Dahua D-PFS4226-24ET-240 Web Operation Manual
  1. Manuals
  2. Brands
  3. Dahua Manuals
  4. Switch
  5. D-PFS4226-24ET-240
  6. Web operation manual

Dahua D-PFS4226-24ET-240 Web Operation Manual

Poe switch 16/24-port managed desktop switch
Hide thumbs Also See for D-PFS4226-24ET-240:
Table of Contents

Advertisement

Quick Links

PoE Switch (16/24-Port Managed Desktop
Switch)
Web Operation Manual
V1.0.1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the D-PFS4226-24ET-240 and is the answer not in the manual?

Questions and answers

Related Manuals for Dahua D-PFS4226-24ET-240

Summary of Contents for Dahua D-PFS4226-24ET-240

  • Page 1 PoE Switch (16/24-Port Managed Desktop Switch) Web Operation Manual V1.0.1...

  • Page 2: Foreword

    Foreword General This manual introduces operations on web page of the 16&24-port managed desktop switch (hereinafter referred to as "the Switch"). Read carefully before using the device, and keep the manual safe for future reference. Safety Instructions The following categorized signal words with defined meaning might appear in the manual. Signal Words Meaning Indicates a high potential hazard which, if not avoided, will result in...
  • Page 3 Privacy Protection Notice As the device user or data controller, you might collect the personal data of others such as their face, fingerprints, and license plate number. You need to be in compliance with your local privacy protection laws and regulations to protect the legitimate rights and interests of other people by implementing measures which include but are not limited: Providing clear and visible identification to inform people of the existence of the surveillance area and provide required contact information.

  • Page 4: Important Safeguards And Warnings

    Important Safeguards and Warnings This section introduces content covering the proper handling of the device, hazard prevention, and prevention of property damage. Read carefully before using the device, comply with the guidelines when using it. Operating Requirements ● Make sure that the power supply of the device works properly before use. ●...
  • Page 5 ● Do not block the ventilator of the device with objects, such as newspapers, table clothes or curtains. ● Do not put open flames, such as a lit candle, on the device. ● When installing the device, make sure the power plug and appliance coupler are easy to reach to cut off the power.

  • Page 6: Table Of Contents

    Table of Contents Foreword ........................................I Important Safeguards and Warnings ............................III 1 Login ........................................... 1 2 Device Information ....................................2 3 Configuring System ..................................... 3 3.1 Configuring System Info ................................ 3 3.1.1 Viewing System Info ..............................3 3.1.2 Configuring Current Time ............................4 3.1.3 Viewing CPU Usage ................................
  • Page 7 5.2.6 Example of Configuring VLAN ..........................24 5.3 Link Aggregation ..................................24 5.3.1 Static Aggregation Mode ............................25 5.3.2 LACP Mode ..................................26 5.4 Security ......................................27 5.4.1 MAC Address List ................................27 5.4.2 Binding Port MAC ................................. 28 5.4.3 Filtering Port MAC ................................ 29 5.5 Configuring SNMP ...................................

  • Page 8: Login

    1 Login Prerequisites ● The main program file running on the Switch must support web access. ● The IP address of the computer and the Switch must be on the same network segment. Procedure Step 1 Enter the IP address of the Switch (192.168.1.110 by default) in the address bar and press the Enter key.

  • Page 9: Device Information

    2 Device Information You can view the information on the Switch. Figure 2-1 Web management Table 1-1 Description of the web page Function Description ● Device Info: View information on the Switch. ● System Info: Configure the Switch by accessing System Navigation bar Config, Port Management, Device Management and PoE.

  • Page 10: Configuring System

    3 System Configuration 3.1 Configuring System Information This section introduces operations of viewing system information, configuring system time, and viewing CPU usage. Select System Config > System Info, and then you will see the options in the menu. Figure 2-1 System configuration Information 3.1.1 Viewing System You can view information on the Switch model, MAC address and software version.

  • Page 11: Configuring Current Time

    3.1.2 Configuring Current Time You can view and configure the current time and time zone of the Switch. Select System Config > System Info > Current Time on the System Info page. Step 1 Step 2 Configure the Switch time. There are two ways to configure the time. ●...

  • Page 12: Upgrading Software

    Figure 2-5 Network configuration Step 2 Configure parameters. Table 2-1 Description of the network configuration Parameter Description Select the mode for the Switch to obtain IP. ● Static: Manually configure the IP Address, Subnet mask and Default Gateway. After clicking Save, you will automatically be redirected to Mode the login page of the new IP address.

  • Page 13: Changing Password

    Procedure Step 1 Select System Config > Software Upgrade on the System Info page. Figure 2-6 Upgrading software Step 2 Click Browse... to choose the upgrade file. Step 3 Click Upgrade. 3.4 Changing Password You can change the user login password in the Password Change tab. The username is admin by default, which cannot be changed.

  • Page 14: Restarting The System

    Click Default to restore the Switch to its default settings. Step 2 Figure 2-8 Restore to default 3.6 Restarting the System The Switch can be restarted. Make sure to save the configurations before restarting the Switch, otherwise all the configurations will be lost. You need to log in to the web page again after the Switch restarts.

  • Page 15: Viewing Legal Information

    Figure 2-10 Log information 3.8 Viewing Legal Information You can view the software license agreement, privacy policy and open source software notice. Step 1 Select System Config > Legal Info on the System Info page. Step 2 View related legal information.

  • Page 16: Port Management

    4 Port Management 4.1 Configuring Port Port configuration can be used to configure basic parameters which are related to switch port. The port parameters will directly affect the working mode of the port. Make configurations according to the practical requirements. Select Port Management >...

  • Page 17: Configuring Port Mirroring

    Parameter Description Configure the modes of the port speed duplex. ● Ethernet port. ◇ Auto (default): Auto negotiation mode. ◇ 10 M FULL: 10 M full duplex. ◇ 10 M HALF: 10 M half duplex. ◇ 100 M FULL: 100 M full duplex. ◇...

  • Page 18: Configuring Port Statistics

    Figure 3-2 Configure port mirroring Table 3-2 Description of parameters Parameter Description Select mirrored packets. ● Disable (default): Disable the monitor function. Monitored Packets ● Egress: Monitor output packets. ● Ingress: Monitor input packets. ● Ingress & Egress: Monitor input/output packets. The Port that is used to monitor.

  • Page 19: Configuring Port Speed Limit

    Figure 3-3 Configure port statistics Step 2 Select Counter Mode Selection, including Transmit Packet & Receive Packet, Collision Packet & Transmit Packet, Drop Packet & Receive Packet and CRC (Cyclic Redundancy Check) Error Packet & Receive Packet, and then view the results. If there are too many error packets from the port, the working status of the port is very poor.

  • Page 20: Configuring Broadcast Storm Control

    Figure 3-4 Port speed limit Table 3-3 Description of the port speed limit parameter Name Note Port Displays port list. Set port outbound rate. The value ranges from 0 through 63 Mbps. The Tx Rate default setup is 0, which means there is no speed limit. Set port inbound rate.

  • Page 21: Long Distance Transmission

    Select ports that need to be configured, and then select Enable to configure all-port Step 3 broadcast storm control function. You need to configure all the ports in case there might be malfunctions, and the Switch cannot properly transmit the data. Figure 3-5 Configure broadcast storm control Step 4 Click Save.

  • Page 22: Port Isolation

    Figure 3-6 Configure long distance Step 3 Click Save. 4.7 Port Isolation Port isolation is to achieve layer 2 isolation between messages. You only need to add the port to the isolation group to isolate the layer 2 data between the ports in the isolation group. The port isolation function provides users a safer and more flexible networking solution.
  • Page 23 Figure 3-7 Configure port isolation Step 4 Select checkbox under Enable to select one or more ports to be isolated. Step 5 Click Save below the port list.

  • Page 24: Device Management

    5 Device Management 5.1 Ring Network 5.1.1 STP Definition The protocol message adopted by STP is BPDU (Bridge Protocol Data Unit), which is also called configuration information. BPDU contains enough information to ensure the calculation process of spanning tree. STP can confirm network topological structure by transmitting BPDU among devices. BPDU format and field description can realize the functions of spanning tree.

  • Page 25: Configuring Stp Port

    page. Figure 4-2 STP bridge settings Step 2 Configure parameters. Table 4-1 Description of the STP bridge settings Parameter Description Enable or disable ring network function. ● When STP is enabled, the Switch cannot be managed through STP Mode iLinksView. ●...

  • Page 26: Configuring Vlan

    Figure 4-3 Configure STP port Step 2 Configure parameters. Table 4-2 Description of parameters Parameter Description Port No. Select the port you want to configure. Configure the port priority. The value ranges from 0 to 240, and must be the Priority integral multiple of 16.

  • Page 27: Port-Based Vlan

    5.2.3 Port-based VLAN The messages of the switch include tag and untag messages. Figure 4-4 Tag position Untag is the general Ethernet message. The network adapter of the general PC can recognize the message to communicate. The VLAN tag head refers to the 4bytes VLAN information after the source MAC address and the destination address.

  • Page 28: Configuring Vlan List

    Port For messages without For messages with Tag For message to be sent Type ● When VLAN ID is the same as the default VLAN ID, and it is on the accepted list, remove the tag and ● Put the default VLAN send out the ID, when the default Trunk...

  • Page 29: Configuring Port Vlan

    Figure 4-5 Enable VLAN Step 4 Click Add, and then configure VLAN ID and Description in the Add window. Figure 4-6 Add VLAN Step 5 Click Save. Related Operations ● Add VLAN member: On the Port VLAN Configuration page, after configuring VLAN related to port, the added VLAN member can be displayed.
  • Page 30 Figure 4-8 Configure port VLAN Step 2 Configure parameters. Table 4-4 Description of parameters Parameters Description Port Displays all ports of the Switch. Port Type Configure the port type, including three types: Access, Trunk and Hybrid. Add port to VLAN, all ports belong to VLAN 1 by default. The range is from Default VLAN 1 through 4094.

  • Page 31: Example Of Configuring Vlan

    5.2.6 Example of Configuring VLAN Background Information Configuration requirements: PC1 and PC4 belong to one department, and PC2 and PC3 belong to one department. Only PCs in the same department can communicate. Hardware connection: PC1 connects to port 1 of switch A, and it belongs to VLAN2. PC2 connects to port 2 of switch A, and it belongs to VLAN3.

  • Page 32: Static Aggregation Mode

    that belong to the same aggregation group can be considered as a logical link with bigger bandwidth. Link aggregation can realize sharing responsibility of communication flow among each member port in the aggregation group, which is to increase bandwidth. Meanwhile, mutual dynamic backup can be realized among each member port in the same aggregation group, which is to improve the link reliability.

  • Page 33: Lacp Mode

    Select State as Enable, and then select Type as Static. Step 6 Figure 4-11 Link aggregation Step 7 Click Submit. 5.3.2 LACP Mode Background Information LACP (Link Aggregation Control Protocol) is used to realize link dynamic convergence and convergence separation which is based on IEEE 802.3ad standard. The both parties of convergence devices converge the matched links together, receive and send data through LACPDU message interacting convergence information.

  • Page 34: Security

    Parameters Description Configure operation Key. Members in the same aggregation group need to configure the same operation Key, ranging from 1 through 65535. Operation Key Operation Key is the basis of negotiation, and only ports with the same operation key can negotiate to form a convergence link. Time Out Long Timeout is selected by default, and can be selected as Short Timeout.

  • Page 35: Binding Port Mac

    no item matching the message destination MAC address, the Switch adopts the broadcast mode to forward the message through the corresponding VLAN (except the input port). Step 1 Select Device Management > Security > MAC Address Table on the System Info page. Step 2 View MAC address list.

  • Page 36: Filtering Port Mac

    Figure 4-14 Bind port MAC Related Operations Unbind: In the list of bound switches, click Unbind to delete the bound switch. 5.4.3 Filtering Port MAC The function is used to restrict the allowed MAC message under port, which can prevent counterfeit attack.

  • Page 37: Configuring Snmp

    Figure 4-15 Filter port MAC Step 3 Click Add, and then enter the MAC address that needs to be filtered in Add MAC Allowlist window. Step 4 Click Save. 5.5 Configuring SNMP SNMP network includes two elements: NMS and Agent. ●...

  • Page 38: Configuring Snmp

    the encryption function can enhance the security level between the NMS and the Agent. Make sure that the NMS and the Agent are using the same SNMP version, otherwise the NMS and Agent connection might fail. 5.5.2 Configuring SNMP Step 1 Select Device Management >...

  • Page 39: Example Of Snmpv1/V2 Configuration

    5.5.3 Example of SNMPv1/v2 Configuration Background Information NMS is connected with the Switch, and the following requirements needs to be completed. ● NMS monitors and manages the Switch through SNMP v1 or SNMP v2. ● The Switch can actively send Trap messages to the NMS when an error occurs. Figure 4-18 Example of SNMP v1/v2 configuration Procedure Step 1...
  • Page 40 and the authentication password is admin123. ● The SNMP message among the NMS and the Agent must be encrypted, the encryption mode is DES56, and the encryption password is admin123. Figure 4-20 Example of SNMPv3 configuration Procedure Step 1 Select Device Management > SNMP Settings on the System Info page. Step 2 Select SNMP Version as SNMP v3.

  • Page 41: 802.1X

    Step 6 Click Save. 5.6 802.1x IEEE 802.1x is the authentication standard designated by IEEE about user accessing network, and is a type of network access control protocol based on port. Therefore, the exact 802.1x authentication function must be configured on the device port, and for the user device which is accessed through the port can have control on the access on network source through authentication.

  • Page 42: 802.1X Authentication Controlled/Uncontrolled Port

    device in the LAN. The Client must be installed with client software which supports 802.1x authentication. ● Switch is the network device that controls client access in the LAN, which is located between the Client and Authentication server. The Switch provides LAN access port for customers (physical port or logical port), and implements authentication upon the connected Client through interaction with the server.

  • Page 43: Configuring Nas

    authentication. It will send the message again if the Switch fails to receive the Client response within the set duration. 5.6.4 Configuring NAS By configuring the authorization status of the port, you can control whether users connected to the port need to be authenticated to access network resources. Step 1 Select Device Management >...

  • Page 44: Configuring Radius

    Figure 4-23 Configure NAS Table 4-8 Description of admin state State Description The port is always in the authorized status, and users are allowed to Force Authorized access network resources without authentication. The port is always in an unauthorized status, and users are not allowed to authenticate.

  • Page 45: Igmp Snooping

    Figure 4-24 Radius configuration Click Add New Server, enter server address, authorized port and key in the pop-up Step 3 window. Figure 4-25 Add new server Step 4 Click Save. 5.7 IGMP Snooping IGMP Snooping (Internet Group Management Protocol Snooping) is operated on the layer two device.

  • Page 46: Configuring Igmp Snooping

    receivers. IGMP Snooping can only forward the information to the needed receivers through layer two multicast with the following advantages: ● Reduce broadcast message in the layer two network, and save network bandwidth; ● Enhance security of multicast information; ● Bring convenience for realizing individual billing for each host. 5.7.2 Configuring IGMP Snooping Step 1 Select Device Management >...
  • Page 47 certificate again. ● If you use HTTPS for the first time after replacing your computer, you need to download root certificate again. Step 1 Select the checkbox next to the HTTPS, from Device Management > HTTPS on the System Info page. Step 2 Select HTTPS, and then click Save.
  • Page 48 Figure 4-29 Create Server (1) Step 5 Click Create. After the creation is successful, the prompt Create Succeed displays. Figure 4-30 Create Server (2) Click Download Root. Step 7 Step 8 Open the downloaded root certificate file, and then click Run on the Security Warning dialog box that pops up.
  • Page 49 Click Install Certificate. Step 9 Figure 4-32 Certificate Step 10 Click Next. Figure 4-33 Certificate import wizard Step 11 Select Automatically select the certificate store base on the type of certificate, and then click Next.
  • Page 50 Figure 4-34 Store certificate Step 12 Click Finish. Figure 4-35 Complete the certificate import wizard...

  • Page 51: Poe

    6 PoE 6.1 Configuring PoE Power Background Information Power over Ethernet (PoE) means the device is remotely powered up through the Ethernet port and connected to the PD (Powered Device) with the twisted pair cable. The PoE function realizes the centralized power supply and easy backup.
  • Page 52 Part Description The device that receives power from the PSE. It includes IP phone, wireless AP, portable recharger, POS, network camera and other devices. When the PD receives power from the PoE device, it can connect to other power supply to back up the power. Procedure Step 1 Select PoE >...

  • Page 53: Viewing Poe Event Statistics

    Parameters Description Displays the power supply level to the terminal devices. The power supply level ranges from 0 through Level Power 8, and the Hi-PoE power supply standard level is Port status displayed as 5+. and control Displays the current PoE power consumed by the Consumed Power corresponding single port.

  • Page 54: Configuring Green Poe

    Table 5-3 Description of parameters Name Description Single port boot up power current has exceeded the current Overload threshold. When powering chip sends power to the port, it becomes short- Short Circuit Limit circuit. DC Disconnect Single port power is off. Startup Short Circuit The power is short-circuit when the powering chip sends out power.

  • Page 55: Configuring Legacy Support

    Click Save. Step 4 6.4 Configuring Legacy Support If the legacy support of a port is enabled, the port will provide power compulsorily no matter whether the connected PD device conforms to the standard or not. Be cautious with the function. Step 1 Select PoE >...
  • Page 56 Figure 5-6 Configure PD alive Step 3 Click Save.

  • Page 57: Appendix Cybersecurity Recommendations

    Appendix Cybersecurity Recommendations Mandatory actions to be taken for basic device network security: 1. Use Strong Passwords Please refer to the following suggestions to set passwords: ● The length should not be less than 8 characters. ● Include at least two types of characters; character types include upper and lower case letters, numbers and symbols.
  • Page 58 reducing the risk of ARP spoofing. 8. Assign Accounts and Privileges Reasonably According to business and management requirements, reasonably add users and assign a minimum set of permissions to them. 9. Disable Unnecessary Services and Choose Secure Modes If not needed, it is recommended to turn off some services such as SNMP, SMTP, UPnP, etc., to reduce risks.

Table of Contents

Save PDF