Page 2 Reproduction of this document in any manner whatsoever without the written permission of D-Link Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
Page 3: Table Of Contents
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Table of Contents Intended Readers ................................1 Typographical Conventions ............................. 1 Notes, Notices and Cautions............................1 Chapter 1 Web-based Switch Configuration ....................... 2 Introduction ..................................2 Login to the Web Manager .............................. 2 Web-based User Interface ..............................
Page 4 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Firmware Upgrade ..............................43 Configuration File Backup/Restore ..........................43 Upload Log File ................................. 44 SNMP Settings ................................44 SNMP Global Settings ............................... 45 SNMP Traps Settings ..............................46 SNMP Linkchange Traps Settings ..........................46 SNMP View Table Settings ............................
Page 5 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MAC Address Aging Time Settings ........................... 90 MAC Address Table ..............................91 ARP & FDB Table ..............................91 L2 Multicast Control ..............................92 IGMP Snooping ................................. 92 MLD Snooping ................................. 101 Multicast VLAN ................................
Page 6 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 802.1X ..................................184 802.1X Global Settings ............................187 802.1X Port Settings ..............................188 802.1X User Settings ............................... 189 Guest VLAN Settings ............................... 190 Authenticator State ..............................191 Authenticator Statistics ............................191 Authenticator Session Statistics ..........................
Page 7 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Authentication Policy Settings ..........................230 Application Authentication Settings ......................... 231 Authentication Server Group Settings ........................231 Authentication Server Settings ..........................233 Login Method Lists Settings ............................ 234 Enable Method Lists Settings ..........................235 Local Enable Password Settings ..........................
Page 8 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 11 Monitoring ............................281 Utilization ..................................281 CPU Utilization ................................ 281 DRAM & Flash Utilization ............................281 Port Utilization ................................. 282 Statistics ..................................282 Port Statistics ................................283 Packet Size ................................
Page 9: Intended Readers
General Precautions for Rack-Mountable Products Protecting Against Electrostatic Discharge The DGS-3000 Series Web UI Reference Guide contains information for setup and management of the Switch. This manual is intended for network managers familiar with network management concepts and terminology. Typographical Conventions...
Page 10: Chapter 1 Web-Based Switch Configuration
Web Pages Introduction Most software functions of the DGS-3000 Series switches can be managed, configured and monitored via the embedded web-based (HTML) interface. Manage the Switch from remote stations anywhere on the network through a standard browser. The browser acts as a universal access tool and can communicate directly with the Switch using the HTTP protocol.
Page 11: Web-Based User Interface
Select the menu or window to display. Open folders and click the hyperlinked menu buttons Area 1 and subfolders contained within them to display menus. Click the D-Link logo to go to the D- Link website. Presents a graphical near real-time image of the front panel of the Switch. This area displays the Switch's ports, console and management port, showing port activity.
Page 12: Web Pages
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Web Pages When connecting to the management mode of the Switch with a web browser, a login screen is displayed. Enter a user name and password to access the Switch's management mode.
Page 13: Chapter 2 System Configuration
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 2 System Configuration Device Information System Information Settings Port Configuration Serial Port Settings Warning Temperature Settings System Log configuration Time Range Settings Time Settings User Accounts Settings Command Logging Settings Device Information This window contains the main settings for all the major functions for the Switch.
Page 14: Port Configuration
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-2 System Information Settings window The fields that can be configured are described below: Parameter Description System Name Enter a system name for the Switch, if so desired. This name will identify it in the Switch network.
Page 15: Ddm Temperature Threshold Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-3 DDM Settings window The fields that can be configured are described below: Parameter Description Trap State Specify whether to send the trap, when the operating parameter exceeds the alarm or warning threshold.
Page 16: Ddm Voltage Threshold Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-4 DDM Temperature Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
Page 17: Ddm Bias Current Threshold Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-5 DDM Voltage Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
Page 18: Ddm Tx Power Threshold Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-6 DDM Bias Current Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
Page 19: Ddm Rx Power Threshold Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-7 DDM TX Power Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
Page 20 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-8 DDM RX Power Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
Page 21: Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-9 DDM Status Table window Port Settings This page used to configure the details of the switch ports. To view the following window, click System Configuration > Port Configuration > Port Settings, as show below:...
Page 22 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-10 Port Settings window To configure switch ports: 1. Choose the port or sequential range of ports using the From Port and To Port drop-down menus. 2. Use the remaining drop-down menus to configure the parameters described below:...
Page 23: Port Description Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide the two physical layers. The timing control is set on a master physical layer by a local source. The slave setting (1000M Full_Slave) uses loop timing, where the timing comes from a data stream received from the master.
Page 24: Port Error Disabled
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-11 Port Description Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the appropriate port range used for the configuration here.
Page 25: Jumbo Frame Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port State Describe the current running state of the port, whether enabled or disabled. Connection Status Display the uplink status of the individual ports, whether enabled or disabled. Reason Describe the reason why the port has been error-disabled, such as it has become a shutdown port for storm control.
Page 26: Eee Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be displayed are described below: Parameter Description Port Display the port number. Type Display the port media type. EEE Settings Energy Efficient Ethernet (EEE) is defined in IEEE 802.3az. It is designed to reduce the energy consumption of a link when no packets are being sent.
Page 27: Warning Temperature Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-16 Serial Port Settings window The fields that can be configured or displayed are described below: Parameter Description Baud Rate Specify the baud rate for the serial port on the Switch. There are four possible baud rates to choose from, 9600, 19200, 38400 and 115200.
Page 28: System Log Configuration
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide System Log Configuration System Log Settings The Switch allows users to choose a method for which to save the switch log to the flash memory of the Switch. To view the following window, click System Configuration > System Log Configuration > System Log Settings,...
Page 29: System Log
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Severity Use the drop-down menu to select the higher level of messages that will be sent. All messages which level is higher than selecting level will be sent. The options are Emergency (0), Alert (1), Critical (2), Error (3), Warning (4), Notice (5), Informational (6) and Debug (7).
Page 30: System Log & Trap Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Clear Log button to clear the entries from the log in the display section. Click the Clear Attack Log button to clear the entries from the attack log in the display section.
Page 31: Time Range Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description System Severity Choose how the alerts are used from the drop-down menu. Select Log to send the alert of the Severity Type configured to the Switch’s log for analysis. Choose Trap to send it to an SNMP agent for analysis, or select All to send the chosen alert type to an SNMP agent and the Switch’s log for analysis.
Page 32: User Accounts Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-24 Time Settings window The fields that can be configured are described below: Parameter Description Date (DD / MM / YYYY) Enter the current day, month, and year to update the system clock.
Page 33: Command Logging Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide User Name Enter a new user name for the Switch. Password Enter a new password for the Switch. Confirm Password Re-type in a new password for the Switch. Access Right Specify the access right for this user.
Page 34: Chapter 3 Management
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 3 Management Gratuitous ARP IPv6 Neighbor Settings IP Interface Management Settings Session Table Single IP Management SNMP Settings Telnet Settings Web Settings Power Saving Static ARP Settings The Address Resolution Protocol is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify, and delete ARP information for specific devices.
Page 35: Gratuitous Arp
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view the following window, click Management > ARP > ARP Table, as show below: Figure 3-2 ARP Table window The fields that can be configured are described below:...
Page 36: Gratuitous Arp Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide case, the system knows that somebody out there uses an IP address that is conflict with the system. In order to reclaim the correct host of this IP address, the system can send out the gratuitous ARP request packets for this duplicate IP address.
Page 37: Ip Interface
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-5 IPv6 Neighbor Settings window The fields that can be configured are described below: Parameter Description Interface Name Enter the interface name of the IPv6 neighbor. Neighbor IPv6 Address Enter the neighbor IPv6 address.
Page 38 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view the following window, click Management > IP Interface > System IP Address Settings, as show below: Figure 3-6 System IP Address Settings window The fields that can be configured are described below:...
Page 39: Interface Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Switch to be accessible outside your local network, you can leave this field unchanged. Click the Apply button to accept the changes made. Interface Settings Users can display the Switch’s current IP interface settings.
Page 40 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made. Click the <<Back button to discard the changes made and return to the previous page. Click the IPv4 Edit button to see the following window.
Page 41: Management Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description Interface Name Display the IPv6 interface name. IPv6 State Use the drop-down menu to enable or disable IPv6 State. Interface Admin State Use the drop-down menu to enable or disable the Interface Admin State.
Page 42: Session Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-12 Management Settings window The fields that can be configured are described below: Parameter Description CLI Paging State Command Line Interface paging stops each page at the end of the console. This allows you to stop the scrolling of multiple pages of text beyond the limits of the console.
Page 43: Single Ip Management
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Single IP Management D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the “Single IP Management” feature: 1.
Page 44: Single Ip Settings
6. The CaS can be configured through the CS to become a MS. After configuring one switch to operate as the CS of a SIM group, additional DGS-3000 Series switches may join the group by manually configuring the Switch to be a MS. The CS will then serve as the in band entry point for access to the MS.
Page 45: Topology
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-14 Single IP Settings window The fields that can be configured are described below: Parameter Description SIM State Use the drop-down menu to either enable or disable the SIM state on the Switch. Disabled will render all SIM functions on the Switch inoperable.
Page 46 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-15 Single IP Management window - Tree View The Topology window holds the following information on the Data tab: Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user.
Page 47 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-16 Topology view This window will display how the devices within the Single IP Management Group connect to other groups and devices. Possible icons on this window are as follows:...
Page 48 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-17 Device Information Utilizing the Tool Tip Setting the mouse cursor over a line between two devices will display the connection speed between the two devices, as shown below.
Page 49 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-19 Right-Clicking a Group Icon The following options may appear for the user to configure: • Collapse – To collapse the group that will be represented by a single icon.
Page 50 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Member Switch Icon Figure 3-22 Right-clicking a Member icon The following options may appear for the user to configure: • Collapse – To collapse the group that will be represented by a single icon.
Page 51: Firmware Upgrade
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Group 1. Add to group – Add a candidate to a group. Clicking this option will reveal the following dialog box for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group.
Page 52: Upload Log File
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide configuration file, enter the Server IP Address where the file resides and enter the Path/Filename of the configuration file. Click Restore to initiate the file transfer from a TFTP server to the Switch. Click Backup to backup the configuration file to a TFTP server.
Page 53: Snmp Global Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide SNMPv3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager.
Page 54: Snmp Traps Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made. SNMP Traps Settings Users can enable and disable the SNMP trap support function of the switch and SNMP authentication failure trap support, respectively.
Page 55: Snmp View Table Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-33 SNMP Linkchange Traps Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use.
Page 56: Snmp Community Table Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description View Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP view being created.
Page 57: Snmp Group Table Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide SNMP Group Table Settings An SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous window. To view the following window, click Management > SNMP Settings > SNMP Group Table Settings, as show...
Page 58: Snmp User Table Settings
SNMP management private enterprise number as assigned by IANA (D-Link is 171). The fifth octet is 03 to indicate the rest is the MAC address of this device. The sixth to eleventh octets is the MAC address.
Page 59: Snmp Host Table Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide SHA – Specify that the HMAC-SHA authentication protocol will be used. This field is only operable when V3 is selected in the SNMP Version field and the Encryption field has been checked.
Page 60: Rmon Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 3-40 SNMP v6Host Table Settings The fields that can be configured are described below: Parameter Description Host IPv6 Address Type the IPv6 address of the remote management station that will serve as the SNMP host for the Switch.
Page 61: Telnet Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Telnet Settings Users can configure Telnet Settings on the Switch. To view the following window, click Management > Telnet Settings, as show below: Figure 3-42 Telnet Settings window The fields that can be configured are described below:...
Page 62: Power Saving Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-44 LED State Settings window The fields that can be configured are described below: Parameter Description LED State Click the radio buttons to enable or disable the port LED state.
Page 63: Power Saving Led Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Time Range Name Specify the name of the schedule. Click the Apply button to accept the changes made for each individual section. Click the Clear Time Range to remove all the entries.
Page 64: Chapter 4 L2 Features
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 4 L2 Features VLAN QinQ Layer 2 Protocol Tunneling Settings Spanning Tree Link Aggregation L2 Multicast Control Multicast Filtering ERPS Settings LLDP NLB FDB Settings VLAN Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic...
Page 65 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network.
Page 66 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The main characteristics of IEEE 802.1Q are as follows: • Assigns packets to VLANs by filtering. • Assumes the presence of a single global spanning tree. • Uses an explicit tagging scheme with one-level tagging.
Page 67 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-3 Adding an IEEE 802.1Q Tag Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLANs to span network devices (and indeed, the entire network, if all network devices are 802.1Q compliant).
Page 68 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN information intact. Other 802.1Q compliant devices on the network to make packet-forwarding decisions can then use the VLAN information in the tag.
Page 69: 802.1Q Vlan Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide On port-based VLANs, NICs do not need to be able to identify 802.1Q tags in packet headers. NICs send and receive normal Ethernet packets. If the packet’s destination lies on the same segment, communications take place using normal Ethernet protocols.
Page 70 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-5 802.1Q VLAN Settings – Add/Edit VLAN Tab window The fields that can be configured are described below: Parameter Description Allow the entry of a VLAN ID or displays the VLAN ID of an existing VLAN in the Add/Edit VLAN tab.
Page 71 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-6 802.1Q VLAN Settings – Find VLAN Tab window Enter the VLAN ID number in the field offered and then click the Find button. You will be redirected to the VLAN List tab.
Page 72: 802.1V Protocol Vlan
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide the port as forbidden. Click the Apply button to accept the changes made. NOTE: The Switch supports up to 4k static VLAN entries. 802.1v Protocol VLAN 802.1v Protocol Group Settings The user can create Protocol VLAN groups and add protocols to that group.
Page 73: V Protocol Vlan Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NOTE: The Group name value should be less than 33 characters. 802.1v Protocol VLAN Settings The user can configure Protocol VLAN settings. The lower half of the table displays any previously created settings.
Page 74: Gvrp
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete All button to remove all the entries listed. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry.
Page 75: Mac-Based Vlan Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-11 GVRP Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use.
Page 76: Private Vlan Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-12 MAC-based VLAN Settings The fields that can be configured are described below: Parameter Description MAC Address Specify the MAC address. VID (1-4094) Select this option and enter the VLAN ID.
Page 77 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-13 Private VLAN Settings window The fields that can be configured are described below: Parameter Description VLAN Name Enter a VLAN name. VID (2-4094) Enter a VID value.
Page 78: Pvid Auto Assign Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide PVID Auto Assign Settings Users can enable or disable PVID Auto Assign Status. The default setting is enabled. To view the following window, click L2 Features > VLAN > PVID Auto Assign Settings, as show below: Figure 4-15 PVID Auto Assign Settings window Click the Apply button to accept the changes made.
Page 79: Voice Vlan Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide reset and stop. Log State Used to enable or disable sending of issue of voice VLAN log. Click the Apply button to accept the changes made for each individual section.
Page 80: Voice Vlan Device
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-18 Voice VLAN OUI Settings window The fields that can be configured are described below: Parameter Description OUI Address User defined OUI MAC address. Mask User defined OUI MAC address mask.
Page 81: Vlan Trunk Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide VLAN Trunk Settings Enable VLAN on a port to allow frames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without having to configure the same VLAN groups on intermediary devices.
Page 82: Show Vlan Ports
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-23 Browse VLAN window Click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
Page 83 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Double VLANs are basically VLAN tags placed within existing IEEE 802.1Q VLANs which we will call SPVIDs (Service Provider VLAN IDs). These VLANs are marked by a TPID (Tagged Protocol ID), configured in hex form to be encapsulated within the VLAN tag of the packet.
Page 84: Qinq Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 5. The switch cannot have both double and normal VLANs co-existing. Once the change of VLAN is made, all Access Control lists are cleared and must be reconfigured. 6. Once Double VLANs are enabled, GVRP must be disabled.
Page 85: Vlan Translation Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Outer TPID Enter an Outer TPID in SP-VLAN tag here. Add Inner Tag Specifies that an Inner Tag will be added to the entry. By default the Disabled option is selected.
Page 86: Spanning Tree
802.1Q-2005 MSTP. 802.1D-1998 STP will be familiar to most networking professionals. However, since 802.1D-2004 RSTP and 802.1Q-2005 MSTP have been recently introduced to D-Link managed Ethernet switches, a brief introduction to the technology is provided below followed by a description of how to set up 802.1D-1998 STP, 802.1D-2004 RSTP, and 802.1Q-2005 MSTP.
Page 87 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide established regions on the network, continuing to allow simple and full processing of frames, regardless of administrative errors in defining VLANs and their respective spanning trees. Each switch utilizing the MSTP on a network will have a single MSTP configuration that will have the following three attributes: 1.
Page 88: Stp Bridge Global Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide RSTP is capable of a more rapid transition to a forwarding state - it no longer relies on timer configurations - RSTP compliant bridges are sensitive to feedback from other RSTP compliant bridge links. Ports do not need to wait for the topology to stabilize before transitioning to a forwarding state.
Page 89: Stp Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide STP State Use the radio button to globally enable or disable STP. STP Version Use the drop-down menu to choose the desired version of STP: STP - Select this parameter to set the Spanning Tree Protocol (STP) globally on the switch.
Page 90 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-30 STP Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to be configured.
Page 91: Mst Configuration Identification
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Choosing the False parameter indicates that the port does not have edge port status. Alternatively, the Auto option is available. Restricted Role Use the drop-down menu to toggle Restricted Role between True and False. If set to True, the port will never be selected to be the Root port.
Page 92: Mstp Port Information
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-32STP Instance Settings window The fields that can be configured are described below: Parameter Description MSTI ID Enter the MSTI ID in this field. An entry of 0 denotes the CIST (default MSTI).
Page 93: Link Aggregation
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Priority Enter a value between 0 and 240 to set the priority for the port interface. A higher priority will designate the interface to forward packets first. A lower number denotes a higher priority.
Page 94: Port Trunking Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide and 802.1X must not be enabled on the trunk group. Further, the LACP aggregated links must all be of the same speed and should be configured as full duplex.
Page 95: Lacp Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made. Click the Clear All button to clear out all the information entered. Click the Add button to add a new entry based on the information entered.
Page 96: Fdb
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Static FDB Settings Unicast Static FDB Settings Users can set up static unicast forwarding on the Switch. To view the following window, click L2 Features > FDB > Static FDB Settings > Unicast Static FDB Settings, as...
Page 97: Mac Notification Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-38 Multicast Static FDB Settings window The fields that can be configured are described below: Parameter Description The VLAN ID of the VLAN the corresponding MAC address belongs to.
Page 98: Mac Address Aging Time Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-39 MAC Notification Settings window The fields that can be configured are described below: Parameter Description State Enable or disable MAC notification globally on the Switch Interval (1-2147483647) The time in seconds between notifications.
Page 99: Mac Address Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide is allowed to remain idle). To change this option, type in a different value representing the MAC address’ age-out time in seconds. The MAC Address Aging Time can be set to any value between 10 and 1000000 seconds. The default setting is 300 seconds.
Page 100: L2 Multicast Control
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-42 ARP & FDB Table window The fields that can be configured are described below: Parameter Description Port Select the port number to use for this configuration. MAC Address Enter the MAC address to use for this configuration.
Page 101 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-43 IGMP Snooping Settings window The fields that can be configured are described below: Parameter Description IGMP Snooping State Click to enable or disable the IGMP Snooping state.
Page 102 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Expiry Time (1-65535) Proxy Reporting Source Enter the source IP of proxy reporting integrated report. Proxy Reporting State Use the drop-down menu to enable or disable the proxy reporting. If enabled, multiple IGMP reports or leave for a specific (S, G) will be integrated into one report only before sending to the router port.
Page 103: Igmp Snooping Rate Limit Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide propagate routing packets out. Dynamic Router Port Displays router ports that have been dynamically configured. Ports Select the appropriate ports individually to include them in the Router Port configuration.
Page 104: Igmp Router Port
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-47 IGMP Snooping Static Group Settings window The fields that can be configured are described below: Parameter Description VLAN Name Enter the VLAN name of the multicast group.
Page 105: Igmp Snooping Group
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-49 IGMP Router Port window The fields that can be configured are described below: Parameter Description Enter the VLAN ID of the multicast group. Click the Find button to locate a specific entry based on the information entered.
Page 106: Igmp Snooping Forwarding Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Clear Data Driven button to delete the specific IGMP snooping group which is learned by the Data Driven feature of the specified VLAN. Click the View All button to display all the existing entries.
Page 107: Igmp Host Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port List The Port List of the multicast group. Click the Find button to locate a specific entry based on the information entered. Click the View All button to display all the existing entries.
Page 108: Cpu Filter L3 Control Packet Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide VID List Enter the VLAN ID or the list of VLAN IDs. Port List Enter the port or the list of ports. Group Address Enter the group address. Click the Find button to locate a specific entry based on the information entered.
Page 109: Mld Snooping
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MLD Snooping Multicast Listener Discovery (MLD) Snooping is an IPv6 function used similarly to IGMP snooping in IPv4. It is used to discover ports on a VLAN that are requesting multicast data. Instead of flooding all ports on a selected VLAN with multicast traffic, MLD snooping will only forward multicast data to ports that wish to receive this data through the use of queries and reports produced by the requesting ports and the source of the multicast traffic.
Page 110: Mld Snooping Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MLD Snooping Settings Users can configure the settings for MLD snooping. To view the following window, click L2 Features > L2 Multicast Control > MLD Snooping > MLD Snooping...
Page 111 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Group listener interval - Amount of time that must pass before a multicast router decides there are no more listeners of a group on a network. Other Querier present interval - Amount of time that must pass before a multicast router decides that there is no longer another multicast router that is the Querier.
Page 112: Mld Snooping Rate Limit Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Static Router Port This section is used to designate a range of ports as being connected to multicast- enabled routers. This will ensure that all packets with such a router as its destination will reach the multicast-enabled router regardless of the protocol.
Page 113: Mld Router Port
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-60 MLD Snooping Static Group Settings window The fields that can be configured are described below: Parameter Description VLAN Name The name of the VLAN on which the static group resides.
Page 114: Mld Snooping Group
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-62 MLD Router Port window Parameter Description Enter a VLAN ID. Click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
Page 115: Mld Snooping Forwarding Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MLD Snooping Forwarding Table This page displays the switch’s current MLD snooping forwarding table. It provides an easy way for user to check the list of ports that the multicast group comes from and specific sources that it will be forwarded to. The packet comes from the source VLAN.
Page 116: Mld Host Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the View All button to display all the existing entries. Click the Packet Statistics link to view the MLD Snooping Counter Settings for the specific entry. After clicking the...
Page 117: Multicast Vlan
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Click the View All button to display all the existing entries. Multicast VLAN In a switching environment, multiple VLANs may exist. Every time a multicast query passes through the Switch, the switch must forward separate different copies of the data to each VLAN on the system, which, in turn, increases data traffic and may clog up the traffic path.
Page 118: Igmp Snooping Multicast Vlan Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete All button to remove all the entries listed. Click the View All button to display all the existing entries. Click the Group List link to configure the Multicast Group Profile Address Settings for the specific entry.
Page 119 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide is None. Replace Priority Specify that the packet’s priority will be changed by the switch, based on the remap priority. This flag will only take effect when the remap priority is set.
Page 120: Multicast Filtering
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made. Click the <<Back button to discard the changes made and return to the previous page. After clicking the Profile List...
Page 121: Ipv4 Limited Multicast Range Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Click the Delete All button to remove all the entries listed. Click the Group List link to configure the multicast address group list settings for the specific entry.
Page 122: Ipv6 Multicast Filtering
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Name Permit or Deny access to them. Click the Apply button to accept the changes made. Click the Add button to add a new entry based on the information entered.
Page 123: Ipv6 Limited Multicast Range Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-77 IPv6 Multicast Profile Settings window The fields that can be configured are described below: Parameter Description Profile ID (1-24) Enter a Profile ID between 1 and 24.
Page 124: Ipv6 Max Multicast Group Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-79 IPv6 Limited Multicast Range Settings window The fields that can be configured are described below: Parameter Description Ports / VID List Select the appropriate port(s) or VLAN IDs used for the configuration here.
Page 125: Multicast Filtering Mode
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
Page 126 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide RPL Owner – Node connected to RPL that blocks traffic on RPL during Idle state and unblocks during Protected state R-APS (Ring – Automatic Protection Switching) - Protocol messages defined in Y.1731 and G.8032 used to coordinate the protection actions over the ring through RAPS VLAN (R-APS Channel).
Page 127 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-83 ERPS Settings - Detail Information window Click on the Edit button to re-configure the specific entry. Click on the <<Back button to return to the ERPS settings page.
Page 128: Lldp
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Operational East Port Display the operational east port value. Admin RPL Port Specify the RPL port used. Options to choose from are West Port, East Port, and None. Operational RPL Port Display the operational RPL port value.
Page 129: Lldp Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide LLDP Forward When LLDP is disabled this function controls the LLDP packet forwarding message Message based on individual ports. If LLDP is enabled on a port it will flood the LLDP packet to all ports that have the same port VLAN and will advertise to other stations attached to the same IEEE 802 LAN.
Page 130: Lldp Management Address List
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the ports used for this configuration. Notification Use the drop-down menu to enable or disable the status of the LLDP notification.
Page 131: Lldp Dot1 Tlvs Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide advertisements. The mandatory data type includes four basic types of information (end of LLDPDU TLV, chassis ID TLV, port ID TLV, and Time to Live TLV). The mandatory data types cannot be disabled. There are also four data types which can be optionally selected.
Page 132: Lldp Dot3 Tlvs Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-89 LLDP Dot1 TLVs Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration.
Page 133: Lldp Statistic System
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-90 LLDP Dot3 TLVs Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration.
Page 134: Lldp Local Port Information
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-91 LLDP Statistics System window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select a port. Click the Find button to locate a specific entry based on the information entered.
Page 135: Lldp Remote Port Information
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-93 LLDP Local Port Information – Show Normal window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select a port.
Page 136: Lldp-Med
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide After clicking the Show Normal button, the following page will appear: Figure 4-96 LLDP Remote Port Information – Show Normal window Click the <<Back button to return to the previous page.
Page 137 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-98 LLDP-MED Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the port range to use for this configuration.
Page 138 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-99 LLDP-MED Local Port Information window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select a port. Click the Find button to locate a specific entry based on the information entered.
Page 139: Nlb Fdb Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NLB FDB Settings The Switch supports Network Load Balancing (NLB). This is a MAC forwarding control for supporting the Microsoft server load balancing application where multiple servers can share the same IP address and MAC address. The requests from clients will be forwarded to all servers, but will only be processed by one of them.
Page 140: Chapter 5 L3 Features
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 5 L3 Features IPv4 Static/Default Route Settings IPv4 Route Table IPv6 Static/Default Route Settings IPv4 Static/Default Route Settings The Switch supports static default routing for IPv4 formatted addressing. Users can create a gateway for IPv4.
Page 141: Ipv6 Static/Default Route Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 5-2 IPv4 Route Table window The fields that can be configured are described below: Parameter Description Network Address Click the radio button and enter the destination network address of the route to be displayed.
Page 142: Chapter 6 Qos
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 6 802.1p Settings Bandwidth Control Traffic Control Settings DSCP Scheduling Settings The Switch supports 802.1p priority queuing Quality of Service. The following section discusses the implementation of QoS (Quality of Service) and benefits of using 802.1p priority queuing.
Page 143: 802.1P Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Understanding QoS The Switch supports 802.1p priority queuing. The Switch has eight priority queues. These priority queues are numbered from 7 (Class 7) — the highest priority queue — to 0 (Class 0) — the lowest priority queue. The eight priority tags specified in IEEE 802.1p (p0 to p7) are mapped to the Switch’s priority queues as follows:...
Page 144: 802.1P User Priority Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 6-2 Default Priority Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use.
Page 145: 802.1P Map Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 802.1p Map Settings This window is used to the mapping of 802.1p to the packet’s initial color. To view the following window, click QoS > 802.1p Settings > 802.1p Map Settings, as show below: Figure 6-4 802.1p Map Settings window...
Page 146 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 6-5 Bandwidth Control Settings window The fields that can be configured or displayed are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration.
Page 147: Queue Bandwidth Control Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Queue Bandwidth Control Settings To view this window, click QoS > Bandwidth Control > Queue Bandwidth Control Settings, as shown below. To view the following window, click QoS > Bandwidth Control > Queue Bandwidth Control Settings, as show...
Page 148 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide affect the overall performance of the switch network. To help rectify this packet storm, the Switch will monitor and control the situation. Packet storms are monitored to determine if too many packets are flooding the network based on threshold levels provided by the user.
Page 149 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide drop packets until the issue is resolved. Shutdown – Utilizes the Switch’s software Traffic Control mechanism to determine the Packet Storm occurring. Once detected, the port will deny all incoming traffic to the port except STP BPDU packets, which are essential in keeping the Spanning Tree operational on the Switch.
Page 150: Dscp
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NOTE: Ports that are in Shutdown Forever mode will be seen as link down in all windows and screens until the user recovers these ports. NOTE: The minimum granularity of storm control on each port is 1pps.
Page 151 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The DSCP-to-DSCP mapping is used in the swap of DSCP of the packet when the packet is ingresses to the port. The remaining processing of the packet will base on the new DSCP. By default, the DSCP is mapped to the same DSCP.
Page 152: Scheduling Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 6-11 DSCP Map Settings - DSCP Color window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select a range of port to configure.
Page 153: Qos Scheduling Mechanism
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click QoS > Scheduling Settings > QoS Scheduling as shown below: Figure 6-12 QoS Scheduling window The following parameters can be configured: Parameter Description From Port / To Port Enter the port or port list you wish to configure.
Page 154 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 6-13 QoS Scheduling Mechanism The following parameters can be configured: Parameter Description From Port / To Port Enter the port or port list you wish to configure. Scheduling Mechanism Strict –...
Page 155: Chapter 7 Acl
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 7 ACL Configuration Wizard Access Profile List CPU Access Profile List ACL Finder ACL Flow Meter ACL Configuration Wizard The ACL Configuration Wizard will aid the user in the creation of access profiles and ACL Rules automatically by simply inputting the address or service type and the action needed.
Page 156: Access Profile List
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide IPv4 Address – Selecting this option will allow the user to enter a range of IPv4 addresses for this rule. IPv6 – Selecting this option will allow the user to enter a range of IPv6 addresses for this rule.
Page 157: Add An Ethernet Acl Profile
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete All button to remove all access profiles from this table. Click the Show Details button to display the information of the specific profile ID entry. Click the Add/View Rules button to view or add ACL rules within the specified profile ID.
Page 158 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide packet content. This will change the window according to the requirements for the type of profile. Select Ethernet ACL to instruct the Switch to examine the layer 2 part of each packet header.
Page 159 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-6 Add Access Rule window (Ethernet ACL) The fields that can be configured are described below: Parameter Description Access ID (1-256) Type in a unique identifier number for this access. This value can be set from 1 to 256.
Page 160: Adding An Ipv4 Acl Profile
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch.
Page 161 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-8 Add ACL Profile window (IPv4 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-512) Enter a unique identifier number for this profile set. This value can be set from 1 to 512.
Page 162 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide the following guidelines: Select ICMP to instruct the Switch to examine the Internet Control Message Protocol (ICMP) field in each frame's header. Select Type to further specify that the access profile will apply an ICMP type value, or specify Code to further specify that the access profile will apply an ICMP code value.
Page 163 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-10 Access Rule List window (IPv4 ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <<Back button to return to the previous page.
Page 164 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Destination IP Enter the destination IP address. Address Destination IP Select and enter the destination IP address mask. Address Mask DSCP Enter the DSCP value. Protocol Selecting this option instructs the Switch to examine the protocol type value in each frame's header.
Page 165: Adding An Ipv6 Acl Profile
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide defined in the config mirror port command. Port Mirroring must be enabled and a target port must be set. Priority (0-7) Tick the corresponding check box if you want to re-write the 802.1p default priority of a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue.
Page 166 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-13 Add ACL Profile window (IPv6 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-512) Enter a unique identifier number for this profile set. This value can be set from 1 to 512.
Page 167 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Select ICMP to instruct the Switch to examine the Internet Control Message ICMP Protocol (ICMP) field in each frame's header. Select Type to further specify that the access profile will apply an ICMP type value, or specify Code to further specify that the access profile will apply an ICMP code value.
Page 168 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-16 Add Access Rule (IPv6 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-256) Type in a unique identifier number for this access. This value can be set from 1 to 256.
Page 169 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide both the priority and DSCP are set to be modified. Replace ToS Specify that the IP precedence of the outgoing packet is changed with the new value. Precedence (0-7) If used without an action priority, the packet is sent to the default TC.
Page 170: Adding A Packet Content Acl Profile
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide After clicking the Show Details button in the Access Rule List, the following page will appear: Figure 7-17 Access Rule Detail Information (IPv6 ACL) Click the Show All Rules button to navigate back to the Access Rule List.
Page 171 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Type content. This will change the window according to the requirements for the type of profile. Select Ethernet ACL to instruct the Switch to examine the layer 2 part of each packet header.
Page 172 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-20 Access Rule List (Packet Content ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <<Back button to return to the previous page.
Page 173: Cpu Access Profile List
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Select Mirror to specify that packets that match the access profile are mirrored to a port defined in the config mirror port command. Port Mirroring must be enabled and a target port must be set.
Page 174: Adding A Cpu Ethernet Acl Profile
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NOTE: CPU Interface Filtering is used to control traffic access to the switch directly such as protocols transition or management access. A CPU interface filtering rule won’t impact normal L2/3 traffic forwarding.
Page 175 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-24 Add CPU ACL Profile (Ethernet ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-5) Enter a unique identifier number for this profile set. This value can be set from 1 to 5.
Page 176 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-25 CPU Access Profile Detail Information (Ethernet ACL) Click the Show All Profiles button to navigate back to the CPU ACL Profile List Page. After clicking the Add/View Rules button, the following page will appear: Figure 7-26 CPU Access Rule List (Ethernet ACL) Click the Add Rule button to create a new CPU ACL rule in this profile.
Page 177: Adding A Cpu Ipv4 Acl Profile
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 100. Auto Assign – Select this check box will instruct the Switch to automatically assign an Access ID for the rule being created. VLAN Name Enter the VLAN name.
Page 178 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-29 Add CPU ACL Profile (IPv4 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-5) Enter a unique identifier number for this profile set. This value can be set from 1 to 5.
Page 179 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide specify Code to further specify that the access profile will apply an ICMP code value. Select IGMP to instruct the Switch to examine the Internet Group Management Protocol (IGMP) field in each frame's header.
Page 180 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-31 CPU Access Rule List (IPv4 ACL) Click the Add Rule button to create a new CPU ACL rule in this profile. Click the <<Back button to return to the previous page.
Page 181 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide the following guidelines: Select this option to specify that the rule will be applied to ICMP traffic. Type – Enter the ICMP packet type value. Code – Enter the ICMP code value.
Page 182: Adding A Cpu Ipv6 Acl Profile
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-33 CPU Access Rule Detail Information (IPv4 ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. Adding a CPU IPv6 ACL Profile The window shown below is the Add CPU ACL Profile window for IPv6.
Page 183 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header. Select IPv4 to instruct the Switch to examine the IPv4 address in each frame's header.
Page 184 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-37 Add CPU Access Rule (IPv6 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Enter a unique identifier number for this access. This value can be set from 1 to 100.
Page 185: Adding A Cpu Packet Content Acl Profile
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-38 CPU Access Rule Detail Information (IPv6 ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. Adding a CPU Packet Content ACL Profile The window shown below is the Add CPU ACL Profile window for Packet Content.
Page 186 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Select IPv4 to instruct the Switch to examine the IPv4 address in each frame's header. Select IPv6 to instruct the Switch to examine the IPv6 address in each frame's header.
Page 187 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-42 Add CPU Access Rule (Packet Content ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100.
Page 188: Acl Finder
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-43 CPU Access Rule Detail Information (Packet Content ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. ACL Finder The ACL rule finder helps you to identify any rules that have been assigned to a specific port and edit existing rules quickly.
Page 189 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide CBS – Committed Burst Size. Measured in bytes, the CBS is associated with the CIR and is used to identify packets that exceed the normal boundaries of packet size. The CBS should be configured to accept the biggest IP packet that is expected in the IP flow.
Page 190 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Access ID (1-256) Here the user can enter the Access ID for the flow meter. Click the Find button to locate a specific entry based on the information entered.
Page 191 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide PIR – Specify the Peak information Rate. The unit is Kbps. PIR should always be equal to or greater than CIR. CBS – Specify the Committed Burst Size. The unit is in kilobyte.
Page 192: Chapter 8 Security
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 8 Security 802.1X RADIUS IP-MAC-Port Binding (IMPB) MAC-based Access Control (MAC) Compound Authentication Port Security ARP Spoofing Prevention Settings BPDU Attack Protection Traffic Segmentation Settings NetBIOS Filtering Settings...
Page 193 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenticator (Switch).
Page 194 Figure 8-6 The 802.1X Authentication Process The D-Link implementation of 802.1X allows network administrators to choose between two types of Access Control used on the Switch, which are: 1. Port-Based Access Control – This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network.
Page 195: 802.1X Global Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Host-Based Network Access Control In order to successfully make use of 802.1X in a shared media LAN segment, it would be necessary to create “logical” Ports, one for each attached device that required access to the LAN.
Page 196: 802.1X Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 802.1X Port Settings Users can configure the 802.1X authenticator port settings. To view this window, click Security > 802.1X > 802.1X Port Settings as shown below: Figure 8-10 802.1X Port Settings...
Page 197: 802.1X User Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide ReAuthPeriod (1-65535) A constant that defines a nonzero number of seconds between periodic re- authentication of the client. The default setting is 3600 seconds. ReAuthentication Determines whether regular re-authentication will take place on this port. The default setting is Disabled.
Page 198: Guest Vlan Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-11 802.1X User Settings window The fields that can be configured are described below: Parameter Description 802.1X User The user can enter an 802.1X user’s username in here.
Page 199: Authenticator State
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide A port cannot be a member of a Guest VLAN and a static VLAN simultaneously. Once a client has been accepted into the target VLAN, it can no longer access the Guest VLAN.
Page 200 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Security > 802.1X > Authenticator Statistics as shown below: Figure 8-15 Authenticator Statistics - Port-based window Figure 8-16 Authenticator Statistics - MAC-based window...
Page 201: Authenticator Session Statistics
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Time Interval Use the drop-down menu to select the interval to update the statistics. Click the OK button to accept the changes made.
Page 202: Authenticator Diagnostics
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-18 Authenticator Session Statistics - MAC-based window The fields that can be configured are described below: Parameter Description Time Interval Use the drop-down menu to select the interval to update the statistics.
Page 203 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-19 Authenticator Diagnostics - Port-based window Figure 8-20 Authenticator Diagnostics - MAC-based window The fields that can be configured are described below:...
Page 204: Initialize Port(S)
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description Time Interval Use the drop-down menu to select the interval to update the statistics. Click the OK button to accept the changes made. NOTE: The user must first globally enable Authentication Mode in the 802.1X Global Settings window before initializing ports.
Page 205: Radius
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-23 Reauthenticate Port(s) - Port-based window If MAC-based is selected in the Authentication Mode drop-down menu in 802.1X Global Settings window, the following window appears. Figure 8-24 Reauthentiate Port(s) - MAC-based window...
Page 206: Radius Accounting Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description Index Choose the desired RADIUS server to configure: 1, 2 or 3. Server IP Set the RADIUS server IP address. Authentication Port (1- Set the RADIUS authentic server(s) UDP port which is used to transmit 65535) RADIUS data between the Switch and the RADIUS server.
Page 207 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Security > RADIUS > RADIUS Authentication as shown below: Figure 8-27 RAIUS Authentication window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds.
Page 208: Radius Account Client
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide server. AccessChallenges The number of RADIUS Access-Challenge packets (valid or invalid) received from this server. AccessResponses The number of malformed RADIUS Access-Response packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators or Signature attributes or known types are not included as malformed access responses.
Page 209 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-28 RADIUS Account Client window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is 1s.
Page 210: Ip-Mac-Port Binding (Impb)
DHCPv4, DHCPv6, and ND packets and saving them to the IMPB white list. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will block the access by dropping its packet. For the DGS-3000 series of switches, active and inactive entries use the same database. The maximum number of entries that can be created is 510 for IPv4 and 255 for IPv6, by which only a maximum of 127 entries can be active at any given time.
Page 211: Impb Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MAC-port binding configuration set on the Switch. The default is Disabled. DHCP Snooping (IPv4) Click the radio buttons to enable or disable DHCP snooping (IPv4) for IP-MAC-Port binding. The default is Disabled.
Page 212: Impb Entry Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide ARP packet is detected. The default value is Disabled. IP Inspection When both ARP and IP inspections are enabled, all IP packets are checked. The legal IP packets are forwarded, while the illegal IP packets are dropped. When IP Inspection is enabled, and ARP Inspection is disabled, all non-IP packets (Ex.
Page 213: Mac Block List
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete button to remove the specified entry. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist. MAC Block List This window is used to view unauthorized devices that have been blocked by IP-MAC binding restrictions.
Page 214: Dhcp Snooping Entry
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-33 DHCP Snooping Max Entry Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to use.
Page 215: Nd Snooping
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Ports Specify the ports for DHCP snooping entries. Tick the All Ports check box to select all entries for all ports. Tick the IPv4 check box to select IPv4 DHCP snooping learned entries.
Page 216: Mac-Based Access Control (Mac)
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Security > IP-MAC-Port Binding (IMPB) > ND Snooping > ND Snooping Entry as shown below: Figure 8-36 ND Snooping Entry window The fields that can be configured are described below:...
Page 217 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-37 MAC-based Access Control Settings window The fields that can be configured are described below: Parameter Description MAC-based Access Toggle to globally enable or disable the MAC-based access control function on the Control State Switch.
Page 218: Mac-Based Access Control Local Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Member Ports Enter the list of ports that have been configured for the Guest VLAN. From Port / To Port Use the drop-down menus to select a range of ports to be configured for MAC-based access control.
Page 219: Mac-Based Access Control Authentication State
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-39 MAC-based Access Control Local Settings – Edit by Name window To change the selected MAC address’ VID value, the user can click the Edit by ID button.
Page 220: Japanese Web-Based Access Control (Jwac)
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Japanese Web-based Access Control (JWAC) JWAC Global Settings This window is used to enable and configure Japanese Web-based Access Control on the Switch. To use the JWAC feature, computer users need to pass through two stages of authentication. The first stage is to do the authentication with the quarantine server and the second stage is the authentication with the Switch.
Page 221: Jwac Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide to the quarantine server when it tries to access a random URL. When the redirect JWAC login page is enabled, the unauthenticated host will be redirected to the JWAC login page in the Switch to finish authentication. When redirect is disabled, only access to the quarantine server and the JWAC login page from the unauthenticated host are allowed, all other web access will be denied.
Page 222: Jwac User Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-43 JWAC Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be enabled as JWAC ports.
Page 223: Jwac Authentication State
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-44 JWAC User Settings window The fields that can be configured are described below: Parameter Description User Name Enter the user name of up to 15 alphanumeric characters of the guest wishing to access the Web through this process.
Page 224: Jwac Customize Page Language
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Click the Clear button to remove entry based on the port list entered. Click the View All Hosts button to display all the existing entries.
Page 225 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-47 JWAC Customize Page - Japanese window Figure 8-48 JWAC Customize Page - English window...
Page 226: Compound Authentication
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Complete the JWAC authentication information in this window to set the JWAC page settings. Click the Apply button to implement the changes made. Click the Set to default button to go back to the default settings of all elements.
Page 227 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port Security is a security feature that prevents unauthorized computers (with source MAC addresses) unknown to the Switch prior to locking the port (or ports) from connecting to the Switch's locked ports and gaining access to the network.
Page 228: Port Security Vlan Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-51 Port Security Port-VLAN Settings window The fields that can be configured are described below: Parameter Description VLAN Name Click the button and enter the name of the VLAN that the port security settings will be displayed for.
Page 229: Port Security Entries
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port Security Entries Users can remove an entry from the port security entries learned by the Switch and entered into the forwarding database. To view this window, click Security > Port Security > Port Security Entries as shown below:...
Page 230: Bpdu Attack Protection
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Gateway IP Address Enter the gateway IP address to help prevent ARP Spoofing. Gateway MAC Address Enter the gateway MAC address to help prevent ARP Spoofing.
Page 231: Loopback Detection Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-55 BPDU Attack Protection window The fields that can be configured are described below: Parameter Description BPDU Attack Click the radio buttons to enable or disable the BPDU Attack Protection state.
Page 232 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Loopback Detection port will restart (change to normal state) when the Loopback Detection Recover Time times out. The Loopback Detection function can be implemented on a range of ports at a time. The user may enable or disable this function using the drop-down menu.
Page 233: Traffic Segmentation Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Traffic Segmentation Settings Traffic segmentation is used to limit traffic flow from a single or group of ports, to a group of ports. This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is more restrictive. It provides a method of directing traffic that does not increase the overhead of the master switch CPU.
Page 234: Dhcp Server Screening
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Security > NetBIOS Filtering Settings as shown below: Figure 8-58 NetBIOS Filtering Settings window The fields that can be configured are described below: Parameter...
Page 235: Dhcp Offer Permit Entry Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-59 DHCP Server Screening Port Settings window The fields that can be configured are described below: Parameter Description DHCP Server Screening Click to enable or disable filtering DHCP server trap and log.
Page 236: Access Authentication Control
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Server IP Address The IP address of the DHCP server to be permitted. Client’s MAC Address Enter the client’s MAC address. Leave it blank to received packets from all client’s MAC address.
Page 237: Enable Admin
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide order preferable, and defined by the user for normal user authentication on the Switch, and may contain up to eight authentication techniques. When a user attempts to access the Switch, the Switch will select the first technique listed for authentication.
Page 238: Authentication Policy Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-62 Log-in Page Authentication Policy Settings Users can enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the Login Method List and choose a technique for user authentication upon login.
Page 239: Application Authentication Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Application Authentication Settings Users can configure Switch configuration applications (Console, Telnet, SSH, HTTP) for login at the user level and at the administration level (Enable Admin) utilizing a previously configured method list.
Page 240 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-65 Authentication Server Group Settings – Server Group List window This window displays the Authentication Server Groups on the Switch. The Switch has four built-in Authentication Server Groups that cannot be removed but can be modified. To add a new Server Group, enter a name in the Group Name field and then click the Add button.
Page 241: Authentication Server Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NOTE: The three built-in server groups can only have server hosts running the same TACACS daemon. TACACS/XTACACS/TACACS+ protocols are separate entities and are not compatible with each other. Authentication Server Settings User-defined Authentication Server Hosts for the TACACS / XTACACS / TACACS+ / RADIUS security protocols can be set on the Switch.
Page 242: Login Method Lists Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Login Method Lists Settings User-defined or default Login Method List of authentication techniques can be configured for users logging on to the Switch. The sequence of techniques implemented in this command will affect the authentication result. For example, if a user enters a sequence of techniques, for example TACACS - XTACACS- local, the Switch will send an authentication request to the first TACACS host in the server group.
Page 243: Enable Method Lists Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Enable Method Lists Settings Users can set up Method Lists to promote users with user level privileges to Administrator (Admin) level privileges using authentication methods on the Switch. Once a user acquires normal user level privileges on the Switch, he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch, which is defined by the Administrator.
Page 244: Local Enable Password Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide none - Adding this parameter will require no authentication needed to access the Switch. Click the Apply button to accept the changes made. Click the Edit button to re-configure the specific entry.
Page 245 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide CBC Block Ciphers – CBC refers to Cipher Block Chaining, which means that a portion of the previously encrypted block of encrypted text is used in the encryption of the current block. The Switch supports the 3DES EDE encryption code defined by the Data Encryption Standard (DES) to create the encrypted text.
Page 246: Ssh
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description SSL Status Use the radio buttons to enable or disable the SSL status on the Switch. The default is Disabled. Cache Timeout (60- This field will set the time between a new key exchange between a client and a host 86400) using the SSL function.
Page 247: Ssh Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The steps required to use the SSH protocol for secure communication between a remote PC (the SSH client) and the Switch (the SSH server) are as follows:  Create a user account with admin-level access using the User Accounts window. This is identical to creating any other admin-level User Account on the Switch, including specifying a password.
Page 248: Ssh Authentication Method And Algorithm Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made for each individual section. SSH Authentication Method and Algorithm Settings Users can configure the desired types of SSH algorithms used for authentication encryption. There are three categories of algorithms listed and specific algorithms of each may be enabled or disabled by ticking their corresponding check boxes.
Page 249: Ssh User Authentication List
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide is enabled. Blow-fish CBC Use the check box to enable or disable the Blowfish encryption algorithm with Cipher Block Chaining. The default is enabled. Twofish128 Use the check box to enable or disable the twofish128 encryption algorithm. The default is enabled.
Page 250: Trusted Host Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Authentication Method The administrator may choose one of the following to set the authorization for users attempting to access the Switch. Host Name – This parameter should be chosen if the administrator wishes to use a remote host name for authentication purposes.
Page 251: Safeguard Engine Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-75 Trusted Host window When the user clicks the Edit button, one will be able to edit the service allowed to the selected host. The fields that can be configured are described below:...
Page 252 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide stop period. This doubling of time for stopping these packets will continue until the maximum time has been reached, which is 320 seconds and every stop from this point until a return to normal ingress flow would be 320 seconds.
Page 253: Dos Attack Prevention Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Rising Threshold (20% Used to configure the acceptable level of CPU utilization before the Safeguard - 100%) Engine mechanism is enabled. Once the CPU utilization reaches this percentage level, the Switch will move into Exhausted mode, based on the parameters provided in this window.
Page 254: Igmp Access Control Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide TCP Null Scan Tick to check whether a received TCP packet contains a sequence number of 0 and no flags TCP Xmascan Tick to check whether a received TCP packet contains URG, Push and FIN flags.
Page 255 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-80 IGMP Access Control Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be enabled as compound authentication ports.
Page 256: Chapter 9 Network Application
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 9 Network Application DHCP DNS Resolver PPPoE Circuit ID Insertion Settings SMTP Settings SNTP Flash File System Settings DHCP DHCP Relay DHCP Relay Global Settings This window is used to enable and configure DHCP Relay Global Settings. The relay hops count limit allows the maximum number of hops (routers) that the DHCP messages can be relayed through to be set.
Page 257 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Enabled –When this field is toggled to Enabled, the relay agent will insert and remove DHCP relay information (option 82 field) in messages between DHCP servers and clients. When the relay agent receives the DHCP request, it adds the option 82 information, and the IP address of the relay agent (if the relay agent is configured), to the packet.
Page 258 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide servers. enable – Select this option to enable the DHCP Relay Option 61 state, in order to relay DHCP packets. disable - Select this option to disable the DHCP Relay Option 61 state.
Page 259: Dhcp Relay Interface Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide • Length • MAC address: The Switch’s system MAC address. DHCP Relay Interface Settings This window is used to set up a server, by IP address, for relaying DHCP information to the Switch. The user may enter a previously configured IP interface on the Switch that will be connected directly to the DHCP server using this window.
Page 260: Dhcp Relay Option 60 Server Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide DHCP Relay Option 60 Server Settings This window is used to configure the DHCP relay option 60 server parameters. To view this window, click Network Application > DHCP > DHCP Relay > DHCP Relay Option 60 Server...
Page 261: Dhcp Relay Option 61 Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The system will relay the packet to all the matching servers. Server IP Address Here the user can enter the DHCP Relay Option 60 Server IP address. Match Type Here the user can enter the DHCP Relay Option 60 Match Type value.
Page 262: Dhcp Local Relay Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete button to remove the specific entry based on the information entered. Click the Delete All button to remove all the entries listed. DHCP Local Relay Settings The DHCP local relay settings allows the user to add option 82 into DHCP request packets when the DHCP client gets an IP address from the same VLAN.
Page 263: Dns Resolver
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-10 DHCP Local Relay Option 82 Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to use.
Page 264: Dns Resolver Static Name Server Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description DNS Resolver State Click the radio buttons to enable or disable the DNS resolver state. Name Server Timeout The maximum time waiting for a response from a specified name server.
Page 265: Dns Resolver Dynamic Host Name Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The window is used to create the static host name entry of the switch. To view this window, click Network Application > DNS Resolver > DNS Resolver Static Host Name Settings as...
Page 266: Smtp Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-16 PPPoE Circuit ID Insertion Settings window The fields that can be configured are described below: Parameter Description PPPoE Circuit ID Click the radio buttons to enable or disable the PPPoE circuit ID insertion on the Insertion Switch.
Page 267: Sntp
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-17 SMTP Settings window The fields that can be configured are described below: Parameter Description SMTP State Use the radio button to enable or disable the SMTP service on this device.
Page 268: Time Zone Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Network Application > SNTP > SNTP Settings as shown below: Figure 9-18 SNTP Settings window The fields that can be configured or displayed are described below:...
Page 269 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-19 Time Zone Settings window The fields that can be configured are described below: Parameter Description Daylight Saving Time Use this drop-down menu to enable or disable the DST Settings.
Page 270: Flash File System Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description DST Annual Settings Using annual mode will enable DST seasonal time adjustment. Annual mode requires that the DST beginning and ending date be specified concisely. For example, specify to begin DST on April 3 and end DST on October 14.
Page 271 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-21 Flash File System Setting – Search for Drive window Click the Previous button to return to the previous page. Click the Create Directory to create a new directory within the file system of the switch.
Page 272: Chapter 10 Oam
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 10 Ethernet OAM DULD Settings Cable Diagnostics CFM Settings This window is used to configure the CFM parameters. To view this window, click OAM > CFM > CFM Settings, as shown below:...
Page 273 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide address information. Click the Apply button to accept the changes made for each individual section. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry.
Page 274 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-4 CFM MA Settings - Edit Window The fields that can be configured are described below: Parameter Description This is the control creation of MIPs. None - Don’t create MIPs.
Page 275 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-5 CFM MEP Settings Window The fields that can be configured are described below: Parameter Description MEP Name MEP name. It is unique among all MEPs configured on the device.
Page 276: Cfm Port Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-7 CFM MEP Information - Edit Window The fields that can be configured are described below: Parameter Description MEP State This is the MEP administrative state. Enable - MEP is enabled.
Page 277: Cfm Mipccm Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-8 CFM Port Settings Window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be configuration.
Page 278: Cfm Linktrace Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-10 CFM Loopback Settings Window The fields that can be configured are described below: Parameter Description MEP Name Select and enter the Maintenance End Point name used. MEP ID (1-8191) Select and enter the Maintenance End Point ID used.
Page 279: Cfm Packet Counter
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-11 CFM Linktrace Settings Window The fields that can be configured are described below: Parameter Description MEP Name Select and enter the Maintenance End Point name used. MEP ID (1-8191) Select and enter the Maintenance End Point ID used.
Page 280 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-12 CFM Packet Counter Window The fields that can be configured are described below: Parameter Description Port List Enter a list of ports to be displayed. Tick the All Ports check box to display all ports.
Page 281: Cfm Fault Table
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-13 CFM Packet Counter Window CFM Fault Table This window is used to show the MEPs that have faults. To view this window, click OAM > CFM > CFM Fault Table, as shown below:...
Page 282: Ethernet Oam
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click OAM > CFM > CFM MP Table, as shown below: Figure 10-15 CFM MP Table Window The fields that can be configured are described below:...
Page 283: Ethernet Oam Configuration Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-16 Ethernet OAM Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure.
Page 284: Ethernet Oam Event Log
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-17 Ethernet OAM Configuration Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure.
Page 285: Ethernet Oam Statistics
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-18 Ethernet OAM Event Log window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select the port number to view.
Page 286: Duld Settings
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-19 Ethernet OAM Statistics window The fields that can be configured are described below: Parameter Description Port List Enter a list of ports. Tick the All Ports check box to select all ports.
Page 287: Cable Diagnostics
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-20 DULD Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure.
Page 288 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-21 Cable Diagnostics window The fields that can be configured are described below: Parameter Description Port Select a port you wish to display. Click the Test button to view the cable diagnostics for a particular port.
Page 289: Chapter 11 Monitoring
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 11 Monitoring Utilization Statistics Mirror Ping Test Trace Route Peripheral Utilization CPU Utilization Users can display the percentage of the CPU being used, expressed as an integer percentage and calculated as a simple average by time interval.
Page 290: Port Utilization
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-2 DRAM & Flash Utilization window Port Utilization Users can display the percentage of the total available bandwidth being used on the port. To view this window, click Monitoring > Utilization > Port Utilization as shown below:...
Page 291: Port Statistics
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port Statistics Packets The Web manager allows various packet statistics to be viewed as either a line graph or a table. Six windows are offered. Received (RX) To select a port to view these statistics for, select the port by using the Port drop-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
Page 292 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-5 RX Packets Analysis Table window The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 293 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-6 UMB_cast (RX) window (for Unicast, Multicast, and Broadcast Packets) Click the View Table link to display the information in a table rather than a line graph. Figure 11-7 RX Packets Analysis window (table for Unicast, Multicast, and Broadcast Packets)
Page 294 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Multicast Counts the total number of good packets that were received by a multicast address. Broadcast Counts the total number of good packets that were received by a broadcast address.
Page 295 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-9 TX Packets Analysis window (table for Bytes and Packets) The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 296 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-10 Received (RX) window (for errors) Click the View Table link to display the information in a table rather than a line graph. Figure 11-11 RX Error Analysis window (table)
Page 297 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide of 64 bytes and have a good CRC. Undersize packets usually indicate collision fragments, a normal network occurrence. OverSize Counts valid packets received that were longer than 1518 octets and less than the MAX_PKT_LEN.
Page 298: Packet Size
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-13 TX Error Analysis window (table) The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 299 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-14 Packet Size window Click the View Table link to display the information in a table rather than a line graph. Figure 11-15 RX Size Analysis window (table)
Page 300: Mirror
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 65-127 The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). 128-255 The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
Page 301: Ping Test
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide outgoing traffic. None Click the radio buttons to select whether the port should not include any traffic. Click the Apply button to accept the changes made. NOTE: You cannot mirror a fast port onto a slower port. For example, if you try to mirror the traffic from a 100 Mbps port onto a 10 Mbps port, this can cause throughput problems.
Page 302: Trace Route
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Timeout Select a timeout period between 1 and 99 seconds for this Ping message to reach its destination. If the packet fails to find the IP address in this specified time, the Ping packet will be dropped.
Page 303: Peripheral
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide seeking the network path between two devices. The range for the TTL is 1 to 60 hops. Port (30000-64900) The port number. The value range is from 30000 to 64900.
Page 304 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Monitoring > Peripheral > External Alarm Settings as shown below: Figure 11-22 External Alarm Settings window Click the Refresh button to refresh the display table so that new entries will appear.
Page 305: Chapter 12 Save And Tools
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 12 Save and Tools Save Configuration / Log Download firmware Upload Firmware Download Configuration Upload Configuration Upload Log File Reset Reboot System Save Configuration / Log To view this window, click Save > Save Configuration / Log, as shown below.
Page 306: Download Firmware From Ftp
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 12-4 Download Firmware – TFTP window The fields that can be configured are described below: Parameter Description TFTP Server IP Enter the TFTP server IP address used. IPv4 Click the radio button to enter the TFTP server IP address used.
Page 307: Download Firmware From Http
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Destination File Enter the file name that will be stored in the flash of the Switch, e.g. C:/runtime.had. Boot Up Select this option to use this firmware as the boot-up firmware.
Page 308: Upload Firmware To Ftp
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide IPv4 Click the radio button to enter the TFTP server IP address used. IPv6 Click the radio button to enter the TFTP server IPv6 address used. Domain Name Click the radio button to enter the domain name.
Page 309: Download Configuration
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description Source File Enter the location and name of the Source File. Click Upload to initiate the upload. Download Configuration The following window is used to download the configuration file for the Switch.
Page 310: Download Configuration From Http
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 12-11 Download Configuration – FTP window The fields that can be configured are described below: Parameter Description FTP Server IP Enter the FTP Server IP Address used. User Name Enter the appropriate Username used.
Page 311: Upload Configuration To Tftp
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Upload Configuration To TFTP This window is used to upload the configuration file from the Switch to a TFTP Server. Figure 12-13 Upload Configuration – TFTP window The fields that can be configured are described below:...
Page 312: Upload Configuration To Http
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description FTP Server IP Enter the FTP Server IP Address used. User Name Enter the appropriate Username used. Password Enter the appropriate Password used.
Page 313: Upload Log File
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Upload Log File The following window is used to upload the log file from the Switch. To view this window, click Tools > Upload Log File, as shown below.
Page 314: Upload Log To Http
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description FTP Server IP Enter the FTP Server IP Address used. User Name Enter the appropriate Username used. Password Enter the appropriate Password used.
Page 315: Reboot System
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 12-19 Reset System window The fields that can be configured are described below: Parameter Description Reset Selecting this option will factory reset the Switch but not the IP address, log, user account and banner.
Page 316 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 12-22 System Rebooting window...
Page 317: Appendix A Password Recovery Procedure
This document will explain how the Password Recovery feature can help network administrators reach this goal. The following steps explain how to use the Password Recovery feature on D-Link devices to easily recover passwords.
Page 318: Appendix B System Log Entries
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Appendix B System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch. Category Event Description...
Page 319 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Log message successfully uploaded Log message successfully uploaded by Informational console (Username: <username>, IP: <ipaddr> ) Log message upload was unsuccessful Log message upload by console was Warning unsuccessful! (Username: <username>, IP: <ipaddr>...
Page 320 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide <macaddr> Priority :<value>) New root bridge CIST Region New Root bridge selected Informational ( MAC: <macaddr> Priority :<value>) New root bridge MSTI Region New Root bridge selected Informational (Instance:<InstanceID>, MAC: <macaddr>...
Page 321 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Authentication Policy is disabled Authentication Policy is disabled (Module: Informational AAA) Successful login through Console Successful login through Console Informational authenticated by AAA local method authenticated by AAA local method (Username: <username>)
Page 322 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Successful login through Web authenticated Successful login through Web from <userIP> Informational by AAA server authenticated by AAA server <serverIP> (Username: <username>) Login failed through Web authenticated by Login failed through Web from <userIP>...
Page 323 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide authenticated by AAA local_enable method from <userIP> authenticated by AAA local_enable method (Username: <username> ) Enable Admin failed through Telnet Enable Admin failed through Telnet from Warning authenticated by AAA local_enable method <userIP>...
Page 324 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Successful Enable Admin through Telnet Successful Enable Admin through Telnet Informational authenticated by AAA server from <userIP> authenticated by AAA server <serverIP> (Username: <username>) Enable Admin failed through Telnet...
Page 325 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Multicast storm occurrence Port <portNum> Multicast storm is occurring Warning Multicast storm cleared Port <portNum> Multicast storm has cleared Informational Port shut down due to a packet storm Port <portNum> is currently shut down due...
Page 326 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide <ipaddr>, Port: <portNum>) COMMAND LOGGING Command Logging <username>: execute command "<string>" Informational MBAC A host passes the authentication MAC-based Access Control host login Informational successful (MAC: <macaddr>, port: <[unitID]portNum>, VID: <vid>)
Page 327: Appendix C Trap Log Entries
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Appendix C Trap Log Entries This table lists the trap logs found on the Switch. Trap Name Trap Description The SNMP trap that is generated when an alarm entry crosses its rising threshold and generates an event that is configured for sending SNMP traps.
Page 328 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide included value of ifOperStatus. Binding: 1.ifIndex 2.ifAdminStatus 3.ifOperStatus The newRoot trap indicates that the sending agent has become the new root of the Spanning Tree; the trap is sent by a bridge soon after its election as the new root, newRoot 1.3.6.1.2.1.17.0.1...
Page 329 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide This trap is sent when a packet storm is detected by a packet storm mechanism and a shutdown action is swPktStormOccurred 1.3.6.1.4.1.171.12.25.5.0.1 taken. Binding: 1: swPktStormCtrlPortIndex The trap is sent when the packet storm is cleared by the swPktStormCleared packet storm mechanism.
Page 330 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide attack state, a trap will be sent out. Binding: 1.swBpduProtectionPortIndex 2.swBpduProtectionPortMode When the BPDU Protection trap is enabled, if the specific port changes from an under attack state to a swBpduProtectionRecoveryTr normal state, a trap will be sent out.
Page 331 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide authentation failure notification. Binding: 1: swSingleIPMSID 2: swSingleIPMSMacAddr Commander switch will send swSingleIPMSnewRoot notification to indicated swSingleIPMSnewRoot host when it Member generate new root notification. 1.3.6.1.4.1.171.12.8.6.0.16 Binding: 1: swSingleIPMSID...
Page 332 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide disconnect -> overCurrent. disconnect -> working. disconnect -> connect. Binding : 1: swPowerUnitIndex 2: swPowerID 3: swPowerStatus Power Failure notification. The notification is issued when the swPowerStatus changes in the following cases: lowVoltage ->...
Page 333: Appendix Dradius Attributes Assignment
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Appendix D RADIUS Attributes Assignment The RADIUS Attributes Assignment on the DGS-3000 is used in the following modules: 802.1X (Port-based and Host-based), and MAC-based Access Control. The description that follows explains the following RADIUS Attributes Assignment types: ...
Page 334 DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The table below shows the parameters for a VLAN: RADIUS Tunnel Attribute Description Value Usage Tunnel-Type This attribute indicates the tunneling protocol(s) 13 (VLAN) Required to be used (in the case of a tunnel initiator) or the tunneling protocol in use (in the case of a tunnel terminatior).

D-Link DGS-3000 series Reference Manual

Chapter 1 Web-Based Switch Configuration

Chapter 2 System Configuration

Chapter 3 Management

Chapter 4 L2 Features

Chapter 5 L3 Features

Chapter 6 Qos

Chapter 7 ACL

Chapter 8 Security

Chapter 9 Network Application

Chapter 10 OAM

Chapter 11 Monitoring

Quick Links

Related Manuals for D-Link DGS-3000 series

Summary of Contents for D-Link DGS-3000 series