Page 2 © 2011 D-Link Corporation. All rights reserved. Reproduction in any manner whatsoever without the written permission of D-Link Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
Page 3: Table Of Contents
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Table of Contents Intended Readers ................................... xi Typographical Conventions ................................... xi Notes, Notices, and Cautions ..................................xi Safety Cautions ......................................xii General Precautions for Rack-Mountable Products ............................ xiii Lithium Battery Precaution ..................................
Page 4 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide CLI Paging Settings ..................................19 Firmware Information .................................. 20 Dual Configuration Settings ................................. 21 Power Saving ....................................23 LED State Settings ......................................23 Power Saving Settings ....................................24 Power Saving LED Settings ..................................
Page 5 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Voice VLAN Global Settings .................................. 64 Voice VLAN Port Settings ..................................65 Voice VLAN OUI Settings ..................................66 Voice VLAN Device ....................................66 Voice VLAN LLDP-MED Voice Device ..............................67 VLAN Trunk Settings ....................................
Page 6 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Port Trunking ........................................ 98 LACP Port Settings ..................................... 101 Forwarding & Filtering ................................101 Unicast Forwarding ..................................... 101 Multicast Forwarding ....................................102 LLDP ......................................103 LLDP .......................................... 103 LLDP Global Settings ....................................
Page 7 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide IMPB Entry Settings ....................................135 MAC Block List ......................................136 DHCP Snooping ......................................137 DHCP Snooping Maximum Entry Settings ............................137 DHCP Snooping Entry................................... 137 ND Snoop ........................................138 ND Snoop Maximum Entry Settings ..............................
Page 8 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Login Method Lists Settings ..................................168 Enable Method Lists Settings ..................................169 Local Enable Password Settings ................................. 170 MAC-based Access Control (MAC) ............................170 MAC-based Access Control Settings ................................171 MAC-based Access Control Local Settings ..............................
Page 9 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP Server Global Settings ..................................235 DHCP Server Exclude Address Settings ..............................235 DHCP Server Pool Settings ..................................236 DHCP Server Manual Binding ..................................237 DHCP Server Dynamic Binding ................................. 238 DHCP Conflict IP .......................................
Page 10 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Browse MLD Router Port ................................267 Browse Session Table ................................267 IGMP Snooping Group ................................268 MLD Snooping Group ................................268 MAC Address Table .................................. 269 System Log ....................................
Page 11: Intended Readers
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Intended Readers The DGS-3200 Series Web UI Reference Guide contains information for setup and management of the Switch. This manual is intended for network managers familiar with network management concepts and terminology.
Page 12: Safety Cautions
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Safety Cautions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this safety section, the caution icon ( ) is used to indicate cautions and precautions that need to be reviewed and followed.
Page 13: General Precautions For Rack-Mountable Products
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide • Do not modify power cables or plugs. Consult a licensed electrician or your power company for site modifications. Always follow your local/national wiring rules. •...
Page 14: Lithium Battery Precaution
An energy hazard will exist if the safety ground cable is omitted or disconnected. CAUTION: When mounting the Switch on a cement wall, a proper concrete sleeve anchor should be used, such as the one that is included in the optional D-Link Wall Mount kit (DRE-KIT018). Lithium Battery Precaution CAUTION: Incorrectly replacing the lithium battery of the Switch may cause the battery to explode.
Page 15: Web-Based Switch Configuration
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 1 Web-based Switch Configuration Introduction Logging onto the Web Manager Web-Based User Interface Introduction All software functions of the Switch can be managed, configured, and monitored via the embedded web-based (HTML) interface.
Page 16: Web-Based User Interface
Presents a graphical near real-time image of the front panel of the Switch. This area displays the Switch's ports and expansion modules and shows port activity, depending on the specified mode. Some management functions, including port monitoring are accessible here. Click the D-Link logo to go to the D-Link website.
Page 17: Web Pages
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Web Pages When connecting to the management mode of the Switch with a web browser, a login screen is displayed. Enter a user name and password to access the Switch's management mode.
Page 18: Configuration
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 2 Configuration Device Information System Information Serial Port Settings IP Address Port Configuration Static ARP Settings Gratuitous ARP User Accounts System Log Configuration System Severity Settings...
Page 19: Device Information
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Device Information This window contains the main settings for all major functions for the Switch. It appears automatically when you log on to the Switch. To return to the Device Information window after viewing other windows, click the DGS-3200-10/DGS-3200-16/ DGS-3200-24 folder.
Page 20: Serial Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click Apply to implement changes made. Serial Port Settings The user can adjust the Baud Rate and the Auto Logout values. To view the following window, click Configuration > Serial Port Settings: Figure 2 - 3.
Page 21: Setting The Switch's Ip Address Using The Console Interface
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide If the Switch has no previously configured VLANs, the user can use the Management VLAN Name entitled “default”. This default Management VLAN contains all of the Switch ports as members. If the Switch has previously configured VLANs, the user will need to enter the VLAN ID of the VLAN that contains the port connected to the management station that will access the Switch.
Page 22: Port Configuration
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The IP address for the Switch must be set before the Web-based manager can manage the switch. The Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the Switch must be known. The IP address may be set using the Command Line Interface (CLI) over the console serial port as follows: •...
Page 23: Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 6. Port Detail Information window Click the Refresh button to update the information. Port Settings This windows is used to configure and display the switch ports settings.
Page 24 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 7. Port Settings window The following parameters may be configured or viewed: Parameter Description From Port / To Port Use the drop-down menus to select the ports to be configured.
Page 25: Port Description Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Flow Control Displays the flow control scheme used for the various port configurations. Ports configured for full-duplex use 802.3x flow control, half-duplex ports use backpressure flow config, and Auto ports use an automatic selection of the two.
Page 26: Port Error Disabled
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Port Error Disabled The following window will display the information about ports that have had their connection status disabled, for reasons such as storm control or link down status.
Page 27: Gratuitous Arp
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 11. Static ARP Settings window The following parameters may be configured or viewed: Parameter Description ARP Aging Time The ARP entry age-out time, in seconds. The default is 20 minutes.
Page 28: User Accounts
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 13. Gratuitous ARP Settings window The fields that can be configured are described below: Parameter Description Trap Use the drop-down menu to enable or disable the trap option. By default the trap is disabled.
Page 29: Admin And User Privileges
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 15. User Accounts window (Edit) Modify or delete an existing user account in the table at the bottom of the window. To delete the user account, click the Delete button.
Page 30: System Log Configuration
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 16. Command Logging Settings window The following parameters may be configured or viewed: Parameter Description Command Logging Use the radio buttons to enable or disable the function.
Page 31: System Severity Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 18. System Log Host window The following parameters may be configured or viewed: Parameter Description Host ID Syslog server settings index (1 to 4).
Page 32: Mac Address Aging Time
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Severity Name. Select Critical to send only critical events to the Switch’s log or SNMP agent. Choose Warning to send critical and warning events to the Switch’s log or SNMP agent.
Page 33: Telnet Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Telnet Settings Users can configure Telnet Settings on the Switch. To view the following window, click Configuration > Telnet Settings: Figure 2 – 22. Telnet Settings window...
Page 34: Firmware Information
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameter may be configured or viewed: Parameter Description CLI Paging Command Line Interface paging stops each page at the end of the console. This allows you to Status stop the scrolling of multiple pages of text beyond the limits of the console.
Page 35: Dual Configuration Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Version States the firmware version. Size States the size of the corresponding firmware, in bytes. Update Time States the specific time the firmware version was downloaded to the Switch.
Page 36 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 27. Dual Configuration Settings window (DGS-3200-10 and DGS-3200-16 models) Figure 2 - 28. Dual Configuration Settings window (DGS-3200-24 model) The following parameters may be configured or viewed:...
Page 37: Power Saving
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Console – If the IP address has the word Console next to it, it denotes a configuration upgrade through the Console Serial Port (RS-232). Telnet – If the IP address has the word Telnet next to it, it denotes a configuration upgrade through Telnet.
Page 38: Power Saving Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 – 29. Port LED State Settings window The following parameter may be configured: Parameter Description Port LED State Click the radio buttons to enable or disable the port LED state.
Page 39: Power Saving Led Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Port State Power Saving Mode Click the radio buttons to enable or disable hibernation state. Hibernation State Action Use the drop down menu to add or delete the schedule.
Page 40: Mac Notification Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click the Apply button to save the settings. Click the Clear Time Range to remove all the entries. MAC Notification Settings MAC Notification is used to monitor MAC addresses learned and entered into the forwarding database.
Page 41: Snmp Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 34. MAC Notification Port Settings window To change MAC notification settings for a port or group of ports on the Switch, configure the following parameters:...
Page 42: Snmp Global State Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide SNMPv3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager.
Page 43: Snmp View Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 36. SNMP Linkchange Trap Settings window The following parameters may be configured: Parameter Description From Port / To Port Use the drop-down menu to select the ports to be configured.
Page 44: Snmp Group Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 37. SNMP View Table window The following parameters can be set: Parameter Description View Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP view being created.
Page 45: Snmp User Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 38. SNMP Group Table window The following parameters can be set: Parameter Description Group Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP group of SNMP users.
Page 46: Snmp Community Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 39. SNMP User Table window The following parameters can be configured: Parameter Description User Name An alphanumeric string of up to 32 characters. This is used to identify the SNMP users.
Page 47: Snmp Host Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 40. SNMP Community Table window The following parameters can be set: Parameter Description Community Name Type an alphanumeric string of up to 32 characters that is used to identify members of an SNMP community.
Page 48: Snmp V6Host Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide security level. V3-AuthNoPriv – To specify that the SNMP version 3 will be used, with an Auth-NoPriv security level. V3-AuthPriv – To specify that the SNMP version 3 will be used, with an Auth-Priv security level.
Page 49: Snmp Trap Configuration
SNMP management private enterprise number as assigned by IANA (D-Link is 171). The fifth octet is 03 to indicate the rest is the MAC address of this device. The sixth to eleventh octets is the MAC address.
Page 50: Cpu Filter L3 Control Packet Settings
VRRP, or All). Click Apply when finished. Single IP Management Simply put, D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the “Single IP Management” feature: SIM can simplify management of small workgroups or wiring closets while scaling the network to handle increased bandwidth demand.
Page 51 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide • All switches in a particular SIM group must be in the same IP subnet (broadcast domain). Members of a SIM group cannot cross a router.
Page 52: Single Ip Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The Commander Switch (CS) now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction. This feature is accomplished through the use of Discover packets and Maintenance packets that previously set SIM members will emit after a reboot.
Page 53: Topology
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide user may join other switches to this Switch, over Ethernet, to be part of its SIM group. Choosing this option will also enable the Switch to be configured for SIM.
Page 54 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide If no device is configured by the name, it will be given the name default and tagged with the last six digits of the MAC Address to identify it.
Page 55: Tool Tips
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Layer 3 member switch Member switch of other group Layer 2 candidate switch Layer 3 candidate switch Unknown device Non-SIM devices Tool Tips In the Topology view window, the mouse plays an important role in configuration and in viewing device information. Setting the mouse cursor over a specific device in the topology window (tool tip) will display the same information about a specific device as the Tree view does.
Page 56: Group Icon
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 51. Port Speed Utilizing the Tool Tip Right-Click Right-clicking on a device will allow the user to perform various functions, depending on the role of the Switch in the SIM group and the icon associated with it.
Page 57: Commander Switch Icon
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 2 - 53. Property window Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user.
Page 58: Member Switch Icon
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Member Switch Icon Figure 2 - 55. Right-Clicking a Member icon The following options may appear for the user to configure: • Collapse – To collapse the group that will be represented by a single icon.
Page 59: Menu Bar
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Menu Bar The Single IP Management window contains a menu bar for device configurations, as seen below. Figure 2 - 58. Menu Bar of the Topology View The five menus on the menu bar are as follows.
Page 60: Firmware Upgrade
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Firmware Upgrade The Commander Switch may be used for firmware upgrades of member switches. Member Switches will be listed in the table and will be specified by Port (port on the CS where the MS resides), MAC Address, Model Name and Version. To specify a certain Switch for firmware download, click its corresponding check box under the Port heading.
Page 61: Sd Card Fs Settings (Dgs-3200-24 Only)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide SD Card FS Settings (DGS-3200-24 Only) Users can plug an SD flash card into a front slot on the DGS-3200-24 (DGS-3200-10 and DGS-3200-16 do not support this feature).
Page 62: Sd Card Management (Dgs-3200-24 Only)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click this button to format the new SD Flash card. Copy to Click this button to copy a file to another location. Move to Click this button to move a file to another location.
Page 63 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameter may be configured: Parameter Description File Name The filename of the configuration on file system. Increment If this option is specified, the current configuration will not be reset before executing the configuration.
Page 64: L2 Features
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 3 L2 Features VLAN Layer 2 Protocol Tunneling Settings Egress Filter Settings L2 Multicast Control Multicast Filtering Port Mirroring Spanning Tree Link Aggregation Forwarding & Filtering...
Page 65 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network.
Page 66: Q Vlan Tags
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 1. IEEE 802.1Q Packet Forwarding 802.1Q VLAN Tags The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their presence is indicated by a value of 0x8100 in the EtherType field.
Page 67: Port Vlan Id
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The EtherType and VLAN ID are inserted after the MAC source address, but before the original EtherType/Length or Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated.
Page 68: Ingress Filtering
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide intact. Other 802.1Q compliant devices on the network to make packet-forwarding decisions can then use the VLAN information in the tag. Ports with untagging enabled will strip the 802.1Q tag from all packets that flow into and out of those ports. If the packet doesn’t have an 802.1Q VLAN tag, the port will not alter the packet.
Page 69: Vlan Segmentation
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide VLAN Segmentation Take for example a packet that is transmitted by a machine on Port 1 that is a member of VLAN 2. If the destination lies on another port (found through a normal forwarding table lookup), the Switch then looks to see if the other port (Port 10) is a member of VLAN 2 (and can therefore receive VLAN 2 packets).
Page 70 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 5. Add/Edit VLAN tab of the 802.1Q VLAN window The following fields can then be set in the Add/Edit VLAN tab: Parameter Description...
Page 71 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 6. Find VLAN tab of the 802.1Q VLAN window To create a VLAN Batch entry click the VLAN Batch Settings tab, as shown below.
Page 72: 802.1V Protocol Vlan
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Untagged Specifies the port as 802.1Q untagged. Use the drop-down menu to designate the port as untagged. Forbidden Specifies the port as not being a member of the VLAN and that the port is forbidden from becoming a member of the VLAN dynamically.
Page 73: 802.1V Protocol Vlan Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide bit (2-octet) hex value. For IEEE802.3 LLC, this is the 2-octet IEEE 802.2 Link Service Access Point (LSAP) pair. The first octet is for Destination Service Access Point (DSAP) and the second octet is for Source.
Page 74: Gvrp Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Search Port List This function allows the user to search all previously configured port list settings and display them on the lower half of the table.
Page 75: Mac-Based Vlan Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Ingress Checking This drop-down menu allows the user to enable the port to compare the VID tag of an incoming packet with the PVID number assigned to the port. If the two are different, the port filters (drops) the packet.
Page 76 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 12. Private VLAN domain The ports in a private VLAN can be one of the following three types: Port Type Description Promiscuous A promiscuous port is a port that is a member of a primary VLAN that can communicate with all interfaces, including ports that have been configured as community and isolated ports on secondary VLANs that are associated with the primary VLAN.
Page 77 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 13. Private VLAN Settings window The following parameters can be configured: Parameter Description VLAN Name Click the radio button and enter the name of the private VLAN.
Page 78: Pvid Auto Assign Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Community- A Community VLAN is a secondary VLAN that is associated with a group of ports that connects to a certain "community" of end devices with mutual trust relationships.
Page 79: Voice Vlan Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Priority Specify the priority of the voice VLAN. Aging Time (1-65535) Specify the aging time between 1 and 65535 minutes. Log State Use the drop-down menu to enable the voice VLAN log state.
Page 80: Voice Vlan Oui Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide forward them to port’s PVID VLAN. • When the port is working in auto untagged mode, and the port captures a voice device through the device’s OUI, it will join the voice VLAN as an untagged member automatically.
Page 81: Voice Vlan Lldp-Med Voice Device
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 19. Voice VLAN Device window Voice VLAN LLDP-MED Voice Device This window is used to show the voice devices being discovered by the LLDP-MED.
Page 82: Browse Vlan
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Parameter Description VLAN Trunk Global Use the radio buttons to Enable or Disable the VLAN trunking global state. State Ports The ports to be configured. Click Apply to implement the changes made.
Page 83: Egress Filter Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide From Port / To Port Use the drop-down menus to select a range of ports to be configured. Type Specify the type of the ports. UNI - Specify the ports as UNI ports.
Page 84: Igmp Snooping
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide IGMP Snooping Internet Group Management Protocol (IGMP) snooping allows the Switch to recognize IGMP queries and reports sent between network stations or devices and an IGMP host. When enabled for IGMP snooping, the Switch can open or close a port to a specific device based on IGMP messages passing through the Switch.
Page 85 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 26. IGMP Snooping Parameters Settings window The following parameters can be configured: Parameter Description Query Interval (1-65535) This parameter specifies the length of time between sending IGMP Queries.
Page 86: Igmp Snooping Rate Limit Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 27. IGMP Snooping Router Port Settings window The following parameters can be configured: Parameter Description Static Router Port This section is used to designate a range of ports as being connected to multicast-enabled routers.
Page 87: Igmp Snooping Static Group Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Rate Limit (1-1000) Enter the IGMP snooping rate limit used. By selecting the No Limit check box, the rate limit for the entered port(s) will be ignored.
Page 88: Igmp Router Port
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide IGMP Router Port This window is used to display which of the Switch’s ports are currently configured as router ports. A router port configured by a user (using the console or Web-based management interfaces) is displayed as a static router port, designated by S.
Page 89: Igmp Snooping Forwarding Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide IGMP Snooping Forwarding Table This page displays the switch’s current IGMP snooping forwarding table. It provides an easy way for user to check the list of ports that the multicast group comes from and specific sources that it will be forwarded to.
Page 90: Igmp Host Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Port List Specify the port number(s) used to find a multicast group. Click the Find button to locate a specific entry based on the information entered. Click View All to see all the entries. Click the Packet Statistics link to view the IGMP Snooping Counter Table.
Page 91: Mld Snooping
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Click View All to see all the entries. MLD Snooping MLD Snooping Settings Multicast Listener Discovery (MLD) Snooping is an IPv6 function used similarly to IGMP snooping in IPv4.
Page 92 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Parameter Description MLD Snooping State Click the radio button to enable or disable the MLD snooping state. Max Learned Entry Value (1- Specify the maximum number of groups that can be learned by the data driven 256) mechanism.
Page 93 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Last Member Query Interval This parameter is used to set the maximum amount of time between group-specific (1-25) query messages, including messages that have been sent in response to leave group messages.
Page 94: Mld Snooping Rate Limit Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide enabled routers. This ensures that the forbidden router port will not propagate routing packets out. Dynamic Router Port Displays router ports that have been dynamically configured.
Page 95: Mld Router Port
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 41. MLD Snooping Static Group Settings window The following parameters can be configured: Parameter Description VLAN Name The VLAN name of the multicast group.
Page 96: Mld Snooping Group
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide MLD Snooping Group This window is used to display MLD Snooping Groups present on the Switch. MLD Snooping is an IPv6 function comparable to IGMP Snooping for IPv4.
Page 97: Mld Snooping Counter
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide VID List The ID of the VLAN for which you want to view MLD snooping forwarding table information. Click the Find button to locate a specific entry based on the information entered. Click View All to see all the entries.
Page 98: Mld Host Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 47. Browse MLD Snooping Counter window Click the Clear Counter button to clear all the information displayed in the fields. Click the Refresh button to refresh the display table so that new information will appear.
Page 99: Igmp Snooping Multicast Vlan Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameters can be configured: Parameter Description Profile Name Enter a name for the IP Multicast Profile. Click the Add button to add a new entry. Click the Find button to locate a specific entry based on the information entered. Click the Delete All button to remove all the entries listed.
Page 100 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide VLAN Name Enter the VLAN Name used. VID (2-4094) Enter the VID used. Click the Apply button to accept the changes made for each individual section. Click the Add button to add a new entry based on the information entered.
Page 101: Multicast Filtering
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameters can be configured: Parameter Description Profile Name Use the drop-down menu to select the IGMP Snooping Multicast VLAN Group Profile name. Click the Add button to add a new entry based on the information entered. Click the Delete button to remove the specific entry.
Page 102: Ipv4 Limited Multicast Range Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 55. Multicast Address Group List Settings window The following parameters can be configured: Parameter Description Multicast Address List Enter the multicast address list.
Page 103: Ipv4 Max Multicast Group Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide IPv4 Max Multicast Group Settings Users can configure the ports and VLANs on the switch that will be a part of the maximum filter group, up to a maximum of 1024.
Page 104: Port Mirroring
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide multicast packet that requires forwarding to a port in the specified VLAN. • Forward Unregistered Groups – This will instruct the Switch to forward a multicast packet whose destination is an unregistered multicast group residing within the range of ports specified above.
Page 105: Spanning Tree
MSTP. 802.1D-1998 STP will be familiar to most networking professionals. However, since 802.1D-2004 RSTP and 802.1Q- 2005 MSTP have been recently introduced to D-Link managed Ethernet switches, a brief introduction to the technology is provided below followed by a description of how to set up 802.1D-1998 STP, 802.1D-2004 RSTP, and 802.1Q-2005 MSTP.
Page 106: Port Transition States
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Port Transition States An essential difference between the three protocols is in the way ports transition to a forwarding state and in the way this transition relates to the role of the port (forwarding or not forwarding) in the topology. MSTP and RSTP combine the transition states disabled, blocking and listening used in 802.1D-1998 and creates a single state Discarding.
Page 107: Stp Bridge Global Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide STP Bridge Global Settings Use the STP Status radio buttons to enable or disable STP globally, and use the STP Version drop-down menu to choose the STP method.
Page 108: Stp Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide NOTE: The Bridge Hello Time cannot be longer than the Bridge Max Age. Otherwise, a configuration error will occur. Observe the following formulas when setting the above parameters: Bridge Max Age <= 2 x (Bridge Forward Delay - 1 second)
Page 109 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 63. STP Port Settings window It is advisable to define an STP Group to correspond to a VLAN group of ports. The following parameters can be configured:...
Page 110: Mst Configuration Identification
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Forward BPDU Use the drop-down menu to enable or disable the flooding of BPDU packets when STP is disabled. Edge Choosing the True parameter designates the port as an edge port. Edge ports cannot create loops, however an edge port can lose edge port status if a topology change creates a poten- tial for a loop.
Page 111: Stp Instance Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide STP Instance Settings This window displays MSTIs currently set on the Switch and allows users to change the Priority of the MSTIs. To view the following window, click L2 Features > Spanning Tree > STP Instance Settings: Figure 3 - 65.
Page 112: Link Aggregation
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Internal cost represents a quicker transmission. Selecting 0 (zero) for this parameter will set the quickest route automatically and optimally for an interface. Priority Enter a value between 0 and 240 to set the priority for the port interface. A higher priority will designate the interface to forward packets first.
Page 113 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 68. Example of Typical Port Trunk Group The Switch treats all ports in a trunk group as a single port. Data transmitted to a specific host (destination address) will always be transmitted over the same port in a trunk group.
Page 114 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The (optional) Gigabit ports can only belong to a single link aggregation group. All of the ports in the group must be members of the same VLAN, and their STP status, static multicast, traffic control; traffic segmentation and 802.1p default priority configurations must be identical.
Page 115: Lacp Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide LACP Port Settings In conjunction with the Trunking window, users can create port trunking groups on the Switch. Using the following window, the user may set which ports will be active and passive in processing and sending LACP control frames.
Page 116: Multicast Forwarding
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 71. Unicast Forwarding window To add an entry to the Static Unicast Forwarding Table, define the following parameters. To modify an entry on the Static Unicast Forwarding Table, click the Edit button corresponding to the entry.
Page 117: Lldp
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click Apply to implement the changes made. Click Clear All to remove all the information entered. Click All to select all ports. LLDP LLDP LLDP Global Settings This window is used to configure the LLDP global settings.
Page 118: Lldp Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Interval (5-3600) receiver(s) when an LLDP change is detected in an advertisement received on the port from an LLDP neighbor. To set the LLDP Notification Interval, enter a value between 5 and 3600 seconds.
Page 119: Lldp Management Address List
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Address Enter the IP address that will be sent. Click Apply to implement the changes made. LLDP Management Address List This window is used to view the LLDP management address list.
Page 120: Lldp Dot1 Tlvs Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 76. LLDP Basic TLVs Settings window The following parameters can be configured: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be configured.
Page 121: Lldp Dot3 Tlvs Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 77. LLDP Dot1 TLVs Settings window The following parameters can be configured: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be configured.
Page 122: Lldp Statistics System
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 78. LLDP Dot3 TLVs Settings window The following parameters can be configured: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be configured.
Page 123: Lldp Local Port Information
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 79. LLDP Statistics System window Select a Port number from the drop-down menu and click the Find button to view statistics for a certain port.
Page 124: Lldp Remote Port Information
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 81. LLDP Local Port Information – Show Normal window Select a Port number and click the Find button to locate a specific entry. To view the brief LLDP Local Port information page per port, click the Show Brief button.
Page 125: Lldp-Med
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 84. LLDP Local Port Information – Show Normal window Click the <<Back button to return to the previous page. LLDP-MED LLDP-MED System Settings This window is used to configure the LLDP-MED log state and the fast start repeat count, and display the LLDP-MED system information.
Page 126: Lldp-Med Local Port Information
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 3 - 86. LLDP-MED Port Settings window The following parameters can be configured: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be configured.
Page 127: Lldp-Med Remote Port Information
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Select a Port number and click the Find button to locate a specific entry. LLDP-MED Remote Port Information This window displays the information learned from the neighbor parameters.
Page 128 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameters can be configured: Parameter Description VLAN Name Click the radio button and enter the VLAN name of the NLB multicast FDB entry to be created.
Page 129: L3 Features
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 4 L3 Features IPv4 Static/Default Router Settings IPv4 Route Table IPv6 Interface Settings IPv6 Route Settings IPv6 Neighbor Settings IPv4 Static/Default Route Settings The Switch supports static routing for IPv4 formatted addressing. Users can create up to 512 static route entries for IPv4. For IPv4 static routes, once a static route has been set, the Switch will send an ARP request packet to the next hop router that has been set by the user.
Page 130: Ipv6 Interface Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 4 - 2. IPv4 Route Settings Window Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
Page 131: Ipv6 Route Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Link Status Displays whether the IPv6 Interface is Up or Down. Member Ports Displays the port numbers that are part of the IPv6 Interface. NS Retransmit Time (0- Enter a value between 0 and 4294967295.
Page 132 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameters may be configured or viewed: Parameter Description Interface Name Enter the name of the IPv6 neighbor. To search for all the current interfaces on the Switch, go to the second Interface Name field in the middle part of the window, tick the All check box, and then click the Find button.
Page 133 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 5 Bandwidth Control Queue Bandwidth Control Settings Traffic Control 802.1p Default Priority 802.1p User Priority QoS Scheduling Mechanism QoS is an implementation of the IEEE 802.1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority, such as VoIP (voice-over Internet Protocol), web browsing applications, file server applications or video conferencing.
Page 134: Understanding Qos
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide For example, let’s say a user wishes to have a video conference between two remotely set computers. The administrator can add priority tags to the video packets being sent out, utilizing the Access Profile commands. Then, on the receiving end, the administrator instructs the Switch to examine packets for this tag, acquires the tagged packets and maps them to a class queue on the Switch.
Page 135: Bandwidth Control
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Bandwidth Control The bandwidth control settings are used to place a ceiling on the transmitting and receiving data rates for any selected port. To view the following window, click QoS > Bandwidth Control: Figure 5 - 2.
Page 136: Queue Bandwidth Control Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Queue Bandwidth Control Settings This window is used to configure queue bandwidth control settings. To view the following window, click QoS > Queue Bandwidth Control Settings: Figure 5 - 3.
Page 137 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide If a Time Interval parameter times-out for a port configured for traffic control and a packet storm continues, that port will be placed in Shutdown Forever mode, which will cause a warning message to be sent to the Trap Receiver. To utilize this method of Storm Control, choose the Shutdown option of the Action parameter in the window below.
Page 138 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide minutes. Tick the Disabled check box to disable the countdown timer. When the Action is Shutdown, Countdown is disabled, and the Switch detects a storm, it directly shuts down the port.
Page 139: P Default Priority
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide 802.1p Default Priority The Switch allows the assignment of a default 802.1p priority to each port on the Switch. To view the following window, click QoS > 802.1p Default Priority: Figure 5 - 5.
Page 140: Qos Scheduling Mechanism
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Once a priority has been assigned to the port groups on the Switch, then a Class may be assigned to each of the eight levels of 802.1p priorities using the drop-down menus on this window.
Page 141: Security
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 6 Security RADIUS IP-MAC-Port Binding (IMPB) Port Security DHCP Server Screening 802.1X Access Authentication Control MAC-based Access Control (MAC) Web-based Access Control (WAC) Japanese Web-based Access Control (JWAC)
Page 142: Radius Accounting Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 1. Authentication RADIUS Server Settings window The following parameters can be configured: Parameter Description Index Choose the desired RADIUS server to configure: 1, 2 or 3 and select either IPv4 Address or IPv6 Address.
Page 143: Radius Authentication
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 2. RADIUS Accounting Settings window The following parameters can be configured: Parameter Description Network When enabled, the Switch will send informational packets to a remote RADIUS server when 802.1X and WAC port access control events occur on the Switch.
Page 144: Radius Account Client
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide include retransmissions. AccessRetrans The number of RADIUS Access-Request packets retransmitted to this RADIUS authentication server. AccessAccepts The number of RADIUS Access-Accept packets (valid or invalid) received from this server.
Page 145: Ip-Mac-Port Binding (Impb)
The DGS-3200 Series switches offer IP-MAC-Port Binding (IMPB), a D-Link security application used most often on edge switches directly connected to network hosts. IMPB is also an integral part of D-Link’s End-to-End Security Solution (E2ES). The primary purpose of IP-MAC-Port Binding is to restrict client access to a switch by enabling administrators to configure pairs of client MAC and IP addresses that are allowed to access networks through a switch.
Page 146: Acl Mode
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Common IP Management Security Issues Currently, certain limitations and issues in IP management structures can lead to serious security problems. Auditing mechanisms, such as syslog, application log, firewall log, etc, are mainly based on client IP information. However, such log information is meaningless if the client IP address can be easily changed.
Page 147: Impb Global Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP Snooping Option If DHCP snooping is enabled, the switch learns IP-MAC pairs by snooping DHCP packets automatically and then saving them to the IP-MAC-Port Binding white list. This enables a hassle-free configuration because the administrator does not need to manually enter each IMPB entry.
Page 148: Impb Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameters can be set: Parameter Description Click the radio buttons to enable or disable the sending of trap/log messages for IP-MAC- Trap / Log port binding.
Page 149: Impb Entry Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Parameter Description From Port/To Port Select a range of ports to set for IP-MAC-port binding. IPv4 State / IPv6 State Use the drop-down menu to enable or disable these ports for IP-MAC Binding.
Page 150: Mac Block List
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide To view this window, click Security > IP-MAC-Port Binding (IMPB) > IMPB Entry Settings as shown below: Figure 6 - 8. IMPB Entry Settings window The following fields can be set or modified:...
Page 151: Dhcp Snooping
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP Snooping DHCP Snooping Maximum Entry Settings This window is used to configure the maximum DHCP snooping entry for ports on this page. To view the following window, click Security > IP-MAC-Port Binding (IMPB) > DHCP Snooping > DHCP Snooping Maximum Entry Settings: Figure 6 - 10.
Page 152: Nd Snoop
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 11. DHCP Snooping Entry window The following fields can be configured: Parameter Description Port Use the drop-down menu to select the desired port.
Page 153: Nd Snoop Entry
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following fields can be configured: Parameter Description Use the drop-down menus to select a range of ports to use. From Port / To Port Enter the maximum entry value. Tick the No Limit check box to have unlimited maximum Maximum Entry (1- number of the learned entries.
Page 154: Port Lock Entries
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 14. Port Security Settings window The following parameters can be set: Parameter Description Use the radio button to enable or disable Port Security Traps and Log Settings on the Port Security Trap/Log Switch.
Page 155: Dhcp Server Screening
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 15. Port Lock Entries window This window displays the following information: Parameter Description The VLAN ID of the entry in the forwarding database table that has been permanently learned by the Switch.
Page 156: Dhcp Offer Filtering
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 16. DHCP Screening Port Settings window The user may set the following parameters: Parameter Description From DHCP Server Enable or disable this feature.
Page 157: X (Port-Based And Host-Based Access Control)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 17. DHCP Offer Filtering window The user may set the following parameters: Parameter Description Server IP Address The IP address of the DHCP server to be filtered.
Page 158: Authentication Server
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 19. Three Roles of 802.1X The following section will explain the three roles of Client, Authenticator and Authentication Server in greater detail. Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenticator (Switch).
Page 159: Client
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 21. Authenticator Client The Client is simply the endstation that wishes to gain access to the LAN or switch services. All end stations must be running software that is compliant with the 802.1X protocol.
Page 160: Understanding 802.1X Port-Based And Host-Based Network Access Control
DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 23. 802.1X Authentication Process The D-Link implementation of 802.1X allows network administrators to choose between two types of Access Control used on the Switch, which are: Port-based Access Control –...
Page 161 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Port-based Network Access Control Figure 6 - 24. Example of Typical Port-based Configuration Once the connected device has successfully been authenticated, the Port then becomes Authorized, and all subsequent traffic on the Port is not subject to access control restriction until an event occurs that causes the Port to become Unauthorized.
Page 162: X Global Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Host-based Network Access Control Figure 6 - 25. Example of Typical Host-based Configuration In order to successfully make use of 802.1X in a shared media LAN segment, it would be necessary to create “logical” Ports, one for each attached device that required access to the LAN.
Page 163: X Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameters can be configured: Parameter Description Use the drop-down menu to enable or disable the 802.1X function. Authentication State Choose the authenticator protocol, Local or RADIUS EAP.
Page 164 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide From Port / To Port Select a range of ports you wish to configure. QuietPeriod (0-65535) This allows the user to set the number of seconds that the Switch remains in the quiet state following a failed authentication exchange with the client.
Page 165: X User Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide 802.1X User Settings Users can set different local users on the Switch. To view the following window, click Security > 802.1X > 802.1X User Settings: Figure 6 - 28. 802.1X User Settings window Enter an 802.1X user name, password, and confirmation of that password.
Page 166: Authenticator State
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Remember, to set an 802.1X guest VLAN, the user must first configure a normal VLAN, which can be enabled here for guest VLAN status. To view the following window, click Security > 802.1X > Guest VLAN Settings: Figure 6 - 30.
Page 167: Authenticator Session Statistics
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide To view the following window, click Security > 802.1X > Authenticator Statistics: Figure 6 - 32. Authenticator Statistics window The following parameter can be configured: Parameter...
Page 168: Authenticator Diagnostics
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 33. Authenticator Session Statistics window The following parameter can be configured: Parameter Description Port Use the drop-down menu to select a port. Click the Apply button to accept the changes made.
Page 169: Initialize Port-Based Port(S)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 34. Authenticator Diagnostics window The following parameter can be configured: Parameter Description Port Use the drop-down menu to select a port. Click the Apply button to accept the changes made.
Page 170: Initialize Host-Based Port(S)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Initialize Host-based Port(s) This window displays the current initialized host-based ports. This window appears when the Authentication State is enabled in 802.1X Global Settings window. To view the following window, click Security > 802.1X > Initialize Host-based Port(s): Figure 6 - 36.
Page 171: Ssl Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 38. Reauthenticate Host-based Port(s) window The following parameter can be configured: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports.
Page 172 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide To view the following window, click Security > SSL > SSL Settings: Figure 6 - 39. SSL Settings window To set up the SSL function on the Switch, configure the parameters in the SSL Settings section described below and click Apply.
Page 173: Ssl Certification Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click Apply to implement changes made. NOTE: Certain implementations concerning the function and configuration of SSL are not available on the web-based management of this Switch and need to be configured using the command line interface.
Page 174: Ssh Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide unmatched security features is an essential tool in today’s networking environment. It is a powerful guardian against numerous existing security hazards that now threaten network communications.
Page 175: Ssh Authentication Method And Algorithm Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click Apply to implement the changes. SSH Authentication Method and Algorithm Settings Users can configure the desired types of SSH algorithms used for authentication encryption. There are three categories of algorithms listed and specific algorithms of each may be enabled or disabled by ticking their corresponding check boxes.
Page 176: Ssh User Authentication List
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Block Chaining. The default is enabled. Twofish128 Use the check box to enable or disable the twofish128 encryption algorithm. The default is enabled. Twofish192 Use the check box to enable or disable the twofish192 encryption algorithm. The default is enabled.
Page 177: Access Authentication Control
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Public Key – This parameter should be chosen if the administrator wishes to use the public key on an SSH server for authentication. Host Name Enter an alphanumeric string of no more than 32 characters to identify the remote SSH user.
Page 178: Enable Admin
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide through its Authentication Server Hosts and no authentication is returned, the Switch will then go to the next technique listed in the server group for authentication, until the authentication has been verified or denied, or the list is exhausted.
Page 179: Application Authentication Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Response Timeout (0- This field will set the time the Switch will wait for a response of authentication from the 255) user. The user may set a time between 0 and 255 seconds. The default setting is 30 seconds.
Page 180 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 47. Authentication Server Group Settings window This window displays the Authentication Server Groups on the Switch. The Switch has four built-in Authentication Server Groups that cannot be removed but can be modified.
Page 181: Authentication Server Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide NOTE: The three built-in server groups can only have server hosts running the same TACACS daemon. TACACS/XTACACS/TACACS+ protocols are separate entities and are not compatible with each other.
Page 182: Login Method Lists Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide NOTE: More than one authentication protocol can be run on the same physical server host but, remember that TACACS/XTACACS/TACACS+ are separate entities and are not compatible with each other.
Page 183: Enable Method Lists Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Enable Method Lists Settings Users can set up Method Lists to promote users with user level privileges to Administrator (Admin) level privileges using authentication methods on the Switch. Once a user acquires normal user level privileges on the Switch, he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch, which is defined by the Administrator.
Page 184: Local Enable Password Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Local Enable Password Settings Users can configure the locally enabled password for Enable Admin. When a user chooses the "local_enable" method to promote user level privileges to administrator privileges, he or she will be prompted to enter the password configured here that is locally set on the Switch.
Page 185: Mac-Based Access Control Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Ports that have been enabled for Link Aggregation, Port Security, or GVRP authentication cannot be enabled for MAC-based Authentication. MAC-based Access Control Settings This window is used to configure the MAC Settings for the MAC-based Access Control function on the Switch. The user can set...
Page 186 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Parameter Description Use this drop-down menu to choose the type of authentication to be used when Method authentication MAC addresses on a given port. The user may choose between the following methods: Local –...
Page 187: Mac-Based Access Control Local Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click the Apply button in the fourth section to implement the configuration changes. MAC-based Access Control Local Settings Users can set a list of MAC addresses, along with their corresponding target VLAN, which will be authenticated for the Switch.
Page 188: Web-Based Access Control (Wac)
WAC by attempting to gain Web access. D-Link’s implementation of WAC uses a virtual IP that is exclusively used by the WAC function and is not known by any other modules of the Switch. In fact, to avoid affecting a Switch’s other features, WAC will only use a virtual IP address to communicate with hosts.
Page 189 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 56. Six Basic Steps in a Successful Web Authentication Process...
Page 190: Wac Global Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Conditions and Limitations If the client is utilizing DHCP to attain an IP address, the authentication VLAN must provide a DHCP server or a DHCP relay function so that client may obtain an IP address.
Page 191: Wac User Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide window (Security > 802.1X > Authentic RADIUS Server). Clear Redirection Path The user can enable or disable this option to clear the redirection path. he user can enable or disable this option to enable Local Authorization or not.
Page 192: Wac Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide VID (1-4094) Click the button and enter a VID in this field. Password Enter the password the administrator has chosen for the selected user. This field is case- sensitive and must be a complete alphanumeric string.
Page 193: Wac Authenticating State
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide authenticated state. Enter a value between 0 and 1440 minutes. A value of 0 indicates the authenticated host will never age out on the port. The default value is 1440 minutes (24 hours).
Page 194: Japanese Web-Based Access Control (Jwac)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 61. WAC Customize Page window Complete the WAC authentication information on this window to set the WAC page settings. Click the Apply button to implement the changes made.
Page 195 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 62. JWAC Global Settings window To set the Web authentication for the Switch, complete the following fields: Parameter Description JWAC State Use this drop-down menu to either enable or disable JWAC on the Switch.
Page 196: Jwac Port Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide (0-10) Quarantine Server or JWAC Login Page. Enter a value between 0 and 10 seconds. A value of 0 indicates no delay in the redirect. Use the drop-down menu to enable or disable RADIUS Authorization.
Page 197: Jwac User Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 63. JWAC Port Settings window The following parameters can be configured: Parameter Description Use this drop-down menu to select a range of ports to be enabled as JWAC ports.
Page 198: Jwac Authentication State
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 64. JWAC User Settings window To set the User Account settings for the JWAC by the Switch, complete the following fields and then click the Add button. To clear the current JWAC user settings in the table at the bottom of the window, click the Delete All button.
Page 199: Jwac Customize Page Language
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Click the Clear button to remove entry based on the port list entered. Click the View All Hosts button to display all the existing entries. Click the Clear All Hosts button to remove all the entries listed.
Page 200: Compound Authentication
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Complete the JWAC authentication information on this window to set the JWAC page settings. Enter a name for the Authentication in the first field and then click the Apply button. Next, enter a User Name and a Password and then click the Enter button.
Page 201 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Any (MAC, 802.1X or JWAC) Mode Figure 6 - 69. Any (MAC, 802.1X or JWAC) Mode In the diagram above the Switch port has been configured to allow clients to authenticate using 802.1X, MAC, or JWAC. When a client tries to connect to the network, the Switch will try to authenticate the client using one of these methods and if the client passes they will be granted access to the network.
Page 202 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide IMPB & WAC/JWAC Mode Figure 6 - 71. IMPB & WAC/JWAC Mode This mode adds an extra layer of security by checking the IP MAC-Binding Port Binding (IMPB) table before trying one of the supported authentication methods.
Page 203: Compound Authentication Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 72. MAC & IMPB Mode Compound Authentication Settings Users can configure Authorization Network State Settings for the Switch. To view the following window, click Security > Compound Authentication > Compound Authentication Settings:...
Page 204 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 73. Compound Authentication Settings window The following fields and settings can be viewed: Parameter Description Authorization Click the radio buttons to enable of disable the Authorization Attributes State.
Page 205: Compound Authentication Guest Vlan Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Both authentication methods need to be passed.  IMPB+WAC means WAC will be verified first, and then IMPB will be verified. Both authentication methods need to be passed.
Page 206: Igmp Access Control Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 75. Compound Authentication MAC Format Settings window The following fields may be modified to configure Guest VLANs: Parameter Description Case Use the drop-down menu to select the format for the RADIUS authentication username.
Page 207: Arp Spoofing Prevention Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 76. IGMP Acess Control Settings window To set up IGMP access control on individual ports for the Switch, complete the following fields: Parameter...
Page 208: Bpdu Attack Protection
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide NOTE: See Appendix A for more information on how to prevent ARP Spoofing attacks. BPDU Attack Protection This window is used to configure the BPDU protection function for the ports on the switch. In generally, there are two states in BPDU protection function.
Page 209: Loopback Detection Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Specify when a log entry will be sent. Options to choose from are None, Attack Detected, Log State Attack Cleared or Both. Enter the BPDU protection Auto-Recovery timer. The default value of the recovery timer is Recover Time (60- 60.
Page 210: Traffic Segmentation
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The following parameters may be viewed or modified: Parameter Description LBD State Use the drop-down menu to enable or disable loopback detection. The default is Disabled.
Page 211: Safeguard Engine Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Clicking the Apply button will enter the combination of transmitting port(s) and allowed receiving ports into the Switch’s Traffic Segmentation table. Safeguard Engine Settings Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods.
Page 212: Trusted Host Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide NOTICE: When Safeguard Engine is enabled, the Switch will allot bandwidth to various traffic flows (ARP, IP) using the FFP (Fast Filter Processor) metering table to control the CPU utilization and limit traffic.
Page 213 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 6 - 83. Trusted Host window To configure secure IP addresses for trusted host management of the Switch, type the IP address and the net mask of the station you are currently using in the two fields, as well as up to nine additional IP addresses of trusted hosts, one by one.
Page 214: Acl Configuration Wizard
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 7 ACL Configuration Wizard Access Profile List CPU Access Profile List Time Range Settings ACL Configuration Wizard In order to make access profile and rule creation significantly easier to use, an ACL wizard has been introduced in the current firmware release.
Page 215: Access Profile List
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide this rule. IPv6 – Selecting this option will allow the user to enter a range of IPv6 addresses for this rule. Select Permit to specify that the packets that match the access profile are forwarded by the Action Switch, according to any additional rule added (see below).
Page 216 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide There are four Add Access Profile windows; one for Ethernet (or MAC address-based) profile configuration, one for IPv6 address-based profile configuration, one for IPv4 address-based profile configuration, and one for packet content profile configuration.
Page 217 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Ethernet Type Selecting this option instructs the Switch to examine the Ethernet type value in each frame's header. Click Create to create the new ACL Profile.
Page 218 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide content. This will change the window according to the requirements for the type of profile. Select Ethernet ACL to instruct the Switch to examine the layer 2 part of each packet header.
Page 219 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 6. Access Profile Detail Information window for IPv4 The window shown below is the Add ACL Profile window for IPv6: Figure 7 - 7. Add ACL Profile window for IPv6...
Page 220 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide IPv6 Flow Label Ticking this check box will instruct the Switch to examine the flow label field of the IPv6 header. This flow label field is used by a source to label sequences of packets such as non- default quality of service or real time service packets.
Page 221 0 0xffffffff will match packet byte offset 126, 127, 0, 1 offset_chunk_1 0 0x0000ffff will match packet byte offset, 0,1 NOTE: Only one packet content mask profile can be created at a time. Use of the D-Link xStack switch family’s advanced Packet Content Mask (also known as Packet Content Access Control List –...
Page 222 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide To establish the rule for a previously created Access Profile: To configure the Access Rules for Ethernet, open the Access Profile List window and click Add/View Rules for an Ethernet entry.
Page 223 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch.
Page 224 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 14. Access Rule List window for IPv4 To remove a previously created rule, click the corresponding Delete Rules button. To add a new Access Rule, click the Add Rule button: Figure 7 - 15.
Page 225 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Replace Priority Tick this check box to replace the Priority value in the adjacent field. Replace DSCP (0- Select this option to instruct the Switch to replace the DSCP value (in a packet that meets the selected criteria) with the value entered in the adjacent field.
Page 226 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 18. Add Access Rule window for IPv6 The following parameters can be cconfigured: Parameter Description Access ID (1-200) Type in a unique identifier number for this access. This value can be set from 1 to 200.
Page 227 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Time Range Tick the check box and enter the name of the Time Range settings that has been previously Name configured in the Time Range Settings window. This will set specific times when this access rule will be implemented on the Switch.
Page 228 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 21. Add Access Rule window for Packet Content The following parameters can be cconfigured: Parameter Description Access ID (1- Type in a unique identifier number for this access. This value can be set from 1 to 200.
Page 229: Cpu Access Profile List
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide rate is 640kbit/sec.) The user many select a value between 1 and 15625 or tick the No Limit check box. The default setting is No Limit.
Page 230 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 23. CPU Access Profile List window This window displays the CPU Access Profile List entries created on the Switch (one CPU access profile of each type has been created for explanatory purposes).
Page 231 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 24. Add CPU ACL Profile window for Ethernet The following parameters can be cconfigured: Parameter Description Select Profile ID Use the drop-down menu to select a unique identifier number for this profile set. This value can (1-5) be set from 1 to 5.
Page 232 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide To view the settings of a previously correctly created profile, click the corresponding Show Details button on the CPU Access Profile List window to view the following window: Figure 7 - 25.
Page 233 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide 802.1Q VLAN Selecting this option instructs the Switch to examine the VLAN part of each packet header and use this as the, or part of the criterion for forwarding.
Page 234 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 28. Add CPU ACL Profile window for IPv6 The following parameters can be cconfigured: Parameter Description Select Profile ID Use the drop-down menu to select a unique identifier number for this profile set. This value can be set from 1 to 5.
Page 235 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide To view the settings of a previously correctly created profile, click the corresponding Show Details button on the CPU Access Profile List window to view the following window: Figure 7 - 29.
Page 236 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified: • 0-15 - Enter a value in hex form to mask the packet from the beginning of the packet to the 15th byte.
Page 237 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 33. Add Access Rule window for Ethernet The following parameters can be cconfigured: Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100.
Page 238 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 34. CPU Access Rule Detail Information window for Ethernet To establish the rule for a previously created CPU Access Profile: To configure the Access Rules for IP, open the CPU Access Profile List window and click Add/View Rules for an IPv4 entry.
Page 239 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100. Action Select Permit to specify that the packets that match the access rule are forwarded by the Switch, according to any additional rule added (see below).
Page 240 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 7 - 39. Add Access Rule window for IPv6 The following parameters can be cconfigured: Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100.
Page 241 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide To establish the rule for a previously created CPU Access Profile: To configure the Access Rules for IP, open the CPU Access Profile List window and click Add/View Rules for a Packet Content entry.
Page 242: Time Range Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Offset 48-63 - Enter a value in hex form to mask the packet from byte 48 to byte 63. Offset 64-79 - Enter a value in hex form to mask the packet from byte 64 to byte 79.
Page 243 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide minutes and seconds, based on the 24-hour time system. Weekdays Use the check boxes to select the corresponding days of the week that this time range is to be enabled.
Page 244: Network Application
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 8 Network Application DHCP/BOOTP Relay DHCPv6 Relay DHCP Server DHCP Local Relay Settings DHCP Auto Configuration Settings DHCP Option 12 Settings DNS Resolver PPPoE Circuit ID Insertiions Settings...
Page 245 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP/BOOTP Relay This field allows an entry between 1 and 16 to define the maximum number of router hops Hops Count Limit (1- DHCP/BOOTP messages can be forwarded. The default hop count is 4.
Page 246 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide NOTE: If the Switch receives a packet that contains the option 82 field from a DHCP client and the information-checking feature is enabled, the Switch drops the packet because it is invalid.
Page 247: Dhcp/Bootp Relay Interface Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP/BOOTP Relay Interface Settings Users can set up a server, by IP address, for relaying DHCP/BOOTP information to the Switch. The user may enter a previously configured IP interface on the Switch that will be connected directly to the DHCP/BOOTP server using this window.
Page 248: Dhcpv6 Relay Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCPv6 Relay Settings This window is used to configure the DHCPv6 relay state of one or all of the specified interfaces, and add or display a destination IPv6 address to or from the switch’s DHCPv6 relay table.
Page 249: Dhcp Server Global Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP Server Global Settings This window is used to configure the DHCP server global parameters. To view the following window, click Network Application > DHCP Server > DHCP Server Global Settings: Figure 8 - 6.
Page 250: Dhcp Server Pool Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP Server Pool Settings This window is used to add and delete the DHCP server pool. To view the following window, click Network Application > DHCP Server > DHCP Server Pool Settings: Figure 8 - 8.
Page 251: Dhcp Server Manual Binding
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide the same pool, the second command will overwrite the first command. If the boot file is not specified, the boot file information will not be provided to the client.
Page 252: Dhcp Server Dynamic Binding
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP Server Dynamic Binding This window is used to delete the DHCP server dynamic binding table. To view the following window, click Network Application > DHCP Server > DHCP Server Dynamic Binding: Figure 8 - 11.
Page 253: Dhcp Auto Configuration Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 8 - 13. DHCP Local Relay Settings window The following parameters may be configured or viewed: Parameter Description DHCP Local Enable or disable the DHCP Local Relay Global State. The default is Disabled.
Page 254: Dhcp Option 12 Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide stored in its base directory when the request is received from the Switch. Click Apply to set the DHCP Auto Configuration State. DHCP Option 12 Settings This window is used to configure DHCP Option 12 settings.
Page 255: Dns Resolver Static Name Server Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DNS Resolver Static Name Server Settings The window is used to create the DNS Resolver name server of the Switch. To view the following window, click Network Application > DNS Resolver > DNS Resolver Static Name Server Settings: Figure 8 - 17.
Page 256: Dns Resolver Dynamic Host Name Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Click the Add button to add a new entry based on the information entered. Click the Delete button to remove the specific entry. DNS Resolver Dynamic Host Name Table This window displays the current host name entries.
Page 257: Smtp Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide MAC - The MAC address of the Switch will be used to encode the circuit ID option. IP - The Switch’s IP address will be used to encode the circuit ID option. This is the default.
Page 258: Sntp Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide SNTP Settings SNTP or Simple Network Time Protocol is used by the Switch to synchronize the clock of the computer. Time Settings Users can configure the time settings for the Switch.
Page 259 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 8 - 24. Time Zone Settings window The following parameters can be set: Parameter Description Daylight Saving Time State Use this drop-down menu to enable or disable the DST Settings.
Page 260: Ping Test
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DST Annual Settings – Using annual mode will enable DST seasonal time adjustment. Annual mode requires that the DST beginning and ending date be specified concisely. For example, specify to begin DST on April 3 and end DST on October 14.
Page 261 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Size For IPv6 only, enter a value between 1 and 6000. The default is 100. Timeout For IPv4, select a timeout period between 1 and 99 seconds for this Ping message to reach its destination.
Page 262: Ethernet Oam
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 9 Ethernet OAM DULD Settings Cable Diagnostics Ethernet OAM Ethernet OAM Settings This window is used to configure the Ethernet OAM settings. To view the following window, click OAM > Ethernet OAM > Ethernet OAM Settings: Figure 9 - 1.
Page 263: Ethernet Oam Configuration Settings
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Remote Loopback Use the drop-down menu to select Ethernet OAM remote loopback. None – Select to disable the remote loopback. Start – Select to request the peer to change to the remote loopback mode.
Page 264: Ethernet Oam Event Log
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Critical Link Event Use the drop-down menu to select between Dying Gasp and Critical Event. Threshold (0- Enter the number of error frame or symbol in the period is required to be equal to or greater 4294967295) than in order for the event to be generated.
Page 265: Duld Settings
DULD Settings This window is used to configure and display D-LINK Unidirectional Link Detection (DULD) on port. It provides a mechanism that can be used to detect unidirectional link for Ethernet switches which PHYs don’t support unidirectional OAM operation. As this function is established based on OAM, OAM should be enabled before starting detection.
Page 266: Cable Diagnostics
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 9 - 5. DULD Settings window The following parameters can be configured: Parameter Description From Port / To Port Select a range of ports you wish to configure.
Page 267 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 9 - 6. Cable Diagnostics window To view the cable diagnostics for a particular port, use the drop-down menu to choose the port and click Test The information will be displayed in this window.
Page 268: Monitoring
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 10 Monitoring Device Environment (DGS-3200-16 and DGS-3200-24 only) CPU Utilization DRAM & Flash Utilization Port Utilization Packet Size Packets Errors Browse ARP Table Browse Router Port...
Page 269: Dram & Flash Utilization
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide This window is used to display the percentage of the CPU being used, expressed as an integer percentage and calculated as a simple average by time interval.
Page 270: Port Utilization
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Port Utilization Users can display the percentage of the total available bandwidth being used on the port. To view the following window, click Monitoring > Port Utilization: Figure 10 - 5.
Page 271 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 10 - 6. Packet Size window To view the Packet Size Table window, click the link View Table, which will show the following table: Figure 10 - 7. Packet Size Table window...
Page 272: Packets
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets). 65-127 The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets).
Page 273 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 10 - 8. Received (RX) window (for Bytes and Packets) To view the Received (RX) Table window, click View Table. Figure 10 - 9. Received (RX) Table window (for Bytes and Packets)
Page 274: Umb_Cast (Rx)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200. Bytes Counts the number of bytes received on the port.
Page 275: Transmitted (Tx)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 10 - 11. UMB_Cast (RX) Table window (for Unicast, Multicast, and Broadcast Packets) The following fields may be set or viewed: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 276 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 10 - 12. Transmitted (TX) window (for Bytes and Packets) To view the Transmitted (TX) Table window, click the link View Table. Figure 10 - 13. Transmitted (TX) Table window (for Bytes and Packets)
Page 277: Errors
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200. Bytes Counts the number of bytes successfully sent on the port.
Page 278 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 10 - 15. Received (RX) Table window (for errors) The following fields can be set: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 279: Transmitted (Tx)
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Transmitted (TX) To select a port to view these statistics for, select the port by using the Port drop-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
Page 280: Browse Arp Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second. Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200.
Page 281: Browse Mld Router Port
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 10 - 19. Browse Router Port window Enter a VID (VLAN ID) in the field at the top of the window and click the Find button.
Page 282: Igmp Snooping Group
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide IGMP Snooping Group Users can view the Switch’s IGMP Snooping Group Table. IGMP Snooping allows the Switch to read the Multicast Group IP address and the corresponding MAC address from IGMP packets that pass through the Switch.
Page 283: Mac Address Table
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Parameter Description VLAN Name The VLAN Name of the multicast group. VID List (e.g.: 1, 4-6) The VLAN ID list of the multicast group. Port List (e.g.: 1, 3-5) Specify the port number(s) used to find a multicast group.
Page 284: System Log
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide specific entry to the Static MAC table. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
Page 285: Save And Tools
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Section 11 Save and Tools Save Configuration Save Log Save All Download Configuration File/Download Configuration File to NV-RAM (DGS-3200-24 only) Download Configuration File to SD Card (DGS-3200-24 only)
Page 286: Save Configuration
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Save Configuration Open the Save drop-down menu on the left-hand side of the menu bar at the top of the Web manager and click Save Configuration to open the following window: Figure 11 - 1.
Page 287: Save All
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Save All Open the Save drop-down menu on the left-hand side of the menu bar at the top of the Web manager and click Save All to immediately save the current configuration file and current log.
Page 288: Download Configuration File To Sd Card
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Download Configuration File to SD Card Figure 11 - 8. Download Configuration File to SD Card window (DGS-3200-24) Use the radio button to select either IPv4 or IPv6. Enter the TFTP Server IP address for the type of IP selected. Specify the path/file name of the TFTP File.
Page 289: Upload Configuration File/Upload Configuration File To Tftp
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 11 - 11. Download Firmware to SD Card window (DGS-3200-24) Use the radio button to select either IPv4 or IPv6. Enter the TFTP Server IP address for the type of IP selected. Specify the path/file name of the TFTP File.
Page 290: Reset
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Figure 11 - 15. Upload Log File to TFTP window (DGS-3200-24) To upload a log file, enter a TFTP Server IP address and TFTP File/path name. Select either IPv4 or IPv6 and then click Upload or Upload Attack Log.
Page 291: Appendix A – Mitigating Arp Spoofing Attacks Using Packet Content Acl
LAN (known as ARP spoofing). This document is intended to introduce the ARP protocol, ARP spoofing attacks, and the countermeasures brought by D-Link’s switches to thwart ARP spoofing attacks. In the process of ARP, PC A will first issue an ARP request to query PC B’s MAC address. The network structure is shown in Figure 1.
Page 292 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide When the switch floods the frame of ARP request to the network, all PCs will receive and examine the frame but only PC B will reply the query as the destination IP matched (see Figure 3).
Page 293 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Forwarding Table Port1 00-20-5C-01-11-11 Port2 00-20-5C-01-22-22...
Page 294: How Arp Spoofing Attacks A Network
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide How ARP Spoofing Attacks a Network ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network which may allow an attacker to sniff data frames on a LAN, modify the traffic, or stop the traffic altogether (known as a Denial of Service –...
Page 295: Prevent Arp Spoofing Via Packet Content Acl
Figure 5 Prevent ARP Spoofing via Packet Content ACL D-Link managed switches can effectively mitigate common DoS attacks caused by ARP spoofing via a unique Package Content ACL. For the reason that basic ACL can only filter ARP packets based on packet type, VLAN ID, Source, and Destination MAC information, there is a need for further inspections of ARP packets.
Page 296 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide The configuration logic is as follows: Only if the ARP matches Source MAC address in Ethernet, Sender MAC address and Sender IP address in ARP protocol can pass through the switch.
Page 297 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide...
Page 298: Appendix B – Password Recovery Procedure
This document will explain how the Password Recovery feature can help network administrators reach this goal. The following steps explain how to use the Password Recovery feature on D-Link devices to easily recover passwords. Complete these steps to reset the password: For security reasons, the Password Recovery feature requires the user to physically access the device.
Page 299: Appendix C – System Log Entries
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Appendix C – System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch.
Page 300 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide console (Username: if user login by console, will no IP <username>, IP: and MAC information for logging <ipaddr>) Configuration download "by console" and "IP": <ipaddr>, Configuration was unsuccessful by MAC: <macaddr>"...
Page 301 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Configuration "by console" and "IP": <ipaddr>, successfully uploaded Configuration MAC: <macaddr>" are XOR by web (Username: successfully uploaded Informational shown in log string, which means <username>, IP:...
Page 302 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide <macaddr>) and MAC information for logging Log message "by console" and "IP": <ipaddr>, Log message successfully uploaded MAC: <macaddr>" are XOR successfully uploaded by Telnet (Username:...
Page 303 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide <ipaddr>) and MAC information for logging Port <portNum> link up, link state, for ex: , 100Mbps FULL Port link up Informational Interface <link state> duplex Port <portNum> link...
Page 304 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide <username>, IP: <ipaddr>) Successful login through Successful login Telnet (Username: Informational Telnet through Telnet <username>, IP: <ipaddr>) Login failed through Login failed through Telnet (Username: Warning Telnet <username>, IP:...
Page 305 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide <ipaddr>) Logout through SSH (Username: Logout through SSH Informational <username>, IP: <ipaddr>) SSH session timed out (Username: SSH session timed out Informational <username>, IP: <ipaddr>) SSH server is enabled...
Page 306 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Successful login through Successful login Telnet from <userIP> through Telnet authenticated by AAA Informational authenticated by AAA local method local method (Username: <username>) Login failed through Telnet from <userIP>...
Page 307 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Successful login through Successful login Console authenticated through Console There are no IP and MAC if login by AAA server Informational authenticated by AAA by console.
Page 308 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Successful login through Successful login Telnet from <userIP> through Telnet authenticated by AAA Informational authenticated by AAA server <serverIP> server (Username: <username>) Login failed through Telnet from <userIP>...
Page 309 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide (Username: <username>) Enable Admin failed Enable Admin failed through SSH from through SSH <userIP> authenticated Warning authenticated by AAA by AAA local_enable local_enable method method (Username: <username>)
Page 310 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Enable Admin failed Enable Admin failed through Console due to through Console due AAA server timeout or to AAA server Warning improper configuration timeout or improper...
Page 311 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Enable Admin failed Enable Admin failed through Telnet from through Telnet <userIP> authenticated Warning authenticated by AAA by AAA server server <serverIP> (Username: <username>) Enable Admin failed...
Page 312 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide <portNum>) Dynamic IMPB entry is Dynamic IMPB entry conflict with static ARP is conflict with static (IP: <ipaddr>, MAC: Warning <macaddr>, Port <portNum>) Dynamic IMPB entry is...
Page 313 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide cleared cleared Port <portNum> Multicast storm Multicast storm is Warning occurrence occurring Port <portNum> Multicast storm Multicast storm has Informational cleared cleared Port <portNum> is Port shut down due to...
Page 314 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide to the port and this Username: The user that is being port will be the authenticated. VLAN untagged port member. Ingress bandwidth Parameters description: assigned from...
Page 315 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide DHCP server IP DHCP server(IP: address <ipaddr>, Port: <portNum>) MAC-AC login successful (MAC: MAC-based Login OK <macaddr>, port: Informational Access Control <portNum>, VID: <vlanID>) MAC-AC login rejected (MAC: <macaddr>,...
Page 316 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Port security violation mac addrss %s on PortSecurity Address full on a port Warning locking address full port Port <port> enter BPDU BPDU attack under protection state...
Page 317 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide server was deleted. was deleted. Backup <type>:<filename> at SD Card Backup failure Warnning time <time-range> Managemnet failure. Backup <type>:<filename> Backupsuccess Informational success at time <time- range>.
Page 318: Appendix D – Trap Logs
® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide Appendix D – Trap Logs This table lists the trap logs found on the DGS-3200 Series Switches. Log Entry Description FirmwareUpgrade This trap is sent when the process of 1.3.6.1.4.1.171.12.1.7.2.0.7...
Page 319 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide swPktStormDisablePort The trap is sent when the port is disabled 1.3.6.1.4.1.171.12.25.5.0.3 by the packet storm mechanism. swIpMacBindingViolationTrap When the IP-MAC Binding trap is 1.3.6.1.4.1.171.12.23.5.0.1 enabled, if there's a new MAC that violates the pre-defined port security configuration, a trap will be sent out.
Page 320 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide swSingleIPMSTopologyChange notification to the indicated host when its member generates a topology change notification. A coldStart trap signifies that the 1.3.6.1.6.3.1.1.5.1 coldStart sending protocol entity is reinitializing...
Page 321 ® xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide fan fails (DGS-3200-16/24) The FanRecover trap indicates that the 1.3.6.1.4.1.171.12.11.2.2.3.0.2 FanRecover failed fan is recovered. (DGS-3200-16/24) This trap is sent when there is an IP 1.3.6.1.4.1.171.12.1.7.2.0.5 address conflict.

This manual is also suitable for:

Xstack dgs-3200 series

D-Link xStack Reference Manual

Web-Based Switch Configuration

Configuration

L2 Features

L3 Features

Qos

Security

Acl

Network Application

Quick Links

Related Manuals for D-Link xStack

Summary of Contents for D-Link xStack