Вы находитесь на странице: 1из 240

D-Link DES-3028/DES-3028P/DES-3052/DES-3052P

10/100/ Fast
Ethernet
I

Copyright 2007.


................................................................................................................................... VI
...................................................................................................... VII
............................................................................................................ VII
, ......................................................... VII
................................................................................................ VIII
.......................................................................... X
............................................................................................................................................ 1
DES-3028/28P/52/52P.............................................................................. 1
........................................................................................................... 1
................................................................................................................................................ 2
......................................................................................................... 3
DES-3028P .................................................................................................................................... 3
DES-3052P .................................................................................................................................... 3
............................................................................................................. 4
SFP ........................................................................................................... 5
......................................................................................................................................... 6
........................................................................................................................... 6
.................................................................................................................... 6
........................................................................................... 7
........................................................................................................ 7
19 ........................................................................... 7
............................................................................ 8
............................................................................................................. 8
....................................................................................................... 9
................................................................................. 9
..................................................... 9
.............................................................................. 11
...................................................................................................................... 11
Web- .................................................................................................. 11
SNMP- ...................................................................................... 11
(RS-232 DCE) ................................... 11
................................................................................... 13
...................................................................................................................... 14
SNMP ...................................................................................................................... 15
IP- ............................................................................................................... 16
WEB-............................................................... 19
......................................................................................................................................... 19
WEB- ................................................................................ 19
WEB- .............................................................................................. 20
WEB- ........................................................................................... 20
, WEB-...................................................................................... 21
..................................................................................................................................... 23
.......................................................................................................... 23
IP- ........................................................................................................................................... 26
IP- ........................ 28
............................................................................................................. 28
.......................................................................................................................... 29
, - (PORT ERROR DISABLED).................................. 30
............................................................................................................................ 32
DHCP/BOOTP RELAY ....................................................................................................................... 32

ii

DHCP / BOOTP RELAY .............................................................................. 33


Option 82 DES-30xx.................................................... 34
DHCP/BOOTP RELAY ................................................................................ 35
.................................................................................................... 35
................................................................................................................. 36
.................................................................................................... 37
.................................................. 39
SNTP............................................................................................................................. 40
................................................................................................................. 40
DST ............................................................................................................... 41
MAC- .......................................................................................................................... 43
MAC-.......................................................................... 43
MAC- ............................................................................... 45
TFTP ................................................................................................................................ 45
....................................................... 46
.......................................................................... 46
.................................................................. 46
PING T EST ......................................................................................................................................... 47
SAFEGUARD ENGINE ........................................................................................................................... 47
SNMP- ............................................................................................................................. 49
SNMP ...................................................................................................................... 49
SNMP Traps............................................................................................................ 51
SNMP .............................................................................................. 51
SNMP (SNMP View Table)...................................................................... 53
SNMP-................................................................................................................ 54
SNMP Community............................................................................. 56
SNMP ............................................................................................................... 57
SNMP Engine ID.......................................................................................................................... 58
POE ................................................................................................................................... 58
PoE........................................................................................................ 59
PoE ........................................................................................ 59
IP- (Single IP Management, SIM)................... 61
SIM v1.6 ....................................................................... 62
SIM Web- ................................................................................. 63
.............................................................................................................................. 64
................................................................................................................... 66
............................................................................................. 66
................................................................................................................. 66
................................................................................... 67
............................................................................................................... 67
CaS...................................................................................................... 68
............................................................................................................................ 68
SIM- ................................... 70
/ ......................................................... 70
......................................................................................... 71
( FORWARDING FILTERING) ........................................... 71
Unicast- (Unicast Forwarding).......................... 71
Multicast Forwarding.................................................................................................................. 72
....................................................... 73
SMTP ............................................................................................................................. 74
SMTP- ....................................................................................................... 75
SMTP ............................................................................................................................. 76
2 ......................................................................................................................... 78
(VLAN)........................................................................................... 78
VLAN DES-30 ............... 78
IEEE 802.1Q VLAN ...................................................................................................................... 78
802.1Q VLAN...................................................................................................................... 79
.................................................................................. 80
(Ingress Filtering) ............................................................. 81
VLAN ................................................................................................................. 81
VLAN.................................................................................................................. 81
VLAN ............................................................................. 82

iii

VLAN ..................................................................................................... 82
GVRP ...................................................................................................................... 83
................................................................................................................. 85
.......................................................................... 85
........................................................................................................... 86
LACP ................................................................................................................ 87
IGMP ................................................................................................................................................ 88
............................................ 90
.................................................................................................. 92
802.1w Rapid Spanning Tree...................................................................................................... 92
............................................................................................... 92
.................................................................................................................. 93
P2P-.................................................................................................................................... 93
802.1d 802.1w ........................................................................................... 93
STP Loopback Detection ............................................................................................ 93
STP- ............................................................................................... 94
STP ................................................................................................. 96
MST .............................................................................................. 98
STP....................................................................................................................100
MSTP.........................................................................................................101
(COS)......................................................................................................103
QOS .......................................................................................................................103
QOS..................................................................................................................................104
...................................................................................................105
802.1p .........................................................................................107
802.1p ........................................................................................108
..................................................................................................108
COS ..........................................................................................................109
..................................................................................................................110
TOS ..........................................................................................................112
DSCP........................................................................................................112
..................................................................................113
MAC- .............................................................................................114
(ACL) ....................................................................................117
(TIME RANGE) .........................................................................117
...........................................................................................................117
CPU INTERFACE FILTERING ................................................................................................................129
CPU Interface Filtering.........................................................................130
CPU Interface Filtering ............................................................................130
...............................................................................................................................143
...................................................................................................................143
PORT SECURITY ( ) .......................................................................146
PORT LOCK ENTRIES ..........................................................................................................146
SECURE SOCKET LAYER (SSL)...........................................................................................................147
..........................................................................................................148
Ciphersuite.................................................................................................................................148
SSH.................................................................................................................................................150
SSH .........................................................................................................151
SSH .................................................152
SSH-.................................................................................153
802.1X.................................................................................................................155
802.1X MAC- ...........................................155
......................................................................................................156
...................................................................................................................156
......................................................................................................................................158
....................................................................................................158
802.1X MAC- .........................................160
.....................................................................................160
MAC- .........................................................................161
Guest VLANs..............................................................................................................................162

iv

Guest VLAN ....................................................................162


802.1X G UEST VLAN......................................................................................................163
802.1X ........................................................................164
802.1X .................................................................................................167
802.1X ....................................167
802.1X MAC- .....................................................168
802.1X ............................................169
802.1X MAC- .................................170
RADIUS ..................................................................................................170
(T RUSTED HOST).................................................................................................171
........................................................................................171
...................................................................173
.....................................................................................173
................................................................................................174
.............................................................................................................175
.......................................................................................................178
ENABLE METHOD LISTS......................................................................................................................179
(L OCAL ENABLE PASSWORD)..........................................................182
ENABLE ADMIN..................................................................................................................................182
...............................................................................................................183
...................................................................................................................................185
CPU .....................................................................................................................185
...................................................................................................................186
...........................................................................................................................................187
(RX) ........................................................................................................187
, (RX) ....188
(TX) ..................................................................................................190
...........................................................................................................................................192
(RX)........................................................192
(TX)..................................................193
................................................................................................................................195
MAC- ...................................................................................................................................197
(SWITCH L OG) ...............................................................................................198
IGMP SNOOPING ..................................................................................................................198
.......................................................................................................199
ARP ........................................................................................................200
..........................................................................................202
RADIUS ...........................................................202
RADIUS ...............................................................................................................203
....................................................................................................204
..........................................................................................206
.......................................................................................................209
............................................................................................210
( RESET) ...........................................................................211
..............................................................................................................211
.................................................................................................................212
(LOGOUT) .........................................................................................................212
............................................................................................................ 213
.......................................................................................................... 216
.......................................................................................................................................... 227
.................................................................................................................................................. 228


DES-3028/DES-3028P/DES-3052/DES-3052P
,
. :
1, . - .
2, . - ,
, .
3, - ,
Ethernet/Fast Ethernet.
4, -
, , SNMP, IP-
.
5, Web- -
Web-.
6,
, , IP-, , DHCP/BOOTP
Relay, , ,
, SNTP, MAC-, TFTP,
, Ping-, Safeguard Engine, SNMP, PoE,
IP-, Forwarding & Filtering, SMTP.
7, 2 2 , VLAN,
, IGMP Snooping Spanning Tree.
8, (CoS). ,
(CoS), , 802.1P,
802.1P, CoS , CoS ,
, TOS, DSCP, MAC-.
9, (ACL)
(ACL), , ,
CPU Interface Filtering.
10, ,
, (Port Security),
, SSL, SSH, 802.1X, (Trusted Host),
.
11, ,
CPU, , , ,
, MAC-, , IGMP Snooping,
, ARP, .
A,
DES-3028/DES-3028P/DES-3052/DES-3052P.
B,
.
C, - .

vi

DES-3028/DES-3028P/DES-3052/DES-3052P
.
.
, .

[]

,
, .
: [copy filename] ,
, .
.
, ,
. : File Cancel. ,
.
, . : You have
mail ( ).
, . : use the copy command.
,
, .

, ,
. : Enter.

Menu Name
Menu Option

,
, .
: ,
, ( ), .
>

Menu Name > Menu Option . , Device > Port


> Port Properties , Port Properties ( )
Port Device.

,
,
.

,
.

, .

vii



, .
(
).
, .


, ,
, :

, ,
.

.

, :

, .

,
, .

,
. ,

.

.
.

,
.

,
.
, .

, , ( )
:

115 (V)/60 (Hz)


, , .

100 /50 - 100 /60 -

230 /50 - ,

, ,
.
. ,
, .

viii

, .
, ,
.
,
.
- . ,
, - ,
80% - .

, (UPS).
, , ,
. , .
,
.
.
,
, :

, ,
.
; , /
. .

,
.
.
,
.
:
, , ,
, .
/ , .
, .
,
.
.
, .
, , .
, , -

, , ,

,
. 80% ,
.
, .
, .
:
.

.

ix

.
, ,
.
:
. ,
.
. ,
.


.
, , ,
. .

(ESD):
1.

, , ,
,
. ,
.

2.

3.

- . ,
,
.

DES-3028/28P/52/52P




- Gigabit Ethernet

DES-3028/28P/52/52P
DES-3028, DES-3028P, DES-3052 DES-3052P
D-Link. ,
, . ,

.
, DES-3028,
DES-3028P, DES-3052 DES-3052P.
,
. ,
Web-,
,
.

(LACP) IEEE 802.3ad


IEEE 802.1x MAC-
IEEE 802.1Q VLAN
: IEEE 802.1D Spanning Tree, IEEE
802.1W Rapid Spanning Tree IEEE 802.1s Multiple Spanning
(ACL)
Single IP Management ( IP-)
TACACS,
XTACACS TACACS+
Flash-
SNTP (Simple Network Time Protocol)
MAC-



MAC-: 8K
512
VLAN
fail-over
IGMP Snooping
SNMP
Secure Sockets Layer (SSL) Secure Shell (SSH)

MIB :
RFC1213 MIB II
RFC1493 Bridge
RFC2819 RMON
RFC2665 Ether-like MIB

RFC2863 Interface MIB

Private MIB
RFC2674 802.1p

IEEE 802.1x MIB


IEEE 802.3x

IEEE 802.1p
IEEE 802.3u 100BASE-TX

RS-232 DCE

( link/act, speed ..)
IEEE 802.3 10BASE-T

,
, :
14 881 / Ethernet 10/, 148 810
/ 100/ Fast Ethernet.
10 100/.

.
, .
.
/
store and forward
.
/ .

:
DES-3028 DES-3028P

DES-3052 DES-3052P

10/100BASE-T
- 1000BASE-T/SFP
1000Base-T
DCE RS-232 DB-9

10/100BASE-T
- 1000BASE-T/SFP
1000Base-T
DCE RS-232 DB-9

, :

10/100/1000BASE-T

- 1000BASE-T
/SFP

1000Base-T

IEEE 802.3
IEEE 802.3u
IEEE
802.3x



MDI-X/MDI-II

SFP:
DEM-310GT (1000BASE-LX)
DEM-311GT (1000BASE-SX)
DEM-314GT (1000BASE-LH)
DEM-315GT (1000BASE-ZX)
DEM-210 ( ,
100BASE-FX)
DEM-211 ( ,
100BASE-FX)

WDM:
DEM-330T (TX-1550/RX-1310),
10,
DEM-330R
(TX-1310/RX-1550),
10,
DEM-331T (TX-1550/RX-1310),
40,
DEM-331R (TX-1310/RX-1550),
40,

IEEE 802.3
IEEE 802.3u
IEEE 802.3ab
IEEE 802.3z
IEEE
802.3x

IEEE 802.3z IEEE


802.3u
:
-
SFP


1000BASE-T.
(, 25 SFP 25 1000BASE-T), SFP
, 1000BASE-T
.


DES-3028P

10/100Base-TX (10/100/)
2 - 1000BASE-T/SFP ( )

1000BASE-T ( )
DCE RS -232 DB-9
Power (), Console (), Link/Act/Speed .

1.1 DES-3028P

DES-3052P

10/100Base-TX (10/100/)
2 - 1000BASE-T/SFP ( )

1000BASE-T ( )

DCE RS -232 DB-9


Power (), Console (), Link/Act/Speed .

1.2 DES-3052P


, DES30xx, :

Power

Console

10/100
/

Link/Act/Speed

Link/Act/Speed

PoE

PoE.

Link/Act/Speed

()



100/

()


()

100/


10/

()

10/

()

()

PoE

GE

Link/Act/Speed
1000Base-T

PoE
.

PoE

()

1000/

Link/Act/Speed
SFP

()


()

1000/

()

100/

()


()

100/

()

1000/

()


()

1000/

()

100/

()


()

100/

SFP
DES-3028/28P/52/52P SFP (Small Form Factor Portable),
uplink-
. SFP-
,
DEM-310GT (1000BASE-LX), DEM-311GT (1000BASE-SX), DEM-210
(100BASE-FX, ), DEM-211 (100BASE-FX, ), DEM314GT (1000BASE-LH), DEM-315GT (1000BASE-ZX), DEM-330T/R (WDM) DEM-331T/R
(WDM). , SFP .

1.3 DES-3028/28P/52/52P


, , .
:

DES-30

(AC)

CD-

( )

RS-232
- , ,
D-Link .


. ,
.

,
, , 4,24 . .

1,82 .

,
.

,
. 10
.

,
, , .

,
.
.


,
.
.
.

2.1


19 .
.

2.2

.
, , 2.3.

19
:
,
, ,
. ,
. ,

,
.

2.3


,
. , ,
. .


, ,
. ,
.

: 10/100/1000/ NWay
MDI-II, MDI-X-.

Ethernet


(PC) Ethernet/Fast Ethernet 10,
100 1000 / RJ-45, .
3, 4 5 UTP/STP. .

3.1

Link/Act UTP-
.
.

10 Base-T

3,
4

5
/ (UTP/STP) .

100Base-TX

/ (UTP/STP) .
9

1000Base-T

5e

/ (UTP/STP) .

, uplink,
SFP- .

3.2 , ( Uplink)

: SFP-
10/100/1000BASE-T .

10



Web-
SNMP-
(RS-232 DCE)


SNMP
IP-



, Telnet. Web Web-.

Web-
, ,
, Web-,
, Netscape Navigator ( 6.2.3 ) Microsoft Internet Explorer ( 6.0).

SNMP-
, SNMP. SNMP 1.0, 2.0 3.0. SNMP-
SNMP-
MIB. SNMP- MIB .


(RS-232 DCE)

RS-232,
.
DB-9 ,
(DTE Data Terminal Equipment).
:

- RS-232 DB-9
.
:
1. RS-232
.

11

2. .
:
3. (COM 1 COM 2).
4. 9600 .
5. : 8 ; 1 .
6. .
7. Properties VT 100 .
8. , Crtl. ,
, Windows.
: HyperTerminal
Microsoft Windows 2000, ,
Windows 2000 Service Pack 2 . Windows 2000
Service Pack 2
HyperTerminal VT100. Windows
2000 Service Pack www.microsoft.com
9. , ,
. .
10. , , console login.
11. (CLI) ,
Enter, (User name)
(Password), .. . , ,
.
, , ,
.
12. .
.
. CD-

DES-3028/28P/52/52P,
CLI.
13. , ,
.
, , ,
.
, ,
VT100.
, Hyper Terminal File Properties Settings
Emulation. , ,
.
, .
.
.
: ,
Enter.

12

4.1


, ,
.
, .
: , ,
, , S s.
.
: Ctrl+R .

.
Enter Username ( ) Password ().
DES-3028P:4#, .
. Username ( )
Password () .

13

4.2

:
.
.


DES-30xx .
.

,
.
,
.
, :

CLI ,
<user name>, Enter.

. <password> ,
Enter.

.
Enter.

: .
15 .

14


newmanager.

: CLI

.
, Save,
.

SNMP
Simple Network Management Protocol (SNMP)
( ) OSI,
. SNMP
, ,
. SNMP ,
,
.
SNMP ( ),
.

SNMP .
MIB (Management Information Base),
, SNMP-.
SNMP MIB
.
DES-30xx SNMP : 1, 2 3. ,
SNMP . SNMP

.
SNMP v.1 v.2
(community string), .
SNMP
community string. SNMP ,
().
community strings , v.1 v.2
SNMP, :

public
MIB.

15


private
MIB.
SNMP v.3 , .
,
SNMP-. ,
SNMP-.

. SNMP
SNMP-. , SNMP-,
,
SNMP v.1,
/, SNMP v3.
SNMP , SNMP v.3,
SNMP.
(OID Object Identifier),
MIB. SNMP v.3
: SNMP .
SNMP v.3 ,
.

Traps
Traps - , , .
, (-
) , , .
traps ( ).
traps (Authentication Failure),
(Topology Change) /
(Broadcast\Multicast Storm).

MIB
MIB
. MIB-II. ,
MIB ,
SNMP. MIB-II,
MIB,
. MIB,
MIB. MIB , -.

IP-
IP-,
SNMP TCP/IP (, BOOTP,
TFTP). , IP- - 10.90.90.90. ,
.
MAC-. MAC-
, show switch

, :

16

4.3 show switch

MAC- Web- Switch


Information (Basic Settings) Configuration.
IP-
Web- . IP- ,
BOOTP DHCP: ,
. IP-
CLI :
:
config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy
x IP-, IP- (System); y .
: config ipif System ipaddress xxx.xxx.xxx.xxx/z
x IP-, IP- (System); z
CIDR
IP- , System, IP-
. Telnet Web-
.

17

4.4 IP-

IP- 10.90.90.91
255.0.0.0 ( CIDR -10.90.90.91/8). Success ,
.
Telnet CLI Web- .

18

Web-

Web-
Web-

DES-30xx ,
Web- (HTML).
, Opera, Netscape
Navigator/Communicator Microsoft Internet Explorer.
HTTP-.
Web- (Telnet)

. , , Web-
, .

Web-
, ,
, IP-, . URL
: http://123.123.123.123, 123
IP- .
: IP- 10.90.90.90.
Login. ,
:

19

5.1 Enter Network Password

User Name ( ) Password ()


. Web-.
, Web- ,
.

Web-
Web- ,
, .

Web-
, , :
, .

5.2 Web-

Area 1

: .
, ,
, . D-Link,

20

D-Link.
Area 2


. ,
, , ,
, .

, .

Area 3


.
: ,
, Web ( ) Save Changes Save
() CLI.

, Web-
Web- ,
.
, Web-:
Administration () ,
, Device Information ( ), IP Address (IP-), Port
Configuration ( ), DHCP/BOOTP Relay, User Accounts (
), Port Mirroring ( ), System Log Settings (
), Log Settings, SNTP Settings ( SNTP), MAC Notification Settings
( MAC-), TFTP Services ( TFTP), Multiple Image Services, Ping Test
(Ping-), Safeguard Engine, SNMP Manager (SNMP-), PoE System ( PoE), Single
IP Settings ( IP-), Forwarding & Filtering (
) SMTP Service ( SMTP).
Layer 2 Features ( 2) ,
2 , VLAN, , IGMP Snooping Spanning Tree.
CoS ( ) , Port Bandwidth (
), 802.1P Default Priority ( 802.1p), 802.1P User Priority
( 802.1P), CoS Scheduling Mechanism ( CoS ), CoS
Output Scheduling, Priority Settings ( ), TOS Priority Settings (
TOS), Port Mapping Priority Settings MAC Priority ( MAC-).
ACL ( ) , Time Range
( ), Access Profile Table ( ) CPU Interface Filtering.
Security () , Traffic Control (
), Port Security ( ), Port Lock Entries, SSL, SSH, 802.1x,
Trusted Host ( ), Access Authentication Control (
) Traffic Segmentation ( ).
Monitoring () , CPU Utilization
( CPU), Port Utilization ( ), Packets ( ), Packet
Errors ( ), Packet Size ( ), MAC Address(MAC-), Switch Log
( ), IGMP Snooping Group ( IGMP Snooping), Browse Router Port (
), Static ARP Settings ( ARP), Session Table (
) Port Access Control ( ).

21

Switch Maintenance ( ) , Reset


( ), Reboot System ( ), Save Changes ( )
Logout ( ).

: ,

22


IP-





LACP
MAC- (MAC Notification)
IGMP

(Forward Filtering)
(VLAN)

(Port Security)
(QoS)
(System Log Servers)
SNTP
(Access Profile Table)
Port Access Entity
IP MAC- (IP-Mac Binding)
IP Multicast


Device Information .
. Device Information
DES- 30xx Web Management Tool. Device Information MAC
Address ( ), Boot PROM, Firmware Version (
) Hardware Version ( ).
PROM , MAC-
, .
System Name ( ), System Location (
) System Contact ( ),
. ,
,
.
.

23

6-1. Device Information

, , :

24

System Name

, .
.

System Location

, .

System Contact

, .

Serial Port Auto


Logout Time

.

. : 2
Minutes, 5 Minutes, 10 Minutes, 15 Minutes Never.
10 minutes.

Serial Baud Rate

.
: 9600, 19200, 38400 115200.
CLI,
115200, .

MAC Address
Aging Time

- ( -).
. 10
1 000 000 . 300 .

IGMP Snooping

IGMP Snooping, Enabled.


IGMP snooping (Disabled). IGMP
snooping
(. ). IGMP Snooping
VLAN IGMP Snooping,
L2 Features > IGMP Snooping.

Multicast Router
Only

,
.

IP- .
(Disabled).

Telnet Status

Telnet
(Enabled). Telnet,
Disabled ().

Telnet TCP Port


Number (1-65535)

TCP-. TCP 1 65535. TCP-, ,


, Telnet, - 23.

Web Status

Web-
(Enabled) . Disabled ()
Web-.

Web TCP Port


Number (1-65535)

TCP- Web- (GUI). TCP 1


65535. TCP-, , , Web, 80.

RMON Status

(Enabled) (Disabled)
(RMON) .

Link Aggregation
Algorithm

,
,
. , MAC Source,
MAC Destination, MAC Src & Dest, IP Source, IP Destination IP Src & Dest
(
).

Switch 802.1X

Disabled ().
802.1X.
, 802.1X,
Port Access Entity.

802.1X

25

802.1X, ,

.
MAC- , ,
802.1X, MAC-
,
.
Auth Protocol

802.1X RADIUS
Eap .

Syslog Status

.
Disabled ().

Port Security
Trap Log

Port security trap


log. Disabled ().

ARP Aging Time


(0-65535)

,
ARP-
. .
0 65535 .
- 20 .

GVRP


GVRP .

Apply .

IP-
Ethernet IP-
. IP- ,
DES-3028/28P/52/52P
4 . IP- Web-,
IP Address, Administration.
IP- :
Configuration IP Address. IP Address Settings
IP- , .

6-2. IP Address Settings

IP- , :
1. Get IP From Manual.
2. IP- (Subnet Mask).

26

3. , IP (Default Gateway).
, , (0.0.0.0).
4. VLAN ,
VLAN - Default. VLAN
, VLAN ID (VID) VLAN,
, .
.
, VID .
: IP- 10.90.90.90
255.0.0.0 0.0.0.0.
IP-, ,
BOOTP DHCP, Get IP From BOOTP
DHCP. IP-
.
IP-:

BOOTP

DHCP

Manual

Subnet Mask

Default
Gateway
VLAN Name

Admin State

BOOTP. IP-, ,
BOOTP-. ,

BOOTP-,
.
DHCP-.
IP-, ,
DHCP-. ,

DHCP-, .
IP-,
.
: xxx.xxx.xxx.xxx, 0 255.
,
.
, .
: xxx.xxx.xxx.xxx,
0 255.
255.0.0.0, 255.255.0.0
255.255.255.0. .
IP-, ,
. IP-.

, .
VLAN,
, TCP/IP ( Web Telnet). VLAN
, , IP- Security IP
Management. VLAN , VLAN
. .. Security IP
Management , ,
, ,
VLAN IP- .
/ Admin State
IP-, .

27

Auto Config
State

,

.
,
TFTP DHCP- .
. , Auto Config,
DHCP- TFTP- IP-
DHCP. TFTP-

.

DHCP- / TFTP-.
,

Apply.

IP-

IP-, SNMP TCP/IP (, BOOTP, TFTP). IP-
10.90.90.90. ,
.
IP-
Web-. IP-
BOOTP DHCP,
. IP-
:
, config ipif System ipaddress
xxx.xxx.xxx.xxx/ yyy.yyy.yyy.yyy. - IP-, IP- (System),
.
config ipif System ipaddress xxx.xxx.xxx.xxx/z. x IP, IP- (System); z
CIDR-.
IP- , System, IP-
, Telnet
Web- .
Telnet Web- .
Sucess .
Telnet, CLI Web-
. IP-
.
: , ,
D-Link, .



, .

28


Administration > Port Configuration > Port Settings ,
:

6-3. Port Configuration

:
1. , FromTo.
2. :

From. To

State

Speed/Duplex

Speed/Duplex
(/) . Auto
10 100 /,
. Auto

29

,
. Auto, 10M/Half, 10M/Full,
100M/Half 100M/Full, 1000M/Full_M 1000M/Full_S. ,
Auto, .

; 1000M/Full_M 1000M/Full_S.

, .
1000M/Full_M (master) 1000M/Full_S (slave)
, 1000BASE-T
,
Gigabit Ethernet. master (1000M/Full_M)
, ,
. master
master slave
.
.
master
. slave (1000M/Full_S)
,
master.
1000M/Full_M,
1000M/Full_S.
.
Flow Control

,
. , ,
802.3x;
.
Auto .
Disabled.

Medium Type

-. -
. SFP-
Fiber, 1000BASE-T Copper.

Learning

(Enabled) MAC-
.
Enabled. .

Apply.

, - (Port
Error Disabled)
, disabled ()
, STP loopback detection ( ) .
, Port Configuration > Port Error Disabled.

6- 4. Port Error Disabled

Port

,
.

30

Port State

(Enabled Disabled).

Connection Status

uplink- .

Reason

error-disabled, , ,
STP loopback.

Description

31



,

.
,

Administration
>
Port
Configuration > Port Description.

:

From To
,
. Apply,
Port
Description Table.
Medium Type
-.
.
SFP-
Fiber,

1000BASE-T
Copper.
: C
F
.

6- 5. Port Description

DHCP/BOOTP Relay
DHCP/BOOTP Relay Global Settings ,
Administration > DHCP/BOOTP Relay > DHCP/BOOTP Relay Global Settings:

32

DHCP / BOOTP Relay

6-6. DHCP/ BOOTP Relay Global Settings

Relay State
Relay Hops
Count Limit (116)
Relay Time
Threshold (065535)

DHCP Agent
Information
Option 82 State


Enabled () Disabled ().
( 1 16)
DHCP/BOOTP-. 4.
0 65535
DHCP/BOOTP-.
0,
BOOTP- DHCP-. , 0,

BOOTP- DHCP-.
(Enabled)
(Disabled) Option 82 .
Disabled.
Enabled
Relay Agent (
) option 82
DHCP- . DHCP-.
DHCP .
option-82, remote ID / circuit ID
IP- ,
IP-, remote ID circuit ID.
DHCP option-82 DHCP - .
option 82,
.
DHCP - Unicast
. , ,
IP .
option-82 ,
DHCP - , DHCP .
Disabled- option 82.
(Enabled Disabled)
/
option 82 .
Enabled Enabled,
option 82. ,
, option 82, DHCP-,
.
Disabled- Disabled,
option 82 .

DHCP Agent
Information
Option 82 Check

33


Replace, Drop Keep.
, DHCP Agent
Information Option 82 Check Disabled ().
Replace.
Replace- option 82 ,
DHCP-.
Drop- DHCP-
option 82, .
Keep- option 82
, DHCP-.

DHCP Agent
Information
Option 82 Policy

Apply .
: DHCP- ,
option-82, DHCP Agent Information
Option 82 Check , .
option 82 .
DHCP Agent Information
Option 82 Check. DHCP Agent Information Option 82 Policy

, option-82.

Option 82 DES-30xx
config dhcp_relay option_82 option 82 DHCP relay,
. circuit ID remote ID :
: circuit ID
Module 0.

Circuit ID:
1.
1
1

2.

3.

6
1

4.
4

5.
VLAN

Module
2

6.
Port
1

7.
1

a.
b.
c. Circuit ID
d.
e. VLAN: VLAN ID DHCP-.
f. :
0, Unit ID.
g. : DHCP-,
1.
Remote ID:
1.

2.
2

3.
8

4.
0

5.
6

MAC address
34

1.
2.
3.
4.
5. MAC-: MAC- .
6-7. Circuit ID Remote ID

DHCP/BOOTP Relay
DHCP/ BOOTP Relay Interface Settings IP-
DHCP/ BOOTP .
IP-,
DHCP/BOOTP. BOOTP Relay Table
, Add Apply.
4 IP- IP- .
. DHCP/BOOTP Relay
Global Settings ,
Administration > DHCP/BOOTP Relay >
DHCP/BOOTP Relay Interface Settings:

6-8. DHCP/BOOTP Relay Interface Settings DHCP/BOOTP Relay Interface Table

Interface

IP- , .

Server IP

IP- DHCP/BOOTP-. IP-


IP-.


User Account Management .
Administration
User Accounts. User Account Management,
.

6-9. User Accounts

, Add.
, Modify.

35

6-10. User Accounts Add Table

, User Name New Password,


Confirm New Password. (Admin
User) Access Right.

6-11. User Accounts Modify Table


User Account Modify Table.
Delete. , New Password,
Confirm New Password.. (Admin User)
Access Right.



, ,
, , RMON-.
.

36

6-12. Setup Port Mirroring

:
Source Port (-), , Target
Port (-), .
: Ingress (), Egress () Both ();
Status Enabled.
Apply.
:
. , 100/
10/, . ,
,
, ,
.
.


,
. Administration System Log Settings,
.

6-13. System Log Host

37

,
, . .

6-14. Configure System Log Server Add ()

Index

(1-4).

Server IP

IP- .

Severity
Facility


. : Warning,
Informational All.
Facility Values.
, , Facility Values
.
Facility Values .
Facility Values, :

Facility

0
1
2
3
4
5
printer





/
, syslog line

38

7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

UUCP

/
FTP-
NTP



0(local0)
1(local1)
2(local2)
3(local3)
4(local4)
5(local5)
6(local6)
7(local7)

UDP
Port
(514 or 600065535)

UDP-,
. 514.

Status

(Enabled) (Disabled)
.

6-15. Configure System Log Server Edit ()

Apply.
System Log Host, Delete.
System Log Host Show All System Log Servers.

System Log Save Mode Settings ,


flash-. ,
Administration System Log > System Log Save Mode Settings.

39

6-16. Log Settings

Log mode


. : On Demand ( ),
Log Trigger Time Interval ( ).

Time Interval

IP- .

SNTP

Admininistration,
SNTP Time Setting. , .

6- 17. Current Time

, ,
:

Current Time: Status

40

Current Time

Time Source

,
.
Current Time: SNTP Settings

SNTP State

(Enabled)
(Disabled) SNTP.
IP- , SNTP-.

SNTP Primary
Server
SNTP Secondary
Server

IP- , SNTP-.

SNTP Poll Interval


in Seconds

SNTP.
Current Time: Set Current Time

Year

Month

Day

Time in HH MM

,
.

Apply.

DST

, Administration SNTP Time Zone and DST

41

6- 18. Time Zone and DST Settings

Time Zone and DST Settings

Daylight Saving
Time State
Daylight Saving
Time Offset in
Minutes
Time Zone Offset
from GMT in +/HH:MM


DST ( ).

30, 60, 90 120 .

(Greenwich Mean Time (GMT)).

DST Repeating Settings


.
, . ,

42

,
.
From: Which Day
,
.
From: Day of Week ,
.
From: Month
, .
From: time in
HH:MM

( ),
.

To: Which Day

,
.
,
.
, .

To: Day of Week


To: Month
To: time in HH:MM

( ),
.
DST Annual Settings
.
. ,
3 , - 14 .
From: Month
,
.
From: Day
,
.
From: Time in
( ),
HH:MM
.
To: Month
To: Day
To: Time in HH:MM

,
.
,
.
( ),
.

Time Zone and DST Apply.

MAC-
MAC Notification (MAC-) MAC-
.

MAC-
-
. Notification Settings Administration.

43

6- 19. MAC Notification Global Settings

State
Interval (sec)
History size

/ MAC- .
.
.
500 .

44

MAC-
-
:

FromTo
State

, MAC.
MAC- .

Apply .

TFTP
(Trivial File
Transfer Protocol ,TFTP)

TFTP-

.

TFTP-.

. TFTP-

,
.

6-20. TFTP Services

DES-30xx
/ Flash- .
, ,
TFTP- flash- ,
flash- TFTP-.
Flash- Flash File
Services.
TFTP- , ,
, NetSight, .
,
TFTP Services, Administration.
:

Operation

TFTP:
Download Firmware - IP- TFTP-
TFTP-. Start IP TFTP- .
Download Configuration - IP- TFTP-,
TFTP-. Start
IP- TFTP- .
Upload Configuration - IP- TFTP-,
TFTP-. Start
IP- TFTP- .
Upload Log - IP- TFTP-,
TFTP-. Start
IP- TFTP- .

45

Server IP Address

IP- ,
.

File Name


/ TFTP-.

Image ID


Flash-.

Start .

, Flash-, ,
.

6.21 Firmware Information


,
.
.

6- 22. Config Firmware Image

46

Ping Test
Ping test , - ICMP IP-.
- .
.

6.23 Ping Test

Infinite times Repeat Pinging for,


ICMP - IP- .
ping IP 1 255. Start ping.

Safeguard Engine
,
( . flooding , ARP-) .
Safeguard Engine .
Safeguard
Engine.
Safeguard Engine ,

.
Sfeguard Engine ) )
, Exhausted ( ).
ARP- IP-
.
-. -
ARP-, ARP-
IP- 5 . 5
. ,
. - -,

47

, ARP- IP-
(10). 320 ,
.
Safeguard Engine.

6- 24. Safeguard Engine

, -,
, ARP-
IP-.
ARP- IP-, 5
-. ( = 5 , = 10
, = 20 ). , ARP- IP- 5
, .
,
. ,
, 25%,
.

:
IP- .

Safeguard Engine Security> Safeguard Engine,


:

48

6-25. Safeguard Engine

Safeguard Engine, Enabled State


Apply.
Safeguard Engine, CPU Utilization
Settings. .

6- 26. Safeguard Engine CPU Utilization Settings

State
Rising Threshold

Falling Threshold

Trap/Log
Mode

(Enabled)
(Disabled) Safeguard Engine.
<20-100>
CPU, Safeguard
Engine.
CPU , Safeguard Engine
.
<20-100>
CPU, Safeguard
Engine.
CPU , Safeguard
Engine .
/
Safeguard Engine / SNMP.
Fuzzy Strict.

SNMP-
SNMP
Simple Network Management Protocol (SNMP)
( ) OSI,
. SNMP
, ,
. SNMP ,
,
.

49

SNMP ( ),
.

SNMP .
MIB (Management Information Base),
, SNMP-.
SNMP MIB
.
DES-30xx SNMP : 1, 2 3. ,
SNMP . SNMP

.
SNMP v.1 v.2
(community string), .
SNMP
community string. SNMP ,
().
community strings , v.1 v.2
SNMP, :
public MIB.
private MIB.
SNMP v.3 , .
,
SNMP-. ,
SNMP-.

. SNMP
SNMP-. , SNMP-,
,
SNMP v.1,
/, SNMP v3.
SNMP-, SNMP v.3,
SNMP.
(OID Object Identifier),
MIB. SNMP
v.3, SNMP .
SNMP v.3 ,
.

Traps
Traps - , , .
, (-
), , , .
traps ( ).
traps (Authentication Failure),
(Topology Change) /
(Broadcast\Multicast Storm).

MIB
MIB
. MIB-II. ,
MIB ,

50

SNMP. MIB-II,
MIB,
. MIB,
MIB. MIB , -.
DES-3028/28P/52/52P SNMP-. SNMP
.
SNMP V3 SNMP,
.
DES-3028/28P/52/52P Simple Network Management Protocol (SNMP)
1, 2c 3. SNMP,
. SNMP
.
SNMP SNMP V3 Web-. ,
SNMP-, Management Station IP Address.

SNMP Traps
SNMP trap .
Administration > SNMP Manager > SNMP Trap Settings:

6- 27. SNMP Trap Settings

Traps State / Authenticate Traps State,


Apply.

SNMP
SNMP User Table SNMP.
Administration > SNMP Manager > SNMP User Table.
SNMP User Table, .

6- 28. SNMP User Table

SNMP User Table,


Delete
.
,
View Display. SNMP User Table Display,
.

51

6- 29. SNMP User Table Display

User Name
Group Name
SNMP Version
Auth-Protocol

Priv-Protocol

-
32 ,
SNMP-.
, SNMP-
SNMP -.
V1 , SNMP 1.
V2 , SNMP 2.
V3 , SNMP 3.
None , .
MD5 ,
HMAC-MD5-96.
SHA , HMACSHA.
None , .
DES , 56-
. DES CBC-DES (DES-56).

SNMP- Show All SNMP User Table


Entries. SNMP User Table Configuration,
Add SNMP User Table. SNMP User Table
Configuration, .

6- 30. SNMP User Table Configuration

User Name

-
32 ,
SNMP.

52

Group Name
SNMP Version
Auth-Protocol

Priv-Protocol

Encrypted

, SNMP-
SNMP -.
V1 , SNMP 1.
V2 , SNMP 2.
V3 , SNMP 3.
MD5 ,
HMAC-MD5-96. , SNMP
Version V3 Encryption,
.
SHA , HMACSHA. , SNMP Version V3
Encryption,
.
None , .
DES , 56- DES,
CBC-DES (DES-56). ,
SNMP Version V3
Encryption. , 8-16
- .

SNMP V3. SNMP V3.

, Apply. SNMP Show All SNMP User Table Entries.

SNMP (SNMP View Table)


SNMP View Table community strings, ,
MIB SNMP-.
Administration > SNMP Manager > SNMP View Table.
:

6- 31. SNMP View Table

SNMP View Table, Delete


.
Add, .

53

6-32. SNMP View Table Configuration


:

View Name

32 .
SNMP.

Subtree OID

(OID) . OID
( MIB),
SNMP-.

View Type

Included ,
SNMP- . Excluded,
, SNMP-
.

Apply. SNMP View Table


Show All SNMP View Table Entries.

SNMP-
SNMP-, , SNMP- (
SNMP- (SNMP User Table)) ,
. SNMP Group Table Administration > SNMP Manager
SNMP Group Table. :

54

6- 331. SNMP Group Table

SNMP-

Delete.
SNMP Group Table View,
Display. .

6-34. SNMP Group Table Display

SNMP- , Add
SNMP Group Table. SNMP Group Table
Configuration, .

6-35. SNMP Group Table Configuration

Group Name

, -
32 .
SNMP- SNMP-.

55

Read View Name


Write View Name
Notify View Name
Security Model

Security Level

SNMP-,
SNMP-.
SNMP- ,
SNMP- .
SNMP- , trap SNMP, SNMP- .
SNMP v1 , SNMP 1.
SNMP v2 , SNMP 2.
SNMP v.2
.
(Structure of Management Information, SMI),
.
SNMP v3 , SNMP 3.
SNMP v3 ,
, .
SNMP v.3.
NoAuthNoPriv , ,
,
SNMP-.
AuthNoPriv , ,

SNMP-.
AuthPriv ,
, SNMP, .

Apply. SNMP-
Show All SNMP Group Table Entries.

SNMP Community
SNMP community string,
SNMP. Community string ,
.
community string:

IP- SNMP-,
ommunity string SNMP- .

MIB, MIB,
SNMP community.

/ SNMP community
MIB.

SNMP Community SNMP Manager (


Administration) SNMP Community Table, :

6- 36. SNMP Community Table

56


Community Name

View Name

Access Right

-
32 .
MIB SNMP SNMP-
SNMP-.

-
32 ,
MIB, SNMP
. View Name
SNMP View Table.
Read Only , SNMP community,
community string,
MIB .
Read Write , SNMP community,
community string,
MIB .

, Apply. SNMP
Community Table Delete .

SNMP
SNMP Host Table SNMP trap. SNMP
Manager ( Administration) SNMP Host Table.
SNMP Host Table, . SNMP
Host Table, Delete .
SNMP Group Table,
Host IP Address.

6-37. SNMP Host Table

SNMP, Add
. SNMP Host Table Configuration, .

6- 38. SNMP Host Table Configuration

Host IP Address
P Version

IP- ,
SNMP- .
V1 , SNMP 1.
V2 , SNMP 2.
V3-NoAuth-NoPriv , SNMP
3 NoAuth-NoPriv.
V3-Auth-NoPriv , SNMP
3 Auth-NoPriv.
V3-Auth-Priv , SNMP 3

57

Community String
/ SNMP V3 User
Name

Auth-Priv.
community string SNMP V3.

Apply. SNMP Host Table


Show All SNMP Host Table Entries.

SNMP Engine ID
Engine ID , SNMP v3.
- SNMP engine .
SNMP Engine ID , SNMP Manger (
Administration) SNMP Engine ID. SNMP Engine ID
Configuration.

6- 39 SNMP Engine ID

Engine ID, Engine ID


Apply.

PoE
DES-3028P DES-3052P Power over Ethernet (PoE)
IEEE 802.3af. 1-24/1-48
(Power Devices, PDs) 48 UTP- Ethernet 5
3. DES-3028P, DES-3052P PSE (Power Source over
Ethernet) Alternative A, 1, 2, 3 6.
DES-3028P DES-3052P 802.3af D-Link.
DES-3028P DES-3052P PoE:

PoE
.

, : 1)
; 2)
.

.
.

15,4

4,0

7,0

15,4

58

0,44 12,95

0,44 3,84

3,84 6,49

6,49 12,95

PoE DES-3028P DES-3052P Administration > PoE


Configuration. PoE System ,
PoE.
Power Limit 37 185 ( DES-3028P) 37 370
( DES-3052P). 185 ( DES-3028P) 370 ( DES-3052P).
, PoE-
.
PoE Administration > PoE Configuration,
.

PoE

6- 40. PoE System Configuration

PoE

59

6- 41. PoE Port Configuration

Power Limit

Power
Disconnect
Method

PoE System
,
PoE. Power Limit 37
185 ( DES-3028P) 37 370 ( DES-3052P).
185 ( DES-3028P) 370 (
DES-3052P).
PoE- Deny next port (
) Deny low priority port (
),
.
Power Disconnect Method. Deny next
port. :
Deny next port ,
, .

From To
State

Deny low priority port - ,


,
.
PoE Configuration
,
PoE.
PoE
.

60

Priority

PoE.

Power Limit

PoE.
PoE
Power Disconnect Method. 1000 15400.

Apply PoE. PoE


, .

IP-
(Single IP Management, SIM)
D-Link Single IP Management ( IP-) ,
Ethernet
.
Single IP
Management:
1.
SIM
, .
2.
SIM IP-.
3.
SIM
,
.
, D-Link Single IP Management (SIM),
:
SIM ,
Web-.
SIM
.
,
SIM. Commander Switch (CS) ,
Member Switch (MS) ,
CS SIM- Candidate Switch (CaS )
, SIM-,
CS SIM-.
SIM- Commander
Switch (CS).
SIM- IP-
( ). SIM- .
SIM- 33 ( 0 32),
( 0).
SIM- IP- ( ),
.
VLAN, SIM-
VLAN default.
SIM , , SIM.
,
hop () CS.
SIM- , .
:
1.Commander Switch (CS) ,
:
IP-.
CS SIM-.
, ,
VLAN.

61

2.Member Switch (MS) , SIM- ,


CS,
:
IP-.
CS VLAN
.
3.Candidate Switch (CaS) , SIM-,
. Candidate Switch
SIM-. , CaS,
SIM- :
IP-.
CS VLAN
.
SIM-,
.
CaS,
. IP-
,
CS / .
SIM ,
.
,
.
, .
, SIM-,
SNMP- ( / ),
. MS
IP-, SNMP-, SIM-
.

SIM v1.6
DES-3028/28P/52/52P
SIM 1.6.
, :
1. CS MS,
SIM- Web.
Discover Maintain, SIM- . MAC-
MS CS. MS, CS
MS MS
MS SIM.
.
, MS
. , ,
, CS.
2. ,
. Ethernet-,
, .

62

3. TFTP-:
TFTP-
MS.

MS / TFTP-.
TFTP- MS.
4. ,
.

SIM Web-
CaS

, Single IP Management .
SIM Web-, : Administration Single IP Settings,
.

6.42 SIM Settings (disabled )

SIM (SIM State) Enabled ()


Apply, , :

6.43 SIM Settings (enabled )

Commander Switch (CS), Commander


Role State Apply. :

6.44 SIM Settings ( ommander)

63

SIM State
Role State

Discovery Interval

Holdtime

SIM-
. Disabled SIM
.
SIM. :
Candidate Candidate Switch (CaS) SIM-,
Commander Switch (CS).
SIM- .
Commander ,
CS.
Ethernet, SIM-.
,
SIM.

(discovery packets) .
CS ,
(, MS, CaS).
Discovery Interval 30 90 .
;
,
.
holdtime 100 255 .

, Apply.
CS, Single IP Management
SIM Web- : Topology,
Firmware Upgrade, Configuration Backup/Restore Upload Log File.


Topology SIM-
Java- .

6.45 Single IP Management Tree View

Tree View :

Device Name

, .. , SIM, . ,
(default),

64

Local Port
Speed
Remote Port
MAC Address
Model Name

MAC-.
CS,
MS CaS.
.
MS
CaS.
MS CaS,
.
.
MAC- .
.

Topology Map, View Topology,


. Topology View ( 20 .
).

6.46 Topology View

, Single IP Management
. :



CS
MS
MS
MS,
CaS
CaS

65


, SIM-


Topology view
. ,
, .
.

6.47 ,

, ,
, .

6.48 ,



SIM-.


66

6.49

:
Collapse , .
Expand SIM- .
Property .

6.50 Property

6.51

:
Collapse , .
Expand SIM- .
Property .


67

6.52 -

Collapse , .
Expand SIM- .
Remove from group MS SIM-.
Configure Web- .
Property .

CaS

6.53 - CaS

:
Collapse , .
Expand SIM- .
Add to group CaS.
,
CaS SIM-,
Cancel .

6.54 Input password

Property .


Single IP Management ,

68

6.55 Topology View

File
Print Setup .
Print Topology - .
Preference , ,
SIM.

Group
Add to group CaS. Add to group
, CaS
SIM-, Cancel
.

6.56 - Input password

Remove from Group MS SIM-.

Device
Configure Web- .

View
Refresh .
Topology ( Topology View)

Help
About SIM, SIM.

69

6.57 - About

SIM
Firmware Upgrade
, SIM-, CS.
Administration > Single IP Management Settings > Firmware Upgrade.
, MS,
, MS, MAC-, .
,

Port, IP- ,
, .
Download.

6.58 Firmware Upgrade

/
Configuration File Backup/Restore
, SIM-, CS
TFTP-. , MS,
, MS, MAC-, .
,
Port, IP- ,
, .
Download.
( Upload).
Administration > Single IP Management Settings > Configuration Backup/Restore.

70

6.59 Configuration File Backup/Restore


,
SIM- . Administration >
Single IP Management > Upload Log File. IP- ,
SIM-, .
Upload.

6-60. Upload Log File

( Forwarding
Filtering)
Unicast- (Unicast
Forwarding)
Forwarding Filtering Administration,
Unicast Forwarding, .

6- 61. Unicast Forwarding

/
Add/Modify:

71

VLAN ID (VID)

VLAN (VLAN ID),


.

MAC Address
Allowed to Go Port

MAC-,

-, .
(unicast) MAC-.
,
-.

Apply. Unicast
Forwarding Table Delete.

Multicast Forwarding
, Multicast Forwarding (
) . Forwarding Filtering,
Multicast Forwarding, :

6- 62. Multicast Forwarding Settings

Static Multicast Forwarding Settings ,


. Setup Static Multicast Forwarding
Table Add. , :

6- 63. Setup Static Multicast Forwarding Table

:
VID

VLAN (VLAN ID),


-.

72

Multicast MAC
Address

- .
-.

Port Settings

,
, ,
.
, ,
GMRP. :
None
. None,
.
Egress , .

Apply. Static Unicast


Forwarding Table, Delete.
Static Multicast Forwarding Settings, Show All
Multicast Forwarding Entries.



. Forwarding Filtering
Multicast Port Filtering Mode Setup, :

6- 64. Multicast Filtering Mode

From/To
Mode

,
.
,
,
- .
Forward Unregistered Groups ,
,
,
, .
Filter Unregistered Groups -
,

, .

Apply.

73

SMTP
SMTP (Simple Mail Transfer Protocol) ,
, , ,
.
SMTP, ,
, e-mail ,
. ,

.
SMTP :

.
SMTP Server Address SMTP Server Port SMTP Service Settings.
.
. 8 e-mail
SMTP Service Settings, Mail Receiver
Address.
e-mail ,
.
. e-mail
SMTP Service Settings Self Mail Address.
,
e-mail SMTP-.
, SMTP, SMTP State
SMTP Service Settings, email SMTP Service.
, SMTP, SMTP-,
.
e-mail,
:
.
( link down).
( link up).
SNMP ( ).

NVRAM.
TFTP.
TFTP- : in-process ( ), invalid-file
( ), violation (), file-not-found ( ), complete
() time-out ( ).
.
e-mail SMTP-, , :
IP-.
A timestamp denoting the identity of the SMTP server and the client that sent the message, as
well as the time and date of the message received from the Switch. Messages that have been
relayed will have timestamps for each relay.
, e-mail.
(,
), IP-, MAC-
.
,
.

74

.

, .
,
, 30. ,
.
, ,
.
.
.
. ,
.
, .

SMTP-
SMTP-
e-mail, .
Administration, SMTP Service
SMTP Server Settings.

6- 65. SMTP Service Settings Mail Receiver Address Table

SMTP State
SMTP Server
Address
SMTP Server Port
Self Mail Address
Mail Receiver
Address

SMTP
.
IP- SMTP- .
, e-mail.
,
SMTP-. SMTP - 25,
1 65535.
e-mail, .
. 64
.
e-mail,
e-mail, . 8 e-mail
. ,
Delete Mail Receiver Address Table.

75

Apply .

SMTP
,
, SMTP-.
Administration, SMTP Service SMTP
Service.

6- 66. SMTP Service

Subject
Content

e-mail.
e-mail.

, Send
SMTP, .

76

77

2
(VLAN)

IGMP Snooping
(Spanning Tree)

(VLAN)
Virtual Local Area Network (VLAN) ,
, . VLAN
LAN , LAN.
VLAN
, VLAN.
, VLAN , .
VLAN , ,
,
. , ,
VLAN . VLAN
, ..
VLAN,
.

VLAN
DES-30
,
VLAN, VLAN ,
VLAN.
DES-30 VLAN: VLAN IEEE 802.1Q Port-Based
VLAN ( ). ,
802.1Q, 802.1Q .
VLAN 802.1Q, default.
VID "default" VLAN 1.
, Port-Based VLAN.

IEEE 802.1Q VLAN


:
Tagging () () 802.1Q VLAN .
Untagging ( ) 802.1Q VLAN .
Ingress port ,
( ,
VID=PVID)
Egress port ,
. ,
. ,
.
(tagged),
(untagged). untagging ( ) IEEE 802.1Q VLAN
, VLAN .
(tagging) VLAN ,
802.1Q, Spanning Tree .
IEEE 802.1Q :

78

VLAN ,
.
(Spanning Tree).
.
802.1Q VLAN
:
Ingress rules , .
Forwarding rules ,
.
Egress rules , .

7-1. IEEE 802.1Q

802.1Q VLAN
802.1Q VLAN. . , EtherType.
08100, . 802.1Q
3 (802.1p), 1 Canonical Format Identifier (CFI
Token Ring
Ethernet) 12 VLAN ID (VID). VID VLAN, 802.1Q.
VID 12 4094 VLAN.
4 .
.

79

7- 2. IEEE 802.1Q

EtherType VLAN ID - ,
EtherType/Length Logical Link Control.
, , (Cyclic Redundancy
Check, CRC).

7- 3. IEEE 802.1Q


802.1Q
.
VID, VLAN
. ,
VLAN . 802.1Q,
, VLAN.
802.1Q .
, , ,
802.1Q VLAN. ( , PVID
). (Untagging)
, 802.1Q,
802.1Q VLAN.

80

(Ingress Filtering)
, , VLAN,
Ingress Port. Ingress filtering,
VLAN- ( )
.
VLAN-, Ingress port ,
VLAN, . , .
802.1Q VLAN, ,
.
VLAN-, Ingress Port PVID
VID ( ). Ingress Port ,
VLAN (.. VID), .
, . VID,
, .
Ingress Filtering
. , VLAN, ,
, .

VLAN
VLAN VID=1. PortBased VLAN ( ), , VLAN,
VLAN .
, VLAN VLAN
.
: VLAN,
.
.
.
:
VLAN
System ( )

VID

5, 6, 7, 8, 21, 22, 23, 24

2
3
4
5

9, 10, 11, 12
13, 14, 15, 16
17, 18, 19, 20
1, 2, 3, 4

7- 1. VLAN

VLAN
, 1 (Port 1),
VLAN 2. ( ),
, (Port 10) VLAN 2 (,
VLAN 2). Port 10 VLAN 2,
. Port 10 VLAN 2,
.
VLAN . ..Port 1 ,
VLAN2.

, , VLAN.
VLAN, .. , VLAN-.
, VLAN 1 1, 2, 3, 4; VLAN 2 1, 5, 6, 7. ,

81

1 VLAN. 8, 9, 10 VLAN. , 8, 9, 10 VLAN-.

VLAN
c VLAN. VLAN, ,
.

VLAN
L2 Features VLAN Static VLAN Entry,
:

7- 4. Static VLANs Entry Settings

802.1Q Static VLANs VLAN ( ID).


802.1Q VLAN Delete.
802.1Q VLAN 802.1Q Static VLANs
Add. , . ,
, VLAN.
:

7- 5. 802.1Q Static VLAN -

Current 802.1Q Static VLAN Entry Settings


Show All Static VLAN Entries. 802.1Q VLAN,
Modify.

82

VLAN.
.

7- 6. 802.1Q Static VLANs

VID (VLAN ID)


VLAN Name
Port Settings
Tag
None
Egress

VLAN ID Add Modify VLAN


ID VLAN. VLAN VID.
VLAN Add VLAN
Modify.
, VLAN.
802.1Q 802.1Q .
, .
, VLAN
,
VLAN. Egress Port , VLAN.
, .

Apply. Show All Static VLAN Entries


802.1Q Static VLANs.

GVRP
L2 Features VLAN GVRP Settings. GVRP Settings,
, ,
GARP VLAN Registration Protocol (GVRP)
VLAN. Ingress Checking
, PVID PVID .
, :

83

7- 7. GVRP Settings

From/To

GVRP
Ingress Check

PVID

,
VLAN . VLAN 802.1Q Port
Settings.
Group VLAN Registration Protocol (GVRP)
VLAN.
.
Enabled () Disabled
(). VID
PVID . ,
. Disabled () ingress-.
, .

PVID , VLAN
802.1Q Port Settings.
VLAN VID=1. PVID
, .
,
, 802.1Q, PVID.

84

Acceptable Frame
Type

,
PVID
. , Ingress Filtering
, VID PVID .
, .
.
, .
Tagged Only, ,
VLAN, Admit_All,
, ,
. Admit_All.

Apply.



(Port trunk groups)
.
2 8 . ,
800/

7-8.

.
, ( ),
.

85

: -
, , ,
.
.

. .
,
, .
,
2 8. ,
.
: .
VLAN, STP-,
, ; 802.1p
. ,
802.1X , . ,
,
.
Master Port ( ) , ,
VLAN, Master Port,
.

,
.
Spanning Tree Protocol ( )
. STP

. , STP
, , .


, Link Aggregation
Trunking L2 Features. :

7-9. Link Aggregation

Add,
. Link Aggregation Settings ( )
. , Modify,
. ,
Delete, .

86

7-10. Link Aggregation Settings -

LACP
Link Aggregation Control
Protocol(LACP) L2 Features > Trunking > LACP Port Settings,
:

87

7- 11. LACP Port Settings

LACP,
From To, Mode (Passive
Active), Apply .

IGMP
IGMP (Internet Group Management Protocol) snooping IGMP
, IGMP-.
IGMP snooping, ,
, IGMP, .
IGMP Snooping,
(. ).
VLAN, IGMP Snooping L2 Features. IGMP snopping
,

IGMP-, .
IGMP ,
, .

88

IGMP Snooping IGMP Snooping.


Modify, VLAN ID.

7- 12. IGMP Snooping

Modify IGMP Snooping Settings, :

7- 13. IGMP Snooping Settings

VLAN ID
VLAN Name
Query Interval

Max Response
Time

VLAN, VLAN, VLAN,


IGMP snooping.
VLAN, ID VLAN, VLAN,
IGMP snooping.
( )
IGMP-. 1 65535.
125.
IGMP-.
1 25 ( ). 10.

89

Robustness
Variable

Last Member Query


Interval
Host Timeout

Router Timeout

Leave Timer

Querier State

.
VLAN, , ,
Robustness Variable ,
. 1 255. 2.

-, ,
. =1
,

.
= 260.
( ).
260.

Leave
. ,
.
Enabled IGMP-, Disabled
. Disabled.

Querier Router
Behavior

, ,
. Querier
, IGMP.
Non-Querier ,
IGMP.
(Querier) , Querier State State
Enabled.

State

Enabled IGMP snopping.


Disabled.

Fast Leave

Fast Leave.

(
Last Member Query Timer) IGMP
Leave Report Packet. Disabled.

Apply . IGMP Snooping


Show All IGMP Group Entries.
: Fast Leave IGMPv2,
.
VLAN,
. Fast Leave,
fast leave .


,
. WAN .
,
, (IGMP),
, .

90

:
IGMP- .
IGMP- .
UDP- .
IGMP- IGMP snooping,
, 3- ,
UDP-, UDP-
.
,
IGMP-, RIPv2, DVMRP PIM-DM.
IGMP Snooping Static Router Ports Settings,
Static Router Port Settings, .

7- 14. Current Static Router Port Entries

.
Modify. Static Router Ports Settings,
:

7- 15. Static Router Ports Settings

VID (VLAN ID)


VLAN Name
Member Ports

(ID) VLAN, VLAN, VLAN,


.
VLAN,
.
,
.

Apply. Static Router


Ports Settings, Show All Static Router Port Entries.

91


(Spanning Tree): 802.1d
STP, 802.1w Rapid STP. 802.1d STP
.
802.1d STP, 802.1w Rapid STP 802.1s MSTP. 802.1w
RSTP Ethernet D-Link,
, , 802.1d STP 802.1w RSTP
.

802.1w Rapid Spanning Tree


Spaning Tree: Rapid Spanning Tree Protocol
(RSTP), IEEE 802.1w, , IEEE 802.1d STP. RSTP
IEEE 802.1d, , ,
RSTP.
IEEE 802.1w Rapid Spanning Tree Protocol (RSTP)
802.1d STP. RSTP ,
STP (, 3- ,
Ethernet). RSTP
STP, ,
, .
STP .



,
( ). RSTP Discarding
(, ), 802.1d,
(, ,
). STP ,
RSTP/MSTP Discarding,
, .
7-2 .
.
.
BPDU-, Hello-. BPDU-
, BPDU- .
. ,
. 802.1d
.

802.1w RSTP

(Discarding)

(Discarding)

(Discarding)

802.1d STP

(Disabled)

(Blocking)

92

(Listening)

(Learning)

(Forwarding)

(Learning)

(Forwarding)

7-2.

RSTP ,
, RSTP- RSTP. , ,
. ,
: edge port ( ) point-to-point (P2P) .


(Edge port) , ,
. ,
. , ,
,
. , BPDU-,
spanning tree.

P2P-
2- . 2-
. RSTP ,
, 2-,
.

802.1d 802.1w
RSTP , STP 802.1d,
BPDU- 802.1d. 802.1d STP
RSTP,
.
Spanning Tree Protocol (STP) :
1. .
2. -
.

STP Loopback Detection


STP

. STP
BPDU, , , BPDU- ,
.
STP ,
. BPDU- ,
- .
BPDU Loopback on Port
#.

93

Loopback
Loopback .
.
, , - BPDU
. , Designated Port Discarding.
BPDU- - , ,
, .
,
Loopback Recovery 0. BPDU- ,
.
,
. , Loopback Recover Time
0.

Loopback Detection

STP (STP, RSTP) .

Loopback Detection (STP Global Bridge Settings).

BPDU-.
.

Loopback Detection .

Loopback - 60 .

, STP.

Loopback Detection BPDU


. ,
,
STP .

STP-
Spanning Tree L2 Features
STP Bridge Global Settings.

7- 16. STP Bridge Global Settings

94

Spanning Tree
Protocol
Bridge Max Age (640 )

Bridge Hello Time


(1-10 )
Bridge Forward
Delay (4-30 )
Max Hops (1-20)

STP Version

/ STP
. Disabled ().
Max Age ,
,
.
BPDU-
. , BPDU-
,
BPDU- ,
.
, Bridge Identifier,
.
6 40 . - 20.
1 2 .
BPDU .
4 30 . ,

.
()
, ,
BPDU-, ,
.
, ,
. BPDU-.
1 20. 20.
STP,
. :
STP - Spanning Tree Protocol (STP)
RSTP - Rapid Spanning Tree Protocol (RSTP)

TX Hold Count (110)


Forwarding BPDU


Hello-,
. 1
10. 3.
Enabled() Disabled
(). STP
BPDU- . Enabled.

Loopback
Detection

, BPDU .
BPDU-, ,
. STP ,
. LBD STP
( discarding) LBD Recover
Time. Loopback Detection .

. Enabled ().

LBD Recover Time


(0:disable)

, STP-
STP. 0 , LBD ,
. 60
1000000 . 60 .

95

Apply.
: Hello Time ,
Max. Age. .
, :
Max. Age 2 x (Forward Delay - 1 )
Max. Age 2 x (Hello Time + 1 )

STP
STP .
STP, L2 Features > Spanning Tree > STP Port Settings.

7- 17. STP Port Settings

,
. ,
. STP
, , Port Priority Port Cost.
STP spanning tree , spanning tree ,
. ,
,
. ,
. STP
( ). STP
STP-.
STP VLAN.

96

STP :

From/To

State

( Enabled) ( Disabled)
BPDU.

Cost (0 = Auto)


.
. 0
(auto).
0 (auto) - 0

. :
100/ = 200000, Gigabit Ethernet = 20000.
value 1-200000000 1 200000000
. , ,
.

Hello Time


bridged LAN.
1 10 . 2 .
,
MSTP.

Migrate

RSTP yes ,
RSTP BPDUs.

Edge

True ,
. ,
,
.
BPDU-. BPDU,
. False
, .

P2P

True point-to-point (P2P). P2P


, P2P- :
. ,
P2P ,
RSTP. False ,
p2p. Auto ,
. , ,
p2p. p2p (,
), p2p (false).
true.

State

STP
. Enabled.

BPDU

Enabled () Disabled
(). Enabled,
STP BPDU . Enabled.

LBD

( Enabled)
( Disabled) (loop-back detection)
.
.

Apply .

97

MST
MST Configuration Identification
MSTI . spanning
tree, . CIST (Common
Internal Spanning Tree), ,
MSTI ID. CIST . MST
Configuration Identification, L2 Features > Spanning Tree > MST Configuration
Identification:

7- 18. MST Configuration Identification

, , :

Configuration Name


MSTI (Multiple Spanning Tree Instance).
, MAC- ,
MSTP.
STP Bridge Global Settings.

Revision Level

,
MSTP, .
0 65535, 0.

MSTI ID

MSTI ID, .
CIST MSTI, ,
.
, MSTI.

VID List

VLAN ID, MSTI.

Add :

98

7- 19. Instance ID Settings Add

MSTI .

MSTI ID

1 15, MSTI .

Type

Create MSTI.
MSTI .

VID List (1-4094)

VID VLAN
. VID - 1 4094.

Apply .
CIST, MST Configuration Identification.
:

7- 20. Instance ID Settings - CIST modify

CIST .

MSTI ID

MSTI ID CIST 0 .

Type

MSTI.
2 .
Add VID , VID MSTI ID
VID List.
Remove VID , VID MSTI ID
VID List.

VID List
4094)

(1-

VID
VLAN. VID 1 4094.
CIST.

99

Apply .
MSTI, MSTI
ID. .

7- 21. Instance ID Settings Modify

MSTI .

MSTI ID

MSTI ID, .

Type

MSTI.
.
Add VID , VID MSTI ID.
VID List.
Remove VID , VID MSTI ID.
VID List.

VID List (1-4094)

VID VLAN,
, MSTI ID.
1 4094.
, Type Add Remove.

Apply .

STP
MSTI, .
L2 Features > Spanning Tree > STP Instance Settings:

7- 22. STP Instance Settings

Instance Type

,
. MSTI ID. CIST
MSTI, .

100

Instance Status

MSTI ID

Instance
Priority

MSTI ID.
.

Apply .
Modify, MSTI.
Instance ID Settings .

7- 23. Instance ID Settings - modify priority

MSTI ID

MSTI ID . 0
CIST (MSTI ).

Type

Type Set Priority Only.

Priority (0-61440)

Priority.
0 61440.

Apply .

MSTP
MSTP-
MSTI ID. MSTP
, . ,
, .
, MSTP MAC-
,
. , , .
L2 Features > Spanning Tree > MSTP Port Information:

7- 24. MSTP Port Information

MSTI ,
, , Apply.

101

MSTI, MSTI ID.


.

7- 25. MSTI Settings

Instance ID

MSTI ID spanning tree. 0


CIST (MSTI ).

Internal cost
(0=Auto)


, STP.
- 0 (auto). :
0 (auto) internalCost

.
.
value 1-200000000 1-200000000

. Internal cost, .

Priority

0 240,
.
. , .

Apply .

102

(CoS)

802.1p
802.1p
CoS

TOS
DSCP

MAC-
(QoS) DES-30xx
802.1p Quality of Service.
QoS 802.1p.

QoS
IEEE 802.1p QoS
, , VoIP (
IP) .
, .
,
. ,
, 802.1P DES-30.

103

8- 1. QoS

.
Class 3 .
QoS,
.
.
,
. , ,
.
, .
,

, .

QoS
: 0 3, 3 -
, 0 - . ,
IEEE 802.1p, :
0 Q1
1 Q0
2 Q0
3 Q1
4 Q2
5 Q2
6 Q3
7 Q3.

104

(Strict mode)
. ,
. , ,
.
(weighted round
robin, WRR) , ,
. 8 CoS (A~H)

8~1,

: A1, B1, C1, D1, E1, F1, G1, H1, A2, B2, C2, D2, E2, F2, G2, A3, B3, C3, D3,
E3, F3, A4, B4, C4, D4, E4, A5, B5, C5, D5, A6, B6, C6, A7, B7, A8, A1, B1, C1, D1, E1, F1, G1, H1.
.. 8 A ( ), H (
) 1 .
WRR CoS ,
.
WRR CoS 0, ,
. CoS, ,
WRR.
, DES-30xx (
CoS) .



. L2
Features CoS > Port Bandwidth:

105

8- 2. Port Bandwidth

From/To

106

.
Type

no_limit
Rate

: RX (), TX
() Both. , ,
,
.

.
Enabled.
/
. 64 1024000 /.


Apply.
Port Bandwidth Table.

802.1p
802.1p
. CoS 802.1p Default Priority ,
.

8- 3. 802.1p Default Priority

107

802.1p
. , 0, ,
7, . 802.1p,
From To, 0 7
Priority.
Apply .

802.1p
802.1p
802.1p. , . T
.
DES-30xx
802.1p. QoS 802.1p User Priority,
.

8- 4. 802.1p User Priority

4
802.1p. Apply .


oS QoS Scheduling
Mechanism. ,
: Weight Fair Strict.

108

8- 5. CoS Scheduling Mechanism CoS Scheduling Mechanism Table


:
(Class-3), , 3
, .

(WRR).

Strict


.

.

Weight fair

(WRR)
.

Apply .

CoS
CoS
. ,
.

.
, , ..
- QoS.
CoS CoS Output Scheduling.

109

8- 6. CoS Output Scheduling

Apply.


Priority Setting CoS .
CoS , ,
. , MAC, CoS, MAC-,
CoS, MAC-. ,
Priority Settings Table.
CoS ,
CoS.
CoS Priority Settings , :

110

8- 7. Priority Settings

From/To

Type


ToS ,
Type.

. :

None CoS
.
Port Mapping
CoS .
802.1p CoS

111

802.1p. .
MAC-Base CoS
MAC-.
TOS CoS
ToS.
DSCP CoS
DSCP.

Apply.

TOS
TOS/DSCP
TOS/DSCP IP-. ,
.
. TOS, DSCP.
.
TOS .
TOS Class ID.
CoS TOS Priority Settings:

8- 8. TOS Priority Settings

Apply.

DSCP
TOS/DSCP
TOS/DSCP IP-. ,
.
. DSCP
CoS, . ,
DSCP. DSCP, TOS. .

112

DSCP. DSCP
Class ID ( 0 3).
CoS DSCP Priority Settings:

8- 9. DSCP Priority Settings

Apply.

113

,
, , .
.
, CoS
3.
.
From To, Class.
, , CoS Port Mapping Priority Settings:

8- 10. Port Mapping Priority Settings

Apply.

MAC-
MAC-,
MAC- MAC priority table.

114

MAC- CoS,
:
1. MAC- Forwarding Database (FDB)
. Unicast Forwarding table Forwarding Filtering
Configuration Unicast Forwarding,
.
2. MAC- FDB
MAC- , .
3. Priority Settings,
, MAC Priority.
MAC-, .
802.1p,
MAC Priority, . , MAC-
, .
CoS MAC Priority:

8- 11. MAC Priority

MAC Address , Unicast Forwarding,


Class ID, MAC- .
Apply .

115

116

(ACL)
(Time Range)

Flow Meter
CPU Interface Filtering

(Time Range)
Time Range ,
.
, , .

9- 1. Time Range Settings

Apply .


,
, .
. ,
, , , MAC- IP . ,
, , .
, Configuration
Access Profile Table. Access Profile Table,
.

117

9- 2. Access Profile Table

Access Profile Table, Add Profile.


Access Profile Configuration, .
Access Profile Configuration: 1. Ethernet
(MAC-), 2. IP-, 3.
(Packet Content Mask).
Access Profile Configuration
Type. Ethernet Access Profile Configuration.
: Profile ID
,
, , . ,
ACL
.

9-3. Access Profile Configuration (Ethernet)

Ethernet Type:

Profile ID (1-14)
Type

.
1 14.
Ethernet (MAC-), IP-,
.
:
Ethernet ,
2- .

118

.
IP ,
IP- .
Packet Content Mask ,
,
.
VLAN

Source MAC
Destination MAC
802.1p
Ethernet type

,
VLAN

.
, , .
, , .

802.1p
.

Ethernet .

Access Profile Configuration (IP).

9-4. Access Profile Configuration (IP)

IP:

119


Profile ID (1-14)
Type

.
: 1 14.
Ethernet (MAC-), IP-,
.
:
Ethernet ,
2- .
.
IP ,
IP- .
Packet Content Mask ,
,
.

VLAN

Source IP Mask
Destination IP Mask
DSCP

Protocol

,
VLAN

.
, ,
.
, , I
.
DiffServ Code

.

. ,
:
ICMP-
Internet Control Message Protocol (ICMP)
Type, ,
ICMP type .
Code,
ICMP code.
IGMP
Internet Group Management Protocol (IGMP)
Type, ,
IGMP type.
TCP
TCP-, .
,
/ .
( ,
). TCP,
. ,
: urg (urgent), ack
(acknowledgement), psh (push), rst (reset), syn (synchronize), fin (finish).
.
src port mask (0x0-0xffff)
TCP- , .
dest port mask - (0x0-0xffff)
TCP- , .
UDP

120

UDP-, .
,
/ .
src port mask (0x0-0xffff)
UDP- , .
dest port mask - (0x0-0xffff)
UDP- , .
protocol id mask ,
. 5 4-
(0x0-0xf).

121

Packet Content Mask.

9-5. Access Profile Configuration (Packet Content Mask)


, . Packet Content Mask
:

Profile ID (114)
Type

.
1 14.
Ethernet (MAC-), IP-,
.
:
Ethernet ,
2- .
.
IP , IP .
Packet Content Mask ,
, .

Offset

, .
value (0-15)
15- .
value (16-31)
16 31 .
value (32-47) -
32 47 .
value (48-63) -
48 63 .
value (64-79) -
64 79 .

122

Apply .
:
ACL Access Profile Table, Access Profile Table.
, .

9-6. Access Rule Table

,
Access ID Find. Access
ID, View All Entry.
, Modify,
Access Rule. , .
, .

9-7. Access Rule Configuration (IP)

Access Rule Configuration IP:

123

Profile ID

Mode

Permit , ,
,
(. ).
Deny , , ,
, .

Access ID (1256)

.
1 256.
Auto Assign ,
Access ID .

Type

Ethernet (MAC-), IP-,


.

Priority (0-7)

Ethernet ,
.
IP , IP-
.
Packet Content Mask ,
.

802.1p,
CoS,
. ,

CoS, .
,
CoS 802.1p,
oS .

Replace Dscp
(0-63)

DSCP
, DiffServ Code

.
0 63,
DSCP , .

Source IP

IP- IP- IP- .

Destination IP

IP- - IP- IP- .

Dscp (0-63)

DSCP.
DiffServ Code

.
0 63.

Protocol

,
, ,
.

Port Number

, .

124

,
, :

9- 8. Access Rule Display (IP)

Ethernet,
Modify Ethernet. :

9- 9. Access Rule Table (Ethernet)

,
Access ID Find. Access
ID, View All Entry.
,
, Add.

125

9- 10. Access Rule Configuration(Ethernet)

Ethernet,
Apply.

Profile ID

Mode

Permit , ,
,
(. ).
Deny , ,
, , .

Access ID

.
1 128.
Auto Assign ,
, Access ID
.

Type

Ethernet

(MAC-),

IP-,

Ethernet ,
.
IP , IP-
.

Priority (0-7)

Packet Content Mask ,


.

802.1p,

CoS,
. ,

126

CoS, .
,
CoS 802.1p,
oS .
VLAN Name

VLAN.

Source MAC

MAC- .

Destination
MAC

MAC- .

Ethernet Type

,
802.1Q Ethernet type (0x0-0xffff)
. Ethernet : 0x0-0xffff,
, a-f
0-9.

Port Number

, .

,
, :

9- 11. Access Rule Display (Ethernet)

,
Modify .
.

9- 12. Access Rule Table (Packet Content Mask)

127

,
Access ID Find. Access
ID, View All Entry.
, Add.
, .

9- 13. Access Rule Packet Content Configuration

Packet Content Mask,


Apply.

Profile ID

Mode

Permit , ,
,
(.).
Deny , , ,
, .

Access ID

.
1 128.
Auto Assign ,
Access ID .

Type

Ethernet (MAC-), IP-,


.
Ethernet ,
.
IP , IP-

128

.
Packet Content Mask ,
.
Priority (0-7)

802.1p,
CoS,
. ,

CoS, .
,
CoS 802.1p,
oS .

Offset

,
:
0 76 .

Port Number

, .

,
, :

9- 14. Access Rule Display (Packet Content)

CPU Interface Filtering


DES-30xx CPU Interface filtering,
,
.
, ,
CPU . CPU

129

interface filtering , CPU,


Ethernet, IP- .
.
CPU filtering ,
, .
CPU . -,
, (, -
IP- ). -, ,
, .

CPU Interface Filtering


CPU Interface
Filtering . ACL > CPU
Interface Filtering > CPU Interface Filtering State. Enabled,
CPU , Disabled, .

9- 15. CPU Interface Filtering State

CPU Interface Filtering


ACL > CPU Interface Filtering > CPU Interface Filtering Table,
CPU, .
Profile ID.

9- 16. CPU Interface Filtering Table

CPU Interface Filtering Profile Table, Add.


CPU Interface Filtering Profile Configuration, .
CPU Access Profile Configuration:
Ethernet ( MAC-), IP-
(Packet Content Mask).
CPU Access Profile Configuration
Type. CPU Interface Filtering
Configuration Type Ethernet.

130

9- 17. CPU Interface Filtering Configuration Ethernet

Profile ID (1-3)
Type


. 1 3.
: Ethernet (-),
IP- .

:
Ethernet ,
2- .
IP , IP .
Packet Content Mask ,
, .

VLAN

Source MAC
Destination
MAC
Ethernet type

,
VLAN

.
, , .
, , .

Ethernet type .

Apply, .
CPU Interface Filtering Profile Configuration Type
IP.

131

9-18. CPU Interface Filtering Configuration (IP)

Profile ID (1-3)


. 1 3.

Type

: Ethernet (), IP- .



:
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
,
.

VLAN

,
VLAN

.

Source IP Mask

, ,
.
, ,
.

Destination IP Mask
DSCP

DiffServ Code

132

.
Protocol


. ,
:
ICMP-
Internet Control Message Protocol (ICMP)
Type, ,
ICMP type .
Code,
ICMP code.
IGMP
Internet Group Management Protocol (IGMP)
Type, ,
IGMP type.
TCP
TCP-, .
,
/ .
( ,
). TCP,
. ,
: urg (urgent), ack
(acknowledgement), psh (push), rst (reset), syn (synchronize), fin (finish).
.
src port mask (0x0-0xffff)
TCP- , .
dest port mask - (0x0-0xffff)
TCP- , .
UDP
UDP-, .
,
/ .
src port mask (0x0-0xffff)
UDP- , .
dest port mask - (0x0-0xffff)
UDP- , .
protocol id ,
.
(0x0-0xff).

Apply, .
CPU Interface Filtering Profile Configuration Type
Packet Content Mask.

133

9- 19. CPU Interface Filtering Configuration - Packet Content

,
. Type Packet Content Mask
:

Profile ID (1-3)
Type


. 1 3.
: Ethernet (), IP- .

:
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
,
.

Offset

,
.

value (0-15)
15- .
value (16-31)
16
31 .
value (32-47) -
32 47 .
value (48-63) -

134

48 63 .
value (64-79) -
64 79 .

Apply .
CPU:
ACL CPU Interface Filtering. CPU Interface
Filtering Profile Table.

9- 20. CPU Interface Filtering Profile Table - Add

CPU,
Modify Ethernet, IP Packet Content Mask.

9- 21. CPU Interface Filtering Rule Table

Add Rule, CPU Interface Filtering Rule


Table. (Ethernet, IP, Packet Content IPv6)
, .
CPU:
CPU Interface Filtering Rule Configuration
CPU.

135

9- 22. CPU Interface Filtering Rule Configuration Ethernet

CPU Ethernet
Apply.

Profile ID
Mode

Access ID
Type

VLAN Name
Source MAC
Destination
MAC
802.1p (0-7)
Ethernet Type

, .
Permit , , ,
,
(. ).
Deny , , ,
, .
.
1 5.
: Ethernet (-),
IP- .
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
,
.
VLAN.
MAC- .
MAC- .
802.1p ( 0 7),
802.1p.
Ethernet type 802.1Q (hex 0x0-0xffff)
,

136

. Ethernet type
hex 0x0-0xffff, ,
a-f 0-9.
Port

CPU
.

Time Range


, Time Range.
, CPU
.

,
Rule Table. :

Access

9- 23. CPU Interface Filtering Entry Display Ethernet

CPU Interface Filtering Rule Table (Type = IP).

9- 24. CPU Interface Filtering Rule Table IP

Add.
. , .
IP- CPU.

137

9- 25. CPU Interface Filtering Rule Configuration IP

Access Rule Configuration:

Profile ID
Mode

Access ID
Type

, .
Permit , , ,
,
(. ).
Deny , , ,
, .
.
1 5.
: Ethernet (-),
IP- .
Ethernet ,
2- .
IP ,
IP- .

VLAN Name
Source IP
Destination IP

Packet Content Mask ,


,
.
VLAN.
IP- .
IP- .

Dscp (0-63)

DSCP.
DiffServ Code

.
0 63.

Port

CPU

138

.
Time Range


, Time Range.
, CPU
.

Access Rule Table.

9- 26. CPU Interface Filtering Entry Display - IP

CPU Interface Filtering Rule Table


(Packet Content).

9- 27. CPU Interface Filtering Rule Table Packet Content

,
CPU, Add:

139

9- 28. CPU Interface Filtering Rule Configuration - Packet Content Mask

Ethernet,
Apply.

Profile ID

Mode

Permit , , ,

(. ).
Deny , , ,
, .

Access ID
Type


1 5.

: Ethernet (-),
IP- .
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
,
.

140

, .
value (0-15)
15- .
value (16-31)
16 31 .
value (32-47) -
32 47 .
value (48-63) -
48 63 .
value (64-79) -
64 79 .

Offset

Port

CPU
.

Time Range


, Time Range.
, CPU
.

,
Access Rule Table, :

9- 29. CPU Interface Filtering Rule Display Packet Content

141

10


Port Security ( )
Port Lock Entries
SSL
SSH
802.1X
(Trusted Host)



. -
, , . ,
, , ,
. ,
.
,
. ,
.
, .
Drop Action .

.
,
. (.. ),
, STP BPDU.
, CountDown.

143

10- 1. Traffic Control Settings

,
Shutdown Forever,
. ,
Administration Port Configuration, Enabled
().
Shutdown Action . Security >
Traffic Control.
:

Traffic Control Recover

From To

.
Traffic Trap Configuration

Traffic Trap

(Trap)
, . :
None ,
, .
Storm Occurred
.
Storm Cleared
, .
Both ,
, .
,
(..
Drop Action).
Traffic Control Settings

144

FromTo

Broadcast

Multicast

DLF

Destination Lookup Failure (DLF).


(
{Shutdown}).

Threshold

,
.

Action

.
:
Drop
, ,

, .
Shutdown
.
, STP BPDU,
Spanning Tree operational .
Countdown , ,
Shutdown Forever ,
Storm Control Recover .

Interval,
.

Count Down

Count Down ,
, .
, Shutdown
Action.
.
0, 5 30 . 0
, 0 ,
Shutdown.

Interval


,
.

. 5 30 ,
5 .

Apply .
:
, .

: Shutdown forever
Discarding Spanning Tree, ,
, BPDU- CPU .

: , Shutdown Forever,
link down,
.

145

Port Security ( )
Port Security

-
( ).

-,
-,
,
.

Admin State
Enabled Apply,
.
, Port Security

(
-
,

)
.

Security Port
Security.
10- 1. Port Security

From/To
Admin State
Max. Learning
Addr. (0-16)
Lock Address
Mode

,
.
/ Port
Security ( - ).
-
.

- :
Permanent
.
DeleteOnTimeout
.
DeleteOnReset ,
.

Apply .

Port Lock Entries


Port Lock Entries Table port security,
.
Security > Port Lock Entries:

146

10- 3. Port Lock Entries

, Mode Port Security


Permanent DeleteOnReset. , ,
, .
, Delete MAC. , Secured_Permanent, .
Next, , .
:

VID

VLAN ID ,
.

VLAN Name

VLAN ,
.

MAC Address

MAC- ,
.

Port

MAC-.

Type

MAC- . ,
Secured_Permanent, .

Delete


, MAC, .

Secure Socket Layer (SSL)


Secure Sockets Layer (SSL) ,
,
. ciphersuite. Ciphersuite
, , ,
. Ciphersuite :
1. (Key Exchange): cyphersuite
. Rivest Shamir Adleman (RSA) Digital Signature Algorithm (DSA) -
DHE DSS Diffie-Hellman (DHE).
, ,
,
.
2. (Encryption): cyphersuite ,
.
:
- Steam Ciphers. Steam Ciphers RC4 c 40 RC4 128- .

.
- CBC Block Ciphers.
. 3
DES EDE, Data Encryption Standart (DES).
3. Hash Algoritm. cyphersuite Message Authentification Code
( ).
,

147

. Hash algoritm:
MD5 (Message Diggest 5) SHA (Secure Hash Algoritm).

.
cyphersuite, . cyphersuite
. ,
cyphersuite, .
, .
TFTP-. SSLv3 TLSv1. SSL

.


SSL- TFTP-.
.
, .
SSL-
. .der.
,
.

Ciphersuite
SSL ciphersuite
. Ciphersuite , ,
, .
Ciphersuite.
SSL, WEB- .
Web- SSL, WEB-
SSL- (URL) http// (,
https://10.90.90.90).
.
Security > SSL:

148

10- 4. Download Certificate and Ciphersuite

Apply.

Certificate Type
Server IP
Certificate File Name
Key File Name

, ,
.
local
IP- TFTP-, .
.
.der (, c:/cert.der).
.
.der (, c:/cert.der).

SSL
Apply.

Configuration

SSL Status

, SSL
. Disabled ().

Cache Timeout (6086400)


SSL. SSL
.
SSL-
, .
600 .
Ciphersuite

RSA with RC4 128

RSA, 128-
RC4 MD5 Hash Algorithm.

149

MD5
RSA with 3DES EDE
CBC SHA

DHS DSS with 3DES


EDE CBC SHA

RSA EXPORT with


RC4 40 MD5

.
Enabled ().
RSA,
CBC Block Cipher 3DES_EDE MD5
Hash Algorithm.
. Enabled
().
DHS Diffie
Hellman, CBC Block Cipher 3DES_EDE
SHA Hash Algorithm.
.
Enabled ().
RSA, 40-
RC4.
. Enabled
().

:
SSL
DES-3028/28P/52/52,
CD-.
: SSL Web .
, (URL)
https://. Web-
.

SSH
SSH ( . Secure Shell) - ,
.
SSH
,
. SSH, ,
.
,
(SSH-) (SSH-):
1. , User
Accounts Security Management.

.
SSH.
2. User,
SSH- , SSH User
Authentication. : ,
(public key).
3. SSH Algoritm ,
SSH- SSH,
4. SSH , SSH Configuration.
SSH-
.

150

SSH
SSH-.
Security > SSH > SSH Server Configuration:

10- 5. SSH Server Configuration

SSH- Apply:

SSH
Status

Server

Max Session (1-8)


Time
600)

Out

(120-

Auth. Fail (2-20)

Session Rekeying

/ SSH
. Disabled.
1 8 ,
.
8.
- .
120 600 . 120
.
,
SSH-.

, ().
2 20. 2.
,
SSH. :
Never, 10min, 30min 60min. Never.

151

SSH
SSH Algorithm
SSH,
.

,
.
,

(Enabled).
Security >
SSH > SSH Authentication Mode
and Algorithm Settings:

10-6. Encryption Algorithm

SSH Authentication Mode and Algorithm Settings

Password
Public Key
Host-based


. Enabled
().
,
,
SSH-. Enabled.
,
.
Linux
SSH. Enabled.
Encryption Algorithm

3DES-CBC
Blow-fish CBC
AES128-CBC

AES192-CBC
AES256-CBC


Triple Data Encryption Standard Cipher Block Chaining.
Enabled ().

Blowfish with Cipher Block
Chaining. Enabled ().

Advanced Encryption Standard AES128
encryption algorithm with Cipher Block Chaining.
Enabled ().

Advanced Encryption Standard AES192
Cipher Block Chaining. Enabled ().

Advanced Encryption Standard AES-256
Cipher Block Chaining. Enabled ().

152

ARC4


Arcfour encryption algorithm with Cipher Block
Chaining. Enabled ().

Cast128-CBC


Cast128 encryption algorithm with Cipher Block
Chaining. Enabled ().

twofish128. Enabled ().

twofish192. Enable ().

twofish256. Enabled ().

Twofish128
Twofish192
Twofish256

Data Integrity Algorithm


HMAC-SHA1
HMAC-MD5


HMAC (Hash for Message Authentication Code) Secure Hash
algorithm. Enabled ().

HMAC (Hash for Message Authentication Code) MD5
Message Digest Enabled ().
Public Key Algorithm

HMAC-RSA
HMAC-DSA


HMAC (Hash for Message Authentication Code)
RSA. Enabled ().
HMAC
(Hash for Message Authentication Code)
Digital Signature ( ).
Enabled ().

Apply .

SSH-


SSH.

Security > SSH > SSH User

Authentication Mode.
.
admin
User Accounts Administration.

SSH,

SSH-

Current Accounts,

10- 7. SSH User Authentication Mode

10- 8. SSH User

User Name

SSH-
15 .

153

Auth. Mode

Host Name
Host IP

.

.
Host Based SSH-
.
:
Host Name 31
SSH-.
Host IP IP- SSH-.
Password ,
.
( ).
Public Key SSH .
31
SSH-.
Host Based Auth. Mode.
IP- SSH-.
Host Based Auth. Mode.

Apply .
: SSH ,
.


.

154

802.1X
802.1X MAC-
IEEE 802.1

, -.
RADIUS, ,
, Extensible Authentication Protocol over LAN
(EAPOL) .
EAPOL.

10- 9. EAPOL

,
LAN , . EAPOL
, ,
. 802.1X ,

.

10- 10. 802.1x

155


,
.
RADIUS-.
().
(RADIUS) , , ,
- , .
,
. ( EAPOL)
RADIUS . ,
/
.

10- 11.

()
. 802.1x :
EAPOL,
.
, .
.
1.

802.1X Enabled. (DES-30 Web Management Tool)

802.1X (Security / 802.1X / Configure 802.1X Authenticator Parameter)


3. RADIUS- . (Security / 802.1X / Authentic
RADIUS Server)
2.

156

10- 12.

157


,
.
802.1. Windows XP
, .
EAPOL .

10- 13.


, , 802.1
,
.
EAPOL.
,
( MAC- 802.1 MAC-).
, .
.

10-14. 802.1X

802.1x D-Link
:
1.
, , ,
.

158

2. -
RADIUS ,
MAC-. , MAC- .

159

802.1X MAC
C 802.1 -
. ,
, Bridge Port. Bridge Port

.

, .
(Port-Based Network Access Control).

RADIUS
Server
Ethernet Switch

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

Network access controlled port


Network access uncontrolled port

10-15. Port-Based ( )


,
. , ,
. ,
,

. , .

160

MAC-

RADIUS
Server
Ethernet Switch

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

802.1X
Client

Network access controlled port


Network access uncontrolled port

10-16. MAC-Based ( MAC-)

802.1x LAN,
LAN,
LAN. ,
LAN, ,
. -
.
LAN .

161

Guest VLANs
802.1 ,

(,
,
,
Windows 98

),
. ,
()
, .

Guest VLAN 802.1x.

,
VLAN
. Guest 802.1 VLAN

VLAN

,
Guest VLAN 802.1.

, ,
11- 2.
Guest VLAN
Guest VLAN
.
VLAN

,
RADIUS.

target VLAN (VLAN )


Guest VLAN


VLAN.

1. Guest VLAN VLAN . VLAN Guest


VLAN,

Guest
VLAN.

2. , Guest
VLAN,
GVRP

,
.
Guest
VLAN.
3.
Guest VLAN Static VLAN( VLAN) .
4. Target VLAN (VLAN ), Guest
VLAN.
5. VLAN, Guest VLAN

162

802.1x Guest VLAN


Security 802.1X Configure 802.1X Guest VLAN.
. ,
Guest 802.1X VLAN VLAN,
Guest VLAN .

10- 18. Guest VLAN Settings

, guest 802.1X VLAN:

VLAN Name

VLAN,
Guest 802.1X VLAN.

Operation

Guest 802.1X VLAN :


Enabled , ,
Guest VLAN. ,
VLAN. .
Disabled , ,
Guest VLAN. ,
VLAN. .

Port List

Guest VLAN.

Apply guest 802.1X VLAN. VLAN


802.1X Guest VLAN.

163

802.1X
802.1X Security > 802.1X > 802.1X Authenticator Settings:

10-19. 802.1X Authenticator Settings

,
. :

164

10-20. 802.1X Authenticator Settings (Modify)

From [ ] To [ ]
AdmDir

PortControl

TxPeriod
QuietPeriod

SuppTimeout
ServerTimeout

( )
.
,
. : in both.
in
.
both ,
.
.
forceAuthorized 802.1X ,

802.1X, .
forceUnauthorized

.
.
Auto 802.1X ,
,
EAPOL-.

EAPOL-.

.
- Auto.
TxPeriod PAE.
EAP
Request/Identity. 30 .
,

.
60 .

. 30 .

.
30 .

165

MaxReq
ReAuthPeriod
ReAuth

EAP ,
. 2.

.
3600 .
(Enabled)
(Disabled) .
Disabled.

Apply .

166

802.1X
Security 802.1X 802.1X User, 802.1X
User. .

10- 21. Local Users Configuration

User Name, Password, .


Local Users Table .

802.1X

802.1X MAC-
.
Security > 802.1X > Initialize Port(s):

10-22. Initialize Port

. Initialize
Port Table (-).
:

From and To
Auth PAE State
Backend State
Port

.
Auth PAE State :
Initialize, Disconnected,Connecting, Authenticating, Authenticated, Aborting, Held,
ForceAuth, ForceUnauth N/A.
Backend Authentication State
: Request, Response,Success, Fail, Timeout, Idle, Initialize N/A.
, , .

167

Port Status

Authorized, Unauthorize N/A.

802.1X MAC
802.1 MAC-
802.1X MAC- DES-30xx Web Management
Tool.
Security > 802.1X > Initialize Port(s), :

10-23. Initialize Ports (MAC based 802.1X)

From To.
MAC- , MAC
Address .
Apply.
:
802.1X DES-30xx Web Management Tool
. 802.1X
Initialize Ports Table .

168

802.1X

.
From To,
Apply.
Security > 802.1X > Reauthenticate Port(s), Reauthenticate
Port(s):

10-24. Reauthenticate Port Reauthenticate Port Table

Port
Auth State
BackendState
OperDir
PortStatus

.

Authenticator State
: Initialize, Disconnected, Connecting, Authenticating, Authenticated,
Aborting, Held, ForceAuth, ForceUnauth N/A.
Backend State :
Request, Response, Success, Fail, Timeout, Idle, Initialize N/A.
: In ( ) Both
( / ).
Authorized, Unauthorized N/A.

:
802.1X DES-30 Web Management Tool
. Initialize Ports
Table 802.1X.

169

802.1X
MAC-
MAC 802.1X,
802.1X MAC- DES-30xx
Web Management Tool. Security > 802.1X > Reauthenticate Port(s),
:

10- 25. Reauthenticate Ports MAC based 802.1x


, From To.
MAC- ,
MAC Address .
Apply.

RADIUS
RADIUS
, . Web .
Security > 802.1X > RADIUS Server, RADIUS Server,
:

10-26. RADIUS Server

Succession

RADIUS- : First, Second Third.

170

RADIUS Server

IP- RADIUS-.

Authentic Port

UDP- RADIUS.
1812.

Accounting Port

UDP- RADIUS.
1813.

Key

, RADIUS-.

Confirm Key

RADIUS-.

Status

RADIUS- Valid ()
Invalid ().

(Trusted Host)
Security Trusted Host; .

10- 27. Trusted Host

.
IP-
Web- Telnet. IP-
, IP-, Apply.


TACACS/XTACACS/TACACS+/RADIUS
.
. TACACS/XTACACS/TACACS+/RADIUS
TACACS/XTACACS/TACACS+/RADIUS
. , .
TACACS.
:
TACACS (Terminal Access Controller Access Control System)
,
TACACS-,
UDP- .
Extended TACACS (XTACACS) TACACS

171

, TACACS. XTACACS
UDP.
TACACS+ (Terminal Access Controller Access Control System plus)
. TACACS+

. TACACS+
TACACS+- TCP .

TACACS/XTACACS/TACACS+/RADIUS
TACACS/XTACACS/TACACS+/RADIUS-
.
,
TACACS/XTACACS/TACACS+/RADIUS-, :

,
.

,
.

.
.
Authentication
Server Groups, TACACS, XTACACS, TACACS+, RADIUS.
,
.
.
, .
, ..
, .
, TACACS TACACS.

(TACACS/XTACACS/TACACS+/RADIUS/local/none).
. 8
. ,
.
,
.
, ,
User. Admin,
Enable Admin ,
.
: TACACS, XTACACS TACACS+
.

. (,
TACACS,
TACACS).

172



, . ,
(Login Method List)
.
Security > Access Authentication Control >
Authentication Policy and Parameter Settings:

10-28. Authentication Policy and Parameter Settings

Authentication Policy
Response Timeout
(0-255)
User Attempts (1255)

(Enabled)
(Disabled) .

. 0 255 .
30.

. ,
,

. CLI
60 .
Telnet Web- .
1 255 (
3).

Apply .


,
(, Telnet, SSH, Web-),
(Enable Admin),
. : Security > Access Authentication Control >
Application Authentication Settings:

10-29. Application Authentication Settings

173

Application

Login Method List

Enable Method List

.
Login Method List Enable Method List
, , Telnet, SSH
WEB (HTTP)-.

, .


(default) , .
Login Method Lists .

, .


(default) , .
Enable Method Lists .

Apply .



(Authentication Server Groups). ,
TACACS/XTACACS/TACACS+/RADIUS-
.
, .
,
, . 8
. , Security > Access
Authentication Control > Authentication Server Group:

10-30. Authentication Server Group

.
, .
, .
, .

10-31. Add a Server Host to Server Group (radius)

174

, IP- IP Address,
, IP- , Add to
Group, .
, Add
Authentication Server Group. :

10-32. Authentication Server Group Table Add Settings


15 - Apply. ,
, Authentication Server Group.
:

, Authentication Server Hosts,


.
,
.
.
: TACACS/XTACACS/TACACS+

.
TACACS/XTACACS/TACACS+
.



TACACS/XTACACS/TACACS+/RADIUS .
,
TACACS/XTACACS/TACACS+/RADIUS-.
TACACS/XTACACS/TACACS+/RADIUS-
.
, ,
TACACS/XTACACS/TACACS+/RADIUS .
16.
Security > Access Authentication Control > Authentication Server Host:

10-33. Authentication Server Host

Add,
:

175

10-34. Authentication Server Host Setting Add

, IP-,
:

10-35. Authentication Server Host Setting Edit

, :

IP Address
Protocol

Port (1-65535)

Timeout (1-255)
Retransmit (1-255)

IP- ,
.
,
. :

TACACS ,
TACACS.

XTACACS - ,
XTACACS.

TACACS+ - ,
TACACS+.

RADIUS - ,
RADIUS.
.
1-65535.

TACACS/XTACACS/TACACS+- 49,
RADIUS- 1813.
.
( ),
.
5 .
,
, TACACS- .

176

Key


TACACS RADIUS. -
254 .

Apply, .
:
, ,
TACACS/XTACACS/TACACS+/RADIUS
.

177



(Login Metod Lists),
.
. ,
TACACS-XTACACSlocal,
TACACS .
, TACACS-
.., .
, XTACACS
( , ). XTACACS,
,
. ,
.
User.
Admin Enable Admin,
, . (
, Enable Admin, , ,
). Security
> Access Authentication Control > Login Method Lists:

10-36. Login Method Lists

(default), ,
. ,
,
Delete
.
Method List Name. Add.
:

10-37. Login Method List - Edit (default)

178

10-38. Login Method List Add

Apply:

Method List Name


Method 1, 2, 3, 4

, ,
15 .

( 4) :

tacacs
TACACS TACACS-.

tacacs+ -
TACACS+ TACACS+-.

Radius -
RADIUS RADIUS-.

server_group
,
.

local
, .

none .

Enable Method Lists


Enable Method List Settings
(Admin),
.
User ,
Admin, .
Enable Method List, .
Enable Method List , .
.
, TACACS XTACACS Local Enable
TACACS-
, , , TACACS-
.., . XTACACS.
XTACACS ,
Local Enable ( ), .

Admin.
:

.
Security > Access Authentication Control > Enable
Method Lists:

179

10-39. Enable Method Lists

Enable Method List, ,



Delete , .
Enable Method List Method List Name.
Enable Method List, Add.
:

10-40. Enable Method List - Edit

10-413. Enable Method List - Add

Enable Login Method List,


Apply:

Method List Name


Method 1, 2, 3, 4

, ,
15 .
( 4)
:

local_enablel -
.

none .

Radius -
RADIUS RADIUS-

tacacs
TACACS TACACS-.

tacacs+ -
TACACS+ TACACS+-.

180

server_group
,
.

181

(Local Enable Password)


(locally enable password),
(Enable
Admin). local_enable
(Admin) ,
. Security
> Access Authentication Control > Configure Local Enable Password:

10-42. Configure Local Enable Password

Apply.

Old Local Enabled


New Local Enabled
Confirm
Enabled

Local

,
.

15 .
. ,
New Local Enabled,
.

Enable Admin
Enable Admin ,

User,
Admin.

.

TACACS/XTACACS/TACACS+/RADIUS,
.

( )
.
XTACACS TACACS

enable
,

enable.
,
.
, Enable Admin,
,

.

.
Security >

182

10-43. Enable Admin

10-44. Enter
Network Password



( )
( Single IP).
VLAN,
.
, CPU Master-.
Security Traffic Segmentation. , .

10-45. Traffic Segmentation

,
Setup. , .

183

10- 46. Setup Forwarding Ports


, Port.
Traffic Segmentation Table
Apply.

184

11

CPU


MAC-

IGMP Snooping

ARP

CPU
CPU Utilization CPU.
Monitoring CPU Utilization.

11.1 CPU Utilization

Apply , .
, :

Time Interval
Record Number

1s 60s, s
. 1s.
20 200.

185

200.
Show/Hide

Clear

CPU
(Five Secs), (One Min) (Five Min).
,
( Five Secs , One Min
, Five Min ).
,
.


Port Utilization ( )
. Port Utilization
, .
: Monitoring Port Utilization.

11.2 Port Utilization

Apply
.

Time Interval

Record Number

1s 60s, s
. 1.
,
.
20 200 (
200). ,
(Time
Interval).

186

Show/Hide

, .

Clear

,
.

Clear . Apply ,
.

Web- ,
, . ,
, , ,
, .
.

(RX)
, , : Monitoring
Packets Received (RX).
Port.

11.3 Rx Packets Analysis ( )

Received Packets Table, View Table,


:

187

11.4 Rx Packets Analysis ( )

Time Interval

Bytes
Packets
Unicast

1s 60s, s
. 1.
,
(Time Interval).
20.
, .
, .
unicast .

Multicast

Broadcast

Show/Hide
Clear

, .

.
.

.

Record Number

View Table
View Line Chart

,
(RX)
, ,
, : Monitoring Packets UMB Cast (RX).

188

11.5 Rx Packets Analysis ( ,


, )

View Table:

11.6 Rx Packets Analysis ( ,


, )

189

Time Interval

Unicast

1s 60s, s
. 1.
,
(Time Interval).
20.
unicast .

Multicast

Broadcast

Show/Hide
Clear

, .

.
.

.

Record Number

View Table
View Line Chart

(TX)
, , : Monitoring
Packets Transmitted (TX).
Port.

11.7 Tx Packets Analysis ( )

TX ,
View Table:

190

11.8 Tx Packets Analysis (


)

Time Interval

Bytes
Packets
Show/Hide
Unicast

1s 60s, s
. 1.
.
,
(Time Interval). ,
. 20. 20
200. 20.
, .
, .
, .
unicast .

Multicast

Broadcast

Clear


.
.

.

Record Number

View Table
View Line Chart

191


Web- ,
, , .
.

(RX)
,
, Received (RX) Errors Monitoring.
Port .

11.9 Rx Error Analysis ( )

, View Table:

192

11.10 Rx Error Analysis ()

Time Interval
Record Number
Crc Error
Under Size

Over Size
Fragment
Jabber
Drop
Show/Hide
Clear
View Table
View Line Chart

1s 60s, s
. 1.
,
(Time Interval).
20.
,
.
,
64 CRC
.
.
, 1518 , VLAN,
MAX_PKT_LEN, 1522 .
, 64 ,
CRC, .
, MAX_PKT_LEN, 1522
.
,
.
, Crc Error, Under Size, Over
Size, Fragment, Jabber Drop.

.
.

.

(TX)
Transmitted (TX) Error Monitoring,
, .
Port .

193

11.11 Tx Error Analysis ( )

,
View Table:

11.12 Tx Error Analysis ()

194

Time Interval
Record Number
ExDefer
LateColl
ExColl
SingColl
Coll
Show/Hide
Clear
View Table
View Line Chart

1s 60s, s
. 1.
,
(Time Interval).
20.
, ,
- ,
.
, ,
, 512 .
Excessive Collisions . ,
-
Single Collision Frames .
,
- , .
.
,
ExDefer, LateColl, ExColl, SingColl Coll.

.
.

.


Web- ,
, .
6 . Port .

195

11.13 Rx Size Analysis ( )

, View Table:

11.14 Rx Size Analysis ()

Time Interval

1s 60s, s
. 1s.

196

Record Number
64
65-127
128-255
256-511
512-1023
1024-1518
Show/Hide
Clear
View Table
View Line Chart

20 200.
200.
( ), 64
( , FCS).
( ), 65
127 ( , FCS).
( ),
128 255 ( , FCS).
( ),
256 511 ( , FCS).
( ),
512 1023 ( , FCS).
( ),
1024 1518 ( , FCS).
, 64, 65-127, 128255, 256-511, 512-1023 1024-1518 .

.
.

.

MAC-
MAC- , .
MAC- ,
. .
MAC- Monitoring MAC Address
Table.

11.15 MAC Address Table

VLAN ID
MAC Address
Port
Find


VLAN ID.

MAC-.
.
,VLAN ID MAC-
Find, .

197

VID
MAC Address
Port
Learned
Type
Next
View All Entry
Delete All Entry

VLAN ID VLAN, .
MAC- .
, MAC-,
.
, MAC-.
: Dynamic, Self, Static.
, MAC. : Dynamic, Self Static.
.
,
.
,
.

(Switch Log)
Web- ,
. , Monitoring
Switch Log.

11.16 Switch Log

,
SNMP trap
. Next .
Clear .

Sequence
Time
Log Text

, 1 ,
.
.
- , ,
.
.

:
, ,
.

IGMP Snooping
IGMP Snooping IP-
MAC- IGMP-, .
IGMP-, , Reports.
IGMP Snooping Table IGMP Snooping Group Monitoring.

198

11- 17. IGMP Snooping Group

IGMP Snooping Table


VLAN ID (VID). VID
Search.
:

VLAN Name
Multicast Group
MAC Address
Reports
Port Map

VLAN .
IP- .
MAC- .
, .
.

: IGMP Snooping L2
Features IGMP Snooping. ,
, IGMP Snooping, 7
.


, .
, ( Web-
) S. D
.
Monitoring Browse Router Port.

11.18 Browse Router Port

199

ARP
Browse ARP Table Monitoring. ARP
. ARP Table, Clear All.

11- 19. Static ARP Settings

Static ARP Settings, Add.

11- 20. Static ARP Settings Add

, ARP Settings table Modify.

11- 21. Static ARP Settings Edit



. Session ID ,
Login Time, Live Time, (
From), Level Name. ,
Reload.

200

11- 22. Session Table

201


802.1X
. Port Access Control, Monitorin
Port Access Control. .
: Authenticator State, Authenticator Statistics,
Authenticator Session Statistics Authenticator Diagnostics
, 802.1X
MAC-. 802.1X,
DES-30 Web Management Tool.

RADIUS
,
RADIUS RADIUS.
RADIUS. RADIUS
Authentication Monitoring > Port Access Control > RADIUS Authentication.

11-23. RADIUS Authentication

1s
60s, s . 1 .
, Clear .
:

ServerIndex

RADIUS.

UDP Port

UDP-,
.

Timeouts

.
,

.
, .
Request,
.

Requests

RADIUS Access-Request,
. .

Challenges

RADIUS
Access-Challenge
), .

202

Accepts

RADIUS Access-Accept ( ),
.

Rejects

RADIUS Access-Reject ( ),
.

RoundTripTime

( ) AccessReply/Access-Challenge Access-Request,
RADIUS.

AccessRetrans

RADIUS Access-Request,
RADIUS.

PendingRequests

RADIUS Access-Request,
, , .
Access-Request
Access-Accept, Access-Reject Access-Challenge,
.

AccessResponses

RADIUS Access-Response,
. .
,
.

BadAuthenticators

RADIUS Access-Response,
authenticator Signature .

UnknownTypes

RADIUS ,
.

PacketsDropped

RADIUS,

.

RADIUS
,
RADIUS .
RADIUS. RADIUS Accounting Monitoring >
Port Access Control > RADIUS Accounting.

11-24. RADIUS Accounting

1s 60s, s
. 1 . ,
Clear .
:

203

Server IP Addr

IP-, RADIUS.

UDP Port

UDP-,
.

Timeouts

.

,
.
, .
Request,
.

Requests

RADIUS Access-Request,
. .

Responses

RADIUS
.

RoundTripTime

Accounting-Response
Accounting-Request .

AccessRetrans

Accounting-Request,
RADIUS.
Accounting-Request,
RADIUS, ,
.
Accounting-Request
Accounting-Response,
.

PendingRequests

MalformedResponses

Accounting-Response RADIUS,
.
.
.

BadAuthenticators

RADIUS AccountingResponse .

UnknownTypes

RADIUS ,
.

PacketsDropped

RADIUS,
.


,
, . ,
. Authenticator Diagnostics,
Monitoring > Port Access Control > Authenticator Diagnostics.

204

11-25. Authenticator Diagnostics

( 1s
60s, s ). -1 .
:

Port

, ,
.

EntersConnecting

CONNECTING
.

EapLogOffsConne
cting

CONNECTING
DISCONNECTED EAPOL-Logoff.

EntersAuth
enticating

CONNECTING
AUTHENTICATING

EAPResponse/Identity Supplicant.

SuccessAuthentic
ating

AUTHENTICATING
AUTHENTICATED

Backend
Authentication,
Supplicant (authSuccess =
TRUE).

TimeoutsAuthentic
ating

AUTHENTICATING
ABORTING Backend Authentication,
(authTimeout = TRUE).

FailAuthenticating

AUTHENTICATING
HELD Backend Authentication,
(authFail = TRUE).

ReauthsAuthentic

AUTHENTICATING
ABORTING (reAuthenticate =

205

ating
EapStartsAuthenti
cated

TRUE).
AUTHENTICATING
ABORTING EAPOL-Start, Supplicant.

EapLogOffAuthent
icated

AUTHENTICATING
ABORTING EAPOL-Logoff,
Supplicant.

ReauthsAuthentic
ated

AUTHENTICATED
CONNECTING
(reAuthenticate = TRUE).

EapStartsAuthenti
cated

AUTHENTICATED
CONNECTING EAPOL-Start,
Supplicant.

EapLogOffAuthent
icated

AUTHENTICATED
DISCONNECTED EAPOL-Logoff,
Supplicant.

Responses


(, sendRespToServer
RESPONSE).
.

AccessChallenges

initial Access-Challenge
(, aReq TRUE
RESPONSE). ,
.

OtherReqToSupp

EAP-Request (
Identity, Notification, Failure Success) Supplicant (,
txReq REQUEST).
EAP.

ResponsesFromS
upplicant

Supplicant EAP-Request,
EAP-NAK (, rxResp
TRUE REQUEST
RESPONSE, EAP-NAK). ,
Supplicant EAP .

AuthSuccesses

Accept
(, aSuccess TRUE
RESPONSE SUCCESS).
, Supplicant Authentication Server.

AuthFail

Reject
(, aFail TRUE,
RESPONSE FAIL). ,
Supplicant .


PAE
.
. Authenticator Session Statistics Monitoring > Port
Access Control > Authenticator Session Statistics.

206

11-26. Authenticator Session Statistics

1s
60s, s . 1 .
:

Port

, ,
.

Frames Rx

,
.

Frames Tx

,
.

UserName

, Supplicant PAE.

Time

Terminate Cause

.
.
1) Supplicant Logoff
2)
3) Supplicant Restart
4)
5) AuthControlledPortControl ForceUnauthorized
6)
7)
8)

Octets Rx

207

.
Octets Tx

, ,
.

ID

ASCII
3 .

Authentic Method

, .
:
(1) Remote Authentic Server
.
(2) Local Authentic Server
.

208


Authenticator PAE,
. .
, Monitoring > Port Access Control > Authenticator Statistics.

11-27. Authenticator Statistics

1s
60s, s . 1 .
:

Port

, ,
.

Frames Rx

EAPOL, .

Frames Tx

EAPOL, .

Rx Start

EAPOL, .

TxReqId

RxLogOff

EAPOL Logoff, .

Tx Req

EAP ( Rq/Id),
.

Rx RespId

Rx Resp

EAP (
Resp/Id), .

Rx Invalid

EAPOL,
.

Rx Error

EAPOL,

EAP

EAP

Req/Id,

Resp/Id,

209

Packet Body Length ( ) .


Last Version


EAPOL.

Last Source

MAC-
EAPOL.


.
Authenticator State Monitoring Port Access Control Auth State.

11.28 Authenticator State

1s 60s, s
. 1 .

210

( Reset)
Reset .
, .
: Reset System

.

, . Reset System
, .

11- 29. Reset

11.30 - Reboot System


Yes
.
No
. , , (Save
Changes), .
Restart .

211


: RAM ()
NV-RAM. RAM
Apply. RAM.
, .
NV-RAM,
, , NV-RAM.
.
NV-RAM
Save Save Changes.

11- 31. Save Changes

(Logout)
Logout Logout, .

11.32 Logout

212

IEEE 802.3 10BASE-T Ethernet


IEEE 802.3u 100BASE-TX Fast Ethernet
IEEE 802.3ab 1000BASE-T Gigabit Ethernet
IEEE 802.3z 1000BASE-T (SFP Mini GBIC)
IEEE 802.1D Spanning Tree
IEEE 802.1S/W Spanning Tree
IEEE 802.1Q VLAN
IEEE 802.1p
IEEE 802.1x
IEEE 802.3ad
IEEE 802.3x
NWay IEEE 802.3
IEEE 802.3af ( PoE)
SFP (Mini GBIC)
- DEM-310GT (1000BASE-LX)
- DEM-311GT (1000BASE-SX)
- DEM-314GT (1000BASE-LH)
- DEM-315GT (1000BASE-ZX)
- DEM-210 ( , 100Base-FX)
- DEM-211 ( , 100Base-FX)
WDM:
DEM-330T (TX-1550/RX-1310), 10 ,
DEM-330R (TX-1310/RX-1550), 10 ,
DEM-331T (TX-1550/RX-1310), 40 ,
DEM-331R (TX-1310/RX-1550), 40 ,

:
Ethernet
Fast Ethernet
Gigabit Ethernet

CSMA/CD

10 /
100/
N/a

20 /
200 /
2000 /

Cat.5 Enhanced 1000BASE-T


UTP Cat.5, Cat. 5 Enhanced 100BASE-TX
UTP Cat.3, 4, 5 10BASE-T
EIA/TIA-568 100 (STP)(100)

DES-3028/DES-3028P: 24 10/100Base-T
2 - 1000Base-T/SFP
2 1000Base-T
DES-3052/DES-3052P: 48 10/100Base-T
2 - 1000Base-T/SFP
2 1000Base-T


: DES-3028/DES-3052 - 100~240 0,5A, 50~60
DES-3052P - 100~240 5A, 50~60
DES-3028P - 100~240 2,9A, 50~60

213

:
DES-3028/DES-3052: 12, 3,3 A (.)
DES-3028P: 12, 3,3 A / 50 , 3,7A (.)
DES-3052P: 12,10,5 / 50 , 7, 5A (.)

DES-3028 25
DES-3052 26
DES-3028P 217
DES-3052P 395

DC

DES-3028/DES-3052
DES-3028P 8,5 17
DES-3052P 5, 8,3 17

0 40
-40 70
5% 95%
DES-3028: 441 x 207 x 44
DES-3028P/3052/3052P: 441 x 309 x 44

DES-3028 2,36
DES-3028P 4,5
DES-3052 3,85
DES-3052P 5,70

(EMI)

MAC

CE class A, FCC Class A, C-Tick, VCCI


CB Report, UL

Store-and-forward
512
14 881 pps ( 10/)
148 810 pps ( 100/)
1 488 100 pps ( 1/)
. 8 -
4 .
: 10-1000000 . 300 .

PoE
DES-3028P: 12

214

PoE
PoE

PoE

DES-3052P: 24
DES-3028P:
15,4 ( ),
DES-3028P: 185
: 225 (.)
DES-3052P:
15,4 ( ),
DES-3052P: 370
: 500 (.)
1. 15,4 IEEE
802.3af
2.
PoE
3. , 350.
.
4. :
.
.
5. PoE
.

,

0

0,44 12,95
1

0,44 3,84
2

3,84 6,49
3

6,49 12,95
4

6. PSE :


0

15,4
1

4,0
2

7,0
3

15,4
4
15,4
7. DES-3028P/DES-3052P Alternative A
PSE, 1,2,3,6
8- UTP- .5.
8. DES-3028P/DES-3052P DLink 802.3af PoE
9. DES-3028P/DES-3052P D-Link (
, IP- IP-) 802.3af PoE DWL-P50

215

system


Flash-

System started up
Configuration saved to flash by
console
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
System log saved to flash by
console
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
Configuration and log saved to
flash by console
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)

Critical
Informational

Firmware upgraded by onsole


successfully (Username:
<username>, IP:
<ipaddr>, MAC: <macaddr>)

Informational

Firmware upgrade by console


was unsuccessful! (Username:
<username>, IP: <ipaddr>,
MAC: <macaddr>)
Configuration successfully
downloaded by console
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
Configuration download by
console was unsuccessful!
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
Configuration successfully
uploaded by console
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
Configuration upload by
console was unsuccessful!
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
Log message successfully
uploaded by console
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
Log message upload by
console was unsuccessful!
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
Port <portNum> link up, <link
state>
Port <portNum> link down

Warning

Successful login through


Console (Username:
<username>)

Informational

Flash

Flash

up /
download

Interface

Console

216

Informational

Informational

Informational

Warning

Informational

Warning

Informational

Warning

Informational
Informational

Web

Telnet


Web-

Web

Web


SSL

SSL

Login failed through Console

Warning

Logout through Console


(Username: <username>)
Console session timed out
(Username: <username>)
Successful login through Web
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)

Informational

SSL


SSL


Telnet

Telnet


Telnet
Telnet

SNMP

STP

SNMP

community string

BPDU Loop Back

Spanning
Tree

Informational
Informational

Login failed through Web


(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)

Warning

Logout through Web


(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)

Informational

Successful login through Web


(SSL) (Username: <string>, IP:
<ip>, MAC: <mac>)

Informational

Logout through Web (SSL)


Username: <string>, IP: <ip>,
MAC: <mac>)
Login failed through Web (SSL)
(Username: <string>, IP: <ip>,
MAC: <mac>)

Informational

Web(SSL) session timed out


(Username: <username>)
Successful login through
Telnet (Username:
<username>, IP: <ipaddr>,
MAC: <macaddr>)
Login failed through Telnet
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)

Informational

Logout through Telnet


(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
Telnet session timed out
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
SNMP request received from
<ipAddress> with invalid
community string!

Warning

Informational

Warning
Informational
Informational
Informational

Topology changed

Informational

New Root selected

Informational

BPDU Loop Back on Port


<portNum>
Spanning Tree Protocol is
enabled

Warning

Spanning Tree Protocol is

Informational

217

Informational

SSH

Spanning
Tree


SSH

SSH


SSH

disabled

SSH

AAA

SSH-

SSH-



(local)



(local)

Web-



(local)

Web-



(local)

Web (SSL)



(local)

Successful login through SSH


(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)

Informational

Login failed through SSH


(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)

Warning

Logout through SSH


(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
SSH session timed out
(Username: <username>, IP:
<ipaddr>, MAC: <macaddr>)
SSH server is enabled

Informational

SSH server is disabled

Informational

Authentication Policy is
enabled (Module: AAA)

Informational

Authentication Policy is
disabled (Module: AAA)

Informational

Successful login through


Console authenticated by AAA
local method (Username:
<username>)

Informational

Login failed through Console


authenticated by AAA local
method (Username:
<username>)

Warning

Successful login through Web


from <userIP> authenticated by
AAA local method (Username:
<username>, MAC: <macaddr>)

Informational

Login failed through Web from


<userIP> authenticated by AAA
local method (Username:
<username>, MAC: <macaddr>)

Warning

Successful login through Web


(SSL) from <userIP>
authenticated by AAA local
method (Username:
<username>, MAC: <macaddr>)

Informational

Login failed through Web (SSL)

Warning

218

Informational
Informational

Web (SSL)



(local)

Telnet



(local)

Telnet



(local)

SSH



(local)

SSH



(local)


none

Web-


none

Web(SSL)


none

from <userIP> authenticated by


AAA local method (Username:
<username>, MAC: <macaddr>)


Telnet


none

SSH


none

Successful login through


Telnet from <userIP>
authenticated by AAA local
method (Username:
<username>, MAC: <macaddr>)

Informational

Login failed through Telnet


from <userIP> authenticated by
AAA local method (Username:
<username>, MAC: <macaddr>)

Warning

Successful login through SSH


from <userIP> authenticated by
AAA local method (Username:
<username>, MAC: <macaddr>)

Informational

Login failed through SSH from


<userIP> authenticated by AAA
local method (Username:
<username>, MAC: <macaddr>)

Warning

Successful login through


Console authenticated by AAA
none method (Username:
<username>)

Informational

Successful login through Web


from <userIP> authenticated by
AAA none method (Username:
<username>,

Informational

Successful login through Web


(SSL) from <userIP>
authenticated by AAA none
method (Username:
<username>, MAC:
<macaddr>)
Successful login through
Telnet from <userIP>
authenticated by AAA none
method (Username:
<username>, MAC:
<macaddr>)
Successful login through SSH
from <userIP> authenticated
by AAA none method
(Username: <username>,
MAC: <macaddr>)

Informational

219

Informational

Informational


Web-


Web-


Web-


Web (SSL)

Successful login through


Console authenticated by
AAA server <serverIP>
(Username: <username>)

Informational

Login failed through Console


authenticated by AAA server
<serverIP> (Username:
<username>)

Warning

Login failed through Console


due to AAA server timeout or
improper configuration
(Username: <username>)

Warning

Successful login through Web


from <userIP> authenticated
by AAA server <serverIP>
(Username: <username>,
MAC: <macaddr>)

Informational

Login failed through Web


from <userIP> authenticated
by AAA server <serverIP>
(Username: <username>,
MAC: <macaddr>)

Warning

Login failed through Web


from <userIP> due to AAA
server timeout or improper
configuration (Username:
<username>, MAC:
<macaddr>)

Warning

Successful login through Web


(SSL) from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)
Login failed through Web
(SSL) from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)
Login failed through
Web(SSL) from <userIP> due
to AAA server timeout or
improper configuration
(Username: <username>,
MAC: <macaddr>)

Informational


Web (SSL)


Web (SSL)

220

Warning

Warning


Telnet

Successful login through


Telnet from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)
Login failed through Telnet
from <userIP> authenticated
by AAA server <serverIP>
(Username: <username>,
MAC: <macaddr>)

Informational

Login failed through Telnet


from <userIP> due to AAA
server timeout or improper
configuration (Username:
<username>, MAC: <macaddr>)

Warning

Successful login through SSH


from <userIP> authenticated
by AAA server <serverIP>
(Username: <username>,
MAC: <macaddr>)

Informational

Login failed through SSH from


<userIP> authenticated by
AAA server <serverIP>
(Username: <username>,
MAC: <macaddr>)

Warning

Login failed through SSH from


<userIP> due to AAA server
timeout or improper
configuration (Username:
<username>, MAC:
<macaddr>)

Warning

Successful Enable Admin


through Console
authenticated by AAA
local_enable method
(Username: <username>)

Informational

Enable Admin failed through


Console authenticated by
AAA local_enable method
(Username: <username>)

Warning

Successful Enable Admin


through Web from <userIP>

Informational


Telnet


Telnet


SSH


SSH


SSH

Enable
Admin

local_enable
( )

Enable
Admin

local_enable
( )

Enable

221

Warning

Admin Web

local_enable
( )

Enable
Admin Web

local_enable
( )

Enable
Admin Web
(SSL)

local_enable
( )

Enable
Admin Web
(SSL)

local_enable
( )

Enable
Admin Telnet

local_enable
( )

Enable
Admin Telnet

local_enable
( )

Enable
Admin SSH

local_enable
( )

Enable
Admin SSH

authenticated by AAA
local_enable method
(Username: <username>,
MAC: <macaddr>)

Enable Admin failed through


Web from <userIP>
authenticated by AAA
local_enable method
(Username: <username>,
MAC: <macaddr>)

Warning

Successful Enable Admin


through Web (SSL) from
<userIP> authenticated by
AAA local_enable method
(Username: <username>,
MAC: <macaddr>)

Informational

Enable Admin failed through


Web (SSL) from <userIP>
authenticated by AAA
local_enable method
(Username: <username>,
MAC: <macaddr>)

Warning

Successful Enable Admin


through Telnet from <userIP>
authenticated by AAA
local_enable method
(Username: <username>,
MAC: <macaddr>)

Informational

Enable Admin failed through


Telnet from <userIP>
authenticated by AAA
local_enable method
(Username: <username>,
MAC: <macaddr>)

Warning

Successful Enable Admin


through SSH from <userIP>
authenticated by AAA
local_enable method
(Username: <username>,
MAC: <macaddr>)

Informational

Enable Admin failed through


SSH from
<userIP> authenticated by

Warning

222

local_enable
( )

Enable
Admin

none

Enable
Admin Web

none

Enable
Admin Web
(SSL)

none

Enable
Admin Telnet

none

AAA local_enable method


(Username: <username>,
MAC: <macaddr>)

Enable
Admin SSH

none

Enable
Admin

Enable
Admin

Enable
Admin

Successful Enable Admin


through Console
authenticated by AAA none
method (Username:
<username>)

Informational

Successful Enable Admin


through Web from <userIP>
authenticated by AAA none
method (Username:
<username>, MAC:
<macaddr>)

Informational

Successful Enable Admin


through Web (SSL) from
<userIP> authenticated by
AAA none method (Username:
<username>, MAC:
<macaddr>)

Informational

Successful Enable Admin


through Telnet from <userIP>
authenticated by AAA none
method (Username:
<username>, MAC:
<macaddr>)
Successful Enable Admin
through SSH from <userIP>
authenticated by AAA none
method (Username:
<username>, MAC:
<macaddr>)
Successful Enable Admin
through Console
authenticated by AAA server
<serverIP> (Username:
<username>)

Informational

Informational

Informational

Enable Admin failed through


Console authenticated by
AAA server <serverIP>
(Username: <username>)

Warning

Enable Admin failed through


Console due to AAA server
timeout or improper
configuration (Username:
<username>)

Warning

223

Enable
Admin Web

Enable
Admin Web

Enable
Admin Web

Enable
Admin Web
(SSL)

Enable
Admin Web
(SSL)

Enable
Admin Web
(SSL)

Successful Enable Admin


through Web from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)

Informational

Enable Admin failed through


Web from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)

Warning

Enable Admin failed through


Web from <userIP> due to
AAA server timeout or
improper configuration
(Username: <username>,
MAC: <macaddr>)

Warning

Successful Enable Admin


through Web (SSL) from
<userIP> authenticated by
AAA server <serverIP>
(Username: <username>,
MAC: <macaddr>)

Informational

Enable Admin failed through


Web (SSL) from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)

Warning

Enable Admin failed through


Web (SSL) from <userIP> due
to AAA server timeout or
improper configuration
(Username: <username>,
MAC: <macaddr>)

Warning

224

Enable
Admin Telnet

Enable
Admin Telnet

Enable
Admin Telnet

Enable
Admin SSH

Enable
Admin SSH

Enable
Admin SSH

Port
Security

Successful Enable Admin


through Telnet from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)

Informational

Enable Admin failed through


Telnet from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)

Warning

Enable Admin failed through


Telnet from <userIP> due to
AAA server timeout or
improper configuration
(Username: <username>,
MAC: <macaddr>)

Warning

Successful Enable Admin


through SSH from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)

Informational

Enable Admin failed through


SSH from <userIP>
authenticated by AAA server
<serverIP> (Username:
<username>, MAC:
<macaddr>)

Warning

Enable Admin failed through


SSH from <userIP> due to
AAA server timeout or
improper configuration
(Username: <username>,
MAC: <macaddr>)

Warning

AAA server <serverIP>


(Protocol: <protocol>)
connection failed
Port security violation (Port:
<portNum>, MAC: <macaddr>)

Warning

225

Warning

IP and
Passwor
d
changed

Port
Security
,

.

IP.

Safeguaard
Safeguar Engine
d Engine
Safeguaard
Engine

Packet

storm

Management IP address was


changed by (IP:
<ipaddr>, MAC: <macaddr>,
Port <portNum>)

Informational

Password was changed by (IP:


<ipaddr>, MAC: <macaddr>,
Port <portNum>)
SafeGuard Engine enters
NORMAL mode

Informational
Informational

SafeGuard Engine enters


EXHAUSTED mode

Warning

Broadcast storm is occurring


(port: <id>)

Warning

Broadcast storm has cleared


(port: <id>)
Multicast storm is occurring
(port: <id>)

Informational

Multicast storm has cleared


(port: <id>)
Port (port: <id>) is cuurently
shut down due to a packet
shtorm

Informational

226

Warning

Warning

D

.

Mini-GBIC

1000BASET
100BASETX
10Base-T


1000BASE-LX,

1000BASE-SX,

1000BASE-LH,

1000BASE-ZX,

UTP- 5e
UTP- 5 (1000 /)
UTP- 5 (100 /)

100

UTP- 3 (10 /)

100

227


10
550
40
80
100


1000BASE-LX: Gigabit Ethernet, ,
550 .
1000BASE-SX: Gigabit Ethernet, ,
10 .
100BASE-FX: Fast Ethernet .
100BASE-TX: IEEE 802.3u Ethernet 100 /
2- 5.
10BASE-T: IEEE 802.3i Ethernet
(" ").
aging: ,
.
ATM: Asynchronous Transfer Mode ( ). ,
()
. ATM , , .
(auto-negotiation): ,
, . ,
,
.
(backbone port): , ,
.
. downlink-.
(backbone): ,
.
(bandwidth): ,
, . Ethernet
10/, Fast Ethernet 100/.
baud rate: , .
BOOTP: BOOTP IP- MAC . ,
.
(bridge): ,
OSI.
(broadcast): .

(broadcast
storm):

, , ,
.
(console port): ,
.

228

, .
.
CSMA/CD: Carrier sense multiple access/collision detection. ,
Ethernet IEEE 802.3, ,
.
, .

.
(data center switching):
,
,
.
Ethernet: (LAN) Xerox, Intel
Digital Equipment Corporation. Ethernet 10/
CSMA/CD .
Fast Ethernet: 100 , Ethernet.
CSMA/CD .
(Flow Control): (IEEE 802.3z). ,

.
(forwarding):
.

(full duplex): ,
.
(half duplex): , ,
.
IP- (IP address): ,
CP/IP. 4- ,
, .
IPX: , NetWare
(LAN): , , ,
, ( ).
.
(latency): , ,
, .
(line speed): baud rate.
(main port): ,
.
MDI - Medium Dependent Interface: Ethernet,
.

229

MDI-X - Medium Dependent Interface Cross-over: Ethernet,


.
(MIB): ,
.
SNMP. MIB.
(multicast):
. (Destination address field).
(protocol): , .
, , .
(resilient link): , ,
, .
(main port) standby port.
RJ-45: 8- IEEE 802.3 10BASE-T
(RMON): SNMP MIB II,
, 10 .
(RPS): ,
.
SLIP - Serial Line Internet Protocol: , IP-
.
SNMP - Simple Network Management Protocol: ,
TCP/IP. SNMP

.
Spanning Tree Protocol (STP): ,
. STP
, , .
(stack): , ,
.
standby port: ,
.
(switch): , , ,
. ,
, .
, .
TCP/IP: , Telnet, FTP
.
telnet: TCP/IP, ,
,
.

230

TFTP - Trivial File Transfer Protocol: , (


) ,
.
UDP - User Datagram Protocol: ,
.
VLAN ( LAN):
.
LAN.
LAN (VLT): -,
VLAN- .
VT100: , ASCII. VT100-
.

231

Оценить