Страница 338: ...r gratis teknisk support til kunder i Danmark i hele produktets garantiperiode Danske kunder kan kontakte D Link s tekniske support via vores hjemmeside eller telefonisk D Link teknisk support over te...

Страница 339: ...a asiakkaille Suomessa D Link tarjoaa teknist tukea asiakkailleen Tuotteen takuun voimassaoloajan Tekninen tuki palvelee seuraavasti numerosta 0800 114 677 Arkisin klo 9 21 Internetin kautta Web http...

Страница 340: ...pdateringar och annan anv ndarinformation D Link tillhandah ller teknisk support till kunder i Sverige under hela garantitiden f r denna produkt D Link Teknisk Support via telefon 0770 33 00 35 Vardag...

Страница 341: ...de utilizador no site de D Link Portugal http www dlink pt A D Link fornece suporte t cnico gratuito para clientes no Portugal durante o per odo de vig ncia de garantia deste produto Assist ncia T cn...

Страница 342: ...software updates D Link D Link D Link Hellas Support Center 64 11251 210 86 11 114 09 00 17 00 210 8611114 Web http www dlink gr support...

Страница 343: ...hni ka podr ka Hvala vam na odabiru D Link proizvoda Za dodatne informacije podr ku i upute za kori tenje ure aja molimo vas da posjetite D Link internetsku stranicu na www dlink eu Web www dlink biz...

Страница 344: ...hni na podpora Zahvaljujemo se vam ker ste izbrali D Link proizvod Za vse nadaljnje informacije podporo ter navodila za uporabo prosimo obi ite D Link ovo spletno stran www dlink eu Web www dlink biz...

Страница 345: ...Suport tehnica V mul umim pentru alegerea produselor D Link Pentru mai multe informa ii suport i manuale ale produselor v rug m s vizita i site ul D Link www dlink eu Web www dlink ro...

Страница 346: ...www dlink co in support productsupport aspx Indonesia Malaysia Singapore and Thailand Tel 62 21 5731610 Indonesia Tel 1800 882 880 Malaysia Tel 65 66229355 Singapore Tel 66 2 719 8978 9 Thailand Mond...

Страница 347: ...support e mail support dlink co il Pakistan Tel 92 21 4548158 or 92 21 4548310 Sunday to Thursday 9 00am to 6 00pm http support dlink me com e mail support pk dlink me com South Africa and Sub Sahara...

Страница 348: ...D Link D Link D Link D Link 495 744 00 99 http www dlink ru e mail support dlink ru...

Страница 349: ...p Desk Colombia Tel fono 01800 9525465 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk Ecuador Tel fono 1800 035465 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk El Salva...

Страница 350: ...rasil com br A D Link fornece suporte t cnico gratuito para clientes no Brasil durante o per odo de vig ncia da garantia deste produto Suporte T cnico para clientes no Brasil Telefone S o Paulo 11 218...

Страница 351: ...D Link D Link D Link 0800 002 615 8 30 9 00 http www dlink com tw dssqa_service dlink com tw D Link http www dlink com tw...

Страница 352: ...kumentasi pengguna dapat diperoleh pada situs web D Link Dukungan Teknis untuk pelanggan Dukungan Teknis D Link melalui telepon Tel 62 21 5731610 Dukungan Teknis D Link melalui Internet Email support...

Страница 353: ...D Link 36 B 26F 02 05 100013 8008296688 028 66052968 028 85176948 36 B 26F 02 05 100013 010 58257789 010 58257790 http www dlink com cn 09 00 18 00...

Страница 354: ...International Offices...

Страница 355: ...ork at installation site 1 employee 2 9 10 49 50 99 100 499 500 999 1000 or more 3 What network protocol s does your organization use XNS IPX TCP IP DECnet Others______________________________________...

Страница 356: ......

Отзывы:

Нет отзывов

Похожие инструкции для xStack DGS-3426

Бренд: Dataprobe Страницы: 21

SmartSwitch 2500

Бренд: Cabletron Systems Страницы: 402

Бренд: Kohler Страницы: 170

ExtremeSwitching SLX 9540

Бренд: Extreme Networks Страницы: 108

Бренд: TP-Link Страницы: 28

MISCOM7220G-4GF-16GT

Бренд: Maiwe Страницы: 6

Бренд: CAMBRIONIX Страницы: 37

kontron KSwitch D1 UGPD

Бренд: S&T Страницы: 40

N.JGS516PE-100EUS

Бренд: Duxbury Networking Страницы: 4

Бренд: Gefen Страницы: 12

Бренд: Hailink Страницы: 6

ONW-D-1001-347-W

Бренд: Greengate Страницы: 2

Бренд: SMART-AVI Страницы: 8

AMX DVX-2265-4K

Бренд: Harman Страницы: 2

Бренд: UGREEN Страницы: 27

Бренд: H3C Страницы: 17

Бренд: ABB Страницы: 9

Бренд: Comelit Страницы: 7

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды