Dgs-3612g user manual

Example Usage: To create an DGSG:4 create DGSG:4 config DGSG:4 show Masks entered can be combined with the values the Switch finds in the specified frame header fields. Masks can be entered that will be combined with the values the Switch finds in the specified frame header fields.

Used in conjunction with the Access Profile feature, the Switch will identify traffic originating from a specified IP address and forward it on to a next hop router that has a less congested connection to the Internet than the normal routing scheme of your network. These attacks may increase the CPU utilization beyond its capability. The VLAN rules take precedence, and then the traffic segmentation rules are applied. The Switch supports up to static ARP entries.

Static ARP table entries are not affected. The default setting is true. The metric value 0 above will be redistributed in OSPF as the metric Example usage: To add route redistribution settings Entering the combination internal external is functionally equivalent to all.

DGSG:4 config route redistribute dst rip src DGSG:4 config dnsr delete static dns1 The address and mask information can be specified using the traditional format for example, PIM settings must first be configured for specific IP interfaces using the config pim command.

Between 1 and seconds can be specified. This is a bit number in the form of an IP address xxx. The majority of routing protocols are not compatible when used in conjunction with each other. This Switch supports and may be configured for many routing protocols, as a stand alone switch or more importantly, in utilizing the stacking function and Single IP Management of the Switch.

When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password. When enabled, the device will check the method list and choose a technique for user authentication upon login.

See the enable admin part of this section for more detailed information, concerning the enable admin command. The window will display the following parameters: Method List Name — The name of a previously configured method list name. The user may add one, or a combination of up to four 4 of the following authentication methods to this method list: tacacs — DGSG:4 show authen application Purpose Used to display authentication methods for the various applications on the Switch.

There are three options: tacacs — This command will display the following fields: Group Name: The name of the server group currently configured on the Switch, including built in groups and user defined groups. Syntax show ssh authmode Description This command will allow users to display the current SSH authentication set on the Switch. Upon entry of this command, the Switch will prompt the user for a password, and then to retype the password for confirmation.

These security functions are implemented through the use of a ciphersuite, To transmit frames of up to bytes and bytes tagged , the user can increase the maximum transmission unit MTU size from the default of by enabling the Jumbo Frame command. The CS will then serve as the in band entry point for access to Page CS, do not belong. The Upgrade to v1. Many improvements have been made, including: The Commander Switch CS now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction.

SIM features and functions will not function properly unless this function is enabled. Platform — Switch Description including name and model number. SIM Config Success!!! Print page 1 Print document pages. Rename the bookmark. Currently configured entries will be displayed in the Time Range Information table in the bottom half of the window shown above. Access profiles allow users to establish criteria to determine whether or not the Switch will forward packets based on the information contained in each packet's header.

Select Packet Content Mask to specify a mask to hide the content of the packet header. This value can be set from 1 to Figure 6- 6. Access Profile Configuration window IPv6 This screen will aid the user in configuring the Switch to mask packet headers beginning with the offset value specified. The following fields are used to configure the IPv6: Parameter Description The Access Rule Configuration window will appear. To remove a previously created rule, select it and click the button.

Select Mirror to specify that packets that match the access profile are mirrored to a port defined in the Port Mirroring window. This will set specific times when this access rule will be implemented on the Switch. Counter Tick the check box and use the pull-down menu to employ the Counter that will count the packets identified with this rule.

Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added see below. Once this field is specified, packets accepted by the Switch that match this priority are forwarded to the CoS queue specified previously by the user.

Figure 6- Otherwise, a packet will have its incoming For more information on priority queues, CoS queues and mapping for This, along with the srTCM, are two methods available on the switch for metering and marking packet flow. IP flow rates at or below this level will be considered green. CPU Interface Filtering Configuration window Packet Content This window will aid the user in configuring the Switch to mask packet headers beginning with the offset value specified.

This will set specific times when this CPU access rule will be implemented on the Switch. To view the settings of a previously correctly configured rule, click in the Access Rule Table to view the following window: Figure 6- Type Ethernet instructs the Switch to examine the layer 2 part of each packet header.

IP instructs the Switch to examine the IP address in each frame's header. Packet Content Mask instructs the Switch to examine the packet header. A new window is displayed. To remove a previously created rule, click the corresponding button. IPv6 instructs the Switch to examine the IPv6 part of each packet header. Class Entering a value between 0 and will instruct the Switch to examine the class field of the IPv6 header.

Setting the Admin State pull- down menu to Enabled, and clicking Apply can lock the port. This pull-down menu allows you to select how the MAC address table locking will be Mode implemented on the Switch, for the selected group of ports. There are two states: Strict and Loose, and only one state can be selected per port.

If a port is set to Strict state, all packets entering the port are denied dropped by default. All packets are dropped by default until a legal IP packet is detected. Ports e. To view particular port settings, choose the unit - port number and click Find.

The Authenticator serves two purposes when utilizing The first purpose is to request certification information from the Client through EAPOL packets, which is the only information allowed to pass through the Authenticator before access is granted to the Client. Page Authentication Process Figure 7- The Port-Based Access Control — This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network.

AdmDir Sets the administrative-controlled direction to either in or both. The default setting is 30 seconds. Initialize Port window Port-based The Initialize Port Table in the bottom half of the window displays the current status of the port s. Information in the Initialize Ports Table cannot be viewed before enabling Reauthenticate Port s This window allows reauthentication of a port or group of ports by using the pull-down menus From and To and clicking Apply. If no t configured properly, the authentication will be permanently denied by the authenticator.

The user may choose: Local — State Enable or disable the WAC port settings on the specified ports. Web-based Access Control Authentication Login window After successfully logging in, the user will be prompted with this window, verifying that the user has successfully authenticated the WAC port.

Figure 7- Tick the All Ports check box to select all ports. State Select the state of the ports. Choose between Authenticated, Authenticating or Blocked. Click Find to display the Host table entries or click Clear to remove an entry. If you choose to define one or more designated management stations, only the chosen stations, as defined by IP address, will be allowed management privilege through the web manager or Telnet session.

Address Enter the port or range of ports to be configured. Alternatively, tick the All Ports check box Ports to configure all of the ports. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password. When enabled, the device will check the Login Method List and choose a technique for user authentication upon login.

Login Method List Using the pull-down menu, configure an application for normal login on the user level, utilizing a previously configured method list. To add a user-defined group to the list, click the Add button in the Authentication Server Group window, which will display the following window.

The sequence of techniques implemented in this command will affect the authentication result. Method 1, 2, 3, 4 The user may add one, or a combination of up to four of the following authentication methods to this method list The following is a list of information that will be sent to the RADIUS server when an event triggers the Switch to send these informational packets.

These attacks may increase the Safeguard Engine beyond its capability. This may limit the speed of routing traffic over the network. This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is more restrictive. Forward Port Tick the check boxes to select which of the ports on the Switch will be able to forward packets. These ports will be allowed to receive packets from the port specified above. A new SSL session is established every time the client and host go through a key exchange.

It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts. Max Session Enter a value between 1 and 8 to set the number of users that may simultaneously access the Switch. There are four categories of algorithms listed and specific algorithms of each may be enabled or disabled by using their corresponding pull-down menus.

The default is Enabled. This User Name must be a previously configured user account on the Switch. Any — Specifies that a client will gain access if it passes any of the authentication methods Aging Time This parameter specifies the period of time a host will keep in authenticated state after it successes to authenticate.

Enter a value between 1 and minutes. The default setting is min minutes. This field is case-sensitive and must be a complete alphanumeric string. Confirm New Retype the password entered in the previous field.

Password Click Apply to implement changes made. Six windows are offered. RX Packets Analysis window table for Bytes and Packets The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.

The default value is one second. TX Packets Analysis window table for Bytes and Packets The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.

Four windows are offered. RX Error Analysis window table The following fields can be set: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. TX Error Analysis window table The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds.

Two windows are offered. The default Time Interval value is one second. A router port configured by a user using the console or Web-based management interfaces is displayed as a static router port, designated by S. A router port that is dynamically configured by the Switch is designated by D and a Forbidden port is designated by F. There are six windows to monitor. Enter a port or range of ports, or tick the All Ports check box. Authenticator Statistics Detail Table window The following fields can be viewed: Parameter Description The identification number assigned to the Port by the System in which the Port resides.

An entry appears in this table for each port that supports the Authenticator function. Authenticator Diagnostics This table contains the diagnostic information regarding the operation of the Authenticator associated with each port.

Indicates that the Supplicant has not authenticated to the Authentication Server. Malformed packets include packets with an invalid length. When the Switch learns an association between a MAC address and a port number, it makes an entry into its forwarding table. These entries are then used to forward packets through the Switch. When initiated, the Trace Route program will display the IP addresses of the previous hops a packet takes from the Target IP Address entered in the window, until it reaches the Switch.

Trace IPv6 Route window To trace the route of a packet, set the following parameters located in this window, and click Start. Parameter Description Enter the IP address of the computer to be traced. To find a specific IP route, enter an IP address along with a proper subnet mask in the two fields offered and click Find. To search a specific entry, enter a multicast interface name into the Interface Name field or choose a Protocol from the pull down list and click Find.

Each routing entry contains information about the source and multicast group, and incoming and outgoing interfaces. Neighbors are elected via the Hello protocol. Some of the current configuration parameters can be retained while resetting all other configuration parameters to their factory defaults.

Configuration changes are made effective clicking the Save button. Supports 16K MAC address. Priority Queues 8 Priority Queues per port. Forwarding Table Age Time Max age: seconds. Please review these products for matching cable pin assignment. Page Password Recovery Procedure This section will explain how the Password Recovery feature can help network administrators reach this goal. The following steps explain how to use the Password Recovery feature on D-Link devices to easily recover passwords.

Complete these steps to reset the password: For security reasons, the Password Recovery feature requires the user to physically access the device. Command Parameters reset config This command resets the whole configuration back to the default values. The tables below show the parameters for MDI - Medium Dependent Interface: An Ethernet port connection where the transmitter of one device is connected to the receiver of another device.

Page The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D-Link to confirm the same, along with proof of purchase of the product such as a copy of the dated purchase invoice for the product if the product is not registered.

Page DGS Series Layer 3 Managed Gigabit Ethernet Switch D-Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing requirements, or for which an RMA number is not visible from the outside of the package.

Page D-Link will then provide you with a Limited Lifetime Warranty reference number for this product. Please retain your original dated proof of purchase with a note of the serial number, and Limited Lifetime Warranty reference number together with this warranty statement and place each document in a safe location.

When you make a warranty claim on a defective product, you may be asked to provide this information. Except as indicated above, in no event will D-Link or its suppliers be liable for loss of data or for indirect, special, incidental, consequential including lost profit or data , or other damage, whether based in a contract, tort, or otherwise.

The replacement Hardware need not be new or of an identical make, model or part; D-Link may in its discretion may replace the defective Hardware or any part thereof with any reconditioned product that D-Link reasonably determines is substantially equivalent or superior in all material respects to the defective Hardware. Page The packaged product shall be insured and shipped to Authorized D-Link Service Office with all shipping costs prepaid.

D-Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing requirements, or for which an RMA number is not visible from the outside of the package. All other trademarks belong to their respective proprietors.

D-Link provides free technical support for customers within the United States and within Canada for the duration of the service period, and warranty confirmation service, during the warranty period on this product. Times Mon-Fri 9. Page Supporto tecnico Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D-Link.

Page Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers within Benelux for the duration of the warranty period on this product. Benelux customers can contact D-Link technical support through our website, or by phone. D-Link tilbyr sine kunder gratis teknisk support under produktets garantitid. D-Link Teknisk telefon Support D-Link tilbyder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode.

D-Link teknisk support over telefonen: Tlf. Modules with single Gigabit XFP can also be installed in any of the open slots for uplink to servers or a fiber backbone. Built-in D-Link ZoneDefense2 technology allows business to integrate the switch stack with D-Link NetDefend firewalls to implement a full coverage, proactive security architecture. Bandwidth Control can be flexibly set for each port using pre-defined thresholds to assure a committed level of service for end users.

For advanced applications, per-flow bandwidth control allows easy fine-tuning of service types based on specific IP addresses or protocols. Actual product appearance may differ from the image displayed on this page. Related Products. Specs Download the datasheet.