DGS-3024 R4 User Manual
Contents
1. Facility Some of the operating system daemons and processes have been assigned Facility values Processes and daemons that have not been explicitly assigned a Facility may use any of the local use facilities or they may use the user level Facility Those Facilities that have been designated are shown in the following Bold font denotes the facility values that the Switch currently implements Numerical Facility 73 DGS 3024 Gigabit Ethernet Switch Manual kernel messages user level messages mail system system daemons messages generated internally by Syslog line printer subsystem network news subsystem UUCP subsystem 9 clock daemon 1 2 3 4 security authorization messages 5 7 8 10 security authorization messages 11 FTP daemon 12 NTP subsystem 13 log audit 14 log alert 15 clock daemon 16 local use 0 local0 17 local use 1 local1 18 local use 2 local2 19 local use 3 local3 20 local use 4 local4 21 local use 5 local5 22 local use 6 local6 23 local use 7 local7 UDP Port Enter the UDP port number used for sending Syslog messages The default is 514 Status Choose Enabled or Disabled to activate or deactivate To set the System Log Server configuration click Apply To delete an entry from the System Log Servers window click the corresponding gt under the Delete heading of the entry to delete To return to the System Log Servers window click the Show All2. Enter the current time in hours and minutes if you would like to update the system clock Click Apply to implement your changes 61 Time Zone DGS 3024 Gigabit Ethernet Switch Manual and DST The following are windows used to configure time zones and Daylight Savings time settings for SNTP Open the Configuration folder then the SNTP Setting folder and click on the Time Zone and DST link revealing the following window o What Time HH MM From What Month From What Date From What Time o What Month o What Date o What Time Figure 7 40 Time Zone and DST Settings window The following parameters can be set Parameter Description Time Zone and DST Settings Daylight Saving Time State Use this pull down menu to enable or disable the DST Settings Daylight Saving Time Offset in Minutes Use this pull down menu to specify the amount of time that will constitute your local DST offset 30 60 90 or 120 minutes Time Zone Offset from GMT in HH MM Use these pull down menus to specify your local time zone s offset from Greenwich Mean Time GMT 62 DGS 3024 Gigabit Ethernet Switch Manual DST Repeating Settings Using repeating mode will enable DST seasonal time adjustment Repeating mode requires that the DST beginning and ending date be specified using a formula For example specify to begin DST on Saturday during the second week of Apr
3. 47 DGS 3024 Gigabit Ethernet Switch Manual Forward Delay The Forward Delay can be from 4 to 30 seconds Any port on the Switch spends this time in the listening state while moving from the blocking state to the forwarding state Last Topology Change This field shows the time in seconds since the last spanning tree topology change Topology Changes This field displays the number of times that the spanning tree topology has changed since Count the original initial boot up of the Switch 48 DGS 3024 Gigabit Ethernet Switch Manual STP Port Settings STP can be set up on a port per port basis To view the following window click Configuration gt Spanning Tree gt STP Port Settings Tg erede fr fe prov ia en False True J Enabled Disabled Disabled Apply STP Port Information Table 1M AUTO 200000 No o Auto Yes Enabled Enabled No 2T AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 3T AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 4T AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 5 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 6 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 8 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 9 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 10 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 11 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 12 AUTO 200000 2 2 No No Auto Yes Enabled E
4. Click Apply to add the server host i NOTE More than one authentication protocol can be run on the same physical server host but remember that TACACS XTACACS TACACS are separate entities and are not compatible with each other Login Method Lists This command will configure a user defined or default Login Method List of authentication techniques for users logging on to the Switch The sequence of techniques implemented in this command will affect the authentication result For example if a user enters a sequence of techniques for example TACACS XTACACS local the Switch will send an authentication request to the first TACACS host in the server group If no response comes from the server host the Switch will send an authentication request to the second TACACS host in the server group and so on until the list is exhausted At that point the Switch will restart the same sequence with the following protocol listed XTACACS If no authentication takes place using the XTACACS list the local account database set in the Switch is used to authenticate the user When the local method is used the privilege level will be dependant on the local account privilege configured on the Switch Successful login using any of these techniques will give the user a User privilege only If the user wishes to upgrade his or her status to the administrator level the user must use the Enable Admin window in which the user must enter a previously configured p
5. Seren Switch Authentication Server Authenticator Workstation Client z Figure 7 56 Client Authentication Process Utilizing the three components stated above the 802 1x protocol provides a stable and secure way of authorizing and authenticating users attempting to access the network Only EAPOL traffic is allowed to pass through the specified port before a successful authentication is made This port is locked until the point when a Client with the correct username and password is granted access and therefore successfully unlocks the port Once unlocked normal traffic is allowed to pass through the port The implementation of 802 1x allows network administrators to choose Port Based Access Control This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network 77 DGS 3024 Gigabit Ethernet Switch Manual Port Based Network Access Control The original intent behind the development of 802 1x was to leverage the characteristics of point to point in LANs Any single LAN segment in such an infrastructures has no more than two devices attached to it one of which is a Bridge Port The Bridge Port detects events that indicate the attachment of an active device at the remote end of the link or an active device becoming inactive These events can be used to control the a
6. Systems are considered to be components in a rack Thus component refers to any system as well as to various peripherals or supporting hardware CAUTION Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over potentially resulting in bodily injury under certain circumstances Therefore always install the stabilizers before installing components in the rack After installing system components in a rack never pull more than one component out of the rack on its slide assemblies at one time The weight of more than one extended component could cause the rack to tip over and may result in serious injury Before working on the rack make sure that the stabilizers are secured to the rack extended to the floor and that the full weight of the rack rests on the floor Install front and side stabilizers on a single rack or front stabilizers for joined multiple racks before working on the rack xii DGS 3024 Gigabit Ethernet Switch Manual Safety Instructions continued Always load the rack from the bottom up and load the heaviest item in the rack first Make sure that the rack is level and stable before extending a component from the rack Use caution when pressing the component rail release latches and sliding a component into or out of a rack the slide rails can pinch your fingers After a component is inserted into the rack carefully extend the rail into a locking position
7. 110 DGS 3024 Gigabit Ethernet Switch Manual SNMP View Table The SNMP View Table is used to assign views to community strings that define which MIB objects can be accessed by a remote SNMP manager To view the SNMP View Table window open the SNMP Manager folder under Management and click the SNMP View Table entry The following window should appear Add Total Entries 8 Note It is allowed insert 30 entries into the table only SNMP View Table restricted 361211 0 0 0 itsi S S Included restricted 36121411 Included restricted f361 631021 0000 Included restricted 36163121 00 Included restricted 3616341511 Included Community Vier 00 Included Community View fi36163 Excluded CommunityView 1 361631 Included Figure 9 6 SNMP View Table window ix x se ne ne ne Lx IX To delete an existing SNMP View Table entry click the in the Delete column corresponding to the entry to delete To create a new entry click the Add button and a separate window will appear SNMP View Table Configuration View Name Subtree OID View Type Included Show All SNMP View Table Entries Figure 9 7 SNMP View Table Configuration window The SNMP Group created with this table maps SNMP users identified in the SNMP User Table to the views created in the previous window The following parameters can be set Parameter Description View Name Type an
8. A Virtual Local Area Network VLAN is a network topology configured according to a logical scheme rather than the physical layout VLANs can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN VLANs also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN Typically a VLAN corresponds to a particular subnet although not necessarily VLANs can enhance performance by conserving bandwidth and improve security by limiting traffic to specific domains A VLAN is a collection of end nodes grouped by logic instead of physical location End nodes that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network Logically a VLAN can be equated to a broadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated Notes About VLANs on the DGS 3024 No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLANs without a network device performing a routing function between the VLANs The DGS 3024 supports IEEE 802 1Q VLANs The port untagging function can be used to remove the 802 1Q tag from packet headers to maintain compatibility with devices that are tag unaware The Switch s default is to assign all ports to a single 802 1Q VLAN named
9. Port Bandwidth The bandwidth control settings are used to place a ceiling on the transmitting and receiving data rates for any selected port In the Configuration folder click QoS gt Port Bandwidth to view the window shown below The following parameters can be set or are displayed Bandwidth Settings Port 1 Poni RX y no_Imit y Apply Port Bandwidth Table RX Rate bit sec 00 JA hh Y D 10 no_limit 11 no_limit da no_limit 13 no_limit 14 no_limit 15 no_limit 16 no_limit 17 no_limit 18 no_limit 19 no_limit 20 no_limit 21 no_limit 22 no_limit 23 no_limit E ts Figure 7 42 Bandwidth Settings window Parameter Description From To A consecutive group of ports may be configured starting with the selected port Type Port Bandwidth is only supported for Rx or receiving frames on this Switch No Limit This drop down menu allows the user to specify that the selected port will have no bandwidth limit Enabled disables the limit Rate This field allows the user to select the data rate in Mbit s that will be the limit for the selected port The user may select one of the following Rx rates no_limit 64K 128K 256K 512K 1M 2M 4M 8M 16M 32M 64M 128M 256M and 512M If the received rate exceeds the choice made here packets are either dropped or subjected to flow control Click Apply to set the bandwidth control for the s
10. Apply Figure 11 11 Reset System window Logout Use the Logout page to logout of the Switch s Web based management agent by clicking on the Logout button Are you sure you want logout If yes just click the Logout button and return to main page Logout Figure 11 12 Logout Web Setups window 141 DGS 3024 Gigabit Ethernet Switch Manual Technical Specifications Performance Transmission Method Store and forward RAM Buffer 512Kbytes per device Packet Filtering Forwarding Rate Full wire speed for all connections 1 488 095 pps per port for 1000Mbps MAC Address Learning Automatic update Supports 8K MAC address Priority Queues 4 Priority Queues per port Forwarding Table Age Time Max age 10 1000000 seconds Default 300 Physical and Environmental 441mm W x 309mm D x 44mm H 19 inch rack mount width 1U height Safety CSA International 142 DGS 3024 Gigabit Ethernet Switch Manual Standards IEEE 802 3 10BASE T Ethernet IEEE 802 3u 100BASE TX Fast Ethernet IEEE 802 3z 1000BASE SX Gigabit Ethernet IEEE 802 3ab 1000BASE T Gigabit Ethernet IEEE 802 1D Spanning Tree IEEE 802 1P Tagged Packets IEEE 802 1Q Tagged VLAN IEEE 802 3x Full duplex Flow Control ANSI IEEE 802 3 Nway auto negotiation Protocols CSMA CD Data Transfer Rates Half duplex Full duplex Ethernet 10 Mbps 20Mbps Fast Ethernet 100Mbps 200Mbps Gigabit Ethernet n a 2000Mbps Full duplex
11. Figure 8 10 Authentication Server Group Settings window This window displays the Authentication Server Groups on the Switch The Switch has four built in Authentication Server Groups that cannot be removed but can be modified To modify a particular group click its hyperlinked Group Name which will then display the following window 98 DGS 3024 Gigabit Ethernet Switch Manual IP Address 0 0 0 0 mo Show All Server Group Entries Figure 8 11 Add a Server Host to Server Group XTACACS window To add an Authentication Server Host to the list enter its IP address in the IP Address field choose the protocol associated with the IP address of the Authentication Server Host and click Add to add this Authentication Server Host to the group To add a server group other than the ones listed click the add button revealing the following window to configure sr Group Table Add Settings Ar t n Carver Group Name Apply Show All Server Group Table Entries Figure 8 12 Authentication Server Group Table Add Settings window Enter a group name of up to 15 characters into the Group Name field and click Apply The entry should appear in the Authentication Server Group Settings window i NOTE The user must configure Authentication Server Hosts using the Authentication Server Hosts window before adding hosts to the list Authentication Server Hosts must be configured for their specific prot
12. MAC Source Switch 802 1x Disabled Apply Figure 7 3 Switch Information Advanced Settings window The following fields can be set Parameter Description Serial Port Auto Logout This setting for the restart of the console is 2 Minutes 5 Minutes 10 Minutes 15 Minutes or Never The default is 10 Minutes Serial Port Baud Rate Determines the serial port bit rate that will be used the next time the Switch is restarted Available speeds are 9600 19 200 38 400 and 115 200 bits per second The default setting is 9600 MAC Address Aging Time 0 14400 Minutes This field specifies the length of time a learned MAC Address will remain in the forwarding table without being accessed that is how long a learned MAC Address is allowed to remain idle To change this type in a different value representing the MAC address age out time in seconds The MAC Address Aging Time can be set to any value between 0 and 14 400 The default setting is 5 IGMP Snooping This indicates if Internet Group Management Protocol IGMP Snooping is enabled on the Switch When enabled this feature instructs the Switch to read IGMP packets being forwarded through the Switch in order to obtain forwarding information from them learn which ports contain Multicast members The Switch s IGMP snooping state can be changed on the IGMP Snooping Settings window Configuration IGMP Snooping IGMP Snooping The de
13. Terminal Access Controller Access Control System plus Provides detailed access control for authentication for network devices TACACS is facilitated through Authentication commands via one or more centralized servers The TACACS protocol encrypts all traffic between the Switch and the TACACS daemon using the TCP protocol to ensure reliable delivery In order for the TACACS XTACACS TACACS RADIUS security function to work properly a TACACS XTACACS TACACS RADIUS server must be configured on a device other than the Switch called an Authentication Server Host and it must include usernames and passwords for authentication When the user is prompted by the Switch to enter usernames and passwords for authentication the Switch contacts the TACACS XTACACS TACACS RADIUS server to verify and the server will respond with one of three messages e The server verifies the username and password and the user is granted normal user privileges on the Switch e The server will not accept the username and password and the user is denied access to the Switch e The server doesn t respond to the verification query At this point the Switch receives the timeout from the server and then moves to the next method of verification configured in the method list The Switch has four built in Authentication Server Groups one for each of the TACACS XTACACS TACACS and RADIUS protocols These built in Authentication Server Groups are used to authenti
14. control frames te Mode Passive y 1 Passive g Passive 3 Passive DI Passive 5 Passive 6 Passive 7 Passive 8 Passive 9 Passive 10 Passive 11 Passive 12 Passive 13 Passive 14 Passive 15 Passive 16 Passive 17 Passive 18 Passive 19 Passive 20 Passive 21 Passive 22 Passive 23 Passive 24 Passive Figure 7 10 Port Trunking Configuration window The user changeable parameters are as follows Parameter Description From To A consecutive group of ports may be configured starting with the selected port Mode Active Active LACP ports are capable of processing and sending LACP control frames This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require In order to utilize the ability to change an aggregated port group that is to add or subtract ports from the group at least one of the participating devices must designate LACP ports as active Both devices must support LACP Passive LACP ports that are designated as passive cannot initially send LACP control frames In order to allow the linked port group to negotiate adjustments and make changes dynamically one end of the connection must have active LACP ports see above After setting the previous parameters click Apply to allow changes to be implemented The LACP Port Table shows which ports are active and or passive 33 DGS 3024 Gigabit Ethe
15. D Link Technical Support over the Telephone 32 70 66 06 40 Monday to Friday 9 00 am to 10 00 pm D Link Technical Support over the Internet www dlink be D Link Building Networks for People Pomoc techniczna Najnowsze wersje oprogramowania i dokumentacji u ytkownika mo na znale w serwisie internetowym firmy D Link D Link zapewnia bezp atn pomoc techniczn klientom w Polsce w okresie gwarancyjnym produktu Klienci z Polski mog si kontaktowa z dzia em pomocy technicznej firmy D Link za po rednictwem Internetu lub telefonicznie Telefoniczna pomoc techniczna firmy D Link 48 12 25 44 000 Pomoc techniczna firmy D Link wiadczona przez Internet URL http www dlink pl e mail dlink fixit pl D Link Building Networks for People Technicka podpora Aktualizovan verze software a u ivatelsk ch p ru ek najdete na webov strance firmy D Link D Link poskytuje sv m z kazn k m bezplatnou technickou podporu Z kazn ci mohou kontaktovat odd len technick podpory p es webov str nky mailem nebo telefonicky Web http www dlink cz suppport E mail support dlink cz Telefon 224 247 503 Telefonicka podpora je v provozu PO PA od 09 00 do 17 00 D Link Building Networks for People Technikai Tamogatas Meghajt programokat s frissit seket a D Link Magyarorsz g weblapj r l t lthet le Telefonon technikai segits get munkanapokon h tf t l cs t rt
16. OverSize Fragment Jabber mes Drop Bee 11 47 34 Unit packet sec Time Interval fis Record Number 200 y Show Hide M CrcError M UnderSize M OverSize M Fragment M Jabber Y Drop Figure 10 8 Rx Error Analysis window line graph To view the Received Error Packets Table click the link View Table which will show the following table 124 DGS 3024 Gigabit Ethernet Switch Manual Figure 10 9 Rx Error Analysis window table The following fields can be set Parameter Description Time Interval Select the desired setting between 7s and 60s where s stands for seconds The default value is one second Record Number Select the number of times the Switch will be polled between 20 and 200 The default value is 20 CrcError Counts otherwise valid packets that did not end on a byte octet boundary UnderSize The number of packets detected that are less than the minimum permitted packets size of 64 bytes and have a good CRC Undersize packets usually indicate collision fragments a normal network occurrence OverSize Counts packets received that were longer than 1518 octets or if a VLAN frame is 1522 octets and less than the MAX_PKT_LEN Internally MAX_PKT_LEN is equal to 1522 Fragment The number of packets less than 64 bytes with either bad framing or an invalid CRC These are normally the result of collisions Jabber The number of pac
17. SNMP Based Management You can manage the Switch with an SNMP compatible console program The Switch supports SNMP version 1 0 version 2 0 and version 3 0 The SNMP agent decodes the incoming SNMP messages and responds to requests with MIB objects stored in the database The SNMP agent updates the MIB objects to generate statistics and counters Command Line Console Interface Through the Serial Port You can also connect a computer or terminal to the serial console port to access the Switch The command line driven interface provides complete access to all Switch management features Connecting the Console Port RS 232 DCE The Switch provides an RS 232 serial port that enables a connection to a computer or terminal for monitoring and configuring the Switch This port is a female DB 9 connector implemented as a data terminal equipment DTE connection To use the console port you need the following equipment A terminal or a computer with both a serial port and the ability to emulate a terminal To connect a terminal to the console port 1 Connect the male connector of the RS 232 cable directly to the console port on the Switch and tighten the captive retaining screws 2 Connect the other end of the cable to a terminal or to the serial connector of a computer running terminal emulation software Set the terminal emulation software as follows Select the appropriate serial port COM port 1 or COM port 2 Set the data rate to 9600 ba
18. See the DPS 300 documentation for more information CAUTION Do not use the Switch with any redundant power system other than the DPS 300 DGS 3024 Gigabit Ethernet Switch Manual IDENTIFYING EXTERNAL COMPONENTS This chapter describes the front panel rear panel side panels and LED indicators of the DGS 3024 Front Panel The front panel of the Switch consists of LED indicators an RS 232 communication port 24 1000BASE T ports and four mini GBIC combo ports Gigabit Switch n 21 7 z z 7 z n s CET ne o ooN El ag gogy CODO ODDO z 7 z z m oma nm m 2 2 DGS 3024 Figure 3 1 Front panel view e An RS 232 DCE console port for setting up and managing the Switch via a connection to a console terminal or PC using a terminal emulation program e Comprehensive LED indicators display the status of the Switch and the network see the LED Indicators section below e Twenty four 1000BASE T Ethernet ports for 10 100 1000 connections to a backbone end stations and servers e Four mini GBIC combo ports to connect fiber optic media to another Switch server core router Switch or network backbone Rear Panel The rear panel of the Switch contains an external Redundant Power Supply connector and an AC power connector Red
19. aspects of network and end station operation Spanning Tree Protocol STP A bridge based system for providing fault tolerance on networks STP works by allowing you to implement parallel paths for network traffic and ensure that redundant paths are disabled when the main paths are operational and enabled if the main paths fail stack A group of network devices that are integrated to form a single logical device standby port The port in a resilient link that will take over data transmission if the main port in the link fails Switch A device that filters forwards and floods packets based on the packet s destination address The Switch learns the addresses associated with each Switch port and builds tables based on this information to be used for the Switching decision TCP IP A layered set of communications protocols providing Telnet terminal emulation FTP file transfer and other services for communication among a wide range of computer equipment 146 DGS 3024 Gigabit Ethernet Switch Manual Telnet A TCP IP application protocol that provides virtual terminal service allowing a user log in to another computer system and access a host as if the user were connected directly to the host TFTP Trivial File Transfer Protocol Allows you to transfer files such as software upgrades from a remote device using your Switch s local management capabilities UDP User Datagram Protocol An Internet standard protoco
20. click the Add button Both actions will result in the same window to configure Enable Method List Edit Method List Name E default Method 1 fi local_enable Keyword Method 2 Method 3 Show All Authentication Enable List Entries Figure 8 19 Enable Method List Edit window 103 DGS 3024 Gigabit Ethernet Switch Manual Enable Method List Add Method List Name Method 1 local_enable y Method 2 Method 3 Method 4 Show All Authentication Enable List Entries Figure 8 20 Enable Method List Add window To define an Enable Login Method List set the following parameters and click Apply Parameter Description Method List Name Enter a method list name defined by the user of up to 15 characters Method 1 2 3 4 The user may add one or a combination of up to four of the following authentication methods to this method list e local enable Adding this parameter will require the user to be authenticated using the local enable password database on the Switch The local enable password must be set by the user in the next section entitled Local Enable Password none Adding this parameter will require no authentication to access the Switch e radius Adding this parameter will require the user to be authenticated using the RADIUS protocol from a remote RADIUS server e tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a re
21. default The default VLAN has a VID 1 53 DGS 3024 Gigabit Ethernet Switch Manual IEEE 802 1Q VLANs Some relevant terms Tagging The act of putting 802 1Q VLAN information into the header of a packet Untagging The act of stripping 802 1Q VLAN information out of the packet header Ingress port A port on a Switch where packets are flowing into the Switch and VLAN decisions must be made Egress port A port on a Switch where packets are flowing out of the Switch either to another Switch or to an end station and tagging decisions must be made IEEE 802 1Q tagged VLANs are implemented on the Switch 802 1Q VLANs require tagging which enables them to span the entire network assuming all Switches on the network are IEEE 802 1Q compliant VLANs allow a network to be segmented in order to reduce the size of broadcast domains All packets entering a VLAN will only be forwarded to the stations over IEEE 802 1Q enabled Switches that are members of that VLAN and this includes broadcast multicast and unicast packets from unknown sources VLANs can also provide a level of security to your network IEEE 802 1Q VLANs will only deliver packets between stations that are members of the VLAN Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLANs allows VLANs to work with legacy Switches that don t recognize VLAN tags in packet headers The tagging feature allows VLANs to
22. documento D LINK con esta garant a limitada El t rmino producto de hardware DLINK se restringe a los componentes de hardware y a los componentes internos de estos incluyendo el firmware El t rmino producto de hardware D LINK NO incluye ni las aplicaciones ni los programas de software Cobertura geogr fica de la garant a limitada del producto Esta garant a limitada del producto es v lida en todos los pa ses europeos que figuran en el ap ndice Pa ses europeos de la garant a limitada del producto D LINK En esta garant a limitada del producto D Link el t rmino pa ses europeos s lo incluye los pa ses que figuran en el ap ndice La garant a limitada del producto ser v lida en cualquier pa s en el que D LINK o sus proveedores autorizados de servicios ofrezcan un servicio de garant a sujeto a los t rminos y condiciones recogidos en esta garant a limitada del producto Sin embargo la disponibilidad del servicio de garant a as como el tiempo de respuesta pueden variar de un pa s a otro y pueden estar sujetos a requisitos de registro Limitaci n de la garant a del producto D LINK garantiza que los productos descritos m s adelante est n libres de defectos de fabricaci n y materiales en condiciones normales de uso a lo largo del per odo de la garant a limitada del producto que se indica en este documento per odo de la garant a limitada del producto si el producto se ha utilizado y mant
23. elia Ae NON ae teats Ohh edt INS sce 103 Configure Local Enable Passworde occ Ria sone Waele Se 104 Enable AA a aa 105 Management ARA 106 OA IRE R REI E I 106 Admin and UserPrivileges n a lena ae alal 107 SNMP Manageriali ail anali nua aan paia 109 SNMP User Fable robi ea rn nen RENT Gba cai 109 SNMP View Table uao ninna ana aa iii 111 SNMP Group Table rete lai A RG on de ee 112 SNMP Community Table ian aan 114 SNMP HOSt Table test nn italo alal lo e ea ld tiglio alia 115 SNMPE EFngmelD ribelle ili Ola ii lana 116 VOLO SL IRR RS RR RS RION E RAS 117 AAA O NO 117 PACK ON 118 RECEIVE RI tice o dd A O EEA a dea ade i dea Fleet Ai dr a oe 118 MB a MR oda 120 Transmitted IR nenn ee eR do an nn pile e rer 122 DGS 3024 Gigabit Ethernet Switch Manual NN 124 Received RS ionica Lila ba o e AN fe de tte de aldo eso 124 A IX et tad eae ee O uti 126 IRA 128 Switch History Logica nen Ra arancia li 131 IGMP Snooping Group RR CR E A 132 IGMP Snooping Forwarding suessusssesssessosssonsnnnsnnssnnssnnssnnssnnssnnsnnnnsunssusnsnsnnnssansnnnsnnssnnssnnesnnssnnssnnssnnnsunsssnssnssnnssansnnnsnnnsnnssnnennn 133 MAN EE EE EREA 133 Router POM TIRA REA RA A A subs sosesssvedseauea Ai tibia 134 Session Table SO 134 Port Access Control nt aa A aan 135 RADIUS Authentic sa aaa ii REIT nee ase Ne den tr I AD rte en res 135 VELO CN RSR NS I RSR 136 FTP SCHVICES is sscssseasssccesuss ON NON 136 Downl
24. kig 9 00 16 00 r ig s p nteken 9 00 14 00 r ig k rhet a 1 461 3001 telefonsz mon vagy a support dlink hu emailcimen Magyarorszagi technikai tamogatas D Link Magyarorszag 1074 Budapest Als erd sor u 6 R70 Irodah z 1 em Tel 06 1 461 3001 Fax 06 1 461 3004 email support dlink hu URL http www dlink hu D Link Building Networks for People Teknisk Support Du kan finne programvare oppdateringer og bruker dokumentasjon pa D Links web sider D Link tilbyr sine kunder gratis teknisk support under produktets garantitid Kunder kan kontakte D Links teknisk support via vare hjemmesider eller pa tlf Teknisk Support D Link Teknisk telefon Support 800 10 610 Hverdager 08 00 20 00 D Link Teknisk Support over Internett http www dlink no D Link Building Networks for People Teknisk Support Du finder software opdateringer og bruger dokumentation pa D Link s hjemmeside D Link tilbyder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode Danske kunder kan kontakte D Link s tekniske support via vores hjemmeside eller telefonisk D Link teknisk support over telefonen TIf 7026 9040 Hverdager kI 08 00 20 00 D Link teknisk support p Internettet http www dlink dk D Link Building Networks for People Teknista tukea asiakkaille Suomessa D Link tarjoaa teknista tukea asiakkailleen Tuotteen t
25. sente garantie ne s applique pas aux probl mes qui sont la cons quence a d alt rations ou d ajouts non autoris s b d une n gligence d un abus ou d une mauvaise utilisation notamment une utilisation du produit non conforme ses sp cifications ou aux interfaces requises c d une mauvaise manipulation d d une panne de biens ou de services acquis aupr s d une soci t tierce non D LINK ou qui ne font pas l objet d un contrat D LINK de garantie ou de maintenance en bonne et due forme e d une mauvaise utilisation ou d un rangement dans des conditions inadapt es ou f du feu de l eau d une catastrophe naturelle ou autre La pr sente garantie ne s applique pas non plus un produit dont le num ro de s rie D LINK aurait t retir ou alt r de quelque mani re que ce soit D LINK N EST NULLEMENT RESPONSABLE DE DOMMAGES RESULTANT DE VOTRE INOBSERVATION DES INSTRUCTIONS FOURNIES POUR L UTILISATION DE SON PRODUIT MATERIEL P riode de Garantie Produit Limit e La P riode de Garantie Produit Limit e court compter de la date d achat aupr s de D LINK La date de votre re u ou bon de livraison correspond la date d achat du produit et constitue la date de votre preuve d achat Il est possible que le service de garantie ne vous soit accord que sur production de votre preuve d achat Vous avez droit un service de garantie conforme aux modalit s nonc es dans les pr sen
26. sys ID ext 1 Figure 7 24 STP Instance Settings window The following information is displayed Parameter Description Instance Type Displays the instance type s currently configured on the Switch Each instance type is classified by an MSTI ID CIST refers to the default MSTI configuration set on the Switch Instance Status Displays the current status of the corresponding MSTI ID Instance Priority Displays the priority of the corresponding MSTI Instance Type The lowest priority will be the root bridge Priority Click the Modify button to change the priority of the MSTI This will open the Instance ID Settings window to configure The Type field in this window will be permanently set to Set Priority Only Enter the new priority in the Priority field and click Apply to implement the new priority setting Click Apply to implement changes made Clicking the hyperlinked name will allow the user to view the current parameters set for the MSTI Instance STP Instance Operational Designated Root Bridge 4096 00 01 27 32 26 95 External Root Cost 200004 Regional Root Bridge 32768 00 53 13 1a 33 24 Internal Root Cost 0 Designated Bridge 32768 00 50 ba 71 20 d6 Root Port 1 Max Age 20 Forward Delay 15 Last Topology Change 177 Topology Changes Count 157 bhow STP Instance Table Figure 7 25 STP Instance Operational Status window CIST 46 DGS 3024 Gigabit Ethern
27. times 1 255 Time Out fi seconds 1 99 Start Figure 11 5 Ping Test window The user may use the Infinite times radio button in the Repeat Pinging for field which will tell the ping program to keep sending ICMP Echo packets to the specified IP address until the program is stopped The user may opt to choose a specific number of times to ping the Target IP Address by clicking its radio button and entering a number between 7 and 255 Click Start to initiate the Ping program Save Changes The DGS 3204 has two levels of memory normal RAM and non volatile or NV RAM Configuration changes are made effective by clicking the Apply button When this is done the settings will be immediately applied to the Switching software in RAM and will immediately take effect Some settings though require you to restart the Switch before they will take effect Restarting the Switch erases all settings in RAM and reloads the stored settings from the NV RAM Thus it is necessary to save all setting changes to NV RAM before rebooting the Switch To retain any configuration changes permanently click the Save Changes link in the Maintenance folder The following window will appear Save Configuration Save system settings to NV RAM Save Configuration Figure 11 6 Save Configuration window 138 DGS 3024 Gigabit Ethernet Switch Manual Click the Save Configuration button to save the current Switch configuration in NV RAM The foll
28. 32 0 2 517 6500 URL www dlink be Poland Budynek Aurum ul Walic w 11 PL 00 851 Warszawa Poland TEL 48 0 22 583 92 75 FAX 48 0 22 583 92 76 URL www dlink pl Hungary R k czi t 70 72 HU 1074 Budapest Hungary TEL 36 0 1 461 30 00 FAX 36 0 1 461 30 09 URL www dlink hu Singapore 1 International Business Park 03 12 The Synergy Singapore 609917 TEL 65 6774 6233 FAX 65 6774 6322 URL www dlink intl com Australia 1 Giffnock Avenue North Ryde NSW 2113 Australia TEL 61 2 8899 1800 FAX 61 2 8899 1868 URL www dlink com au India D Link House Kurla Bandra Complex Road Off CST Road Santacruz East Mumbai 400098 India TEL 91 022 26526696 56902210 FAX 91 022 26528914 URL www dlink co in Middle East Dubai P O Box 500376 Office 103 Building 3 Dubai Internet City Dubai United Arab Emirates Tel 971 4 3916480 Fax 971 4 3908881 URL www dlink me com Turkey Cetin Emec Bulvari 74 sokak ABC Plaza No 9 3 Ovecler Ankara TURKEY TEL 0090 312 473 40 55 FAX 0090 312 473 40 58 URL www dlink com tr Egypt 47 El Merghany street Heliopolis Cairo Egypt TEL 202 2919035 202 2919047 FAX 202 2919051 URL www dlink me com Israel 11 Hamanofim Street Ackerstein Towers Regus Business Center P O B 2148 Hertzelia Pituach 46120 Israel TEL 972 9 9715700 FAX 972 9 9715601 URL www dlink co il LatinAmerica Isidora Goyeechea 2934 Ofcin
29. CIRO OPE IR RI RI TR 1 CERRO I AR 1 Performance Features uniranno dai 1 Management e e o ts E A e a a a eSti 1 Unpacking and Setup o occcocconnconnconnconnconncnnnonnnonononoconoconoconocnonnncn noc noon nooo ezio ee cene senese nese nono eee seneca nine ze senese nese non con eine eee eee nice neneeneeneone 3 Packing Bist 4 2 Li Aiino 3 Inst llation 2 2a ana lE nadal aLaaa aan 3 Desktop or ShelfInst llation z 2 2 42 282 22 2 e ar ideale elia petit 4 Rack Installations acer Rn ae aI AR ARE rinnen A ld e ae 4 POWELION Lei A AA En ee ee RARE ORI rest rere corre eee trees 5 Power Fale ii a aaa 5 External Redundant Power SM dit 6 Identifying External Components 22 s0ss0rsonssnnssnnesnnssnssnnnssnsssussnnssnsnsunssnsnsensonssansnnnsnnssnnssnnssnnssnsssnnssnnssssssnsssnssanssnnsnnnsnnssnnssnnennn 7 Front Panel A a A dd di 7 Rear Panel mdr sn a dt e e de e de ele all oe E SES A si an do Hecke uk ie 7 SO A artigli IRE ges selec Se ee 8 LED Indicators ects cette rach ash la Luise MAR nasi ttn nc e 8 Connecting the Switch ssersrssonssorsnssnnssnnssnnssnnssnnssnessunssnsnnnsnnnsnnnsnnnsnnssnnssnnssnnssnnssnnssusssnsssnssnnsnansnnnsnnssnnssnnssnnssnsssnnssnnsssnssnsssnssansnane 9 Switeh to End NOE sieges cca essen a E 9 Switch to Hub or Switch selten reco lhi ergehen neh i 10 Switch to Core Router Switch secs arr Ella Rk A Re Ri 10 Introduction to Switch Management sursorssorsonssnssnnssnns
30. DGS 3024 Gigabit Switch Sii OL CCD ia CROSSOVER CABLE Switch or Hub STRAIGHT CABLE Figure 4 2 Switch connected to a normal non Uplink port on a hub or Switch using a straight or crossover cable Switch to Core Router Switch This connection can be accomplished using the following fiber optic media e SFP Transceiver for 1000BASE LX Single mode fiber module 10km e SFP Transceiver for 1000BASE SX Multi mode fiber module 550m e SFP Transceiver for 1000BASE LHX Single mode fiber module 50km e SFP Transceiver for 1000BASE ZX Single mode fiber module 80km Optical Fiber Cable Figure 4 3 Switch connected by optical fiber cable to a Core Router Switch with a server connected by crossover cable and a PC connected by a Category 3 4 5 or 5e UTP STP cable DGS 3024 Gigabit Ethernet Switch Manual INTRODUCTION TO SWITCH MANAGEMENT Management Options This system may be managed out of band through the console port on the front panel or in band using Telnet The user may also choose the web based management accessible through a web browser Web based Management Interface After you have successfully installed the Switch you can configure the Switch monitor the LED panel and display statistics graphically using a web browser such as Netscape Navigator version 6 2 and higher or Microsoft Internet Explorer version 5 0
31. LINK venduti da D LINK Europe Ltd dalle sue controllate dalle sue affiliate dai rivenditori autorizzati o dai distributori nazionali di seguito denominati collettivamente D LINK accompagnati dalla presente garanzia limitata Il termine Prodotto hardware D LINK si riferisce esclusivamente ai componenti hardware e a tutte le parti interne compreso il firmware Il termine Prodotto hardware D LINK NON comprende eventuali applicazioni o programmi software Ambito geografico della Garanzia limitata La presente Garanzia estesa a tutti i Paesi europei elencati nell appendice Paesi europei Garanzia limitata dei prodotti D LINK Il termine Paesi europei si riferisce esclusivamente ai paesi nominati in questa appendice La Garanzia verr riconosciuta in tutti i paesi nei quail D LINK o i suoi Centri di Assistenza autorizzati offrono assistenza conformemente alle condizioni e ai termini stabiliti nella presente Garanzia Tuttavia la disponibilit all assistenza e i tempi di intervento variano da paese a paese e possono essere soggetti a eventuali requisiti di registrazione Limitazione della Garanzia D LINK garantisce che i prodotti sotto descritti in condizioni di normale utilizzo non presentano difetti di fabbricazione o vizi di materiale durante il Periodo di garanzia sotto specificato Periodo di garanzia a condizione che vengano utilizzati e sottoposti a manutenzione in conformit con il manuale
32. Produit Limit e La pr sente Garantie Produit Limit e s applique tous les pays europ ens figurant dans l annexe Pays europ ens o s applique la Garantie Produit Limit e D LINK Le terme de pays europ ens utilis dans la pr sente Garantie Produit Limit e D LINK englobe uniquement les pays figurant dans la liste en annexe La Garantie Produit Limit e sera honor e dans tout pays o D LINK ou ses prestataires agr s proposent le service de garantie sous r serve des modalit s nonc es dans la pr sente Garantie Produit Limit e Cependant la disponibilit du service de garantie et les temps de r ponse varient d un pays l autre et peuvent galement tre assujettis un enregistrement Limitation de la Garantie Produit D LINK garantit que les produits d crits ci dessous dans le cadre d une utilisation normale sont d nu s de d fauts cons quents tant au niveau de leurs composants mat riels que de leur fabrication et ce pendant toute la P riode de Garantie Produit Limit e indiqu e ci dessous P riode de Garantie Produit Limit e sous r serve qu ils soient utilis s et entretenus conform ment au manuel utilisateur et aux autres documents remis au client lors de l achat ou amend s de temps autre D LINK ne garantit pas le fonctionnement ininterrompu ou sans erreur de ses produits D LINK ne s engage pas non plus corriger tous les d fauts erreurs ou non conformit s La pr
33. Status This allows you to set the RADIUS authentic server to Valid or Invalid 85 DGS 3024 Gigabit Ethernet Switch Manual Static ARP Settings The Address Resolution Protocol ARP is a TCP IP protocol that converts IP addresses into physical addresses This table allows network managers to view define modify and delete ARP information for specific devices Static entries can be defined in the ARP Table When static entries are defined a permanent entry is entered and is used to translate IP address to MAC addresses To open the Static ARP Table open the Configuration folder and click on the Static ARP Settings link Add Clear All Stati gt Catina Static ARP Settings Interface Name IP Address MAC Address Figure 7 65 Static ARP Settings window To add a new entry click the Add button revealing the following window to configure Static ARP Table Add a New Entry Address 0 0 0 0 MAC Address 00 00 00 00 00 00 Apply Show All Static ARP Entries Figure 7 66 Static ARP Table Add a New Entry window The following fields can be set Parameter Description IP Address The IP address of the ARP entry MAC Address The MAC address of the ARP entry After entering the IP Address and MAC Address of the Static ARP entry click Apply to implement the new entry To completely clear the Static ARP Settings click the Clear All button 86 DGS 3024 Gigabit Ethern
34. System Log Servers link 74 DGS 3024 Gigabit Ethernet Switch Manual Port Access Entity 802 1x Port Based Access Control The IEEE 802 1x standard is a security measure for authorizing and authenticating users to gain access to various wired or wireless devices on a specified Local Area Network by using a Client and Server based access control model This is accomplished by using a RADIUS server to authenticate users trying to access a network by relaying Extensible Authentication Protocol over LAN EAPOL packets between the Client and the Server The following figure represents a basic EAPOL packet Ethernet Frame Destination Type CRC 0180C2 000003 88 85 ee Packet Type Es EAPOL packet Figure 7 52 EAPOL Packet working Access Control security method Utilizing this method unauthorized devices are restricted from connecting to a LAN through a port to which the user is connected EAPOL packets are the only traffic that can be transmitted through the specific port until authorization is granted The 802 1x Access Control protocol consists of three components each of which is vital to creating and maintaining a stable and Authentication Client Authenticator Server Network Port Ne rs Ethernet Switch etc EAP Over LAN Encapsulated EAP EAP Over Wireless 802 3 or 802 11 Messages typically on RADIUS Figure 7 53 Three Functions of 802 1x The following section will explain Clie
35. The Auto setting allows the port to automatically determine the fastest settings the device the port is connected to can handle and then to use those settings The other options are 10M Half 10M Full 100M Half and T00M Full 1000M Full_M and 1000M Full_S There is no automatic adjustment of port settings with any option other than Auto The Switch allows the user to configure two types of gigabit connections 1000M Full_M and 1000M Full_S Gigabit connections are only supported in full duplex connections and take on certain characteristics that are different from the other choices listed The 1000M Full_M master and 1000M Full_S slave parameters refer to connections running a 1000BASE T cable for connection between the Switch port and other device capable of a gigabit connection The master setting 1000M Full_M will allow the port to advertise capabilities related to duplex speed and physical layer type The master setting will also determine the master and slave relationship between the two connected physical layers This relationship is necessary for establishing the timing control between the two physical layers The timing control is set on a master physical layer by a local source The slave setting 7000M Full_S uses loop timing where the timing comes form a data stream received from the master If one connection is set for 1000M Full_M the other side of the connection must be set for 1000M Full_S Any other configuration will result i
36. This ciphersuite combines the RSA key exchange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm Use the pull down menu to enable or disable this ciphersuite This field is Enabled by default 89 DGS 3024 Gigabit Ethernet Switch Manual DHS DSS with 3DES This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher EDE CBC SHA 3DES_EDE encryption and SHA Hash Algorithm Use the pull down menu to enable or disable this ciphersuite This field is Enabled by default RSA EXPORT with This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption RC4 40 MD5 with 40 bit keys Use the pull down menu to enable or disable this ciphersuite This field is Enabled by default NOTE Certain implementations concerning the function and configuration gt of SSL are not available on the web based management of this Switch and need to be configured using the command line interface For more information on SSL and its functions see the DGS 3024 Command Line Interface Reference Manual located on the documentation CD of this product NOTE Enabling the SSL command will disable the web based Switch management To log on to the Switch again the header of the URL must begin with https Entering anything else into the address field of the web browser will result in an error and no authentication will be granted 90 DGS 3024 Gigabit Ethernet Switch Manual Sec
37. Trunk Groups The members of a trunk group have the same VLAN setting Any VLAN setting on the members of a trunk group will apply to the other member ports i NOTE In order to use VLAN segmentation in conjunction with port trunk groups first E set the port trunk group s and then configure VLAN settings To change the port ij trunk grouping with VLANs already in place users will not need to reconfigure the Le VLAN settings after changing the port trunk group settings VLAN settings will automatically change in conjunction with the change of the port trunk group settings 57 DGS 3024 Gigabit Ethernet Switch Manual Static VLAN Entry In the Configuration folder open the VLANs folder and click the Static VLAN Entry link to open the following window default a Trinity Modify Figure 7 35 802 1Q Static VLANs window The first 802 1Q Static VLANs window lists all previously configured VLANs by VLAN ID and VLAN Name To delete an existing 802 1Q VLAN click the corresponding X button under the Delete heading To create a new 802 1Q VLAN click the Add button in the first 802 1Q Static VLANs window A new window will appear as shown below to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new window ns ES eo ER O aaa CS M M Mov lv vu iV MY lv lv lv vv lv lv lv ju jv no Baer rer Bes sj s we ss e
38. alphanumeric string of up to 32 characters This is used to identify the new SNMP view being created Subtree OID Type the Object Identifier OID Subtree for the view The OID identifies an object tree MIB tree that will be included or excluded from access by an SNMP manager View Type Select Included to include this object in the list of objects that an SNMP manager can access Select Excluded to exclude this object from the list of objects that an SNMP manager can access To implement your new settings click Apply To return to the SNMP View Table click the Show All SNMP View Table Entries link 111 DGS 3024 Gigabit Ethernet Switch Manual SNMP Group Table An SNMP Group created with this table maps SNMP users identified in the SNMP User Table to the views created in the previous menu To view the SNMP Group Table window open the SNMP Manager folder in the Management folder and click the SNMP Group Table entry The following window should appear Add Total Entries 5 Note It is allowed insert 30 entries into the table only SNMP Group Table public SNMPv1 NoAuthNoPriv x public SNMPv2 NoAuthNoPriv X initial SNMPv3 NoAuthNoPrw X rivate SNMPv1 NoAuthNoPriv X rivate SNMPv2 NoAuthNoPrw X Figure 9 8 SNMP Group Table window To delete an existing SNMP Group Table entry click the corresponding under the Delete heading To display the current settings for an existing SNMP Group Table entry
39. and then slide the component into the rack Do not overload the AC supply branch circuit that provides power to the rack The total rack load should not exceed 80 percent of the branch circuit rating Ensure that proper airflow is provided to components in the rack Do not step on or stand on any component when servicing other components in a rack and to safety grounds All electrical wiring must comply with applicable iy NOTE A qualified electrician must perform all connections to DC power L local or national codes and practices CAUTION Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available CAUTION The system chassis must be positively grounded to the rack cabinet frame Do not attempt to connect power to the system until grounding cables are connected Completed power and safety ground wiring must be inspected by a qualified electrical inspector An energy hazard will exist if the safety ground cable is omitted or disconnected xiii DGS 3024 Gigabit Ethernet Switch Manual Protecting Against Electrostatic Discharge Static electricity can harm delicate components inside your system To prevent static damage discharge static electricity from your body before you touch any of the electronic components such as the microprocessor You ca
40. can be Enabled or Disabled When Enabled it allows the forwarding of STP BPDU BPDU packets from other network devices The default is Enabled LBD This feature is used to temporarily block STP on the Switch when a BPDU packet has been looped back to the switch When the Switch detects its own BPDU packet coming back it signifies a loop on the network STP will automatically be blocked and an alert will be sent to the administrator The LBD STP port will restart change to discarding state when the LBD Recover Time times out The user may enable or disable this function using the pull down menu The default is enabled LBD Recover Time This field will set the time the STP port will wait before recovering the STP state set 0 will denote that the LBD will never time out or restart until the administrator personally changes it The user may also set a time between 60 and 1000000 seconds The default is 60 seconds Click Apply to implement changes made fa y NOTE The Hello Time cannot be longer than the Max Age Otherwise a configuration error will occur Observe the following formulas when setting the above parameters Max Age lt 2 x Forward Delay 1 second Max Age 2 2 x Hello Time 1 second 41 DGS 3024 Gigabit Ethernet Switch Manual MST Configuration Table The following windows allow the user to configure a MSTI instance on the Switch These settings will uniquely identify a multiple spanning t
41. can be adapted for either optical or copper applications GBICs also are hot swappable which adds to the ease of upgrading electro optical communication networks half duplex A system that allows packets to be transmitted and received but not at the same time Contrasts with full duplex IP address Internet Protocol address A unique identifier for a device attached to a network using TCP IP The address is written as four octets separated with full stops periods and is made up of a network section an optional subnet section and a host section IPX Internetwork Packet Exchange A protocol allowing communication in a NetWare network LAN Local Area Network A network of connected computing resources such as PCs printers servers covering a relatively small geographic area usually not larger than a floor or building Characterized by high data rates and low error rates latency The delay between the time a device receives a packet and the time the packet is forwarded out of the destination port line speed See baud rate main port The port in a resilient link that carries data traffic in normal operating conditions MDI Medium Dependent Interface An Ethernet port connection where the transmitter of one device is connected to the receiver of another device MDI X Medium Dependent Interface Cross over An Ethernet port connection where the internal transmit and receive lines are crossed MIB
42. click the hyperlink for the entry under the Group Name Read View Name Community View Write View Name Notify View Name Community View Security Model SNMPv1 Security Level NoAuthNoPriv Show All SNMP Group Table Entries Figure 9 9 SNMP Group Table Display window To add a new entry to the Switch s SNMP Group Table click the Add button in the upper left hand corner of the SNMP Group Table window This will open the SNMP Group Table Configuration window as shown below 112 DGS 3024 Gigabit Ethernet Switch Manual SNMP Group Table Configur Group Name Read View Name Write View Name Notify View Name SNMPv1 Security Level Nc y how All SNMP Group Table Entries Figure 9 10 SNMP Group Table Configuration window The following parameters can be set Parameter Description Group Name Type an alphanumeric string of up to 32 characters This is used to identify the new SNMP group of SNMP users Read View Name This name is used to specify the SNMP group created can request SNMP messages Write View Name Specify a SNMP group name for users that are allowed SNMP write privileges to the Switch s SNMP agent Notify View Name Specify a SNMP group name for users that can receive SNMP trap messages generated by the Switch s SNMP agent Security Model SNMPv1 Specifies that SNMP version 1 will be used SNMPv2 Specifies that SNMP version 2c will be us
43. config ipif System ipaddress XXX XXX XXX XXX YYY YYY YYY yyy Where the x s represent the IP address to be assigned to the IP interface named System and the y s represent the corresponding subnet mask Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation The IP interface named System on the Switch can be assigned an IP address and subnet mask which can then be used to connect a management station to the Switch s Telnet or Web based management agent The system message Success indicates that the command was executed successfully The Switch can now be configured and managed via Telnet and the CLI or via the Web based management agent using the above IP address to connect to the Switch 22 DGS 3024 Gigabit Ethernet Switch Manual Switch Information This window is used to enter name location and contact information Click Apply to activate the new settings MAC Address 00 11 95 8d 5 8b Boot PROM Version Build 1 00 B02 Hardware Version 041 Soon ro oo System Contact Apply Figure 7 2 Switch Information Basic Settings window The information is described as follows Parameter Description Device Type A description of the Switch type MAC Address The Ethernet address for the device Also known as the physic
44. confuse these settings with port Le numbers QoS Output Scheduling QoS can be customized by changing the output scheduling used for the hardware classes of service in the Switch As with any changes to QoS implementation careful consideration should be given to how network traffic in lower priority classes of service is affected Changes in scheduling may result in unacceptable levels of packet loss or significant transmission delay If you choose to customize this setting it is important to monitor network performance especially during peak demand as bottlenecks can quickly develop if the QoS settings are not suitable In the Configuration folder open the QoS folder and click QoS Output Scheduling to view the window shown below Max Packets Apply Figure 7 47 QoS Output Scheduling window You may assign the following values to the QoS classes to set the scheduling Parameter Description Max Packets Specifies the maximum number of packets the above specified hardware priority class of service will be allowed to transmit before allowing the next lowest priority queue to transmit its packets A value between 0 and 15 can be specified Click Apply to implement changes made 70 DGS 3024 Gigabit Ethernet Switch Manual MAC Notification MAC Notification is used to monitor MAC addresses learned and entered into the forwarding database MAC Notification Global Settings To globally
45. d uso e con ogni altra documentazione fornita all acquirente all atto dell acquisto e relativi emendamenti D LINK non garantisce che il funzionamento del prodotto sar ininterrotto o esente da errori n tanto meno che tutti gli eventuali errori carenze difetti o non conformit potranno essere corretti La presente garanzia non copre eventuali problemi derivanti da a alterazioni o aggiunte non autorizzate b negligenza abuso o utilizzo improprio compresa l incapacit di far funzionare il prodotto in conformit con le specifiche e i requisiti di connessione c movimentazione impropria d guasto di prodotti o servizi non forniti da D LINK o non soggetti a una garanzia successiva di D LINK o a un accordo di manutenzione e impiego o conservazione impropri f incendio inondazione cause di forza maggiore o altro evento catastrofico accidentale La presente garanzia non si applica altres ad alcun prodotto particolare qualora il numero di serie di D LINK sia stato rimosso o reso illeggibile in altro modo D LINK DECLINA OGNI RESPONSABILIT PER EVENTUALI DANNI RISULTANTI DAL MANCATO RISPETTO DELLE ISTRUZIONI RELATIVE AL PRODOTTO HARDWARE D LINK Periodo di garanzia Il Periodo di garanzia ha decorrenza dalla data dell acquisto presso D LINK Prova della data di acquisto il documento fiscale scontrino fiscale o ricevuta recante la data di acquisto del prodotto Per avere diritto alla garanzia pu esserVi richiesto di
46. de D Link por tel fono 34 902 30 45 45 Lunes a Viernes de 9 00 a 14 00 y de 15 00 a 18 00 Asistencia T cnica de D Link a trav s de Internet http www dlink es support e mail soporte dlink es D Link Building Networks for People Supporto tecnico Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D Link Supporto tecnico per i clienti residenti in Italia D Link Mediterraneo S r L Via N Bonnet 6 B 20154 Milano Supporto Tecnico dal lunedi al venerdi dalle ore 9 00 alle ore 19 00 con orario continuato Telefono 02 39607160 URL http www dlink it supporto html Email tech dlink it D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link website D Link provides free technical support for customers within Benelux for the duration of the warranty period on this product Benelux customers can contact D Link technical support through our website or by phone Tech Support for customers within the Netherlands D Link Technical Support over the Telephone 0900 501 2007 Monday to Friday 9 00 am to 10 00 pm D Link Technical Support over the Internet www dlink nl Tech Support for customers within Belgium D Link Technical Support over the Telephone 070 66 06 40 Monday to Friday 9 00 am to 10 00 pm D Link Technical Support over the Internet www dlink be Tech Support for customers within Luxemburg
47. i ne en 77 Authentication Process iis cecil tents iis hal sen LR ado e Tae e alibi nn eh AS 77 Port Based Network Access Control A eG es 78 Configure Authenticatot u a ana aaa nanna rte 79 Local Users crea ee eet Ae en A AG 81 802 1 Capability Sen ea Ana AR a dena ere te ren 82 Intiahze Port Sy tant ke fod ed den Ose canbe Fedo RSS OES ARS edili T lune deci re dll rue 83 Reauthenticate Por Bela ALLE 84 RADIUS Setefano nioe nenn A a 85 Stati ARP AAA ssestesnesoeseedondecseass duvesenseasouuscunsssseseencusd csescuiets svecennsassosedes 86 DGS 3024 Gigabit Ethernet Switch Manual SOCUMILY carne Rara 87 Trusted Hosts nn O A RIA IAA RARA 87 Secure Socket Laver SSD rreren ornnes aoii eiie a Eo EEKE Ei E ASe E i E a EEEE E ariin 88 AN A E IRR ee E sen 88 E A ASE EE E A E E 89 Secure Shell RSS 91 SSH Configuration aula eil heen Pe AR ed A See ara 92 SSH Algorithmi niadeni ande Oa aaa i 93 SSH User Authentication saze iti sn aise mme la han i td alati 95 Access Authentication COMETOL wiccie ioc ccesicceseccecdseessescenestescenesthscesoscesconescoscesesseaceseuccececessesdareseascesecee scesestneceseccescesesceseesesarsdesssesecees 96 Policy and Parametros A Ra aaa iaia 97 Application Authentication Settings nen nenseensennenn 97 Authentication NOU Ledda La 98 Authentication Server Hosteria actas tagen aa ela lada o doo od ld lod tentes 100 Login Method A LA A 101 Enable Method Lists
48. of times the Switch will be polled between 20 and 200 The default value is 20 Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast Counts the total number of good packets that were received by a broadcast address Show Hide Check whether or not to display Multicast Broadcast and Unicast Packets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display a line graph rather than a table 121 DGS 3024 Gigabit Ethernet Switch Manual Transmitted TX Click the Transmitted TX link in the Packets folder of the Monitoring menu to view the following graph of packets transmitted from the Switch Clear View Table Show Hide M Bytes M Packets Tx Packets Analysis Port 1 Time Interval Record Number Bytes 4058 Packets A N 17 39 20 Figure 10 6 Tx Packets Analysis window line graph for Bytes and Packets To view the Transmitted TX Table click the link View Table which will show the following table 122 DGS 3024 Gigabit Ethernet Switch Manual View LineChart Packet Analysis of Port1 Timeinteva SEES Bytes
49. services allow the Switch s firmware to be upgraded by transferring a new firmware file from a TFTP server to the Switch A configuration file can also be loaded into the Switch from a TFTP server Switch settings can be saved to the TFTP server and a history log can be uploaded from the Switch to the TFTP server Download Firmware To update the Switch s firmware open the TFTP Services folder in the Maintenance folder and click the Download Firmware link Download Firmware from TFTP Sever Server IP Address Fe ane NE Start Figure 11 1 Download Firmware from TFTP Server window To download firmware configure the following fields and click Start Parameter Description Server IP Address Enter the IP address of the server from which to download firmware File Name Specify the path and filename of the firmware on the Server Download Configuration File To download a settings file from a TFTP server click on the TFTP Service folder in the Maintenance folder and then the Download Configuration File link Server IP Address Fi Name NN Start Apply Figure 11 2 Download Settings from TFTP Server window Enter the IP address of the TFTP server and specify the location of the Switch settings file on the TFTP server Click Start to record the IP address of the TFTP server and to initiate the file transfer 136 DGS 3024 Gigabit Ethernet Switch Manual Save Settings
50. trunk group and a port can be a member of only one trunk group at a time Show All Port Trunking Group Entries Figure 7 9 Port Trunking Configuration window The user changeable parameters are as follows Parameter Description Group ID 1 4 Select an ID number for the group between 7 and 4 State Trunk groups can be toggled between Enabled and Disabled This is used to turn a port trunking group on or off This is useful for diagnostics to quickly isolate a bandwidth intensive network device or to have an absolute backup aggregation group that is not under automatic control Type The types of port trunking supported by the DGS 3024 are Static and LACP Master Port Choose the Master Port for the trunk group using the pull down menu Port Map Choose the members of a trunked group Up to eight ports per group can be assigned to a group Active Port Shows the port that is currently forwarding packets After setting the previous parameters click Apply to allow your changes to be implemented Successfully created trunk groups will be show in the Current Trunking Group Entries table 32 DGS 3024 Gigabit Ethernet Switch Manual LACP Port Settings The LACP Port Settings window is used in conjunction with the Link Aggregation window to create port trunking groups on the Switch Using the following window the user may set which ports will be active and passive in processing and sending LACP
51. ventilation Be reminded that without proper heat dissipation and air circulation system components might overheat which could lead to system failure LED Indicators The LED indicators of the Switch include Power Console RPS Speed and Link Activity The following shows the LED indicators for the Switch along with an explanation of each indicator Gigabit Switch DGS 3024 Diagnostics RS 232 us ES A E 1 3 5 7 9 11 13 15 17 19 2 Link m Powe E E E E E E EEEE x nu ERS E E E E E E E E EE E 1000 DCE 9600 n 8 1 2 4 6 8 10 12 14 16 18 20 22 24 E Console E E E E E E E E E E n D Link Figure 3 4 LED indicators e Power This indicator on the front panel lights solid green when the system is powered up and remains dark when the system is not powered on e RPS This indicator is lit solid amber when the external Redundant Power Supply is in operation and remains dark when it is not in use or the main power is working normally e Console This indicator blinks green when the system is booting up It remains solid green when the system is operating properly The LED is solid amber when the POST fails e Speed This row of indicators will light solid green when the connection speed is operating at 1000 Mbps An unlit LED indicates a connection speed of either 10 or 100 Mbps e Link Act This row of indicators for the 24 copper ports light solid green when there is a secure connection or link to a
52. wishes to add to this MSTI ID Supported VIDs on the Switch range from ID number 7 to 4094 This parameter can only be utilized if the Type chosen is Add or Remove Click Apply to implement changes made 44 DGS 3024 Gigabit Ethernet Switch Manual MSTI Settings This window displays the current MSTI configuration settings and can be used to update the port configuration for an MSTI ID If a loop occurs the MSTP function will use the port priority to select an interface to put into the forwarding state Set a higher priority value for interfaces to be selected for forwarding first In instances where the priority value is identical the MSTP function will implement the lowest port number into the forwarding state and other interfaces will be blocked Remember that lower priority values mean higher priorities for forwarding packets To view the following window click Configuration gt Spanning Tree gt MSTI Settings Port 1 Apply 200000 128 Disabled Disabled Figure 7 22 MSTI Port Information window To view the MSTI settings for a particular port select the Port number located in the top left hand corner of the window and click Apply To modify the settings for a particular MSTI Instance click on its hyperlinked MSTI ID which will reveal the following window TI Settings Port 1 of Unit 1 Show MSTP Port Information Table Port 1 of Unit 1 Figure 7 23 MSTI Settings window Parame
53. 0 no i both auto 30 60 30 30 2 3600 no 8 both auto 30 60 30 30 3600 no 9 both auto 30 60 30 30 2 3600 no 10 both auto 30 60 30 30 3600 no dl both auto 30 60 30 30 2 3600 no 42 both auto 30 60 30 30 2 3600 no is both auto 30 60 30 30 2 3600 no 14 both auto 30 60 30 30 2 3600 no da both auto 30 60 30 30 2 3600 no 16 both auto 30 60 30 30 Ze 3600 no di both auto 30 60 30 30 2 3600 no 13 both auto 30 60 30 30 2 3600 no 19 both auto 30 60 30 30 2 3600 no 20 both auto 30 60 30 30 2 3600 no El both auto 30 60 30 30 2 3600 no 22 both auto 30 60 30 30 2 3600 no 23 both auto 30 60 30 30 2 3600 no 24 both auto 30 60 30 30 2 3600 no Figure 7 58 First 802 1x Authenticator Settings window To configure the settings by port click on the hyperlinked port number under the Port heading which will display the following table to configure 79 DGS 3024 Gigabit Ethernet Switch Manual B02 1X AuthentcatorSetings Cr Show Authenticators Setting Apply Il Figure 7 59 802 1x Authenticator Settings window Modify This window allows the following features to be set Parameter Description From and To Enter the port or ports to be set AdmDir Sets the administrative controlled direction to either in or both e If inis selected control is only exerted over incoming traffic through the port you selected in the first field e If both is selected control is exerted over bot
54. 4 8 10 12 Default Gateway poso VID Figure 6 3 Main Web Manager window Area Function Area 1 Select the folder or window to be displayed The folder icons can be opened to display the hyper linked menu buttons and subfolders contained within them Area 2 Presents a graphical near real time image of the front panel of the Switch This area displays the Switch s ports and expansion modules showing port activity duplex mode or flow control depending on the specified mode Various areas of the graphic can be selected for performing management functions including port configuration Area 3 Presents Switch information based on your selection and the entry of configuration data NOTICE Any changes made to the Switch configuration during the current session must be saved in the Save Configuration window Se Maintenance Save Changes or use the command line interface CLI command save NOTE Be sure to configure the user name and password in the User Account Management window Management User Accounts before connecting the Switch to the greater network DGS 3024 Gigabit Ethernet Switch Manual 7 CONFIGURATION The first Web Manager main folder is Configuration and includes the following windows and sub folders IP Address Switch Information Advanced Settings Port Configuration Port Mirroring Trunking IGMP Snooping Spanning Tree Forwarding amp Filtering VLANs SNTP Se
55. 7 Montag bis Freitag von 6 22 Uhr und am Wochenende von 11 18 Uhr 1 75 Min aus dem Festnetz der Deutschen Telekom Wenn Sie Kunde von D Link au erhalb Deutschlands sterreichs der Schweiz und Osteuropas sind wenden Sie sich bitte an die zust ndige Niederlassung aus der Liste im Benutzerhandbuch Building Networks for People Assistance technique Vous trouverez la documentation et les logiciels les plus r cents sur le site web D Link Vous pouvez contacter le service technique de D Link par notre site internet ou par t l phone Support technique destin aux clients tablis en France Assistance technique D Link par t l phone 0820 0803 03 N INDIGO 0 12 TTC min Prix en France M tropolitaine au 3 mars 2005 Du lundi au samedi de 9h00 19h00 Assistance technique D Link sur internet http www dlink fr e mail support dlink fr Support technique destin aux clients tablis au Canada Assistance technique D Link par t l phone 800 361 5265 Lun Ven 7h30 a 21h00 HNE Assistance technique D Link sur internet http support dlink ca e mail support dlink ca D Link Building Networks for People Asistencia T cnica Puede encontrar las ultimas versiones de software asi como documentaci n t cnica en el sitio web de D Link D Link ofrece asistencia t cnica gratuita para clientes residentes en Espana durante el periodo de garantia del producto Asistencia T cnica
56. ARRANTY IS REPAIR REPLACEMENT OR REFUND OF THE DEFECTIVE OR NON CONFORMING PRODUCT THE MAXIMUM LIABILITY OF D LINK UNDER THIS WARRANTY IS LIMITED TO THE PURCHASE PRICE OF THE PRODUCT COVERED BY THE WARRANTY THE FOREGOING EXPRESS WRITTEN WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ANY OTHER WARRANTIES OR REMEDIES EXPRESS IMPLIED OR STATUTORY Governing Law This Limited Warranty shall be governed by the laws of the State of California Some states do not allow exclusion or limitation of incidental or consequential damages or limitations on how long an implied warranty lasts so the foregoing limitations and exclusions may not apply This Limited Warranty provides specific legal rights and you may also have other rights which vary from state to state Trademarks D Link is a registered trademark of D Link Systems Inc Other trademarks or registered trademarks are the property of their respective owners Copyright Statement No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation transformation or adaptation without permission from D Link Corporation D Link Systems Inc as stipulated by the United States Copyright Act of 1976 and any amendments thereto Contents are subject to change without prior notice Copyright 2005 by D Link Corporation D Link Systems Inc All rights reserved CE Mark Warning This is a Class A produc
57. Authenticating Authenticated Aborting Held ForceAuth ForceUnauth and N A BackendState The Backend State will display one of the following Request Response Success Fail Timeout Idle Initialize and N A OpenDir Operational Controlled Directions are both and in PortStatus The status of the controlled port can be Authorized Unauthorized or N A 84 DGS 3024 Gigabit Ethernet Switch Manual RADIUS Server The RADIUS feature of the Switch allows you to facilitate centralized user administration as well as providing protection against a sniffing active hacker Click Port Access Entity gt RADIUS Server to open the Authentic RADIUS Server Setting window shown below a Apply Succession Radius Server Auth UDP Port Acct UDP Port First Second Third Figure 7 64 Authentic RADIUS Server Setting window This window displays the following information Parameter Description Succession lt First gt Choose the desired RADIUS server to configure First Second or Third RADIUS Server Set the RADIUS server IP lt 0 0 0 0 gt Authentic Port Set the RADIUS authentic server s UDP port The default port is 1812 lt 1812 gt Accounting Port Set the RADIUS account server s UDP port The default port is 1813 lt 1813 gt Key Set the key the same as that of the RADIUS server Confirm Key Confirm the shared key is the same as that of the RADIUS server
58. D Link DGS 3024 Managed 24 Port Gigabit Ethernet Switch Manual DGS 3024 Gigabit Ethernet Switch Manual Information in this document is subject to change without notice 2006 D Link Corporation All rights reserved Reproduction in any manner whatsoever without the written permission of D Link Corporation is strictly forbidden Trademarks used in this text D Link and the D Link logo are trademarks of D Link Corporation Microsoft and Windows are registered trademarks of Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products D Link Corporation disclaims any proprietary interest in trademarks and trade names other than its own FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with this user s guide may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning This is a Class A prod
59. E AAAA gt EF8 30 a m 21 7 00 p m Web http www dlinktw com tw FAQ http www dlinktw com tw suppFaq asp Email dssga_service dlinktw com tw Phone 0800 002 615 ROR SHS ARR gt meee EM CPECBeAID Link BAKA HAS lA REA A Enid IRAN BcokeiSSl pel tile RA gt RES A RA A http www dlinktw com tw suppFaq asp D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link website D Link provides free technical support for customers within the United States and within Canada for the duration of the warranty period on this product U S and Canadian customers can contact D Link technical support through our website or by phone Tech Support for customers within the United States D Link Technical Support over the Telephone 888 843 6100 Hours of Operation 8 00AM to 6 00PM PST D Link Technical Support over the Internet http support dlink com email support dlink com Tech Support for customers within Canada D Link Technical Support over the Telephone 800 361 5265 Monday to Friday 7 30am to 12 00am EST D Link Technical Support over the Internet http support dlink ca email support dlink ca D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link websites If you require product support we encourage you to browse our FAQ section on the Web Site before c
60. ED WARRANTY SPECIFIED HEREIN THE PRODUCT IS PROVIDED AS IS WITHOUT ANY WARRANTY OF ANY KIND WHATSOEVER INCLUDING WITHOUT LIMITATION ANY WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT IF ANY IMPLIED WARRANTY CANNOT BE DISCLAIMED IN ANY TERRITORY WHERE A PRODUCT IS SOLD THE DURATION OF SUCH IMPLIED WARRANTY SHALL BE LIMITED TO NINETY 90 DAYS EXCEPT AS EXPRESSLY COVERED UNDER THE LIMITED WARRANTY PROVIDED HEREIN THE ENTIRE RISK AS TO THE QUALITY SELECTION AND PERFORMANCE OF THE PRODUCT IS WITH THE PURCHASER OF THE PRODUCT Limitation of Liability TO THE MAXIMUM EXTENT PERMITTED BY LAW D LINK IS NOT LIABLE UNDER ANY CONTRACT NEGLIGENCE STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY LOSS OF USE OF THE PRODUCT INCONVENIENCE OR DAMAGES OF ANY CHARACTER WHETHER DIRECT SPECIAL INCIDENTAL OR CONSEQUENTIAL INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF GOODWILL LOSS OF REVENUE OR PROFIT WORK STOPPAGE COMPUTER FAILURE OR MALFUNCTION FAILURE OF OTHER EQUIPMENT OR COMPUTER PROGRAMS TO WHICH D LINK S PRODUCT IS CONNECTED WITH LOSS OF INFORMATION OR DATA CONTAINED IN STORED ON OR INTEGRATED WITH ANY PRODUCT RETURNED TO D LINK FOR WARRANTY SERVICE RESULTING FROM THE USE OF THE PRODUCT RELATING TO WARRANTY SERVICE OR ARISING OUT OF ANY BREACH OF THIS LIMITED WARRANTY EVEN IF D LINK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES THE SOLE REMEDY FOR A BREACH OF THE FOREGOING LIMITED W
61. EN ODER LANDERN LEBEN ENTFALTEN M GLICHERWEISE EINIGE AUSSCHLUSSE ODER EINSCHRANKUNGEN DIESER EINGESCHR NKTEN GARANTIE GEGEN BER IHNEN KEINE WIRKUNG DIESE EINGESCHR NKTE GARANTIE GEW HRT IHNEN SPEZIFISCHE RECHTE DAR BER HINAUS STEHEN IHNEN M GLICHERWEISE NOCH WEITERE RECHTE ZU DIE SICH JEDOCH VON STAAT ZU STAAT ODER VON LAND ZU LAND UNTERSCHEIDEN K NNEN UM DEN UMFANG IHRER RECHTE ZU BESTIMMEN WIRD IHNEN EMPFOHLEN DIE ANWENDBAREN GESETZE DES JEWEILIGEN STAATES ODER LANDES ZU RATE ZU ZIEHEN Diese eingeschr nkte Garantie ist auf Hardware Produkte der Marke D LINK insgesamt im Folgenden D LINK Hardware Produkte anwendbar die von D LINK Europe Ltd Oder dessen weltweiten Filialen Tochtergesellschaften Fachh ndlern oder L nderdistributoren insgesamt im Folgenden D LINK mit dieser eingeschr nkten Garantie verkauft wurden Der Begriff D LINK Hardware Produkte beinhaltet nur Hardwarekomponenten und deren Bestandteile einschlie lich Firmware Der Begriff D LINK Hardware Produkte umfasst KEINE Software Anwendungen oder programme R umlicher Geltungsbereich der eingeschr nkten Garantie Diese eingeschr nkte Garantie gilt f r alle genannten europ ischen Staaten gem dem Anhang Eingeschr nkte Garantie von D LINK in europ ischen Staaten Im Rahmen dieser eingeschr nkten Garantie sind mit dem Begriff europ ische Staaten nur die im Anhang genannten Staaten gemeint Die eingeschr nkte Garantie
62. ES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE D LINK EXPRESSLY DISCLAIMS ALL WARRANTIES NOT STATED IN THIS LIMITED WARRANTY ANY IMPLIED WARRANTIES THAT MAY BE IMPOSED BY LAW ARE LIMITED IN DURATION TO THE LIMITED WARRANTY PERIOD SOME STATES OR COUNTRIES DO NOT ALLOW A LIMITATION ON HOW LONG AN IMPLIED WARRANTY LASTS OR THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR CONSUMER PRODUCTS IN SUCH STATES OR COUNTRIES SOME EXCLUSIONS OR LIMITATIONS OF THIS LIMITED WARRANTY MAY NOT APPLY TO YOU THIS LIMITED WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS YOU MAY ALSO HAVE OTHER RIGHTS THAT MAY VARY FROM STATE TO STATE OR FROM COUNTRY TO COUNTRY YOU ARE ADVISED TO CONSULT APPLICABLE STATE OR COUNTRY LAWS FOR A FULL DETERMINATION OF YOUR RIGHTS This limited warranty applies to D LINK branded hardware products collectively referred to in this limited warranty as D LINK Hardware Products sold by from D LINK Europe Ltd its worldwide subsidiaries affiliates authorized resellers or country distributors collectively referred to in this limited warranty as D LINK with this limited warranty The Term D LINK Hardware Product is limited to the hardware components and all its internal components including firmware The term D LINK Hardware Product DOES NOT include any software applications or programs Geographical Scope of the Limited Product Warranty This Limited Product Warranty is applicable in all
63. European Countries as listed in the addendum European Countries for D LINK Limited Product Warranty The term European Countries in this D LINK Limited Product Warranty only include the countries as listed in this addendum The Limited Product Warranty will be honored in any country where D LINK or its authorized service providers offer warranty service subject to the terms and conditions set forth in this Limited Product Warranty However warranty service availability and response times may vary from country to country and may also be subject to registration requirements Limitation of Product Warranty D LINK warrants that the products described below under normal use are free from material defects in materials and workmanship during the Limited Product Warranty Period set forth below Limited Product Warranty Period if the product is used and serviced in accordance with the user manual and other documentation provided to the purchaser at the time of purchase or as amended from time to time D LINK does not warrant that the products will operate uninterrupted or error free or that all deficiencies errors defects or non conformities will be corrected This warranty shall not apply to problems resulting from a unauthorised alterations or attachments b negligence abuse or misuse including failure to operate the product in accordance with specifications or interface requirements c improper handling d failure of goods or service
64. Figure 10 11 Tx Error Analysis window table The following fields may be set or viewed Parameter Description Time Interval Select the desired setting between 7s and 60s where s stands for seconds The default value is one second Record Number Select the number of times the Switch will be polled between 20 and 200 The default value is 20 ExDefer Counts the number of packets for which the first transmission attempt on a particular interface was delayed because the medium was busy LateColl Counts the number of times that a collision is detected later than 512 bit times into the transmission of a packet ExColl Excessive Collisions The number of packets for which transmission failed due to excessive collisions SingColl Single Collision Frames The number of successfully transmitted packets for which transmission is inhibited by more than one collision Coll An estimate of the total number of collisions on this network segment CRCError Counts otherwise valid packets that did not end on a byte octet boundary Show Hide Check whether or not to display ExDefer LateColl ExColl SingColl Coll and CRC errors Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display a line graph rather tha
65. HA FW NY tN A Figure 7 5 Port Description Settings window 28 DGS 3024 Gigabit Ethernet Switch Manual Port Mirroring The Switch allows the user to copy frames transmitted and received on a port and redirect the copies to another port The user can attach a monitoring device to the mirrored port such as a sniffer or an RMON probe to view details about the packets passing through the first port This is useful for network monitoring and troubleshooting purposes To view the Port Mirroring window click Port Mirroring in the Configuration folder SourcePort Port 1 Status Disabled Target Port e e le e e le e e e le e e e le e e e le e e e Sue eil eee eil eil gi eisai eil gi ee eil ci 0 0 eil oi 0 gre Sue ea ee eee oe ei el ee cl ei e el ei e eil e ele Apply Note 1 The Source Port and Target Port should be different or the setup will be invalid Note 2 The farget port should be a non trunked port Figure 7 6 Setup Port Mirroring window To configure a mirror port 1 Select the Source Port from where you want to copy frames and the Target Port which receives the copies from the source port 2 Select Ingress Egress or None and change the Status drop down menu to Enabled 3 Click Apply to let the changes take effect NOTE A fast port cannot be mirrored onto a slower port For example trying to mirror the i traffic from a 100 M
66. HEOW TNG IOTOOEXI AG N H OW TNAEPHVOU Ma MEAATEG EVTOG TOU EAAadIKOU XWpou TnAepwv kn unootnpien D Link TnA 210 86 11 114 Pag 210 86 53 172 Asutspa Mapaokeun 09 00 17 00 e mail support dlink gr Texviki unootnpiEn D Link p ow Internet http www dlink gr ftp ftp dlink it D Link Building Networks for People ER IAE ARTI RE EER 71 SIA CIE 202 HR amp R 100025 AMISH BIA 8008868192 028 85176977 LA SH LIEH 028 85176948 SIDE Ab SARA SR 71 SAN A C1 EE 202 HR 100025 218 LIA 010 58635800 18 HI MEA 010 58635799 fatt http www dlink com cn HOHE 35H 09 00 1R 18 00 DLink Building Networks for People International Offices U S A 17595 Mt Herrmann Street Fountain Valley CA 92708 TEL 1 800 326 1688 URL www dlink com Canada 2180 Winston Park Drive Oakville Ontario L6H 5W1 Canada TEL 1 905 8295033 FAX 1 905 8295223 URL www dlink ca Europe U K 4 Floor Merit House Edgware Road Colindale London NW9 5AB UK TEL 44 20 8955 9000 FAX 44 20 8955 9001 URL www dlink co uk Germany Schwalbacher Strasse 74 D 65760 Eschborn Germany TEL 49 6196 77990 FAX 49 6196 7799300 URL www dlink de France No 2 all ee de la Fresnerie 78330 Fontenay le Fleury France TEL 33 1 30238688 FAX 33 1 30238689 URL www dlink fr Netherlands Weena 290 3012 NJ Rotterdam Netherlands Tel 31 10 282 1445 Fax 31 10 282 1331 URL
67. IMITATION OF LIABILITY IN NO EVENT WILL D LINK BE LIABLE FOR ANY DAMAGES INCLUDING LOSS OF DATA LOSS OF PROFITS COST OF COVER OR OTHER INCIDENTAL CONSEQUENTIAL OR INDIRECT DAMAGES ARISING OUT THE INSTALLATION MAINTENANCE USE PERFORMANCE FAILURE OR INTERRUPTION OF A D LINK PRODUCT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY THIS LIMITATION WILL APPLY EVEN IF D LINK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE IF YOU PURCHASED A D LINK PRODUCT IN THE UNITED STATES SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES SO THE ABOVE LIMITATION MAY NOT APPLY TO YOU Limited Warranty Hardware D Link warrants each of its hardware products to be free from defects in workmanship and materials under normal use and service for a period commencing on the date of purchase from D Link or its Authorized Reseller and extending for the length of time stipulated by the Authorized Reseller or D Link Branch Office nearest to the place of purchase This Warranty applies on the condition that the product Registration Card is filled out and returned to a D Link office within ninety 90 days of purchase A list of D Link offices is provided at the back of this manual together with a copy of the Registration Card If the product proves defective within the applicable warranty period D Link will provide repair or replacement of the product D Link shall have the sole discretion whether to repair o
68. Management Information Base Stores a device s management characteristics and parameters MIBs are used by the Simple Network Management Protocol SNMP to contain attributes of their managed systems The Switch contains its own internal MIB multicast Single packets copied to a specific subset of network addresses These addresses are specified in the destination address field of the packet protocol A set of rules for communication between devices on a network The rules dictate format timing sequencing and error control resilient link A pair of ports that can be configured so that one will take over data transmission should the other fail See also main port and standby port RJ 45 Standard 8 wire connectors for IEEE 802 3 10BASE T networks RMON Remote Monitoring Subset of SNMP MIB II that allows monitoring and management capabilities by addressing up to ten different groups of information RPS Redundant Power System A device that provides a backup source of power when connected to the Switch server farm A cluster of servers in a centralized location serving a large user population SLIP Serial Line Internet Protocol A protocol that allows IP to run over a serial line connection SNMP Simple Network Management Protocol A protocol originally designed to be used in managing TCP IP Internets SNMP is presently implemented on a wide range of computers and networking equipment and may be used to manage many
69. Mbps 10BASE T Category 3 UTP Cable 100m 10 Mbps 144 DGS 3024 Gigabit Ethernet Switch Manual Glossary 1000BASE T A specification for Gigabit Ethernet over copper wire IEEE Std 802 3ab The standard defines 1 Gb s data transfer over distances of up to 100 meters using four pairs of CAT 5 balanced copper cabling and a 5 level coding scheme Its benefits include compatibility with existing network protocols i e IP IPX AppleTalk existing applications Network Operating Systems network management platforms and applications 100BASE TX 100Mbps Ethernet implementation over Category 5 and Type 1 twisted pair cabling 10BASE T The IEEE 802 3 specification for Ethernet over Unshielded Twisted Pair UTP cabling aging The automatic removal of dynamic entries from the Switch Database which have timed out and are no longer valid ATM Asynchronous Transfer Mode A connection oriented transmission protocol based on fixed length cells packets ATM is designed to carry a complete range of user traffic including voice data and video signals auto negotiation A feature on a port that allows it to advertise its capabilities for speed duplex and flow control When connected to an end station that also supports auto negotiation the link can self detect its optimum operating setup backbone The part of a network used as the primary path for transporting traffic backbone port A port that does not le
70. Packets Rx Packets Framesisec Unicast Multicast Broadcast Bytes Packets Figure 10 7 Tx Packets Analysis window table for Bytes and Packets The following fields may be set or viewed Parameter Description Time Interval Select the desired setting between 7s and 60s where s stands for seconds The default value is one second Record Number the number of times the Switch will be polled between 20 and 200 The default value is Bytes Counts the number of bytes successfully sent from the port Packets Counts the number of packets successfully sent on the port Show Hide Check whether or not to display Bytes and Packets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display a line graph rather than a table 123 DGS 3024 Gigabit Ethernet Switch Manual Errors The Web Manager allows port error statistics compiled by the Switch s management agent to be viewed as either a line graph or a table Four windows are offered Received RX Click the Received RX link in the Errors folder of the Monitoring menu to view the following graph of error packets received on the Switch Port 1 Apply Clear es Table Rx Error Analysis Port Port 1 CrcError O UnderSize ka
71. Port s to open the following window won a nl yu N BS Por y Port 1 y Apply ze Port Table N A N A both authorized N A N A both authorized N A N A both authorized NA N A both authorized N A N A both authorized NA N A both authorized N A N A both authorized NA N A both authorized NA N A both authorized NA N A both authorized pn o Figure 7 62 Initialize Port window This window allows you to initialize a port or group of ports The Initialize Port Table in the bottom half of the window displays the current status of the port s This window displays the following information Parameter Description From and To Select ports to be initialized Port A read only field indicating a port on the Switch MAC Address The MAC address of the Switch connected to the corresponding port if any Auth PAE State The Authenticator PAE State will display one of the following nitialize Disconnected Connecting Authenticating Authenticated Aborting Held ForceAuth ForceUnauth and N A Backend_ State The Backend Authentication State will display one of the following Request Response Success Fail Timeout Idle Initialize and N A Oper Dir Operational Controlled Directions are both and in PortStatus The status of the controlled port can be Authorized Unauthorized or N A cs NOTE The user must first globally enable 802 1x in the Switch iy In
72. TP for the selected group of ports The default is Enabled BPDU Choosing Enabled will allow the forwarding of BPDU packets in the specified ports from other network devices This will go into effect only if STP is globally disabled AND Forwarding BPDU is globally enabled See STP Bridge Global Settings above The default setting Disabled does not forward BPDU packets when STP is disabled LBD Use the pull down menu to enable or disable the loop back detection function on the Switch for the ports configured above For more information on this function see the STP Loopback Detection section Click Apply to implement changes made 50 DGS 3024 Gigabit Ethernet Switch Manual Forwarding amp Filtering Unicast Forwarding Open the Forwarding folder in the Configuration menu and click on the Unicast Forwarding link This will open the Setup Static Unicast Forwarding Table window as shown below 00 00 00 00 00 00 Port 1 Add Modify Mac Address VID VLAN Name End of datal Figure 7 28 Setup Static Unicast Forwarding Table window To add or edit an entry define the following parameters and then click Add Modify Parameter Description VID VLAN ID The VLAN ID number of the VLAN on which the above Unicast MAC address resides MAC Address The MAC address to which packets will be statically forwarded This must be a unicast MAC address Allowed to go port Al
73. TP function on the Switch three steps need to be taken 1 The Switch must be set to MSTP found in the STP Bridge Global Settings window in the STP Version field 2 The correct spanning tree priority for the MSTP instance must be entered defined here as a Priority in the STP Instance Table window when configuring the settings for an MSTI ID 3 VLANs that will be shared must be added to the MSTP Instance ID defined here as a VID List in the Current MST Configuration Identification window when configuring the settings for an MSTI ID 802 1w Rapid Spanning Tree The Switch implements three versions of the Spanning Tree Protocol the Multiple Spanning Tree Protocol MSTP as defined by the IEEE 802 1s the Rapid Spanning Tree Protocol RSTP as defined by the IEEE 802 1w specification and a version compatible with the IEEE 802 1d STP RSTP can operate with legacy equipment implementing IEEE 802 1d however the advantages of using RSTP will be lost The IEEE 802 1w Rapid Spanning Tree Protocol RSTP evolved from the 802 1d STP standard RSTP was developed in order to overcome some limitations of STP that impede the function of some recent Switching innovations in particular certain Layer 3 functions that are increasingly handled by Ethernet Switches The basic function and much of the terminology is the same as STP Most of the settings configured for STP are also used for RSTP This section introduces some new Spanning Tree concepts and illustra
74. TP y Max Age 6 40 Sec Forward Delay 4 30 Sec Max Hops 1 20 TX Hold Count 1 10 Forwarding BPDU Enabled y Enabled x LBD Recover Time 0 Disable Note 2 Forward Delay 1 gt Max Age Max Age gt 2 Hello Time 1 Figure 7 17 STP Bridge Global Settings window MSTP 40 DGS 3024 Gigabit Ethernet Switch Manual The following parameters can be set Parameter Description STP Status Use the pull down menu to enable or disable STP globally on the Switch The default is Disabled STP Version Use the pull down menu to choose the desired version of STP to be implemented on the Switch There are three choices e STP Select this parameter to set the Spanning Tree Protocol STP globally on the Switch e RSTP Select this parameter to set the Rapid Spanning Tree Protocol RSTP globally on the Switch e MSTP Select this parameter to set the Multiple Spanning Tree Protocol MSTP globally on the Switch Hello Time 1 The Hello Time can be set from 7 to 10 seconds This is the interval between two transmissions of 10 Sec BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge This field will only appear here when STP or RSTP is selected for the STP Version For MSTP the Hello Time must be set on a port per port basis See the STP Port Settings section for further details Max Age 6 40 Sec The Max Age may be set to ensure that old information does not endle
75. This User Name must be a previously configured user account on the Switch Auth Mode The administrator may choose one of the following to set the authorization for users attempting to access the Switch Host Based This parameter should be chosen if the administrator wishes to use a remote SSH server for authentication purposes Choosing this parameter requires the user to input the following information to identify the SSH user e Host Name Enter an alphanumeric string of no more than 32 characters to identify the remote SSH user e Host IP Enter the corresponding IP address of the SSH user Password This parameter should be chosen if the administrator wishes to use an administrator defined password for authentication Upon entry of this parameter the Switch will prompt the administrator for a password and then to re type the password for confirmation Public Key This parameter should be chosen if the administrator wishes to use the publickey on a SSH server for authentication Host Name Enter an alphanumeric string of no more than 32 characters to identify the remote SSH user This parameter is only used in conjunction with the Host Based choice in the Auth Mode field Host IP Enter the corresponding IP address of the SSH user This parameter is only used in conjunction with the Host Based choice in the Auth Mode field Click Apply to implement changes made i NOTE To set the SSH User Authentica
76. To upload the Switch settings to a TFTP server click on the TFTP Services folder in the Maintenance folder and then click the Upload Settings to TFTP Server link Server IP Address 0 0 0 0 ie Start Apply Figure 11 3 Upload Settings to TFTP Server window Enter the IP address of the TFTP server and the path and filename for the Switch settings on the TFTP server Click Start to record the IP address of the TFTP server and to initiate the file transfer Save History Log To upload the Switch history log file to a TFTP server open the TFTP Services folder in the Maintenance folder and then click the Upload Log to TFTP Server link Server IP Address 0 0 0 0 LL Start Apply Figure 11 4 Upload Log to TFTP Server window Enter the IP address of the TFTP server and the path and filename for the history log on the TFTP server Click Start to record the IP address of the TFTP server and to initiate the file transfer 137 DGS 3024 Gigabit Ethernet Switch Manual Ping Test Ping is a small program that sends ICMP Echo packets to the IP address you specify The destination node then responds to or echoes the packets sent from the Switch This is very useful to verify connectivity between the Switch and other nodes on the network Enter the IP Address of the device or station you want to ping then click Start Target IP Address Repeat Pinging for Infinite times C
77. UR 24 Port Configuration srrrrrrrrerese rese zese eis e eee nere i zen zeseeeen ezio nese nese REEE se ze senese nese nese nese eeneze nica nenneen ezio ne senese nese neneeee 26 A A 28 AA NN 29 Link Aggregation Port Trunking ssursonssorsonssnssnnssnnesnnssnnssusssusnsessnnsnnnsnnnsnnssnnssnnsnnssnnssnnesnnsssnsssnssansnansnnnsnnssnnssnnssnnssnnssnnssunns 30 EACP Port Settings cave RR A SATE AME A ae REA Eee A R RA A ie hs 33 IGMP Snooping sursoussonssnnesnnssunssusssusssnssonsnansnnnsnnssnnennnsnnssnnssnnesnnssnnsnnnssusssnsnsnssansnansnnnsnnssnnssnnssnnssnnssnssssnsnansnnnsnnssnnssnnssnnssnnnsnnssnnns 34 AS O leto seien lite 34 Static Router Ports Entry A ARE RR a AAA Ries A A Ras 36 ELLI LI LR E RO O INI ICI III I 37 802 1S MS TP A o 37 802 1 w Rapid Spanning Tre On RE RR R E a Ri ie 37 Port Transition States rune ada iaia elia iii 38 Edge Port RR a re riale Libs Dodd oe ai er ER ona LEN EE AEE ee 38 PIP Po A ee Rae od tha Da rien ia i eil e ii rl 38 802 1d 802 1 802 1s Compatibility s cho ai LILLA AE tt alal ARA aaa 38 STP Loopback Detection E a tdi 39 SFP Bridge Old ue aio 40 MST Configuration Fable aria rail iii sonale 42 MSTESEUMSS ta tree ls dns ne een a o ne lt a iii fon alla 45 SIR Inst nce SERIES ee ioe hie Sead oc ne Peed won ee ia EE A an BA en Hi we 46 STEP POSE lett Sidi pe lia lil i ali peo sica ce rid ue miele Delbo il ili ee lisa A 49 Forwarding amp Filtering nrr
78. UTE GARANTIE NON ENONCEE DANS LES PRESENTES TOUTE GARANTIE IMPLICITE IMPOSEE PAR LA LOI LE CAS ECHEANT EST LIMITEE DANS SA DUREE A CELLE DE LA GARANTIE LIMITEE CERTAINS ETATS OU PAYS NE PERMETTENT PAS DE LIMITER LA DUREE DE LA GARANTIE IMPLICITE OU INTERDISENT D EXCLURE OU DE LIMITER LA COUVERTURE DES DOMMAGES DIRECTS OU INDIRECTS OCCASIONNES AUX PRODUITS GRAND PUBLIC DANS LES ETATS OU PAYS EN QUESTION CERTAINES EXCLUSIONS OU LIMITATIONS DE LA PRESENTE GARANTIE PEUVENT NE PAS S APPLIQUER A VOTRE CAS LA PRESENTE GARANTIE LIMITEE VOUS OCTROIE CERTAINS DROITS LEGAUX SPECIFIQUES VOUS POUVEZ EGALEMENT BENEFICIER D AUTRES DROITS VARIABLES D UN ETAT OU D UN PAYS A L AUTRE NOUS VOUS RECOMMANDONS DE CONSULTER LA LEGISLATION EN VIGUEUR DANS VOTRE LIEU DE RESIDENCE POUR CONNAITRE L ETENDUE DE VOS DROITS La pr sente garantie limit e s applique aux produits mat riels commercialis s sous la marque D LINK collectivement ici les Produits Mat riels D LINK vendus par D LINK Europe Ltd ses filiales soci t s affili es revendeurs agr s ou distributeurs locaux travers le monde collectivement ici D LINK avec la pr sente garantie limit e Le terme de Produit Mat riel D LINK se limite aux composants mat riels et l ensemble de leurs composants internes notamment le firmware Le terme de Produit Mat riel D LINK N englobe PAS les applications ou programmes logiciels Etendue g ographique de la Garantie
79. a 702 Las Condes Santiago Chile TEL 56 2 232 3185 FAX 56 2 232 0923 URL www dlink cl Brazil Av das Nacoes Unidas 11857 14 andar cj 141 142 Brooklin Novo Sao Paulo SP Brazil CEP 04578 000 Zip Code TEL 55 11 21859300 FAX 55 11 21859322 URL www dlinkbrasil com br South Africa Einstein Park II Block B 102 106 Witch Hazel Avenue Highveld Technopark Centurion Gauteng Republic of South Africa TEL 27 12 665 2165 FAX 27 12 665 2186 URL www d link co za Russia Grafsky per 14 floor 6 Moscow 129626 Russia TEL 7 495 744 0099 FAX 7 495 744 0099 350 URL www dlink ru China No 202 C1 Building Huitong Office Park No 71 Jianguo Road Chaoyang District Beijing 100025 China TEL 86 10 58635800 FAX 86 10 58635799 URL www dlink com cn Taiwan No 289 Sinhu 3rd Rd Neihu District Taipei City 114 Taiwan TEL 886 2 6600 0123 FAX 886 2 6600 1188 URL www dlinktw com tw Registration Card All Countries and Regions excluding USA Print type or use block letters Your name Mr Ms Organization Dept Your title at organization Telephone Fax Organization s full address Country Date of purchase Month Day Year Product Model Product Serial Product installed in type of Product installed in i computer e g Compaq 486 computer serial No Applies to adapters only Product was purchased fr
80. a MAC address and a port number it makes an entry into its forwarding table These entries are then used to forward packets through the Switch YP 1 00 00 01 02 03 a2 6 Dynamic To view the MAC Address forwarding table from the 1 00 00 50 06 73 bd 6 Dynamic Monitoring menu click the MAC Address link 1 00 00 5e 00 01 5 6 Dynamic 1 00 00 e2 2f 44 ec 6 Dynamic 1 00 00 e2 58 db cf 6 Dynarnic 1 00 01 02 03 04 00 6 Dynarnic 1 00 01 02 03 04 01 6 Dynamic 1 00 01 03 83 11 fd 6 Dynamic 1 00 01 06 30 10 63 6 Dynamic 1 00 01 30 11 00 5e 6 Dynamic 1 00 01 30 12 13 02 6 Dynamic 1 00 02 06 00 00 08 6 Dynamic 1 00 02 06 12 34 56 6 Dynamic 1 00 02 a5 fd 66 97 6 Dynamic 1 00 03 09 18 10 01 6 Dynamic 1 00 03 6d 1e 76 79 6 Dynamic 1 00 03 9d 73 32 f0 6 Dynamic 1 00 04 13 04 03 01 6 Dynamic 1 00 04 38 d5 64 01 6 Dynamic 1 00 04 38 d5 88 41 6 Dynamic Next Total Entries 382 Figure 10 14 MAC Address Table window The following fields can be viewed or set Parameter Description VLAN ID Enter a VLAN ID for the forwarding table to be browsed by MAC Address Enter a MAC address for the forwarding table to be browsed by Find Allows the user to move to a sector of the database corresponding to a user defined port VLAN or MAC address VID The VLAN ID of the VLAN the port is a member of MAC Address The MAC address entered into the address table Port The port that the MAC address above
81. a separate window will appear 109 DGS 3024 Gigabit Ethernet Switch Manual SNMP User Table Configuration TU IN CCS SNMP V3 Encryption encrypted Show All SNMP User Table Entries Figure 9 5 SNMP User Table Configuration window The following parameters can be set Parameter Description User Name Enter an alphanumeric string of up to 32 characters This is used to identify the SNMP user Group Name This name is used to specify the SNMP group created can request SNMP messages SNMP V3 Encryption Check to use encryption Auth Protocol MD5 Specifies that the HMAC MD5 96 authentication level will be used This field is only operable when the Encryption field has been checked This field will require the user to enter a password SHA Specifies that the HMAC SHA authentication protocol will be used This field is only operable when the Encryption field has been checked This field will require the user to enter a password Priv Protocol None Specifies that no authorization protocol is in use DES Specifies that DES 56 bit encryption is in use based on the CBC DES DES 56 standard This field is only operable when the Encryption field has been checked This field will require the user to enter a password between 8 and 16 alphanumeric characters To implement changes made click Apply To return to the SNMP User Table click the Show All SNMP User Table Entries link
82. aged and shipped in accordance with the foregoing requirements or that is determined by D Link not to be defective or non conforming What Is Not Covered The Limited Warranty provided herein by D Link does not cover Products that in D Link s judgment have been subjected to abuse accident alteration modification tampering negligence misuse faulty installation lack of reasonable care repair or service in any way that is not contemplated in the documentation for the product or if the model or serial number has been altered tampered with defaced or removed Initial installation installation and removal of the product for repair and shipping costs Operational adjustments covered in the operating manual for the product and normal maintenance Damage that occurs in shipment due to act of God failures due to power surge and cosmetic damage Any hardware software firmware or other products or services provided by anyone other than D Link and Products that have been purchased from inventory clearance or liquidation sales or other sales in which D Link the sellers or the liquidators expressly disclaim their warranty obligation pertaining to the product While necessary maintenance or repairs on your Product can be performed by any company we recommend that you use only an Authorized D Link Service Office Improper or incorrectly performed maintenance or repair voids this Limited Warranty Disclaimer of Other Warranties EXCEPT FOR THE LIMIT
83. aining the Switch s User Accounts and History Log while resetting all other configuration parameters to their factory defaults If the Switch is reset using this window and Save Changes is not executed the Switch will return to the last saved configuration when rebooted Switch will be reset all except IP address user account and history log Are you sure you want to proceed with a reset If yes click the Apply button Apply Figure 11 9 Reset window 140 DGS 3024 Gigabit Ethernet Switch Manual Reset Config The Reset Config option will reset all of the Switch s configuration parameters to their factory defaults without saving these default values to the Switch s non volatile RAM If the Switch is reset with this option enabled and Save Changes is not executed the Switch will return to the last saved configuration when rebooted Switch will be reset to factory defaults Are you sure you want to proceed ith a reset If yes click the Apply button Figure 11 10 Reset Config window Reset System In addition the Reset System option is added to reset all configuration parameters to their factory defaults save these parameters to the Switch s non volatile RAM and then restart the Switch This option is equivalent to Reset Config followed by Save Warning Switch will be reset to factory defaults and reboot Are you sure you want to proceed with a reset If yes click the Apply button Changes
84. akuun voimassaoloajan Tekninen tuki palvelee seuraavasti Arkisin klo 9 21 numerosta 0800 114 677 Internetin kautta Ajurit ja lisatietoja tuotteista http www dlink fi S hk postin kautta voit my s tehd kyselyit D Link Building Networks for People Teknisk Support Pa var hemsida kan du hitta mer information om mjukvaru uppdateringar och annan anvandarinformation D Link tillhandahaller teknisk support till kunder i Sverige under hela garantitiden for denna produkt Teknisk Support for kunder i Sverige D Link Teknisk Support via telefon 0770 33 00 35 Vardagar 08 00 20 00 D Link Teknisk Support via Internet http www dlink se D Link Building Networks for People Suporte T cnico Voc pode encontrar atualiza es de software e documenta o de utilizador no site de D Link Portugal http www dlink pt A D Link fornece suporte t cnico gratuito para clientes no Portugal durante o periodo de vig ncia de garantia deste produto Suporte T cnico para clientes no Portugal Assist ncia T cnica Email soporte dlink es http www dlink pt support ftp ftp dlink es D Link Building Networks for People Texvikn YtrooTnpign Mnopeite va Bpeite software updates kai nAnpogopigg yia Tn xpnon TWV MPOIOVTWV OTIC I0TOGEAI EG TNG D Link H D Link nPOOPEPEI OTOUG MEAATEG TNG dwpe v UNOOTNPIEN oTov EM adik xwpo MnopelTe va ENIKOIVOVE TE HE TO TUNA TEXVIKM G UNOOTNpIENS
85. al Specifications The technical specifications of the DGS 3204 Appendix B Cable Lengths Information on cable types and maximum distances Appendix C Glossary Lists definitions for terms and acronyms used in this document ix Intended Readers The DGS 3024 Manual contains information for setup and management and of the DGS 3024 Switch This guide is intended for network managers familiar with network management concepts and terminology Notes Notices and Cautions rs A NOTE A NOTE indicates important information that helps you make l better use of your device Cl NOTICE A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem CAUTION A CAUTION indicates a potential for property damage personal injury or death DGS 3024 Gigabit Ethernet Switch Manual Safety Instructions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage Throughout this safety section the caution icon is used to indicate cautions and precautions that you need to review and follow A Safety Cautions To reduce the risk of bodily injury electrical shock fire and damage to the equipment observe the following precautions e Observe and follow service markings Do not service any product except as explained in your system documentation Opening or removing covers that are marked with the trian
86. al address Boot PROM Version Version number for the firmware chip This information is needed for new runtime software downloads Firmware Version Version number of the firmware installed on the Switch This can be updated by using the Download Firmware from TFTP Server window in the TFTP Services folder Maintenance gt TFTP Services gt Download Firmware from TFTP Server Hardware Version Version of the Switch hardware System Name A user assigned name for the Switch System Location A user assigned description for the physical location of the Switch System Contact Name of the person to contact should there be any problems or questions with the system Users may also want to include a phone number or extension 23 DGS 3024 Gigabit Ethernet Switch Manual Advanced Settings The Switch Information Advanced Settings window contains the main settings for all major functions for the Switch To view this window click its link in the Configuration folder This will enable the following window to be viewed and configured Serial Port Auto Logout 10 Minutes Serial Port Baud Rate 9600 y MAC Address Aging Time 0 14400 Minutes IGMP Snooping Disabled Multicast router Only Telnet TCP Port Number 1 65535 Web Status Enabled Web TCP Port Number 1 65535 RMON Status Disabled Link Aggregation Algorithm E Disabled x as
87. and via web manager or Telnet Management stations that are on VLANs other than the one entered here will not be able to manage the Switch in band unless their IP addresses are entered in the Security IP Management menu If VLANs have not yet been configured for the Switch the default VLAN contains all of the Switch s ports There are no entries in the Security IP Management table by default so any management station that can connect to the Switch can access the Switch until a management VLAN is specified or Management Station IP Addresses are assigned Click Apply to allow changes to take effect 21 DGS 3024 Gigabit Ethernet Switch Manual Setting the Switch s IP Address using the Console Interface C _ lt Y x Each Switch must be assigned its own IP Address which is used for communication with an SNMP network manager or other TCP IP application for example BOOTP TFTP The Switch s default IP address is 10 90 90 90 You can change the default Switch IP address to meet the specification of your networking address scheme The IP address for the Switch must be set before it can be managed with the Web based manager The Switch IP address can be automatically set using BOOTP or DHCP protocols in which case the actual address assigned to the Switch must be known The IP address may be set using the Command Line Interface CLI over the console serial port as follows Starting at the command line prompt enter the commands
88. arn device addresses and receives all frames with an unknown address Backbone ports are normally used to connect the Switch to the backbone of your network Note that backbone ports were formerly known as designated downlink ports bandwidth Information capacity measured in bits per second that a channel can transmit The bandwidth of Ethernet is 10Mbps and the bandwidth of Fast Ethernet is 100Mbps baud rate The Switching speed of a line Also known as line speed between network segments BOOTP The BOOTP protocol allows you to automatically map an IP address to a given MAC address each time a device is started In addition the protocol can assign the subnet mask and default gateway to a device bridge A device that interconnects local or remote networks no matter what higher level protocols are involved Bridges form a single logical network centralizing network administration broadcast A message sent to all destination devices on the network broadcast storm Multiple simultaneous broadcasts that typically absorb available network bandwidth and can cause network failure console port The port on the Switch accepting a terminal It changes the parallel arrangement of data within computers to the serial form used on data transmission links This port is most often used for dedicated local management CSMA CD Channel access method used by Ethernet and IEEE 802 3 standards in which devices transmit only after find
89. assword set by the administrator See the Enable Admin part of this section for more detailed information concerning the Enable Admin command To view the following screen click Security gt Access Authentication Control gt Login Method Lists Si in Method List Settings default local Figure 8 15 Login Method List Settings window The Switch contains one Method List that is set and cannot be removed yet can be modified To delete a Login Method List defined by the user click the X under the Delete heading corresponding to the entry desired to be deleted To modify a Login Method List click on its hyperlinked Method List Name To configure a new Method List click the Add button Both actions will result in the same screen to configure 101 DGS 3024 Gigabit Ethernet Switch Manual Meo Meo Meo Show All Authentication Login Method List Entries Figure 8 16 Login Method List Edit window default Login Method List Add Method List Name Method 1 local Method 2 v Method 3 v Method 4 x Show All Authentication Login Method List Entries Figure 8 17 Login Method List Add window To define a Login Method List set the following parameters and click Apply Parameter Description Method List Name Enter a method list name defined by the user of up to 15 characters Method 1 2 3 4 The user may add one or a combination of up to four of th
90. aux demeurent inchang s Ex cution de la Garantie Produit Limit e En cas de d faut ou d erreur d un produit l unique obligation de D LINK se limite la r paration ou au remplacement gratuit du produit d fectueux au b n fice de l acheteur initial sous r serve que le produit soit rapport un Centre de Service Agr D LINK pendant la p riode de garantie D LINK assure la r paration ou le remplacement dans un Centre de Service Agr D LINK Les composants pi ces ou produits retir s dans le cadre de cette garantie limit e deviennent propri t de D LINK La pi ce ou le produit de remplacement est couvert par la garantie limit e de la pi ce ou du produit d origine pendant la p riode restante Le produit de remplacement n est pas n cessairement neuf ni d une marque ou d un modele identique D LINK peut d cider de maniere discr tionnaire de remplacer le produit d fectueux ou ses pi ces par un quivalent ou un article sup rieur reconditionn ayant toutes les fonctionnalit s du produit d fectueux D LINK peut exiger la preuve d achat Garant D Link Europe Ltd 4th Floor Merit House Edgware Road Colindale London NW9 5 AB Royaume Uni T l 44 020 8731 5555 Fax 44 020 8731 5511 www dlink co uk Garantia limitada del producto D LINK Europa Condiciones generales Esta garant a la ofrece D LINK Europe Ltd en este documento D LINK La garant a limitada del produc
91. be directed to the remaining links in the group The Spanning Tree Protocol will treat a port trunking group as a single link on the Switch level On the port level the STP will use the port parameters of the Master Port in the calculation of port cost and in determining the state of the port trunking group If two redundant port trunking groups are configured on the Switch STP will block one entire group in the same way STP will block a single port that has a redundant link To configure port trunking click on the Link Aggregation hyperlink in the Configuration folder to bring up the following window Port Trunking Group Add New Trunking Group x Figure 7 8 Port Trunking Group window To configure port trunk groups click the Add button to add a new trunk group and use the Port Trunking Configuration window to set up trunk groups To modify a port trunk group click the Modify button corresponding to the entry you wish to alter To delete a port trunk group click the corresponding Xl under the Delete heading in the Current Trunking Group Entries table 31 Port Trunkir Group ID 1 4 State Type Master Port Port Map Active Port Apply DGS 3024 Gigabit Ethernet Switch Manual 1q Configuration Disabled x Static Port y Lada les 6 7 8 o hoah s pe as s 17 1819 20 2 2 a ba m m m m ss m mj mj a m aj m aj a a a m a aj a Note Itis only valid to set up at most 8member ports of any one
92. bled No No Discarding Discarding Blocking No No Discarding Discarding Listening No No Learning Learning Learning No Yes Forwarding Forwarding Forwarding Yes Yes Table 7 1 Comparing Port States RSTP is capable of a more rapid transition to a forwarding state it no longer relies on timer configurations RSTP compliant bridges are sensitive to feedback from other RSTP compliant bridge links Ports do not need to wait for the topology to stabilize before transitioning to a forwarding state In order to allow this rapid transition the protocol introduces two new variables the edge port and the point to point P2P port Edge Port The edge port is a configurable designation used for a port that is directly connected to a segment where a loop cannot be created An example would be a port connected directly to a single workstation Ports that are designated as edge ports transition to a forwarding state immediately without going through the listening and learning states An edge port loses its status if it receives a BPDU packet immediately becoming a normal spanning tree port P2P Port A P2P port is also capable of rapid transition P2P ports may be used to connect to other bridges Under RSTP MSTP all ports operating in full duplex mode are considered to be P2P ports unless manually overridden through configuration 802 1d 802 1w 802 1s Compatibility MSTP or RSTP can interoperate with legacy equipment and is capable of automatical
93. bps port onto a 10 Mbps port can cause throughput problems The port which frames are being copied from should always support an equal or lower speed gt than the port to which copies are being sent In addition the target port for the mirroring E cannot be a member of a trunk group Please note a target port and a source port cannot be the same port 29 DGS 3024 Gigabit Ethernet Switch Manual Link Aggregation Port Trunking Port trunk groups are used to combine a number of ports together to make a single high bandwidth data pipeline NOTE Static Type Link Aggregation is usually referred as Port Trunking In this section the terms Link Aggregation and Port Trunking will be used synonymously The DGS 3024 supports up to four port trunk groups with 2 to 8 ports in each group A potential bit rate of 8000 Mbps can be achieved An Example of Link Aggregation Ethernet Backbone Uplink 100 Mbps 100 Mbps ae e 10 100 Mbps Connection 10 100 Mbps Connection 10 100 Mbps Connection d l l hi i End Station Clients Figure 7 7 Example of Port Trunk Group The Switch treats all ports in a trunk group as a single port Data transmitted to a specific host will always be transmitted over the same port in a trunk group This allows packets in a data stream to arrive in the same order they were sent 30 DGS 3024 Gigabit Ethernet Switch Manual NOTE If any ports within the trunk group b
94. butes that are allowed to act as SNMP managers The second part describes what each user on that list can do as an SNMP manager The Switch allows groups of users to be listed and configured with a shared set of privileges The SNMP version may also be set for a listed group of SNMP managers Thus you may create a group of SNMP managers that are allowed to view read only information or receive traps using SNMPv1 while assigning a higher level of security to another group granting read write privi leges using SNMPv3 Using SNMPv3 individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions The functions allowed or restricted are defined using the Object Identifier OID associated with a specific MIB An additional layer of security is available for SNMPv3 in that SNMP messages may be encrypted To read more about how to configure SNMPv3 settings for the Switch read the next section SNMP User Table Use the SNMP User Table window to create a new SNMP user and add the user to an existing SNMP group or to a newly created group Add Total Entries 1 Note It is allowed insert 10 entries into the table only SNMP User Table S initial initial 173 x Figure 9 4 SNMP User Table window To delete an existing entry click the Delete icon in the right hand column that corresponds to the port to remove To create a new entry click the Add button
95. cast Forwarding Table Parameter Description Filtering Mode forward_unregistered_groups when this option is selected any unregistered multicast packets the switch will be dropped received by the switch will be forwarded normally flooded to all ports filter_unregistered_ groups when this is enabled any unregistered multicast packets received by Click Apply to implement changes made 52 DGS 3024 Gigabit Ethernet Switch Manual VLANs Understanding IEEE 802 1p Priority Priority tagging is a function defined by the IEEE 802 1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted simultaneously It is intended to alleviate problems associated with the delivery of time critical data over congested networks The quality of applications that are dependent on such time critical data such as video conferencing can be severely and adversely affected by even very small delays in transmission Network devices that are in compliance with the IEEE 802 1p standard have the ability to recognize the priority level of data packets These devices can also assign a priority label or tag to packets Compliant devices can also strip priority tags from packets This priority tag determines the packet s degree of expeditiousness and determines the queue to which it will be assigned Priority tags are given values from 0 to 7 with 0 being assigned to
96. cate users trying to access the Switch The users will set Authentication Server Hosts in a preferable order in the built in Authentication Server Groups and when a user tries to gain access to the Switch the Switch will ask the first Authentication Server Hosts for authentication If no authentication is made the second server host in the list will be queried and so on The built in Authentication Server Groups can only have hosts that are running the specified protocol For example the TACACS Authentication Server Groups can only have TACACS Authentication Server Hosts The administrator for the Switch may set up six different authentication techniques per user defined method list TACACS XTACACS TACACS RADIUS local none for authentication These techniques will be listed in an order preferable and defined by the user for normal user authentication on the Switch and may contain up to eight authentication techniques When a user attempts to access the Switch the Switch will select the first technique listed for authentication If the first technique goes through its Authentication Server Hosts and no authentication is returned the Switch will then go to the next technique listed in the server group for authentication until the authentication has been verified or denied or the list is exhausted Please note that users granted access to the Switch will be granted normal user privileges on the Switch To gain access to administrator level
97. ce Manual on the documentation CD for a list of all commands and additional information on using the CLI 13 When you have completed your tasks exit the session with the logout command or close the emulator program Make sure the terminal or PC you are using to make this connection is configured to match these settings If you are having problems making this connection on a PC make sure the emulation is set to VT 100 You will be able to set the emulation by clicking on the File menu in you HyperTerminal window clicking on Properties in the drop down menu and then clicking the Settings tab This is where you will find the Emulation options If you still do not see anything try rebooting the Switch by disconnecting its power supply Once connected to the console the screen below will appear on your console screen This is where the user will enter commands to perform all the available management functions The Switch will prompt the user to enter a username and a password Upon the initial connection there is no username or password and therefore just press Enter twice to access the command line interface DGS 3024 Gigabit Ethernet Switch Command Line Interface rmware Build 4 00 B04 Copyright C 2003 poe D Link Corporation All rights reserved UserName Figure 5 1 Initial screen after first connection DGS 3024 Gigabit Ethernet Switch Manual First Time Connecting to The Switch The Switch supports user based security that can a
98. ce the defective product or any part thereof with any reconditioned equivalent or superior product in all material respects to the defective product Proof of purchase may be required by D LINK Warrantor D Link Europe Ltd 4th Floor Merit House Edgware Road Colindale London NW9 5 AB United Kingdom Telephone 44 020 8731 5555 Facsimile 44 020 8731 5511 www dlink co uk D Link Europe Limited Produktgarantie Allgemeine Bedingungen Die hierin beschriebene eingeschr nkte Garantie wird durch D LINK Europe Ltd Gew hrt im Folgenden D LINK Diese eingeschr nkte Garantie setzt voraus dass der Kauf des Produkts nachgewiesen wird Auf Verlangen von D LINK muss auch dieser Garantieschein vorgelegt werden AUSSER IN DEM HIER AUSDRUCKLICH BESCHRIEBENEN UMFANG GEWAHRT D LINK KEINE WEITEREN GARANTIEN WEDER AUSDRUCKLICH NOCH STILLSCHWEIGEND INSBESONDERE WIRD NICHT STILLSCHWEIGEND EINE GARANTIE FUR DIE ALLGEMEINE GEBRAUCHSTAUGLICHKEIT ODER DIE EIGNUNG FUR EINEN BESTIMMTEN ZWECK ERKLART D LINK LEHNT AUSDRUCKLICH JEDE GARANTIE AB DIE UBER DIESE EINGESCHRANKTE GARANTIE HINAUSGEHT JEDE GESETZLICH ANGEORDNETE GARANTIE IST AUF DIE LAUFZEIT DER EINGESCHRANKTEN GARANTIE BESCHRANKT IN EINIGEN STAATEN ODER LANDERN IST DIE ZEITLICHE BESCHRANKUNG EINER STILLSCHWEIGEND ERKLARTEN GARANTIE SOWIE AUSSCHLUSS ODER BESCHRANKUNG VON SCHADENERSATZ FUR NEBEN ODER FOLGESCHADEN BEIM VERBRAUCHSGUTERKAUF UNTERSAGT SOWEIT SIE IN SOLCHEN STAAT
99. chased through the inventory clearance or liquidation sale or other sales in which D Link the sellers or the liquidators expressly disclaim their warranty obligation pertaining to the product and in that case the product is being sold As Is without any warranty whatsoever including without limitation the Limited Warranty as described herein notwithstanding anything stated herein to the contrary Submitting A Claim The customer shall return the product to the original purchase point based on its return policy In case the return policy period has expired and the product is within warranty the customer shall submit a claim to D Link as outlined below The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D Link to confirm the same along with proof of purchase of the product such as a copy of the dated purchase invoice for the product if the product is not registered The customer must obtain a Case ID Number from D Link Technical Support at 1 877 453 5465 who will attempt to assist the customer in resolving any suspected defects with the product If the product is considered defective the customer must obtain a Return Material Authorization RMA number by completing the RMA form and entering the assigned Case ID Number at https rma dlink com After an RMA number is issued the defective product must be packaged secu
100. ciphersuites for the SSL function which are all enabled by default To utilize a particular ciphersuite disable the unwanted ciphersuites leaving the desired one for authentication When the SSL function has been enabled the web will become disabled To manage the Switch through the web based management while utilizing the SSL function the web browser must support SSL encryption and the header of the URL must begin with https Ex https 10 90 90 90 Any other method will result in an error and no access can be authorized for the web based management To view the following window click Security gt Secure Socket Layer SSL gt Configuration RSA with RC4 128 MDS Enabled RSA with 3DES EDE CBC SHA Enabled 0x000a DHE DSS with 3DES EDE CBC SHA Enabled 020013 RSA EXPORT with RC4 40 MDS Enabled y Disabled 020004 020003 Apply Figure 8 3 SSL Configuration window To set up the SSL function on the Switch configure the following parameters and click Apply Parameter Description Status Use the pull down menu to enable or disable the SSL status on the Switch The default is Disabled RSA with RC4 128 MD5 This ciphersuite combines the RSA key exchange stream cipher RC4 encryption with 128 bit keys and the MD5 Hash Algorithm Use the pull down menu to enable or disable this ciphersuite This field is Enabled by default RSA with 3DES EDE CBC SHA
101. cket forwarding decisions the VID is Tag aware Switches must keep a table to relate PVIDs within the Switch to VIDs on the network The Switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet If the two VIDs are different the Switch will drop the packet Because of the existence of the PVID for untagged packets and the VID for tagged packets tag aware and tag unaware network devices can coexist on the same network A Switch port can have only one PVID but can have as many VIDs as the Switch has memory in its VLAN table to store them Because some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged Tagging and Untagging Every port on an 802 1Q compliant Switch can be configured as tagging or untagging Ports with tagging enabled will put the VID number priority and other VLAN information into the header of all packets that flow into and out of it If a packet has previously been tagged the port will not alter the packet thus keeping the VLAN information intact The VLAN information in the tag can then be used by other 802 1Q compliant devices on the network to make packet
102. corresponds to Learned How the Switch discovered the MAC address The possible entries are Dynamic Self and Static Next Click this button to view the next page of the address table View All Entry Clicking this button will allow the user to view all entries of the address table Delete All Entry Clicking this button will allow the user to delete all entries of the address table 130 DGS 3024 Gigabit Ethernet Switch Manual Switch History Log The Web manager allows the Switch s history log as compiled by the Switch s management agent to be viewed To view the Switch history log open the Monitoring folder and click the Switch History Log link 42 2001 10 18 15 46 36 Telnet session timed out Username Anonymous 41 2001 10 18 15 38 31 Successful login through Web Username Anonymous 40 2001 10 18 15 38 14 Successful login through Web Username Anonymous 39 2001 10 18 15 34 08 Successful login through Telnet Username Anonymous 38 2001 10 18 14 25 33 Successful login through Web Username Anonymous 37 2001 10 18 14 22 00 Logout through Telnet Username Anonymous 36 2001 10 18 14 16 32 Successful login through Web Username Anonymous 35 2001 10 18 14 15 10 Successful login through Telnet Username Anonymous 34 2001 10 18 14 08 14 Successful login through Web Username Anonymous 33 2001 10 18 12 35 32 Successful login through Web Username Anonymous 32 2001 10 18 12 34 49 Successful login thro
103. d to use the community string to gain access to the Switch s SNMP agent e Any MIB view that defines the subset of all MIB objects will be accessible to the SNMP community e Read write or read only level permission for the MIB objects accessible to the SNMP community To configure SNMP Community entries open the SNMP Manager folder located in the Management folder and click the SNMP Community Table link which will open the following window SNMP Community Table Configuration Community Name View Name A Read Only Apply otal Entries 2 Note Insert a maximum of 10 entries into the table SNMP Community Table View Name Access Right Community View Read Write x Community View Read Only x Figure 9 11 SNMP Community Table Configuration window The following parameters can be set Parameter Description Community Name Type an alphanumeric string of up to 32 characters that is used to identify members of an SNMP community This string is used like a password to give remote SNMP managers access to MIB objects in the Switch s SNMP agent View Name Type an alphanumeric string of up to 32 characters that is used to identify the group of MIB objects that a remote SNMP manager is allowed to access on the Switch The view name must exist in the SNMP View Table Access Right Read Only Specifies that SNMP community members using the community string created can only read the contents of the MIBs on t
104. d up The DHCP protocol allows IP addresses network masks and default gateways to be assigned by a DHCP server If this option is set the Switch will first look for a DHCP server to provide it with this information before using the default or previously entered settings Manual Allows the entry of an IP address Subnet Mask and a Default Gateway for the Switch These fields should be of the form xxx xxx xxx xxx where each xxx is a number represented in decimal form between 0 and 255 This address should be a unique address on the network assigned for use by the network administrator Subnet Mask A Bitmask that determines the extent of the subnet that the Switch is on Should be of the form XXX XXX XXX XXX where each xxx is a number represented in decimal between 0 and 255 The value should be 255 0 0 0 for a Class A network 255 255 0 0 for a Class B network and 255 255 255 0 for a Class C network but custom subnet masks are allowed Default IP address that determines where packets with a destination address outside the current subnet Gateway should be sent This is usually the address of a router or a host acting as an IP gateway If your network is not part of an intranet or the user does not want the Switch to be accessible outside the local network this field is to be left unchanged VID This allows the entry of a VLAN ID from which a management station will be allowed to manage the Switch using TCP IP in b
105. device on any of the ports The LEDs blink green whenever there is reception or transmission i e Activity Act of data occurring on a port DGS 3024 Gigabit Ethernet Switch Manual CONNECTING THE SWITCH This chapter describes how to connect the DGS 3024 to your Gigabit Ethernet network Switch to End Node End nodes include PCs outfitted with a 10 100 or 1000 Mbps RJ 45 Ethernet Fast Ethernet Gigabit Ethernet Network Interface Card NIC and most routers An end node can be connected to the Switch via a Category 3 4 5 or Se UTP STP cable for optimal performance Category 5e is recommended The end node should be connected to any of the ports of the Switch Figure 4 1 Switch connected to an End Node The Link Act LEDs light green when the link is valid A blinking green LED indicates packet activity on that port The Speed LEDs indicate port speed and will light solid green for 1000 Mbps connections They will remain off for 10 or 100 Mbps connections DGS 3024 Gigabit Ethernet Switch Manual Switch to Hub or Switch These connections can be accomplished in a number of ways using a normal cable e A 10BASE T hub or Switch can be connected to the Switch via a two pair Category 3 4 5 or 5e UTP STP cable e A 100BASE TX hub or Switch can be connected to the Switch via a two pair Category 5 or 5e UTP STP cable e A 1000BASE T Switch can be connected to the Switch via four pair straight Category 5 or 5e UTP STP cable
106. die Anschlu werte 9 Die Netzanschlu steckdose mu aus Gr nden der elektrischen Sicherheit einen Schutzleiterkontakt haben 10 Verlegen Sie die Netzanschlu leitung so da niemand dar ber fallen kann Es sollete auch nichts auf der Leitung abgestellt werden 11 Alle Hinweise und Warnungen die sich am Ger ten befinden sind zu beachten 12 Wird das Ger t ber einen l ngeren Zeitraum nicht benutzt sollten Sie es vom Stromnetz trennen Somit wird im Falle einer berspannung eine Besch digung vermieden 13 Durch die L ftungs ffnungen d rfen niemals Gegenst nde oder Fl ssigkeiten in das Ger t gelangen Dies k nnte einen Brand bzw Elektrischen Schlag ausl sen 14 ffnen Sie niemals das Ger t Das Ger t darf aus Gr nden der elektrischen Sicherheit nur von authorisiertem Servicepersonal ge ffnet werden 15 Wenn folgende Situationen auftreten ist das Ger t vom Stromnetz zu trennen und von einer qualifizierten Servicestelle zu berpr fen a Netzkabel oder Netzstecker sint besch digt b Fl ssigkeit ist in das Ger t eingedrungen c Das Ger t war Feuchtigkeit ausgesetzt d Wenn das Ger t nicht der Bedienungsanleitung ensprechend funktioniert oder Sie mit Hilfe dieser Anleitung keine Verbesserung erzielen e Das Ger t ist gefallen und oder das Geh use ist besch digt f Wenn das Ger t deutliche Anzeichen eines Defektes aufweist 16 Bei Reparaturen d rfen nur Orginalersatzteile bzw den Orginalteilen ents
107. dundant links between Switches and similar network devices The port level STP will block redundant links within an STP Group It is advisable to define an STP Group to correspond to a VLAN group of ports The following fields can be set 49 DGS 3024 Gigabit Ethernet Switch Manual Parameter Description From To A consecutive group of ports may be configured starting with the selected port External Cost 0 Auto This defines a metric that indicates the relative cost of forwarding packets to the specified port list Port cost can be set automatically or as a metric value The default value is 0 auto e 0 auto Setting O for the external cost will automatically set the speed for forwarding packets to the specified port s in the list for optimal efficiency Default port cost 100Mbps port 200000 Gigabit port 20000 e value 1 200000000 Define a value between 1 and 200000000 to determine the external cost The lower the number the greater the probability the port will be chosen to forward packets Migration Setting this parameter as Yes will set the ports to send out BDPU packets to other bridges requesting information on their STP setting If the Switch is configured for RSTP the port will be capable to migrate from 802 1d STP to 802 1w RSTP If the Switch is configured for MSTP the port is capable of migrating from 802 1d STP to 802 1s MSTP RSTP and MSTP can coexist with standard STP however t
108. e 3 Configure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the SSH client and the SSH server using the Encryption Algorithm window 4 Finally enable SSH on the Switch using the SSH Configuration window After completing the preceding steps a SSH Client on a remote PC can be configured to manage the Switch using a secure in band connection 91 DGS 3024 Gigabit Ethernet Switch Manual SSH Configuration The following window is used to configure and view settings for the SSH server and can be opened by clicking Security gt Secure Shell SSH gt SSH Configuration SSH Server Status Max Session Time Out Auth Fail Session Rekeying Ports SSH Server Status Disabled Mas Sessiona Time Out 120 600 300 aut ren 29 Pons gt Apply Figure 8 4 Current SSH Configuration Settings window To configure the SSH server on the Switch modify the following parameters and click Apply Parameter Description SSH Server Status Use the pull down menu to enable or disable SSH on the Switch The default is Disabled Max Session 1 8 Enter a value between 7 and 8 to set the number of users that may simultaneously access the Switch The default setting is 8 Time Out 120 600 Allows the user to set the connection timeout The user may set a time between 720 and 600 seconds The default setting is 120 seconds Auth Fa
109. e effective Spare parts i e External Power Adapters Fans One 1 year in respect of all D LINK products sold in European Countries by D LINK or one of its authorized resellers or distributors from 1st of January 2004 All products sold in European Countries by D LINK or one of its authorized resellers or distributors before 1st January 2004 carry 5 years warranty except power supplies fans and accessories that are provided with 2 year warranty The warranty period stated in this card supersedes and replaces the warranty period as stated in the user s manual or in the purchase contract for the relevant products For the avoidance of doubt if you have purchased the relevant D LINK product as a consumer your statutory rights remain unaffected Performance of the Limited Product Warranty If a product defect occurs D LINK s sole obligation shall be to repair or replace any defective product free of charge to the original purchaser provided it is returned to an Authorized D LINK Service Center during the warranty period Such repair or replacement will be rendered by D LINK at an Authorized D LINK Service Center All component parts or hardware products removed under this limited warranty become the property of D LINK The replacement part or product takes on the remaining limited warranty status of the removed part or product The replacement product need not be new or of an identical make model or part D LINK may in its discretion repla
110. e The default setting is 0 auto There are two options e 0 auto Selecting this parameter for the interna Cost will set quickest route automatically and optimally for an interface The default value is derived from the media speed of the interface value 1 2000000 Selecting this parameter with a value in the range of 1 to 2000000 will set the quickest route when a loop occurs A lower Internal cost represents a quicker transmission Designated Bridge This field will show the priority and MAC address of the Designated Bridge The information shown in this table comes from a BPDU packet originating from this bridge Root Port This is the port on the Switch that is physically connected to the Root Bridge Max Age The Max Age may be set to ensure that old information does not endlessly circulate through redundant paths in the network preventing the effective propagation of the new information Set by the Root Bridge this value will aid in determining that the Switch has spanning tree configuration values consistent with other devices on the bridged LAN If the value ages out and a BPDU has still not been received from the Root Bridge the Switch will start sending its own BPDU to all other Switches for permission to become the Root Bridge If it turns out that your Switch has the lowest Bridge Identifier it will become the Root Bridge The user may choose a time between 6 and 40 seconds The default value is 20
111. e Switch then determines if the destination port is a member of the same VLAN has the same VID as the 56 DGS 3024 Gigabit Ethernet Switch Manual ingress port If it does not the packet is dropped If it has the same VID the packet is forwarded and the destination port transmits it on its attached network segment This process is referred to as ingress filtering and is used to conserve bandwidth within the Switch by dropping packets that are not on the same VLAN as the ingress port at the point of reception This eliminates the subsequent processing of packets that will just be dropped by the destination port Default VLANs The Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to the default Packets cannot cross VLANs If a member of one VLAN wants to connect to another VLAN the link must be through an external router forwarded to any destination port Packets with unknown source addresses will be flooded to all ports Broadcast and multicast packets will j NOTE If no VLANs are configured on the Switch then all packets will be L also be flooded to all ports An example is presented below VLAN Name VID Switch Ports System default 1 5 6 7 8 21 22 23 24 Engineering 2 9 10 11 12 Marketing 3 13 14 15 16 Finance 4 17 18 19 20 Sales 5 1 2 3 4 Table 7 2 VLAN Example Assigned Ports VLAN and
112. e command line interface as shown below DGS 3024 4 show switch Command show switch Device Type DGS 3024 Gigabit Ethernet Switch MAC Address 20 20 20 20 20 20 IP Address 10 53 13 224 Manual VLAN Name default Subnet Mask 259 0 0 0 Default Gateway 0 0 0 0 Boot PROM Version Build 1 00 B03 Firmware Version Build 4 00 B04 Hardware Version 0A1 System Name 3 System Location System Contact Spanning Tree Disabled GYRP Disabled IGMP Snooping Disabled Enabled TCP 23 Enabled TCP 80 Disabled DGS 3024 44 Figure 5 3 Show Switch command The Switch s MAC address can also be found from the Web management program on the Switch Information Basic Settings window on the Configuration menu The IP address for the Switch must be set before it can be managed with the Web based manager The Switch IP address can be automatically set using BOOTP or DHCP protocols in which case the actual address assigned to the Switch must be known The IP address may be set using the Command Line Interface CLI over the console serial port as follows Starting at the command line prompt enter the commands config ipif System ipaddress XXX XXX XXX XXxX yyy yyy yyy yyy where the x s represent the IP address to be assigned to the IP interface named System and the y s represent the corresponding subnet mask Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s represent the IP address t
113. e following authentication methods to this method list e tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server e xtacacs Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server e tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server e radius Adding this parameter will require the user to be authenticated using the RADIUS protocol from a remote RADIUS server e Server group Adding this parameter will require the user to be authenticated using a user defined server group previously configured on the Switch e local Adding this parameter will require the user to be authenticated using the local user account database on the Switch e none Adding this parameter will require no authentication to access the Switch 102 DGS 3024 Gigabit Ethernet Switch Manual Enable Method Lists The Enable Method Lists window is used to set up Method Lists to promote users with user level privileges to Administrator Admin level privileges using authentication methods on the Switch Once a user acquires normal user level privileges on the Switch he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch which is defined by the Administrator A maximum of eight 8 Enable Method L
114. e set Parameter Description From and To Select a port or group of ports to enable for MAC notification using the pull down menus State Enable MAC Notification for the ports selected using the pull down menu Click Apply to implement changes made 72 DGS 3024 Gigabit Ethernet Switch Manual System Log Server The Switch can send Syslog messages to up to four designated servers using the System Log Server In the Configuration folder click System Log Server to view the window shown below Add New System Log Server Curent ep ge 10 53 13 94 Local0 514 Enabled X Figure 7 50 System Log Servers window The parameters configured for adding and editing System Log Server settings are the same To add a new Syslog Server click the Add button To modify a current entry click the hyperlinked number of the server in the Index field Both actions will result in the same window to configure See the table below for a description of the parameters in the following window System Log Server A mex Apply Show All System Log Servers Figure 7 51 System Log Server Add window The following parameters can be set Parameter Description Index Syslog server settings index Server IP The IP address of the Syslog server Severity This drop down menu allows you to select the level of messages that will be sent The options are Warning Informational and ALL
115. e the multicast router is attached VLAN Name This is the name of the VLAN where the multicast router is attached Member Ports These are the ports on the Switch that will have a multicast router attached to them Click Apply to implement the new settings Click the Show All Static Router Port Entries link to return to the Current Static Router Port Entries window 36 DGS 3024 Gigabit Ethernet Switch Manual Spanning Tree This Switch supports three versions of the Spanning Tree Protocol 802 1d STP 802 1w Rapid STP and 802 1s MSTP 802 1d STP will be familiar to most networking professionals However since 802 1w RSTP and 802 1s MSTP has been recently introduced to D Link managed Ethernet Switches a brief introduction to the technology is provided below followed by a description of how to set up 802 1d STP 802 1w RSTP and 802 1s MSTP 802 1s MSTP Multiple Spanning Tree Protocol or MSTP is a standard defined by the IEEE community that allows multiple VLANs to be mapped to a single spanning tree instance which will provide multiple pathways across the network Therefore these MSTP configurations will balance the traffic load preventing wide scale disruptions when a single spanning tree instance fails This will allow for faster convergences of new topologies for the failed instance Frames designated for these VLANs will be processed quickly and completely throughout interconnected bridges utilizing either of the three span
116. e with the client The default setting is 60 seconds SuppTimeout This value determines timeout conditions in the exchanges between the Authenticator and the client The default setting is 30 seconds 80 DGS 3024 Gigabit Ethernet Switch Manual ServerTimeout This value determines timeout conditions in the exchanges between the Authenticator and the authentication server The default setting is 30 seconds MaxReq The maximum number of times that the Switch will retransmit an EAP Request to the client before it times out of the authentication sessions The default setting is 2 ReAuthPeriod A constant that defines a nonzero number of seconds between periodic reauthentication of the client The default setting is 3600 seconds ReAuth Determines whether regular reauthentication will take place on this port The default setting is Disabled Click Apply to implement your configuration changes To view configurations for the 802 1x Authenticator Settings click Show Authenticators Setting Local Users To configure local users for the 802 1X function click Configuration gt Port Access Entity gt Local Users To set a local user enter a User Name Password and confirmation of that password Properly configured local users will be displayed in the 802 1x Local User Table in the same window Apply Total Entries 0 Figure 7 60 802 1x Local User Table Configuration window Click Apply
117. ecome disconnected packets intended for the disconnected port will be load shared among the other uplinked ports of the port trunking group Port trunking allows several ports to be grouped together and to act as a single link This gives a bandwidth that is a multiple of a single link s bandwidth Port trunking is most commonly used to link a bandwidth intensive network device or devices such as a server to the backbone of a network The Switch allows the creation of up to four port trunking groups each group consisting of 2 to 8 links ports The aggregated links must be contiguous they must have sequential port numbers except the two optional Gigabit ports which can only belong to a single port trunking group All of the ports in the group must be members of the same VLAN and their STP status static multicast traffic control traffic segmentation and 802 1p default priority configurations must be identical Port locking port mirroring and 802 1x must not be enabled on the trunk group Further the aggregated links must all be of the same speed and should be configured as full duplex The Master Port of the group is to be configured by the user and all configuration options including the VLAN configuration that can be applied to the Master Port are applied to the entire port trunking group Load sharing is automatically applied to the ports in the trunking group and a link failure within the group causes the network traffic to
118. econds The default value is one second To clear the current statistics shown click the Clear button in the top left hand corner The following fields can be viewed Parameter Description Server The identification number assigned to each RADIUS Authentication server that the client shares a secret with UDP Port The UDP port the client is using to send requests to this server Timeouts The number of authentication timeouts to this server After a timeout the client may retry to the same server send to a different server or give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as a Request as well as a timeout Requests The number of RADIUS Access Request packets sent to this server This does not include retransmissions Challenges The number of RADIUS Access Challenge packets valid or invalid received from this server Accepts The number of RADIUS Access Accept packets valid or invalid received from this server Rejects The number of RADIUS Access Reject packets valid or invalid received from this server 135 DGS 3024 Gigabit Ethernet Switch Manual MAINTENANCE The fifth Web Manager main folder is Maintenance and includes the following windows and sub folders TFTP Services Ping Test Save Changes Reboot Services and Logout as well as secondary windows TFTP Services Trivial File Transfer Protocol TFTP
119. ed The SNMPv2 supports both centralized and distributed network management strategies It includes improvements in the Structure of Management Information SMI and adds some security features SNMPv3 Specifies that the SNMP version 3 will be used SNMPv3 provides secure access to devices through a combination of authentication and encrypting packets over the network Security Level The Security Level settings only apply to SNMPv3 NoAuthNoPriv Specifies that there will be no authorization and no encryption of packets sent between the Switch and a remote SNMP manager AuthNoPriv Specifies that authorization will be required but there will be no encryption of packets sent between the Switch and a remote SNMP manager AuthPriv Specifies that authorization will be required and that packets sent between the Switch and a remote SNMP manger will be encrypted To implement your new settings click Apply To return to the SNMP Group Table click the Show All SNMP Group Table Entries link 113 DGS 3024 Gigabit Ethernet Switch Manual SNMP Community Table Use this table to create an SNMP community string to define the relationship between the SNMP manager and an agent The community string acts like a password to permit access to the agent on the Switch One or more of the following characteristics can be associated with the community string e An Access List of IP addresses of SNMP managers that are permitte
120. ee ee see es wee ess Furbidden AAA ss we ee ww ee ee se Show All Static VLAN Entries Figure 7 36 802 1Q Static VLANs window Add To return to the first 802 1Q Static VLANs window click the Show All Static VLAN Entries link To change an existing 802 1Q VLAN entry click the Modify button of the corresponding entry you wish to modify A new window will appear to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new window 58 DGS 3024 Gigabit Ethernet Switch Manual None Forbidden MD LAN Name 4094 lichiro Disabled ere Senge OOO ROOT REDENTORE CS e e 7 e 7 7 Y 7 Y e e 7 n 3 7 n eo 7 Y e e 7 Y 7 e 7 Y 7 7 7 Y 7 7 7 Show All Static VLAN Entries Figure 7 37 802 1Q Static VLANs window Modify The following fields can then be set in either the Add or Modify 802 1Q Static VLANs windows Parameter Description VID VLAN ID Allows the entry of a VLAN ID in the Add window or displays the VLAN ID of an existing VLAN in the Modify window VLANSs can be identified by either the VID or the VLAN name VLAN Name Allows the entry of a name for the new VLAN in the Add window or for editing the VLAN name in the Modify window Advertisement Enabling this function will allow the Swi
121. eingeschr nkte Garantie des entfernten Teils oder Produkts wird auf das Ersatzteil oder produkt bertragen Das Austauschprodukt muss weder neu sein noch dem defekten Produkt ganz oder in Teilen entsprechen D LINK darf dieses nach eigenem Ermessen gegen ein entsprechendes wiederaufbereitetes Produkt austauschen welches dem defekten Produkt im Wesentlichen entspricht oder h herwertig ist D LINK kann verlangen dass der Kauf des Produkts nachgewiesen wird DIE VORSTEHENDE GARANTIE WURDE IN DIE DEUTSCHE SPRACHE AUS DEM ENGLISCHEN BERSETZT BEI ABWEICHUNGEN ZWISCHEN DER ENGLISCHEN VERSION UND DER DEUTSCHEN BERSETZUNG GELTEN DIE BESTIMMUNGEN DER ENGLISCHEN VERSION Garantiegeber D Link Europe Ltd 4th Floor Merit House Edgware Road Colindale London NW9 5 AB Vereinigtes K nigreich Telefon 44 020 8731 5555 Fax 44 020 8731 5511 www dlink com D Link Europe a limit la garantie des produits Conditions G n rales La Garantie Produit Limit e nonc e ci dessous mane de D LINK Europe Ltd ci apr s D LINK Cette Garantie Produit Limit e n est valable que sur pr sentation de la prevue d achat D LINK peut galement exiger la pr sentation du pr sent bon de garantie SAUF INDICATION EXPLICITE DES PRESENTES D LINK NE FOURNIT AUCUNE AUTRE GARANTIE EXPLICITE OU IMPLICITE Y COMPRIS UNE GARANTIE IMPLICITE DE VALEUR MARCHANDE OU D ADAPTATION DU PRODUIT A UN USAGE PRECIS D LINK DECLINE EXPLICITEMENT TO
122. eiten Alle weiteren Produkte Zwei 2 Jahre gelten f r alle Ersatzteile z B externe Netzteile L fter Ein 1 Jahr D LINK Produkte die in europ ischen Staaten ab dem 1 Januar 2004 von D LINK oder einem autorisierten Fachh ndler oder Distributor verkauft werden Alle vor dem 1 Januar 2004 von D LINK oder einem autorisierten Vertragsh ndler oder Distributor verkauften Produkte haben eine Gew hrleistung von 5 Jahren ausgenommen sind Netzteile L fter und Zubeh r diese haben eine Garantie von 2 Jahren Die durch diesen Garantieschein festgelegte Garantielaufzeit tritt an die Stelle der im Benutzerhandbuch oder im Kaufvertrag f r das jeweilige Produkt angegebenen Laufzeit Sollten Sie das betreffende D LINK Produkt als Verbraucher erworben haben so sei klargestellt dass Ihre gesetzlichen Rechte hiervon unber hrt bleiben Leistungsumfang der eingeschr nkten Garantie Bei Auftreten eines Produktfehlers besteht die einzige Verpflichtung von D LINK darin dem urspr nglichen K ufer das defekte Produkt kostenlos zu reparieren oder es auszutauschen Voraussetzung hierf r ist dass das Produkt w hrend der Garantielaufzeit einem autorisierten D LINK Servicecenter bergeben wird Reparatur oder Austausch werden von D LINK durch ein autorisiertes D LINK Servicecenter durchgef hrt Bauteile oder Hardware Produkte die gem dieser eingeschr nkten Garantie entfernt werden gehen in das Eigentum von D LINK ber Die verbliebene
123. elected ports Results of configured Bandwidth Settings will be displayed in the Port Bandwidth Table 66 DGS 3024 Gigabit Ethernet Switch Manual Traffic Control Use the Traffic Control window to enable or disable storm control and adjust the threshold for multicast broadcast DLF Destination Look Up Failure storms Traffic control settings are applied to individual Switch modules To view the following window click Configuration gt QOS gt Traffic Control Storm Control Type Setting Storm Control Type broadcast_multicast_dlt y Apply raffic Control Setting Fort Pont Disabled Apply Traffic Control Information Table 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disabled 20 Disabled 21 Disabled 22 Disabled 23 Disabled 24 Disabled Figure 7 43 Storm Control Type Setting window The purpose of this window is to limit too many broadcast multicast or unknown unicast packets folding the network The Storm Control Type Settings you can choose from are broadcast broadcast_multicast broadcast dif and broadcast_multicast_dlf The Threshold value is the upper threshold at which the specified traffic control is Switched on This is the number of Broadcast Broadcast Mult
124. emory data of Purchaser contained in stored on or integrated with any product returned to D Link pursuant to this warranty Any package returned to D Link without an RMA number will be rejected and shipped back to Purchaser at Purchaser s expense and D Link reserves the right in such a case to levy a reasonable handling charge in addition mailing or shipping costs Software Warranty service for software products may be obtained by contacting a D Link office within the applicable warranty period A list of D Link offices is provided at the back of this manual together with a copy of the Registration Card If a Registration Card for the product in question has not been returned to a D Link office then a proof of purchase such as a copy of the dated purchase invoice must be provided when requesting warranty service The term purchase in this software warranty refers to the purchase transaction and resulting license to use such software D Link warrants that its software products will perform in substantial conformance with the applicable product documentation provided by D Link with such software product for a period of ninety 90 days from the date of purchase from D Link or its Authorized Reseller D Link warrants the magnetic media on which D Link provides its software product against failure during the same warranty period This warranty applies to purchased software and to replacement software provided by D Link pursuant to this warranty b
125. enido conforme a lo recogido en el manual del usuario o en otra documentaci n que se haya proporcionado al comprador en el momento de la compra o que se haya corregido D LINK no garantiza que los productos funcionar n sin interrupciones o sin errores ni que se corregir n todas las deficiencias errores defectos o disconformidades Esta garant a no cubre problemas derivados de a modificaciones o conexiones no autorizadas b negligencia abuso o mal uso incluyendo el incumplimiento de las especificaciones y de los requisitos de la interfaz en el funcionamiento del producto c manejo incorrecto d errores en art culos o servicios ajenos a D LINK o no sujetos a una garant a o un contrato de mantenimiento vigentes de D LINK e uso o almacenamiento incorrecto o f fuego agua casos fortuitos u otros hechos catastr ficos Esta garant a tampoco es v lida para aquellos productos a los que se haya eliminado o alterado de alg n modo el n mero de serie D LINK D LINK NO SE RESPONSABILIZA DE LOS DA OS CAUSADOS COMO CONSECUENCIA DEL INCUMPLIMIENTO DE LAS INSTRUCCIONES DEL PRODUCTO DE HARDWARE D LINK Per odo de la garant a limitada del producto El per odo de la garant a limitada del producto se inicia en la fecha en que se realiz la compra a D LINK Para el comprador el comprobante de la fecha de la compra es el recibo de la venta o de la entrega en el que figura la fecha de la compra del producto Puede ser necesario tener que p
126. er the Internet http www dlink com tr e mail turkiye dlink me com Tech Support for customers within Egypt D Link Technical Support over the Telephone 202 2919035 202 2919047 Sunday to Thursday 9 00am to 5 00pm D Link Technical Support over the Internet http support dlink me com e mail amostafa dlink me com D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link website Tech Support for customers within South Africa and Sub Sahara Region D Link South Africa and Sub Sahara Technical Support over the Telephone 27 12 665 2165 08600 DLINK For South Africa only Monday to Friday 8 30am to 9 00pm South Africa Time D Link Technical Support over the Internet http www d link co za email support d link co za D Link Building Networks for People Technical Support You can find updates and user documentation on the D Link website Tech Support for Latin America customers D Link Technical Support over the followings Telephones Argentina 0800 666 1442 Monday to Friday 09 00am to 22 00pm Chile 800 214 422 Monday to Friday 08 00am to 21 00pm Colombia 01800 700 1588 Monday to Friday 07 00am to 20 00pm Ecuador 1800 777 711 Monday to Friday 07 00am to 20 00pm El Salvador 800 6137 Monday to Friday 06 00am to 19 00pm Guatemala 1800 300 0017 Monday to Friday 06 00am to 19 00pm Panama 0800 560 0193 Monday to Friday 07 00am to 20 00
127. ernet Switch Manual Packets The Web Manager allows various packet statistics to be viewed as either a line graph or a table Six windows are offered Received RX Click the Received RX link in the Packets folder of the Monitoring menu to view the following graph of packets received on the Switch Clear View Table Rx Packets Analysis Port 1 Bytes 3514 Packets 17 25 44 Time Interval Record Number Show Hide M Bytes M Packets Figure 10 2 Rx Packets Analysis window line graph for Bytes and Packets To view the Received Packets Table click the link View Table which will show the following table 118 DGS 3024 Gigabit Ethernet Switch Manual View Line Chart Packet Analysis of Port 1 Time Interval lis Si 0 0 Bytes Packets 0 0 Unicast Multicast Broadcast 0 0 0 0 Tx Packets Total Sec Bytes Packets Figure 10 3 Rx Packets Analysis window table for Bytes and Packets The following fields may be set or viewed Parameter Description Time Interval Select the desired setting between 7s and 60s where s stands for seconds The default value is one second Record Number the number of times the Switch will be polled between 20 and 200 The default value is Bytes Counts the number of bytes received on the port Packets Counts the number of packets received on the port Show Hide Check whether to display Bytes and Pac
128. ersonnel of events that occur on the Switch The events can be as serious as a reboot someone accidentally turned OFF the Switch or less serious like a port status change The Switch generates traps and sends them to the trap recipient or network manager Typical traps include trap messages for Authentication Failure Topology Change and Broadcast Multicast Storm MIBs Management and counter information are stored by the Switch in the Management Information Base MIB The Switch uses the standard MIB II Management Information Base module Consequently values for MIB objects can be retrieved from any SNMP based network management software In addition to the standard MIB II the Switch also supports its own proprietary enterprise MIB as an extended Management Information Base The proprietary MIB may also be retrieved by specifying the MIB Object Identifier MIB values can be either read only or read write DGS 3024 Gigabit Ethernet Switch Manual IP Address Assignment Each Switch must be assigned its own IP Address which is used for communication with an SNMP network manager or other TCP IP application for example BOOTP TFTP The Switch s default IP address is 10 90 90 90 You can change the default Switch IP address to meet the specification of your networking address scheme The Switch is also assigned a unique MAC address by the factory This MAC address cannot be changed and can be found by entering the command show switch into th
129. esibire la prova di acquisto Potete beneficiare delle prestazioni di assistenza previste dalla garanzia in conformit con I termini e le condizioni di cui sotto nel momento in cui il Vostro prodotto hardware D LINK necessiti di una riparazione durante il Periodo di garanzia La presente Garanzia si applica esclusivamente al primo acquirente del Prodotto hardware DLINK e non pu essere trasferita a terzi che abbiano ottenuto la propriet del Prodotto hardware D LINK dal primo acquirente Tipo de producto Periodo de garantia del producto Switch solo Switch dotati di agente SNMP incorporato inclusi moduli e software di 2 5 cinque anni gestione Tutti gli altri prodotti 2 due anni Pezzi di ricambio es adattatori esterni di potenza alimentatori esterni ventole 1 Un anno Il periodo di garanzia sopra specificato relativamente a tutti i prodotti D LINK venduti nei Paesi europei da D LINK o da qualsiasi suo rivenditore o distributore autorizzato decorre dal 1 gennaio 2004 Tutti i prodotti venduti nei Paesi europei da D LINK o da uno qualsiasi dei suoi rivenditori o distributori autorizzati prima del 1 gennaio 2004 sono coperti da una garanzia di 5 anni fatto salvo per alimentatori ventole e accessori che hanno 2 anni di garanzia Il periodo di garanzia qui menzionato sostituisce qualsiasi altro periodo di garanzia definito nel manuale d uso o nel contratto di acquisto del prodotto Se avete acquistato un pr
130. ess Value Last Member Query Interval Host Timeout Route Timeout Leave Timer Querier State state Disabled Apply Show All IGMP Group Entries Figure 7 12 IGMP Snooping Settings window The following parameters may be viewed or modified 34 DGS 3024 Gigabit Ethernet Switch Manual Parameter Description VLAN ID This is the VLAN ID that along with the VLAN Name identifies the VLAN for which to modify the IGMP Snooping Settings VLAN Name This is the VLAN Name that along with the VLAN ID identifies the VLAN for which to modify the IGMP Snooping Settings Query Interval Allows the entry of a value between 7 and 65535 seconds with a default of 125 seconds This specifies the length of time between sending IGMP queries Max Response Time Sets the maximum amount of time allowed before sending an IGMP response report A value between 7 and 25 seconds can be entered with a default of 70 seconds Robustness Value A tuning variable to allow for subnetworks that are expected to lose a large number of packets A value between 2 and 255 can be entered with larger values being specified for subnetworks that are expected to lose larger numbers of packets The default is 2 seconds Last Member Query Specifies the maximum amount of time between group specific query messages including Interval those sent in response to leave group messages A value between 7 and 25 The default is 7 second Host Timeo
131. et Switch Manual SECURITY The second Web Manager main folder is Security and includes the following windows and sub folders Trusted Host Secure Socket Layer SSL Secure Shell SSH and Access Authentication Control as well as secondary windows Trusted Host Go to the Security folder and click on the Trusted Host link the following window will appear IP Access to Switch 0 0 0 0 IP2 Access to Switch 0 0 0 0 IP3 Access to Switch 0 0 0 0 Apply Note Create a list of IP Addresses that can access the switch Your local host IP Address must be one ofthe IP Addresses to avoid disconnection Figure 8 1 Security IP Management window Use security IP management to permit remote stations to manage the Switch If you choose to define one or more designated management stations only the chosen stations as defined by IP address will be allowed management privilege through the web manager or Telnet session To define a management station IP setting type in the IP address and click the Apply button 87 DGS 3024 Gigabit Ethernet Switch Manual Secure Socket Layer SSL Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication digital signatures and encryption These security functions are implemented through the use of a ciphersuite which is a security string that determines the exact cryptographic parameters specif
132. et Switch Manual rational Status 32770 00 53 13 1a 33 24 0 32770 00 53 13 1a 33 24 None Remaining Hops Last Topology Change Topology Changes Count Show STP Instance Table Figure 7 26 STP Instance Operational Status window Previously Configured MSTI The following parameters may be viewed in the STP Instance Operational Status windows Parameter Description Designated Root Bridge This field will show the priority and MAC address of the Root Bridge External Root Cost This defines a metric that indicates the relative cost of forwarding packets to the specified port list Port cost can be set automatically or as a metric value The default value is 0 auto e 0 auto Setting O for the external cost will automatically set the speed for forwarding packets to the specified port s in the list for optimal efficiency Default port cost 100Mbps port 200000 Gigabit port 20000 e value 1 200000000 Define a value between 1 and 200000000 to determine the external cost The lower the number the greater the probability the port will be chosen to forward packets Regional Root Bridge This field will show the priority and MAC address of the Regional Internal Root Bridge This MAC address should be the MAC address of the Switch Internal Root Cost This parameter is set to represent the relative cost of forwarding packets to specified ports when an interface is selected within a STP instanc
133. ettings Simple Network Management Protocol SNMP is an OSI Layer 7 Application Layer designed specifically for managing and monitoring network devices SNMP enables network management stations to read and modify the settings of gateways routers Switches and other network devices Use SNMP to configure system features for proper operation monitor performance and detect potential problems in the Switch Switch group or network Managed devices that support SNMP include software referred to as an agent which runs locally on the device A defined set of variables managed objects is maintained by the SNMP agent and used to manage the device These objects are defined in a Management Information Base MIB which provides a standard presentation of the information controlled by the on board SNMP agent SNMP defines both the format of the MIB specifications and the protocol used to access this information over the network The DGS 3024 supports SNMP versions 1 2c and 3 You can specify which version of SNMP you want to use to monitor and control the Switch The three versions of SNMP vary in the level of security provided between the management station and the network device In SNMP v 1 and v 2 user authentication is accomplished using community strings which function like passwords The remote user SNMP application and the Switch SNMP must use the same community string SNMP packets from any station that has not been authenticated are ign
134. f all products plugged into the extension cable or power strip does not exceed 80 percent of the ampere ratings limit for the extension cable or power strip To help protect your system from sudden transient increases and decreases in electrical power use a surge suppressor line conditioner or uninterruptible power supply UPS Position system cables and power cables carefully route cables so that they cannot be stepped on or tripped over Be sure that nothing rests on any cables Do not modify power cables or plugs Consult a licensed electrician or your power company for site modifications Always follow your local national wiring rules When connecting or disconnecting power to hot pluggable power supplies if offered with your system observe the following guidelines Install the power supply before connecting the power cable to the power supply Unplug the power cable before removing the power supply If the system has multiple sources of power disconnect power from the system by unplugging all power cables from the power supplies Move products with care ensure that all casters and or stabilizers are firmly connected to the system Avoid sudden stops and uneven surfaces A General Precautions for Rack Mountable Products Observe the following precautions for rack stability and safety Also refer to the rack installation documentation accompanying the system and the rack for specific caution statements and procedures
135. fault is Disabled Multicast Router Only This field specifies that the Switch should only forward all multicast traffic to a multicast enabled router if enabled Otherwise the Switch will forward all multicast traffic to any IP router The default is Disabled 24 DGS 3024 Gigabit Ethernet Switch Manual Telnet Status This indicates if a Telnet connection is currently enabled on the Switch The default is Enabled Telnet TCP Port Number 1 65535 The TCP port number TCP ports are numbered between 7 and 65535 The well known TCP port for the Telnet protocol is 23 Web Status Web based management is Enabled by default If Disabled is chosen the ability to configure the system through the web interface as soon as these settings are applied will be lost Web TCP Port The TCP port number currently being utilized by the Switch to connect to the web interface The Number 1 65535 well known TCP port for the Web interface is 80 RMON Status This indicates if RMON is enabled on the Switch The default is Disabled GVRP This indicates if Group VLAN Registration Protocol GVRP is enabled on the Switch GVRP is a protocol that allows members to dynamically join VLANs The Switch s GVRP settings can be changed on the GVRP Settings window Configuration VLANs 802 1Q Port Settings The default is Disabled Link Aggregation Algorithm The algorithm that the Switch uses to ba
136. field is Enabled by default Host based This field may be enabled or disabled to choose if the administrator wishes to use a host computer for authentication This parameter is intended for Linux users requiring SSH authentication techniques and the host computer is running the Linux operating system with a SSH program previously installed This field is Enabled by default Click Apply to implement changes made 94 DGS 3024 Gigabit Ethernet Switch Manual SSH User Authentication The following windows are used to configure parameters for users attempting to access the Switch through SSH To access the following window click Security Management gt Secure Shell gt SSH User Authentication Mode DFlint Password Figure 8 6 Current Accounts window In the example screen above the User Account DFlint has been previously set using the User Accounts window in the Management folder A use bh Password x User Account MUST be set in order to set the Host Name parameters for the SSH user To configure the r ooo parameters for a SSH user click on the hyperlinked User Name in the Current Accounts window which will reveal the adjacent window to Show All User Authtication Entries configure Figure 8 7 untitled SSH User window The user may set the following parameters Parameter Description User Name Enter a User Name of no more than 15 characters to identify the SSH user
137. figured by a user using the console or Web based management interfaces is displayed as a static router port designated by an S A router port that is dynamically configured by the Switch is designated by D To view the following window open the Monitoring folder and click the Router Port link VLAN ID VLAN Name default Ports LE E BB EWE e e pupo mada te S LES 2 e 190 200 210 22 za da Figure 10 19 Browse Router Port window Session Table Reload Total Entries 1 Login Time Live Time From Level Name 1 8 2036 02 07 00 41 02 00 20 15 390 Serial Port Anonymous Figure 10 20 Current Session Table window This window displays a list of all the users that are currently logged in 134 DGS 3024 Gigabit Ethernet Switch Manual Port Access Control RADIUS Authentication This table contains information concerning the activity of the RADIUS authentication client on the client side of the RADIUS authentication protocol It has one row for each RADIUS authentication server that the client shares a secret with To view the RADIUS Authentication click Monitoring gt Port Access Control gt RADIUS Authentication Clear MIA Radius Authentication Time Interval lis wi il ial ii a NIA NA NA MIA NIA N A Figure 10 21 RADIUS Authentication window The user may also select the desired time interval to update the statistics between s and 60s where s stands for s
138. findet berall Anwendung wo D LINK oder dessen autorisierte Servicepartner Garantiedienste gem den Bestimmungen dieser eingeschr nkten Garantie erbringen Gleichwohl kann sich die Verf gbarkeit von Garantiediensten und die Bearbeitungszeit von Land zu Land unterscheiden und von Registrierungsanforderungen abh ngig sein Einschr nkung der Garantie D LINK gew hrleistet dass die nachstehend aufgef hrten Produkte bei gew hnlicher Verwendung f r die unten angegebene Laufzeit der eingeschr nkten Garantie Garantielaufzeit frei von wesentlichen Verarbeitungs und Materialfehlern sind Voraussetzung hierf r ist jedoch dass das Produkt entsprechend dem Benutzerhandbuch und den weiteren Dokumentationen die der Benutzer beim Kauf oder sp ter erhalten hat genutzt und gewartet wird D LINK garantiert nicht dass die Produkte st rungs oder fehlerfrei arbeiteten oder dass alle M ngel Fehler Defekte oder Kompatibilit tsst rungen beseitigt werden k nnen Diese Garantie gilt nicht f r Probleme wegen a unerlaubter Ver nderung oder Hinzuf gung b Fahrl ssigkeit Missbrauch oder Zweckentfremdung einschlie lich des Gebrauchs des Produkts entgegen den Spezifikationen oder den durch Schnittstellen gegebenen Vorgaben c fehlerhafter Bedienung d Versagen von Produkten oder Diensten die nicht von D LINK stammen oder nicht Gegenstand einer zum ma geblichen Zeitpunkt g ltigen Garantie oder Wartungsvereinbarung sind e Fehlgebrauc
139. for warding decisions Ports with untagging enabled will strip the 802 1Q tag from all packets that flow into and out of those ports If the packet doesn t have an 802 1Q VLAN tag the port will not alter the packet Thus all packets received by and forwarded by an untagging port will have no 802 1Q VLAN information Remember that the PVID is only used internally within the Switch Untagging is used to send packets from an 802 1Q compliant network device to a non compliant network device Ingress Filtering A port on a Switch where packets are flowing into the Switch and VLAN decisions must be made is referred to as an ingress port If ingress filtering is enabled for a port the Switch will examine the VLAN information in the packet header if present and decide whether or not to forward the packet If the packet is tagged with VLAN information the ingress port will first determine if the ingress port itself is a member of the tagged VLAN If it is not the packet will be dropped If the ingress port is a member of the 802 1Q VLAN the Switch then determines if the destination port is a member of the 802 1Q VLAN If it is not the packet is dropped If the destination port is a member of the 802 1Q VLAN the packet is forwarded and the destination port transmits it to its attached network segment If the packet is not tagged with VLAN information the ingress port will tag the packet with its own PVID as a VID if the port is a tagging port Th
140. formation Advanced Settings window in the Configuration folder before initializing ports Information in the Initialize Ports Table cannot be viewed before enabling 802 1x 83 DGS 3024 Gigabit Ethernet Switch Manual Reauthenticate Port s This window allows you to reauthenticate a port or group of ports by choosing a port or group of ports by using the pull down menus From and To and clicking Apply The Reauthenticate Port Table displays the current status of the reauthenticated port s once you have clicked Apply Click Configuration gt Port Access Entity gt Reauthenticate Port s to open the Reauthenticate Port s window 9 00 3 A n HW N Reauthenticate Port Table MAC Address Auth State BackendState N A N A both Reauthenticate Port Part 1 Port 1 Apply PortStatus Authorized N A N A both Authorized N A N A both Authorized N A N A both Authorized N A N A both Authorized N A N A both Authorized N A N A both Authorized N A N A both Authorized N A N A both Authorized N A N A both Authorized Figure 7 63 Reauthenticate Port window This window displays the following information Parameter Description Port The port number of the reauthenticated port MAC Address Displays the physical address of the Switch where the port resides Auth State The Authenticator State will display one of the following nitialize Disconnected Connecting
141. g from the network to be propagated to the router A router port has the following behavior All IGMP Report packets will be forwarded to the router port IGMP queries from the router port will be flooded to all ports All UDP multicast packets will be forwarded to the router port Because routers do not send IGMP reports or implement IGMP snooping a multicast router connected to the router port of a Layer 3 switch would not be able to receive UDP data streams unless the UDP multicast packets were all forwarded to the router port A router port will be dynamically configured when IGMP query packets RIPv2 multicast DVMRP multicast or PIM DM multicast packets are detected flowing into a port Open the IGMP folder and the click on the Static Router Ports Entry link to open the Current Static Router Ports Entries window as shown below Total Entries 1 Va O VLAN Name Mas O 1 default Modify Figure 7 13 Current Static Router Ports Entries window Select an entry and click Modify to access the following window VID 1 Ad PWR ET default Member Ports 113 13 141515 7 8 5 Tofn EEE ss ss A A A 19 tte 10 IB 16 10 IB Apply Show All Static Router Ports Entries Figure 7 14 Static Router Ports Settings window The following parameters can be viewed or set Parameter Description VID VLAN ID This is the VLAN ID that along with the VLAN Name identifies the VLAN wher
142. gular symbol with a lightning bolt may expose you to electrical shock Only a trained service technician should service components inside these compartments e If any of the following conditions occur unplug the product from the electrical outlet and replace the part or contact your trained service provider The power cable extension cable or plug is damaged An object has fallen into the product The product has been exposed to water The product has been dropped or damaged The product does not operate correctly when you follow the operating instructions e Keep your system away from radiators and heat sources Also do not block the cooling vents e Do not spill food or liquids on your system components and never operate the product in a wet environment If the system gets wet see the appropriate section in your troubleshooting guide or contact your trained service provider e Do not push any objects into the openings of your system Doing so can cause a fire or an electric shock by shorting out interior components e Use the product only with approved equipment e Allow the product to cool before removing covers or touching internal components e Operate the product only from the type of external power source indicated on the electrical ratings label If you are not sure of the type of power source required consult your service provider or local power company e To help avoid damaging your system be sure the v
143. h incoming and outgoing traffic through the controlled port selected in the first field PortControl This allows you to control the port authorization state e Select forceAuthorized to disable 802 1x and cause the port to transition to the authorized state without any authentication exchange required This means the port transmits and receives normal traffic without 802 1x based authentication of the client e If forceUnauthorized is selected the port will remain in the unauthorized state ignoring all attempts by the client to authenticate The Switch cannot provide authentication services to the client through the interface e If auto is selected it will enable 802 1x and cause the port to begin in the unauthorized state allowing only EAPOL frames to be sent and received through the port The authentication process begins when the link state of the port transitions from down to up or when an EAPOL start frame is received The Switch then requests the identity of the client and begins relaying authentication messages between the client and the authentication server The default setting is auto TxPeriod This sets the TxPeriod of time for the authenticator PAE state machine This value determines the period of an EAP Request Identity packet transmitted to the client The default setting is 30 seconds QuietPeriod This allows the user to set the number of seconds that the Switch remains in the quiet state following a failed authentication exchang
144. h oder fehlerhafter Lagerung oder f Feuer Wasser h herer Gewalt oder anderer Katastrophen Diese Garantie gilt ebenfalls nicht f r Produkte bei denen eine D LINK Seriennummer entfernt oder auf sonstige Weise unkenntlich gemacht wurde D LINK STEHT NICHT F R SCH DEN EIN DIE DADURCH ENTSTEHEN DASS DIE ANLEITUNG F R DAS D LINK HARDWARE PRODUKT NICHT BEFOLGT WIRD Laufzeit der eingeschr nkten Garantie Die Laufzeit der eingeschr nkten Garantie beginnt mit dem Zeitpunkt zu dem das Produkt von D LINK gekauft wurde Als Nachweis f r den Zeitpunkt des Kaufs gilt der datierte Kauf oder Lieferbeleg Es kann von Ihnen verlangt werden dass Sie zur Inanspruchnahme von Garantiediensten den Kauf des Produkts nachweisen Wenn Ihre Hardware Produkte der Marke D LINK innerhalb der Laufzeit der eingeschr nkten Garantie eine Reparatur ben tigen so sind Sie berechtigt gem den Bedingungen dieser eingeschr nkten Garantie Garantiedienste in Anspruch zu nehmen Diese eingeschr nkte Garantie gilt nur f r denjenigen der das D LINK Hardware Produkt urspr nglich als origin rer Endbenutzer gekauft hat Sie ist nicht auf Dritte bertragbar die das D LINK Produkt von dem urspr nglichen origin ren Endbenutzer erworben haben n i Die oben Produkttyp Gew hrleistungslaufzeit sufgef h Verwaltete Switches d h Switches mit eingebauten SNMP Agents einschlie lich F nf 5 Jah rten Modulen und Verwaltungssoftware A Garantiel aufz
145. h to authenticate users Password attempting to access Administrator Level privileges on the Switch The user may set a password of up to 15 characters Confirm Local Enable Confirm the new password entered above Entering a different password here from the Password one set in the New Local Enabled field will result in a fail message Click Apply to implement changes made Enable Admin The Enable Admin window is for users who have logged on to the Switch on the normal user level and wish to be promoted to the administrator level After logging on to the Switch users will have only user level privileges To gain access to administrator level privileges the user will open this window and will have to enter an authentication password Possible authentication methods for this function include TACACS XTACACS TACACS RADIUS user defined server groups local enable local account on the Switch or no authentication none Because XTACACS and TACACS do not support the enable function the user must create a special account on the server host which has the username enable and a password configured by the administrator that will support the enable function This function becomes inoperable when the authentication policy is disabled To view the following window click Security gt Access Authentication Control gt Enable Admin Authentication policy is disabled Figure 8 22 Enable Admin window When this window appear
146. hat originally purchased the product from D Link or its authorized reseller or distributor and Only for products purchased and delivered within the fifty states of the United States the District of Columbia U S Possessions or Protectorates U S Military Installations or addresses with an APO or FPO Limited Warranty D Link warrants that the hardware portion of the D Link product described below Hardware will be free from material defects in workmanship and materials under normal use from the date of original retail purchase of the product for the period set forth below Warranty Period except as otherwise stated herein Limited Lifetime Warranty for the product is defined as follows Hardware For as long as the original customer end user owns the product or five 5 years after product discontinuance whichever occurs first excluding power supplies and fans Power supplies and fans Three 3 Year Spare parts and spare kits Ninety 90 days The customer s sole and exclusive remedy and the entire liability of D Link and its suppliers under this Limited Warranty will be at D Link s option to repair or replace the defective Hardware during the Warranty Period at no charge to the original owner or to refund the actual purchase price paid Any repair or replacement will be rendered by D Link at an Authorized D Link Service Office The replacement hardware need not be new or have an identical make model or part D Lin
147. he corresponding local D Link office Product Registration Register your D Link product online at http support dlink com register Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights Trademarks Copyright 2005 D Link Corporation Contents subject to change without prior notice D Link is a registered trademark of D Link Corporation D Link Systems Inc All other trademarks belong to their respective proprietors Copyright statement No part of this publication may be reproduced in any form or by any means or used to make an derivative such as translation transformation or adaptation without permission from DLink Corporation D Link Systems Inc as stipulated by the United States Copyright Act of 1976 CE EMI class A warning This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures D Link Europe Limited Product Warranty General Terms The Limited Product Warranty set forth below is given by D LINK Europe Ltd herein referred to as D LINK This Limited Product Warranty is only effective upon presentation of the proof of purchase Upon further request by D LINK this warranty card has to be presented too EXCEPT AS EXPRESSLY SET FORTH IN THIS LIMITED WARRANTY D LINK MAKES NO OTHER WARRANTIES EXPRESS OR IMPLIED INCLUDING ANY IMPLIED WARRANTI
148. he Switch Read Write Specifies that SNMP community members using the community string created can read from and write to the contents of the MIBs on the Switch To implement the new settings click Apply To delete an entry from the SNMP Community Table click the X under the Delete heading corresponding to the entry you wish to delete 114 DGS 3024 Gigabit Ethernet Switch Manual SNMP Host Table Use the SNMP Host Table window to set up SNMP trap recipients Open the SNMP Manager folder located in the Management folder and click on the SNMP Host Table link This will open the SNMP Host Table window as shown below To delete an existing SNMP Host Table entry click the corresponding under the Delete heading To display the current settings for an existing SNMP Group Table entry click the blue link for the entry under the Host IP Address heading Add Total Entries 0 Note It is allowed insert 10 entries into the table only Host IP Address SNMP Version Comm Dame Si DAR ws User Name Figure 9 12 SNMP Host Table window To add a new entry to the Switch s SNMP Host Table click the Add button in the upper left hand corner of the window This will open the SNMP Host Table Configuration window as shown below SNMP Host Table Configuration Host IP Address SNMP Version Community String SNMPv3 User Name Show All SNMP Host Table Entries Figure 9 13 SNMP Host Table Configuration wi
149. he benefits of RSTP and MSTP are not realized on a port where an 802 1d network connects to an 802 1w or 802 1s enabled network Migration should be set as yes on ports connected to network stations or segments that are capable of being upgraded to 802 1w RSTP or 802 1s MSTP on all or some portion of the segment Edge Choosing the True parameter designates the port as an edge port Edge ports cannot create loops however an edge port can lose edge port status if a topology change creates a potential for a loop An edge port normally should not receive BPDU packets If a BPDU packet is received it automatically loses edge port status Choosing the False parameter indicates that the port does not have edge port status P2P Choosing the True parameter indicates a point to point P2P shared link P2P ports are similar to edge ports however they are restricted in that a P2P port must operate in full duplex Like edge ports P2P ports transition to a forwarding state rapidly thus benefiting from RSTP A p2p value of false indicates that the port cannot have p2p status Auto allows the port to have p2p status whenever possible and operate as if the p2p status were true If the port cannot maintain this status for example if the port is forced to half duplex operation the p2p status changes to operate as if the p2p value were False The default setting for this parameter is True State This drop down menu allows you to enable or disable S
150. he corresponding X under the Delete heading in the Current MST Configuration Identification window Clicking the Add button will reveal the following window to configure 42 DGS 3024 Gigabit Ethernet Switch Manual Instance ID Settin un E VID List 1 4094 Show MST Config Figure 7 19 Instance ID Settings window Add The user may configure the following parameters to create a MSTI in the Switch Parameter Description MSTI ID Enter a number between 7 and 15 to set a new MSTI on the Switch Type Create is selected to create a new MSTI No other choices are available for this field when creating a new MSTI VID List 1 4094 This field is used to specify the VID range from configured VLANs set on the Switch Supported VIDs on the Switch range from ID number 1 to 4094 Click Apply to implement changes made To configure the settings for the CIST click on its hyperlinked MSTI ID number in the Current MST Configuration Identification window which will reveal the following window to configure stance ID Settings MSTI ID lo Tye evo VID List 1 4094 F Apply Show MST Config Figure 7 20 Instance ID Settings window CIST modify The user may configure the following parameters to configure the CIST on the Switch Parameter Description MSTI ID The MSTI ID of the CIST is 0 and cannot be altered Type This field allows the user to choose a desired method for al
151. he current IGMP snooping forwarding table entries currently configured on the Switch To view the following screen open the Monitoring folder and click the IGMP Snooping Forwarding link via D Search Total Entries 0 0 00 00 00 00 00 00 0 0 0 0 Port Member Figure 10 17 IGMP Snooping Forwarding Table window The user may search the IGMP Snooping Forwarding Table by VID clicking the top left hand corner Search button The following field can be viewed Parameter Description VLAN ID The VLAN ID VID of the multicast group Multicast Group The IP address of the multicast group MAC Address The MAC address of the multicast group Port Map These are the ports where the IGMP packets were snooped are displayed VLAN Status This allows the VLAN status for each of the Switch s ports to be viewed by VLAN This window displays the ports on the Switch that are currently Egress or Tag ports To view the following table open the Monitoring folder and click the VLAN Status Link Total VLAN Entries 1 LAND LAN Name default static Enabled Ports pop Bs ls 7 8 ls fio fir fia fis his his fis fir his fio bo b 2 ps pai ES EE EEE EN EME VEE EVE VE ES ES EVE ESE EE EE Next Figure 10 18 VLAN Status window 133 DGS 3024 Gigabit Ethernet Switch Manual Router Port This displays the Switch s ports that are currently configured as router ports A router port con
152. he device The URL in the address bar should read something like http 123 123 123 123 where the numbers 123 represent the IP address of the Switch Please note that the proxy for session connection should be turned off Ti In the page that opens click on the Login to make a setup button NOTE The Factory default IP address for the Switch is 10 90 90 90 to setup your switch Figure 6 1 Login button This opens the management module s user authentication window as seen below Enter Network Password 21xj ye Please type your user name and password Site 10 53 13 224 Realm DGS 3024 Gigabit Ethernet Switch UserName Password TT Save this password in your password list Figure 6 2 Enter Network Password dialog box 18 DGS 3024 Gigabit Ethernet Switch Manual Leave both the User Name field and the Password field blank and click OK This will open the Web based user interface The Switch management features available in the Web based manager are explained below Web based User Interface The user interface provides access to various Switch configuration and management windows allows you to view performance statistics and permits you to graphically monitor the system status Areas of the User Interface The figure below shows the user interface The user interface is divided into three distinct areas as described in the table 17 19 his E Boj Bao lio bles Lol bol Lgl Dl hol be mlink At gt
153. ic encryption algorithms and key sizes to be used for an authentication session and consists of three levels 1 Key Exchange The first part of the ciphersuite string specifies the public key algorithm to be used This Switch utilizes the Rivest Shamir Adleman RSA public key algorithm and the Digital Signature Algorithm DSA specified here as the DHE DSS Diffie Hellman DHE public key algorithm This is the first authentication process between client and host as they exchange keys in looking for a match and therefore authentication to be accepted to negotiate encryptions on the following level 2 Encryption The second part of the ciphersuite that includes the encryption used for encrypting the messages sent between client and host The Switch supports two types of cryptology algorithms Stream Ciphers There are two types of stream ciphers on the Switch RC4 with 40 bit keys and RC4 with 128 bit keys These keys are used to encrypt messages and need to be consistent between client and host for optimal use CBC Block Ciphers CBC refers to Cipher Block Chaining which means that a portion of the previously encrypted block of encrypted text is used in the encryption of the current block The Switch supports the 3DES EDE encryption code defined by the Data Encryption Standard DES to create the encrypted text 3 Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function which will determine a Me
154. icast Broadcast DLF and Broadcast Multicast DLF packets received by the Switch that will trigger the storm traffic control measures The Threshold value can be set from 0 to 15000 packets per second The default setting is 5000 The settings of each port may be viewed in the Traffic Control Information Table in the same window To configure the Storm Control Type Setting select the desired Storm Control Type from the pull down menu select the threshold from the drop down menu and click Apply To configure the Traffic Control Setting select the beginning and ending ports by using the From To pull down menu Now change the Traffic control State to Enabled and click Apply 67 DGS 3024 Gigabit Ethernet Switch Manual 802 1p Default Priority The Switch allows the assignment of a default 802 1p priority to each port on the Switch In the Configuration folder open the QoS folder and click 802 1p Default Priority to view the window shown below Te Py pel I Priority tl o o oa Ww BR Ww ph a 5 Mi Figure 7 44 Port Default Priority assignment window This window allows you to assign a default 802 1p priority to any given port on the Switch The priority queues are numbered from 0 the lowest priority to 7 the highest priority Click Apply to implement your settings 68 DGS 3024 Gigabit Ethernet Switch Manual 802 1p User Priority The DGS 3024 allows the assignment of a user priority t
155. ices are 802 1Q compliant Unfortunately not all network devices are 802 1Q compliant These devices are referred to as tag unaware 802 1Q devices are referred to as tag aware Prior to the adoption of 802 1Q VLANs port based and MAC based VLANs were in common use These VLANs relied upon a Port VLAN ID PVID to forward packets A packet received on a given port would be assigned that port s PVID and then be forwarded to the port that corresponded to the packet s destination address found in the Switch s forwarding table If the PVID of the port that received the packet is different from the PVID of the port that is to transmit the packet the Switch will drop the packet Within the Switch different PVIDs mean different VLANs remember that two VLANs cannot communicate without an external router Therefore VLAN identification based upon the PVIDs cannot create VLANs that extend outside a given Switch or Switch stack Every physical port on a Switch has a PVID 802 1Q ports are also assigned a PVID for use within the Switch If no VLANs are defined on the Switch all ports are then assigned to a default VLAN with a PVID equal to 1 Untagged packets are assigned the PVID of the port on which they were received Forwarding decisions are based upon this PVID in so far as VLANs are con cerned Tagged packets are forwarded according to the VID contained within the tag Tagged packets are also assigned a PVID but the PVID is not used to make pa
156. il 2 20 Allows the Administrator to set the maximum number of attempts that a user may try to log on to the SSH Server utilizing the SSH authentication After the maximum number of attempts has been exceeded the Switch will be disconnected and the user must reconnect to the Switch to attempt another login The number of maximum attempts may be set between 2 and 20 The default setting is 2 Session Rekeying This field is used to set the time period that the Switch will change the security shell encryptions by using the pull down menu The available options are Never 10 min 30 min and 60 min The default setting is Never Port 1 65535 The TCP port number currently being utilized by the Switch to connect to the SSH server The well known TCP port for SSH management is 22 92 DGS 3024 Gigabit Ethernet Switch Manual SSH Algorithm This window allows the configuration of the desired types of SSH algorithms used for authentication encryption There are three categories of algorithms listed and specific algorithms of each may be enabled or disabled by using their corresponding pull down menus All algorithms are enabled by default To open the following window click Security gt Secure Shell SSH gt SSH Algorithm 3DES CBC Enabled y Blow fish CBC Enabled y AES128 CBC Enabled y AES192 CBC Enabled y AES256 CBC Enabled y Cast128 CBC Enabled y Twofish256 Enabled x Data Integrity Algorithm uu P
157. il and end DST on Sunday during the last week of October From Which Week of the month Enter the week of the month that DST will start From Which Day of the Week Enter the day of the week that DST will start on From Which Month Enter the month DST will start on From What Time HH MM Enter the time of day that DST will start on To Which Week Enter the week of the month the DST will end To Which Day To Which Month Enter the day of the week that DST will end Enter the month that DST will end To What Time HH MM Enter the time DST will end DST Annual Settings Using annual mode will enable DST seasonal time adjustment Annual mode requires that the DST beginning and ending date be specified concisely For example specify to begin DST on April 3 and end DST on October 14 From What Month Enter the month DST will start on each year From What Date Enter the day of the week DST will start on each year From What Time Enter the time of day DST will start on each year To What Month Enter the month DST will end on each year To What Date Enter the day of the week DST will end on each year To What Time Enter the time of day that DST will end on each year Click Apply to implement changes made to the Time Zone and DST Settings window 63 DGS 3024 Gigabit Ethernet Switch Manual QoS The DGS 3024 supports 802 1
158. ill be defined there as BPDU Loopback on Port Setting the Loopback Timer The Loopback timer plays a key role in the next step the switch will take to resolve this problem Choosing a non zero value on the timer will enable the Auto Recovery Mechanism When the timer expires the switch will again look for its returning BPDU packet on the same port If no returning packet is received the switch will recover the port as a Designated Port in the Discarding State If another returning BPDU packet is received the port will remain in a blocked state the timer will reset to the specified value restart and the process will begin again For those who choose not to employ this function the Loopback Recovery time must be set to zero In this case when a BPDU packet is returned to the Switch the port will be placed in a blocking state and a message will be sent to the Syslog of the switch To recover the port the administrator must disable the state of the problematic port and enable it again This is the only method available to recover the port when the Loopback Recover Time is set to 0 Regulations and Restrictions for the Loopback Detection Function e All three versions of STP STP RSTP and MSTP can enable this feature e May be configured globally STP Global Bridge Settings or per port MSTP Port Information e Neighbor switches of the DGS 3024 switch must have the capability to forward BPDU packets Switches the fail to meet this
159. ime Admin and User Privileges There are two levels of user privileges Admin and User Some menu selections available to users with Admin privileges may not be available to those with User privileges The following table summarizes the Admin and User privileges Management Admin User Configuration Yes Read Only Network Monitoring Yes Read Only Community Strings and Trap Yes Read Only Stations Update Firmware and Yes No Configuration Files System Utilities Yes No Factory Reset Yes No 107 DGS 3024 Gigabit Ethernet Switch Manual User Account Management Add Update Delete User Accounts Yes No View User Accounts Yes No Table 9 1 Admin and User Privileges After establishing a User Account with Admin level privileges be sure to save the changes by opening the Maintenance folder opening the Save Configuration window and clicking the Save Configuration button 108 DGS 3024 Gigabit Ethernet Switch Manual SNMP Manager Simple Network Management Protocol SNMP is an OSI Layer 7 Application Layer designed specifically for managing and monitoring network devices SNMP enables network management stations to read and modify the settings of gateways routers Switches and other network devices Use SNMP to configure system features for proper operation monitor performance and detect potential problems in the Switch Switch group or netw
160. ina Tel fono 0800 6661442 Lunes a Viernes 09 00 am a 22 00 pm Soporte T cnico Help Desk Chile Tel fono 800 8 35465 Lunes a Viernes 08 00 am a 21 00 pm Soporte T cnico Help Desk Colombia Tel fono 01800 7001588 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk Ecuador Tel fono 1800 777 711 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk El Salvador Tel fono 800 6137 Lunes a Viernes 06 00 am a 19 00 pm Soporte T cnico Help Desk Guatemala Tel fono 1800 300 0017 Lunes a Viernes 06 00 am a 19 00 pm Soporte T cnico Help Desk Panama Tel fono 0800 560 0193 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk Peru Tel fono 0800 52049 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk Venezuela Tel fono 0800 1003470 Lunes a Viernes 08 00 am a 21 00 pm D Link Building Networks for People Suporte Tecnico Voc pode encontrar atualiza es de software e documenta o de usuario no site da D Link Brasil www dlinkbrasil com br A D Link fornece suporte t cnico gratuito para clientes no Brasil durante o periodo de vig ncia da garantia deste produto Suporte T cnico para clientes no Brasil Telefone Sao Paulo 11 2185 9301 Segunda a sexta Das 8h30 as 18h30 Demais Regides do Brasil 0800 70 24 104 E mail email suporte dlinkbrasil com br D Link Building Networks for People BEAST AN IA sete LSS Pass BARESE AL AAR AT SERA Re SRR G
161. ined in the following two octets and consists of 3 bits of user priority bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLANs can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is retained IEEE 802 1Q Tag Octets o 1 2 3 4 Destination Address 6 octets Source Address 6 octets Eert OO Tag Control Information Poe rer crs MANTD VIB G2 3 bits 1 bit 12 bits Figure 7 33 IEEE 802 1Q Tag The EtherType and VLAN ID are inserted after the MAC source address but before the original EtherType Length or Logical Link Control Because the packet is now a bit longer than it was originally the Cyclic Redundancy Check CRC must be recalculated Adding an IEEE 802 19 Tag Figure 7 34 Adding an IEEE 802 1Q Tag 55 DGS 3024 Gigabit Ethernet Switch Manual Port VLAN ID Packets that are tagged are carrying the 802 1Q VID information can be transmitted from one 802 1Q compliant network device to another with the VLAN information intact This allows 802 1Q VLANs to span network devices and indeed the entire network if all network dev
162. ing the data channel clear for some period of time When two devices transmit simultaneously a collision occurs and the colliding devices delay their retransmissions for a random amount of time data center Switching The point of aggregation within a corporate network where a Switch provides high performance access to server farms a high speed backbone connection and a control point for network management and security Ethernet A LAN specification developed jointly by Xerox Intel and Digital Equipment Corporation Ethernet networks operate at 10Mbps using CSMA CD to run over cabling Fast Ethernet 100Mbps technology based on the Ethernet CD network access method Flow Control IEEE 802 3z A means of holding packets back at the transmit port of the connected end station Prevents packet loss at a congested Switch port forwarding The process of sending a packet toward its destination by an internetworking device full duplex A system that allows packets to be transmitted and received at the same time and in effect doubles the potential throughput of a link 145 DGS 3024 Gigabit Ethernet Switch Manual GBIC Gigabit interface converter a transceiver that converts serial electric signals to serial optical signals and vice versa In networking a GBIC is used to interface a fiber optic system with an Ethernet system such as Fiber Channel and Gigabit Ethernet A GBIC allows designers to design one type of device that
163. ists can be implemented on the Switch one of which is a default Enable Method List This default Enable Method List cannot be deleted but can be configured The sequence of methods implemented in this command will affect the authentication result For example if a user enters a sequence of methods like TACACS XTACACS Local Enable the Switch will send an authentication request to the first TACACS host in the server group If no verification is found the Switch will send an authentication request to the second TACACS host in the server group and so on until the list is exhausted At that point the Switch will restart the same sequence with the following protocol listed XTACACS If no authentication takes place using the XTACACS list the Local Enable password set in the Switch is used to authenticate the user Successful authentication using any of these methods will give the user an Admin privilege i E NOTE To set the Local Enable Password see the next section entitled f Local Enable Password To view the following table click Security gt Access Authentication Control gt Enable Method Lists Add default local_enable Figure 8 18 Enable Method List Settings window To delete an Enable Method List defined by the user click the under the Delete heading corresponding to the entry desired to be deleted To modify an Enable Method List click on its hyperlinked Method List Name To configure a Method List
164. item is found missing or damaged please contact your local D Link reseller for replacement Installation Use the following guidelines when choosing a place to install the Switch e The surface must support at least 4 kg e The power outlet should be within 1 82 meters 6 feet of the device e Visually inspect the power cord and see that it is secured to the AC power connector e Make sure that there is proper heat dissipation from and adequate ventilation around the Switch Do not place heavy objects on the Switch DGS 3024 Gigabit Ethernet Switch Manual Desktop or Shelf Installation When installing the Switch on a desktop or shelf the rubber feet included with the device should first be attached Attach these cushioning feet on the bottom at each corner of the device Allow adequate space for ventilation between the device and the objects around it t eo Rubber Feet gt Figure 2 1 Installing rubber feet for desktop installation Rack Installation The DGS 3024 can be mounted in an EIA standard sized 19 inch rack which can be placed in a wiring closet with other equipment To install attach the mounting brackets on the Switch s side panels one on each side and secure them with the screws provided Figure 2 2A Attaching the mounting brackets Then use the screws provided with the equipment rack to mount the Switch on the rack DGS 3024 Gigabit Ethernet Switch Manual Figure 2 2B In
165. iver sold separately into the SFP transceiver slot e Use the appropriate network cabling to connect a device to the connectors on the SFP transceiver NOTICE When the SFP transceiver acquires a link the associated integrated 10 100 1000BASE T port is disabled DGS 3024 Gigabit Ethernet Switch Manual WEB BASED NETWORK MANAGEMENT Introduction The DGS 3024 offers an embedded Web based HTML interface allowing users to manage the Switch from anywhere on the network through a standard browser such as Opera Netscape Navigator Communicator or Microsoft Internet Explorer The Web browser acts as a universal access tool and can communicate directly with the Switch using the HTTP protocol Your browser window may vary with the screen shots pictures in this manual The Web based management module and the Console program and Telnet are different ways to access the same internal Switching software and configure it Thus all settings encountered in Web based management are the same as those found in the console program ES y NOTE This Web based Management module does not accept Chinese L language input or other languages requiring 2 bytes per character 2 NOTE The Web browser needs to be upgraded to the latest Java version L Java Plug in version 1 5 0 or later Login to Web Manager To begin managing your Switch simply run the browser you have installed on your computer and point it to the IP address you have defined for t
166. jeta sustituye y reemplaza al periodo de garantia que consta en el manual del usuario o en el contrato de compra de los productos correspondientes Para evitar dudas si usted ha comprado el producto D LINK correspondiente como consumidor sus derechos legales no se ven afectados Uso de la garant a limitada del producto Si un producto presenta alg n defecto la obligaci n exclusiva de D LINK ser reparar o reemplazar sin coste alguno para el comprador originario cualquier producto defectuoso siempre y cuando ste sea entregado en un centro autorizado de servicio D LINK durante el per odo de garant a D LINK realizar la reparaci n o sustituci n para un centro autorizado de servicio D LINK Todos los productos de hardware o componentes que se eliminen bajo esta garant a limitada ser n propiedad de D LINK La parte o el producto de repuesto adquiere para el resto de la garantia limitada el estatus de parte o producto eliminado El producto de repuesto no ha de ser nuevo o de la misma marca modelo o parte D LINK puede sustituir a discreci n el producto defectuoso o cualquier parte con un producto equivalente reacondicionado o superior en cualquier material respecto al producto defectuoso D LINK puede pedir el comprobante de compra Garante D Link Europe Ltd 4th Floor Merit House Edgware Road Colindale London NW9 5 AB United Kingdom Tel fono 44 020 8731 5555 Fax 44 020 8731 5511 www dlink co uk D Link Euro
167. k may at its option replace the defective Hardware or any part thereof with any reconditioned product that D Link reasonably determines is substantially equivalent or superior in all material respects to the defective Hardware Repaired or replacement hardware will be warranted for the remainder of the original Warranty Period or ninety 90 days whichever is longer and is subject to the same limitations and exclusions If a material defect is incapable of correction or if D Link determines that it is not practical to repair or replace the defective Hardware the actual price paid by the original purchaser for the defective Hardware will be refunded by D Link upon return to D Link of the defective Hardware All Hardware or part thereof that is replaced by D Link or for which the purchase price is refunded shall become the property of D Link upon replacement or refund Limited Software Warranty D Link warrants that the software portion of the product Software will substantially conform to D Link s then current functional specifications for the Software as set forth in the applicable documentation from the date of original retail purchase of the Software for a period of ninety 90 days Software Warranty Period provided that the Software is properly installed on approved hardware and operated as contemplated in its documentation D Link further warrants that during the Software Warranty Period the magnetic media on which D Link deliver
168. ket to see if it has the proper identifying tag tagged Then the user may forward these tagged packets to designated queues on the Switch where they will be emptied based on priority For example lets say a user wishes to have a video conference between two remotely set computers The administrator can add priority tags to the video packets being sent out utilizing the Access Profile commands Then on the receiving end the administrator instructs the Switch to examine packets for this tag acquires the tagged packets and maps them to a class queue on the Switch Then in turn the administrator will set a priority for this queue so that will be emptied before any other packet is forwarded This results in the end user receiving all packets sent as quickly as possible thus prioritizing the queue and allowing for an uninterrupted stream of packets which optimizes the use of bandwidth available for the video conference 64 DGS 3024 Gigabit Ethernet Switch Manual Understanding QoS The Switch has four priority queues These priority queues are labeled as 3 the highest queue to 0 the lowest queue The eight priority tags specified in IEEE 802 1p are mapped to the Switch s priority tags as follows Priority 0 is assigned to the Switch s Q1 queue Priority 1 is assigned to the Switch s QO queue Priority 2 is assigned to the Switch s QO queue Priority 3 is assigned to the Switch s Q1 queue Priority 4 is assigned to the Switch s Q2 queue Prio
169. kets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display a line graph rather than a table 119 DGS 3024 Gigabit Ethernet Switch Manual UMB Cast RX Click the UMB Cast RX link in the Packets folder of the Monitoring menu to view the following graph of UMB cast packets received on the Switch Clear View Table Rx Packets Analysis Port 1 Unicast Multicast Broadcast Unit packetisec Time Interval Record Number Show Hide IV Unicast IV Multicast VW Broadcast Figure 10 4 Rx Packets Analysis window line graph for Unicast Multicast and Broadcast Packets To view the UMB Cast Table click the View Table link which will show the following table 120 DGS 3024 Gigabit Ethernet Switch Manual View LineChart Packet Analysis of Port1 Timeinteval SENESI Bytes Packets Rx Packets Frames Unicast Multicast Broadcast Bytes Packets Figure 10 5 Rx Packets Analysis window table for Unicast Multicast and Broadcast Packets The following fields may be set or viewed Parameter Description Time Interval Select the desired setting between 7s and 60s where s stands for seconds The default value is one second Record Number Select the number
170. kets with lengths more than the MAX_PKT_LEN bytes Internally MAX_PKT_LEN is equal to 1522 Drop The number of packets that are dropped by this port since the last Switch reboot Show Hide Check whether or not to display Crc Error Under Size Over Size Fragment Jabber and Drop errors Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display a line graph rather than a table 125 DGS 3024 Gigabit Ethernet Switch Manual Transmitted TX Click the Transmitted TX link in the Errors folder of the Monitoring menu to view the following graph of error packets received on the Switch Port Apply Clear View Table Tx Error Analysis Port Port 1 ExDefer IMI LateColl oO ExColl SingColl Coll CRCEror MMMM 14 54 51 Unitipacketisec Time Interval lis Record Number 200 Show Hide ExDefer MW LateColl M ExColl Y SingColl Y Call Y CRCError Figure 10 10 Tx Error Analysis window line graph To view the Transmitted Error Packets Table click the link View Table which will show the following table 126 DGS 3024 Gigabit Ethernet Switch Manual View Line Chart Packet Analysis of Port 1 Time Interval lis y ExDefer LateColl ExCall SingColl Coll CRCError
171. l that allows an application program on one device to send a datagram to an application program on another device VLAN Virtual LAN A group of location and topology independent devices that communicate as if they are on a common physical LAN VLT Virtual LAN Trunk A Switch to Switch link which carries traffic for all the VLANs on each Switch VT100 A type of terminal that uses ASCII characters VT100 screens have a text based appearance 147 WARRANTY AND REGISTRATION INFORMATION All countries and regions excluding USA Wichtige Sicherheitshinweise 1 Bitte lesen Sie sich diese Hinweise sorgf ltig durch 2 Heben Sie diese Anleitung f r den sp tern Gebrauch auf 3 Vor jedem Reinigen ist das Ger t vom Stromnetz zu trennen Vervenden Sie keine Fl ssig oder Aerosolreiniger Am besten dient ein angefeuchtetes Tuch zur Reinigung 4 Um eine Besch digung des Ger tes zu vermeiden sollten Sie nur Zubeh rteile verwenden die vom Hersteller zugelassen sind 5 Das Ger t is vor Feuchtigkeit zu sch tzen 6 Bei der Aufstellung des Ger tes ist auf sichern Stand zu achten Ein Kippen oder Fallen k nnte Verletzungen hervorrufen Verwenden Sie nur sichere Standorte und beachten Sie die Aufstellhinweise des Herstellers 7 Die Bel ftungs ffnungen dienen zur Luftzirkulation die das Ger t vor berhitzung sch tzt Sorgen Sie daf r da diese ffnungen nicht abgedeckt werden 8 Beachten Sie beim Anschlu an das Stromnetz
172. lance the load across the ports that make up the port trunk group is defined by this definition Choose MAC Source MAC Destination or MAC Src amp Dest For further information see the Link Aggregation section under the Link Aggregation folder Switch 802 1x The Switch s 802 1x function may be enabled by port the default is Disabled This field must be enabled to view and configure certain windows for 802 1x More information regarding 802 1x its functions and implementation can be found later in this section under the Port Access Entity folder Port Based 802 1x specifies that ports configured for 802 1x are initialized based on the port number only and are subject to any authorization parameters configured Syslog State This allows users to enable or disable the System Log State The default is Disabled Click Apply to implement changes made 25 DGS 3024 Gigabit Ethernet Switch Manual Port Configuration This section contains information for configuring various attributes and properties for individual physical ports including port speed and flow control Clicking Configuration gt Port Configurations gt Port Settings in the menu will display the following window for the user Port 1 Port 1 Disabled Auto Disabled Disabled Apply Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Do
173. le window Add To add a User Account fill in the appropriate information in the Username New Password and Confirm New Password fields Then select the desired access Admin or User in the Access Right drop down menu and click Apply The information on the window is described as follows Parameter Description User Name Enter a user name in this field New Password Enter the desired new password in this field 106 DGS 3024 Gigabit Ethernet Switch Manual Confirm New Password Enter the new password a second time Access Right Displays the current access level assigned to each corresponding user There are two access levels Admin and User An Admin user has full read write access while a User has read only access Coton Old Password DEC Confirm New Password Apply Delete Show All User Account Entries Figure 9 3 User Account Modify Table window Edit To edit a User Account fill in the appropriate information in the Old Password New Password and Confirm New Password fields Click Apply to make your change take effect The information on the window is described as follows Parameter Description User Name The user name being edited Old Password Enter the last password used in this field New Password Enter the desired new password in this field Confirm New Password Enter the new password a second t
174. lication Login Method List Using the pull down menu configure an application for normal login on the user level utilizing a previously configured method list The user may use the default Method List or other Method List configured by the user See the Login Method Lists window in this section for more information Enable Method List Using the pull down menu configure an application for normal login on the user level utilizing a previously configured method list The user may use the default Method List or other Method List configured by the user See the Enable Method Lists window in this section for more information Click Apply to implement changes made Authentication Server Group This window will allow users to set up Authentication Server Groups on the Switch A server group is a technique used to group TACACS XTACACS TACACS RADIUS server hosts into user defined categories for authentication using method lists The user may define the type of server group by protocol or by previously defined server group The Switch has three built in Authentication Server Groups that cannot be removed but can be modified Up to eight authentication server hosts may be added to any particular group To view the following window click Security gt Access Authentication Control gt Authentication Server Group Add it ion Server Group Se sl Group Name Delete radius tacacs tacacs xtacacs RR X X
175. llow you to prevent unauthorized users from accessing the Switch or changing its settings This section tells how to log onto the Switch NOTE The passwords used to access the Switch are case sensitive therefore S is not the same as s When you first connect to the Switch you will be presented with the first login screen shown below NOTE Press Ctrl R to refresh the screen This command can be used at any time to force the console program in the Switch to refresh the console screen Press Enter in both the Username and Password fields You will be given access to the command prompt DGS 3024 4 shown below There is no initial username or password Leave the Username and Password fields blank DGS 3024 Gigabit Ethernet Switch Command Line Interface mware Build 4 00 B04 Copyright C 2003 ook D Link Corporation All rights reserved UserName PassWord DGS 3024 4H Figure 5 2 Command Prompt NOTE The first user automatically gets Administrator level privileges It is recommended to create at least one Admin level user account for the Switch DGS 3024 Gigabit Ethernet Switch Manual Password Protection The DGS 3024 does not have a default user name and password One of the first tasks when settings up the Switch is to create user accounts If you log in using a predefined administrator level user name you have privileged access to the Switch s management software After your initial login define new
176. lows the selection of the port number on which the MAC address entered above resides Click Apply to implement the changes made To delete an entry in the Static Unicast Forwarding Table click the corresponding under the Delete heading Multicast Forwarding The following window describes how to set up Multicast Forwarding on the Switch Open the Forwarding folder and click on the Multicast Forwarding link to see the entry window below Static Multicast Forwarding Settings Add new Multicast Forwarding Settings e g Entries Figure 7 29 Static Multicast Forwarding Settings window The Static Multicast Forwarding Settings window displays all of the entries made into the Switch s static multicast forwarding table Click the Add button to open the Setup Static Multicast Forwarding Table window as shown below 51 DGS 3024 Gigabit Ethernet Switch Manual Multicast MAC Address lo 00 00 00 00 00 00 Port Setings 111213141515 71819 Do 131415 ish ist 202 MC CO CCR CRE OO OO bares wl we we ses esse se se see see Apply Figure 7 30 Setup Static Multicast Forwarding Table window The following parameters can be set Parameter Description VID The VLAN ID of the VLAN the corresponding MAC address belongs to Multicast MAC The MAC address of the static source of multicast packets This must be a multicast MAC Address address Port Settings Allows the selection of por
177. lticast Group IP address and the corresponding MAC address from IGMP packets that pass through the Switch The number of IGMP reports that were snooped is displayed in the Reports field To view the IGMP Snooping Table click IGMP Snooping Group in the Monitoring menu EEE Search Total Entries 0 0 0 0 0 0 00 00 00 00 00 00 Port Member Figure 10 16 IGMP Snooping Table window The user may search the IGMP Snooping Table by VLAN ID VID by entering the VID in the top left hand corner and clicking Search The following field can be viewed Parameter Description VLAN ID The VLAN ID VID of the multicast group Multicast Group The IP address of the multicast group MAC Address The MAC address of the multicast group Queries A read only field showing the status of the Querier State Disabled implies that the Switch is not transmitting IGMP Snooping Query packets while Enabled means those packets are being transmitted Reports The total number of reports received for this group Ports These are the ports where the IGMP packets were snooped are displayed i NOTE To configure IGMP snooping for the DGS 3204 go to the Configuration folder and select IGMP Snooping Configuration and other information concerning IGMP snooping may be found in this manual under IGMP 132 DGS 3024 Gigabit Ethernet Switch Manual IGMP Snooping Forwarding This window will display t
178. ly adjusting BPDU packets to 802 1d format when necessary However any segment using 802 1d STP will not benefit from the rapid transition and rapid topology change detection of MSTP or RSTP The protocol also provides for a variable used for migration in the event that legacy equipment on a segment is updated to use RSTP or MSTP The Spanning Tree Protocol STP operates on two levels 1 On the Switch level the settings are globally implemented 2 On the port level the settings are implemented on a per user defined group of ports basis 38 DGS 3024 Gigabit Ethernet Switch Manual STP Loopback Detection When connected to other switches STP is an important configuration in consistency for delivering packets to ports and can greatly improve the throughput of your switch Yet even this function can malfunction with the emergence of STP BPDU packets that occasionally loop back to the Switch such as BPDU packets looped back from an unmanaged switch connected to the DGS 3024 To maintain the consistency of the throughput the DGS 3024 switch implements the STP Loopback Detection function When the STP Loopback Detection function is enabled the Switch will be protected against a loop occurring between switches Once a BPDU packet returns to the Switch this function will detect that there is an anomaly occurring and will place the receiving port in an error disabled state Consequentially a message will be placed in the Switch s Syslog and w
179. mote TACACS server e xtacacs Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server e tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server e server group Adding a previously configured server group will require the user to be authenticated using a user defined server group previously configured on the Switch Configure Local Enable Password This window will configure the locally enabled password for the Enable Admin command When a user chooses the local_enable method to promote user level privileges to administrator privileges he or she will be prompted to enter the password configured here that is locally set on the Switch To view the following window click Security gt Access Authentication Control gt Configure Local Enable Password Configure Local Enable Password Old Local Enable Password New Local Enable Password Confirm Local Enable Password Figure 8 21 Configure Local Enable Password window 104 DGS 3024 Gigabit Ethernet Switch Manual To set the Local Enable Password set the following parameters and click Apply Parameter Description Old Local Enable If a password was previously configured for this entry enter it here in order to change it to Password a new password New Local Enable Enter the new password that you wish to set on the Switc
180. n a link down status for both ports Flow Control Displays the flow control scheme used for the various port configurations Ports configured for full duplex use 802 3x flow control half duplex ports use backpressure flow control and Auto ports use an automatic selection of the two The default is Disabled Learning Enable or disable MAC address learning for the selected ports When Enabled destination and source MAC addresses are automatically listed in the forwarding table When learning is Disabled MAC addresses must be manually entered into the forwarding table This is sometimes done for security or efficiency reasons See the section on Forwarding for information on entering MAC addresses into the forwarding table The default setting is Disabled Click Apply to implement the new settings on the Switch 27 DGS 3024 Gigabit Ethernet Switch Manual Port Description The DGS 3024 supports a port description feature where the user may name various ports on the Switch To assign names to various ports click the Port Description in the Port Configuration folder of the Configuration menu Use the From and To pull down menu to choose a port or range of ports to describe and then enter a description of the port s Click Apply to set the descriptions in the Port Description Table Port Des Port 1 ay 9 0 Joan h kW N al DD ON NN um 2 um mm pp gt pp DO ND a vo DA
181. n a table 127 DGS 3024 Gigabit Ethernet Switch Manual Size The Web Manager allows packets received by the Switch arranged in six groups and classed by size to be viewed as either a line graph or a table Two windows are offered Port 1 Apply Clear View Table Packet Size Analysis Port Port 1 64 Ss 65127 O 128 255 256 511 CE 512 1023 O 1024 1518 o o 11 51 55 Unit packetisec Time Interval lis y Record Number 200 Show Hide M 64 M 65 127 M 128 255 M 256 511 M 512 1023 M 1024 1518 Figure 10 12 Packet Size Analysis window line graph To view the Packet Size Analysis Table click the link View Table which will show the following table 128 DGS 3024 Gigabit Ethernet Switch Manual View Line Chart Figure 10 13 Packet Size Analysis window table The following fields can be set or viewed Parameter Description Time Interval Select the desired setting between 7s and 60s where s stands for seconds The default value is one second Record Number Select the number of times the Switch will be polled between 20 and 200 The default value is 20 64 The total number of packets including bad packets received that were 64 octets in length excluding framing bits but including FCS octets 65 127 The total number of packets including bad packets received that were between 65 and 127 octets in length i
182. n do so by periodically touching an unpainted metal surface on the chassis You can also take the following steps to prevent damage from electrostatic discharge ESD 1 When unpacking a static sensitive component from its shipping carton do not remove the component from the antistatic packing material until you are ready to install the component in your system Just before unwrapping the antistatic packaging be sure to discharge static electricity from your body 2 When transporting a sensitive component first place it in an antistatic container or packaging 3 Handle all sensitive components in a static safe area If possible use antistatic floor pads and workbench pads and an antistatic grounding strap Battery Handling Reminder CAUTION This is danger of explosion if the battery is incorrectly replaced Replace only with the same or equivalent type recommended by the manufacturer Discard used batteries according to the manufacturer s instructions xiv DGS 3024 Gigabit Ethernet Switch Manual INTRODUCTION This section describes the features of the DGS 3024 Features The DGS 3024 was designed for departmental and enterprise connections As an all gigabit port Switch it is ideal for backbone and server connection Powerful and versatile the Switch eliminates network bottlenecks while giving users the capability to fine tune performance Switch features include Ports e Twenty four high performance 1000BASE T p
183. nabled No 13 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 14 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 15 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 16 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 17 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 18 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 19 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 20 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 21 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 22 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 23 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No 24 AUTO 200000 2 2 No No Auto Yes Enabled Enabled No Figure 7 27 STP Port Settings window In addition to setting Spanning Tree parameters for use on the Switch level the Switch allows for the configuration of groups of ports each port group of which will have its own spanning tree and will require some of its own configuration settings An STP Group will use the Switch level parameters entered above with the addition of Port Priority and Port Cost An STP Group spanning tree works in the same way as the Switch level spanning tree but the root bridge concept is replaced with a root port concept A root port is a port of the group that is elected based on port priority and port cost to be the connection to the network for the group Redundant links will be blocked just as redundant links are blocked on the Switch level The STP on the Switch level blocks re
184. nclusive excluding framing bits but including FCS octets 128 255 The total number of packets including bad packets received that were between 128 and 255 octets in length inclusive excluding framing bits but including FCS octets 256 511 The total number of packets including bad packets received that were between 256 and 511 octets in length inclusive excluding framing bits but including FCS octets 512 1023 The total number of packets including bad packets received that were between 512 and 1023 octets in length inclusive excluding framing bits but including FCS octets 1024 1518 The total number of packets including bad packets received that were between 1024 and 1518 octets in length inclusive excluding framing bits but including FCS octets Show Hide Check whether or not to display 64 65 127 128 255 256 511 512 1023 and 1024 1518 packets received Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display a line graph rather than a table 129 DGS 3024 Gigabit Ethernet Switch Manual MAC Address A ESE Find Delete IAC 4 00 00 00 00 00 00 Find This allows the Switch s dynamic MAC address CC Find CEE forwarding table to be viewed When the Switch PAIE Delete All Entry learns an association between
185. ndow The following parameters can be set Parameter Description Host IP Address Type the IP address of the remote management station that will serve as the SNMP host for the Switch SNMP Version e V1 To specifies that SNMP version 1 will be used e V2 To specify that SNMP version 2 will be used e V3 NoAuth NoPriv To specify that the SNMP version 3 will be used with a NoAuth NoPriv security level e V3 Auth NoPriv To specify that the SNMP version 3 will be used with a Auth NoPriv security level e V3 Auth Priv To specify that the SNMP version 3 will be used with a Auth Priv security level Community String Type in the community string or SNMP V3 user name as appropriate or SNMP V3 User Name To implement your new settings click Apply To return to the SNMP Host Table click the Show All SNMP Host Table Entries link 115 DGS 3024 Gigabit Ethernet Switch Manual SNMP Engine ID The Engine ID is a unique identifier used for SNMP V3 implementations This is an alphanumeric string used to identify the SNMP engine on the Switch To display the Switch s SNMP Engine ID open the SNMP Manager folder located in the Management folder and click on the SNMP Engine ID link This will open the SNMP Engine ID Configuration window as shown below SNMP Engine ID Configuratio 800000ab030080c83526a0 Apply Figure 9 14 SNMP Engine ID Configuration window To change the Engine ID
186. ng Networks for People Technical Support You can find software updates and user documentation on the D Link website D Link provides free technical support for customers for the duration of the warranty period on this product Customers can contact D Link technical support through our web site or by phone Tech Support for customers within the Russia D Link Technical Support over the Telephone 495 744 00 99 Monday to Friday 10 00am to 6 30pm D Link Technical Support over the Internet http www dlink ru email support dlink ru D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link website Tech Support for customers within the U A E amp North Africa D Link Technical Support over the Telephone 971 4 391 6480 U A E Sunday to Wednesday 9 00am to 6 00pm GMT 4 Thursday 9 00am to 1 00pm GMT 4 D Link Middle East amp North Africa D Link Technical Support over the Internet http support dlink me com email support dlink me com Tech Support for customers within Israel D Link Technical Support over the Telephone 972 9 9715701 Sunday to Thursday 9 00am to 5 00pm D Link Technical Support over the Internet http www dlink co il support e mail support dlink co il Tech Support for customers within Turkey D Link Technical Support over the Telephone 0090 312 473 40 55 Monday to Friday 9 00am to 6 00pm D Link Technical Support ov
187. ning tree protocols STP RSTP or MSTP This protocol will also tag BPDU packets so receiving devices can distinguish spanning tree instances spanning tree regions and the VLANs associated with them These instances will be classified by an MSTI ID MSTP will connect multiple spanning trees with a Common and Internal Spanning Tree CIST The CIST will automatically determine each MSTP region its maximum possible extent and will appear as one virtual bridge that runs a single spanning tree Consequentially frames assigned to different VLANs will follow different data routes within administratively established regions on the network continuing to allow simple and full processing of frames regardless of administrative errors in defining VLANs and their respective spanning trees Each Switch utilizing the MSTP on a network will have a single MSTP configuration that will have the following three attributes 1 A configuration name defined by an alphanumeric string of up to 32 characters defined in the Current MST Configuration Identification window in the Configuration Name field 2 A configuration revision number named here as a Revision Level 0 65535 and found in the Current MST Configuration Identification window and 3 A 4096 element table defined here as a VID List in the Current MST Configuration Identification window that will associate each of the possible 4096 VLANs supported by the Switch for a given instance To utilize the MS
188. nt Authenticator and Authentication Server in greater detail 75 DGS 3024 Gigabit Ethernet Switch Manual Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator must be running a RADIUS Server program and must be configured properly on the Authenticator Switch Clients connected to a port on the Switch must be authenticated by the Authentication Server RADIUS before attaining any services offered by the Switch on the LAN The role of the Authentication Server is to certify the identity of the Client attempting to access the network by exchanging secure information between the RADIUS server and the Client through EAPOL packets and in turn informs the Switch whether or not the Client is granted access to the LAN and or Switch services Authentication Server DGS 3024 Gigabit Switch gt n _ CRT a a Sio Is Js Js Switch L q Client Client Client Client i Figure 7 54 Authentication Server Authenticator The Authenticator the Switch is an intermediary between the Authentication Server and the Client The Authenticator serves two purposes when utilizing 802 1x The first purpose is to request certification information from the Client through EAPOL packets which is the only information allowed to pass through the Au
189. o be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation The IP interface named System on the Switch can be assigned an IP address and subnet mask that can then be used to connect a management station to the Switch s Telnet or Web based management agent 16 DGS 3024 Gigabit Ethernet Switch Manual DGS 3024 Gigabit Ethernet Switch Command Line Interface Firmware Build 4 00 B04 Copyright C 2003 2004 D Link Corporation All rights reserved UserName PassWord DGS 3024 4Hconfig ipif System ipaddress 10 53 13 224 255 0 0 0 Command config ipif System ipaddress 10 53 13 224 8 Success DGS 3024 4Hsave Command save Saving all configurations to NY RAM Done DGS 3024 4H_ Figure 5 4 Assigning the Switch an IP Address In the above example the Switch was assigned an IP address of 10 53 13 224 with a subnet mask of 255 0 0 0 The system message Success indicates that the command was executed successfully Please remember to save your new settings before you logout or they will be lost The Switch can now be configured and managed via Telnet and the CLI or via the Web based management Connecting Devices to the Switch After you assign IP addresses to the Switch you can connect devices to the Switch To connect a device to an SFP transceiver port e Use your cabling requirements to select an appropriate SFP transceiver type e Insert the SFP transce
190. o each of the 802 1p priorities In the Configuration folder open the QoS folder and click 802 1p User Priority to view the window shown below User Priority Configuration O Apply Figure 7 45 User Priority Configuration window Once you have assigned a priority to the port groups on the Switch you can then assign this Class to each of the four levels of 802 1p priorities Click Apply to set your changes QoS Scheduling Mechanism This window allows you to select between a RoundRobin and a Strict mechanism for emptying the priority classes In the Configuration menu open the QoS folder and click QoS Scheduling Mechanism to view the window shown below Scheduling Mechanism Apply Cass Mechanism Class 0 Round robin Class 1 Round robin Class 2 Round robin Class 3 Round robin Figure 7 46 QoS Scheduling Mechanism window 69 DGS 3024 Gigabit Ethernet Switch Manual The Scheduling Mechanism has the following parameters Parameter Description Strict The highest class of service is the first to process traffic That is the highest class of service will finish before other queues empty RoundRobin Use the weighted round robin WRR algorithm to handle packets in an even distribution in priority classes of service Click Apply to make your changes take effect u NOTE The settings you assign to the queues numbers 0 7 represent the IEEE 802 1p priority tag number Do not
191. oad Firmware aLaaa na al nananana ia IRR E rara 136 Download Configuration Flia ara A ao we A ee ee Eee md 136 Save EMS sola lu Maiale ela dn eens hele ai 137 Save History BOB ana es iii ine ne ian alla eo oa 137 Ping Test vecsvecseccssccsessesescnsscocesssessassssessoossevadssenssnssoossosescescotscesesbaesceeseceesesscevaceescdsnesususectensscocssssesvastacedecessoeaeesenssusesoseoaesctscesssetssoneses 138 Save Changes NON 138 Reboot Servicesin nn e ete tete cea stat eces na a nadan antic sn ete none de ess a tee Date 140 Reboot sso A one ee eed oxen nalen Se RRB ile oe ilaele alati 140 A EOI 140 RESCATA 141 Res o e lo eto ad e olla dd 141 Y AAA II ra SA AR PO TR ET O 141 qa AAA A scugab esos begeasoussondessoussoudss sneseosessobseeass 142 Cable Len Ot CERRI ORE RIETI AIA 144 DGS 3024 Gigabit Ethernet Switch Manual Warranty and Registration Information cossss0ss00ossesnnssnnnsssnnssnnnsunnnssnnnsssnnssnnnssnnnssnnnsssnnssnnnsssnnssnnnsssnnssnnnsssnnssnnnsssnnssnnnssnnn Product Registration ten RTRT RR ro Tech Support Preface The DGS 3024 Manual is divided into chapters that describe the system installation and operating instructions with examples Section 1 Introduction Describes the Switch and its features Section 2 Unpacking and Setup Helps you get started with the basic installation of the Switch Section 3 Identifying External Components Describes the front panel
192. ocol Le on a remote centralized server before this function can work properly fa running the same TACACS daemon TACACS XTACACS TACACS iy NOTE The three built in server groups can only have server hosts L protocols are separate entities and are not compatible with each other 99 DGS 3024 Gigabit Ethernet Switch Manual Authentication Server Host This window will set user defined Authentication Server Hosts for the TACACS XTACACS TACACS RADIUS security protocols on the Switch When a user attempts to access the Switch with Authentication Policy enabled the Switch will send authentication packets to a remote TACACS XTACACS TACACS RADIUS server host on a remote host The TACACS XTACACS TACACS RADIUS server host will then verify or deny the request and return the appropriate message to the Switch More than one authentication protocol can be run on the same physical server host but remember that TACACS XTACACS TACACS RADIUS are separate entities and are not compatible with each other The maximum supported number of server hosts is 16 To view the following window click Security gt Access Authentication Control gt Authentication Server Host Add Figure 8 13 Authentication Server Host Settings window To add an Authentication Server Host click the Add button revealing the following window Show All Authentication Server Host Entnes Figure 8 14 Authentication Server Host Se
193. odotto DLINK in qualit di consumatore i Vostri diritti rimangono invariati Prestazioni della Garanzia limitata Qualora comparisse un difetto o una non conformit D LINK avr l unico obbligo di riparare o sostituire il prodotto non conforme senza alcun costo per l acquirente a condizione che il prodotto venga restituito a un Centro di Assistenza autorizzato D LINK entro il periodo di garanzia La riparazione o la sostituzione verranno eseguite da D LINK presso un Centro di Assistenza autorizzato D LINK Tutti i componenti o i prodotti hardware rimossi conformemente ai termini e alle condizioni della presente garanzia divengono di propriet di D LINK Il pezzo o il prodotto in sostituzione beneficer della garanzia per il tempo residuo della parte o del prodotto originale Il prodotto in sostituzione non deve necessariamente essere nuovo o di identica fattura modello o composizione D LINK pu a sua discrezione sostituire il prodotto non conforme o qualsiasi parte di esso con un prodotto che risulti essere equivalente o di valore superiore al prodotto non conforme D LINK pu richiedere che venga esibita la prova di acquisto Garante D Link Europe Ltd 4th Floor Merit House Edgware Road Colindale Londra NW9 5 AB Regno Unito Telefono 44 020 8731 5555 Fax 44 020 8731 5511 www dlink co uk Tech Support Technical Support You can find software updates and user documentation on the D Link website Tech Support for c
194. of times the Switch will accept authentication attempts Users failing to be authenticated after the set amount of attempts will be denied access to the Switch and will be locked out of further authentication attempts Command line interface users will have to wait 60 seconds before another authentication attempt Telnet and web users will be disconnected from the Switch The user may set the number of attempts from 1 to 255 The default setting is 3 Click Apply to implement changes made Application Authentication Settings This window is used to configure Switch configuration applications console Telnet SSH web for login at the user level and at the administration level Enable Admin utilizing a previously configured method list To view the following window click Security gt Access Authentication Control gt Application Authentication Settings Enable Method List default default default default default default default default Apply Figure 8 9 Application Authentication Settings window The following parameters can be set 97 DGS 3024 Gigabit Ethernet Switch Manual Parameter Description Application Lists the configuration applications on the Switch The user may configure the Login Method List and Enable Method List for authentication for users utilizing the Console Command Line Interface application the Telnet application SSH and the Web HTTP app
195. oltage selection Switch if provided on the power supply is set to match the power available at your location 115 volts V 60 hertz Hz in most of North and South America and some Far Eastern countries such as South Korea and Taiwan 100 V 50 Hz in eastern Japan and 100 V 60 Hz in western Japan 230 V 50 Hz in most of Europe the Middle East and the Far East e Also be sure that attached devices are electrically rated to operate with the power available in your location e Use only approved power cable s If you have not been provided with a power cable for your system or for any AC powered option intended for your system purchase a power cable that is approved for use in your country The power cable must be rated for the product and for the voltage and current marked on the product s electrical ratings label The voltage and current rating of the cable should be greater than the ratings marked on the product xi DGS 3024 Gigabit Ethernet Switch Manual Safety Instructions continued To help prevent an electric shock plug the system and peripheral power cables into properly grounded electrical outlets These cables are equipped with three prong plugs to help ensure proper grounding Do not use adapter plugs or remove the grounding prong from a cable If you must use an extension cable use a 3 wire cable with properly grounded plugs Observe extension cable and power strip ratings Make sure that the total ampere rating o
196. om Reseller s name Telephone Fax Reseller s full address Answers to the following questions help us to support your product 1 Where and how will the product primarily be used OHome OOffice OTravel OCompany Business DHome Business Personal Use 2 How many employees work at installation site D1 employee 012 9 0110 49 0150 99 0100 499 0500 999 111000 or more 3 What network protocol s does your organization use OXNS IPX OTCP IP ODECnet OOthers 4 What network operating system s does your organization use OD Link LANsmart ONovell NetWare ONetWare Lite DISCO Unix Xenix OPC NFS 03Com 3 Open OBanyan Vines ODECnet Pathwork OWindows NT OWindows 2000 OWindows XP Others 5 What network management program does your organization use OD View OHP OpenView Windows OHP OpenView Unix OSunNet Manager Novell NMS ONetView 6000 Others 6 What network medium media does your organization use OFiber optics OThick coax Ethernet Thin coax Ethernet O10BASE T UTP STP D100BASE TX 01100BASE T4 01100VGAnyLAN DOthers 7 What applications are used on your network ODesktop publishing OSpreadsheet Word processing DICAD CAM Database management DAccounting OOthers 8 What category best describes your company OlAerospace OEngineering OEducation OFinance OHospital OLegal Olnsurance Real Estate Manufacturing ORetail Chainstore Wholesale Government OTransportation Utilities Communication OVAR System house compan
197. only Topology Network Cables 10BASE T 2 pair UTP Cat 3 4 5 100 meters maximum EIA TIA 568 100 ohm STP 100 meters maximum 100BASE TX UTP Cat 5 100 meters maximum EIA TIA 568 100 ohm STP 100 meters maximum 1000BASE T UTP Cat 5e 100 meters maximum UTP Cat 5 100 meters maximum EIA TIA 568 100 ohm STP 100 meters maximum Fiber Optic SFP Mini GBIC Support IEEE 802 3z 1000BASE LX DEM 310GT Transceiver IEEE 802 3z 1000BASE SX DEM 311GT Transceiver IEEE 802 3z 1000BASE LH DEM 314GT Transceiver IEEE 802 3z 1000BASE ZX DEM 315GT Transceiver IEEE 802 3z WDM 1000BASE LX DEM 330T Transceiver IEEE 802 3z WDM 1000BASE LX DEM 330R Transceiver IEEE 802 3z WDM 1000BASE LHX DEM 331T Transceiver IEEE 802 3z WDM 1000BASE LHX DEM 331R Transceiver Number of 24 x 10 100 1000 Mbps ports Ports 4 x mini GBIC combo ports 143 DGS 3024 Gigabit Ethernet Switch Manual Cable Lengths Use the following table to as a guide for the maximum cable lengths Standard Media Type Maximum Distance SFP Transceiver for 1OOOBASE 10km LX Single mode fiber module Mini GBIC SFP Transceiver for 1000BASE 550m SX Multi mode fiber module SFP Transceiver for 1OOOBASE 50km LHX Single mode fiber module SFP Transceiver for 1000BASE 80km ZX Single mode fiber module 1000BASE T Category 5e UTP Cable 100m Category 5 UTP Cable 1000 Mbps 100BASE TX Category 5 UTP Cable 100m 100
198. ontacting the Support line We have many FAQ s which we hope will provide you a speedy resolution for your problem For Customers within The United Kingdom amp Ireland D Link UK amp Ireland Technical Support over the Internet http www dlink co uk ftp ftp dlink co uk D Link UK amp Ireland Technical Support over the Telephone 08456 12 0003 United Kingdom 1890 886 899 Ireland Lines Open 8 00am 10 00pm Mon Fri 10 00am 7 00pm Sat amp Sun For Customers within Canada D Link Canada Technical Support over the Telephone 1 800 361 5265 Canada Mon to Fri 7 30AM to 9 00PM EST D Link Canada Technical Support over the Internet http support dlink ca email support dlink ca D Link Building Networks for People Technische Unterstutzung Aktualisierte Versionen von Software und Benutzerhandbuch finden Sie auf der Website von D Link D Link bietet kostenfreie technische Unterst tzung f r Kunden innerhalb Deutschlands sterreichs der Schweiz und Osteuropas Unsere Kunden k nnen technische Unterst tzung ber unsere Website per E Mail oder telefonisch anfordern Web http www dlink de E Mail support dlink de Telefon 49 1805 2787 0 12 Min aus dem Festnetz der Deutschen Telekom Telefonische technische Unterst tzung erhalten Sie Montags bis Freitags von 09 00 bis 17 30 Uhr Unterst tzung erhalten Sie auch bei der Premiumhotline f r D Link Produkte unter der Rufnummer 09001 47576
199. ored dropped The default community strings for the Switch used for SNMP v 1 and v 2 management access are e public Allows authorized management stations to retrieve MIB objects e private Allows authorized management stations to retrieve and modify MIB objects SNMP v 3 uses a more sophisticated authentication process that is separated into two parts The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers The second part describes what each user on that list can do as an SNMP manager The Switch allows groups of users to be listed and configured with a shared set of privileges The SNMP version may also be set for a listed group of SNMP managers Thus you may create a group of SNMP managers that are allowed to view read only information or receive traps using SNMP v 1 while assigning a higher level of security to another group granting read write privileges using SNMP v 3 Using SNMP v 3 individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions The functions allowed or restricted are defined using the Object Identifier OID associated with a specific MIB An additional layer of security is available for SNMP v 3 in that SNMP messages may be encrypted To read more about how to configure SNMP v 3 settings for the Switch read the section entitled Management Traps Traps are messages that alert network p
200. ork Managed devices that support SNMP include software referred to as an agent which runs locally on the device A defined set of variables managed objects is maintained by the SNMP agent and used to manage the device These objects are defined in a Management Information Base MIB which provides a standard presentation of the information controlled by the on board SNMP agent SNMP defines both the format of the MIB specifications and the protocol used to access this information over the network The DGS 3204 supports the SNMP versions 1 2c and 3 You can specify which version of the SNMP you want to use to monitor and control the Switch The three versions of SNMP vary in the level of security provided between the management station and the network device In SNMP v 1 and v 2 user authentication is accomplished using community strings which function like passwords The remote user SNMP application and the Switch SNMP must use the same community string SNMP packets from any station that has not been authenticated are ignored dropped The default community strings for the Switch used for SNMP v 1 and v 2 management access are e public Allows authorized management stations to retrieve MIB objects e private Allows authorized management stations to retrieve and modify MIB objects SNMPv3 uses a more sophisticated authentication process that is separated into two parts The first part is to maintain a list of users and their attri
201. orts for making 10 100 1000 connections to a backbone end stations and servers e Four mini GBIC SFP combo ports to connect fiber optic media to another Switch server or network backbone e RS 232 DCE Diagnostic port console port for setting up and managing the Switch via a connection to a console terminal or PC using a terminal emulation program Performance Features e Store and forward switching scheme e Switching fabric 48Gbps e Max Forwarding Rate 35 7 million packets per second e High speed data forwarding rate of 1 488 095 pps per port at 100 of wire speed for 1000 Mbps speed e Supports 8K MAC address e Supports four priority queues per port e Supports 512Kbytes buffer memory per Switch e 802 1D Spanning Tree support Can be disabled on the entire Switch or on a per port basis e 802 10 Tagged VLAN support including GVRP GARP VLAN Registration Protocol e Support for up to 255 VLANs e IGMP snooping support per Switch e Link aggregation support for up to four trunk groups and eight trunk members per group e Port based 802 1x port access control Management e RS 232 console port for out of band network management via a console terminal e Spanning Tree Algorithm Protocol for creation of alternative backup paths and prevention of network loops including Multiple SpanningTree MSTP and Rapid Spanning Tree RSTP e SNMP V 1 V2cl and V3 network management four groups of RMON e Flash memory for sof
202. owing dialog box will confirm that the configuration has been saved Microsoft Internet Explorer x A Complete Figure 11 7 Save Configuration Confirmation dialog box Click the OK button to continue Once the Switch configuration settings have been saved to NV RAM they become the default settings for the Switch These settings will be used every time the Switch is rebooted 139 DGS 3024 Gigabit Ethernet Switch Manual Reboot Services Reboot The following window is used to restart the Switch All of the configuration information entered from the last time Save Changes was executed will be lost Click the Reboot button to restart the Switch If you do not save the settings all changes made in this session will be lost Do you want to save the settings Yes No Restart Figure 11 8 Restart System window Reset The Reset function has several options when resetting the Switch Some of the current configuration parameters can be retained while resetting all other configuration parameters to their factory defaults NOTE Only the Reset System option will enter the factory default parameters into the Switch s non volatile RAM and then restart the Switch All other options enter the factory defaults into the current configuration but do not save this configuration Reset System will return the Switch s configuration to the state it was when it left the factory Reset gives the option of ret
203. own below allows il 1 Enabled All frames Disabled 2 1 Enabled All frames Disabled 3 1 Enabled All frames Disabled 4 1 Enabled All frames Disabled 5 1 Enabled All frames Disabled 6 1 Enabled All frames Disabled 7 1 Enabled All frames Disabled 8 1 Enabled All frames Disabled 9 1 Enabled All frames Disabled 10 1 Enabled All frames Disabled hl 1 Enabled All frames Disabled 12 1 Enabled All frames Disabled 15 1 Enabled All frames Disabled 14 1 Enabled All frames Disabled 15 1 Enabled All frames Disabled 16 1 Enabled All frames Disabled 17 1 Enabled All frames Disabled 18 1 Enabled All frames Disabled 19 1 Enabled All frames Disabled 20 1 Enabled All frames Disabled 21 1 Enabled All frames Disabled 22 1 Enabled All frames Disabled 23 1 Enabled All frames Disabled 1 Enabled All frames Disabled Figure 7 38 GVRP Settings window The following fields can be set Parameter Description From To These two fields allow you to specify the range of ports that will be included in the VLAN that you are creating using the GVRP Settings window Ingress Check This field can be toggled using the space bar between Enabled and Disabled Enabled enables the port to compare the VID tag of an incoming packet with the PVID number assigned to the port If the two are different the port filters drops the packet Disabled disables ingress filtering Ingress Checking is Disabled by default Frame Type This field denotes the
204. p priority queuing Quality of Service The following section discusses the implementation of QoS Quality of Service and benefits of using 802 1p priority queuing Advantages of QoS QoS is an implementation of the IEEE 802 1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority such as VoIP voice over Internet Protocol Web browsing applications file server applications or video conferencing Not only can a larger bandwidth be created but other less critical traffic can be limited so excessive bandwidth can be saved The Switch has separate hardware queues on every physical port to which packets from various applications can be mapped to and in turn prioritized View the following map to see how the DGS 3024 implements 802 1P priority queuing Implementation of QoS 802 1p Priority Tagging EJ 16 Packets without QoS tags will be forwarded to the QoS class based on the QoS 802 1p default priority set per individual port Incoming packets tagged with the QoS priorities 0 7 will be forwarded to the QoS Class as shown Figure 7 41 Mapping QoS on the Switch The picture above shows the default priority setting for the Switch Class 3 has the highest priority of the four priority queues on the Switch In order to implement QoS the user is required to instruct the Switch to examine the header of a pac
205. passwords for both default user names to prevent unauthorized access to the Switch and record the passwords for future reference To create an administrator level account for the Switch do the following e At the CLI login prompt enter create account admin followed by the lt user name gt and press the Enter key e You will be asked to provide a password Type the lt password gt used for the administrator account being created and press the Enter key e You will be prompted to enter the same password again to verify it Type the same password and press the Enter key e Successful creation of the new administrator account will be verified by a Success message NOTE Passwords are case sensitive User names and passwords can be up to 15 characters in length The sample below illustrates a successful creation of a new administrator level account with the user name newmanager DGS 3024 4 create account admin newmanager Command create account admin newmanager Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3024 4 NOTICE CLI configuration commands only modify the running configuration file and are not saved when the Switch is rebooted To save all your configuration changes in nonvolatile storage you must use the save command to copy the running configuration file to the startup configuration DGS 3024 Gigabit Ethernet Switch Manual SNMP S
206. pe Termini di Garanzia dei Prodotti Generalita La presente Garanzia viene fornita da D LINK Europe Ltd di seguito denominata DLINK Essa viene riconosciuta solo se accompagnata dalla prova di acquisto D LINK pu richiedere anche esibizione della presente cartolina di garanzia SALVO QUANTO ESPRESSAMENTE STABILITO NELLA PRESENTE GARANZIA LIMITATA D LINK NON FORNISCE NESSUN ALTRA GARANZIA NE ESPRESSA NE IMPLICITA COMPRESE EVENTUALI GARANZIE DI COMMERCIABILIT O DI IDONEIT PER UN PARTICOLARE SCOPO D LINK NEGA ESPRESSAMENTE QUALUNQUE ALTRA GARANZIA CHE NON RIENTRI NELLA PRESENTE GARANZIA LIMITATA QUALSIASI GARANZIA IMPLICITA CHE DOVESSE ESSERE IMPOSTA PER LEGGE SAR CIRCOSCRITTA ALLA DURATA DELLA PRESENTE GARANZIA ALCUNI PAESI VIETANO QUALSIASI LIMITAZIONE DEL PERIODO DI VALIDIT DELLE GARANZIE IMPLICITE OPPURE L ESCLUSIONE O LA LIMITAZIONE DEI DANNI INCIDENTALI O CONSEQUENZIALI PER I PRODOTTI IN TALI PAESI EVENTUALI ESCLUSIONI O LIMITAZIONI DELLA PRESENTE GARANZIA NON POTRANNO APPLICARSI AL VOSTRO CASO LA PRESENTE GARANZIA VI CONFERISCE DIRITTI LEGALI SPECIFICI INOLTRE POTRETE GODERE DI ULTERIORI DIRITTI CHE POSSONO VARIARE A SECONDA DEL PAESE SIETE INVITATI A CONSULTARE LE LEGGI APPLICABILI DEL VOSTRO PAESE AL FINE DI DETERMINARE CON PRECISIONE I VOSTRI DIRITTI La presente garanzia trova applicazione su tutti i prodotti hardware recanti il marchio D LINK di seguito denominati collettivamente Prodotti hardware D
207. pm Peru 0800 52049 Monday to Friday 07 00am to 20 00pm Venezuela 0800 100 3470 Monday to Friday 08 00am to 21 00pm D Link Technical Support over the Internet www dlinkla com www dlinklatinamerica com email support dlink cl Tech Support for customers within Brazil D Link Technical Support over the Telephone 0800 7014104 Monday to Friday 8 30am to 18 30pm D Link Technical Support over the Internet www dlinkbrasil com br email suporte dlinkbrasil com br D Link Building Networks for People TexHyueckas noaaepxKka O6HoBNeHua mporpammHoro obecneyenusa 4 AOKYMEHTALUA AOCTYNHEI Ha VIHTepHet cavte D Link D Link npegoctaBnaet GecnnatHylo nogaepxKy ANA KNMEHTOB B TeueHye rapaHTuMHoro cpoka Kr neHTbI MOryT O6paTUTbCA B rpynny TexHuygecko noagepxku D Link no Tenecbouy unu yepe3 VHTepHer TexHuueckaa nogaepxKka D Link 495 744 00 99 TexHuueckaa noggepxka Yepez MHTepHeT http www dlink ru email support dlink ru DLink Building Networks for People Asistencia T cnica D Link Latin Am rica pone a disposici n de sus clientes especificaciones documentaci n y software mas reciente a trav s de nuestro Sitio Web www dlinkla com El servicio de soporte t cnico tiene presencia en numerosos paises de la Region Latino Am rica y presta asistencia gratuita a todos los clientes de D Link en forma telef nica e internet a trav s de la casilla soporte dlinkla com Soporte T cnico Help Desk Argent
208. prechende Teile verwendet werden Der Einsatz von ungeeigneten Ersatzteilen kann eine weitere Besch digung hervorrufen 17 Wenden Sie sich mit allen Fragen die Service und Repartur betreffen an Ihren Servicepartner Somit stellen Sie die Betriebssicherheit des Ger tes sicher 18 Zum Netzanschlu dieses Ger tes ist eine gepr fte Leitung zu verwenden F r einen Nennstrom bis 6A und einem Ger tegewicht gr er 3kg ist eine Leitung nicht leichter als HOSVV F 3G 0 75mm2 einzusetzen WARRANTIES EXCLUSIVE IF THE D LINK PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE THE CUSTOMER S SOLE REMEDY SHALL BE AT D LINK S OPTION REPAIR OR REPLACEMENT THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES EXPRESSED OR IMPLIED EITHER IN FACT OR BY OPERATION OF LAW STATUTORY OR OTHERWISE INCLUDING WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE D LINK NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE SALE INSTALLATION MAINTENANCE OR USE OF D LINK S PRODUCTS D LINK SHALL NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THAT THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY THE CUSTOMER S OR ANY THIRD PERSON S MISUSE NEGLECT IMPROPER INSTALLATION OR TESTING UNAUTHORIZED ATTEMPTS TO REPAIR OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE OR BY ACCIDENT FIRE LIGHTNING OR OTHER HAZARD L
209. privileges the user must access the Enable Admin window and then enter a password which was previously configured by the administrator of the Switch NOTE TACACS XTACACS and TACACS are separate entities and are not compatible The Switch and the server must be configured exactly the same using the same protocol For example if the Switch is set up for TACACS authentication so must be the host server 96 DGS 3024 Gigabit Ethernet Switch Manual Policy and Parameters This feature will enable an administrator defined authentication policy for users trying to access the Switch When enabled the device will check the Login Method List and choose a technique for user authentication upon login To access the following window click Security gt Access Authentication Control gt Policy and Parameters Authentication Policy Disabled Response timeout 0 255 30 3 User attempts 1 255 Apply Figure 8 8 Policy amp Parameter Settings window The following parameters can be set Parameters Description Authentication Policy Use the pull down menu to enable or disable the Authentication Policy on the Switch Response Timeout 0 This field will set the time the Switch will wait for a response of authentication 255 from the user The user may set a time between 0 and 255 seconds The default setting is 30 seconds User Attempts 1 255 This command will configure the maximum number
210. r replace and replacement product may be new or reconditioned Replacement product shall be of equivalent or better specifications relative to the defective product but need not be identical Any product or part repaired by D Link pursuant to this warranty shall have a warranty period of not less than 90 days from date of such repair irrespective of any earlier expiration of original warranty period When D Link provides replacement then the defective product becomes the property of D Link Warranty service may be obtained by contacting a D Link office within the applicable warranty period and requesting a Return Material Authorization RMA number If a Registration Card for the product in question has not been returned to D Link then a proof of purchase such as a copy of the dated purchase invoice must be provided If Purchaser s circumstances require special handling of warranty correction then at the time of requesting RMA number Purchaser may also propose special procedure as may be suitable to the case After an RMA number is issued the defective product must be packaged securely in the original or other suitable shipping package to ensure that it will not be damaged in transit and the RMA number must be prominently marked on the outside of the package The package must be mailed or otherwise shipped to D Link with all costs of mailing shipping insurance prepaid D Link shall never be responsible for any software firmware information or m
211. rear panel side panels and LED indicators of the Switch Section 4 Connecting the Switch Tells how you can connect the Switch to your Ethernet Fast Ethernet network Section 5 Introduction to Switch Management Introduces basic Switch management features including password protection SNMP settings IP address assignment and connecting devices to the Switch Section 6 Web based Network Management Talks about connecting to and using the Web based Switch management feature on the Switch Section 7 Configuration A detailed discussion about configuring some of the basic functions of the Switch including accessing the Switch information using the Switch s utilities and setting up network configurations such as Quality of Service Port Mirroring and configuring the Spanning Tree Section 8 Security Provides a description of the security features of the Switch including Trusted Host Secure Socket Layer SSL Secure Shell SSH and Access Authentication Control Section 9 Management A discussion of the management features of the Switch including User Accounts and SNMP Section 10 Monitoring Features graphs and windows used in monitoring features and packets on the Switch Section 11 Maintenance Features information on Switch utility functions including TFTP Services Ping History Save Changes Switch History and Reboot Services Appendix A Technic
212. ree instance set on the Switch The Switch initially possesses one CIST or Common Internal Spanning Tree of which the user may modify the parameters for but cannot change the MSTI ID for and cannot be deleted To view the Current MST Configuration Identification window click Configuration gt Spanning Tree gt MST Configuration Table Add Configuration Name Revision Level 00 11 95 8D F5 8B 0 CIST 1 4094 Can t be Deleted Configuration Name 00 1 1 95 8D F5 8B Revision Level 0 65535 lo Apply Figure 7 18 Current MST Configuration Identification window The window above contains the following information Parameter Description Configuration Name A previously configured name set on the Switch to uniquely identify the MSTI Multiple address to the device running MSTP Spanning Tree Instance If a configuration name is not set this field will show the MAC Revision Level This value along with the Configuration Name will identify the MSTP region configured on the Switch MSTI ID This field shows the MSTI IDs currently set on the Switch This field will always have the VID List This field displays the VLAN IDs associated with the specific MSTI CIST MSTI which may be configured but not deleted Clicking the hyperlinked name will open a new window for configuring parameters associated with that particular MSTI To delete a previously set MSTI Instance ID click t
213. rely in the original or other suitable shipping package to ensure that it will not be damaged in transit and the RMA number must be prominently marked on the outside of the package Do not include any manuals or accessories in the shipping package D Link will only replace the defective portion of the product and will not ship back any accessories The customer is responsible for all in bound shipping charges to D Link No Cash on Delivery COD is allowed Products sent COD will either be rejected by D Link or become the property of D Link Products shall be fully insured by the customer and shipped to D Link Systems Inc 17595 Mt Herrmann Fountain Valley CA 92708 D Link will not be held responsible for any packages that are lost in transit to D Link The repaired or replaced packages will be shipped to the customer via UPS Ground or any common carrier selected by D Link Return shipping charges shall be prepaid by D Link if you use an address in the United States otherwise we will ship the product to you freight collect Expedited shipping is available upon request and provided shipping charges are prepaid by the customer D Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing requirements or for which an RMA number is not visible from the outside of the package The product owner agrees to pay D Link s reasonable handling and return shipping charges for any product that is not pack
214. requirement will disable this function for the port in question on the DGS 3024 switch e Loopback Detection is globally enabled for the Switch yet the port by port default setting is disabled e The default setting for the Loopback timer is 60 seconds e This setting will only be operational if the interface is STP enabled The Loopback Detection feature can only prevent BPDU loops on the DGS 3024 designated ports It can detect a loop condition occurring on the user s side connected to the edge port but it cannot detect the Loopback condition on the elected root port of STP on another switch 39 DGS 3024 Gigabit Ethernet Switch Manual STP Bridge Global Settings To open the following window open the Spanning Tree folder in the Configuration menu and click the STP Bridge Global Settings link STP Status Disabled STP Version STP compatible y Hello Time 1 10 Sec Max Age 6 40 Sec Forward Delay 4 30 Sec Max Hops 1 20 TX Hold Count 1 10 Forwarding BPDU Enabled y Enabled LED Recover Time 0 Disable Note 2 Forward Delay 1 gt Max Age Max Age gt 2 Hello Time 1 STP Status Disabled STP Version RSTP x Hello Time 1 10 Sec Max Age 6 40 Sec Forward Delay 4 30 Sec Max Hops 1 20 TX Hold Count 1 10 Forwarding BPDU Enabled y Enabled x LBD Recover Time 0 Disable Note 2 Forward Delay 1 gt Max Age Max Age gt 2 Hello Time 1 STP Status Disabled y STP Version MS
215. resentar el comprobante de la compra a fin de que se preste el servicio de garant a El comprador tiene derecho al servicio de garant a conforme a los t rminos y condiciones de este documento si requiere una reparaci n del hardware de la marca D LINK dentro del per odo de garantia limitada del producto Esta garant a limitada del producto cubre s lo al originario comprador usuario final de este producto de hardware D LINK y no es transferible a otras personas que reciban el producto de hardware D LINK del originario comprador usuario final Tipo de producto Per odo de garant a del producto Estos per odos Conmutadores gestionados p ej conmutadores con agente SNMP integrado 3 de Cinco 5 a os incluyendo m dulos y software de gestion garant a est n en Resto de productos Dos 2 a os vigor para todos los Piezas de repuesto p ej adaptadores de alimentacion extermos ventiladores Un 1 a o producto s D LINK que hayan sido comprados en paises europeos a D LINK o a alguno de sus proveedores o distribuidores autorizados a partir del 1 de enero del 2004 Todos los productos comprados en pa ses europeos a D LINK o a uno de sus proveedores o distribuidores autorizados antes del 1 de enero del 2004 cuentan con 5 a os de garant a excepto las fuentes de alimentaci n los ventiladores y los accesorios que cuentan con 2 a os de garant a El per odo de garant a que figura en esta tar
216. rity 5 is assigned to the Switch s Q2 queue Priority 6 is assigned to the Switch s Q3 queue Priority 7 is assigned to the Switch s Q3 queue For strict priority based scheduling any packets residing in the higher priority queues are transmitted first Multiple strict priority queues empty based on their priority tags Only when these queues are empty are packets of lower priority transmitted For weighted round robin queuing the number of packets sent from each priority queue depends upon the assigned weight For a configuration of eight CoS queues A H with their respective weight value 8 1 the packets are sent in the following sequence Al BI Cl DI El FI G1 HI A2 B2 C2 D2 E2 F2 G2 A3 B3 C3 D3 E3 F3 A4 B4 C4 D4 E4 AS B5 CS D5 A6 B6 C6 A7 B7 A8 Al BI Cl DI El F1 Gl HI For weighted round robin queuing if each CoS queue has the same weight value then each CoS queue has an equal opportunity to send packets just like round robin queuing For weighted round robin queuing if the weight for a CoS is set to 0 then it will continue processing the packets from this CoS until there are no more packets for this CoS The other CoS queues that have been given a nonzero value and depending upon the weight will follow a common weighted round robin scheme Remember that the DGS 3024 has four priority queues and four Classes of Service for each port on the Switch 65 DGS 3024 Gigabit Ethernet Switch Manual
217. rnet Switch Manual IGMP Snooping Internet Group Management Protocol IGMP snooping allows the Switch to recognize IGMP queries and reports sent between network stations or devices and an IGMP host When enabled for IGMP snooping the Switch can open or close a port to a specific device based on IGMP messages passing through the Switch In order to use IGMP Snooping it must first be enabled for the entire Switch on the Switch Information Advanced Settings window Configuration gt Advanced Settings You may then fine tune the settings for each VLAN by clicking the IGMP Snooping link in the Configuration folder When enabled for IGMP snooping the Switch can open or close a port to a specific multicast group member based on IGMP messages sent from the device to the IGMP host or vice versa The Switch monitors IGMP messages and discontinues forwarding multicast packets when there are no longer hosts requesting that they continue IGMP Snooping Use the Current IGMP Snooping Group Entries window to view IGMP Snooping settings To modify the settings click the Modify button of the VLAN ID to change LAN Querier Querier Router VLAN Name State i State Behavior default Disabled Disabled Non Querier Modify EB Figure 7 11 Current IGMP Snooping Group Entries window Clicking the Modify button will open the IGMP Snooping Settings window shown below VLAN ID VLAN Name Query Interval Max Response Time Robustn
218. rrrrerrsererezizee ze ricarica ze ee ee ze case se sese zeseeezeeeze eine ee nere nene nen nene zena ron nese nese eee nese cono sosi neneeezio nese ze ce nese neeene 51 DGS 3024 Gigabit Ethernet Switch Manual Unicast Forwartdi g nel ne lin tente een RE de een a aan ee ee 51 Multicast Forwarding usin einen A A el hts Wa nan hae ck 51 Multicast Ed A tbc 52 A NOOO 53 Understanding IEEE 802 lp Priority ea 53 VEAN DescriptOnos cita ade dae dd ehe o A e 53 Notes About VLANS on the DGS 3024 mii AA Dd ATA da la 53 IEEE 802 10 VELAN Sir a A es a RER BT illa 54 802 1Q MEAN Tari a NI AA A A AA AA 55 Port VLAN ID nennt sense A aid 56 Tagging and O oleh ks isos scced REN 56 O 56 Default VEANS a os ano delete 57 VEAN and TUU ro ernannten tai 57 AE AS urine a a en ul ilaria ae 58 Time Zone and DS Trie a i Ra o E A A led AER LR A a nasa 62 DOS E EE RAI IRA A T AES 64 Advantages of QO Srno nas 64 Understanding Doa asa 65 Port Ba A a dee cedo 66 Traffic a dd aiii 67 802 Tp Dedalo A DE 68 802 1B User A 69 005 Scheduling Mechanism daa 69 QoS Output Scheduling xs ssi andai aa delia wi Lie RA A A 70 EC ARA O ROA 71 MAC Notification Global Settings ia 71 MAC Notification Port Settings lena oh Ae ead Sas a nk SAA Oe as SG As 72 SystemuL0 amp SOLVER csi ET RP TS AO NO 73 O AO 75 802 1x Port Based Access CO rire ai BATA BE RH ee A RR 75 Authentication Server lalla aa eee 76 Ath enti Gator ASA A O E E 76 E a 2 a ri e an Ali ae fai ii i a
219. s click the Enable Admin button revealing a dialog box for the user to enter authentication password username as seen below A successful entry will promote the user to Administrator level privileges on the Switch Enter Network Password xl D gt Please type your user name and password Site 10 24 22 8 Realm DGS 3024 Gigabit Ethernet Switch User Name Password Save this password in your password list Cancel Figure 8 23 Enter Network Password dialog box 105 DGS 3024 Gigabit Ethernet Switch Manual MANAGEMENT The third Web Manager main folder is Management and includes the following windows and sub folders User Accounts and SNMP Manager as well as secondary windows User Accounts The Switch allows you to set up and manage user accounts in the following windows ctsnow Admin Modify jerrylee User Modify Figure 9 1 User Account Management window The information on the window is described as follows The following fields can be set Parameter Description User Name Displays all current users for the Switch Access Right Displays the current access level assigned to each corresponding user There are two access levels User and Admin Admin has full read write access while a User has read only access User Account Modify Table DCE Dr Confirm New Password WE Show All User Account Entries Figure 9 2 User Account Modify Tab
220. s not obtained from D LINK or not subject to a then effective D LINK warranty or maintenance agreement e improper use or storage or f fire water acts of God or other catastrophic events This warranty shall also not apply to any particular product if any D LINK serial number has been removed or defaced in any way D LINK IS NOT RESPONSIBLE FOR DAMAGE THAT OCCURS AS A RESULT OF YOUR FAILURE TO FOLLOW THE INSTRUCTIONS FOR THE D LINK HARDWARE PRODUCT Limited Product Warranty Period The Limited Product Warranty Period starts on the date of purchase from D LINK Your dated sales or delivery receipt showing the date of purchase of the product is your proof of the purchase date You may be required to provide proof of purchase as a condition of receiving warranty service You are entitled to warranty service according to the terms and conditions of this document if a repair to your D LINK branded hardware is required within the Limited Product Warranty Period This Limited Product Warranty extends only to the original end user purchaser of this DLINK Hardware Product and is not transferable to anyone who obtains ownership of the DLINKHardware Product from the original end user purchaser The Product Type Product Warranty Period warranty E n I periods Managed Switches i e Switches with built in SNMP agent including modules and Five 5 years listed management software above All other products Two 2 years a
221. s the Software will be free of physical defects The customer s sole and exclusive remedy and the entire liability of D Link and its suppliers under this Limited Warranty will be at D Link s option to replace the non conforming Software or defective media with software that substantially conforms to D Link s functional specifications for the Software or to refund the portion of the actual purchase price paid that is attributable to the Software Except as otherwise agreed by D Link in writing the replacement Software is provided only to the original licensee and is subject to the terms and conditions of the license granted by D Link for the Software Replacement Software will be warranted for the remainder of the original Warranty Period and is subject to the same limitations and exclusions If a material non conformance is incapable of correction or if D Link determines in its sole discretion that it is not practical to replace the non conforming Software the price paid by the original licensee for the non conforming Software will be refunded by D Link provided that the non conforming Software and all copies thereof is first returned to D Link The license granted respecting any Software for which a refund is given automatically terminates Non Applicability of Warranty The Limited Warranty provided hereunder for Hardware and Software portions of D Link s products will not be applied to and does not cover any refurbished product and any product pur
222. set MAC notification on the Switch open the following window by opening the MAC Notification folder and clicking the MAC Notification Global Settings link Interval sec 1 2147483647 History size 1 500 Apply Figure 7 48 MAC Notification Global Settings window The following parameters may be modified Parameter Description State Enable or disable MAC notification globally on the Switch Interval sec 1 2147483647 The time in seconds between notifications History size 1 500 The maximum number of entries listed in the history log used for notification Up to 500 entries can be specified 71 DGS 3024 Gigabit Ethernet Switch Manual MAC Notification Port Settings To change MAC notification settings for a port or group of ports on the Switch click MAC Notification Port Settings in the MAC Notification folder which will display the following window MAC Notification Port Settings Pott Pot Disabled x Apply MAC Notification Port State Table 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disabled 20 Disabled 21 Disabled 22 Disabled 23 Disabled Disabled Figure 7 49 MAC Notification Port Settings window The following parameters may b
223. sh128 Use the pull down to enable or disable the twofish128 encryption algorithm The default is Enabled Twofish192 Use the pull down to enable or disable the twofish192 encryption algorithm The default is Enabled Twofish256 Use the pull down to enable or disable the twofish256 encryption algorithm The default is Enabled Data Integrity Algorithm HMAC SHA1 Use the pull down to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing the Secure Hash algorithm The default is Enabled HMAC MD5 Use the pull down to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing the MD5 Message Digest encryption algorithm The default is Enabled Public Key Algorithm HMAC RSA Use the pull down to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing the RSA encryption algorithm The default is Enabled HMAC DSA Use the pull down to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing the Digital Signature Algorithm DSA encryption The default is Enabled Authentication Algorithm Password This field may be enabled or disabled to choose if the administrator wishes to use a locally configured password for authentication on the Switch This field is Enabled by default Public Key This field may be enabled or disabled to choose if the administrator wishes to use a publickey configuration set on a SSH server for authentication This
224. snnssnnssunssssssnrnnnsnansnnnsnnssnnssnnsnnssnnssnnesnnesnnnssnssansnansnnnsnnssnnssnnssnnesnnssnnssunns 11 UE ETS AO 11 Web based Management Interface ni aaa 11 SNMP Based EAS A 11 Command Line Console Interface Through the Serial POrt ss 11 Connecting the Console Port RS 232 DCE iii dan 11 First Time Comnectingto The Switch ii A dt iii 13 Password Protec A RA ER a 14 SNMP Settings uti a alten e e e e a o ON e ea 15 O E eeeh EE a lle eo ET 15 DGS 3024 Gigabit Ethernet Switch Manual TP Address Assignment dae 16 Connecting Devices to the Switch Sosina renea ena skh on al ar WAR RGM Ia dA Dal a ate HA AERO ni 17 Web Based Network Management ccc3 ccccssessiscccseseveduscedessvocsesesusscccssudesesecesvedoossacen sescuuesuseseseceseasesseoevosnedesasesunetsdeudse sussscuesbocseseoss 18 Introduction ss susececssacscccesersucsectestsecstsotescteccsessdevecescecasdsantseadeacsucssosssesecssectscsteedieosecseucsccessesnuesectestsentesedescueccsessdsseneseses 18 Login to Web Manager AAA 18 Web based User Interface iraniane in ae ee ee aie i ees 19 Areas of the User Interface seen ale alia iena 19 Configurations in RS REA SR REA RE REI SANE 20 L A PE CITI DEIRA RI SERE ETS ER PERI SO ER EEE ESE 20 Switch Information srrrerrrereceree sese sese sese se sese seeese ceca seenenerene zen nooo eos Soa nese nese e nie ninna senese nese nen nene nese ne en ee ie nese KEK eee nera nenazenneeeneone 23 LOLLI
225. span multiple 802 1Q compliant Switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally The IEEE 802 1Q standard restricts the forwarding of untagged packets to the VLAN the receiving port is a member of The main characteristics of IEEE 802 1Q are as follows e Assigns packets to VLANs by filtering e Assumes the presence of a single global spanning tree e Uses an explicit tagging scheme with one level tagging e 802 1Q VLAN Packet Forwarding Packet forwarding decisions are made based upon the following rr three types of rules e Ingress rules rules relevant to the classification of received frames belonging to a VLAN 1 filter or forward the packet E Packet Packet e Egress rules determines if the packet must be sent Received Transmitted tagged or untagged e Forwarding rules between ports decides whether to Ingress Rules Egress Rules Applied Applied Filtering Database Port State Tagging or Untagging Applied Figure 7 32 IEEE 802 1Q Packet Forwarding 54 DGS 3024 Gigabit Ethernet Switch Manual 802 1Q VLAN Tags The figure below shows the 802 1Q VLAN tag There are four additional octets inserted after the source MAC address Their presence is indicated by a value of 0x8100 in the EtherType field When a packet s EtherType field is equal to 0x8100 the packet carries the IEEE 802 1Q 802 1p tag The tag is conta
226. ssage Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks The Switch supports two hash algorithms MDS Message Digest 5 and SHA Secure Hash Algorithm These three parameters are uniquely assembled in four choices on the Switch to create a three layered encryption code for secure communication between the server and the host The user may implement any one or combination of the ciphersuites available yet different ciphersuites will affect the security level and the performance of the secured connection The information included in the ciphersuites is not included with the Switch and requires downloading from a third source in a file form called a certificate This function of the Switch cannot be executed without the presence and implementation of the certificate file and can be downloaded to the Switch by utilizing a TFTP server The Switch supports SSLv3 Other versions of SSL may not be compatible with this Switch and may cause problems upon authentication and transfer of messages from client to host Download Certificate This window is used to download a certificate file for the SSL function on the Switch from a TFTP server The certificate file is a data record used for authenticating devices on the network It contains information on the owner keys for authentication and digital signatures Both the server and the client must have consistent certifica
227. ssly circulate through redundant paths in the network preventing the effective propagation of the new information Set by the Root Bridge this value will aid in determining that the Switch has spanning tree configuration values consistent with other devices on the bridged LAN If the value ages out and a BPDU has still not been received from the Root Bridge the Switch will start sending its own BPDU to all other Switches for permission to become the Root Bridge If it turns out that your Switch has the lowest Bridge Identifier it will become the Root Bridge The user may choose a time between 6 and 40 seconds The default value is 20 Forward Delay The Forward Delay can be from 4 to 30 seconds Any port on the Switch spends this time in the 4 30 Sec listening state while moving from the blocking state to the forwarding state Max Hops 1 Used to set the number of hops between devices in a spanning tree region before the BPDU 20 bridge protocol data unit packet sent by the Switch will be discarded Each Switch on the hop count will reduce the hop count by one until the value reaches zero The Switch will then discard the BDPU packet and the information held for the port will age out The user may set a hop count from 7 to 20 The default is 20 TX Hold Count 1 10 Used to set the maximum number of Hello packets transmitted per interval The count can be specified from 7 to 10 The default is 3 Forwarding This field
228. stalling in an equipment rack Power on The Switch can be used with AC power supply 100 240 VAC 50 60 Hz The Switch s power supply will adjust to the local power source automatically and may be powered on without having any or all LAN segment cables connected After the Switch is plugged in the LED indicators should respond as follows e All LED indicators except console will momentarily blink This blinking of the LEDs indicates a reset of the system e The console LED indicator will blink while the Switch loads onboard software and performs a self test When the POST is passed the LED will become dark If the POST fails the indicator will light solid amber This indicator lights solid green when the Switch is being logged in via out of band local console management through the RS 232 console port using a straight through serial cable Power Failure As a precaution in the event of a power failure unplug the Switch When power is resumed plug the Switch back in DGS 3024 Gigabit Ethernet Switch Manual External Redundant Power System The Switch supports an external redundant power system DGS 3024 NOS NOS ER le RPS connector Figure 2 3 DPS 300 in DPS 900 case with DGS 3024 DGS 3024 RPS connector Figure 2 4 DPS 300 in DPS 800 case with DGS 3024 ji 4 id NOTE
229. t In a residential environment this product may cause radio interference in which case the user may be required to take adequate measures FCC Statement This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a commercial installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communication However there is no guarantee that interference will not occur ina particuiar installation Operation of this equipment in a residential environment is likely to cause harmful interference t radio or television reception If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help For detailed warranty information applicable to products purchased outside the United States please contact t
230. talled the user can leave the default address 0 0 0 0 in this field 4 Ifno VLANs have been previously configured on the Switch the user can use the default VLAN Name The default VLAN contains all of the Switch ports as members If VLANs have been previously configured on the Switch the user will need to enter the VLAN ID of the VLAN that contains the port connected to the management station that will access the Switch The Switch will allow management access from stations with the same VID listed here 1 NOTE The Switch s factory default IP address is 10 90 90 90 with a a subnet mask of 255 0 0 0 and a default gateway of 0 0 0 0 To use the BOOTP or DHCP protocols to assign the Switch an IP address subnet mask and default gateway address 20 DGS 3024 Gigabit Ethernet Switch Manual Use the Get IP From pull down menu to choose from BOOTP or DHCP This selects how the Switch will be assigned an IP address on the next reboot The IP Address Settings options are Parameter Description BOOTP The Switch will send out a BOOTP broadcast request when it is powered up The BOOTP protocol allows IP addresses network masks and default gateways to be assigned by a central BOOTP server If this option is set the Switch will first look for a BOOTP server to provide it with this information before using the default or previously entered settings DHCP The Switch will send out a DHCP broadcast request when it is powere
231. tch to send out GVRP packets to outside sources notifying that they may join the existing VLAN Port Settings Allows an individual port to be specified as member of a VLAN Tag Specifies the port as either 802 1Q tagging or 802 1Q untagged Checking the box will desig nate the port as Tagged None Allows an individual port to be specified as a non VLAN member Egress Select this to specify the port as a static member of the VLAN Egress member ports are ports that will be transmitting traffic for the VLAN These ports can be either tagged or untagged Forbidden Select this to specify the port as not being a member of the VLAN and that the port is forbidden from becoming a member of the VLAN dynamically Click Apply to implement changes made 59 802 1Q Port Settings In the Configuration menu open the WLANs folder and click 802 1Q Port Settings you to determine whether the Switch will share its VLAN configuration information with other GARP VLAN Registration Protocol GVRP enabled Switches In addition Ingress Checking can be used to limit traffic by filtering incoming packets whose PVID does not match the PVID of the port Results can be seen in the table under the configuration settings as seen below DGS 3024 Gigabit Ethernet Switch Manual CS 1 Air mim pe lor Poti yj Portt1 Disabled Admit_all Ill Disabled Apply GVRP Table This GVRP Settings window sh
232. te files for optimal use of the SSL function The Switch only supports certificate files with der file extensions Currently the DGS 3024 comes with a certificate pre loaded though the user may need to download more depending on user circumstances To view the following window click Security gt Secure Socket Layer SSL gt Download Certificate Certificate File Name Key File Name Apply Current Certificate Loaded with RSA Certificate Figure 8 2 Download Certificate window 88 DGS 3024 Gigabit Ethernet Switch Manual To download certificates set the following parameters and click Apply Parameter Description Server IP Enter the IP address of the TFTP server where the certificate files are located Certificate File Name Enter the path and the filename of the certificate file to download This file must have a der extension Ex c cert der Key File Name Enter the path and the filename of the key file to download This file must have a der extension Ex c pkey der Click Apply to implement changes made Configuration This window will allow the user to enable SSL on the Switch and implement any one or combination of listed ciphersuites on the Switch A ciphersuite is a security string that determines the exact cryptographic parameters specific encryption algorithms and key sizes to be used for an authentication session The Switch possesses four possible
233. ter Description Instance ID Displays the MSTI ID of the instance being configured An entry of 0 in this field denotes the CIST default MSTI Internal cost This parameter is set to represent the relative cost of forwarding packets to specified ports when an interface is selected within a STP instance The default setting is 0 auto There are two options e 0 auto Selecting this parameter for the internalCost will set quickest route automatically and optimally for an interface The default value is derived from the media speed of the interface e value 1 2000000 Selecting this parameter with a value in the range of 1 2000000 will set the quickest route when a loop occurs A lower Internal cost represents a quicker transmission Priority Enter a value between 0 and 240 to set the priority for the port interface A higher priority will designate the interface to forward packets first A lower number denotes a higher priority This entry must be divisible by 16 The default priority setting is 728 Click Apply to implement changes made 45 DGS 3024 Gigabit Ethernet Switch Manual STP Instance Settings The following window displays MSTIs currently set on the Switch To view the following table click Configuration gt Spanning Tree gt STP Instance Settings STP Instance Settings Instance Status Instance Priority Enabled 32768 bridge priority 32768 sys ID ext 0 IMSTIC Enabled 32769 bridge priority 32768
234. tering the MSTI settings The user has two choices e Add VID Select this parameter to add VIDs to the MSTI ID in conjunction with the VID List parameter e Remove VID Select this parameter to remove VIDs from the MSTI ID in con junction with the VID List parameter VID List 1 4094 This field is used to specify the VID range from configured VLANs set on the Switch Supported VIDs on the Switch range from ID number 1 to 4094 Click Apply to implement changes made 43 DGS 3024 Gigabit Ethernet Switch Manual To configure the parameters for a previously set MSTI click on its hyperlinked MSTI ID number which will reveal the following window for configuration Instance ID Settings pm ada wo y CE Apply Show MST Confi Figure 7 21 Instance ID Settings window Modify The user may configure the following parameters for aMSTI on the Switch Parameter Description MSTI ID Displays the MSTI ID previously set by the user Type This field allows the user to choose a desired method for altering the MSTI settings The user has two choices e Add VID Select this parameter to add VIDs to the MSTI ID in conjunction with the VID List parameter e Remove VID Select this parameter to remove VIDs from the MSTI ID in conjunction with the VID List parameter VID List 1 4094 This field is used to specify the VID range from configured VLANs set on the Switch that the user
235. tes d s lorsque que votre mat riel de marque D LINK n cessite une r paration pendant la P riode de Garantie Produit Limit e La pr sente Garantie Produit Limit e s applique uniquement l acheteur utilisateur final initial du Produit Mat riel D LINK Elle est non cessible quiconque se procure le Produit Mat riel D LINK aupr s de l acheteur utilisateur final initial Type de produit P riode de Garantie Tai Switches g r s Switches comportant un agent SNMP int gr y compris modules et p riodes Cinq 5 ans de logicie ls de gestion garantie indiqu e Tous autres produits Deux 2 ans s ci dessus sappii Pi ces d tach es adaptateurs d alimentation externes ventilateurs Un 1 an ae tous les produits D LINK vendus depuis le ler janvier 2004 dans les pays europ ens par D LINK ou l un de ses revendeurs ou distributeurs agr s Tous les produits vendus avant le ler janvier 2004 dans les pays europ ens par D LINK ou l un de ses revendeurs ou distributeurs agr s b n ficient d une garantie de 5 ans except les fournitures lectriques ventilateurs et accessoires qui sont couverts par une garantie de 2 ans La p riode de garantie indiqu e sur ce bon annule et remplace celle qui figure dans le manuel utilisateur ou dans le contrat d achat des produits consid r s Pour viter le doute si vous avez achet votre produit D LINK en tant que consommateur vos droits l g
236. tes the main differences between the two protocols 37 DGS 3024 Gigabit Ethernet Switch Manual Port Transition States An essential difference between the three protocols is in the way ports transition to a forwarding state and in the way this transition relates to the role of the port forwarding or not forwarding in the topology MSTP and RSTP combine the transition states disabled blocking and listening used in 802 1d and creates a single state Discarding In either case ports do not forward packets In the STP port transition states disabled blocking or listening or in the RSTP MSTP port state discarding there is no functional difference the port is not active in the network topology Table 6 1 below compares how the three protocols differ regarding the port state transition All three protocols calculate a stable topology in the same way Every segment will have a single path to the root bridge All bridges listen for BPDU packets However BPDU packets are sent more frequently with every Hello packet BPDU packets are sent even if a BPDU packet was not received Therefore each link between bridges is sensitive to the status of the link Ultimately this difference results in faster detection of failed links and thus faster topology adjustment A drawback of 802 1d is this absence of immediate feedback from adjacent bridges 802 1d MSTP 802 1w RSTP 802 1d STP Forwarding Learning Discarding Discarding Disa
237. the lowest priority data and 7 assigned to the highest The highest priority tag 7 is generally only used for data associated with video or audio applications which are sensitive to even slight delays or for data from specified end users whose data transmissions warrant special consideration The Switch allows you to further tailor how priority tagged data packets are handled on your network Using queues to manage priority tagged data allows you to specify its relative priority to suit the needs of your network There may be circumstances where it would be advantageous to group two or more differently tagged packets into the same queue Generally however it is recommended that the highest priority queue Queue 1 be reserved for data packets with a priority value of 7 Packets that have not been given any priority value are placed in Queue 0 and thus given the lowest priority for delivery A weighted round robin system is employed on the Switch to determine the rate at which the queues are emptied of packets The ratio used for clearing the queues is 4 1 This means that the highest priority queue Queue 1 will clear 4 packets for every 1 packet cleared from Queue 0 Remember the priority queue settings on the Switch are for all ports and all devices connected to the Switch will be affected This priority queuing system will be especially beneficial if your network employs Switches with the capability of assigning priority tags VLAN Description
238. thenticator before access is granted to the Client The second purpose of the Authenticator is to verify the information gathered from the Client with the Authentication Server and to then relay that information back to the Client Three steps must be implemented on the Switch to properly configure the Authenticator 1 The 802 1x State must be enabled to Port Base on the Switch Information Advanced Settings window under Switch 802 1x Configuration gt Advanced Settings 2 The 802 1x settings must be implemented by port Configuration gt Port Access Entity gt 802 1x Capability Settings 3 A RADIUS server must be configured on the Switch on the Authentic RADIUS Server Setting window Configuration gt Port Access Entity gt RADIUS Server DGS 3024 Gigabit Ethernet Switch Manual A Switch _ Authentication Server L a Sia Authenticator ae Workstation gt Client Figure 7 55 Authenticator Client The Client is simply the workstation that wishes to gain access to the LAN or Switch services All workstation must be running software that is compliant with the 802 1x protocol For users running Windows XP the software is included within the operating system All other users are required to attain 802 1x client software from an outside source The Client will request access to the LAN and or Switch through EAPOL packets and in turn will respond to requests from the Switch
239. tion parameters on the Switch a User Account must be previously configured For more information on de configuring local User Accounts on the Switch see the User Accounts sil section of this manual located in this section 95 DGS 3024 Gigabit Ethernet Switch Manual Access Authentication Control The TACACS XTACACS TACACS RADIUS commands let you secure access to the Switch using the TACACS XTACACS TACACS RADIUS protocols When a user logs in to the Switch or tries to access the administrator level privilege he or she is prompted for a password If TACACS XTACACS TACACS RADIUS authentication is enabled on the Switch it will contact a TACACS XTACACS TACACS RADIUS server to verify the user If the user is verified he or she is granted access to the Switch There are currently three versions of the TACACS security protocol each a separate entity The Switch s software supports the following versions of TACACS e TACACS Terminal Access Controller Access Control System Provides password checking and authentication and notification of user actions for security purposes utilizing via one or more centralized TACACS servers utilizing the UDP protocol for packet transmission e Extended TACACS XTACACS An extension of the TACACS protocol with the ability to provide more types of authentication requests and more types of response codes than TACACS This protocol also uses UDP to transmit packets e TACACS
240. to s lo es v lida si se acompa a del comprobante de la compra Tambi n deber presentarse la tarjeta de garant a si D LINK lo solicita EXCEPTO EN LO EXPRESAMENTE INDICADO EN ESTA GARANT A LIMITADA D LINK NO CONCEDE OTRAS GARANT AS NI EXPL CITAS NI IMPL CITAS INCLUIDAS LAS GARANT AS IMPL CITAS DE COMERCIALIDAD Y APTITUD A UN FIN DETERMINADO D LINK RECHAZA EXPL CITAMENTE CUALQUIER GARANT A QUE NO FIGURE EN ESTA GARANT A LIMITADA LA DURACI N DE CUALQUIER GARANT A IMPL CITA QUE PUEDA SER IMPUESTA POR LEY QUEDA LIMITADA AL PER ODO DE LA GARANT A LIMITADA ALGUNOS ESTADOS O PA SES NO PERMITEN QUE EN LA GARANT A LIMITADA DE PRODUCTOS DE CONSUMO SE RESTRINJA LA DURACI N TEMPORAL NI QUE SE EXCLUYAN O LIMITEN LOS DA OS INCIDENTALES O RESULTANTES PARA EL CONSUMIDOR DE LOS PRODUCTOS EN ESTOS ESTADOS O PA SES A USTED NO LE PUEDEN APLICAR ALGUNAS EXCLUSIONES O LIMITACIONES DE LA GARANT A LIMITADA ESTA GARANT A LIMITADA LE CONCEDE DETERMINADOS DERECHOS PUEDE TAMBI N TENER OTROS DERECHOS QUE PUEDEN SER DISTINTOS DE UN ESTADO A OTRO O DE UN PA S A OTRO SE RECOMIENDA QUE CONSULTE LAS LEYES PERTINENTES DE UN ESTADO O PA S A FIN DE QUE CONOZCA SUS DERECHOS Esta garant a limitada se aplica a los productos de hardware de la marca D LINK llamados en esta gu a Productos de hardware D LINK comprados a D LINK Europe Ltd a sus filiales en el mundo a sus proveedores autorizados o a sus distribuidores locales llamados en este
241. to set the local users 81 DGS 3024 Gigabit Ethernet Switch Manual 802 1x Capability Settings Click 802 1x Capability Settings to view the following window Port 1 Port 1 None Apply 1 None 2 None El None 4 None 5 None 6 None if None 8 None 9 None 10 None 11 None 12 None 18 None 14 None 15 None 16 None il None 18 None 19 None 20 None eal None 22 None 23 None 24 None Figure 7 61 802 1x Capability Settings window To set up the Switch s 802 1x port based authentication select which ports are to be configured in the From and To fields Next enable the ports by selecting Authenticator from the drop down menu under Capability Click Apply to make your change take effect Configure the following 802 1x capability settings Parameter Description From and To Ports being configured for 802 1x settings Capability Two role choices can be selected e Authenticator A user must pass the authentication process to gain access to the network e None The port is not controlled by the 802 1x functions 82 DGS 3024 Gigabit Ethernet Switch Manual Initialize Port s To initialize ports for the port based side of 802 1x the user must first enable 802 1x by Port Base under Switch 802 1x in the Switch Information Advanced Settings window Existing 802 1x port and MAC settings are displayed and can be configured using the window below Click Initialize
242. ts that will be members of the static multicast group and ports that are GMRP The options are either forbidden from joining dynamically or that can join the multicast group dynamically using e None No restrictions on the port dynamically joining the multicast group When None is chosen the port will not be a member of the Static Multicast Group e Egress The port is a static member of the multicast group Click Apply to implement the changes made To delete an entry in the Static Multicast Forwarding Table click the corresponding under the Delete heading Click the Show All Multicast Forwarding Entries link to return to the Static Multicast Forwarding Settings window Multicast Filtering The DGS 3024 can be set to either forward unregistered multicast packets or to filter unregistered multicast packets from the switch Filtering unregistered multicast packets from the switch can be useful to eliminate loops and flooding of multicast packets when there are no recipients on the switch Open the Forwarding folder in the Configuration menu and click on the Multicast Filtering Moce link This will open the Multicast Filtering Mode Setting and Table window as shown The following parameters can be set Multicast Filtering Mode Setting Filtering Mode forward_unregistered_groups Multicast Filtering Mode Table Multicast Filtering Mode forward _unregistered_groups Figure 7 31 Setup Static Multi
243. tting Add window Configure the following parameters to add an Authentication Server Host Parameter Description IP Address The IP address of the remote server host the user wishes to add Protocol The protocol used by the server host The user may choose one of the following e TACACS Enter this parameter if the server host utilizes the TACACS protocol e XTACACS Enter this parameter if the server host utilizes the XTACACS protocol e TACACS Enter this parameter if the server host utilizes the TACACS protocol e RADIUS Enter this parameter if the server host utilizes the RADIUS protocol Port 1 65535 Enter a number between 7 and 65535 to define the virtual port number of the authentication protocol on a server host The default port number is 49 for TACACS XTACACS TACACS servers and 1813 for RADIUS servers but the user may set a unique port number for higher security 100 DGS 3024 Gigabit Ethernet Switch Manual Timeout 1 255 Enter the time in seconds the Switch will wait for the server host to reply to an authentication request The default value is 5 seconds Retransmit 1 Enter the value in the retransmit field to change how many times the device will resend an 255 authentication request when the TACACS server does not respond Key Authentication key to be shared with a configured TACACS or RADIUS servers only Specify an alphanumeric string up to 254 characters
244. ttings QoS MAC Notification System Log Server Port Access Entity and Static ARP Settings as well as secondary windows IP Address This window is used to determine whether the Switch should get its IP Address settings from the user Manual a BOOTP server or a DHCP server If you are not using either BOOTP or DHCP enter the IP Address Subnet Mask and Default Gateway of the Switch If you enable BOOTP you do not need to configure any IP parameters because a BOOTP server automatically assigns IP configuration parameters to the Switch If you enable DHCP a Dynamic Host Configuration Protocol request will be sent when the Switch is powered up Once you have selected a setting under Get IP From click Apply to activate the new settings IP Address 10 24 22 8 Subnet Mask 255 0 0 0 VID Figure 7 1 Switch IP Settings window To configure the Switch s IP address Open the Configuration folder and click the IP Address link The web manager will display the Switch s current IP settings in the IP configuration menu as seen below To manually assign the Switch s IP address subnet mask and default gateway address 1 Select Manual from the Get IP From drop down menu 2 Enter the appropriate IP Address and Subnet Mask 3 If the user wants to access the Switch from a different subnet from the one it is installed on enter the IP address of the Default Gateway If the user will manage the Switch from the subnet on which it is ins
245. ttings for the Switch open the Configuration folder then the SNTP Settings folder and click on the Time Setting link revealing the following window for the user to config ure DGS 3024 Gigabit Ethernet Switch Manual SNTP State Disabled y SNTP Primary Server SNTP Secondary Server SNTP Poll Interval in Seconds a Apply Year Month ay Time in HH MM SS il Apply Figure 7 39 Current Time Status window The following parameters can be set or are displayed Parameter Description Current Time Status Current Time Displays the time when the Switch was initially started for this session Time Source Displays the time source for the system Current Time SNTP Settings SNTP State Use this pull down menu to Enabled or Disabled SNTP SNTP Primary Server This is the IP address of the primary server the SNTP information will be taken from SNTP Secondary Server This is the IP address of the secondary server the SNTP information will be taken from SNTP Poll Interval in Seconds This is the interval in seconds between requests for updated SNTP information Current Time Set Current Time Year Enter the current year if you want to update the system clock Month Enter the current month if you would like to update the system clock Day Enter the current day if you would like to update the system clock Time in HH MM SS
246. tware upgrades This can be done in band via TFTP or out of band via the console 1 DGS 3024 Gigabit Ethernet Switch Manual e Built in SNMP management Bridge MIB RFC 1493 MIB II RFC 1213 802 1P Q MIB RFC 2674 Ethernet like MIB RFC 1643 Private MIB Mini RMON MIB RFC 1757 four groups The RMON specification defines the counters for the receive functions only However the DGS 3024 provides counters for both receive and transmit functions e Supports Web based management e TFTP Client support e BOOTP Client support e DHCP Client support e Password enabled e Telnet remote control console e Broadcast storm control e Multicast storm control e Command Line Interface support e Syslog support e SNTP support e SNMP Trap on MAC Notification support e Jumbo frame support e SSH support e SSL support e TACACS RADIUS support DGS 3024 Gigabit Ethernet Switch Manual UNPACKING AND SETUP This chapter provides unpacking and setup information for the Switch Packing List Open the shipping carton of the Switch and carefully unpack its contents The carton should contain the following items e A DGS 3024 24 Port Gigabit Layer 2 Ethernet Switch e A mounting kit 2 mounting brackets and screws e Four rubber feet with adhesive backing e One or two AC power cords e A printed Quick Installation Guide e D View 5 1 demo CD ROM e This Manual with Registration Card on CD ROM If any
247. type of frame that will be accepted by the port The user may choose between Tagged Only which means only VLAN tagged frames will be accepted and Admit_All which means both tagged and untagged frames will be accepted Admit_All is enabled by default PVID This field in the 802 1Q Port Table shows the current PVID assignment for each port which may be manually assigned to a VLAN when created in the 802 1Q Port Settings table The Switch s default is to assign all ports to the default VLAN with a VID of 1 The PVID is used by the port to tag outgoing untagged packets and to make filtering decisions about incoming packets If the port is specified to accept only tagged frames as tagging and an untagged packet is forwarded to the port for transmission the port will add an 802 1Q tag using the PVID to write the VID in the tag When the packet arrives at its destination the receiving device will use the PVID to make VLAN forwarding decisions If a packet is received by the port and Ingress filtering is Enabled the port will compare the VID of the incoming packet to its PVID If the two are unequal the port will drop the packet If the two are equal the port will receive the packet GVRP The Group VLAN Registration Protocol GVRP enables the port to dynamically become a member of a VLAN GVRP is Disabled by default Click Apply to implement changes made 60 SNTP Settings Time Setting To configure the time se
248. type the new Engine ID in the space provided and click the Apply button 116 DGS 3024 Gigabit Ethernet Switch Manual MONITORING The fourth Web Manager main folder is Monitoring and includes the following windows and sub folders Port Utilization Packets Errors Size MAC Address Switch History Log IGMP Snooping Group IGMP Snooping Forwarding VLAN Status Router Port Session Table and Port Access Control as well as secondary windows Port Utilization The Utilization window displays the percentage of the total available Poti y Apply bandwidth being used on the port PERRIN CI To view the port utilization open the pza Monitoring folder and then click the Port Utilization link Utilization Unit Time Interval 1s v Record Number 200 Show Hide Y Utilization Figure 10 1 Utilization window The following fields can be set Parameter Description Time Interval Select the desired setting between 7s and 60s where s stands for seconds The default value is one second Record Number the number of times the Switch will be polled between 20 and 200 The default value is Utilization The percentage of the total available bandwidth being used on the port Show Hide Check whether or not to display Utilization Clear Clicking this button clears all statistics counters on this window Click Apply to implement changes made 117 DGS 3024 Gigabit Eth
249. ublic Key Algorithm aaa HMAC RSA Enabled y HMAC DSA Enabled y Publickey Enabled DELA IL Apply Figure 8 5 Encryption Algorithm window The following algorithms may be set Parameter Description Encryption Algorithm 3DES CBC Use the pull down to enable or disable the Triple Data Encryption Standard encryption algorithm with Cipher Block Chaining The default is Enabled Blow fish CBC Use the pull down to enable or disable the Blowfish encryption algorithm with Cipher Block Chaining The default is Enabled AES128 CBC Use the pull down to enable or disable the Advanced Encryption Standard AES128 encryption algorithm with Cipher Block Chaining The default is Enabled AES192 CBC Use the pull down to enable or disable the Advanced Encryption Standard AES192 encryption algorithm with Cipher Block Chaining The default is Enabled 93 DGS 3024 Gigabit Ethernet Switch Manual AES256 CBC Use the pull down to enable or disable the Advanced Encryption Standard AES 256 encryption algorithm with Cipher Block Chaining The default is Enabled ARC4 Use the pull down to enable or disable the Arcfour encryption algorithm with Cipher Block Chaining The default is Enabled Cast128 CBC Use the pull down to enable or disable the Cast128 encryption algorithm with Cipher Block Chaining The default is Enabled Twofi
250. uct In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Warnung Dies ist ein Produkt der Klasse A Im Wohnbereich kann dieses Produkt Funkstoerungen verursachen In diesem Fall kann vom Benutzer verlangt werden angemessene Massnahmen zu ergreifen Precaucion Este es un producto de Clase A En un entorno dom stico puede causar interferencias de radio en cuyo case puede requerirse al usuario para que adopte las medidas adecuadas Attention Ceci est un produit de classe A Dans un environnement domestique ce produit pourrait causer des interf rences radio auquel cas l utilisateur devrait prendre les mesures ad quates Attenzione Il presente prodotto appartiene alla classe A Se utilizzato in ambiente domestico il prodotto pu causare interferenze radio nel cui caso possibile che l utente debba assumere provvedimenti adeguati VCCI Warning COMES 77 ARBEMEBCI CORBERA CRA Toc CERDA ERECTILE ET COBRAR ARAN SAREES ARTE RENACER ESO August 2006 P N 6DGS3024 04 DGS 3024 Gigabit Ethernet Switch Manual Table of Contents Pr face fn es nent nn Ar e ie ln dd e ce eo ld de lie od o id 1x Intended Readers e ad ESY x Notes Notices and Catition s 2203552 2 2 2 2 222 tit lege x Safety Instructions sis na sense Ne a lire e ee leo xi A AAA sit ila ariana 1 Features RS FER RANE RARE IR ORRORE IEEE ARR RE E IE ARRE CITE E O IE E IRR
251. ud Set the data format to 8 data bits 1 stop bit and no parity Set flow control to none Under Properties select VT 100 for Emulation mode m PA ON ON a Select Terminal keys for Function Arrow and Ctrl keys Ensure that you select Terminal keys not Windows keys DGS 3024 Gigabit Ethernet Switch Manual NOTE When you use HyperTerminal with the Microsoft Windows 2000 operating system ensure that you have Windows 2000 Service Pack 2 or later installed Windows 2000 Service Pack 2 allows you to use arrow keys in HyperTerminal s VT100 emulation See www microsoft com for information on Windows 2000 service packs 9 After you have correctly set up the terminal plug the power cable into the power receptacle on the back of the Switch The boot sequence appears in the terminal 10 After the boot sequence completes the console login screen displays 11 If you have not logged into the command line interface CLI program press the Enter key at the User name and password prompts There is no default user name and password for the Switch User names and passwords must first be created by the administrator If you have previously set up user accounts log in and continue to configure the Switch 12 Enter the commands to complete your desired tasks Many commands require administrator level access privileges Read the next section for more information on setting up user accounts See the DGS 3024 Command Line Interface Referen
252. ugh Console Username Anonymous 31 2001 10 18 12 34 23 Port 1 link up 100Mbps FULL duplex 30 2001 10 18 12 34 23 System started up 29 2001 10 18 12 34 22 Spanning Tree Protocol is disabled 28 2001 10 18 12 33 28 Configuration saved to flash Username Anonymous 27 2001 10 18 12 33 08 Successful login through Console Username Anonymous 26 2001 10 18 12 01 36 Console session timed out Username Anonymous 95 2001 10 18 11 51 32 Successful login through Console Username Anonymous 24 2001 10 18 11 15 57 Port 1 link up 100Mbps FULL duplex 23 2001 10 18 11 15 57 System started up Clear Next Figure 10 15 Switch History window The Switch can record event information in its own logs to designated SNMP trap receiving stations and to the PC connected to the console manager Click Next to go to the next page of the Switch History Log Clicking Clear will allow the user to clear the Switch History Log The information is described as follows Parameter Description Sequence A counter incremented whenever an entry to the Switch s history log is made The table displays the last entry highest sequence number first Time Displays the time in days hours and minutes since the Switch was last restarted Log Text Displays text describing the event that triggered the history log entry 131 DGS 3024 Gigabit Ethernet Switch Manual IGMP Snooping Group IGMP Snooping allows the Switch to read the Mu
253. undant Power Supply s HHH Figure 3 2 Rear panel view e The external Redundant Power Supply connector is used to connect the DGS 3024 to a DPS 300 An auto Switch circuit automatically Switches to an external RPS once the internal power supply fails Transition from internal to external supply shall not disturb normal operation e The AC power connector is a standard three pronged connector that supports the power cord Plug the female connector of the provided power cord into this socket and the male side of the cord into a power outlet Supported input voltages range from 100 240 VAC at 50 60 Hz DGS 3024 Gigabit Ethernet Switch Manual Side Panels The right side panel of the Switch contains two system fans see the top part of the diagram below The left side panel contains heat vents 0000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000 O o 0000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000 999086900009009909000009009000000000009000000090000 O O O O 00 00000 gt e SR Rp Fe o Be ee 8388 S O S o o Dao CLS 00000 20600 Figure 3 3 Side panel views of the Switch The system fans are used to dissipate heat The sides of the system also provide heat vents to serve the same purpose Do not block these openings and leave at least 6 inches of space at the rear and sides of the Switch for proper
254. ure Shell SSH SSH is an abbreviation of Secure Shell which is a program allowing secure remote login and secure network services over an insecure network It allows a secure login to remote host computers a safe method of executing commands on a remote end node and will provide secure encrypted and authenticated communication between two non trusted hosts SSH with its array of unmatched security features is an essential tool in today s networking environment It is a powerful guardian against numerous existing security hazards that now threaten network communications The steps required to use the SSH protocol for secure communication between a remote PC the SSH client and the Switch the SSH server are as follows 1 Create a user account with admin level access using the User Accounts window in the Security folder This is identical to creating any other admin level User Account on the Switch including specifying a password This password is used to logon to the Switch once a secure communication path has been established using the SSH protocol 2 Configure the User Account to use a specified authorization method to identify users that are allowed to establish SSH connections with the Switch using the Current Accounts window Security gt Secure Shell SSH gt SSH User Authentication There are three choices for the method SSH will use to authorize the user HostBased Password and Public Key Otherwise choose the fourth option Non
255. ustomers within Australia D Link Technical Support over the Telephone 1300 766 868 Monday to Friday 8 00am to 8 00pm EST Saturday 9 00am to 1 00pm EST D Link Technical Support over the Internet http www dlink com au email support dlink com au Tech Support for customers within New Zealand D Link Technical Support over the Telephone 0800 900 900 Monday to Friday 8 30am to 8 30pm Saturday 9 00am to 5 00pm D Link Technical Support over the Internet http www dlink co nz email support dlink co nz D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link website Tech Support for customers within South Eastern Asia and Korea D Link South Eastern Asia and Korea Technical Support over the Telephone 65 6895 5355 Monday to Friday 9 00am to 12 30pm 2 00pm 6 00pm Singapore Time D Link Technical Support over the Internet email support dlink com sg D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link website Tech Support for customers within India D Link Technical Support over the Telephone 91 22 26526741 91 22 26526696 ext 161 to 167 Monday to Friday 9 30AM to 7 00PM D Link Technical Support over the Internet http ww dlink co in http www dlink co in dlink drivers support asp ftp support dlink co in email techsupport dlink co in D Link Buildi
256. ut This is the maximum amount of time in seconds allowed for a host to continue membership in a multicast group without the Switch receiving a host membership report The default is 260 Route Timeout This is the maximum amount of time in seconds a route is kept in the forwarding table without receiving a membership report The default is 260 Leave Timer This specifies the maximum amount of time in seconds between the Switch receiving a leave group message from a host and the Switch issuing a group membership query If no response to the membership query is received before the Leave Timer expires the multicast forwarding entry for that host is deleted The default is 2 Querier State Choose Enabled to enable transmitting IGMP Query packets or Disabled to disable The default is Disabled This field can be toggled between Enabled and Disabled and enables or disables IGMP for the VLAN The default is Disabled Click Apply to implement the new settings Click the Show All IGMP Group Entries link to return to the Current IGMP Snooping Group Entries window 35 DGS 3024 Gigabit Ethernet Switch Manual Static Router Ports Entry A static router port is a port that has a multicast router attached to it Generally this router would have a connection to a WAN or to the Internet Establishing a router port will allow multicast packets coming from the router to be propagated through the network as well as allowing multicast messages IGMP comin
257. ut shall not apply to any update or replacement which may be provided for download via the Internet or to any update which may otherwise be provided free of charge D Link s sole obligation under this software warranty shall be to replace any defective software product with product which substantially conforms to D Link s applicable product documentation Purchaser assumes responsibility for the selection of appropriate application and system platform software and associated reference materials D Link makes no warranty that its software products will work in combination with any hardware or any application or system platform software product provided by any third party excepting only such products as are expressly represented in D Link s applicable product documentation as being compatible D Link s obligation under this warranty shall be a reasonable effort to provide compatibility but D Link shall have no obligation to provide compatibility when there is fault in the third party hardware or software D Link makes no warranty that operation of its software products will be uninterrupted or absolutely error free and no warranty that all defects in the software product within or without the scope of D Link s applicable product documentation will be corrected Link Building Networks for People Subject to the terms and conditions set forth herein D Link Systems Inc D Link provides this Limited Warranty Only to the person or entity t
258. uthorization state of the Port and initiate the process of authenticating the attached device if the Port is unauthorized This is the Port Based Network Access Control Em A RADIUS Server Ethernet Switch peene sel LL Lil A 802 1X 802 1X 802 1X 802 1X 802 1X 802 1X 802 1X 802 1X 802 1X Client Client Client Client Client Client Client Client Client Network access controlled port A Network access uncontrolled port Figure 7 57 Example of Typical Port Based Configuration Once the connected Client has successfully been authenticated the Port then becomes Authorized and all subsequent traffic on the Port is not subject to access control restriction until an event occurs that causes the Port to become Unauthorized Hence if the Port is actually connected to a shared media LAN segment with more than one attached device successfully authenticating one of the attached devices effectively provides access to the LAN for all devices on the shared segment Clearly the security offered in this situation is open to attack 78 DGS 3024 Gigabit Ethernet Switch Manual Configure Authenticator To configure the 802 1x Authenticator Settings click Configure Authenticator pa i a Hz a Bi i both auto 30 60 30 30 2 3600 no Fa both auto 30 60 30 30 2 3600 no B both auto 30 60 30 30 2 3600 no 4 both auto 30 60 30 30 2 3600 no DI both auto 30 60 30 30 2 3600 no 6 both auto 30 60 30 30 2 360
259. wn Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled 1O0M Full N one Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled 100M F ul None Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled 1 2 5 4 5 6 z 8 9 Figure 7 4 Port Configuration window To configure Switch ports 1 Choose the port or sequential range of ports using the From and To pull down menus 2 Use the remaining pull down menus to configure the parameters described below 26 DGS 3024 Gigabit Ethernet Switch Manual Parameter Description State Toggle the State field to either enable or disable a given port or group of ports Speed Duplex Toggle the Speed Duplex field to either select the speed and duplex half duplex state of the port Auto denotes auto negotiation between 10 and 100 Mbps devices in full or half duplex
260. www dlink nl Belgium Rue des Colonies 11 B 1000 Brussels Belgium Tel 32 0 2 517 7111 Fax 32 0 2 517 6500 URL www dlink be Italy Via Nino Bonnet n 6 b 20154 Milano Italy TEL 39 02 2900 0676 FAX 39 02 2900 1723 URL www dlink it Sweden P O Box 15036 S 167 15 Bromma Sweden TEL 46 0 8564 61900 FAX 46 0 8564 61901 URL www dlink se Denmark Naverland 2 DK 2600 Glostrup Copenhagen Denmark TEL 45 43 969040 FAX 45 43 424347 URL www dlink dk Norway Karihaugveien 89 N 1086 Oslo Norway TEL 47 99 300 100 FAX 47 22 30 95 80 URL www dlink no Finland Latokartanontie 7A FIN 00700 HELSINKI Finland TEL 358 10 309 8840 FAX 358 10 309 8841 URL www dlink fi Spain Avenida Diagonal 593 95 9th floor 08014 Barcelona Spain TEL 34 93 4090770 FAX 34 93 4910795 URL www dlink es Portugal Rua Fernando Pahla 50 Edificio Simol 1900 Lisbon Portugal TEL 351 21 8688493 URL www dlink es Czech Republic Vaclavske namesti 36 Praha 1 Czech Republic TEL 420 603 276 589 URL www dlink cz Switzerland Glatt Tower 2 0G CH 8301 Glattzentrum Postfach 2 0G Switzerland TEL 41 0 1 832 11 00 FAX 41 0 1 832 11 01 URL www dlink ch Greece 101 Panagoulis Str 163 43 Helioupolis Athens Greece TEL 30 210 9914 512 FAX 30 210 9916902 URL www dlink gr Luxemburg Rue des Colonies 11 B 1000 Brussels Belgium TEL 32 0 2 517 7111 FAX
261. y Other 9 Would you recommend your D Link product to a friend OYes OINo ODon t know yet 10 Your comments on this product
Download Pdf Manuals
Related Search