D-Link 28 - Manual

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Web-based User Interface The user interface provides access to various Switch configuration and management windows, allows you to view performance statistics, and permits you to graphically monitor the system status. Areas of...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual NOTICE : Any changes made to the Switch configuration during the current session must be saved in the Save Configuration window ( Save > Save Configuration ) or use the command line interface (CLI) command save config . We...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Section 2 Configuration Device Information System Information Serial Port Settings IP Address Settings IPv6 Interface Settings IPv6 Route Settings IPv6 Neighbor Settings Port Configuration Static ARP Settings User Accounts Sy...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Device Information This window contains the main settings for all major functions on the Switch and appears automatically when you log on. To return to the Device Information window, click the DES-3200-10/18/28/28F folder. Th...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Serial Port Settings The following window allows the Baud Rate and the Auto Logout to be changed as well as containing information about the Serial Port Settings. Click Configuration > Serial Port Settings to display this ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual IPv6 Address Settings Users can display the Switch’s current IPv6 interface settings. To view the following window, click Configuration > IPv6 Interface Settings : Figure 2 - 5. IPv6 Interface Settings window To configure ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Parameter Description Interface Name The name of the IPv6 interface being displayed or modified. VLAN Name Display the VLAN name of the IPv6 interface. Admin. State Display the current administrator state. IPv6 Address Enter ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Parameter Description Interface Name Enter the name of the IPv6 neighbor. To search for all the current interfaces on the Switch, go to the second Interface Name field in the middle part of the window, tick the All check box,...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Port Description Settings The Switch supports a port description feature where the user may name various ports on the Switch. To view the following window, click Configuration > Port Configuration > Port Description Set...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 2 - 10. Port Error Disabled window The following parameters are displayed: Parameter Description Port Displays the port that has been error disabled. Port State Describes the current running state of the port, whether ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual User Accounts Use this window to control user privileges, create new users, and view existing User Accounts. To view this window, click Configuration > User Accounts : Figure 2 - 12. User Accounts window The following fiel...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual User Account Management Add/Update/Delete User Accounts Yes No View User Accounts Yes No Table 2 - 1. Admin and User Privileges System Log Configuration This section contains information for configuring various attributes and...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual DHCP Relay The relay hops count limit allows the maximum number of hops (routers) that the DHCP messages can be relayed through to be set. If a packet’s hop count is equal to or more than the hop count limit, the packet is dr...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual check and policy settings will have no effect. DHCP Relay Agent Information Option 82 Check This field can be toggled between Enabled and Disabled using the pull-down menu. It is used to enable or disable the Switches ability...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual DHCP Relay Interface Settings This window allows the user to set up a server, by IP address, for relaying DHCP/ BOOTP information to the Switch. The user may enter a previously configured IP interface on the Switch that will ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual State This is used to enable or disable the DHCP local relay for the specified VLAN. DHCP Auto Configuration Settings The DHCP automatic configuration function on the Switch will load a previously saved configuration file for...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Telnet Settings Telnet configuration is Enabled by default. If you do not want to allow configuration of the system through Telnet choose Disabled. The TCP ports are numbered between 1 and 65535 . The "well-known" TCP...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Firmware Information Information about current firmware images stored on the Switch can be viewed. To access this window, click Configuration > Firmware Information : Figure 2 - 25. Firmware Information window This window ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual SNTP Settings The SNTP Settings folder offers two windows: Time Settings and Time Zone Settings . Time Settings To configure the time settings for the Switch, click Configuration > SNTP Settings > Time Settings : Figure...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Time Zone Settings The following window is used to configure time zones and Daylight Savings Time settings for SNTP. To configure the time zone settings for the Switch, click Configuration > SNTP Settings > Time Zone Se...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual SMTP Settings SMTP or Simple Mail Transfer Protocol is a function of the Switch that will send switch events to mail recipients based on e-mail addresses entered in the window below. The Switch is to be configured as a client...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual SMTP Service This window is used to test the SMTP Service Settings configured in the previous window. To view the following window, click Configuration > SMTP Service : Figure 2 - 29. SMTP Service window To test to see if ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 2 - 31. MAC Notification Port Settings window The following parameters may be modified: Parameter Description From Port/To Port Select a port or group of ports to enable for MAC notification using the pull-down menus. ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual SNMPv3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Parameter Description View Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP view being created. Subtree OID Type the Object Identifier (OID) Subtree for the view. The OID identifi...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual centralized and distributed network management strategies. It includes improvements in the Structure of Management Information (SMI) and adds some security features. SNMPv3 - Specifies that the SNMP version 3 will be used. SN...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Priv-Protocol by based on the CBC-DES (DES-56) Password None - Indicates that no authorization protocol is in use. DES - Indicates that DES 56-bit encryption is in use standard. Auth-Protocol by Key cates that the HMAC-MD5-96...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual SNMP Host Table indow to set up SNMP trap recipients. To configure SNMP Host Table entries, click Configuration > SNMP Settings > SNMP Host Table Use the SNMP Host Table w Figure 2 - 36. SNMP Host Table window The follo...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual SNMP Trap Configuration The following window is used to enable and disable trap settings for the SNMP function on the Switch. To view this window for configuration, click Configuration > SNMP Settings > SNMP Trap Config...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Time Range Settings This window is used in conjunction with the Access Profile feature to determine a starting point and an ending point, based on days of the week, when an Access Profile configuration will be enabled on the ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Single IP Settings All switches are set as Candidate (CaS) switches as their factory default configuration and Single IP Management will be disabled. To enable SIM for the Switch using the Web interface, click Configuration &...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual After enabling the Switch to be a Commander Switch (CS), the Single IP Management folder will then contain four added links to aid the user in configuring SIM through the Web, including Topology , Firmware Upgrade and Configu...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Non-SIM devices Tool Tips In the Topology view window, the mouse plays an important role in configuration and in viewing device information. Setting the mouse cursor over a specific device in the topology window (tool tip) wi...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Right-Click Right-clicking on a device will allow the user to perform various functions, depending on the role of the Switch in the SIM group and the icon associated with it. Group Icon Figure 2 - 47. Right-Clicking a Group I...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Commander Switch Icon Figure 2 - 49. Right-Clicking a Commander Icon The following options may appear for the user to configure: y Collapse - To collapse the group that will be represented by a single icon. y Expand - To expa...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual y Add to group - Add a candidate to a group. Clicking this option will reveal the following dialog for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group. Click OK to...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Help y About - Will display the SIM information, including the current SIM version. Figure 2 - 55. About window Firmware Upgrade This window is used to upgrade firmware from the Commander Switch to the Member Switch. Member S...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Upload Log File The following window is used to upload log files from SIM member switches to a specified PC. To upload a log file, enter the Server IP address of the SIM member switch and then enter a Path\Filename on your PC...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Gratuitous ARP Settings This window allows you to have more detailed settings for the Gratuitous ARP. To view this window, click Configuration > Gratuitous ARP > Gratuitous ARP Settings : Figure 2 - 60. Gratuitous ARP S...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual ARP Spoofing Prevention Settings ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network which may allow an attacker to sniff data frames on a LAN, modify the traffic, or stop the traffic altogeth...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Section 3 L2 Features Jumbo Frame 802.1Q Static VLAN Q-in-Q 802.1v Protocol VLAN VLAN Trunk Settings GVRP Settings Asymmetric VLAN Settings MAC-based VLAN Settings PVID Auto Assign Settings Port Trunking LACP Port Settings Tr...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual VLANs Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted si...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 3 - 3. IEEE 802.1Q Tag The EtherType and VLAN ID are inserted after the MAC source address, but before the original EtherType/Length or Logical Link Control. Because the packet is now a bit longer than it was originall...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the Switch. If no VLANs are defined on the Switch, all ports are then assigned to a default VLAN with a PVID equal to 1. Untagg...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual NOTE: If no VLANs are configured on the Switch, then all packets will be forwarded to any destination port. Packets with unknown source addresses will be flooded to all ports. Broadcast and multicast packets will also be floo...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual VLAN Translation Settings VLAN translation translates the VLAN ID carried in the data packets it receives from private networks into those used in the Service Providers network . To view this window click L2 Features > Q-i...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Parameter Description Group ID (1-16) Select an ID number for the group, between 1 and 16. Group Name This is used to identify the new Protocol VLAN group. Type an alphanumeric string of up to 32 characters. Protocol This fun...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Port List (e.g.: 1-6) Select the specified ports you wish to configure by entering the port number in this field, or tick the Select All Ports box. Search Port List This function allows the user to search all previously confi...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual GVRP Settings This window allows the user to determine whether the Switch will share its VLAN configuration information with other GARP VLAN Registration Protocol (GVRP) enabled switches. In addition, Ingress Checking can be ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual the port to compare the VID tag of an incoming packet with the PVID number assigned to the port. If the two are different, the port filters (drops) the packet. Disabled disables ingress fil- tering. Ingress Checking is Enable...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual PVID Auto Assign Settings This enables or disables PVID Auto Assign on the Switch. PVID is the VLAN that the switch will use for forwarding and filtering purposes. If PVID Auto-Assign is Enabled , PVID will be possibly change...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual (Member) Ports Choose the members of a trunked group. Up to eight ports per group can be assigned to a group. Flooding Ports These ports are designated for flooding broadcast, multicast, and DLF (unicast Destination Lookup Fa...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Traffic Segmentation Traffic segmentation is used to limit traffic flow from a single port to a group of ports on the Switch. This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is mo...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual BPDU Tunneling Settings To view this window, click L2 Features > BPDU Tunneling Settings : Figure 3 - 24. BPDU Tunneling Settings window IGMP Snooping Internet Group Management Protocol (IGMP) snooping allows the Switch to...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 3 - 27. IGMP Snooping Router Ports Settings window Select the desired member ports and click Apply . Click <<Back to go back to the IGMP Snooping Settings window. IGMP Access Control Settings This window is used ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual IGMP Snooping Multicast VLAN Settings This window is used to configure the IGMP Snooping Multicast VLAN settings on the Switch. To view this window, click L2 Features > IGMP Snooping > IGMP Snooping Multicast VLAN Setti...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 3 - 30. IGMP Snooping Multicast VLAN Group List Settings window Enter a Multicast Address and click Add . The new information will be displayed in the table at the bottom of the window. Click Show IGMP Snooping Multica...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Limited Multicast Range Settings This window enables the user to configure the ports on the Switch that will be involved in the Limited IP Multicast Range. The user can configure the range of ports and associate an IP Multica...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 3 - 35. Max Multicast Group Settings window The following fields can be set: Parameter Description From Port/To Port Use the drop-down menus to choose a range of ports. Max Group (1-1024) Enter the maximum number of th...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Port Mirror The Switch allows you to copy frames transmitted and received on a port and redirect the copies to another port. You can attach a monitoring device to the mirrored port, such as a sniffer or an RMON probe, to view...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Loopback Detection Settings The Loopback Detection function is used to detect the loop created by a specific port. This feature is used to temporarily shutdown a port on the Switch when a CTP (Configuration Testing Protocol) ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Spanning Tree This Switch supports three versions of the Spanning Tree Protocol: STP, Rapid STP, and MSTP. STP will be familiar to most networking professionals. However, since RSTP and MSTP have been recently introduced to D...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Port Transition States An essential difference between the three protocols is in the way ports transition to a forwarding state and in the way this transition relates to the role of the port (forwarding or not forwarding) in ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual STP Bridge Global Settings To open the following window, click L2 features > Spanning Tree > STP Bridge Global Settings : Figure 3 - 41. STP Bridge Global Settings window The following parameters can be set: Parameter D...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual NOTE: The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will occur. Observe the following formulas when setting the above parameters: Max. Age ≤ 2 x (Forward Delay - 1 second) Max. Age ≥ 2 x ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual MST Configuration Identification The following windows in the MST Configuration Identification section allow the user to configure a MSTI instance on the Switch. These settings will uniquely identify a multiple spanning tree ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual STP Instance Settings The following window displays MSTIs currently set on the Switch. To view the following table, click L2 Features > Spanning Tree > STP Instance Settings : Figure 3 - 44. STP Instance Settings window...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual MSTP Port Information This window displays the current MSTP Port Information and can be used to update the port configuration for an MSTI ID. If a loop occurs, the MSTP function will use the port priority to select an interfa...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual To add or edit an entry, define the following parameters and then click Add/Modify : Parameter Description VLAN ID (1-4094) The VLAN ID number of the VLAN on which the above Unicast MAC address resides. MAC Address The MAC ad...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Multicast Filtering Mode Users can configure the multicast filtering mode. To view this window, click L2 Features > Forwarding & Filtering > Multicast Filtering Mode : Figure 3 - 49. Multicast Filtering Mode window ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual LLDP Port Settings To view this window, click L2 Features > LLDP > LLDP Port Settings : Figure 3 - 51. LLDP Port Settings window The following parameters can be set: Parameter Description From Port/To Port Use the pull-...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual LLDP Basic TLVs Settings This window is used to enable the settings for the Basic TLVs Settings. To view this window, click L2 Features > LLDP > LLDP Basic TLVs Settings : Figure 3 - 52. LLDP Basic TLVs Settings window ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual LLDP Dot1 TLVs Settings LLDP Dot1 TLVs are organizationally specific TLVs which are defined in IEEE 802.1 and used to configure an individual port or group of ports to exclude one or more of the IEEE 802.1 organizational port...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual LLDP Dot3 TLVs Settings This window is used to configure an individual port or group of ports to exclude one or more IEEE 802.3 organizational specific TLV data type from outbound LLDP advertisements. To view this window, cli...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Section 4 QoS Bandwidth Control Traffic Control 802.1p Default Priority 802.1p User Priority QoS Scheduling Settings Priority Mapping TOS Mapping DSCP Map Settings The Switch supports 802.1p priority queuing Quality of Servic...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual The previous picture shows the default priority setting for the Switch. Class 3 has the highest priority of the four priority queues on the Switch. In order to implement QoS, the user is required to instruct the Switch to exa...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Bandwidth Control The bandwidth control settings are used to place a ceiling on the transmitting and receiving data rates for any selected port. To view this window, click QoS > Bandwidth Control : Figure 4 - 2. Bandwidth ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 4 - 5. 802.1p User Priority window Once a priority has been assigned to the port groups on the Switch, assign this Class to each of the eight levels of 802.1p priorities. The following parameter may be set: Parameter D...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Priority Mapping This window is used to set up Priority Mapping. To view this window, click QoS > Priority Mapping : Figure 4 - 7. Priority Mapping window The following parameter may be set: Parameter Description From Port...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual TOS Mapping This window is used to set up Type of Service (TOS) Mapping. To view this window, click QoS > ToS Mapping : Figure 4 - 8. TOS Mapping window The following parameter may be set: Parameter Description Class ID Th...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual DSCP Mapping This window is used to set up DSCP Mapping. To view this window, click QoS > DSCP Mapping : Figure 4 - 9. DSCP Mapping window The following parameters may be set: Parameter Description DSCP Value This field is...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Section 5 Security Safeguard Engine Trusted Host IP-MAC-Port Binding Port Security DHCP Server Screening Settings 802.1X SSL Settings SSH Access Authentication Control MAC-based Access Control DoS Prevention Settings Safeguar...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Trusted Host Use the Security IP Management to permit remote stations to manage the Switch. If one or more designated management stations are defined by the user, only the chosen stations, as defined by IP address, will be al...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual DHCP Snoop State Use the pull-down menu to enable or disable the DHCP Snooping State for IP-MAC-port binding. ARP Inspection When this is Enabled , the Switch will filter ARP packets which have unauthorized sender MACs, IP ad...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual hardware until the S/W learns the entries for the ports. The port will check ARP packets and IP packets by IP-MAC-port binding entries. When the packet is found by the entry, the MAC address will be set to dynamic. If the pac...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual DHCP Snooping Entries This window is used to view dynamic entries on specific ports. To view particular port settings, enter the port number and click Find . To view all entries click View All , and to delete an entry, click ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Port Security FDB Entries This window is used to clear the Port Lock Entries by individual ports. To clear entries enter the range of ports and click Clear . To view the following window click, Security > Port Security >...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenti...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual NOTE: When configuring the Authentication Protocol as local, the Switch has two roles: Authenticator and Authentication Server. Client The Client is simply the endstation that wishes to gain access to the LAN or switch servic...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual 1. Port-Based Access Control – This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network. 2. MAC-Based Access Control – Using...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual MAC-Based Network Access Control 802.1X Client Network access controlled port Network access uncontrolled port RADIUS Server Ethernet Switch 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Authentication RADIUS Server The RADIUS feature of the Switch allows you to facilitate centralized user administration as well as providing protection against a sniffing, active hacker. To configure the 802.1X User, click Sec...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Guest VLAN Configuration On 802.1X security enabled networks, there is a need for non 802.1X supported devices to gain limited access to the network, due to lack of the proper 802.1X software or incompatible devices, such as ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Guest VLAN To view the following window, click, Security > 802.1X > Guest VLAN : Figure 5 - 23. Guest VLAN window The following fields may be modified to enable the 802.1X Guest VLAN: Parameter Description VLAN Name Ent...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 5 - 27. Reauthenticate Port(s) window for MAC-based 802.1X To reauthenticate ports, first use the From Port and To Port drop-down menus to choose the range of ports. Then the user must specify the MAC address to be rea...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual supports SSLv3 and TLSv1. Other versions of SSL may not be compatible with this Switch and may cause problems upon authentication and transfer of messages from client to host. Download Certificate This window is used to downl...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual RSA with RC4_128_MD5 This ciphersuite combines the RSA key exchange, stream cipher RC4 encryption with 128-bit keys and the MD5 Hash Algorithm. Use the pull-down menu to enable or disable this ciphersuite. This field is enabl...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual SSH Settings The following window is used to configure and view settings for the SSH server. To view this window, click Security > SSH > SSH Settings : Figure 5 - 29. SSH Settings window To configure the SSH server on t...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Public Key Algorithm HMAC-RSA Tick the check box to enable the HMAC (Hash for Message Authentication Code) mechanism utilizing the RSA encryption algorithm. The default is enabled. HMAC-DSA Tick the check box to enable the HM...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual conjunction with the Host Based choice in the Auth. Mode field. Click Apply to implement changes made. NOTE: To set the SSH User Authentication parameters on the Switch, a User Account must be previously configured. For more ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual the device successfully through the RADIUS server or through the local method, 3 kinds of privilege levels can be assigned to the user and the user can not use the “enable admin” command to promote to the admin privilege leve...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 5 - 34. Application's Authentication Settings window The following parameters can be set: Parameter Description Application Lists the configuration applications on the Switch. The user may configure the Login Method Li...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Parameter Description IP Address The IP address of the remote server host the user wishes to add. Port (1-65535) Enter a number between 1 and 65535 to define the virtual port number of the authentication protocol on a server ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 5 - 38. Login Method Lists window The Switch contains one Method List that is set and cannot be removed, yet can be modified. To delete a Login Method List defined by the user, click the corressponding Delete button. T...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 5 - 39. Enable Method Lists window To delete an Enable Method List defined by the user, click the the Delete button. To modify an Enable Method List, click on its corresponding Edit button. To define an Enable Login Me...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Parameter Description Old Local Enable Password (Max: 15 characters) If a password was previously configured for this entry, enter it here in order to change it to a new password New Local Enable Password Enter the new passwo...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Config Guest VLAN VLAN Name Enter a Guest VLAN name. Clicking the hyperlinked name will send the Web manager to the Guest VLAN configuration window. VLAN ID (1-4094) Enter a VLAN ID number between 1 and 4094 . Member Ports (e...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual DoS Prevention Settings The Switch supports Denial of Service (DoS) prevention to mitigate DoD attacks from hackers or other malicious sources. To view this window, click Security > DoS Prevention Settings : Figure 5 - 43....

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Section 6 ACL ACL Configuration Wizard Access Profile List CPU Access Profile List ACL Finder ACL Flow Meter Access profiles allow the user to establish criteria to determine whether or not the Switch will forward packets bas...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Service Type Use the drop-down menu to select from VLAN Name , Ethernet Type , 802.1P , or Any . Action Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any add...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual CPU Interface Filtering Due to a chipset limitation and needed extra switch security, the Switch incorporates CPU Interface filtering. This added feature increases the running security of the Switch by enabling the user to cr...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 6 - 52. CPU Access Rule List window for Packet Content example To view the configurations for previously configured rule click on the corresponding Show Details Button which will display the following CPU Access Rule D...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Section 7 Monitoring Cable Diagnostic CPU Utilization Port Utilization Packet Size Memory Utilization Packets Errors Port Access Control Browse ARP Table Browse VLAN IGMP Snooping LLDP MBA Authentication State Browse Session ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 7 - 2. CPU Utilization window To view the CPU utilization by port, use the real-time graphic of the Switch at the top of the Web page by simply clicking on a port. Click Apply to implement the configured settings. The ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual 65-127 The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). 128-255 The total number of packets (including bad...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Packets Counts the number of packets successfully sent on the port. Unicast Counts the total number of good packets that were transmitted by a unicast address. Multicast Counts the total number of good packets that were trans...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Record Number Select number of times the Switch will be polled between 20 and 200 . The default value is 200 . ExDefer Counts the number of packets for which the first transmission attempt on a particular interface was delaye...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual RADIUS Authentication This table contains information concerning the activity of the RADIUS authentication client on the client side of the RADIUS authentication protocol. To view the RADIUS Authentication window, click Monit...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual authentication server. AccessAccepts The number of RADIUS Access-Accept packets (valid or invalid) received from this server. AccessRejects The number of RADIUS Access-Reject packets (valid or invalid) received from this serv...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual responses. BadAuthenticators The number of RADIUS Accounting-Response packets, which contained invalid authenticators, received from this server. PendingRequests The number of RADIUS Accounting-Request packets sent to this se...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual This window displays the Authenticator State for individual ports on a selected device. A polling interval between 1s and 60s seconds can be set using the drop-down menu at the top of the window and clicking OK . The informat...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual The following fields can be viewed: Parameter Description Port The identification number assigned to the Port by the System in which the Port resides. Frames Rx The number of valid EAPOL frames that have been received by this...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Bac Auth Fail Counts the number of times that the state machine receives a Reject message from the Authentication Server (i.e., aFail becomes TRUE, causing a transition from RESPONSE to FAIL). Indicates that the Supplicant ha...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual To view this window, click Monitoring > IGMP Snooping > Browse IGMP Router Port : Figure 7 - 25. Browse Router Port window IGMP Snooping Group This window allows the Switch’s IGMP Snooping Group Table to be searched. IG...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Enter the appropriate information and click Find . The searched entries will be shown in the IGMP Snooping Group Table. Click View All to see all the entries. Click View All Data Driven to display all the data driven groups l...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 7 - 28. Browse MLD Router Port window MLD Snooping Group The following window allows the user to view MLD Snooping Groups present on the Switch. MLD Snooping is an IPv6 function comparable to IGMP Snooping for IPv4. Th...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Figure 7 - 30. LLDP Statistics System window LLDP Local Port Information To view this window, click Monitoring > LLDP > LLDP Local Port Information : Figure 7 - 31. LLDP Local Port Information window LLDP Remote Port In...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual MBA Authentication State This window allows the user to view the MAC-based Access Control authentication information. Specify the port list to view and click Find . To remove an entry, enter the appropriate information and cl...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual MAC Address Enter a MAC address for the forwarding table to be browsed by. Find Allows the user to move to a sector of the database corresponding to a user defined port, VLAN, or MAC address. Clear Dynamic Entries Click this ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Section 8 Save and Tools Save Configuration Save Log Save All Configuration File Upload & Download Upload Log File Reset Ping Test Download Firmware Reboot System The three Save windows include: Save Configuration , Save ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Save Log Open the Save drop-down menu at the top of the Web manager and click Save Log to open the following window: Figure 8 - 2. Save Log window Save All Open the Save drop-down menu at the top of the Web manager and click ...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Ping Test Users can Ping either an IPv4 address or an IPv6 address. Ping is a small program that sends ICMP Echo packets to the IP address you specify. The destination node then responds to or “echoes” the packets sent from t...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Download Firmware The Switch supports dual image storage for firmware file backup and restoration. The firmware images are indexed by ID number 1 or 2. To change the boot firmware image, use the Image ID drop-down menu to sel...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Appendix A Mitigating ARP Spoofing Attacks Using Packet Content ACL Address Resolution Protocol (ARP) is the standard method for finding a host's hardware address (MAC address) when only its IP address is known. This protocol...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual • Prevent ARP spoofing via packet content ACL Concerning the common DoS attack today caused by the ARP spoofing, D-Link managed switch can effectively mitigate it via its unique Packet Content ACL. For that reason the basic A...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Appendix B System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch. Category Event Description Log Information Severity system Syste...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Port recover from BPDU under attacking state automatically Port <[unitID:] portNum> recover from BPDU under attacking state automatically Informational DHCP Detect untrusted DHCP server IP address Detected untrusted DHC...

xStack ® DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual Appendix C Glossary 1000BASE-SX: A short laser wavelength on multimode fiber optic cable for a maximum length of 2000 meters 1000BASE-LX: A long wavelength for a "long haul" fiber optic cable for a maximum length of 1...