Instruction/ maintenance manual of the product DES-3200-10 D-Link
Go to page of 240
® User Manual Product Model: DES-3200-10/18/28/28F Layer 2 Managed Ethernet Switch Release 1.1.
. ___________________ __________________ __________________ ___________________ _______ Information in this document is subject to change without notice. © 2009 D-Link Corporation. All rights reserved. Reproduction in any manner whatsoever without th e written pe rmission of D-Link Corporati on is strictly forbidd en.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual ii Table of Contents Intended Readers .............................................................................................................................. .......
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual iii SMTP Settings .............................................................................................................................. ...........................
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual iv VLAN Trunk Settings .............................................................................................................................. .................... 71 GVRP Settings .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual v Priority Mapping .............................................................................................................................. ..........................
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual vi MAC-based Access Control Local Settin gs ........................................................................................................................... 14 8 DoS Prevention Settings .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual vii Browse Session Table .............................................................................................................................. ................ 211 MAC Address Table .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Intended Readers The DES-3200-10/18/28/28F User M anual contains information for setup and management of the Switch. This manual is intended for network ma nagers familiar with netwo rk management conce pts and terminology.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Section 1 Web-based Switch Configuration Introduction Login to Web Manager Web-based User Interface Web Pages Introduction All software functions of the Switch can be managed, c onfigured and monitored via the embedded web-ba sed (HTML) interface.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Web-based User Interface The user interface provides access to various Switch co nfigurati on and management wind ows, allows you to view performance statistics, and permits you t o graphically monitor the system status.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual NOTICE : Any changes m ade to the Switch configuration during the current session must be saved in the Save Configuration window ( Save > Save Configuration ) or use the command line interface (CLI) command sav e config .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Section 2 Configuration Device Information System Information Serial Port Settings IP Address Settings IPv6 Interface Set.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Device Information This window contains the main settings for all major functi ons on the Switch an d appears automatically when you log on. To return to the Device Information window, click the DES-3200-10/18/28/28F folder.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Serial Port Settings The following window allo ws the Baud Rate and the Auto Logout to be cha nged as well as containing information about the Serial Port Settings. Click Configuration > Serial Port Setti ngs to display this window: Figure 2 - 3.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 4. If no VLANs have been previously configured on the Switch, you can use the default Management VLAN Name.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual IPv6 Address Settings Users can display the Switch’s cu rrent IPv6 interface settings. To view the following window, click Configuration > IPv6 Interface Settings : Figure 2 - 5.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description Interface Name The name of the IPv6 interface being displaye d or modified. VLAN Name Display the VLAN name of the IPv6 interface. Admin. State Display the current administrator state.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description Interface Name Enter the name of the IPv6 neighbor. To search fo r all the current interface s on the Switch, go to the second Interface Name field in the middle pa rt of the window, tick t he All check box, and then click the Find button.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description From Port/To Port Use the pull-down menus to select the port or range of ports to be configured. State Toggle this field to either enable or disable a given port or g roup of ports.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Port Description Settings The Switch supports a port description feature where the user may name various ports on the Switch. To view the following window, click Configuration > Port Configuration > Port Descrip tion Settings : Figure 2 - 9.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 2 - 10. Port Error Disabled windo w The following parameters are di splayed: Parameter Description Port Displays the port that has been error di sabled. Port State Describes the current runni ng state of the port, whether Enabled or Disabled.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual User Accounts Use this window to control user privileges, creat e new users, and view existing User Account s. To view this window, click Configuration > User Accounts : Figure 2 - 12.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual User Account Management Add/Update/Delete User Accounts Yes No View User Accounts Yes No Table 2 - 1.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description Server ID Syslog server settings index (1-4). Severity This drop-down menu allows you to select the level of messages that will be sent. The options are Warning , Inform ational , and All .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual DHCP Relay The relay hops count limit allows the maximum number of hops (routers) that the DHCP messages can be relayed through to be set. If a packet’s hop count is equal to or m ore than the hop count limit, the packet i s dropped.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual check and policy setting s will have no effect. DHCP Relay Agent Information Option 82 Check This field can be toggled betwe en Enabled and Disabled using the pull-do wn menu.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Circuit ID sub-option format: a. b. c. d. e. f . g. 1 6 0 4 VLAN Module Port 1 byte 1 byte 1 byt e 1 byte 2 bytes 1 byte 1 byte a. Sub-option type b. Length c. Circuit ID type d.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual DHCP Relay Interface Settings This window allows the user to set up a server, by IP address, for relaying DHCP/ BOOTP information to the Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual State This is used to enable or di sable the DHCP local relay for the specified VLAN. DHCP Auto Configuration Settings The DHCP automatic configuration function on the Switch will load a previously sa ved configuration file for current use.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Telnet Settings Telnet configuration is Enabled by default. If you do not want to allow conf i guration of the system through Telnet choose Disabled. The TCP ports are numbered be tween 1 and 65535 .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Firmware Information Information about current firmware images stored on the Switch can be viewed. To access this window, click Configuration > Firmware Information : Figure 2 - 25.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual SNTP Settings The SNTP Settings folder offers two windows: Time Settings and Time Zone Settings . Time Settings To configure the time settings for the Switch, click Configura tion > SNTP Settings > Time Settings : Figure 2 - 26.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Time Zone Settings The following window is u sed to configure time z ones and Daylight Savings Time settings for SNTP. To configure the time zone settings for t he Switch, clic k Configuration > SNTP Setting s > Time Zone Settings : Figure 2 - 27.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual From: Day of the Week Enter the day of the week t hat DST will start on. From: Month Enter the month DST will start on. From: Time in HH:MM Enter the time of day that DST will start on.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual SMTP Settings SMTP or Simple Mail Transfer Protocol is a function of t he Switch that will send switch events to mail recipients based on e-mail addresses entere d in the window below.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual SMTP Service This window is used to test the SMTP Servic e Settings configured i n the previous window. To view the following window, click Configuration > SMTP Service : Figure 2 - 29.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 2 - 31. MAC Notification Por t Setting s windo w The following parameters may be modif ied: Parameter Description From Port/To Port Select a port or group of ports to enable fo r MAC notification using the pull-do wn menus.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual SNMPv3 uses a more sophisti cated authentication process th at is sepa rated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description View Name Type an alphanumeric string of up to 32 cha racters . This is used to identify the new SNMP view being created. Subtree OID Type the Object Identifier (OID) Subtree for the view.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual centralized and distributed network managem ent strategies. It includes improvements in the Structure of Management Information (S MI) and adds some security features. SNMPv3 - Specifies that the SNMP version 3 will be used.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Priv-Protocol by based on the CBC-DES (DES-56) Password None - Indicates that no authorizat ion p rotocol is in use. DES - Indicates that DES 56-bit encryption is in use standard.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual SNMP Host Table indow to set up SNMP trap recipients. To configure SNM P Host Table entries, click Configuration > SNMP Settings > SNM P Host Ta ble Use the SNMP Host Table w Figure 2 - 36.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual SNMP Trap Configuration The following window is us ed to enable and disable trap settings for the SNMP function on th e Switch. To view this window for configuratio n, click Configuration > SNMP Settings > SNMP Trap Configuration : Figure 2 - 38.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Time Range Settings This window is used in con junction with the Access Prof ile feature to determine a starting p oint and an ending point, based on days of the week, when an Access Profile configuration will be enabl ed on the Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual It is connected to the CS through the CS management VLAN. 3. Candidate Switch (CaS ) - This is a switch that is ready to join a SIM group but is not yet a member of the SIM group.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Single IP Settings All switches are set as Candidate (CaS) switches as their factory default configurat ion and Single IP Management will be disabled.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual After enabling the Switch to be a Commander Swit ch (CS), the Single IP Management folder will then contain four added li.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Model Name Displays the full model name of the corresponding Switch. To view the Topology Map, click the View menu in the toolbar and then Topolo gy , which will produce the following window.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Non-SIM devic es Tool Tips In the Topology view window, the m ouse plays an important role in configuration and in viewing device i nformation.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Right-Click Right-clicking on a device will allow the user to perform vari ous functions, depe nding on the role of the Switch in the SIM group and the icon associated with it.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Commander Switch Icon Figure 2 - 49. Right-Clicking a Commander Icon The following options may appear for th e user to configure: y Collapse - To collapse the group that w ill be represented by a single icon.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual y Add to group - Add a candidate to a group. Cli cking this opt ion will reveal the following dialog for the user to enter a password for authentic ation from the Candidate Switch before being added to the SIM group.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Help y About - Will displ ay the SIM information, including the current SIM version. Figure 2 - 55. About windo w Firmware Upgrade This window is used to upgrade firmwa re from the Comman der Switch to the Member Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Upload Log File The following window is used to upload log files from SIM me mber switches to a specified PC. To upload a log file, enter the Server IP address of the SIM member switch and then enter a PathFilename on yo ur PC where you wish to save this file.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Gratuitous ARP Settings This window allows you to have more deta iled settings for the Gratui tous ARP. To view this window, click Configuration > Gra tuitous ARP > Gratuitous ARP Settings : Figure 2 - 60.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual ARP Spoofing Prevention Settings ARP spoofing, also known as A RP poisoning, is a method to attack an Ethe rnet network w.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Section 3 L2 Features Jumbo Frame 802.1Q Static VLAN Q-in-Q 802.1v Protocol VLAN VLAN Trunk Settings GVRP Settings Asymme.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual VLANs Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managi ng traffic on a network where many different types of data may be trans mitted simultaneously.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual IEEE 802.1Q VLANs Some relevant terms: y Tagging - The act of putting 802.1Q VLAN information into the header of a pa cket. y Untagging - The act of stripping 802.1Q VLAN information out of the packet header.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 3 - 3. IEEE 802.1Q Tag The EtherType and VLAN ID a re inserted after the MAC sour ce address, but b efore the original EtherType/Length or Logical Link Control.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Every physical port on a switch ha s a PVID. 802.1Q ports are also a ssigned a PVID, for use within the Switch. If no VLANs are defined on the Switch, all ports are then assigned to a default VLAN with a PVID equal to 1.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual NOTE: If no VLANs are configured on the Switch, t hen all packets will be forwarded to any destination port. Packets with unknown source addresses w ill be flooded to all ports.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual over 4000 VLANs ca n be placed, ther efore greatly expanding the VLAN network and enabling g reater support of customers utilizing multiple VLANs on the network. Q-in-Q VLANs are basicall y VLAN tags placed within ex isting IEEE 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 2. All ports must be configured as Acce ss Ports or Uplink ports. Access port s can only be Ethernet ports while Uplink ports must be Gi gabit ports. 3. Provider Edge switches must a llow frames of at least 1522 bytes or more, due to the addition of the SPVID tag.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 3 - 7. 802.1Q Static VLAN windo w – Add/Edit VLAN tab (Add) To return to the initial 802.1Q Static VLAN window, click the VLAN List tab at the top of the window. To change an existing 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual VLAN Name should be no more than 32 characte rs in length. Advertisement Enabling this function will allow the Switch to send out GVRP packets to outside sources, notifying that they may join the existing VLAN.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 3 - 10. 802.1Q Static VLAN window – VLAN Batch Settings tab The following fields can be set in the VLAN Batch Settings tab: Parameter Description VID List (e.g.: 2-5) Enter a VLAN ID List that can be added, deleted or co nfigured.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Q-in-Q Settings To view this window, click L2 Features > Q-in -Q > Q-in-Q Settings : Figure 3 - 11.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual VLAN Translation Settings VLAN translation tran slates the VLAN ID carried in t he dat a packets it receive s from pr ivate networks into those used in the Service Providers network .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description Group ID (1-16) Select an ID number for the group, between 1 an d 16. Group Name This is used to identify the new Protocol VLAN group. Type an alphanumeric stri ng of up to 32 characte rs.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Port List (e.g.: 1-6) Select the specified ports you wish to configure by e ntering the port number in this field, or ti ck the Select All Ports box.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual GVRP Settings This window allows the user to d etermine whether the Swit ch will share it s VLAN configuration information with other GARP VLAN Registration Protocol (GVRP) enabled swit ches .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual the port to compare the VID tag of an incoming packet with the PVID number assigned to the port. If the two are different, the port filters (drops) the packet. Disabled disables ing ress fil- tering.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual PVID Auto Assign Settings This enables or disables PVID Auto Assign on the Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual NOTE: If any ports withi n the trunk group beco me disconnected, pa ckets intended for the disconnected port will be l oad shared among the other unlinked ports of the lin k aggregation group.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual (Member) Ports Choose the members of a trunked group. Up to eight ports per group can be assigned to a group.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Traffic Segmentation Traffic segmentation is used to limit traffic flow from a single port to a group of ports on the Switch. This method of segmenting the flow of traffic is simil ar to using VLANs to lim it tra ffic, but is more restri ctive.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual BPDU Tunneling Settings To view this window, click L2 Features > BPDU Tun neling Settings : Figure 3 - 24.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 3 - 26. IGMP Snooping Settings (Edit) w indo w The following fields can be set. Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for which the user wishes to modify the IGMP Snooping Settings.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 3 - 27. IGMP Snooping Router Ports Settings window Select the desired member ports and cli ck Apply . Click <<Back to go back to the IGMP Snooping Settings wind ow.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual IGMP Snooping Multicast VLAN Settings This window is used to con figure the IGMP Snoopi ng Multicast VLAN settings on the Switch. To view this window, click L2 Features > IGMP Snooping > IGM P Snooping Multicast VLAN Settings : Figure 3 - 29.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 3 - 30. IGMP Snooping Multicast VLAN Group List Settings window Enter a Multicast Address and click Add . The new information will be displayed in the table at the bottom of the window.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 3 - 33. Multicast Address Group List Settings window Enter the Multicast Address List sta rting with the lowest in the range, and click Add . To return to the IP Multicast Profile Settings window, click th e <<Back button.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Limited Multicast Range Settings This window enabl es the user to configure t he ports on the Swit ch that will be involved in the Limited IP Multica st Range.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 3 - 35. Max Multicast Group Settings window The following fields can be set: Parameter Description From Port/To Port Use the drop-down menus to choose a range of po rts.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 2. Multicast Listener Report, Version 1 – Compara ble to the Host Membership Report in IGMPv2, and labeled as 131 in th.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual The following parameters may be viewed or modifie d: Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for which the user wishes to modify the MLD Snooping Settings.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Port Mirror The Switch allows you to copy frames transmitted and rece ived on a port and redirect the cop ies to another port.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Loopback Detection Settings The Loopback Detection function is u sed to detect the l oop created by a specific p ort .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Spanning Tree This Switch supports three version s of the Spanning Tree Protocol: STP, Rapid STP, and MSTP.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Port Transition States An essential difference between the three protocols is in the way ports transition to a forwar ding state and in the way this transition relates to the rol e of the port (forwarding or not fo rwarding) in the topology.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual STP Bridge Global Settings To open the following wind ow, click L2 features > Spanning Tree > STP Bridge Global Settings : Figure 3 - 41.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual NOTE: The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will o ccur. Observe the following formulas when setting the above parameters: Max.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual The following fields can be set: Parameter Description From Port/To Port A consecutive group of ports may be confi gured sta rting with the selected port.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual MST Configuration Identification The following windows in t he MST Configuration Identification se ction allow the user to configure a MSTI instance o n the Switch. These settings will uniquely identify a multiple spanning tre e instance set on the Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual STP Instance Settings The following window displ ays MSTIs currently set on the Switch. To view the following table, click L2 Features > Spanning Tree > STP Instance Settings : Figure 3 - 44.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual MSTP Port Information This window displays the current MSTP Port Information and can be used to upd ate the port configuration for an MSTI ID. If a loop occurs, the MSTP function will use the port priority to select an interface to put into the forwarding state.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual To add or edit an entry, define the following parameter s and then click Add/Modify : Parameter Description VLAN ID (1-4094) The VLAN ID number of the VLAN on which the above Unicast MAC addre ss resides.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Multicast Filtering Mode Users can configure the mu lticast filtering mode. To view this window, click L2 Features > For warding & Filtering > Multicast Filtering Mod e : Figure 3 - 49.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual LLDP Global Settings To view this window, click L2 Features > LLDP > LLDP Global Settings : Figure 3 - 50. LLDP Global Settings windo w The following parameters can be set: Parameter Description LLDP State Used to enable or disable LLDP on the Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual LLDP Port Settings To view this window, click L2 Features > LLDP > LLDP Port Settings : Figure 3 - 51.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual LLDP Basic TLVs Settings This window is used to enable the settin gs for the Basic TLVs Settings. To view this window, click L2 Features > LLDP > LLDP Basic TLVs Settings : Figure 3 - 52.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual LLDP Dot1 TLVs Settings LLDP Dot1 TLVs are organizationally specific TLVs whi ch are defined in IEEE 802.1 and used to configure an individual port or group of ports to exclude one or more of the IEEE 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual LLDP Dot3 TLVs Settings This window is used to configure an individual port or group of ports to exclude one or more IEEE 802.3 organizational specific TLV data type from outbound LLDP adve rtisements.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Section 4 QoS Bandwidth Control Traffic Control 802.1p Default Priority 802.1p User Priority QoS Scheduling Settings Priority Mapping TOS Mapping DSCP Map Settings The Switch supports 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual The previous picture shows the default priori ty setting for the Swit ch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Bandwidth Control The bandwidth cont rol settings are used to place a ceiling on the transmitting and receiving dat a rates for any select ed port. To view this window, click QoS > Ba ndwidth Contr ol : Figure 4 - 2.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual The Switch will also scan and mo nitor packets coming into t he Switch by mon itoring the Switch’s chip counter. This method is only viable for Broadca st and Multicast storms becau se the chip only has counters for these t wo types of packets.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Acti on Select the method of traffic Control from the pull-down menu. The choices are: Drop – Utilizes the hardware Tra.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual NOTE: Ports that are in S hutdown rest mode will be seen as link down in all windows and screens u ntil the user recovers these ports. 802.1p Default Priority The Switch allows the assignment of a defaul t 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 4 - 5. 802.1p User Priority windo w Once a priority has been assign ed to the port groups on the Switch, assign this Cla ss to each of the eight levels of 802.1p priorities.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Priority Mapping This window is used to set up Priority M apping. To view this window, click QoS > Priority Mapping : Figure 4 - 7.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual TOS Mapping This window is used to set up Type of Service (TOS) Mapping.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual DSCP Mapping This window is used to set up DSCP Ma pping. To view this window, click QoS > DSCP Mapping : Figure 4 - 9.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Section 5 Security Safeguard Engine Trusted Host IP-MAC-Port Binding Port Security DHCP Server Screening Settings 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual In Exhausted mode, two modes can be implemented to limit the bandwidth assigned to ARP packets, “Strict” and “Fuzzy”. In Strict mode, the Switch will drop all ARP packets.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Trusted Host Use the Security IP Management to permit remote stations to manage the Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual DHCP Snoop State Use the pull-down menu to enable or disable the DHCP Snooping State for IP-MAC-port binding. ARP Inspection When this is Enabled , the Switch will filter ARP pa ckets which have unauthorized sender MACs, IP addresses, and ingre ss ports.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual hardware until the S/W learns the entries for t he ports. The po rt will check ARP packets and IP packets by IP-MAC-port binding entries. When the pa cket is found by the entry, the MAC address will be set to dynamic.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual DHCP Snooping Entries This window is used to view dynami c entries on specific ports. To view particular port settings, enter the port numb er and click Find . To view all entries click Vie w All , and to delete an entry, click Clear .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 5 - 9. Port Security Port Settings window The following parameters can be set: Parameter Description From Port/To Port A consecutive group of ports may be co nfi gured starting with the selected port.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Port Security FDB Entries This window is used to clear the Port Lock Entries by i ndividual ports. To clear entries enter the range of ports and click Clear . To view the following window click, Security > Port Security > Port Security FDB Entries : Figure 5 - 10.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Authentication Server The Authentication Server is a remote device that is connec ted to the same net work as the Client and Authenticator, must be running a RA DIUS Server program and must be conf igured p roperly on the Authenticator (Swit ch).
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual NOTE: When configuring the Authentication Protocol as local, the Switch has two roles: Authenticator and Authentication Server. Client The Client is simply the endstation that wishes to gain ac cess to the LAN or switch services.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 1. Port-Based Access Control – This method requires o n ly one user to be authenticated per port by a remote RADIUS server to allow the remai ning users on the same port access to the network.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual MAC-Based Network Access Control 802.1X Client Network access controlled port Network access uncontrolled port RAD IUS Ser ve r Ethernet Sw itch 802.1X Client 802.1X Client 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 802.1X Settings To configure the 802.1X Settings, click Security > 802.1X > 802.1X Setting s : Figure 5 - 19. 802.1X Settings window This window allows you to set the followi ng features: Parameter Description 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual (1-65535) the period of an EAP Request/Identity packet transm itted to the client. The default setting i s 30 seconds. ReAuthPeriod (1-65535) A constant that defines a nonzero number of seconds between p eriodic re authenticatio n of the client.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Authentication RADIUS Server The RADIUS feature of the Switch al lows you to facilit ate centralized user administr ation as well as providing protection against a sniffing, active hacker.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Guest VLAN Configuration On 802.1X security enabled networks, there is a need fo r non 802.1X supported devices to gain limited access to the network, due to lack of the proper 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Guest VLAN To view the following window, click, Security > 802.1X > Guest VLAN : Figure 5 - 23. Guest VLAN window The following fields may be modified to enable the 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual To initialize ports, choose the rang e of ports in the From Port and To Port fields. Next, the user must speci fy the MAC address to be initialized by enter ing it into the MAC Address field and ticking t he corresponding ch eck box.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 5 - 27. Reauthenticate Port(s) wind o w for MAC-based 802.1X To reauthenticate ports, first use the From Port and To Po rt drop-down menus to choose the range of ports.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual supports SSLv3 and TLSv1. Other ve rsions of SSL may not be compatible with this S witch and may cause p roblems upon authentication and transfer of message s from client to host.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual RSA with RC4_128_MD5 This ciphersu ite combines the RSA key excha nge, stream cipher RC4 encryption with 128 - bit keys and the MD5 Hash Algorithm. Use t he pull-down menu to enable or disable this ciphersuite.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual SSH Settings The following window is u sed to configure and view settings for the SSH se rver. To view this window, click Security > SSH > SSH Settings : Figure 5 - 29.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 5 - 30. SSH Authmode and Algorithm Setti ngs window The following algorithms m ay be set: Parameter Description SS.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Public Key Algorithm HMAC-RSA Tick the check box to enable the HMAC (Hash for Message Authentication Code) mechanism utilizing the RS A encryption algorithm. The default is enabled.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual conjunction with the Host Based ch oice in the Auth. Mode field. Click Apply to implement changes made. NOTE: To set the SSH User Authentication pa rameters on the Switch, a User Accou nt must be previously configured.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual the device successfully through the RADI US server or through the local met hod, 3 kin ds of privilege levels can be assigned to the user and the user can not use the “enable admin” comman d to promote to the admin privilege level.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 5 - 34. Application's Authentic ation Setting s window The following parameters can be set: Parameter Description Application Lists the configuration applications on the Swit ch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual To modify a particular group, click on its corresponding Edit button or click the Edit Server Group tab at the top of this window, the following tab will be displayed: Figure 5 - 36.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description IP Address The IP address of the remote server host the user wishes to add. Port (1-65535) Enter a number between 1 and 65535 to define the virtual port number of the authentication protocol on a server host.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 5 - 38. Login Method Lists w indo w The Switch contains one Method List that is set and c annot be remove d, yet can be modified. To delete a Login Method List defined by the us er, click the corressponding Delete button.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 5 - 39. Enable Method Lists windo w To delete an Enable Method List defi ned by the user, click the the Delete button. To modify an Enable Method Li st, click on its corresp onding Edit button.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description Old Local Enable Password (Max: 15 characters) If a password was previously configure d for this en.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 5 - 41. MAC-based Access Co ntrol Settings windo w The following parameters may be viewed or set: Parameter Description Settings MBA Global State Use the radio button to globally enable or disable the MAC-ba sed Access Control function on the Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Config Guest VLAN VLAN Name Enter a Guest VLAN name. Clicking the hyperlinked name will send the Web manager to the Guest VLAN configuration windo w. VLAN ID (1-4094) Enter a VLAN ID number between 1 and 4094 .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual DoS Prevention Settings The Switch supports Denial of Service (DoS ) prevention to mitigate DoD atta cks fro m hackers or other malicious sources. To view this window, click Security > DoS Prevention Settings : Figure 5 - 43.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Section 6 ACL ACL Configuration Wizard Access Profile List CPU Access Profile List ACL Finder ACL Flow Meter Access profi.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Serv ice Ty pe Use the drop-down menu to select from VLAN Name , Ethernet Type , 802.1P , or Any . Acti on Select Permit to specify that the packets that mat ch the access profile are forwarded by the Switch, according to any additional rule adde d (see below).
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 3. Add ACL Profile windo w for Ethernet example There are four sets of Access Profile configuration wi ndows; .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Selecting this option instructs the Switch to examine the VLAN identifier of each packe t header and use this as the full or partial criterion for forwarding. 802.1p Selecting this option instructs the Switch to examine the 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 7. Add Access Rule w indo w for Ethernet example To set the Access Rule for Ethernet, adjust the followi ng parameters and click Apply . Parameter Description Access ID (1-65535) Type in a unique identifier number for this access.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual in the config mirror port command. Port Mirrori ng must be enabled and a target port must be set.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 10. Add ACL Profile window for IPv4 example Click on the boxes near the top of the wi ndow, which will then turn red and rev eal parameters for configuration. To create a new entry, enter the appropriate information and click Create .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual within the packets, by checking the boxes co rr esponding to the flag bits of the TCP field. Source Port Mask (0-FFFF) − Tick an d specify a TCP port mask for the source port to filter, in hex form (hex 0x0-0xffff).
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 12. Access Profile Detail Information w indo w for IPv4 example To return to the Access P rofile List window, click Sho w All Profiles .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual ICMP Code - Specifies that the Switch wi ll examine each fram e’s ICMP Code field. IGMP Type ____ e.g. (0-255) - Specifies that the Switch will examine each frame’s IGMP Type field.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual To view the configurations for a previously configured rule, click on the corresponding Sho w Details button, which will display the following Access Rule Detail Information window: Figure 6 - 15.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual IPv6 Flow Label Ticking this check box will inst ruct the Switch to examine the flow label field of the IPv6 header. The flow label field is use d by a source to label sequence s of packets such as non- default quality of service or real time service packets.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 19. Add Access Rule window for IPv6 example The following parameters may be confi gured for IPv6: Parameter Description Access ID (1-65535) Type in a unique identifier number for this access.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Switch. Replace Priority Enter a replace priority ma nually if you want to re-wri te the 802.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 22. Add ACL Profile window for Packet Content example Click on the boxes at the top of the table, which will then turn red and reveal parameters fo r configuration.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual With this advanced unique Packet Content Mask (als o kno wn as Packet Content Access Control List - ACL), the D-Link xStack ® switch family can effectively mi tigate some network attacks like the common ARP Spoofing attack that is wide spread t oday.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 25. Add Access Rule window for Packet Content e xample The following parameters may be confi gur ed for the Packet Content filter: Parameter Description Access ID (1-65535) Type in a unique identifier number for this access.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual must be set. Priority (0-7) Enter a priority value if you want to re-write the 802 .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual CPU Interface Filtering Due to a chipset limitation and neede d extra switch security, the Switch incorporates CP U Interface filtering.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 29. Add CPU ACL Profile w indo w for Ethernet example Parameter Description Select Profile ID (1-3) Use the drop-do wn menu to select a unique identifie r number fo r this profile set.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 30. CPU Access Profile List window for Ethernet exa m ple To view the settings of a previously co rrectly created profile, cli ck the corresponding Show Details button on the following CPU Access Profile List win dow above.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 33. (CPU) Add Access Rule window for Ethernet example To set the Access Rule for Ethernet, adjust the followi ng parameters and click Apply . Parameter Description Access ID (1-5) Type in a unique identifier number for th is access.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 35. CPU Access Rule Detail In formation windo w for Ethernet example To create an IPv 4 ACL, click Add CPU ACL Profile in the CPU Access Profil e List window. This will open the Add CPU ACL Profile window.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual IPv4 Address Tick either Source IP Mask and enter the IPv4 source address mask or De stination IP Mask and enter the IPV4 destination address mask.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 37. CPU Access Profile List window for IPv4 example To view the configurations for a previo us ly configured entry, cl ick on the corresp onding Show Details button, which will display the following window: Figure 6 - 38.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 39. (CPU) Add Access Rule window for IPv4 example The following parameters may be confi gured for the IP (IPv4) filter: Parameter Description Access ID (1-5) Type in a unique identifier number for this access.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual To view the configurations for a previously configured rule, click on the corresponding Sho w Details button, which will display the following CPU Access Rule Detail Information window: Figure 6 - 41.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual default quality of service or real time service packets. IPv6 Address IPv6 Source Address – Enter an IPv6 addres s to be used as the source address. IPv6 Destination Address – Enter an IPv6 address that will be used as the destination address.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 45. (CPU) Add Access Rule window for IPv6 example The following parameters may be confi gured for the IPv6: Parameter Description Access ID (1-5) Type in a unique identifier number for this access.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 47. CPU Access Rule Detail Information wind o w for IPv6 example To create a Packet Content ACL, click Add CPU.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual common ARP Spoofing attack that is wide spread t oday. This is why the Packet Content ACL is able to inspect any specified content of a packet in different proto col layers.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 51. (CPU) Add Access Rule window for Packet Content ex ample The following parameters may be confi gur ed for .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 6 - 52. CPU Access Rule List window for Packet Content example To view the configurations for previo usly configured rule cli ck on the corresponding Show Details Button which will display the following CPU Access Rule Detail Infor mation window.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description Profile ID The pre-configured Profile ID for which to configure th e Flow Metering parameters. Access ID (1-65535) The pre-configured Access ID for which to configure the Flow Meteri ng parameters.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Section 7 Monitoring Cable Diagnostic CPU Utilization Port Utilization Packet Size Memory Utilization Packets Errors Port.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 2. CPU Utilization window To view the CPU utilization by po rt, us e the real-time graphic of the Switch at the top of the Web page by simply clicking on a port.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 3. Port Utilization window To select a p ort to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the t op of the Web pag e by simply clicking on a port.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 4. Packet Size windo w To view the Packet Size Table window, click the link View Table , which will show the following table: Figure 7 - 5.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 65-12 7 The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets).
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 7. Received (Rx) window (for Bytes and Packets) To view the Received (Rx) Table window, click View Table .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Packets Counts the number of packets received on the port. Unicast Counts the total number of good packet s that were received by a unicast address. Multicast Counts the total number of good packets that were received by a multica st address.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 10. UMB_cast (Rx) Table window (for Unicast, Multicast, and Broadcast Pac kets ) The following fields may be set or viewed: Parameter Description Port Use the drop-down menu to choose t he port that will display statist ics.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 11. Transmitted (Tx) window (for Bytes and Packets) To view the Transmitted (Tx) Table window, click the link View Table .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Packets Counts the number of packets successfully sent on the port. Unicast Counts the total number of good packet s that were transmitted by a unicast address. Multicast Counts the total number of good packets that were transmitted by a multicast address.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 14. Received (Rx) Table window (for errors) The following fields can be set: Parameter Description Port Use the drop-down menu to choose t he port that will display statist ics.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Transmitted (TX) To select a p ort to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the t op of the Web pag e by simply clicking on a port.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Record Number Select number of times the Switch will be polled between 20 and 200 . The default value is 200 . ExDefer Counts the number of packets for which the first transmission attempt on a particular interface was delayed becaus e the medium wa s busy.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual RADIUS Authentication This table contains inform ation concerning the activity of the RA DIUS authentication client on the client side of the RADIUS authentication protocol.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual authentication server. AccessAcce pts The number of RADIUS Access-A ccept packets (valid or invalid) received from this server. AccessRejects The number of RADIUS Access-Reject pa cket s (valid or invalid) received from this server.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 18. RADIUS Account Client window The user may also select the desired time interval to update the statistics, between 1s and 60s , where “s” stands for seconds.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual responses. BadAuthenticators The number of RADIUS Accounting-Respon se packets, which contained invalid authenticators, received from this server.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual This window displ ays the Authenticator State for indivi dual ports on a selecte d device. A polling interval between 1s and 60s seconds can be set using the d rop-down menu at the top of the window and clicki ng OK .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual The following fields can be viewed: Parameter Description Port The identification number assi gned to the Port by the System in which the Port resides. Frames Rx The number of valid EAPOL frames that have been received by this Authenticator.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 21. Authenticator Session Statistics window The user may select the desired time inte rval to update the statistics, between 1s and 60s , where “s” stands for seconds.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 1) Supplicant Logoff 2) Port Failure 3) Supplicant Restart 4) Reauthentication Failure 5) AuthControlledPortControl set t.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Parameter Description Port The identification number assigned to the Port by the System in wh ich the Port resides. Connect Enter Counts the n umber of times that the state machine transitions to the CONNECTING state from any other state.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Bac Auth Fail Counts the number of times that the state machine re ceives a Reject message from the Authentication Server (i.e., aFail becomes TR UE, causing a transition from RESPONSE to FAIL).
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual To view this window, click Monitoring > IGMP Snooping > Bro wse IGMP Router Port : Figure 7 - 25. Browse Router Port window IGMP Snooping Group This window allows the S witch’s IGMP Snooping Group Ta bl e to be searched.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Enter the appropriate information and click Find . The searched entries will be shown in the IGMP Snooping Group Table. Click View All to see all the entries. Click View All Data Driven to display all the data driven groups learned in the IGMP Snooping Group Table.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 28. Browse MLD Router Port window MLD Snooping Group The following window all ows the user to view MLD Snooping Groups present on the Switch. MLD Snoopi ng is an IPv6 function comparable to IGMP Snooping for IPv4.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Figure 7 - 30. LLDP Statistics Sy stem window LLDP Local Port Information To view this window, click Monitoring > LLDP > LLDP Local Port Information : Figure 7 - 31.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual MBA Authentication State This window allows the user to view the MAC-base d Access Control authentication informat ion. Specify the port list to view and click Find . To remove an entry, enter the appropriate informatio n and click Clear By Port .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual MAC Address Enter a MAC address for th e forw arding table to be browsed by. Find Allows the user to move to a sector of the database corresponding to a user defined port, VLAN, or MAC address.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Section 8 Save and Tools Save Configuration Save Log Save All Configuration File Upload & Download Upload Log File Reset Ping Test Download Firmware Reboot System The three Save windows include: Save Configuration , Save Log , and Save All .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Save Log Open the Save drop-down menu at the top of the Web manager and cli ck Save Log to open the following window: Figure 8 - 2.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Upload Log File To upload a log file, enter a Server IP addre ss, use the radio button to sel ect IPv4 and then enter a File name, or use the radio button to select IPv6, enter a Serv er IP, Interface Name, and File nam e.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Ping Test Users can Ping either an I Pv4 address or an IPv6 address. Pin g is a small program that send s ICMP Echo packets to the IP address you specify. The destinati on node then respond s to or “echoes” the packets sent from the Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Download Firmware The Switch supports dual image storage for firmware file backup and restoration .
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Appendix A Mitigating ARP Spoofing Attacks Using Packet Content ACL Address Resolution Protocol (ARP ) is the standard me thod for finding a host's har dware address (MAC address) when only its IP address is known.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual address FF-FF-FF-FF- FF-FF 00-20-5C-01-11-11 Table-2 (Ethernet frame format) When the switch receive s the frame, it will check the “Source A ddress” in the Ethernet frame’s header.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual When PC B replies to the ARP request, its MAC address will be written into “Target H/W A ddress” in the ARP payload shown in Table-3. The ARP reply will b e then encapsulated into the Ethernet frame again an d sent back to the se nder.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual How ARP spoofing attacks a net work ARP spoofing, also known as A RP poisoning, is a method to attack an Ethe rnet networ.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Destination address Source address Ethernet typ e H/W t ype Protocol typ e H/W address length Protocol address length Ope.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual • Prevent ARP spoofing via packe t con tent ACL Concerning the common DoS attack today cau sed by the ARP spoofing, D-Link manage d switch can effectively mitigate it via its unique Packet Content ACL.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Offset C hunk Offset Chunk0 Offset Chunk1 Offset Chunk2 Offset Chunk3 Offset Chunk4 Offset Chunk5 Offset Chunk6 Offset Ch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 225.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Appendix B System Log Entries The following table lists all possible entries and their corr esponding meani ngs that will appear in the System Log of this Switch.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual unsuccessful (Usernam e: <username>) Log message successfully uploaded Log message successfully uploaded by con sol.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual STP Topology changed Topology changed Informational New Root selected New Root selected Informational BPDU Loop Back on p.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Successful login through Telnet authenticated by AAA local method Successful login through Telnet from <userIP > au.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Login failed through Web(SSL) due to AAA server timeout or improper configuration Login failed through Web(SSL) from <.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Successful Enable Admin through Console authenticated by AAA none method Successful Enable Admin through Con sole authent.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual improper configuration. <username>) Login failed through Web from user due to AAA server timeout or improper configuration.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Broadcast st orm clear ed Po rt <por tNum> Broadcast storm has cleared Informational Multicast storm occurrence Por.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual system reco ver learn ing WAC recovers from stop learning state. Warning MAC Login OK MAC-AC login successful (MAC: <m.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Port recover from BPDU under attacking state automatically Port <[unitID:] portNum> recover from BPDU un der attack.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual 236 1.3.6.1.4.1.171.12.23.5.0.2 swIpMacBindingRecoverL earningTrap 1.3.6.1.4.1.171.12.23.5.0.3 swIpMacBindin gPortIndex V2 IPMacBind-MIB Warning swMacBasedAuthLogg edSuccess 1.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual Appendix C Glossary 1000BASE-SX: A short laser wavelengt h on multimode fiber optic cable for a m aximum length of 2000 m.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual half duplex: A system that allows packets to be transmitted and re ce ived, but not at the same time. Contrast with full duplex. IP address: Internet Protocol address. A unique identifier fo r a device attached to a network using TCP/IP.
xStack ® DES-3200-10/18/28/28F Layer 2 Eth ernet Man ag ed Switch User Manual UDP - User Datagram Protocol: An Internet stan dard protocol that allo ws an application progra m on one device to send a datagram to an application progra m on another device.
An important point after buying a device D-Link DES-3200-10 (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought D-Link DES-3200-10 yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data D-Link DES-3200-10 - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, D-Link DES-3200-10 you will learn all the available features of the product, as well as information on its operation. The information that you get D-Link DES-3200-10 will certainly help you make a decision on the purchase.
If you already are a holder of D-Link DES-3200-10, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime D-Link DES-3200-10.
However, one of the most important roles played by the user manual is to help in solving problems with D-Link DES-3200-10. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device D-Link DES-3200-10 along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center