Product Manual
Page 2
......4 Text and Syntax Conventions...5 Installation...6 Serial Console Cable...6 10/100 Ethernet Cable Wiring...6 Installation Hardware and Tools...7 Getting Started...8 Using the Command-Line Interface 9 CLI Conventions...9 Command Prompts...9 Syntax Notation...10 Text Entry Conventions and Allowed Characters 10 MAC Address Notation...11 IP Address and Mask Notation 11 Globs...12 User Globs...12 MAC Address Globs...13 VLAN Globs...13 Matching Order for Globs 13 Port Lists...14 Command-Line Editing...15 Keyboard Shortcuts...15...
......4 Text and Syntax Conventions...5 Installation...6 Serial Console Cable...6 10/100 Ethernet Cable Wiring...6 Installation Hardware and Tools...7 Getting Started...8 Using the Command-Line Interface 9 CLI Conventions...9 Command Prompts...9 Syntax Notation...10 Text Entry Conventions and Allowed Characters 10 MAC Address Notation...11 IP Address and Mask Notation 11 Globs...12 User Globs...12 MAC Address Globs...13 VLAN Globs...13 Matching Order for Globs 13 Port Lists...14 Command-Line Editing...15 Keyboard Shortcuts...15...
Product Manual
Page 3
...40 Configuring a Port Name...40 Setting a Port Name...40 Removing a Port Name...40 Configuring Port Operating Parameters 41 Autonegotiation and Port Speed 41 Disabling or Reenabling a Port 41 Disabling or Reenabling Power over Ethernet 42 Resetting a Port...42 Displaying Port Information 42 Displaying Port Configuration and Status 42 Displaying PoE State...43 Displaying Port Statistics 43 Clearing Statistics Counters 44 Monitoring Port Statistics 44 Configuring Load-Sharing Port Groups 45 Load Sharing...45 Link Redundancy...45 Configuring a Port Group 46 D-Link DWS-1008 User Manual...
...40 Configuring a Port Name...40 Setting a Port Name...40 Removing a Port Name...40 Configuring Port Operating Parameters 41 Autonegotiation and Port Speed 41 Disabling or Reenabling a Port 41 Disabling or Reenabling Power over Ethernet 42 Resetting a Port...42 Displaying Port Information 42 Displaying Port Configuration and Status 42 Displaying PoE State...43 Displaying Port Statistics 43 Clearing Statistics Counters 44 Monitoring Port Statistics 44 Configuring Load-Sharing Port Groups 45 Load Sharing...45 Link Redundancy...45 Configuring a Port Group 46 D-Link DWS-1008 User Manual...
Product Manual
Page 7
... a Switch 133 Finding the Fingerprint 133 Verifying a Fingerprint on the Switch 134 Fingerprint Log Message 135 Configuring a Service Profile 135 Creating a Service Profile 135 Removing a Service Profile 136 Changing a Service Profile Setting 136 Disabling or Reenabling Encryption for an SSID 136 Disabling or Reenabling Beaconing of an SSID 137 Changing the Fallthru Authentication Type 137 Changing Transmit Rates 137 Disabling Idle-Client Probing 139 Changing the User Idle Timeout 139 D-Link DWS-1008 User Manual vi
... a Switch 133 Finding the Fingerprint 133 Verifying a Fingerprint on the Switch 134 Fingerprint Log Message 135 Configuring a Service Profile 135 Creating a Service Profile 135 Removing a Service Profile 136 Changing a Service Profile Setting 136 Disabling or Reenabling Encryption for an SSID 136 Disabling or Reenabling Beaconing of an SSID 137 Changing the Fallthru Authentication Type 137 Changing Transmit Rates 137 Disabling Idle-Client Probing 139 Changing the User Idle Timeout 139 D-Link DWS-1008 User Manual vi
Product Manual
Page 18
... Restore Examples 412 Upgrading the System Image...413 Preparing the Switch for the Upgrade 413 Upgrading an Individual Switch Using the CLI 413 Troubleshooting...415 Fixing Common Setup Problems 415 Recovering the System When the Enable Password is Lost 416 Configuring and Managing the System Log 417 Log Message Components 417 Logging Destinations and Levels 417 Using Log Commands...419 Logging to the Log Buffer 419 Logging to the Console 421 Logging Messages to a Syslog Server 421 Setting Telnet Session Defaults 422 Changing...
... Restore Examples 412 Upgrading the System Image...413 Preparing the Switch for the Upgrade 413 Upgrading an Individual Switch Using the CLI 413 Troubleshooting...415 Fixing Common Setup Problems 415 Recovering the System When the Enable Password is Lost 416 Configuring and Managing the System Log 417 Log Message Components 417 Logging Destinations and Levels 417 Using Log Commands...419 Logging to the Log Buffer 419 Logging to the Console 421 Logging Messages to a Syslog Server 421 Setting Telnet Session Defaults 422 Changing...
Product Manual
Page 19
... show tech-support Command 440 Core Files...440 Debug Messages...441 Enabling and Logging Into Web View 442 System Requirements...442 Browser Requirements...442 Switch Requirements...442 Logging Into Web View...443 Supported RADIUS Attributes...444 Supported Standard and Extended Attributes 444 Traffic Ports Used by MSS...448 DHCP Server...449 How the MSS DHCP Server Works 450 Configuring the DHCP Server 451 Displaying DHCP Server Information 452 Glossary...453 Technical Specifications...475 Warranty...478 Registration...483 D-Link DWS-1008 User Manual xviii
... show tech-support Command 440 Core Files...440 Debug Messages...441 Enabling and Logging Into Web View 442 System Requirements...442 Browser Requirements...442 Switch Requirements...442 Logging Into Web View...443 Supported RADIUS Attributes...444 Supported Standard and Extended Attributes 444 Traffic Ports Used by MSS...448 DHCP Server...449 How the MSS DHCP Server Works 450 Configuring the DHCP Server 451 Displaying DHCP Server Information 452 Glossary...453 Technical Specifications...475 Warranty...478 Registration...483 D-Link DWS-1008 User Manual xviii
Product Manual
Page 27
... defaults. You configure the DWS-1008 switch and DWL-8220AP access points primarily with another set , clear, and show commands to configure and manage the switch and its attached access points. The switch supports two connection modes: • Administrative access mode, which enables the network administrator to connect to the switch and configure the network. • Network access mode, which enables network users to change parameters. Getting Started Please read the following components: • DWS-1008 switch - Use set commands to connect through a command-line interface...
... defaults. You configure the DWS-1008 switch and DWL-8220AP access points primarily with another set , clear, and show commands to configure and manage the switch and its attached access points. The switch supports two connection modes: • Administrative access mode, which enables the network administrator to connect to the switch and configure the network. • Network access mode, which enables network users to change parameters. Getting Started Please read the following components: • DWS-1008 switch - Use set commands to connect through a command-line interface...
Product Manual
Page 30
..., but colons are valid ACL masks. D-Link DWS-1008 User Manual 11 Wildcard Masks Security access control lists (ACLs) use the single-asterisk (*) wildcard character to represent an entire MAC address or from the first bit. For example, the address 10.0.0.0 and mask 0.255.255.255 match all leading zeros. • In some specified commands, you can use source and destination IP addresses and wildcard masks to 1s...
..., but colons are valid ACL masks. D-Link DWS-1008 User Manual 11 Wildcard Masks Security access control lists (ACLs) use the single-asterisk (*) wildcard character to represent an entire MAC address or from the first bit. For example, the address 10.0.0.0 and mask 0.255.255.255 match all leading zeros. • In some specified commands, you can use source and destination IP addresses and wildcard masks to 1s...
Product Manual
Page 38
... username and password • Management IP address and default router (gateway) • Time and date (statically configured or provided by an NTP server) • Management access - You also can individually select Telnet, SSH, and Web View. You can connect directly to configure one secure SSID and one clear SSID. Web Quick Start Parameters The Web Quick Start enables you to the switch • Category 5 (Cat 5) or higher Ethernet cable If the PC is different from the network. To access the Web Quick Start...
... username and password • Management IP address and default router (gateway) • Time and date (statically configured or provided by an NTP server) • Management access - You also can individually select Telnet, SSH, and Web View. You can connect directly to configure one secure SSID and one clear SSID. Web Quick Start Parameters The Web Quick Start enables you to the switch • Category 5 (Cat 5) or higher Ethernet cable If the PC is different from the network. To access the Web Quick Start...
Product Manual
Page 52
.... D-Link DWS-1008 User Manual 33 If the switch is rebooted before you enter the administrator's AAA configuration, type the following commands in nonvolatile memory: DWS-1008# save config success: configuration saved. Saving the Configuration You must save the configuration for all commands that you enter and want to use for example, configday. You can also type the load config command, which reloads the switch to the last saved configuration or loads a particular configuration filename. In this order: DWS-1008# set user natasha password m@Jor User...
.... D-Link DWS-1008 User Manual 33 If the switch is rebooted before you enter the administrator's AAA configuration, type the following commands in nonvolatile memory: DWS-1008# save config success: configuration saved. Saving the Configuration You must save the configuration for all commands that you enter and want to use for example, configday. You can also type the load config command, which reloads the switch to the last saved configuration or loads a particular configuration filename. In this order: DWS-1008# set user natasha password m@Jor User...
Product Manual
Page 57
... user, use the following command: DWS-1008# set port type wired-auth 2 success: change accepted This command configures port 2 as a wired authentication port supporting one interface and one user session can be active on the port, and change the fallthru authentication type. By default, one simultaneous user session. The table below lists the ranges of the AP. D-Link DWS-1008 User Manual 38 Optionally, you also can specify a tag-list to subdivide the port into virtual ports, set the maximum number of valid connection...
... user, use the following command: DWS-1008# set port type wired-auth 2 success: change accepted This command configures port 2 as a wired authentication port supporting one interface and one user session can be active on the port, and change the fallthru authentication type. By default, one simultaneous user session. The table below lists the ranges of the AP. D-Link DWS-1008 User Manual 38 Optionally, you also can specify a tag-list to subdivide the port into virtual ports, set the maximum number of valid connection...
Product Manual
Page 67
.... D-Link DWS-1008 User Manual 48 Users who require authentication connect through authentication and authorization mechanisms such as SNMP traps and RADIUS accounting messages. Only network ports can be preconfigured to a VLAN, configure the RADIUS Tunnel-Private-Group-ID attribute or the VLAN-Name vendor specific attribute (VSA) for access points or wired authentication access. You must have its own IP address. Configuring and Managing VLANs Note: The CLI commands in this chapter configure VLANs on a switch...
.... D-Link DWS-1008 User Manual 48 Users who require authentication connect through authentication and authorization mechanisms such as SNMP traps and RADIUS accounting messages. Only network ports can be preconfigured to a VLAN, configure the RADIUS Tunnel-Private-Group-ID attribute or the VLAN-Name vendor specific attribute (VSA) for access points or wired authentication access. You must have its own IP address. Configuring and Managing VLANs Note: The CLI commands in this chapter configure VLANs on a switch...
Product Manual
Page 74
...] D-Link DWS-1008 User Manual 55 You can enter the asterisk (*) at the beginning or end of MAC addresses that the forwarding database contains, type the following command: DWS-1008# show fdb count dynamic Total Matching Entries = 2 Displaying Forwarding Database Entries To display the entries in the forwarding database, type the following commands: show fdb [mac-addr-glob [vlan vlan-id]] show fdb {perm | static | dynamic | system | all} [port port-list | vlan vlan-id] The mac...
...] D-Link DWS-1008 User Manual 55 You can enter the asterisk (*) at the beginning or end of MAC addresses that the forwarding database contains, type the following command: DWS-1008# show fdb count dynamic Total Matching Entries = 2 Displaying Forwarding Database Entries To display the entries in the forwarding database, type the following commands: show fdb [mac-addr-glob [vlan vlan-id]] show fdb {perm | static | dynamic | system | all} [port port-list | vlan vlan-id] The mac...
Product Manual
Page 92
... connections, use the same username and password for SSH or create a new one. To open a new management session, you must supply a valid username and password. To add a username and password to the local database, use the following command: set ip telnet port-num Caution: If you also can use the following command: clear ip telnet D-Link DWS-1008 User Manual 73 Displaying Telnet Status To display the status of the Telnet server, use a RADIUS server to the switch with Telnet, a user must Telnet to authenticate the user. Resetting the Telnet Service Port Number to Its Default...
... connections, use the same username and password for SSH or create a new one. To open a new management session, you must supply a valid username and password. To add a username and password to the local database, use the following command: set ip telnet port-num Caution: If you also can use the following command: clear ip telnet D-Link DWS-1008 User Manual 73 Displaying Telnet Status To display the status of the Telnet server, use a RADIUS server to the switch with Telnet, a user must Telnet to authenticate the user. Resetting the Telnet Service Port Number to Its Default...
Product Manual
Page 146
...manage using the DWS-1008 switch is removed from all VLANs. Port Parameter VLAN membership Spanning Tree Protocol (STP) 802.1X Port groups IGMP snooping Maximum user sessions Setting Port is indirectly connected to a VLAN. If you set a port's type to the device can result. D-Link DWS-1008 User Manual 127 The table below lists the default settings that MSS applies when you enable PoE on a port connected to another device, physical damage to AP. Use the DWS-1008 switch's PoE to VLANs based on user traffic. MSS automatically assigns AP access ports to power D-Link...
...manage using the DWS-1008 switch is removed from all VLANs. Port Parameter VLAN membership Spanning Tree Protocol (STP) 802.1X Port groups IGMP snooping Maximum user sessions Setting Port is indirectly connected to a VLAN. If you set a port's type to the device can result. D-Link DWS-1008 User Manual 127 The table below lists the default settings that MSS applies when you enable PoE on a port connected to another device, physical damage to AP. Use the DWS-1008 switch's PoE to VLANs based on user traffic. MSS automatically assigns AP access ports to power D-Link...
Product Manual
Page 150
.... D-Link DWS-1008 User Manual 131 The AP stores copies of the AP boot process, an operational image is running MSS Version 5.0 or later. The AP loads its local image only if the switch is restarted. To disable or reenable automatic firmware upgrades, use the following command: set {ap port-list | dap dap-num} upgrade-firmware {enable | disable} Forcing an AP To Download its Operational Image from the switch instead, use the following command: set...
.... D-Link DWS-1008 User Manual 131 The AP stores copies of the AP boot process, an operational image is running MSS Version 5.0 or later. The AP loads its local image only if the switch is restarted. To disable or reenable automatic firmware upgrades, use the following command: set {ap port-list | dap dap-num} upgrade-firmware {enable | disable} Forcing an AP To Download its Operational Image from the switch instead, use the following command: set...
Product Manual
Page 217
...: none Active-Scan: yes RFID enabled: no WMM Powersave: no QoS Mode: wmm Service profiles: sp1 In this example, the QoS mode is WMM and U-APSD support (WMM powersave) is disabled. D-Link DWS-1008 User Manual 198 Displaying QoS Information You can display the following types of information for QoS: • Radio profile QoS settings: QoS mode, U-APSD support • Service profile QoS settings: CAC, static CoS, and broadcast control settings • Broadcast control settings • Default CoS mappings • Individual...
...: none Active-Scan: yes RFID enabled: no WMM Powersave: no QoS Mode: wmm Service profiles: sp1 In this example, the QoS mode is WMM and U-APSD support (WMM powersave) is disabled. D-Link DWS-1008 User Manual 198 Displaying QoS Information You can display the following types of information for QoS: • Radio profile QoS settings: QoS mode, U-APSD support • Service profile QoS settings: CAC, static CoS, and broadcast control settings • Broadcast control settings • Default CoS mappings • Individual...
Product Manual
Page 294
... RADIUS server, MSS checks for a password. For example, you can provide further access controls by the authentication rule or in the local database, no password is configurable. (The same password applies to MAC users.) Last-resort access to an SSID does not require a special user (such as last-resort-ssid) to be successfully authenticated for the authorization attributes assigned to the user. D-Link DWS-1008 User Manual 275 If the MAC address...
... RADIUS server, MSS checks for a password. For example, you can provide further access controls by the authentication rule or in the local database, no password is configurable. (The same password applies to MAC users.) Last-resort access to an SSID does not require a special user (such as last-resort-ssid) to be successfully authenticated for the authorization attributes assigned to the user. D-Link DWS-1008 User Manual 275 If the MAC address...
Product Manual
Page 320
... following commands: set service-profile name ssid-name ssid-name set service-profile name ssid-type clear set service-profile name auth-fallthru web-portal set radio-profile name service-profile name set {ap port-list | dap dap-num} radio {1 | 2} radio-profile name mode enable Use the first two commands to directly access the temporary SSID. Copying and Modifying the Web Login Page To copy and modify the D-Link Web login page: 1. From your network. The switch...
... following commands: set service-profile name ssid-name ssid-name set service-profile name ssid-type clear set service-profile name auth-fallthru web-portal set radio-profile name service-profile name set {ap port-list | dap dap-num} radio {1 | 2} radio-profile name mode enable Use the first two commands to directly access the temporary SSID. Copying and Modifying the Web Login Page To copy and modify the D-Link Web login page: 1. From your network. The switch...
Product Manual
Page 337
... through the 802.1X authentication and authorization process. You can be connected. Assigning a Security ACL to users and user groups through SSID defaults by the RADIUS server or the local database takes precedence over both as an SSID default attribute and through the authentication and authorization process does not match the name of two attributes set: service-type and vlan-name. D-Link DWS-1008 User Manual 318
... through the 802.1X authentication and authorization process. You can be connected. Assigning a Security ACL to users and user groups through SSID defaults by the RADIUS server or the local database takes precedence over both as an SSID default attribute and through the authentication and authorization process does not match the name of two attributes set: service-type and vlan-name. D-Link DWS-1008 User Manual 318
Product Manual
Page 434
... "Statically Configuring the System Time and Date".) 3. the switch. 2. system image file. The show tech-support command combines a number of show system command to configure the correct country code. (See "Specifying the Country of a DWS-1008 switch. DWS-1008 switch does not accept The country code might be set the time zone in troubleshooting. Type the save config command to "recover" the system password, you must delete the existing switch configuration. However, to save the changes. System logs provide a history of your switch configuration...
... "Statically Configuring the System Time and Date".) 3. the switch. 2. system image file. The show tech-support command combines a number of show system command to configure the correct country code. (See "Specifying the Country of a DWS-1008 switch. DWS-1008 switch does not accept The country code might be set the time zone in troubleshooting. Type the save config command to "recover" the system password, you must delete the existing switch configuration. However, to save the changes. System logs provide a history of your switch configuration...