D link des 3528 руководство - Большая энциклопедия инструкций и руководств

Manuals
Brands
D-Link Manuals
Switch
DES-3528 — xStack Switch — Stackable
User manual

Xstack

Contents
Table of Contents
Bookmarks

Quick Links

User Manual

DES-3528

Product Model:

Layer 2 Managed Stackable Fast Ethernet Switch

Release 1.2

Related Manuals for D-Link DES-3528

Summary of Contents for D-Link DES-3528

Page 1: User Manual

User Manual DES-3528 Product Model: Layer 2 Managed Stackable Fast Ethernet Switch Release 1.2…
Page 2
Reproduction in any manner whatsoever without the written permission of D-Link Computer Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Computer Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
Page 3
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
Page 4: Table Of Contents

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Table of Contents Preface ………………………………..x Intended Readers…………………………….. xi Typographical Conventions ……………………………..xi Notes, Notices, and Cautions ………………………….. xi Safety Instructions …………………………….xii Safety Cautions ………………………………..xii General Precautions for Rack-Mountable Products ………………………. xiii Protecting Against Electrostatic Discharge …………………………xiv…
Page 5
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Introduction………………………………18 Login to Web Manager ………………………………18 Web-based User Interface ……………………………….19 Web Pages………………………………….20 Configuration …………………………21 Device Information …………………………….22 System Information…………………………….22 Serial Port Settings…………………………….23 IP Address………………………………23 Port Configuration…………………………….
Page 6
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Host Table ………………………………..53 SNMP Engine ID ………………………………..53 SNMP Trap Configuration ………………………………54 Time Range Settings …………………………….54 Single IP Settings…………………………….55 SIM Settings………………………………….56 Topology ………………………………….57 Tool Tips………………………………….60 Right-Click………………………………….61 Menu Bar ………………………………….63…
Page 7
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MLD Snooping Settings………………………………94 Port Mirror ………………………………96 Loopback Detection Settings …………………………. 97 Spanning Tree ………………………………98 STP Bridge Global Settings …………………………….100 STP Port Settings ………………………………..102 MST Configuration Identification…………………………..103 STP Instance Settings………………………………104…
Page 8
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual IMP Entry Settings………………………………..131 DHCP Snooping Entries ……………………………….132 MAC Block List………………………………..132 Port Security………………………………132 Port Security Settings………………………………132 Port Security FDB Entries……………………………..133 DHCP Server Screening Settings…………………………. 134 DHCP Screening Port Settings…………………………….134 DHCP Offer Filtering………………………………135…
Page 9
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Web-based Access Control Settings…………………………..165 Web-based Access Control User Settings …………………………166 JWAC (Japanese Web-based Access Control)……………………… 167 JWAC Global Settings ………………………………167 JWAC Port Settings ………………………………169 JWAC User Account………………………………170 NetBIOS Filtering …………………………….170 NetBIOS Filtering Settings …………………………….170…
Page 10
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual JWAC Host Table …………………………….232 MAC Address Table ……………………………. 233 System Log ………………………………233 Save Services and Tools……………………..235 Save Configuration ID 1 …………………………..235 Save Configuration ID 2 …………………………..236 Save Log ………………………………
Page 11: Preface

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Preface The DES-3528 Manual is divided into sections that describe the system installation and operating instructions with examples. Section 1, Introduction – Describes the Switch and its features.
Page 12: Intended Readers

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Intended Readers The DES-3528 Manual contains information for setup and management of the Switch. This manual is intended for network managers familiar with network management concepts and terminology.
Page 13: Safety Instructions

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Safety Instructions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this document, the caution icon ( ) is used to indicate cautions and precautions that you need to review and follow.
Page 14: General Precautions For Rack-Mountable Products

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual ratings label. The voltage and current rating of the cable should be greater than the ratings marked on the product. • To help prevent electric shock, plug the system and peripheral power cables into properly grounded electrical outlets.
Page 15: Protecting Against Electrostatic Discharge

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual CAUTION: Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor. Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available.
Page 16: Introduction

Side Panel Description Gigabit Combo Ports The DES-3528 layer 2 Fast Ethernet switch is a member of the D-Link xStack family. Ranging from 10/100Mbps edge switches to core gigabit switches, the xStack switch family has been future-proof designed to provide a stacking architecture with fault tolerance, flexibility, port density, robust security and maximum throughput with a user-friendly management interface for the networking professional.
Page 17: Gigabit Ethernet Technology

Switch’s settings for priority queuing, VLANs, and port trunk groups, port monitoring, and port speed. NOTE: For the remainder of this manual, all hardware versions of the DES-3528 switch will be referred to as simply the Switch or the DES-3528.
Page 18: Ports

LED Indicators The Switch supports LED indicators for Power, Console, RPS and Port LEDs. The following shows the LED indicators for the DES-3528 switch along with an explanation of each indicator. LEDs and there corresponding meanings are displayed below. Figure 1- 2. LED Indicators on DES-3528 switch…
Page 19
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Solid Light RPS is in Use Green Light Off RPS Off Solid Light When the device is the stacking master. Master(MS) Green Light Off Not the Stacking Master.
Page 20: Rear Panel Description

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Rear Panel Description The rear panel of the Switch contains an AC power connector. Figure 1- 3. Rear panel view of the DES-3528 The AC power connector is a standard three-pronged connector that supports the power cord. Plug-in the female connector of the provided power cord into this socket, and the male side of the cord into a power outlet.
Page 21
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 1- 6. Installing the SFP Module…
Page 22: Installation

Four rubber feet with adhesive backing RS-232 console cable If any item is found missing or damaged, please contact your local D-Link Reseller for replacement. Before You Connect to the Network The site where you install the Switch may greatly affect its performance. Please follow these guidelines for setting up the Switch.
Page 23: Installing The Switch Without The Rack

Attach these cushioning feet on the bottom at each corner of the device. Allow enough ventilation space between the Switch and any other objects in the vicinity. Figure 2- 1. Preparing the DES-3528 for installation on a desktop or shelf Installing the Switch in a Rack The Switch can be mounted in a standard 19″…
Page 24: Mounting The Switch In A Standard 19″ Rack

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Mounting the Switch in a Standard 19″ Rack CAUTION: Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over, potentially resulting in bodily injury under certain circumstances. Therefore, always install the stabilizers before installing components in the rack.
Page 25: Connecting The Switch

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 3 Connecting the Switch Switch to End Node Switch to Hub or Switch Connecting To Network Backbone or Server NOTE: All 24 high-performance NWay Ethernet ports can support both MDI-II and MDI-X connections.
Page 26
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 3- 2. DES-3528 connected to a normal (non-Uplink) port on a hub or switch using a straight or crossover cable…
Page 27: Connecting To Network Backbone Or Server

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Connecting To Network Backbone or Server The two SFP combo ports are ideal for linking to a network backbone or server. The copper ports operate at a speed of 1000, 100 or 10Mbps in full or half duplex mode.
Page 28: Introduction To Switch Management

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 4 Introduction to Switch Management Management Options Web-based Management Interface SNMP-Based Management Managing User Accounts Command Line Console Interface through the Serial Port Connecting the Console Port (RS-232 DCE)
Page 29: Command Line Interface

12. Enter the commands to complete your desired tasks. Many commands require administrator-level access privileges. Read the next section for more information on setting up user accounts. See the DES-3528 CLI Manual on the documentation CD for a list of all commands and additional information on using the CLI.
Page 30: First Time Connecting To The Switch

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual First Time Connecting to the Switch The Switch supports user-based security that can allow you to prevent unauthorized users from accessing the Switch or changing its settings. This section tells how to log onto the Switch.
Page 31: Snmp Settings

The DES-3528 supports SNMP versions 1, 2c, and 3. You can specify which version of SNMP you want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.
Page 32: Ip Address Assignment

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMP v.3 in that SNMP messages may be encrypted. To read more about how to configure SNMP v.3 settings for the Switch read the section entitled Management.
Page 33
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Starting at the command line prompt, enter the commands config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy Where the x’s represent the IP address to be assigned to the IP interface named System and the y’s represent the corresponding subnet mask.
Page 34: Web-Based Switch Configuration

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 5 Web-based Switch Configuration Introduction Login to Web manager Web-Based User Interface Basic Setup Reboot Basic Switch Setup Network Management Switch Utilities Network Monitoring IGMP Snooping Status…
Page 35: Web-Based User Interface

Area 1 Select the folder or window to be displayed. The folder icons can be opened to display the hyper- linked window buttons and subfolders contained within them. Click the D-Link logo to go to the D- Link website. Area 2 Presents a graphical near real-time image of the front panel of the Switch.
Page 36: Web Pages

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual configuration. Area 3 Presents switch information based on your selection and the entry of configuration data. NOTICE: Any changes made to the Switch configuration during the current session must be saved in the Save Changes web menu (explained below) or use the command line interface (CLI) command save.
Page 37: Configuration

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 6 Configuration System Information Serial Port Settings IP Address Port Configuration Static ARP Settings User Accounts System Log Configuration System Severity Settings DHCP/BOOTP Relay MAC Address Aging Time…
Page 38: Device Information

This window contains the main settings for all major functions on the Switch and appears automatically when you log on. To return to the Device Information window, click the DES-3528 Web Management Tool folder. The Device Information window shows the Switch’s MAC Address (assigned by the factory and unchangeable), the Boot PROM Version, Firmware Version, and Hardware Version.
Page 39: Serial Port Settings

The IP address may initially be set using the console interface prior to connecting to it through the Ethernet. If the Switch IP address has not yet been changed, read the introduction of the DES-3528 CLI Manual or return to Section 4 of this manual for more information.
Page 40
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual management station that will access the Switch. The Switch will allow management access from stations with the same VID listed here. NOTE: The Switch’s factory default IP address is 10.90.90.90 with a subnet mask of 255.0.0.0 and a default gateway of 0.0.0.0.
Page 41
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual…
Page 42: Port Configuration

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port Configuration This section contains information for configuring various attributes and properties for individual physical ports, including port speed and flow control. Port Settings Click Configuration > Port Configuration > Port Settings to display the following window: To configure switch ports: 1.
Page 43
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual a 1000BASE-T cable for connection between the Switch port and other device capable of a gigabit connection. The master setting (1000M/Full_M) will allow the port to advertise capabilities related to duplex, speed and physical layer type.
Page 44: Port Description

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port Description The Switch supports a port description feature where the user may name various ports on the Switch. To assign names to various ports, click Configuration > Port Configuration > Port Description to view the following window: Use the From and To pull-down menu to choose a port or range of ports to describe, and then enter a description of the port(s).
Page 45: Port Error Disabled

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port Error Disabled The following window will display the information about ports that have had their connection status disabled, for reasons such as STP loopback detection or link down status. To view this window, click Configuration > Port Configuration >…
Page 46: Static Arp Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Static ARP Settings The Address Resolution Protocol (ARP) is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify and delete ARP information for specific devices. Static entries can be defined in the ARP Table.
Page 47: User Accounts

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual User Accounts Use the User Account Management window to control user privileges, create new users and view existing User Accounts. To view this window, click Configuration > User Accounts.
Page 48
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following table summarizes the Admin, Operator and User privileges: Management Admin Operator User Configuration Read-only Network Monitoring Read-only Community Strings and Trap Stations Read-only Update Firmware and Configuration Files…
Page 49: System Log Configuration

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual System Log Configuration This section contains information for configuring various attributes and properties for System Log Configurations, including System Log Settings and System Log Host. System Log Settings This window allows the user to enable or disable the System Log and specify the System Log Save Mode Settings.
Page 50
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Facility Some of the operating system daemons and processes have been assigned Facility values. Processes and daemons that have not been explicitly assigned a Facility may use any of the «local use»…
Page 51: System Severity Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual System Severity Settings The Switch can be configured to allow alerts be logged or sent as a trap to an SNMP agent or both. The level at which the alert triggers either a log entry or a trap message can be set as well.
Page 52: Dhcp/Bootp Relay

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual DHCP/BOOTP Relay The relay hops count limit allows the maximum number of hops (routers) that the DHCP/BOOTP messages can be relayed through to be set. If a packet’s hop count is more than the hop count limit, the packet is dropped. The range is between 1 and 16 hops, with a default value of 4.
Page 53
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual check and policy settings will have no effect. DHCP Relay Agent This field can be toggled between Enabled and Disabled using the pull-down menu. It is Information Option 82 used to enable or disable the Switches ability to check the validity of the packet’s option 82…
Page 54: Dhcp/Bootp Relay Interface Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The Implementation of DHCP Information Option 82 in the DES-3528 Switch. The config dhcp_relay option_82 command configures the DHCP relay agent information option 82 setting of the switch. The formats for the circuit ID sub-option and the remote ID sub-option are as follows: NOTE: For the circuit ID sub-option of a standalone switch, the module field is always zero.
Page 55: Dhcp Auto Configuration Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 15. DHCP/BOOTP Relay Interface Settings and DHCP/BOOTP Relay Interface Table window The following parameters may be configured or viewed. Parameter Description Interface The IP interface on the Switch that will be connected directly to the Server.
Page 56: Web Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Web Settings Web-based management is Enabled by default. If you choose to disable this by selecting Disabled, you will lose the ability to configure the system through the web interface as soon as these settings are applied.
Page 57: Firmware Information

States the user who downloaded the firmware. This field may read “Anonymous” or “Unknown” for users that are unidentified. Dual Configuration Settings The following window is used to configure firmware information set in the Switch. The xStack DES-3528 has the capability to store two firmware images in its memory.
Page 58
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To access this table, click Configuration > Dual Configuration Settings: Figure 6- 23. Dual Configuration Settings This window holds the following information: Parameter Description States the ID number of the configuration file located in the Switch’s memory. The Switch can store two configuration files for use.
Page 59: Ping Test

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Ping Test Ping is a small program that sends ICMP Echo packets to the IP address you specify. The destination node then responds to or «echoes» the packets sent from the Switch. This is very useful to verify connectivity between the Switch and other nodes on the network.
Page 60: Sntp Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNTP Settings Time Settings To configure the time settings for the Switch, click Configuration > SNTP Settings > Time Settings: Figure 6- 25. Time Settings window The following parameters can be set or are displayed:…
Page 61: Timezone Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual TimeZone Settings The following window is used to configure time zones and Daylight Savings time settings for SNTP. To configure the time Zone Settings for the Switch, click Configuration > SNTP Settings > TimeZone Settings: Figure 6- 26.
Page 62: Mac Notification Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Week From: Month Enter the month DST will start on. From: Time in Enter the time of day that DST will start on. HH:MM To: Which Week of Enter the week of the month the DST will end.
Page 63: Mac Notification Port Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Parameter Description State Enable or disable MAC notification globally on the Switch. Interval The time in seconds between notifications. (1-2147483647 sec) History Size The maximum number of entries listed in the history log used for notification. Up to 500 entries (1-500) can be specified.
Page 64: Snmp Settings

The DES-3528 supports the SNMP versions 1, 2c, and 3. The default SNMP setting is disabled. You must enable SNMP. Once SNMP is enabled you can choose which version you want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.
Page 65: Snmp Global State

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Global State Use this table to globally enable or disable the SNMP Settings on the switch. To view this window, click Configuration > SNMP Settings > SNMP Global State: Figure 6- 29.
Page 66: Snmp Group Table

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Group Table An SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous menu. To view this window, click Configuration > SNMP Settings > SNMP Group Table: Figure 6- 31.
Page 67: Snmp User Table

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP User Table This window displays all of the SNMP User’s currently configured on the Switch and also allows you to add new users. To view this window, click Configuration > SNMP Settings > SNMP User Table: Figure 6- 32.
Page 68: Snmp Community Table

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To implement changes made, click Apply. SNMP Community Table Use this table to view existing SNMP Community Table configurations and to create a SNMP community string to define the relationship between the SNMP manager and an agent. The community string acts like a password to permit access to the agent on the Switch.
Page 69: Snmp Host Table

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Host Table Use the SNMP Host Table window to set up SNMP trap recipients. To configure SNMP Host Table entries, click Configuration > SNMP Settings > SNMP Host Table: Figure 6- 34.
Page 70: Snmp Trap Configuration

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Trap Configuration The following window is used to enable and disable trap settings for the SNMP function on the Switch. To view this window for configuration, click Configuration > SNMP Settings > SNMP Trap Configuration: Figure 6-36.
Page 71: Single Ip Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Single IP Settings Simply put, D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the «Single IP Management» feature: 1.
Page 72: Sim Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The Upgrade to v1.6 To better improve SIM management, the DES-3528 Switch has been upgraded to version 1.6 in this release. Many improvements have been made, including: 1. The Commander Switch (CS) now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction.
Page 73: Topology

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 39. Single IP Settings window (enabled) The following parameters can be set: Parameters Description SIM State Use the pull-down menu to either enable or disable the SIM state on the Switch. Disabled will render all SIM functions on the Switch inoperable.
Page 74
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 40. Single IP Management window — Tree View The Tree View window holds the following information under the Data tab: Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user. If no Device Name is configured by the name, it will be given the name default and tagged with the last six digits of the MAC Address to identify it.
Page 75
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 41. Topology view This window will display how the devices within the Single IP Management Group are connected to other groups and devices. Possible icons in this screen are as follows:…
Page 76: Tool Tips

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Tool Tips In the Topology view window, the mouse plays an important role in configuration and in viewing device information. Setting the mouse cursor over a specific device in the topology window (tool tip) will display the same information about a specific device as the Tree view does.
Page 77: Right-Click

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Right-Click Right-clicking on a device will allow the user to perform various functions, depending on the role of the Switch in the SIM group and the icon associated with it.
Page 78: Commander Switch Icon

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Commander Switch Icon Figure 6- 46. Right-Clicking a Commander Icon The following options may appear for the user to configure: Collapse — To collapse the group that will be represented by a single icon.
Page 79: Menu Bar

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Add to group — Add a candidate to a group. Clicking this option will reveal the following dialog for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group. Click OK to enter the password or Cancel to exit the window.
Page 80: Firmware Upgrade

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 52. About window Firmware Upgrade This screen is used to upgrade firmware from the Commander Switch to the Member Switch. Member Switches will be listed in the table and will be specified by Port (port on the CS where the MS resides), MAC Address, Model Name and Version.
Page 81: Upload Log

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Upload Log The following window is used to upload log files from SIM member switches to a specified PC. To upload a log file, enter the Server IP address of the SIM member switch and then enter a Path\Filename on your PC where you wish to save this file.
Page 82: L2 Features

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 7 L2 Features Jumbo Frame 802.1Q VLAN QinQ 802.1v Protocol VLAN GVRP Settings GVRP Timer Settings Asymmetric VLAN Settings MAC-based VLAN Settings PVID Auto Assign Settings Port Trunking…
Page 83: Vlan Description

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual dependent on such time critical data, such as video conferencing, can be severely and adversely affected by even very small delays in transmission. Network devices that are in compliance with the IEEE 802.1p standard have the ability to recognize the priority level of data packets.
Page 84: Q Vlan Tags

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Egress port — A port on a switch where packets are flowing out of the Switch, either to another switch or to an end station, and tagging decisions must be made.
Page 85
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 3. IEEE 802.1Q Tag The EtherType and VLAN ID are inserted after the MAC source address, but before the original EtherType/Length or Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated.
Page 86: Port Vlan Id

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLANs to span network devices (and indeed, the entire network, if all network devices are 802.1Q compliant).
Page 87: Default Vlans

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual same VID) as the ingress port. If it does not, the packet is dropped. If it has the same VID, the packet is forwarded and the destination port transmits it on its attached network segment.
Page 88
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual NOTE: In order to use VLAN segmentation in conjunction with port trunk groups, you can first set the port trunk group(s), and then you may configure VLAN settings. If you wish to change the port trunk grouping with VLANs already in place, you will not need to reconfigure the VLAN settings after changing the port trunk group settings.
Page 89: Double Vlans

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Double VLANs Double or Q-in-Q VLANs allow network providers to expand their VLAN configurations to place customer VLANs within a larger inclusive VLAN, which adds a new layer to the VLAN configuration. This basically lets large ISP’s create L2 Virtual Private Networks and also create transparent LANs for their customers, which will connect two or more customer LAN points without over-complicating configurations on the client’s side.
Page 90: 802.1Q Vlan

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Customer VLANs using SPVLANs, thus greatly regulating traffic and routing on the Service Provider switch. This information is then routed to the Service Provider’s main network and regarded there as one VLAN, with one set of protocols and one routing behavior.
Page 91
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual NOTE: After all IP interfaces are set for your configurations, VLANs on the switch can be routed without any additional steps. Figure 7- 8. 802.1Q VLAN window – Add/Edit VLAN Tab To return to the 802.1Q VLAN window, click the VLAN List Tab at the top of the window.
Page 92
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following fields can then be set in either the Add/Edit VLAN or Edit 802.1Q VLAN windows: Parameter Description VID (VLAN ID) Allows the entry of a VLAN ID, or displays the VLAN ID of an existing VLAN in the Edit window.
Page 93: Click Apply To Implement Changes Made.qinq

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 11. 802.1Q VLAN window – VLAN Batch Settings window The following fields can be set in the VLAN Batch Settings windows: Parameter Description VID List (e.g 2-5) Enter a VLAN ID List that can be added, deleted or configured.
Page 94: Qinq

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual QinQ This function allows the user to enable or disable the QinQ function. QinQ is designed for service providers to carry traffic from multiple users across a network. QinQ is used to maintain customer specific VLAN and Layer 2 protocol configurations even when the same VLAN ID is being used by different customers.
Page 95: Vlan Translation Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual the packet will be assigned to the PVID of the received port. Outer TPID The Outer TPID is used for learning and switching packets. The Outer TPID constructs and inserts the outer tag into the packet based on the VLAN ID and Inner Priority.
Page 96: 802.1V Protocol Vlan

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1v Protocol VLAN 802.1v Protocol Group Settings The table allows the user to create Protocol VLAN groups and add protocols to that group. The 802.1v Protocol VLAN Group Settings supports multiple VLANs for each protocol and allows the user to configure the untagged ports of different protocols on the same physical port.
Page 97
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 15. Protocol VLAN Settings window The following fields can be set: Parameter Description Group ID Click the corresponding radio button to select a previously configured Group ID from the drop- down menu.
Page 98: Gvrp Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual GVRP Settings The table allows the user to determine whether the Switch will share its VLAN configuration information with other GARP VLAN Registration Protocol (GVRP) enabled switches. In addition, Ingress Checking can be used to limit traffic by filtering incoming packets whose PVID do not match the PVID of the port.
Page 99: Gvrp Timer Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Type between Tagged Only, which means only VLAN tagged frames will be accepted, and Admit_All, which mean both tagged and untagged frames will be accepted. Admit_All is enabled by default.
Page 100: Mac-Based Vlan Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MAC-based VLAN Settings This table is used to create new MAC Based VLAN entries and search, edit and delete existing entries. To view this window click L2 Features > MAC-based VLAN Settings: Figure 7- 19.
Page 101: Port Trunking

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port Trunking Understanding Port Trunk Groups Port trunk groups are used to combine a number of ports together to make a single high-bandwidth data pipeline. DES-3500 Series supports up to 8 port trunk groups with 2 to 8 ports in each group. A potential bit rate of 8000 Mbps can be achieved.
Page 102
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual same VLAN, and their STP status, static multicast, traffic control; traffic segmentation and 802.1p default priority configurations must be identical. Port locking, port mirroring and 802.1X must not be enabled on the trunk group. Fur- ther, the aggregated links must all be of the same speed and should be configured as full duplex.
Page 103: Lacp Port Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual LACP Port Settings The LACP Port Settings window is used to create port trunking groups on the Switch. Using the following window, the user may set which ports will be active and passive in processing and sending LACP control frames.
Page 104: Traffic Segmentation

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Traffic Segmentation Traffic segmentation is used to limit traffic flow from a single port to a group of ports on either a single switch or a group of ports on another switch in a switch stack. This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is more restrictive.
Page 105: Igmp Snooping

IGMP messages passing through the Switch. In order to use IGMP Snooping it must first be enabled for the entire Switch (see the DES-3528 Web Management Tool). You may then fine-tune the settings for each VLAN using the IGMP Snooping link in the L2 Features folder.
Page 106: Igmp Snooping Multicast Vlan Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Query Interval The Query Interval field is used to set the time (in seconds) between transmitting IGMP (1-65535) queries. Entries between 1 and 65535 seconds are allowed. Default = 125.
Page 107: Ip Multicast Profile Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual VID (2-4094) This is the VLAN ID that, along with the VLAN Name, identifies the VLAN the user wishes to modify the IGMP Snooping Settings for. State Use the drop-down menu to toggle between Enabled and Disabled.
Page 108: Limited Multicast Range Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 30. IP Multicast Address Group List Settings – Group List window Enter the multicast Address List starting with the lowest in the range, and click Add. To return to the IP Multicast Profile Settings window, click the <<Back button.
Page 109: Max Multicast Group Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 32. Multicast Filtering Mode window To add a new Multicast Filter enter the information and click Apply, to search for an entry click Search, and to view all the VLANs click the View All button.
Page 110: Mld Snooping Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MLD Snooping Settings Multicast Listener Discovery (MLD) Snooping is an IPv6 function used similarly to IGMP snooping in IPv4. It is used to discover ports on a VLAN that are requesting multicast data. Instead of flooding all ports on a selected VLAN with multicast traffic, MLD snooping will only forward multicast data to ports that wish to receive this data through the use of queries and reports produced by the requesting ports and the source of the multicast traffic.
Page 111
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 35. MLD Snooping Settings – Edit Window The following parameters may be viewed or modified: Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for which to modify the MLD Snooping Settings.
Page 112: Port Mirror

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual State Used to enable or disable MLD snooping for the specified VLAN. This field is Disabled by default. Querier Router Behavior This read-only field describes the current querier state of the Switch, whether Querier, which will send out Multicast Listener Query Messages to links, or Non- Querier, which will not send out Multicast Listener Query Messages.
Page 113: Loopback Detection Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Loopback Detection Settings The Loopback Detection function is used to detect the loop created by a specific port. This feature is used to temporarily shutdown a port on the Switch when a CTP (Configuration Testing Protocol) packet has been looped back to the switch.
Page 114: Spanning Tree

802.1d STP will be familiar to most networking professionals. However, since 802.1w RSTP has been recently introduced to D-Link managed Ethernet switches, a brief introduction to the technology is provided below followed by a description of how to set up 802.1d STP and 802.1w RSTP.
Page 115: P2P Port

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual P2P Port A P2P port is also capable of rapid transition. P2P ports may be used to connect to other bridges. Under RSTP, all ports operating in full-duplex mode are considered to be P2P ports, unless manually overridden through configuration.
Page 116: Stp Bridge Global Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual STP Bridge Global Settings To open the following window, click L2 features > Spanning Tree > STP Bridge Global Settings. Figure 7- 38. STP Bridge Global Settings window…
Page 117
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Max Hops (1-20) Used to set the number of hops between devices in a spanning tree region before the BPDU (bridge protocol data unit) packet sent by the Switch will be discarded. Each switch on the hop count will reduce the hop count by one until the value reaches zero.
Page 118: Stp Port Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual STP Port Settings STP can be set up on a port per port basis. To view the following window click L2 Features > Spanning Tree > STP Port Settings: Figure 7- 39.
Page 119: Mst Configuration Identification

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Migrate Setting this parameter as Yes will set the ports to send out BPDU packets to other bridges, requesting information on their STP setting If the Switch is configured for RSTP, the port will be capable to migrate from 802.1d STP to 802.1w RSTP.
Page 120: Stp Instance Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The window above contains the following information: Parameter Description Configuration Name A previously configured name set on the Switch to uniquely identify the MSTI (Multiple Spanning Tree Instance). If a configuration name is not set, this field will show the MAC address to the device running MSTP.
Page 121: Mstp Port Information

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 42. STP Instance Settings — View window MSTP Port Information This window displays the current MSTP Port Information and can be used to update the port configuration for an MSTI ID.
Page 122: Forwarding & Filtering

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Forwarding & Filtering This folder contains windows for Unicast Forwarding and Multicast Forwarding. Unicast Forwarding To view this window, Click L2 Features > Forwarding & Filtering > Unicast Forwarding.
Page 123: Lldp

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual chosen, the port will not be a member of the Static Multicast Group. Egress — The port is a static member of the multicast group. Click Apply to implement the changes made. To delete an entry in the Static Multicast Forwarding Table, click the corresponding Delete button.
Page 124: Lldp Port Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual LLDP Notification LLDP Notification Interval is used to send notifications to configured SNMP trap receiver(s) when Interval (5-3600) an LLDP change is detected in an advertisement received on the port from an LLDP neighbor.
Page 125: Lldp Management Address List

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual LLDP Management Address List To view this window, Click L2 Features > LLDP > LLDP Management Address List Figure 7- 48. LLDP Management Address List window The following parameters can be set:…
Page 126: Lldp Dot1 Tlvs Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Parameter Description From Port/To Use the pull-down menu to select a range of ports to be configured. Port Port Description Use the drop-down menu to enable or disable port description.
Page 127: Lldp Dot3 Tlvs Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Click Apply to implement changes made. LLDP Dot3 TLVs Settings To view this window, Click L2 Features > LLDP > LLDP Dot3 TLVs Settings Figure 7- 51. LLDP Dot3 TLVs Settings window…
Page 128: Lldp Local Port Information

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 52. LLDP Statistics System window LLDP Local Port Information LLDP Local Port Information window displays the information on a per port basis in the local port brief table shown below.
Page 129: Lldp Remote Port Information

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 54. LLDP Local Port Information (Show Normal) window Use the drop-down menu to select a port and click Find the information will be displayed on the lower half of the window.
Page 130: Qos

View the following map to see how the DES-3528 implements 802.1P priority queuing. Figure 8- 1. Mapping QoS on the Switch…
Page 131: Understanding Qos

CoS until there are no more packets for this CoS. The other CoS queues that have been given a nonzero value, and depending upon the weight, will follow a common weighted round-robin scheme. Remember that the xStack DES-3528 has eight priority queues (and eight Classes of Service) for each port on the Switch.
Page 132: Hol Blocking Pevention

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual HOL Blocking Pevention This window is used to enable HOL Prevention Settings on the Switch. To view this table Click QoS > HOL Prevention Settings Figure 8- 2. HOL Prevention Settings window…
Page 133: Traffic Control

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Click Apply to set the bandwidth control for the selected ports. Results of configured Bandwidth Settings will be displayed in the Bandwidth Control Table on the lower half of the window.
Page 134
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Parameter Description Traffic Control Settings From Port/To A consecutive group of ports may be configured starting with the selected port. Port Action Select the method of traffic Control from the pull-down menu. The choices are: Drop –…
Page 135: 802.1P Default Priority

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual NOTE: Ports that are in the Shutdown forever mode will be seen as Discarding in Spanning Tree windows and implementations though these ports will still be forwarding BPDUs to the Switch’s CPU.
Page 136: 802.1P User Priority

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1p User Priority The Switch allows the assignment of a user priority to each of the 802.1p priorities. To view this window click QoS > 802.1p User Priority.
Page 137: Sred

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Use the weighted round-robin (WRR) algorithm to handle packets in an even distribution in priority classes of service. Click Apply to implement changes made. NOTE: The settings you assign to the queues, numbers 0-7, represent the IEEE 802.1p priority tag number.
Page 138
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following parameters may be set: Parameter Description From port/To port A consecutive group of ports may be configured starting with the selected port. Class ID Select the Class ID, from 0-7, to configure for the SRED parameters. Selecting all will set the parameters configured here for all CoS queues.
Page 139: Sred Drop Counter

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SRED Drop Counter To view this window click QoS > SRED > SRED Drop Counter Figure 8- 9. SRED Drop Counter window DSCP Trust Settings This window is used to enable DSCP Trust Settings.
Page 140: Dscp Map Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual DSCP Map Settings This window is used to enable DSCP Map Settings. To view this window click QoS > SRED > DSCP Map Settings Figure 8- 11. DSCP Map Settings window…
Page 141: 802.1P Map Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1p Map Settings This window is used to enable 802.1p Map Settings. To view this window click QoS > SRED > 802.1p Map Settings Figure 8- 12. DSCP Map Settings window…
Page 142: Security

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 9 Security Safeguard Engine Trusted Host IP-MAC-Port Binding Port Security DHCP Server Screening 802.1X SSL Settings Access Authentication Control MAC-based Access Control Web Authentication JWAC NetBIOS Filtering Settings…
Page 143
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual If the second checking third checking If the fourth interval reveals If the Switch detects interval reveals there are interval reveals there are the packet flooding has too many packets, it…
Page 144: Trusted Host

IP-MAC binding entries is dependant on chip capability (e.g. the ARP table size) and storage size of the device. For the xStack DES-3528 switch, Active and inactive entries use the same database. The maximum entry number is 511. The creation of authorized users can be manually configured by CLI or Web. The…
Page 145: Imp Global Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual IMP Global Settings This window is used to enable or disable the ACL mode, Trap Log State and DHCP Snoop state on the switch. When the user enables the ACL Mode for IP-MAC Binding it will create two Access Profile Entries on the Switch. The Trap/Log field will enable and disable the sending of trap log messages for IP-MAC binding.
Page 146
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 5. IMP Port Settings window The following fields can be set or modified: Parameter Description From Port…To Port Select a port or range of ports to set for IP-MAC Binding.
Page 147: Imp Entry Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual trapped by the CPU needs to be forwarded by the software. This setting controls the forwarding behavior in this situation. Max Entry Specifies the maximum number of IP-MAC-Port Binding entries. By default, per port max entry is 5.
Page 148: Dhcp Snooping Entries

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual DHCP Snooping Entries This table is used to view dynamic entries on specific ports. To view particular port settings, enter the port number and click Find. To view all entries click View All, and to delete an entry, click Clear.
Page 149: Port Security Fdb Entries

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 9. Port Security Settings window The following parameters can be set: Parameter Description A consecutive group of ports may be configured starting with the selected port.
Page 150: Dhcp Server Screening Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 10. Port Security FDB Entries window DHCP Server Screening Settings This function allows the user to not only restrict all DHCP Server packets but also to receive any specified DHCP server packet by any specified DHCP client, it is useful when one or more DHCP servers are present on the network and both provide DHCP services to different distinct groups of clients.
Page 151: Dhcp Offer Filtering

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The user may set the following parameters: Parameter Description From Port/To Port A consecutive group of ports may be configured starting with the selected port. State Choose Enabled to enable the DHCP server or Disabled to disable. The default is Disabled.
Page 152: 136

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1X 802.1x Port-Based and MAC-Based Access Control The IEEE 802.1x standard is a security measure for authorizing and authenticating users to gain access to various wired or wireless devices on a specified Local Area Network by using a Client and Server based access control model.
Page 153
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenticator (Switch). Clients connected to a port on the Switch must be authenticated by the Authentication Server (RADIUS) before attaining any services offered by the Switch on the LAN.
Page 154: Authentication Process

Figure 9- 18. The 802.1x Authentication Process The D-Link implementation of 802.1x allows network administrators to choose between two types of Access Control used on the Switch, which are: 1. Port-Based Access Control – This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network.
Page 155: Understanding 802.1X Port-Based And Mac-Based Network Access Control

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Understanding 802.1x Port-based and MAC-based Network Access Control The original intent behind the development of 802.1X was to leverage the characteristics of point-to-point in LANs. As any single LAN segment in such infrastructures has no more than two devices attached to it, one of which is a Bridge Port.
Page 156: Mac-Based Network Access Control

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MAC-Based Network Access Control RADIUS Server Ethernet Switch … 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X Client Client Client Client Client Client Client…
Page 157: 802.1X Force Disconnect

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1X Force Disconnect To configure the 802.1X Force Disconnect, click Security > 802.1X > 802.1X Force Disconnect Figure 9- 21. 802.1X Force Disconnect window Use the drop down menu to select either Port or MAC Address and enter the corresponding information, click Force Disconnect for the changes to take effect.
Page 158
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual QuietPeriod This allows you to set the number of seconds that the Switch remains in the quiet state following (0-65535) a failed authentication exchange with the client. The default setting is 60 seconds.
Page 159: 802.1X User

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1X User To create a new 802.1X User enter a user name and password then reconfirm the password and click Apply, the new user will be displayed in the lower half of the table. To delete an entry click the corresponding Delete button.
Page 160: Initialize Port(S)

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Initialize Port(s) This window allows you to initialize ports for the 802.1X Settings. This window will appear in the folder when the “enable 802.1x” command is entered into the command line interface.
Page 161: Guest Vlan

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Guest VLAN On 802.1x security enabled networks, there is a need for non 802.1x supported devices to gain limited access to the network, due to lack of the proper 802.1x software or incompatible…
Page 162: Guest Vlan Configuration

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Guest VLAN Configuration To view the following window click, Security > 802.1X > Guest VLAN Figure 9- 28. Guest VLAN window The following fields may be modified to enable the 802.1x Guest VLAN:…
Page 163: Download Certificate

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual These three parameters are uniquely assembled in four choices on the Switch to create a three-layered encryption code for secure communication between the server and the host. The user may implement any one or combination of the ciphersuites available, yet different ciphersuites will affect the security level and the performance of the secured connection.
Page 164
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Cache Timeout This field will set the time between a new key exchange between a client and a host using (60-86400) the SSL function. A new SSL session is established every time the client and host go through a key exchange.
Page 165: Ssh

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts.
Page 166: Ssh Authmode And Algorithm Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual security shell encryptions. The available options are Never, 10 min, 30 min, and 60 min. The default setting is Never. Click Apply to implement changes made. SSH Authmode and Algorithm Settings The SSH Algorithm window allows the configuration of the desired types of SSH algorithms used for authentication encryption.
Page 167: Ssh User Authentication Lists

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Cast128-CBC Use the pull-down to enable or disable the Cast128 encryption algorithm with Cipher Block Chaining. The default is enabled. Twofish128 Use the pull-down to enable or disable the twofish128 encryption algorithm. The default is enabled.
Page 168
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SSH server for authentication purposes. Choosing this parameter requires the user to input the following information to identify the SSH user. Host Name – Enter an alphanumeric string of no more than 31 characters to identify the remote SSH user.
Page 169: Access Authentication Control

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Access Authentication Control The TACACS/XTACACS/TACACS+/RADIUS commands allow users to secure access to the Switch using the TACACS/XTACACS/TACACS+/RADIUS protocols. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password.
Page 170: Authentication Policy Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Authentication Policy Settings This command will enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the Login Method List and choose a technique for user authentication upon login.
Page 171: Authentication Server Group

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Login Method List Using the pull-down menu, configure an application for normal login on the user level, utilizing a previously configured method list. The user may use the default Method List or other Method List configured by the user.
Page 172: Authentication Server

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 37. Authentication Server Group Settings Edit window To add an Authentication Server Host to the list, enter its IP address in the IP Address field, choose the protocol associated with the IP address of the Authentication Server Host and click Add to add this Authentication Server Host to the group.
Page 173: Login Method Lists

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Configure the following parameters to add an Authentication Server Host: Parameter Description IP Address The IP address of the remote server host the user wishes to add. Port (1-65535) Enter a number between 1 and 65535 to define the virtual port number of the authentication protocol on a server host.
Page 174: Enable Method Lists

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 39. Login Method Lists window The Switch contains one Method List that is set and cannot be removed, yet can be modified. To delete a Login Method List defined by the user, click the corressponding Delete button.
Page 175: Local Enable Password Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 40. Enable Method List window To delete an Enable Method List defined by the user, click the the Delete button. To modify an Enable Method List, click on its corresponding Edit button.
Page 176: Radius Accounting Services

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To set the Local Enable Password, set the following parameters and click Apply. Parameter Description Old Local Enable If a password was previously configured for this entry, enter it here in order to change it to…
Page 177: Mac-Based Access Control

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MAC-Based Access Control The MAC-Based Access Control feature will allow users to configure a list of MAC addresses, either locally or on a remote RADIUS server, to be authenticated by the Switch and given access rights based on the configurations set on the Switch of the target VLAN where these authenticated users are placed.
Page 178
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 43. MAC Based Access Control Settings The following parameters may be viewed or set: Parameter Description Settings State Use the pull-down menu to globally enable or disable the MAC-Based Access Control function on the Switch.
Page 179: Mac Based Access Control Local Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Guest VLAN Member Ports Displays the list of ports that have been configured for the Guest VLAN. Port Settings From Port/To Port Enter the Port range. State Use the pull-down menu to enable or disable the MAC-Based Access Control function on individual ports.
Page 180: Web Authentication

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Web Authentication Web-based Access Control is another port based access control method implemented similarily to the 802.1x port based access control method previously stated. This function will allow user…
Page 181: Web-Based Access Control Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 6. If a RADIUS server is to be used for authentication, the user must first establish a RADIUS Server with the appropriate parameters, including the target VLAN, before enabling the Web-based Access Control on the Switch.
Page 182: Web-Based Access Control User Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual RADIUS server. This VLAN should be pre-configured to have limited access rights to web based authenticated users. Enter the URL of the website that authenticated users placed in the VLAN are directed to once Redirection Page authenticated.
Page 183: Jwac (Japanese Web-Based Access Control)

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual have selected local as their web based authenticator. Confirmation Re-enter the password. User-VLAN Mapping User Name Enter the user name of a guest authenticated through this process, to be mapped to a previously configured VLAN with limited rights.
Page 184
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual HTTPs Ports This parameter specifies the TCP port that the JWAC Switch listens to and uses to finish the (1-65535) authentication process. This parameter enables or disables JWAC UDP Filtering. When UDP Filtering is Enabled, all…
Page 185: Jwac Port Settings

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual JWAC Port Settings To view JWAC port settings for the Switch, click Security > JWAC > JWAC Port Settings. Figure 9- 48. JWAC Port Settings window To set the JWAC on individual ports for the Switch, complete the following fields:…
Page 186: Jwac User Account

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual JWAC User Account To view JWAC user settings for the Switch, go to the Security > JWAC > JWAC User Account Figure 9- 49. JWAC User Settings window…
Page 187
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 50. NetBIOS Filtering Settings window…
Page 188: Acl

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 10 ACL Configuration Wizard Access Profile List CPU Access Profile List ACL Finder ACL Flow Meter Access profiles allow you to establish criteria to determine whether or not the Switch will forward packets based on the information contained in each packet’s header.
Page 189: Access Profile List

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual From Use the drop-down menu to select from MAC Address, IPv4 Address or IPv6. Use the drop-down menu to select from MAC Address, IPv4 Address or IPv6. When IPv6 is selected the user can only enter the IPv6 source address or the IPv6 destination address at any one time.
Page 190
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 3. Add Access Profile (Ethernet) If creating an Ethernet ACL enter the Profile ID and Profile Name and click Select the following window will appear.
Page 191
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 4. Add Ethernet ACL Profile window Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create.
Page 192
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1p Selecting this option instructs the Switch to examine the 802.1p priority value of each packet header and use this as the, or part of the criterion for forwarding.
Page 193
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 7. Access Profile Ethernet To set the Access Rule for Ethernet, adjust the following parameters and click Apply. Parameter Description Access ID (1-128) Type in a unique identifier number for this access. This value can be set from 1 to 128.
Page 194
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Precedence header. VLAN Name Allows the entry of a name for a previously configured VLAN. 802.1p (0-7) Enter a value from 0 to 7 to specify that the access profile will apply only to packets with this 802.1p priority value.
Page 195
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 10. Add IPv4 ACL Profile Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create.
Page 196
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual (IGMP) field in each frame’s header. Select Type to further specify that the access profile will apply an IGMP type value Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion.
Page 197
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 12. Access Profile Details (IPv4) To return to the Access Profile List click Show All Profiles, to add a rule to a previously configured entry click on the corresponding Add/View Rules, which will reveal the following window.
Page 198
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch. Replace Priority Enter a replace priority manually if you want to re-write the 802.1p default priority of a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue.
Page 199
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 16. Add IPv6 ACL Profile Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create.
Page 200
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 17. Access Profile List (IPv6) To view the configurations for previously configured entry click on the corresponding Show Details Button which will display the following window.
Page 201
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 19. Access Profile (IPv6) The following parameters may be configured for the IP (IPv4) filter. Parameter Description Access ID (1-128) Type in a unique identifier number for this access. This value can be set from 1 to 128.
Page 202
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Precedence bits field in IPv4. Rx Rate (1-15624) Use this to limit Rx bandwidth for the profile being configured. This rate is implemented using the following equation: 1 value = 64kbit/sec. (ex. If the user selects an Rx rate of 10 then the ingress rate is 640kbit/sec.) The user many select a value between 1 and 15624 or…
Page 203
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 22. Add Packet Content ACL Profile Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create.
Page 204
With this advanced unique Packet Content Mask (also known as Packet Content Access Control List — ACL), the D-Link xStack switch family can effectively mitigate some network attacks like the common ARP Spoofing attack that is wide spread today. This is why the Packet Content ACL is able to inspect any specified content of a packet in different protocol layers.
Page 205
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 2 . Access Profile (Packet Content) The following parameters may be configured for the Packet Content filter. Parameter Description Access ID (1-128) Type in a unique identifier number for this access. This value can be set from 1 to 128.
Page 206: Cpu Interface Filtering

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual tick the No Limit check box. The default setting is No Limit. Tick the check box and enter the name of the Time Range settings that has been previously Time Range Name configured in the Time Range Settings window.
Page 207: Cpu Access Profile List

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual CPU Access Profile List In the following window, the user may globally enable or disable the CPU Interface Filtering State mechanism by using the radio buttons to change the running state.
Page 208
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 2 . Add CPU ACL Profile window for Ethernet Parameter Description Select Profile ID Use the drop-down menu to select a unique identifier number for this profile set. This value can (1-5) be set from 1 to 5.
Page 209
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 3 . CPU Access Profile Detail Information window for Ethernet The window shown below is the Add CPU ACL Profile window for IP (IPv4). Figure 10- 31. Add CPU ACL Profile window for IP (IPv4) The following parameters may be configured for the IP (IPv4) filter.
Page 210
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Source IP Mask Enter an IP address mask for the source IP address. Destination IP Mask Enter an IP address mask for the destination IP address. Selecting this option instructs the Switch to examine the protocol type value in each frame’s Protocol header.
Page 211
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 33. Add CPU ACL Profile window for IPv6 The following parameters may be configured for the IPv6 filter. Parameter Description Select Profile ID Use the drop-down menu to select a unique identifier number for this profile set. This value can be set from 1 to 5.
Page 212
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Click Apply to set this entry in the Switch’s memory. To view the settings of a previously correctly created profile, click the corresponding Show Details button on the CPU Access Profile List window to view the following window: Figure 10- 3 .
Page 213
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified: • 0-15 — Enter a value in hex form to mask the packet from the beginning of the packet to the 15th byte.
Page 214
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 3 . Add Access Rule window for Ethernet To set the Access Rule for Ethernet, adjust the following parameters and click Apply. Parameter Description Access ID (1-100) Type in a unique identifier number for this access.
Page 215
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To establish the rule for a previously created CPU Access Profile: To configure the Access Rules for IP, open the CPU Access Profile List window and click Add/View Rules for an IP entry.
Page 216
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To view the settings of a previously correctly configured rule, click the corresponding Show Details button on the CPU Access Rule List window to view the following window: Figure 10- 42.
Page 217
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To set the Access Rule for IPv6, adjust the following parameters and click Apply. Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100.
Page 218
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 47. Add Access Rule window for Packet Content To set the Access Rule for Packet Content, adjust the following parameters and click Apply. Parameter Description Access ID (1-100) Type in a unique identifier number for this access.
Page 219: Acl Finder

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 48. CPU Access Rule Detail Information window for Packet Content ACL Finder This window is used to help find a previously configured ACL entry. To search for an entry, enter the profile ID from the drop down menu, select a port that you wish to view, define the state and click Find, the table on the lower half of the screen will display the entries.
Page 220
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 5 . ACL Flow Meter — Add window The following fields may be configured: Parameter Description Use the drop down menu to select the pre-configured Profile ID that will be used to configure the Profile ID Flow Metering parameters.
Page 221
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Action Conform – Specifies the action when the packet is in “green color” mode. • Permit – Permits the packet. • Replace dscp – Change the dscp of the packet Exceed –…
Page 222: Monitoring

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 11 Monitoring Device Status CPU Utilization Port Utilization Packet Size Packets Errors Port Access Control Browse ARP Table Browse VLAN Show VLAN Ports Browse Router Port Browse MLD Router Port…
Page 223: Port Utilization

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 2. CPU Utilization window To view the CPU utilization by port, use the real-time graphic of the Switch and/or switch stack at the top of the web page by simply clicking on a port.
Page 224: Packet Size

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 3. Port Utilization window To select a port to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
Page 225
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 4. Packet Size window To view the Packet Size Table window, click the link View Table, which will show the following table: Figure 11- 5. Packet Size Table window…
Page 226: Packets

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets). The total number of packets (including bad packets) received that were between 65 and 65-127 127 octets in length inclusive (excluding framing bits but including FCS octets).
Page 227
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 6. Received (RX) window (for Bytes and Packets) To view the Received (RX) Table window, click View Table. Figure 11- 7. Received (RX) Table window (for Bytes and Packets)
Page 228
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual value is one second. Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200. Bytes Counts the number of bytes received on the port.
Page 229: Umb_Cast (Rx)

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual UMB_cast (RX) This table displays the UMB_cast RX Packets on the Switch. To select a port to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
Page 230: Transmitted (Tx)

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following fields may be set or viewed: Parameter Description Port Use the drop-down menu to choose the port that will display statistics. Select the desired setting between 1s and 60s, where «s» stands for seconds. The default Time Interval value is one second.
Page 231
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To view the Transmitted (TX) Table window, click the link View Table. Figure 11- 1 . Transmitted (TX) Table window (for Bytes and Packets) The following fields may be set or viewed:…
Page 232: Errors

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Errors The Web Manager allows port error statistics compiled by the Switch’s management agent to be viewed as either a line graph or a table. Four windows are offered.
Page 233
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 1 . Received (RX) Table window (for errors) The following fields can be set: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 234: Transmitted (Tx)

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual View Table Clicking this button instructs the Switch to display a table rather than a line graph. View Graphic Clicking this button instructs the Switch to display a line graph rather than a table.
Page 235: Port Access Control

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 1 . Transmitted (TX) Table window (for errors) The following fields may be set or viewed: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 236
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 1 . RADIUS Authentication window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds.
Page 237: Radius Account Client

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Signature attributes received from this server. PendingRequests The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. This variable is incremented when an Access- Request is sent and decremented due to receipt of an Access-Accept, Access-Reject or Access-Challenge, a timeout or retransmission.
Page 238
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual shares a secret. ServerPortNumber The UDP port the client is using to send requests to this server. ClientRoundTripTime The time interval between the most recent Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server.
Page 239: Authenticator State

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Authenticator State The following section describes the 802.1X Status on the Switch. To view the Authenticator State, click Monitoring > Port Access Control > Authenticator State. Figure 11- 18. Authenticator State window (for MAC-based 802.1X)
Page 240: Authenticator Statistics

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 1 . Authenticator State window (for Port-based 802.1X) This window displays the Authenticator State for individual ports on a selected device. A polling interval between 1s and 60s seconds can be set using the drop-down menu at the top of the window and clicking OK.
Page 241
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 20. Authenticator Statistics window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is one second.
Page 242: Authenticator Session Statistics

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Authenticator Session Statistics This window contains the session statistics objects for the Authenticator PAE associated with each port. An entry appears in this table for each port that supports the Authenticator function.
Page 243: Authenticator Diagnostics

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual System. Time The duration of the session in seconds. Terminate Cause The reason for the session termination. There are eight possible reasons for termination. 1) Supplicant Logoff 2) Port Failure…
Page 244
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following fields can be viewed: Parameter Description Port The identification number assigned to the Port by the System in which the Port resides. Connect Enter Counts the number of times that the state machine transitions to the CONNECTING state from any other state.
Page 245: Browse Arp Table

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Bac Auth Success Counts the number of times that the state machine receives an Accept message from the Authentication Server (i.e., aSuccess becomes TRUE, causing a transition from RESPONSE to SUCCESS).
Page 246: Show Vlan Ports

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Show VLAN Ports This window allows the VLAN status for each of the Switch’s ports to be viewed by VLAN. Enter a VID (VLAN ID) in the field at the top of the window and click the Find button.
Page 247: Browse Session Table

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Browse Session Table This window displays the management sessions since the Switch was last rebooted. To view the Browse Session Table window, click Monitoring > Browse Session Table.
Page 248: Mld Snooping Group

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MLD Snooping Group The following window allows the user to view MLD Snooping Groups present on the Switch. MLD Snooping is an IPv6 function comparable to IGMP Snooping for IPv4. The user may browse this table by VLAN Name present in the Switch by entering that VLAN Name in the empty field shown below, and clicking the Find button.
Page 249: Mac Address Table

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MAC Address Table This allows the Switch’s dynamic MAC address forwarding table to be viewed. When the Switch learns an association between a MAC address and a port number, it makes an entry into its forwarding table. These entries are then used to forward packets through the Switch.
Page 250
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 3 . System Log window The Switch can record event information in its own logs, to designated SNMP trap receiving stations, and to the PC connected to the console manager. Click Next to go to the next page of the System Log window. Clicking Clear will allow the user to clear the Switch History Log.
Page 251: Save Services And Tools

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 12 Save Services and Tools Save Configuration ID 1 Save Configuration ID 2 Save Log Save All Configuration File Backup & Restore Upload Log File Reset Download Firmware Reboot System The four Save windows include: Save Configuration 1, Save Configuration 2, Save Log, and Save All.
Page 252: Save Configuration Id 2

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Save Configuration ID 2 Open the Save drop-down menu at the top of the Web manager and click Save Configuration ID 2 to open the following window: Figure 12- 2. Save Configuration ID 2 window…
Page 253: Configuration File Backup & Restore

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Configuration File Backup & Restore The Switch supports dual image storage for configuration file backup and restoration. The firmware and configuration images are indexed by ID number 1 or 2. To change the boot firmware image, use the Configuration ID drop-down menu to select the desired configuration file to backup or restore.
Page 254: Download Firmware

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Download Firmware The following window is used to download firmware for the Switch. Figure 12- 8. Download Firmware window Enter the Server IP address in the first field and and specify the path/file name of the firmware in the second field.
Page 255: Technical Specifications

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Appendix A Technical Specifications General IEEE 802.3 10BASE-T Ethernet Protocols IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.3z Gibabit Ethernet. (SFP “Mini GBIC”) IEEE 802.1D Spanning Tree IEEE 802.1D/S/W Spanning Tree…
Page 256
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Physical and Environmental Input: Internal Power Supply 100~240V, AC/1.5A, 50~60Hz Output: 12V, 5A (Max) Power Consumption Max. 20.5 watts Operating Temperature 0 — 45°C Storage Temperature -40 — 70°C Humidity Operation Relative Humidity: 20 — 80% non-condensing.
Page 257
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual When there is reception or transmission Blinking Amber (i.e. Activity—Act) of data occurring at an Ethernet connected port. Light off No link When there is a secure 1000Mbps Solid Green connection (or link) at any of the ports.
Page 258
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Feature Detailed Description DCE RS-232 DB-9 for out-of-band configuration of the software features. Console Port Compliant to following standards: • IEEE 802.3 compliance • IEEE 802.3u compliance 24 x 10/100BaseT ports •…
Page 259
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 1000BASE-T ports compliant to following standards: • IEEE 802.3 compliance • IEEE 802.3u compliance 2 1000BASE-T ports in the rear • IEEE 802.3ab compliance panel • Support Full-Duplex operations •…
Page 260: Mitigating Arp Spoofing Attacks Using Packet Content Acl

IP address is known. This protocol is vulnerable because it can spoof the IP and MAC information in the ARP packets to attack a LAN (known as ARP spoofing). This document is intended to introduce ARP protocol, ARP spoofing attacks, and the counter measure brought by D-Link’s switches to counter the ARP spoofing attack. •…
Page 261
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Destination Source address Ether-type address FF-FF-FF-FF-FF-FF 00-20-5C-01-11-11 Table-2 (Ethernet frame format) When the switch receives the frame, it will check the “Source Address” in the Ethernet frame’s header. If the address is not in its Forwarding Table, the switch will learn PC A’s MAC and the associated port into its Forwarding Table.
Page 262
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure-3 When PC B replies to the ARP request, its MAC address will be written into “Target H/W Address” in the ARP payload shown in Table-3. The ARP reply will be then encapsulated into the Ethernet frame again and sent back to the sender.
Page 263
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual How ARP spoofing attacks a network ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network which may allow an attacker to sniff data frames on a LAN, modify the traffic, or stop the traffic altogether (known as a Denial of Service — DoS attack).
Page 264
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Gratuitous ARP Ethernet Header Destination Source Ethernet H/W type Protocol Protocol Operation Sender H/W Sender Target H/W Target address address type type address address address protocol address protocol…
Page 265
2. The switch will deny all other ARP packets which claim they are from the gateway’s IP. The design of Packet Content ACL on DES-3528 series enables users to inspect any offset_chunk. An offset_chunk is a 4-byte block in a HEX format which is utilized to match the individual field in an Ethernet frame. Each profile is allowed to contain up to a maximum of 4 offset_chunks.
Page 266
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Chunk Chunk0 Chunk1 Chunk2 Chunk3 Chunk4 Chunk5 Chunk6 Chunk7 Chunk8 Chunk9…
Page 267
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual…
Page 268: System Log Entries

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Appendix C System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch. Event Category…
Page 269
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Log message upload Log message upload by console was Warning was unsuccessful unsuccessful! (Username: <username>) Interface Port link up Port <unitID:portNum> link up, <link state> Informational Port link down Port <unitID:portNum>…
Page 270
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual BPDU Loop Back on BPDU Loop Back on Port <unitID:portNum> Warning port Spanning Tree Spanning Tree Protocol is enabled Informational Protocol is enabled Spanning Tree Spanning Tree Protocol is disabled…
Page 271
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Successful login Successful login through Telnet from <userIP> Informational through Telnet authenticated by AAA local method (Username: authenticated by AAA <username>, MAC: <macaddr>) local method Login failed through Login failed through Telnet from <userIP>…
Page 272
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Successful login Successful login through Web(SSL) from Informational through Web(SSL) <userIP> authenticated by AAA server authenticated by AAA <serverIP> (Username: <username>, MAC: server <macaddr>) Login failed through Login failed through Web(SSL) from <userIP>…
Page 273
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Enable Admin failed Enable Admin failed through Telnet from Warning through Telnet <userIP> authenticated by AAA local_enable authenticated by AAA method (Username: <username>, MAC: local_enable method <macaddr>) Successful Enable…
Page 274
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Enable Admin failed Enable Admin failed through Telnet from Warning through Telnet <userIP> authenticated by AAA server authenticated by AAA <serverIP> (Username: <username>, MAC: server <macaddr>) Successful Enable…
Page 275
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual user due to AAA configuration (Username: <username>,MAC: server timeout or <mac>) improper configuration. Login failed through Login failed through SSH from <userIP> due to Warning SSH from user due to…
Page 276
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual IP-MAC- Unauthenticated ip Unauthenticated IP-MAC address and Warning PORT address and discard discarded by ip mac port binding (IP: <ipaddr>, Binding by ip mac port binding MAC: <macaddr>, Port <portNum>)
Page 277: Cable Lengths

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Appendix D Cable Lengths Use the following table to as a guide for the maximum cable lengths. Standard Media Type Maximum Distance 1000BASE-LX, Single-mode fiber module 10km 1000BASE-SX, Multi-mode fiber module…
Page 278: Glossary

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Appendix E Glossary 1000BASE-SX: A short laser wavelength on multimode fiber optic cable for a maximum length of 2000 meters 1000BASE-LX: A long wavelength for a «long haul» fiber optic cable for a maximum length of 10 kilometers 1000BASE-T: 1000Mbps Ethernet implementation over Category 5E cable.
Page 279
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual half duplex: A system that allows packets to be transmitted and received, but not at the same time. Contrast with full duplex. IP address: Internet Protocol address. A unique identifier for a device attached to a network using TCP/IP. The address is written as four octets separated with full-stops (periods), and is made up of a network section, an optional subnet section and a host section.
Page 280
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual UDP — User Datagram Protocol: An Internet standard protocol that allows an application program on one device to send a datagram to an application program on another device.
Page 281
The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D-Link to confirm the same, along with proof of purchase of the product (such as a copy of the dated purchase invoice for the product) if the product is not registered.
Page 282
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual charges shall be prepaid by D-Link if you use an address in the United States, otherwise we will ship the product to you freight collect. Expedited shipping is available upon request and provided shipping charges are prepaid by the customer.
Page 283: Product Registration

DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Product Registration Register your D-Link product online at http://support.dlink.com/register/ Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights.
Page 284
Warranty terms for D-LINK xStack products: All D-Link xStack products* are supplied with a 5 year warranty as standard. To enable the Limited Lifetime Warranty on this product you must register the product, within the first three months of purchase**, on the following website: http://www.dlink.biz/productregistration/…
Page 285
To the extent allowed by local law, the remedies in this warranty statement are customer’s sole and exclusive remedies. Except as indicated above, in no event will D-Link or its suppliers be liable for loss of data or for indirect, special, incidental, consequential (including lost profit or data), or other damage, whether based in a contract, tort, or otherwise.
Page 286: Limited Warranty

Such repair or replacement will be rendered by D-Link at an Authorized D-Link Service Office. The replacement Hardware need not be new or of an identical make, model or part; D-Link may in its discretion may replace the defective Hardware (or any part thereof) with any reconditioned product that D-Link reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware.
Page 287
Registration Card. The Registration Card provided at the back of this manual must be completed and returned to an Authorized D-Link Service Office for each D-Link product within ninety (90) days after the product is purchased and/or licensed. The addresses/telephone/fax list of the nearest Authorized D-Link Service Office is provided in the back of this manual.
Page 288: Copyright Statement

RELATING TO WARRANTY SERVICE, OR ARISING OUT OF ANY BREACH OF THIS LIMITED WARRANTY, EVEN IF D-LINK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE SOLE REMEDY FOR A BREACH OF THE FOREGOING LIMITED WARRANTY IS REPAIR, REPLACEMENT OR REFUND OF THE DEFECTIVE OR NON-CONFORMING PRODUCT.
Page 289: Tech Support

Tech Support Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers within the United States and within Canada for the duration of the service period, and warranty confirmation service, during the warranty period on this product.
Page 290
Technical Support You can find software updates and user documentation on the D-Link websites. If you require product support, we encourage you to browse our FAQ section on the Web Site before contacting the Support line. We have many FAQ’s which we hope will provide you a speedy resolution for your problem.
Page 291
Technische Unterstützung Aktualisierte Versionen von Software und Benutzerhandbuch finden Sie auf der Website von D-Link. D-Link bietet kostenfreie technische Unterstützung für Kunden innerhalb Deutschlands, Österreichs, der Schweiz und Osteuropas. Unsere Kunden können technische Unterstützung über unsere Website, per E-Mail oder telefonisch anfordern.
Page 292: Assistance Technique

Vous trouverez la documentation et les logiciels les plus récents sur le site web D-Link. Vous pouvez contacter le service technique de D-Link par notre site internet ou par téléphone. Assistance technique D-Link par téléphone: 0 820 0803 03 0,12 €/min…
Page 293
Puede encontrar las últimas versiones de software así como documentación técnica en el sitio web de D-Link. D-Link ofrece asistencia técnica gratuita para clientes residentes en España durante el periodo de garantía del producto. Asistencia Técnica de D-Link por teléfono: +34 902 30 45 45 0,067 €/min…
Page 294
Supporto tecnico Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D-Link. Supporto Tecnico dal lunedì al venerdì dalle ore 9.00 alle ore 19.00 con orario continuato Telefono: 199400057 Web: http://www.dlink.it/support…
Page 295
Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers within Benelux for the duration of the warranty period on this product. Benelux customers can contact D-Link technical support through our website, or by phone.
Page 296: Pomoc Techniczna

Pomoc techniczna Najnowsze wersje oprogramowania i dokumentacji użytkownika można znaleźć w serwisie internetowym firmy D-Link. D-Link zapewnia bezpłatną pomoc techniczną klientom w Polsce w okresie gwarancyjnym produktu. Klienci z Polski mogą się kontaktować z działem pomocy technicznej firmy D-Link za pośrednictwem Internetu lub telefonicznie.
Page 297
Technická podpora Aktualizované verze software a uživatelských příruček najdete na webové stránce firmy D-Link. D-Link poskytuje svým zákazníkům bezplatnou technickou podporu Zákazníci mohou kontaktovat oddělení technické podpory přes webové stránky, mailem nebo telefonicky Telefon: 225 281 553 Land Line 1,78 CZK/min — Mobile 5.40 CZK/min Telefonická…
Page 298
Technikai Támogatás Meghajtó programokat és frissítéseket a D-Link Magyarország weblapjáról tölthet le. Tel: 06 1 461-3001 Fax: 06 1 461-3004 Land Line 14,99 HUG/min — Mobile 49.99,HUF/min Web: http://www.dlink.hu E-mail: support@dlink.hu…
Page 299
Teknisk Support Du kan finne programvare oppdateringer og bruker dokumentasjon på D-Links web sider. D-Link tilbyr sine kunder gratis teknisk support under produktets garantitid. Kunder kan kontakte D-Links teknisk support via våre hjemmesider, eller på tlf. D-Link Teknisk telefon Support:…
Page 300
Teknisk Support Du finder software opdateringer og bruger- dokumentation på D-Link’s hjemmeside. D-Link tilbyder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode. Danske kunder kan kontakte D-Link’s tekniske support via vores hjemmeside eller telefonisk. D-Link teknisk support over telefonen: Tlf.
Page 301
Teknistä tukea asiakkaille Suomessa D-Link tarjoaa teknistä tukea asiakkailleen. Tuotteen takuun voimassaoloajan. Tekninen tuki palvelee seuraavasti: numerosta : 0800-114 677 Arkisin klo. 9 — 21 Internetin kautta: Web: http://www.dlink.fi…
Page 302
Teknisk Support På vår hemsida kan du hitta mer information om mjukvaru uppdateringar och annan användarinformation. D-Link tillhandahåller teknisk support till kunder i Sverige under hela garantitiden för denna produkt. D-Link Teknisk Support via telefon: 0770-33 00 35 Vardagar 08.00-20.00 D-Link Teknisk Support via Internet: Web: http://www.dlink.se…
Page 303
Você pode encontrar atualizações de software e documentação de utilizador no site de D-Link Portugal http://www.dlink.pt. A D-Link fornece suporte técnico gratuito para clientes no Portugal durante o período de vigência de garantia deste produto. Assistência Técnica da D-Link na Internet: Web: http://www.dlink.pt…
Page 304
Τεχνική Υποστήριξη Μπορείτε να βρείτε software updates και πληροφορίες για τη χρήση των προϊόντων στις ιστοσελίδες της D-Link Η D-Link προσφέρει στους πελάτες της δωρεάν υποστήριξη στον Ελλαδικό χώρο Μπορείτε να επικοινωνείτε µε το τµήµα τεχνικής υποστήριξης µέσω της ιστοσελίδας ή µέσω τηλεφώνου…
Page 305
Tehnička podrška Hvala vam na odabiru D-Link proizvoda. Za dodatne informacije, podršku i upute za korištenje uređaja, molimo vas da posjetite D-Link internetsku stranicu na www.dlink.eu Web: www.dlink.biz/hr…
Page 306
Tehnična podpora Zahvaljujemo se vam, ker ste izbrali D-Link proizvod. Za vse nadaljnje informacije, podporo ter navodila za uporabo prosimo obiščite D-Link — ovo spletno stran www.dlink.eu Web: www.dlink.biz/sl…
Page 307
Suport tehnica Vă mulţumim pentru alegerea produselor D-Link. Pentru mai multe informaţii, suport şi manuale ale produselor vă rugăm să vizitaţi site-ul D- Link www.dlink.eu Web: www.dlink.ro…
Page 308
Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers in Australia: Tel: 1300-766-868 Monday to Friday 8:00am to 8:00pm EST Saturday 9:00am to 1:00pm EST http://www.dlink.com.au e-mail: support@dlink.com.au India: Tel: 1800-222-002 Monday to Friday 9:30AM to 7:00PM http://www.dlink.co.in/support/productsupport.aspx…
Page 309
Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers in Egypt: Tel: +202-2919035 or +202-2919047 Sunday to Thursday 9:00am to 5:00pm http://support.dlink-me.com e-mail: amostafa@dlink-me.com Iran: Tel: +98-21-88822613 Sunday to Thursday 9:00am to 6:00pm http://support.dlink-me.com…
Page 310
Техническая поддержка Обновления программного обеспечения и документация доступны на Интернет-сайте D-Link. D-Link предоставляет бесплатную поддержку для клиентов в течение гарантийного срока. Клиенты могут обратиться в группу технической поддержки D-Link по телефону или через Интернет. Техническая поддержка D-Link: +495-744-00-99 Техническая поддержка через Интернет…
Page 311
El servicio de soporte técnico tiene presencia en numerosos países de la Región Latino América, y presta asistencia gratuita a todos los clientes de D-Link, en forma telefónica e internet, a través de la casilla soporte@dlinkla.com Soporte Técnico Help Desk Argentina: Teléfono: 0800-12235465 Lunes a Viernes 09:00 am a 22:00 pm…
Page 312
Você pode encontrar atualizações de software e documentação de usuário no site da D-Link Brasil www.dlinkbrasil.com.br. A D-Link fornece suporte técnico gratuito para clientes no Brasil durante o período de vigência da garantia deste produto. Suporte Técnico para clientes no Brasil: Telefone São Paulo +11-2185-9301…
Page 313
D-Link 友訊科技台灣分公司技術支援資訊如果您還有任何本使用手冊無法協助您解決的產品相關問題，台灣地區用戶可以透過我們的網站、電子郵件或電話等方式與 D-Link台灣地區技術支援工程師聯絡。 D-Link 免付費技術諮詢專線 0800-002-615 服務時間：週一至週五，早上8:30 到晚上9:00 (不含周六、日及國定假日) 網站：http://www.dlink.com.tw 電子郵件：dssqa_service@dlink.com.tw 如果您是台灣地區以外的用戶，請參考D-Link網站全球各地分公司的聯絡資訊以取得相關支援服務。產品保固期限、台灣區維修據點查詢，請參考以下網頁說明： http://www.dlink.com.tw 產品維修：使用者可直接送至全省聯強直營維修站或請洽您的原購買經銷商。…
Page 314
Dukungan Teknis Update perangkat lunak dan dokumentasi pengguna dapat diperoleh pada situs web D-Link. Dukungan Teknis untuk pelanggan: Dukungan Teknis D-Link melalui telepon: Tel: +62-21-5731610 Dukungan Teknis D-Link melalui Internet: Email : support@dlink.co.id Website : http://support.dlink.co.id…
Page 315
技术支持您可以在 D-Link 的官方網站找到產品的軟件升級和使用手冊办公地址：北京市东城区北三环东路 36 号环球贸易中心 B 座 26F 02-05 室邮编: 100013 技术支持中心电话：8008296688/ (028)66052968 技术支持中心传真：(028)85176948 维修中心地址：北京市东城区北三环东路 36 号环球贸易中心 B 座 26F 02-05 室邮编: 100013 维修中心电话：(010) 58257789 维修中心传真：(010) 58257790 网址：http://www.dlink.com.cn 办公时间：周一到周五，早09:00到晚18:00…
Page 316: International Offices

FAX: +46 (0)8 564 619 01 Israel Europe (U. K.) URL: www.dlink.gr URL: www.dlink.se TEL: +972-9-9715700 D-Link (Europe) Ltd FAX: +972-9-9715601 D-Link House, Abbey Road Hungary Switzerland URL: www.dlink.co.il Park Royal, London NW10 7BX Rákóczi út 70-72 Glatt Tower, 2.OG United Kingdom…
Page 317: Registration Card

8. What category best describes your company? Aerospace Engineering Education Finance Hospital Legal Insurance/Real Estate Manufacturing Retail/Chainstore/Wholesale Government Transportation/Utilities/Communication System house/company Other________________________________ 9. Would you recommend your D-Link product to a friend? Don’t know yet 10. Your comments on this product?_________________________________________________________…

Источник

CLI Reference Guide

Product Model: xStack® DES-3528/DES-3552 Series

Layer 2 Managed Stackable Fast Ethernet Switch

Release 2.60

Table of Contents
INTRODUCTION ………………………………………………………………………………………………………….	5
USING THE CONSOLE CLI …………………………………………………………………………………………..	7
COMMAND SYNTAX ………………………………………………………………………………………………….	10
BASIC SWITCH COMMANDS ……………………………………………………………………………………..	12
MODIFY BANNER AND PROMPT COMMANDS ……………………………………………………………	24
SWITCH PORT COMMANDS ………………………………………………………………………………………	27
PORT SECURITY COMMANDS …………………………………………………………………………………..	31
STACKING COMMANDS…………………………………………………………………………………………….	36
NETWORK MANAGEMENT (SNMP) COMMANDS ………………………………………………………..	40
SWITCH UTILITY COMMANDS……………………………………………………………………………………	57
NETWORK MONITORING COMMANDS……………………………………………………………………….	63
MULTIPLE SPANNING TREE PROTOCOL (MSTP) COMMANDS……………………………………	76
FORWARDING DATABASE COMMANDS…………………………………………………………………….	87
TRAFFIC CONTROL COMMANDS ………………………………………………………………………………	93
QOS COMMANDS ……………………………………………………………………………………………………..	97
PORT MIRRORING COMMANDS……………………………………………………………………………….	107
VLAN COMMANDS…………………………………………………………………………………………………..	110
VOICE VLAN COMMANDS………………………………………………………………………………………..	124
SUBNET-BASED VLAN COMMANDS ………………………………………………………………………..	130
ASYMMETRIC VLAN COMMANDS…………………………………………………………………………….	133
LINK AGGREGATION COMMANDS …………………………………………………………………………..	135
IP–MAC-PORT BINDING (IMPB) COMMANDS ……………………………………………………………	139
LIMITED IP MULTICAST ADDRESS …………………………………………………………………………..	155
BASIC IP COMMANDS……………………………………………………………………………………………..	160
MULTICAST VLAN COMMANDS ……………………………………………………………………………….	165
IGMP / MLD SNOOPING COMMANDS ……………………………………………………………………….	179
DHCP RELAY COMMANDS ………………………………………………………………………………………	208
802.1X COMMANDS (INCLUDING GUEST VLANS) …………………………………………………….	221
ACCESS CONTROL LIST (ACL) COMMANDS ……………………………………………………………	238
SAFEGUARD ENGINE COMMANDS ………………………………………………………………………….	258
FILTER COMMANDS (DHCP SERVER / NETBIOS)……………………………………………………..	260
LAYER 3 CPU FILTER COMMANDS ………………………………………………………………………….	265
LOOP-BACK DETECTION COMMANDS …………………………………………………………………….	267
ii

TRAFFIC SEGMENTATION COMMANDS …………………………………………………………………..	271
SFLOW COMMANDS………………………………………………………………………………………………..	273
TIME AND SNTP COMMANDS…………………………………………………………………………………..	281
ARP AND GRATUITOUS ARP COMMANDS ……………………………………………………………….	286
ROUTING TABLE COMMANDS …………………………………………………………………………………	292
MAC NOTIFICATION COMMANDS…………………………………………………………………………….	294
ACCESS AUTHENTICATION CONTROL COMMANDS ………………………………………………..	297
SECURE SHELL (SSH) COMMANDS …………………………………………………………………………	315
SECURE SOCKETS LAYER (SSL) COMMANDS…………………………………………………………	321
D-LINK SINGLE IP MANAGEMENT COMMANDS………………………………………………………..	326
JWAC COMMANDS………………………………………………………………………………………………….	335
LINK LAYER DISCOVERY PROTOCOL (LLDP) COMMANDS ………………………………………	350
Q-IN-Q COMMANDS…………………………………………………………………………………………………	363
RSPAN COMMANDS………………………………………………………………………………………………..	369
STATIC MAC-BASED VLAN COMMANDS ………………………………………………………………….	373
SIMPLE RED COMMANDS………………………………………………………………………………………..	375
MAC-BASED ACCESS CONTROL COMMANDS LIST …………………………………………………	382
WEB-BASED ACCESS CONTROL COMMANDS…………………………………………………………	392
POWER OVER ETHERNET (POE) COMMANDS………………………………………………………….	400
PPPOE CIRCUIT ID INSERTION COMMANDS…………………………………………………………….	404
DNS RELAY COMMANDS…………………………………………………………………………………………	405
POLICY ROUTE COMMANDS……………………………………………………………………………………	407
BPDU ATTACK PROTECTION COMMANDS ………………………………………………………………	409
ETHERNET OAM COMMANDS………………………………………………………………………………….	413
DHCP SERVER COMMANDS…………………………………………………………………………………….	422
CABLE DIAGNOSTICS COMMANDS …………………………………………………………………………	434
CONNECTIVITY FAULT MANAGEMENT COMMANDS ………………………………………………..	435
COMMAND HISTORY LIST ……………………………………………………………………………………….	451
ARP SPOOFING PREVENTION COMMANDS……………………………………………………………..	453
AUTO-CONFIGURATION COMMANDS ………………………………………………………………………	455
COMPOUND AUTHENTICATION COMMANDS …………………………………………………………..	458
DEBUG SOFTWARE COMMANDS …………………………………………………………………………….	464
DHCPV6 CLIENT COMMANDS ………………………………………………………………………………….	469
DHCPV6 RELAY COMMANDS…………………………………………………………………………………..	471
iii

D-LINK UNIDIRECTIONAL LINK DETECTION (DULD) COMMANDS……………………………..	476
ETHERNET RING PROTECTION SWITCHING (ERPS) COMMANDS …………………………….	478
IPV6 NEIGHBOR DISCOVER COMMANDS…………………………………………………………………	487
IPV6 ROUTE COMMANDS ………………………………………………………………………………………..	491
LAYER 2 PROTOCOL TUNNELING (L2PT) COMMANDS …………………………………………….	493
LOCAL ROUTE COMMANDS…………………………………………………………………………………….	496
MSTP DEBUG ENHANCEMENT COMMANDS…………………………………………………………….	498
PING COMMANDS……………………………………………………………………………………………………	502
SHOW TECHNICAL SUPPORT COMMANDS ……………………………………………………………..	504
TRACE ROUTE COMMANDS…………………………………………………………………………………….	507
VLAN COUNTER COMMANDS ………………………………………………………………………………….	509
APPENDIX A — PASSWORD RECOVERY PROCEDURE ………………………………………………	512
APPENDIX B — TECHNICAL SPECIFICATIONS …………………………………………………………..	513
APPENDIX C — MITIGATING ARP SPOOFING ATTACKS VIA PACKET CONTENT ACL …	516

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

INTRODUCTION

The Switch can be managed through the Switch’s serial port, Telnet, or the Web-based management agent. The Command Line Interface (CLI) can be used to configure and manage the Switch via the serial port or Telnet interfaces.

The DES-3528/DES-3552 Series Layer 2 stackable Fast Ethernet Switch Series are members of the D-Link xStack® family. Ranging from 10/100Mbps edge Switches to core gigabit Switches, the xStack Switch family has been futureproof designed to provide a stacking architecture with fault tolerance, flexibility, port density, robust security and maximum throughput with a user-friendly management interface for the networking professional.

This manual provides a reference for all of the commands contained in the CLI for the xStack® DES-3528, DES3528P, DES-3528DC, DES-3552 and DES-3552P series of Switches. Configuration and management of the Switch via the Web-based management agent is discussed in the User’s Guide.

NOTE: For the remainder of this manual, all versions of the DES-3528, DES-3528P, DES-3528DC, DES-3552 and DES-3552P Switches will be referred to as simply the Switch or the DES-3528/52 Series.

Accessing the Switch via the Serial Port

The Switch’s serial port’s default settings are as follows:

•115200 baud

•no parity

•8 data bits

•1 stop bit

A computer running a terminal emulation program capable of emulating a VT-100 terminal and a serial port configured as above are then connected to the Switch’s serial port via an RS-232 DB-9 cable.

With the serial port properly connected to a management computer, the following screen should be visible. If this screen does not appear, try pressing Ctrl+r to refresh the console screen.

DES-3528 Fast Ethernet Switch

Command Line Interface

Firmware: Build 2.60.017

UserName:

Figure 1-1. Initial CLI screen

There is no initial username or password. Just press the Enter key twice to display the CLI input cursor − DES3528:admin# . This is the command line where all commands are input.

Setting the Switch’s IP Address

Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IP address is 10.90.90.90. Users can change the default Switch IP address to meet the specification of your networking address scheme.

The Switch is also assigned a unique MAC address by the factory. This MAC address cannot be changed, and can be found on the initial boot console screen – shown below.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

Boot Procedure			V1.00.B008
——————————————————————————-
Power On Self	Test ………………………………….	100	%
MAC Address	: 00-22-B0-10-8A-00
H/W Version	: A2
Please wait, loading V2.60..017 Runtime image ………….	100	%
UART init ………………………………………….		100	%
Device Discovery ……………………………………	100	%
Configuration	init ………………………………….		\|

Figure 1-2. Boot screen

The Switch’s MAC address can also be found in the Web management program on the Switch Information (Basic Settings) window on the Configuration menu.

The IP address for the Switch must be set before it can be managed with the Web-based manager. The Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the Switch must be known.

The IP address may be set using the Command Line Interface (CLI) over the console serial port as follows:

1.Starting at the command line prompt, enter the commands config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy. Where the x’s represent the IP address to be assigned to the IP interface named System and the y’s represent the corresponding subnet mask.

2.Alternatively, users can enter config ipif System ipaddress xxx.xxx.xxx.xxx/z. Where the x’s represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation.

The IP interface named System on the Switch can be assigned an IP address and subnet mask which can then be used to connect a management station to the Switch’s Telnet or Web-based management agent.

DES-3528:admin# config ipif System ipaddress 10.24.73.21/8

Command: config ipif System ipaddress 10.24.73.21/8

Success.

DES-3528:admin#

Figure 1-3. Assigning an IP Address screen

In the above example, the Switch was assigned an IP address of 10.24.73.21 with a subnet mask of 255.0.0.0. The system message Success indicates that the command was executed successfully. The Switch can now be configured and managed via Telnet, SNMP MIB browser and the CLI or via the Web-based management agent using the above IP address to connect to the Switch.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

USING THE CONSOLE CLI

The DES-3528/52 Series supports a console management interface that allows the user to connect to the Switch’s management agent via a serial port and a terminal or a computer running a terminal emulation program. The console can also be used over the network using the TCP/IP Telnet protocol. The console program can be used to configure the Switch to use an SNMP-based network management software over the network.

This chapter describes how to use the console interface to access the Switch, change its settings, and monitor its operation.

NOTE: Switch configuration settings are saved to non-volatile RAM using the save command. The current configuration will then be retained in the Switch’s NV-RAM, and reloaded when the Switch is rebooted. If the Switch is rebooted without using the save command, the last configuration saved to NV-RAM will be loaded.

Connecting to the Switch

The console interface is used by connecting the Switch to a VT100-compatible terminal or a computer running an ordinary terminal emulator program (e.g., the HyperTerminal program included with the Windows operating system) using an RS-232C serial cable. Your terminal parameters will need to be set to:

•VT-100 compatible

•115200 baud

•8 data bits

•No parity

•One stop bit

•No flow control

Users can also access the same functions over a Telnet interface. Once users have set an IP address for your Switch, users can use a Telnet program (in VT-100 compatible terminal mode) to access and control the Switch. All of the screens are identical, whether accessed from the console port or from a Telnet interface.

After the Switch reboots and users have logged in, the console looks like this:

DES-3528 Fast Ethernet Switch

Command Line Interface

Firmware: Build 2.60.017

UserName:

Figure 2-1. Initial Console screen after logging in

Commands are entered at the command prompt, DES-3528:admin# ..

There are a number of helpful features included in the CLI. Entering the ? command will display a list of all of the toplevel commands.

cable_diag ports cfm linktrace cfm loopback clear

clear address_binding dhcp_snoop binding_entry ports clear address_binding nd_snoop binding_entry ports clear arptable

clear attack_log clear cfm pkt_cnt clear counters clear dhcp binding

clear dhcp conflict_ip clear ethernet_oam ports clear fdb

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

clear igmp_snooping data_driven_group clear igmp_snooping statistics counter clear jwac auth_state

clear log

clear mac_based_access_control auth_state clear mld_snooping data_driven_group

CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All

Figure 2-2. The ? Command

When users enter a command without its required parameters, the CLI will prompt users with a Next possible completions: message.

DES-3528:admin# config account

Command: config account

Next possible completions: <username>

DES-3528:admin#

Figure 2-3. Example Command Parameter Help

In this case, the command config account was entered with the parameter <username>. The CLI will then prompt users to enter the <username> with the message, Next possible completions:. Every command in the CLI has this feature, and complex commands have several layers of parameter prompting.

In addition, after typing any given command plus one space, users can see all of the next possible sub-commands, in sequential order, by repeatedly pressing the Tab key.

To re-enter the previous command at the command prompt, press the up arrow cursor key. The previous command will appear at the command prompt.

DES-3528:admin# config account

Command: config account Next possible completions: <username>

DES-3528:admin# config account Command: config account

Next possible completions: <username>

DES-3528:admin#

Figure 2-4. Using the Up Arrow to Re-enter a Command

In the above example, the command config account was entered without the required parameter <username>, the CLI returned the Next possible completions: <username> prompt. The up arrow cursor control key was pressed to re-enter the previous command (config account) at the command prompt. Now the appropriate username can be entered and the config account command re-executed.

All commands in the CLI function in this way. In addition, the syntax of the help prompts are the same as presented in

this manual − angle brackets < > indicate a numerical value or character string, braces { } indicate optional parameters or a choice of parameters, and brackets [ ] indicate required parameters.

If a command is entered that is unrecognized by the CLI, the top-level commands will be displayed under the

Available commands: prompt.

DES-3528:admin#the

Available commands:

..	?	cable_diag	cfm
clear	config	create	debug
delete	disable	download	enable
login	logout	no	ping
ping6	reboot	reconfig	reset
save	show	telnet	traceroute

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

traceroute6 upload

DES-3528:admin#

Figure 2-5. The Next Available Commands Prompt

The top-level commands consist of commands such as show or config. Most of these commands require one or more parameters to narrow the top-level command. This is equivalent to show what? or config what? Where the what? is the next parameter.

For example, if users enter the show command with no additional parameters, the CLI will then display all of the possible next parameters.

DES-3528:admin# show

Command: show

Next possible completions:	access_profile	account
802.1p	802.1x
accounting	acct_client	address_binding	asymmetric_vlan
arp_spoofing_prevention	arpentry
attack_log	auth_client	auth_diagnostics	authen
auth_session_statistics	auth_statistics
authen_enable	authen_login	authen_policy	authentication
authorization	autoconfig	bandwidth_control	bpdu_protection
cfm	command_history	config	cpu
cpu_filter	current_config	device_status	dhcp
dhcp_local_relay	dhcp_relay	dhcp_server	dhcpv6_relay
dnsr	dot1v_protocol_group	error	dscp
duld	erps	ethernet_oam
fdb	filter	firmware	flow_meter
gratuitous_arp	greeting_message	gvrp	hol_prevention
igmp_snooping	ipfdb	ipif	ipv6
ipif_ipv6_link_local_auto	iproute
ipv6route	jumbo_frame	jwac	l2protocol_tunnel
lacp_port	limited_multicast_addr	link_aggregation
lldp	local_route	log	log_save_timing
log_software_module		loopdetect
mac_based_access_control	mac_based_access_control_local
mac_based_vlan	mac_notification	max_mcast_group
mcast_filter_profile		mef_l2_protocols	mld_snooping
mef_vlan_preservation	mirror
multicast	multicast_fdb	packet	per_queue
poe	policy_route	port	port_security
port_security_entry	pvid	port_vlan	ports
pppoe	qinq	radius
rmon	router_ports	rspan	safeguard_engine
scheduling	scheduling_mechanism	sim	serial_port
session	sflow	snmp
sntp	sred	ssh	ssl
stack_device	stack_information	stacking_mode	stp
subnet_vlan	switch	syslog	system_severity
tech_support	terminal	time	time_range
traffic	traffic_segmentation	vlan	trap
trusted_host	utilization	vlan_counter
vlan_precedence	vlan_translation	vlan_trunk	voice_vlan
wac

DES-3528:admin#

Figure 2-6. Next possible completions: Show Command

In the above example, all of the possible next parameters for the show command are displayed. At the next command prompt, the up arrow was used to re-enter the show command, followed by the account parameter. The CLI then displays the user accounts configured on the Switch.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

COMMAND SYNTAX

The following symbols are used to describe how command entries are made and values and arguments are specified in this manual. The online help contained in the CLI and available through the console interface uses the same syntax.

NOTE: All commands are case-sensitive. Be sure to disable Caps Lock or any other unwanted function that changes text case.

Purpose	Encloses a variable or value that must be specified.

Syntax	config ipif <ipif_name 12> [{ipaddress <network_address> \| vlan <vlan_name 32> \|
	state [enable \| disable}] \| bootp \| dhcp]
Description	In the above syntax example, users must supply an IP interface name in the <ipif_name
	12> space, a VLAN name in the <vlan_name 32> space, and the network address in the
	<network_address> space. Do not type the angle brackets.

Example Command	config ipif Engineering ipaddress 10.24.22.5/255.0.0.0 vlan Design state enable

[square brackets]

Purpose	Encloses a required value or set of required arguments. One value or argument can be
	specified.

Syntax	create account [admin \| operator \| user] <username 15>

Description	In the above syntax example, users must specify either an admin or a user level account
	to be created. Do not type the square brackets.
Example Command	create account admin Tommy

| vertical bar

Purpose	Separates two or more mutually exclusive items in a list, one of which must be entered.

Syntax	create account [admin \| operator \| user] <username 15>

Description	In the above syntax example, users must specify either admin, or user. Do not type the
	vertical bar.

Example Command	create account admin Tommy

{braces}

Purpose	Encloses an optional value or set of optional arguments.

Syntax	reset {[config \| system]} force_agree

Description	In the above syntax example, users have the option to specify config or system. It is not
	necessary to specify either optional value, however the effect of the system reset is
	dependent on which, if any, value is specified. Therefore, with this example there are three
	possible outcomes of performing a system reset. See the following chapter, Basic
	Commands for more details about the reset command. Do not type the braces.

Example command	reset config

(parentheses)

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

(parentheses)

Purpose	Indicates at least one or more of the values or arguments in the preceding syntax
	enclosed by braces must be specified.

Syntax	config dhcp_relay {hops <value 1-16> \| time <sec 0-65535>}(1)

Description	In the above syntax example, users have the option to specify hops or time or both of
	them. The «(1)» following the set of braces indicates at least one argument or value within
	the braces must be specified. Do not type the parentheses.

Example command	config dhcp_relay hops 3

Line Editing Key Usage

Delete	Deletes the character under the cursor and then shifts the remaining characters in the line
	to the left.

Backspace	Deletes the character to the left of the cursor and then shifts the remaining characters in
	the line to the left.

Left Arrow	Moves the cursor to the left.

Right Arrow	Moves the cursor to the right.

Up Arrow	Repeats the previously entered command. Each time the up arrow is pressed, the
	command previous to that displayed appears. This way it is possible to review the
	command history for the current session. Use the down arrow to progress sequentially
	forward through the command history list.

Down Arrow	The down arrow will display the next command in the command history entered in the
	current session. This displays each command sequentially as it was entered. Use the up
	arrow to review previous commands.

Tab	Shifts the cursor to the next field to the left.

Multiple Page Display Control Keys

Space	Displays the next page.

CTRL+c	Stops the display of remaining pages when multiple pages are to be displayed.

ESC	Stops the display of remaining pages when multiple pages are to be displayed.

n	Displays the next page.

p	Displays the previous page.

q	Stops the display of remaining pages when multiple pages are to be displayed.

r	Refreshes the pages currently displayed.

a	Displays the remaining pages without pausing between pages.

Enter	Displays the next line or table entry.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

BASIC SWITCH COMMANDS

The basic Switch commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.

Command	Parameters

create account	[admin \| operator \| power_user \| user] <username 15>

config account	<username> {encrypt [plain_text \| sha_1] <password>}

show account

delete account	<username>

enable password
encryption

disable password
encryption
show session

show switch

show device_status

show serial_port

config serial_port	{baud_rate [9600 \| 19200 \| 38400 \| 115200] \| auto_logout [never \| 2_minutes \| 5_minutes \|
	10_minutes \| 15_minutes]}(1)
enable clipaging

disable clipaging

telnet	<ipaddr> {tcp_port <value 1-65535>}

enable telnet	<tcp_port_number 1-65535>

disable telnet

enable web	<tcp_port_number 1-65535>

disable web

save	{[config <config_id 1-2> \| log \| all]}

reboot	{force_agree}

reset	{[config \| system]} {force_agree}

login

logout

clear

config terminal width	[default \| <value 80-200>]

show terminal width

Each command is listed, in detail, in the following sections.

create account

Purpose Used to create user accounts.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

create account

Syntax	create account [admin \| operator \| power_user \| user] <username 15>
Description	This command is used to create user accounts that consist of a username of 1 to 15
	characters and a password of 0 to 15 characters. Up to 8 user accounts can be created.
Parameters	admin – Specifies that the user account will be set to admin.
	operator – Specifies that the user account will be set to operator.
	power_user – Specifies that the user account will be set to power user.
	user – Specifies that the user account will be set to user.
	<username 15> — Enter the account username here. This name can be up to 15 characters
	long.
Restrictions	Only Administrator-level users can issue this command.
	Usernames can be between 1 and 15 characters.
	Passwords can be between 0 and 15 characters.

Example usage:

To create an administrator-level user account with the username “dlink”.

DES-3528:admin# create account admin dlink

Command: create account admin dlink

Enter a case-sensitive new password:****

Enter the new password again for confirmation:****

Success.

DES-3528:admin#

NOTICE: In case of lost passwords or password corruption, please refer to the D-Link website and the White Paper entitled “Password Recovery Procedure”, which will guide you through the steps necessary to resolve this issue.

config account

Purpose	Used to configure user accounts
Syntax	config account <username> {encrypt [plain_text \| sha_1] <password>}
Description	When the password information is not specified in the command, the system will prompt the
	user to input the password interactively. For this case, the user can only input the plain text
	password.
	If the password is present in the command, the user can select to input the password in the
	plain text form or in the encrypted form. The encryption algorithm is based on SHA-I.
Parameters	<username> − Name of the account. The account must already be defined.
	plain_text − Select to specify the password in plain text form.
	sha_1 − Select to specify the password in the SHA-I enacrpted form.
	password − The password for the user account.
	The length for of password in plain-text form and in encrypted form are different. For the
	plain-text form, passwords must have a minimum of 0 character and can have a maximum of
	15 characters. For the encrypted form password, the length is fixed to 35 bytes long. The
	assword is case-sensitive.
Restrictions	Only Administrator-level users can issue this command.
	Usernames can be between 1 and 15 characters.
	Passwords can be between 0 and 15 characters.

Example usage:

To configure the user password of “dlink” account:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

DES-3528:admin# config account dlink

Command: config account dlink

Enter a old password:****

Enter a case-sensitive new password:****

Enter the new password again for confirmation:****

Success.

DES-3528:admin#

show account

Purpose	Used to display user accounts.
Syntax	show account
Description	This command is used to display all user accounts created on the Switch. Up to 8 user
	accounts can exist at one time.
Parameters	None.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To display the accounts that have been created:

DES-3528:admin# show account
Command: show account
Current Accounts:	Access Level
Username
—————	————
dlink	Admin
Total Entries: 1
DES-3528:admin#

delete account

Purpose	Used to delete an existing user account.
Syntax	delete account <username>
Description	This command is used to delete an existing entry.
Parameters	<username> − Name of the user who will be deleted.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To delete the user account “System”:

DES-3528:admin# delete account System

Command: delete account System

Success.

DES-3528:admin#

enable password encryption

Purpose	Used to enable password encryption.
Syntax	enable password encryption
Description	The user account configuration information will be stored in the configuration file, and can be

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

enable password encryption

	applied to the system later.
	If the password encryption is enabled, the password will be in encrypted form.
	When password encryption is diabled, if the user specifies the password in plain text form,
	the password will be in plain text form. However, if the user specifies the password in
	encrypted form, or if the password has been converted to encrypted form by the last enable
	password encryption command, the password will still be in the encrypted form. It cannot be
	reverted to the plaintext.
Parameters	None.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To enable password encryption:

DES-3528:admin# enable password encryption

Command: enable password encryption

Success.

DES-3528:admin#

disable password encryption

Purpose	Used to disable password encryption.
Syntax	disable password encryption
Description	The user account configuration information will be stored in the configuration file, and can be
	applied to the system later.
	If the password encryption is enabled, the password will be in encrypted form.
	When password encryption is disabled, if the user specifies the password in plain text form,
	the password will be in plan text form. However, if the user specifies the password in
	encrypted form, or if the password has been converted to encrypted form by the last enable
	password encryption command, the password will still be in the encrypted form. It cannot be
	reverted to the plaintext.
Parameters	None.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To disable password encryption:

DES-3528:admin# disable password encryption

Command: disable password encryption

Success.

DES-3528:admin#

show session

Purpose	Used to display a list of currently logged-in users.
Syntax	show session
Description	This command displays a list of all the users that are logged-in at the time the command is
	issued.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

To display the way that the users logged in:

DES-3528:admin# show session

Command: show session

ID	Live Time	From	Level	Name
—	———	————	——	——-
8	00:00:16.250	Serial Port	5	Anonymous

Total Entries: 1

CTRL+C ESC q Quit SPACE n Next Page p Previous Page r Refresh

show switch

Purpose	Used to display general information about the Switch.
Syntax	show switch
Description	This command displays information about the Switch.
Parameters	None.
Restrictions	None.

Example usage:

To display the Switch’s information:

DES-3528:admin# show switch
Command: show switch
Device Type	: DES-3528 Fast Ethernet Switch
MAC Address	: 1C-AF-F7-AD-33-20
IP Address	: 10.90.90.90 (Manual)
VLAN Name	: default
Subnet Mask	: 255.0.0.0
Default Gateway	: 0.0.0.0
Boot PROM Version	: Build 1.00.B008
Firmware Version	: Build 2.60.B010
Hardware Version	: A4
Serial Number	: P1UQ3A4000012
System Name	:
System Location	:
System Uptime	: 0 days, 0 hours, 3 minutes, 58 seconds
System Contact	:
Spanning Tree	: Disabled
GVRP	: Disabled
IGMP Snooping	: Disabled
MLD Snooping	: Disabled
VLAN Trunk	: Disabled
Telnet	: Enabled (TCP 23)
Web	: Enabled (TCP 80)
SNMP	: Disabled

CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All

show device_status

Purpose	Used to display the current Switch’s power and fan status.
Syntax	show device_status
Description	This command displays status of both the Switch’s internal and external power and the fan
	status.
Parameters	None.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

show device_status

Restrictions None.

Example usage:

To display the Switch’s device status:

DES-3528:admin# show device_status

Command: show device_status

Internal Power: Active

External Power: Fail

DES-3528:admin#

show serial_port

Purpose	Used to display the current serial port settings.
Syntax	show serial_port
Description	This command displays the current serial port settings.
Parameters	None.
Restrictions	None

Example usage:

To display the serial port setting:

DES-3528:admin#show serial_port

Command: show serial_port

Baud Rate	: 115200
Data	Bits	: 8
Parity Bits	: None
Stop	Bits	:	1
Auto-Logout	:	Never

DES-3528:admin#

config serial_port

Purpose	Used to configure the serial port.
Syntax	config serial_port {baud_rate [9600 \| 19200 \| 38400 \| 115200] \| auto_logout [never \|
	2_minutes \| 5_minutes \| 10_minutes \| 15_minutes]}(1)
Description	This command is used to configure the serial port’s baud rate and auto logout settings.
Parameters	baud_rate [9600 \| 19200 \| 38400 \| 115200] − The serial bit rate that will be used to
	communicate with the management host. There are four options: 9600, 19200, 38400,
	115200. Factory default setting is 115200.
	never − No time limit on the length of time the console can be open with no user input.
	2_minutes − The console will log out the current user if there is no user input for 2 minutes.
	5_minutes − The console will log out the current user if there is no user input for 5 minutes.
	10_minutes − The console will log out the current user if there is no user input for 10
	minutes.
	15_minutes − The console will log out the current user if there is no user input for 15
	minutes.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To configure baud rate:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

DES-3528:admin# config serial_port baud_rate 115200

Command: config serial_port baud_rate 115200

Success.

DES-3528:admin#

	NOTE: If a user configures the serial port’s baud rate, the baud rate will take effect and save
	immediately. Baud rate settings will not change even if the user resets or reboots the Switch. The
	Baud rate will only change when the user configures it again. The serial port’s baud rate setting is not
	stored in the Switch’s configuration file. Resetting the Switch will not restore the baud rate to the
	default setting.

enable clipaging
Purpose	Used to pause the scrolling of the console screen when a command displays more than one
	page.
Syntax	enable clipaging
Description	This command is used when issuing a command which causes the console screen to rapidly
	scroll through several pages. This command will cause the console to pause at the end of
	each page. The default setting is enabled.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To enable pausing of the screen display when the show command output reaches the end of the page:

DES-3528:admin# enable clipaging

Command: enable clipaging

Success.

DES-3528:admin#

disable clipaging

Purpose	Used to disable the pausing of the console screen scrolling at the end of each page when a
	command displays more than one screen of information.
Syntax	disable clipaging
Description	This command is used to disable the pausing of the console screen at the end of each page
	when a command would display more than one screen of information.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To disable pausing of the screen display when show command output reaches the end of the page:

DES-3528:admin# disable clipaging

Command: disable clipaging

Success.

DES-3528:admin#

telnet

Purpose Used to login the remote device system through the network.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

telnet

Syntax	telnet <ipaddr> {tcp_port <value 1-65535>}
Description	This command is used when the manager want to manage the device system which isn’t on
	local. So can use this command to login in the remote system which is located on other side.
	If connect successful, some actions can be done as local.
Parameters	<ipaddr> − The network ip address. This is the destination which wants to login.
	<value 1-65535> − The TCP port number. TCP ports are numbered between 1 and 65535.
	The “well-known” TCP port for the Telnet protocol is 23.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

Telnet to the remote Switch:

DES-3528:admin# telnet 172.18.168.12 tcp_port 50

Command: telnet 172.18.168.12 tcp_port 50

Connecting to server,please wait….

DES-3528 Gigabit Ethernet Switch

Command Line Interface

Firmware: Build 2.60.B010

UserName:

PassWord:

enable telnet

Purpose	Used to enable communication with and management of the Switch using the Telnet
	protocol.
Syntax	enable telnet <tcp_port_number 1-65535>
Description	This command is used to enable the Telnet protocol on the Switch. The user can specify the
	TCP or UDP port number the Switch will use to listen for Telnet requests.
Parameters	<tcp_port_number 1-65535> − The TCP port number. TCP ports are numbered between 1
	and 65535. The “well-known” TCP port for the Telnet protocol is 23.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To enable Telnet and configure port number:

DES-3528:admin# enable telnet 23

Command: enable telnet 23

Success.

DES-3528:admin#

disable telnet

Purpose	Used to disable the Telnet protocol on the Switch.
Syntax	disable telnet
Description	This command is used to disable the Telnet protocol on the Switch.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

To disable the Telnet protocol on the Switch:

DES-3528:admin# disable telnet

Command: disable telnet

Success.

DES-3528:admin#

enable web

Purpose	Used to enable the HTTP-based management software on the Switch.
Syntax	enable web <tcp_port_number 1-65535>
Description	This command is used to enable the Web-based management software on the Switch. The
	user can specify the TCP port number the Switch will use to listen for Telnet requests.
Parameters	<tcp_port_number 1-65535> − The TCP port number. TCP ports are numbered between 1
	and 65535. The “well-known” port for the Web-based management software is 80.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To enable HTTP and configure port number:

DES-3528:admin# enable web 80

Command: enable web 80

Success.

DES-3528:admin#

disable web

Purpose	Used to disable the HTTP-based management software on the Switch.
Syntax	disable web
Description	This command disables the Web-based management software on the Switch.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To disable HTTP:

DES-3528:admin# disable web

Command: disable web

Success.

DES-3528:admin#

save

Purpose	Used to save changes in the Switch’s configuration to non-volatile RAM.
Syntax	save {[config <config_id 1-2> \| log \| all]}
Description	This command is used to enter the current Switch configuration into non-volatile RAM. The
	saved Switch configuration will be loaded into the Switch’s memory each time the Switch is
	restarted.
Parameters	config <config_id 1-2> – Specify to save current settings to configuration file 1 or 2.
	log – Specify to save current Switch log to NV-RAM.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

save

	all – Specify to save all configuration settings. If nothing is specified after “save”, the Switch
	will save all.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To save the Switch’s current configuration to non-volatile RAM:

DES-3528:admin# save

Command: save

Saving all configurations to NV-RAM… Done.

DES-3528:admin#

reboot

Purpose	Used to restart the Switch.
Syntax	Reboot {force_agree}
Description	This command is used to restart the Switch.
Parameters	force_agree − When force_agree is specified, the reboot command will be executed
	immediatedly without further confirmation.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To restart the Switch:

DES-3528:admin# reboot

Command: reboot

Are you sure you want to proceed with the system reboot? (y|n)y

Please wait, the switch is rebooting…

reset

Purpose	Used to reset the Switch to the factory default settings.
Syntax	reset {[config \| system]} {force_agree}
Description	This command is used to restore the Switch’s configuration to the default settings assigned
	from the factory.
Parameters	config − If the keyword ‘config’ is specified, all of the factory default settings are restored on
	the Switch including the IP address, user accounts, and the Switch history log. The Switch
	will not save or reboot.
	system − If the keyword ‘system’ is specified all of the factory default settings are restored on
	the Switch. The Switch will save and reboot after the settings are changed to default.
	Rebooting will clear all entries in the Forwarding Data Base.
	force_agree − When force_agree is specified, the reset command will be executed
	immediatedly without further confirmation.
	If no parameter is specified, the Switch’s current IP address, user accounts, and the Switch
	history log are not changed. All other parameters are restored to the factory default settings.
	The Switch will not save or reboot.
	NOTE: The serial port baud rate will not be changed by the reset command.
	It will not be restored to the factory default setting.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

To restore all of the Switch’s parameters to their default values:

DES-3528:admin# reset config

Command: reset config

Are users sure to proceed with system reset?(y/n)y

Success.

DES-3528:admin#

Purpose	Used to log in a user to the Switch’s console.
Syntax	login
Description	This command is used to initiate the login procedure. The user will be prompted for a
	Username and Password.
Parameters	None.
Restrictions	None.

Example usage:

To initiate the login procedure:

DES-3528:admin# login

Command: login

UserName:

logout

Purpose	Used to log out a user from the Switch’s console.
Syntax	logout
Description	This command terminates the current user’s session on the Switch’s console.
Parameters	None.
Restrictions	None.

Example usage:

To terminate the current user’s console session:

DES-3528:admin# logout

clear

Purpose	The command is used to clear screen.
Syntax	clear
Description	The command is used to clear screen.
Parameters	None.
Restrictions	None.

Example usage:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

To clear screen:

DES-3528:admin# clear

Command: clear

DES-3528:admin#

config terminal width

Purpose	The command is used to set current terminal width.
Syntax	config terminal width [default \| <value 80-200>]
Description	The usage is described as below:

1.Users login and configure the terminal width to 120, this configuration take effect on this login section. If users implement “save” command, the configuration is saved. After users log out and log in again, the terminal width is 120.

2.If user did not save the configuration, another user login, the terminal width is default value.

3.If at the same time, two CLI sessions are running, once section configure to 120 width and save it, the other section will not be effected, unless it log out and then log in.

Parameters	default — The default setting of terminal width. The default value is 80.
	<value 80-200> — The terminal width which will be configured. The width is between 80 and
	200 characters.
Restrictions	None.

Example usage:

To configure the current terminal width:

DES-3528:admin# config terminal width 120

Command: config terminal width 120

Success.

DES-3528:admin#

show terminal width

Purpose	The command is used to display the configuration of current terminal width.
Syntax	show terminal width
Description	The command is used to display the configuration of current terminal width.
Parameters	None.
Restrictions	None.

Example usage:

To display the configuration of current terminal width:

DES-3528:admin#show terminal width
Command: show terminal width
Global terminal width	:	80
Current terminal width	:	80

DES-3528:admin#

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

MODIFY BANNER AND PROMPT COMMANDS

Administrator level users can modify the login banner (greeting message) and command prompt by using the commands described below.

Command	Parameters

config command_prompt	[<string 16> \| username \| default]

config greeting_message	{default}

show greeting_message

The Modify Banner and Prompt commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.

config command prompt

Purpose	Used to configure the command prompt.
Syntax	config command_prompt [<string 16> \| username \| default]
Description	This command is used to change the command prompt.
Parameters	string 16 –The command prompt can be changed by entering a new name of no more that 16
	characters.
	username – The command prompt will be changed to the login username.
	default – The command prompt will reset to factory default command prompt.
Restrictions	Only Administrator and Operator-level users can issue this command. Other restrictions
	include:
	• If the “reset” command is executed, the modified command prompt will remain
	modified. However, the “reset config/reset system” command will reset the
	command prompt to the original factory banner.

Example usage:

To modify the command prompt to “AtYourService”:

DES-3528:admin#config command_prompt AtYourService

Command: config command_prompt AtYourService

Success.

AtYourService:admin#

config greeting _message

Purpose	Used to configure the login banner (greeting message).
Syntax	config greeting _message {default}
Description	This command is used to modify the login banner (greeting message).
Parameters	default – If the user enters default to the modify banner command, then the banner will be
	reset to the original factory banner.
	To open the Banner Editor, click enter after typing the config greeting_message command.
	Type the information to be displayed on the banner by using the commands described on the
	Banner Editor:
	Quit without save:	Ctrl+C
	Save and quit:	Ctrl+W
	Move cursor:	Left/Right/Up/Down
	Delete line:	Ctrl+D

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

config greeting _message

	Erase all setting:	Ctrl+X
	Reload original setting:	Ctrl+L
Restrictions	Only Administrator and Operator-level users can issue this command. Other restrictions
	include:

•If the “reset” command is executed, the modified banner will remain modified. However, the “reset config/reset system” command will reset the modified banner to the original factory banner.

•The capacity of the banner is 6*80. 6 Lines and 80 characters per line.

•Ctrl+W will only save the modified banner in the DRAM. Users need to type the “save” command to save it into FLASH.

•Only valid in threshold level.

Example usage:

To modify the banner:

DES-3528:admin#config greeting_message

Command: config greeting_message

Greeting Messages Editor

================================================================================

DES-3528 Fast Ethernet Switch

Command Line Interface

Firmware: Build 2.60.017

================================================================================

<Function Key>	<Control Key>
Ctrl+C	Quit without save	left/right/	Move cursor
Ctrl+W	Save and quit	up/down
		Ctrl+D	Delete line
		Ctrl+X	Erase all setting
		Ctrl+L	Reload original setting

———————————————————————————

show greeting_message

Purpose	Used to view the currently configured greeting message configured on the Switch.
Syntax	show greeting_message
Description	This command is used to view the currently configured greeting message on the Switch.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To view the currently configured greeting message:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

DES-3528:admin#show greeting_message

Command: show greeting_message

================================================================================

DES-3528 Fast Ethernet Switch

Command Line Interface

Firmware: Build 2.60.017

================================================================================

DES-3528:admin#

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

SWITCH PORT COMMANDS

The Switch port commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.

Command	Parameters

config ports	[<portlist> \| all] {medium_type [fiber \| copper]} {speed [auto \| 10_half \| 10_full \| 100_half \|
	100_full \| 1000_full {[master \| slave]}] \| flow_control [enable \| disable] \| learning [enable \|
	disable ] \| state [enable \| disable] \| mdix [auto \| normal \| cross] \| [description <desc 1-32> \|
	clear_description]}

show ports	{<portlist>} {[description \| err_disabled \| details \| media_type]}

enable jumbo_frame

disable jumbo_frame

show jumbo_frame

Each command is listed, in detail, in the following sections.

config ports

Purpose	Used to configure the Switch’s port settings.
Syntax	config ports [<portlist> \| all] {medium_type [fiber \| copper]} {speed [auto \| 10_half \|
	10_full \| 100_half \| 100_full \| 1000_full {[master \| slave]}] \| flow_control [enable \|
	disable] \| learning [enable \| disable ] \| state [enable \| disable] \| mdix [auto \| normal \|
	cross] \| [description <desc 1-32> \| clear_description]}
Description	This command is used to configure the Switch’s Ethernet ports. Only the ports listed in the
	<portlist> will be affected.
Parameters	all − Configure all ports on the Switch.
	<portlist> − Specifies a port or range of ports to be configured.
	speed – Allows the user to adjust the speed for a port or range of ports. The user has a
	choice of the following:
	auto − Enables auto-negotiation for the specified range of ports.
	[10 \| 100 \| 1000] − Configures the speed in Mbps for the specified range of ports.
	Gigabit ports are statically set to 1000. When setting port speed to 1000_full,user should
	specify master or slave mode for 1000 base TX interface, and leave the 1000_full
	without any master or slave setting for other interfaces.
	[half \| full] − Configures the specified range of ports as either full-duplex or half-duplex.
	flow_control [enable \| disable] – Enable or disable flow control for the specified ports.
	learning [enable \| disable] − Enables or disables the MAC address learning on the specified
	range of ports.
	medium_type – Specify the medium type while the configured ports are combo ports. It’s an
	optional parameter for configuring medium type combo ports. For no combo ports, user does
	not need to specify medium_type in the commands.
	state [enable \| disable] − Enables or disables the specified range of ports.
	description − Enter an alphanumeric string of no more than 32 characters to describe a
	selected port interface.
	clear description – To clear the description.
	mdix [auto \| normal \| cross] – MDIX mode can be specified as auto, normal, or cross. If set to
	normal state, the port is in MDIX mode and can be connected to a port on an end node, such
	as a server or PC, using a straight-through cable. If set to cross state, the port is in MDI
	mode, and can be connected to a port on another Switch or hub that uses MDI-X ports
	through a straight-through cable. If set to auto state, the ports can be connected to any
	connections by using straight-through or cross-over cable. The ports make the necessary
	adjustments to accommodate either cable for correct operation.
Restrictions	Only Administrator and Operator-level users can issue this command.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

Example usage:

To configure the speed of ports 1-3 of unit 1 to be 10 Mbps, full duplex, learning enabled, state enabled and flow control enabled:

DES-3528:admin# config ports 1-3 speed 10_full learning enable state enable flow_control enable

Command: config ports 1-3 speed 10_full learning enable state enable flow_control enable

Success. DES-3528:admin#

show ports

Purpose	Used to display the current configuration of a range of ports.
Syntax	show ports {<portlist>} {[description \| err_disabled \| details \| media_type]}
Description	This command is used to display the current configuration of a range of ports.
Parameters	<portlist> − Specifies a port or range of ports to be displayed.
	description – Adding this parameter to the show ports command indicates that a previously
	entered port description will be included in the display.
	err_disabled – Use this to list disabled ports including connection status and reason for being
	disabled.
	details – Use this to show the detail information of ports.
	media_type – Specifies the media type used.
Restrictions	None.

Example usage:

To display the configuration of all ports on a Switch:

DES-3528:admin# show ports

Command: show ports

Port

State/

Settings

Connection

Address

——-

MDIX

Speed/Duplex/FlowCtrl

Learning

———

———————

———————-

———

Enabled

Auto/Disabled

Link Down

Enabled

Auto

Auto/Disabled

Link Down

Enabled

Auto

Auto/Disabled

Link Down

Enabled

Auto

Auto/Disabled

Link Down

Enabled

Auto

Auto/Disabled

Link Down

Enabled

Auto

Auto/Disabled

Link Down

Enabled

Auto

Auto/Disabled

Link Down

Enabled

Auto

Auto/Disabled

Link Down

Enabled

Auto

Auto/Disabled

Link Down

Enabled

Auto

CTRL+C

ESC

Quit

SPACE

Refresh

Example usage:

To display the configuration of all ports on a standalone Switch, with description:

DES-3528:admin# show ports description

Command: show ports description

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

Port

State/

Settings

Connection

Address

——-

MDIX

Speed/Duplex/FlowCtrl

Learning

———

———————

———————-

———

Enabled

Auto/Disabled

Link Down

Enabled

Auto

Description:

Link Down

Enabled

Auto/Disabled

Auto

Description:

Link Down

Enabled

Auto/Disabled

Auto

Description:

Link Down

Enabled

Auto/Disabled

Auto

Description:

Link Down

Enabled

Auto/Disabled

Auto

Description:

Link Down

Enabled

Auto/Disabled

Auto

Description:

Quit

Refresh

CTRL+C

ESC

SPACE

Example usage:

To display disabled ports including connection status and reason for being disabled on a standalone Switch:

DES-3528:admin# show ports err_disabled

Command: show ports err_disabled

Port	Port	Connection Status	Reason
——	State	———————	—————-
———

DES-3528:admin#

Example usage:

To display detail information of ports on the Switch:

DES-3528:admin# show ports details

Command: show ports details

Port : 1

———————

Port Status

: Link Down

Description

HardWare Type

: Fast Ethernet

MAC Address

00-22-B0-10-8A-01

Bandwidth

100000Kbit

Auto-Negotiation

Enabled

Duplex Mode

Full Duplex

Flow Control

Disabled

MDI

Auto

Address Learning

Enabled

Last Clear of Counter

0 hours 3 mins ago

BPDU Hardware Filtering Mode:

Disabled

Queuing Strategy

FIFO

TX Load

0/100,

0bits/sec,

0packets/sec

RX Load

0/100,

0bits/sec,

0packets/sec

CTRL+C

ESC

Quit

SPACE

Refresh

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

enable jumbo_frame

Purpose	Used to enable the jumbo frame function on the Switch.
Syntax	enable jumbo_frame
Description	This command will allow ethernet frames larger than 1536 bytes to be processed by the
	Switch. The maximum size of the jumbo frame may not exceed 9220 Bytes tagged.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To enabled the jambo frame:

DES-3528:admin# enable jumbo_frame

Command: enable jumbo_frame

The maximum size of jumbo frame is 9216 bytes.

Success.

DES-3528:admin#

disable jumbo_frame

Purpose	Used to disable the jumbo frame function on the Switch.
Syntax	disable jumbo_frame
Description	This command will disable the jumbo frame function on the Switch.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To disable the jumbo frame:

DES-3528:admin# disable jumbo_frame

Command: disable jumbo_frame

Success.

DES-3528:admin#

show jumbo_frame

Purpose	Used to show the status of the jumbo frame function on the Switch.
Syntax	show jumbo_frame
Description	This command will show the status of the jumbo frame function on the Switch.
Parameters	None.
Restrictions	None.

Example usage:

To show the jumbo frame status currently configured on the Switch:

DES-3528:admin# show jumbo_frame

Command: show jumbo_frame

Jumbo Frame State : Disabled

Maximum Frame Size : 1536 Bytes

DES-3528:admin#

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

PORT SECURITY COMMANDS

The Switch’s port security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.

Command	Parameters

config port_security ports	[<portlist> \| all] [{admin_state [enable \| disable] \| max_learning_addr
	<max_lock_no 0-16384> \| lock_address_mode [permanent \| deleteontimeout \|
	deleteonreset]} \|{vlan [<vlan_name 32> \| vlanid <vidlist>] max_learning_addr
	[<max_lock_no 0-16384> \| no_limit]}]

delete port_security_entry	[vlan <vlan_name 32> \| vlanid <vlanid 1-4094>] mac_address <macaddr>

clear port_security_entry	{ports [<portlist> \| all] {[vlan <vlan_name 32> \| vlanid <vidlist>]}}

show port_security	{ports [<portlist> \| all] {[vlan <vlan_name 32> \| vlanid <vidlist>]}}

enable port_security trap_log

disable port_security trap_log

config port_security system	[<max_lock_no 1-16384> \| no_limit]
max_learning_addr

config port_security vlan	[<vlan_name 32> \| vlanid <vidlist>] max_learning_addr [<max_lock_no 0-16384>
	\| no_limit]

Each command is listed, in detail, in the following sections.

config port_security ports

Purpose	Used to configure port security settings.
Syntax	config port_security ports [<portlist> \| all] [{admin_state [enable \| disable] \|
	max_learning_addr <max_lock_no 0-16384> \| lock_address_mode [permanent \|
	deleteontimeout \| deleteonreset]} \|{vlan [<vlan_name 32> \| vlanid <vidlist>]
	max_learning_addr [<max_lock_no 0-16384> \| no_limit]}]
Description	This command allows for the configuration of the port security feature. Only the ports listed
	in the <portlist> are affected.
Parameters	portlist − Specifies a port or range of ports to be configured.
	all − Configure port security for all ports on the Switch.
	admin_state [enable \| disable] – Enable or disable port security for the listed ports.
	max_learning_addr <max_lock_no 0-16384> − Use this to limit the number of MAC
	addresses dynamically listed in the FDB for the ports.
	lock_address_mode [permanent \| deleteontimout \| deleteonreset] – Indicates the method of
	locking addresses. The user has three choices:
	 permanent – The locked addresses will not age out after the aging timer expires.
	 deleteontimeout – The locked addresses will age out after the aging timer expires.
	 deleteonreset – The locked addresses will not age out until the Switch has been
	reset.
	vlan – Specifies the VLAN name used.
	vlanid – Specifies the VLAN ID used.
	max_learning_addr – Specifies the maximum learning address value. To specify this value to
	have no limit, select the ‘no_limit’ option.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To configure the port security:

DES-3528:admin# config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode deleteonreset

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

Command: config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode deleteonreset

Success.

DES-3528:admin#

delete port_security_entry

Purpose	Used to delete a port security entry by MAC address, port number and VLAN ID.
Syntax	delete port_security_entry [vlan <vlan_name 32> \| vlanid <vlanid 1-4094>]
	mac_address <macaddr>
Description	This command is used to delete a single, previously learned port security entry by port,
	VLAN name, and MAC address.
Parameters	vlan name − Enter the corresponding VLAN name of the port to delete.
	vlanid – Specifies the VLAN ID used.
	mac_address <macaddr> − Enter the corresponding MAC address, previously learned by the
	port, to delete.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To delete a port security entry:

DES-3528:admin# delete port_security_entry vlan default mac_address 00-01-30-10-2C-

Command: delete port_security_entry vlan default mac_address 00-01-30-10-2C-C7 Success.

DES-3528:admin#

clear port_security_entry

Purpose	Used to clear MAC address entries learned from a specified port for the port security
	function.
Syntax	clear port_security_entry {ports [<portlist> \| all] {[vlan <vlan_name 32> \| vlanid
	<vidlist>]}}
Description	This command is used to clear MAC address entries which were learned by the Switch by a
	specified port. This command only relates to the port security function.
Parameters	ports − Specifies a port or port range to clear.
	vlan – Specifies the VLAN name used.
	vlanid – Specifies the VLAN ID used.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To clear a port security entry by port:

DES-3528:admin#clear port_security_entry ports all

Command: clear port_security_entry ports all

Success.

DES-3528:admin#

show port_security

Purpose	Used to display the current port security configuration.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

show port_security

Syntax	show port_security {ports [<portlist> \| all] {[vlan <vlan_name 32> \| vlanid <vidlist>]}}
Description	This command is used to display port security information of the Switch’s ports. The
	information displayed includes port security trap/log state, admin state, maximum number of
	learning address and lock mode.
Parameters	ports − Specifies a port or range of ports to be viewed.
	vlan – Specifies the VLAN name used.
	vlanid – Specifies the VLAN ID used.
Restrictions	None.

Example usage:

To display the port security configuration:

DES-3528:admin#show port_security
Command: show port_security
Port Security Trap/Log	: Enabled
System Maximum Address	: no_limit

VLAN Configuration (Only VLANs with limitation are displayed):
VID	VLAN Name	Max. Learning Addr.
—-	———————————	——————
1	default	2

DES-3528:admin#

enable port_security trap_log

Purpose	Used to enable the trap log for port security.
Syntax	enable port_security trap_log
Description	This command, along with the disable port_security trap_log, will enable and disable the
	sending of log messages to the Switch’s log and SNMP agent when the port security of the
	Switch has been triggered.
Parameters	None.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To enable the port security trap log setting:

DES-3528:admin# enable port_security trap_log

Command: enable port_security trap_log

Success.

DES-3528:admin#

disable port_security trap_log

Purpose	Used to disable the trap log for port security.
Syntax	disable port_security trap_log
Description	This command, along with the enable port_security trap_log, will enable and disable the
	sending of log messages to the Switch’s log and SNMP agent when the port security of the
	Switch has been triggered.
Parameters	None.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

disable port_security trap_log

Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To disable the port security trap log setting:

DES-3528:admin# disable port_security trap_log

Command: disable port_security trap_log

Success.

DES-3528:admin#

config port_security system max_learning_addr

Purpose	This command sets the maximum number of port security entries that can be authorized
	system wide.
Syntax	config port_security system max_learning_addr [<max_lock_no 1-16384> \| no_limit]
Description	There are four levels of limitations on the learned entry number; for the entire system, for a
	port, for a VLAN, and for a specific VLAN on a port. If any limitation is exceeded, the new
	entry will be discarded.
	The setting for system level maximum learned users must be greater than the total of
	maximum learned users allowed on all ports.
Parameters	max_learning_addr — Specifies the maximum number of port security entries that can be
	learned by the system. If the setting is smaller than the number of current learned entries on
	all enabled ports, the command will be rejected.
	<max_lock_no 1-16384> — Enter the maximum learning address value here. This value must
	be between 1 and 16384.
	no_limit — No limitation on the number of port security entries that can be learned by the
	system. By default, the number is set to no_limit.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To configure the maximum number of port security entries on the Switch to be 256:

DES-3528:admin# config port_security system max_learning_addr 256

Command: config port_security system max_learning_addr 256

Success.

DES-3528:admin#

config port_security vlan

Purpose	This command sets the maximum number of port security entries that can be learned on a
	specific VLAN.
Syntax	config port_security vlan [<vlan_name 32> \| vlanid <vidlist>] max_learning_addr
	[<max_lock_no 0-16384> \| no_limit]
Description	There are four levels that limit the number of learned entries; the entire system, a port, a
	VLAN, and a specific VLAN on a port. If any limitation is exceeded, the new entry will be
	discarded.
Parameters	vlan — Specifies the VLAN by name.
	<vlan_name 32> — Enter the VLAN name here. This name can be up to 32 characters long.
	vlanid — Specifies a list of VLANs by VLAN ID.
	<vidlist> — Enter the VLAN ID list here.
	max_learning_addr — Specifies the maximum number of port security entries that can be

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

config port_security vlan

	learned by this VLAN. If this parameter is set to 0, it means that no user can be authorized
	on this VLAN. If the setting is lower than the number of current learned entries on the VLAN,
	the command will be rejected. The default value is “no_limit”
	<max_lock_no 0-16384> — Enter the maximum number of port security entries that can be
	learned here. This value must be between 0 and n.
	no_limit — No limitation on the number of port security entries that can be learned by a
	specific VLAN.
Restrictions	Only Administrator and Operator-level users can issue this command.

Example usage:

To configure the maximum number of VLAN-based port security entries on VLAN 1 to be 64:

DES-3528:admin# config port_security vlan vlanid 1 max_learning_addr 64

Command: config port_security vlan vlanid 1 max_learning_addr 64

Success.

DES-3528:admin#

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

STACKING COMMANDS

The stacking configuration commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.

Command	Parameters

config box_priority current_box_id	<value 1-8> priority <value 1-63>

config box_id current_box_id	<value 1-8> new_box_id [auto \| <value 1-8>]

show stack_information

config stacking_mode	[disable(0) \| enable(1)]

show stacking_mode

show stack_device

config stacking force_master_role	state [enable \| disable]

Each command is listed, in detail, in the following sections.

config box_priority

Purpose	Used to configure box priority so as to determine which box (Switch) becomes the
	master. A lower number denotes a higher priority.
Syntax	config box_priority current_box_id <value 1-8> priority <value 1-63>
Description	This command is used to configure the box (Switch) priority.
Parameters	current_box_id <value 1–8> – Identifies the Switch being configured. Range is 1 to 8.
	priority <value 1–63> – Assigns a priority value to the box. A Lower number denotes a
	higher priority. The valid priority range is 1 to 63.
Restrictions	Only Administrator and Operator and Power-User-level users can issue this command.

Usage example:

To configure box priority:

DES-3528:admin# config box_priority current_box_id 1 priority 1

Command: config box_priority current_box_id 1 priority 1

Success.

DES-3528:admin#

config box_id

Purpose	Used to configure box ID. Users can use this command to reassign box IDs.
Syntax	config box_id current_box_id <value 1-8> new_box_id <value 1-8> new_box_id
	[auto \| <value 1-8>]
Description	This command is used to assign box IDs to Switches in a stack.
Parameters	current_box_id – Identifies the Switch being configured. Range is 1 to 8.
	new_box_id – The new ID being assigned to the Switch (box). Range is 1 to 8.
	• auto – Allows the box ID to be assigned automatically.
Restrictions	Only Administrator and Operator and Power-User-level users can issue this command.

Usage example:

To change a box ID:

DES-3528:admin# config box_id current_box_id 1 new_box_id 2

Command: config box_id current_box_id 1 new_box_id 2

Success.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

DES-3528:admin#

show stack_information

	Purpose		Used to display the stack information table.
	Syntax		show stack_information
	Description		This command display stack information.
	Parameters	None.
	Restrictions	Only Administrator and Operator and Power-User-level users can issue this command.

Usage example:
		To display stack information:

	DES-3528:admin# show stack_information
	Command: show stack_information
	Topology	:Duplex_Chain
	My Box ID	:1
	Master ID	:1
	Box	Count	:1
	Force Master Role: Disabled
	Box	User	Type	Prio-	MAC	Prom	Runtime	H/W
	ID	Set	Exist rity	version	version	version
	—	—-	————- —— —- —————— ——— ——— ———
	1	Auto	DES-3528	Exist 32	00-22-B0-10-8A-00 1.00.B008 2.60.017	A2
	2	—	NOT_EXIST	No
	3	—	NOT_EXIST	No
	4	—	NOT_EXIST	No
	5	—	NOT_EXIST	No
	6	—	NOT_EXIST	No
	7	—	NOT_EXIST	No
	8	—	NOT_EXIST	No
	DES-3528:admin#

config stacking_mode

Purpose	Used to configure the stacking mode.
Syntax	config stacking_mode [disable(0) \| enable(1)]
Description	This command will enable or disable the stacking mode for the Switch. When enabled,
	the last two ports on the rear of the Switch will be enabled for stacking.
Parameters	enable \| disable – Use these parameters to enable or disable the stacking mode for the
	Switch. Once this command is executed, it will cause the Switch to reboot. Before
	configuring the stacking mode of a Switch to disable status, the Switch must be
	physically removed from the stacking swtitches.
Restrictions	Only Administrator-level users can issue this command.

Usage example:

To disable the stacking mode:

DES-3528:admin# config stacking mode disable

Command: config stacking mode disable

Change Box bootmode may cause devices work restart, still continue? (y/n)y

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

show stacking_mode

Purpose	Used to view the current stacking mode.
Syntax	show stacking_mode
Description	This command will display whether the current stacking mode is enabled or disabled.
Parameters	None.
Restrictions	Only Administrator and Operator and Power-User-level users can issue this command.

Usage example:

To view the current stacking mode:

DES-3528:admin# show stacking mode

Command: show stacking mode

Stacking mode : Enabled

DES-3528:admin#

show stack_device

	Purpose		Used to display the information for devices in the stack.
	Syntax		show stack_device
	Description		Used to display the information for devices in the stack.
	Parameters		None.
	Restrictions		None.

Usage example:
	To display the stack information:

	DES-3528:admin#	show stack_device
	Command: show stack_device
	Box ID	Box Type	H/W Version	Serial Number
	——- —————	————	—————-
	1	DES-XXXXS	0A1	1234567890123
	3	DES-XXXXS	0A1	2345678901234
	DES-3528:admin#

config stacking force_master_role

Purpose	This command is used to enable or disable the force master role.
Syntax	config stacking force_master_role state [enable \| disable]
Description	If state is enabled, when device is in election state, it still uses old priority setting and
	MAC to compare device priority. After stacking is stable, master’s priority will become
	zero. If stacking topology change again, Master will use priority zero and MAC address to
	determine who new primary master is.
Parameters	force_master_role — Enable or disable the Switch’s Stacking Force Master Role state.
	Default setting is disabled.
	enable — Specifies that Switch’s stacking force master role will be enabled.
	disable — Specifies that Switch’s stacking force master role will be disabled.
Restrictions	Only Administrator and Operator and Power-User-level users can issue this command.

Usage example:

To enable stacking force master role state:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

DES-3528:admin# config stacking force_master_role state enable

Command: config stacking force_master_role state enable

Success.

DES-3528:admin#

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

NETWORK MANAGEMENT (SNMP) COMMANDS

The Switch supports the Simple Network Management Protocol (SNMP) versions 1, 2c, and 3. Users can specify which version of the SNMP users want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device. The following table lists the security features of the three SNMP versions:

SNMP	Authentication Method	Description
Version

v1	Community String	Community String is used for authentication − NoAuthNoPriv

v2c	Community String	Community String is used for authentication − NoAuthNoPriv

v3	Username	Username is used for authentication − NoAuthNoPriv, AuthNoPriv or
		AuthPriv
v3	MD5 or SHA	Authentication is based on the HMAC-MD5 or HMAC-SHA algorithms −
		AuthNoPriv
v3	MD5 DES or SHA DES	Authentication is based on the HMAC-MD5 or HMAC-SHA algorithms −
		AuthPriv.
		DES 56-bit encryption is added based on the CBC-DES (DES-56)
		standard

The network management commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.

Command	Parameters

create snmp user	<user_name 32> <groupname 32> {encrypted [by_password auth [md5
	<auth_password 8-16 > \| sha <auth_password 8-20>] priv [none \| des
	<priv_password 8-16>] \| by_key auth [md5 <auth_key 32-32> \| sha
	<auth_key 40-40>] priv [none \| des <priv_key 32-32>]]}
delete snmp user	<user_name 32>

show snmp user

create snmp view	<view_name 32> <oid> view_type [included \| excluded]

delete snmp view	<view_name 32> [all \| oid]

show snmp view	{<view_name 32>}

create snmp community	<community_string 32> view <view_name 32> [read_only \| read_write]

delete snmp community	<community_string 32>

show snmp community	{<community_string 32>}

config snmp engineID	<snmp_engineID 10-64>

show snmp engineID

create snmp group	<groupname 32> [v1 \| v2c \| v3 [noauth_nopriv \| auth_nopriv \| auth_priv]]
	{read_view <view_name 32> \| write_view <view_name 32> \| notify_view
	<view_name 32>}(1)

delete snmp group	<groupname 32>

show snmp groups

create snmp host	[<ipaddr> \| v6host <ipv6addr>] [v1 \| v2c \| v3 [noauth_nopriv \| auth_nopriv \|
	auth_priv]] <auth_string 32>

delete snmp host	[<ipaddr> \| v6host <ipv6addr>]

show snmp host	{<ipaddr>}

show snmp v6host	{<ipv6addr>}

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

Command	Parameters

create trusted_host	[<ipaddr> \| <ipv6addr> \| network <network_address> \| ipv6_prefix
	<ipv6networkaddr>] {snmp \| telnet \| ssh \| http \| https \| ping}

config trusted_host	[<ipaddr> \| <ipv6addr> \| network <network_address> \| ipv6_prefix
	<ipv6networkaddr>] [add \| delete] {snmp \| telnet \| ssh \| http \| https \| ping \| all}
delete trusted_host	[ipaddr <ipaddr> \| ipv6address <ipv6addr> \| network <network_address> \|
	ipv6_prefix <ipv6networkaddr> \| all]

show trusted_host

enable snmp traps

enable snmp authenticate_traps

show snmp traps	{linkchange_traps {ports <portlist>}}

disable snmp traps

disable snmp authenticate_traps

config snmp system_contact	<sw_contact>

config snmp system_location	<sw_location>

config snmp system_name	<sw_name>

enable snmp

disable snmp

Each command is listed, in detail, in the following sections.

create snmp user

Purpose	Used to create a new SNMP user and adds the user to an SNMP group that is also created
	by this command.
Syntax	create snmp user <user_name 32> <groupname 32> {encrypted [by_password auth
	[md5 <auth_password 8-16> \| sha <auth_password 8-20>] priv [none \| des
	<priv_password 8-16>] \| by_key auth [md5 <auth_key 32-32> \| sha <auth_key 40-40>]
	priv [none \| des <priv_key 32-32> ]]}
Description	This command creates a new SNMP user and adds the user to an SNMP group that is also
	created by this command. SNMP ensures:
	Message integrity − Ensures that packets have not been tampered with during transit.
	Authentication − Determines if an SNMP message is from a valid source.
	Encryption − Scrambles the contents of messages to prevent it from being viewed by an
	unauthorized source.
Parameters	<user_name 32> − An alphanumeric name of up to 32 characters that will identify the new
	SNMP user.
	<groupname 32> − An alphanumeric name of up to 32 characters that will identify the SNMP
	group the new SNMP user will be associated with.
	encrypted – Allows the user to choose a type of authorization for authentication using SNMP.
	The user may choose:
	by_password – Requires the SNMP user to enter a password for authentication and
	privacy. The password is defined by specifying the auth_password below. This
	method is recommended.
	by_key – Requires the SNMP user to enter a encryption key for authentication and
	privacy. The key is defined by specifying the key in hex form below. This method is
	not recommended.
	auth − The user may also choose the type of authentication algorithms used to authenticate
	the snmp user. The choices are:
	md5 − Specifies that the HMAC-MD5-96 authentication level will be used. md5 may be
	utilized by entering one of the following:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

create snmp user

•<auth password 8-16> — An alphanumeric string of between 8 and 16 characters that will be used to authorize the agent to receive packets for the host.

•<auth_key 32-32> — Enter an alphanumeric string of exactly 32 characters, in hex form, to define the key that will be used to authorize the agent to receive packets for the host.

sha − Specifies that the HMAC-SHA-96 authentication level will be used.

•<auth password 8-20> — An alphanumeric string of between 8 and 20 characters that will be used to authorize the agent to receive packets for the host.

•<auth_key 40-40> — Enter an alphanumeric string of exactly 40 characters, in hex form, to define the key that will be used to authorize the agent to receive packets for the host.

priv – Adding the priv (privacy) parameter will allow for encryption in addition to the authentication algorithm for higher security. The user may choose:

des – Adding this parameter will allow for a 56-bit encryption to be added using the DES-56 standard using:

•<priv_password 8-16> — An alphanumeric string of between 8 and 16 characters that will be used to encrypt the contents of messages the host sends to the agent.

•<priv_key 32-32> — Enter an alphanumeric key string of exactly 32 characters, in hex form, that will be used to encrypt the contents of messages the host sends to the agent.

	none – Adding this parameter will add no encryption.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To create an SNMP user on the Switch:

DES-3528:admin# create snmp user dlink default encrypted by_password auth md5 canadian priv none

Command: create snmp user dlink default encrypted by_password auth md5 canadian priv none

Success. DES-3528:admin#

delete snmp user

Purpose	Used to remove an SNMP user from an SNMP group.
Syntax	delete snmp user <user_name 32>
Description	This command removes an SNMP user from its SNMP group.
Parameters	<user_name 32> − An alphanumeric string of up to 32 characters that identifies the SNMP
	user that will be deleted.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To delete a previously entered SNMP user on the Switch:

DES-3528:admin# delete snmp user dlink

Command: delete snmp user dlink

Success.

DES-3528:admin#

show snmp user

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

show snmp user

Purpose	Used to display information about each SNMP username in the SNMP group username
	table.
Syntax	show snmp user
Description	This command displays information about each SNMP username in the SNMP group
	username table.
Parameters	None.
Restrictions	None.

Example usage:

To display the SNMP users currently configured on the Switch:

DES-3528:admin# show snmp user

Command: show snmp user

Username	Group Name	VerAuthPriv
———	————-	————
initial	initial	V3 NoneNone
Total Entries: 1

DES-3528:admin#

create snmp view

Purpose	Used to assign views to community strings to limit which MIB objects and SNMP manager
	can access.
Syntax	create snmp view <view_name 32> <oid> view_type [included \| excluded]
Description	This command assigns views to community strings to limit which MIB objects an SNMP
	manager can access.
Parameters	<view_name 32> − An alphanumeric string of up to 32 characters that identifies the SNMP
	view that will be created.
	<oid> − The object ID that identifies an object tree (MIB tree) that will be included or
	excluded from access by an SNMP manager.
	view type – Sets the view type to be:

•included − Include this object in the list of objects that an SNMP manager can access.

•excluded − Exclude this object from the list of objects that an SNMP manager can access.

Restrictions

Only Administrator-level users can issue this command.

Example usage:

To create an SNMP view:

DES-3528:admin# create snmp view dlinkview 1.3.6 view_type included

Command: create snmp view dlinkview 1.3.6 view_type included

Success.

DES-3528:admin#

delete snmp view

Purpose	Used to remove an SNMP view entry previously created on the Switch.
Syntax	delete snmp view <view_name 32> [all \| <oid>]

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

delete snmp view

Description	This command is used to remove an SNMP view previously created on the Switch.
Parameters	<view_name 32> − An alphanumeric string of up to 32 characters that identifies the SNMP
	view to be deleted.
	all − Specifies that all of the SNMP views on the Switch will be deleted.
	<oid> − The object ID that identifies an object tree (MIB tree) that will be deleted from the
	Switch.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To delete a previously configured SNMP view from the Switch:

DES-3528:admin# delete snmp view dlinkview all

Command: delete snmp view dlinkview all

Success.

DES-3528:admin#

show snmp view

	Purpose	Used to display an SNMP view previously created on the Switch.
	Syntax	show snmp view {<view_name 32>}
	Description	This command displays an SNMP view previously created on the Switch.
	Parameters	<view_name 32> − An alphanumeric string of up to 32 characters that identifies the SNMP
		view that will be displayed.
	Restrictions	None.

Example usage:
	To display SNMP view configuration:

	DES-3528:admin# show snmp view
	Command: show snmp view
	Vacm View Table Settings	View Type
	View Name	Subtree
	———	———-	———-
	ReadView	1	Included
	WriteView	1	Included
	NotifyView	1.3.6	Included
	restricted	1.3.6.1.2.1.1	Included
	restricted	1.3.6.1.2.1.11	Included
	restricted	1.3.6.1.6.3.10.2.1	Included
	restricted	1.3.6.1.6.3.11.2.1	Included
	restricted	1.3.6.1.6.3.15.1.1	Included
	CommunityView	1	Included
	CommunityView	1.3.6.1.6.3	Excluded
	CommunityView	1.3.6.1.6.3.1	Included
	Total Entries: 11
	DES-3528:admin#

create snmp community

Purpose	Used to create an SNMP community string to define the relationship between the SNMP
	manager and an agent. The community string acts like a password to permit access to the
	agent on the Switch. One or more of the following characteristics can be associated with the

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

create snmp community

	community string:
	An Access List of IP addresses of SNMP managers that are permitted to use the community
	string to gain access to the Switch’s SNMP agent.
	An MIB view that defines the subset of all MIB objects that will be accessible to the SNMP
	community.
	read_write or read_only level permission for the MIB objects accessible to the SNMP
	community.
Syntax	create snmp community <community_string 32> view <view_name 32> [read_only \|
	read_write]
Description	This command is used to create an SNMP community string and to assign access-limiting
	characteristics to this community string.
Parameters	<community_string 32> − An alphanumeric string of up to 32 characters that is used to
	identify members of an SNMP community. This string is used like a password to give remote
	SNMP managers access to MIB objects in the Switch’s SNMP agent.
	view <view_name 32> − An alphanumeric string of up to 32 characters that is used to identify
	the group of MIB objects that a remote SNMP manager is allowed to access on the Switch.
	read_only − Specifies that SNMP community members using the community string created
	with this command can only read the contents of the MIBs on the Switch.
	read_write − Specifies that SNMP community members using the community string created
	with this command can read from and write to the contents of the MIBs on the Switch.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To create the SNMP community string “dlink:”

DES-3528:admin# create snmp community dlink view ReadView read_write

Command: create snmp community dlink view ReadView read_write

Success.

DES-3528:admin#

delete snmp community

Purpose	Used to remove a specific SNMP community string from the Switch.
Syntax	delete snmp community <community_string 32>
Description	This command is used to remove a previously defined SNMP community string from the
	Switch.
Parameters	<community_string 32> − An alphanumeric string of up to 32 characters that is used to
	identify members of an SNMP community. This string is used like a password to give remote
	SNMP managers access to MIB objects in the Switch’s SNMP agent.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To delete the SNMP community string “dlink”:

DES-3528:admin# delete snmp community dlink

Command: delete snmp community dlink

Success.

DES-3528:admin#

show snmp community

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

show snmp community

Purpose	Used to display SNMP community strings configured on the Switch.
Syntax	show snmp community {<community_string 32>}
Description	This command is used to display SNMP community strings that are configured on the Switch.
Parameters	<community_string 32> − An alphanumeric string of up to 32 characters that is used to
	identify members of an SNMP community. This string is used like a password to give remote
	SNMP managers access to MIB objects in the Switch’s SNMP agent.
Restrictions	None.

Example usage:

To display the currently entered SNMP community strings:

DES-3528:admin# show snmp community

Command: show snmp community

SNMP Community Table

Community Name	View Name	Access Right
—————	————	————
dlink	ReadView	read_write
private	CommunityView	read_write
public	CommunityView	read_only

Total Entries: 3

DES-3528:admin#

config snmp engineID

Purpose	Used to configure a name for the SNMP engine on the Switch.
Syntax	config snmp engineID <snmp_engineID 10-64>
Description	This command configures a name for the SNMP engine on the Switch.
Parameters	<snmp_engineID 10-64> − An alphanumeric string that will be used to identify the SNMP
	engine on the Switch.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To give the SNMP agent on the Switch the name “0035636666”:

DES-3528:admin# config snmp engineID 0035636666

Command: config snmp engineID 0035636666

Success.

DES-3528:admin#

show snmp engineID

Purpose	Used to display the identification of the SNMP engine on the Switch.
Syntax	show snmp engineID
Description	This command displays the identification of the SNMP engine on the Switch.
Parameters	None.
Restrictions	None.

Example usage:

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

To display the current name of the SNMP engine on the Switch:

DES-3528:admin# show snmp engineID

Command: show snmp engineID

SNMP Engine ID : 0035636666

DES-3528:admin#

create snmp group

Purpose	Used to create a new SNMP group, or a table that maps SNMP users to SNMP views.
Syntax	create snmp group <groupname 32> [v1 \| v2c \| v3 [noauth_nopriv \| auth_nopriv \|
	auth_priv]] {read_view <view_name 32> \| write_view <view_name 32> \| notify_view
	<view_name 32>}(1)
Description	This command creates a new SNMP group, or a table that maps SNMP users to SNMP
	views.
Parameters	<groupname 32> − An alphanumeric name of up to 32 characters that will identify the SNMP
	group the new SNMP user will be associated with.
	v1 – Specifies that SNMP version 1 will be used. The Simple Network Management Protocol
	(SNMP), version 1, is a network management protocol that provides a means to monitor and
	control network devices.
	v2c – Specifies that SNMP version 2c will be used. The SNMP v2c supports both centralized
	and distributed network management strategies. It includes improvements in the Structure of
	Management Information (SMI) and adds some security features.
	v3 – Specifies that the SNMP version 3 will be used. SNMP v3 provides secure access to
	devices through a combination of authentication and encrypting packets over the network.
	SNMP v3 adds:
	• Message integrity − Ensures that packets have not been tampered with during
	transit.
	• Authentication − Determines if an SNMP message is from a valid source.
	• Encryption − Scrambles the contents of messages to prevent it being viewed by an
	unauthorized source.
	noauth_nopriv − Specifies that there will be no authorization and no encryption of packets
	sent between the Switch and a remote SNMP manager.
	auth_nopriv − Specifies that authorization will be required, but there will be no encryption of
	packets sent between the Switch and a remote SNMP manager.
	auth_priv − Specifies that authorization will be required, and that packets sent between the
	Switch and a remote SNMP manger will be encrypted.
	read_view – Specifies that the SNMP group being created can request SNMP messages.
	write_view – Specifies that the SNMP group being created has write privileges.
	notify_view − Specifies that the SNMP group being created can receive SNMP trap
	messages generated by the Switch’s SNMP agent.
	<view_name 32> − An alphanumeric string of up to 32 characters that is used to identify the
	group of MIB objects that a remote SNMP manager is allowed to access on the Switch.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To create an SNMP group named “sg1”:

DES-3528:admin# create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1

Command: create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1

Success. DES-3528:admin#

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

delete snmp group

Purpose	Used to remove an SNMP group from the Switch.
Syntax	delete snmp group <groupname 32>
Description	This command is used to remove an SNMP group from the Switch.
Parameters	<groupname 32> − An alphanumeric name of up to 32 characters that will identify the SNMP
	group the new SNMP user will be associated with.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To delete the SNMP group named “sg1”:

DES-3528:admin# delete snmp group sg1

Command: delete snmp group sg1

Success.

DES-3528:admin#

show snmp groups

Purpose	Used to display the group-names of SNMP groups currently configured on the Switch. The
	security model, level, and status of each group are also displayed.
Syntax	show snmp groups
Description	This command displays the group-names of SNMP groups currently configured on the
	Switch. The security model, level, and status of each group are also displayed.
Parameters	None.
Restrictions	None.

Example usage:

To display the currently configured SNMP groups on the Switch:

DES-3528:admin# show snmp groups
Command: show snmp	groups
Vacm Access Table Settings
Group	Name	: public
ReadView Name	: CommunityView
WriteView Name	:
Notify View Name	: CommunityView
Securiy Model	: SNMPv1
Securiy Level	: NoAuthNoPriv
Group	Name	: public
ReadView Name	: CommunityView
WriteView Name	:
Notify View Name	: CommunityView
Securiy Model	: SNMPv2
Securiy Level	: NoAuthNoPriv
Group	Name	: initial
ReadView Name	: restricted
WriteView Name	:
Notify View Name	: restricted
Securiy Model	: SNMPv3
Securiy Level	: NoAuthNoPriv

CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

create snmp host

Purpose	Used to create a recipient of SNMP traps generated by the Switch’s SNMP agent.
Syntax	create snmp host [<ipaddr> \| v6host <ipv6addr>] [v1 \| v2c \| v3 [noauth_nopriv \|
	auth_nopriv \| auth_priv]] <auth_string 32>
Description	This command creates a recipient of SNMP traps generated by the Switch’s SNMP agent.
Parameters	<ipaddr> − The IP address of the remote management station that will serve as the SNMP
	host for the Switch.
	<ipv6addr> − The IPv6 address of the remote management station that will serve as the
	SNMP host for the Switch.
	v1 – Specifies that SNMP version 1 will be used. The Simple Network Management Protocol
	(SNMP), version 1, is a network management protocol that provides a means to monitor and
	control network devices.
	v2c – Specifies that SNMP version 2c will be used. The SNMP v2c supports both centralized
	and distributed network management strategies. It includes improvements in the Structure of
	Management Information (SMI) and adds some security features.
	v3 – Specifies that the SNMP version 3 will be used. SNMP v3 provides secure access to
	devices through a combination of authentication and encrypting packets over the network.
	SNMP v3 adds:
	• Message integrity − ensures that packets have not been tampered with during
	transit.
	• Authentication − determines if an SNMP message is from a valid source.
	• Encryption − scrambles the contents of messages to prevent it being viewed by an
	unauthorized source.
	noauth_nopriv − Specifies that there will be no authorization and no encryption of packets
	sent between the Switch and a remote SNMP manager.
	auth_nopriv − Specifies that authorization will be required, but there will be no encryption of
	packets sent between the Switch and a remote SNMP manager.
	auth_priv − Specifies that authorization will be required, and that packets sent between the
	Switch and a remote SNMP manger will be encrypted.
	<auth_string 32> − An alphanumeric string used to authorize a remote SNMP manager to
	access the Switch’s SNMP agent.
Restrictions	Only Administrator-level users can issue this command.

Example usage:

To create an SNMP host to receive SNMP messages:

DES-3528:admin# create snmp host 10.48.74.100 v3 auth_priv public

Command: create snmp host 10.48.74.100 v3 auth_priv public

Success.

DES-3528:admin#

delete snmp host

Purpose	Used to remove a recipient of SNMP traps generated by the Switch’s SNMP agent.
Syntax	delete snmp host [<ipaddr> \| v6host <ipv6addr>]
Description	This command deletes a recipient of SNMP traps generated by the Switch’s SNMP agent.
Parameters	<ipaddr> − The IP address of a remote SNMP manager that will receive SNMP traps
	generated by the Switch’s SNMP agent.
	<ipv6addr> − The IPv6 address of a remote SNMP manager that will receive SNMP traps
	generated by the Switch’s SNMP agent.
Restrictions	Only Administrator-level users can issue this command.

xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide

Example usage:

To delete an SNMP host entry:

DES-3528:admin# delete snmp host 10.48.74.100

Command: delete snmp host 10.48.74.100

Success.

DES-3528:admin#

show snmp host

Purpose	Used to display the recipient of SNMP traps generated by the Switch’s SNMP agent.
Syntax	show snmp host {<ipaddr>}
Description	This command is used to display the IP addresses and configuration information of remote
	SNMP managers that are designated as recipients of SNMP traps that are generated by the
	Switch’s SNMP agent.
Parameters	<ipaddr> − The IP address of a remote SNMP manager that will receive SNMP traps
	generated by the Switch’s SNMP agent.
Restrictions	None.

Example usage:

To display the currently configured SNMP hosts on the Switch:

DES-3528:admin# show snmp host

Command: show snmp host

SNMP	Host Table	SNMP Version Community	Name/SNMPv3 User Name
Host	IP Address
—————	———— ——————————
10.48.76.23	V2c	authpriv	private
10.48.74.100	V3	public

Total Entries: 2

DES-3528:admin#

show snmp v6host

Purpose	This command is used to display the recipient for which the traps are targeted.
Syntax	show snmp v6host {<ipv6addr>}
Description	This command is used to display the recipient for which the traps are targeted.
Parameters	v6host — (Optional) Specifies the IPv6 host address.
	<ipv6addr> — Enter the IPv6 address used for the configuration here.
	If no parameter specified, all SNMP hosts will be displayed.
Restrictions	None.

Example usage:

To show SNMP host:

Loading…

Источник

Сегодня настроил очередной коммутатор D-Link DES-3528.

Выложу ниже конфигурацию и кратко опишу её.
При наборе команд можно использовать клавишу TAB чтобы коммутатор предлагал варианты, а также после любой команды через пробел можно написать знак вопроса «?» и увидеть возможные подкоманды.

Просмотреть текущую конфигурацию коммутатора можно командой:

show config current_config

Приступим к настройке.
Подключимся к коммутатору консольным кабелем на скорости 9600 или по стандартному IP-адресу 10.90.90.90 и добавим администратора (изначально вход без логина и пароля):

create account admin admin

Включим шифрование пароля чтобы он не хранился в конфиге открыто:

enable password encryption

Добавим vlan для управления и для пользователей (у меня 207 core для управления, 226 для пользователей, 25 порт использую как входящий):

create vlan core tag 207
config vlan core add tagged 25
create vlan local_smart tag 226
config vlan local_smart add untagged 1-28
config port_vlan 1-28 acceptable_frame admit_all pvid 226
config vlan default delete 1-28

Изменим IP-адрес коммутатору и укажем шлюз:

config ipif System ipaddress 192.168.0.50/24 vlan core
create iproute default 192.168.0.1 1 primary

Включим ограничение широковещательного трафика на клиентских портах:

config traffic control 1-24,26-28 broadcast enable action drop broadcast_threshold 100 countdown 0 time_interval 5

Включим защиту от петель на клиентских портах:

enable loopdetect
config loopdetect recover_timer 300 interval 10 mode port-based
config loopdetect log state enable
config loopdetect ports 1-24,26-28 state enable
config loopdetect trap loop_detected

Включим сегментацию трафика, чтобы клиенты не видели друг друга:

config traffic_segmentation 1-24,26-28 forward_list 25
config traffic_segmentation 25 forward_list 1-24,26-28

Включим блокировку DHCP-серверов со стороны клиентов чтобы они не раздавали IP:

config filter dhcp_server ports 1-24,26-28 state enable
config filter dhcp_server illegal_server_log_suppress_duration 30min
config filter dhcp_server trap_log enable

Укажем с каких IP разрешено заходить администратору на коммутатор (чтобы пользователи не видели его):

create trusted_host network 192.168.0.2/32 snmp telnet ssh http https ping
create trusted_host network 192.168.1.5/32 snmp telnet ssh http https ping

Настроим SNMP если оно нужно:

enable snmp
delete snmp community public
delete snmp community private
delete snmp user initial
create snmp community КОМЬЮНИТИ view CommunityView read_only

Включим защиту от BPDU флуда:

enable bpdu_protection
config bpdu_protection recovery_timer 2400
config bpdu_protection log none
config bpdu_protection ports 1-24,26-28 state enable
config bpdu_protection ports 1-28 mode drop

Включим защиту коммутатора, чтобы в случае полной загрузки процессора на него можно было зайти:

config safeguard_engine state enable utilization rising 100 falling 95 trap_log enable mode fuzzy

По необходимости настроим синхронизацию времени с NTP сервером:

enable sntp
config time_zone operator + hour 2 min 0
config sntp primary 10.0.0.18 poll-interval 5000

На этом основная настройка коммутатора D-Link DES-3528 завершена.

Источник

3.0

Rated 3 out of 5

3 out of 5 stars (based on 1 review)

Your overall rating

D-LINK XSTACK DES-3528 (01) PDF MANUAL

Click here to download D-LINK XSTACK DES-3528 (01) PDF MANUAL

D-LINK XSTACK DES-3528 (01) PDF MANUAL

FREE ENGLISH PDF

OPERATING INSTRUCTIONS

USER GUIDE – USER MANUAL

OWNER GUIDE – OWNER MANUAL

REFERENCE GUIDE – REFERENCE MANUAL

INSTRUCTION GUIDE – INSTRUCTION MANUAL

Your overall rating

Twitter
YouTube
Reddit
Facebook
Instagram
Pinterest

D-LINK XSTACK DES-3528 (01) PDF MANUAL

Источник

Просмотр

Доступно к просмотру 522 страницы. Рекомендуем вам скачать файл инструкции, поскольку онлайн просмотр документа может сильно отличаться от оригинала.

®
CLI Reference Guide
®
Product Model: xStack  DES-3528/DES-3552 Series
Layer 2 Managed Stackable Fast Ethernet Switch
Release 2.60

Table of Contents
INTRODUCTION ......................................................................................................................... 5
USING THE CONSOLE CLI ........................................................................................................ 7
COMMAND SYNTAX ................................................................................................................ 10
BASIC SWITCH COMMANDS .................................................................................................. 12
MODIFY BANNER AND PROMPT COMMANDS ..................................................................... 24
SWITCH PORT COMMANDS ................................................................................................... 27
PORT SECURITY COMMANDS ............................................................................................... 31
STACKING COMMANDS .......................................................................................................... 36
NETWORK MANAGEMENT (SNMP) COMMANDS ................................................................. 40
SWITCH UTILITY COMMANDS ................................................................................................ 57
NETWORK MONITORING COMMANDS .................................................................................. 63
MULTIPLE SPANNING TREE PROTOCOL (MSTP) COMMANDS .......................................... 76
FORWARDING DATABASE COMMANDS ............................................................................... 87
TRAFFIC CONTROL COMMANDS .......................................................................................... 93
QOS COMMANDS .................................................................................................................... 97
PORT MIRRORING COMMANDS ........................................................................................... 107
VLAN COMMANDS ................................................................................................................. 110
VOICE VLAN COMMANDS ..................................................................................................... 124
SUBNET-BASED VLAN COMMANDS ................................................................................... 130
ASYMMETRIC VLAN COMMANDS ........................................................................................ 133
LINK AGGREGATION COMMANDS ...................................................................................... 135
IP–MAC-PORT BINDING (IMPB) COMMANDS ..................................................................... 139
LIMITED IP MULTICAST ADDRESS ...................................................................................... 155
BASIC IP COMMANDS ........................................................................................................... 160
MULTICAST VLAN COMMANDS ........................................................................................... 165
IGMP / MLD SNOOPING COMMANDS .................................................................................. 179
DHCP RELAY COMMANDS ................................................................................................... 208
802.1X COMMANDS (INCLUDING GUEST VLANS) ............................................................. 221
ACCESS CONTROL LIST (ACL) COMMANDS ..................................................................... 238
SAFEGUARD ENGINE COMMANDS ..................................................................................... 258
FILTER COMMANDS (DHCP SERVER / NETBIOS) .............................................................. 260
LAYER 3 CPU FILTER COMMANDS ..................................................................................... 265
LOOP-BACK DETECTION COMMANDS ............................................................................... 267
ii

TRAFFIC SEGMENTATION COMMANDS ............................................................................. 271
SFLOW COMMANDS.............................................................................................................. 273
TIME AND SNTP COMMANDS ............................................................................................... 281
ARP AND GRATUITOUS ARP COMMANDS ......................................................................... 286
ROUTING TABLE COMMANDS ............................................................................................. 292
MAC NOTIFICATION COMMANDS ........................................................................................ 294
ACCESS AUTHENTICATION CONTROL COMMANDS ........................................................ 297
SECURE SHELL (SSH) COMMANDS .................................................................................... 315
SECURE SOCKETS LAYER (SSL) COMMANDS .................................................................. 321
D-LINK SINGLE IP MANAGEMENT COMMANDS ................................................................. 326
JWAC COMMANDS ................................................................................................................ 335
LINK LAYER DISCOVERY PROTOCOL (LLDP) COMMANDS ............................................. 350
Q-IN-Q COMMANDS ............................................................................................................... 363
RSPAN COMMANDS .............................................................................................................. 369
STATIC MAC-BASED VLAN COMMANDS ............................................................................ 373
SIMPLE RED COMMANDS ..................................................................................................... 375
MAC-BASED ACCESS CONTROL COMMANDS LIST ......................................................... 382
WEB-BASED ACCESS CONTROL COMMANDS .................................................................. 392
POWER OVER ETHERNET (POE) COMMANDS ................................................................... 400
PPPOE CIRCUIT ID INSERTION COMMANDS ...................................................................... 404
DNS RELAY COMMANDS ...................................................................................................... 405
POLICY ROUTE COMMANDS ................................................................................................ 407
BPDU ATTACK PROTECTION COMMANDS ........................................................................ 409
ETHERNET OAM COMMANDS .............................................................................................. 413
DHCP SERVER COMMANDS ................................................................................................. 422
CABLE DIAGNOSTICS COMMANDS .................................................................................... 434
CONNECTIVITY FAULT MANAGEMENT COMMANDS ........................................................ 435
COMMAND HISTORY LIST .................................................................................................... 451
ARP SPOOFING PREVENTION COMMANDS ....................................................................... 453
AUTO-CONFIGURATION COMMANDS ................................................................................. 455
COMPOUND AUTHENTICATION COMMANDS .................................................................... 458
DEBUG SOFTWARE COMMANDS ........................................................................................ 464
DHCPV6 CLIENT COMMANDS .............................................................................................. 469
DHCPV6 RELAY COMMANDS ............................................................................................... 471
iii

Источник

Quick Links

User Manual

Related Manuals for D-Link DES-3528

Summary of Contents for D-Link DES-3528

Page 1: User Manual

Page 4: Table Of Contents

Page 11: Preface

Page 12: Intended Readers

Page 13: Safety Instructions

Page 14: General Precautions For Rack-Mountable Products

Page 15: Protecting Against Electrostatic Discharge

Page 16: Introduction

Page 17: Gigabit Ethernet Technology

Page 18: Ports

Page 20: Rear Panel Description

Page 22: Installation

Page 23: Installing The Switch Without The Rack

Page 24: Mounting The Switch In A Standard 19″ Rack

Page 25: Connecting The Switch

Page 27: Connecting To Network Backbone Or Server

Page 28: Introduction To Switch Management

Page 29: Command Line Interface

Page 30: First Time Connecting To The Switch

Page 31: Snmp Settings

Page 32: Ip Address Assignment

Page 34: Web-Based Switch Configuration

Page 35: Web-Based User Interface

Page 36: Web Pages

Page 37: Configuration

Page 38: Device Information

Page 39: Serial Port Settings

Page 42: Port Configuration

Page 44: Port Description

Page 45: Port Error Disabled

Page 46: Static Arp Settings

Page 47: User Accounts

Page 49: System Log Configuration

Page 51: System Severity Settings

Page 52: Dhcp/Bootp Relay

Page 54: Dhcp/Bootp Relay Interface Settings

Page 55: Dhcp Auto Configuration Settings

Page 56: Web Settings

Page 57: Firmware Information

Page 59: Ping Test

Page 60: Sntp Settings

Page 61: Timezone Settings

Page 62: Mac Notification Settings

Page 63: Mac Notification Port Settings

Page 64: Snmp Settings

Page 65: Snmp Global State

Page 66: Snmp Group Table

Page 67: Snmp User Table

Page 68: Snmp Community Table

Page 69: Snmp Host Table

Page 70: Snmp Trap Configuration

Page 71: Single Ip Settings

Page 72: Sim Settings

Page 73: Topology

Page 76: Tool Tips

Page 77: Right-Click

Page 78: Commander Switch Icon

Page 79: Menu Bar

Page 80: Firmware Upgrade

Page 81: Upload Log

Page 82: L2 Features

Page 83: Vlan Description

Page 84: Q Vlan Tags

Page 86: Port Vlan Id

Page 87: Default Vlans

Page 89: Double Vlans

Page 90: 802.1Q Vlan

Page 93: Click Apply To Implement Changes Made.qinq

Page 94: Qinq

Page 95: Vlan Translation Settings

Page 96: 802.1V Protocol Vlan

Page 98: Gvrp Settings

Page 99: Gvrp Timer Settings

Page 100: Mac-Based Vlan Settings

Page 101: Port Trunking

Page 103: Lacp Port Settings