Product Manual
Page 14
D-Link Unified Access System Software User Manual 12/10/09 Section 5: Configuring Quality of Service 325 Configuring Differentiated Services ...326 Defining DiffServ...326 Diffserv Configuration ...326 ... CoS Interface Queue Configuration ...340 Configuring Auto VoIP ...342 Auto VoIP Configuration ...342 Section 6: Configuring Access Control Lists 344 IP Access Control Lists...345 IP ACL Configuration...345 IP ACL Rule Configuration ...346 MAC Access Control Lists ...351 MAC ACL Configuration ...351 MAC ACL Rule Configuration...352 ACL Interface Configuration ...355 Assigning an...
D-Link Unified Access System Software User Manual 12/10/09 Section 5: Configuring Quality of Service 325 Configuring Differentiated Services ...326 Defining DiffServ...326 Diffserv Configuration ...326 ... CoS Interface Queue Configuration ...340 Configuring Auto VoIP ...342 Auto VoIP Configuration ...342 Section 6: Configuring Access Control Lists 344 IP Access Control Lists...345 IP ACL Configuration...345 IP ACL Rule Configuration ...346 MAC Access Control Lists ...351 MAC ACL Configuration ...351 MAC ACL Rule Configuration...352 ACL Interface Configuration ...355 Assigning an...
Product Manual
Page 15
Software User Manual 12/10/09 D-Link Unified Access System Adding a Local User ...370 Configuring Users in the Local Database 371 Configuring Users in a Remote RADIUS Server 372 Interface Association...... Client Statistics...380 Viewing the Client Interface Association Status 381 Viewing the Client CP Association Status 382 SNMP Trap Configuration...382 Port Access Control...383 Global Port Access Control Configuration 384 Port Configuration ...385 Port Access Entity Capability Configuration 386 Supplicant Port Configuration ...387 User Login Configuration ...389 Port Access Privileges...
Software User Manual 12/10/09 D-Link Unified Access System Adding a Local User ...370 Configuring Users in the Local Database 371 Configuring Users in a Remote RADIUS Server 372 Interface Association...... Client Statistics...380 Viewing the Client Interface Association Status 381 Viewing the Client CP Association Status 382 SNMP Trap Configuration...382 Port Access Control...383 Global Port Access Control Configuration 384 Port Configuration ...385 Port Access Entity Capability Configuration 386 Supplicant Port Configuration ...387 User Login Configuration ...389 Port Access Privileges...
Product Manual
Page 19
Software User Manual 12/10/09 D-Link Unified Access System WIDS Client Configuration ...527 Visualizing the Wireless Network ...529 Importing and Configuring a Background Image 530 Setting Up the Graph Components...the Graph ...538 Appendix A: Configuration Examples 539 Configuring VLANs ...539 Configuring Multiple Spanning Tree Protocol 542 Configuring VLAN Routing...545 Configuring 802.1X Network Access Control 548 Configuring a Virtual Access Point ...550 Configuring Differentiated Services for VoIP 554 Appendix B: Limited Warranty (USA Only 557 Product Registration...559 Appendix C: ...
Software User Manual 12/10/09 D-Link Unified Access System WIDS Client Configuration ...527 Visualizing the Wireless Network ...529 Importing and Configuring a Background Image 530 Setting Up the Graph Components...the Graph ...538 Appendix A: Configuration Examples 539 Configuring VLANs ...539 Configuring Multiple Spanning Tree Protocol 542 Configuring VLAN Routing...545 Configuring 802.1X Network Access Control 548 Configuring a Virtual Access Point ...550 Configuring Differentiated Services for VoIP 554 Appendix B: Limited Warranty (USA Only 557 Product Registration...559 Appendix C: ...
Product Manual
Page 28
...: PAE Capability Configuration ...387 Figure 275: Port Access Control Supplicant Port Configuration 387 Figure 276: Port Access Control Login ...389 Figure 277: Port Access Privileges ...390 Figure 278: RADIUS Configuration ...391 Page 28 Document 34CSFP6XXUWS-SWUM100-D7 Client Status ...381 Figure 270: CP - D-Link Unified Access System Software User Manual 12/10/09...
...: PAE Capability Configuration ...387 Figure 275: Port Access Control Supplicant Port Configuration 387 Figure 276: Port Access Control Login ...389 Figure 277: Port Access Privileges ...390 Figure 278: RADIUS Configuration ...391 Page 28 Document 34CSFP6XXUWS-SWUM100-D7 Client Status ...381 Figure 270: CP - D-Link Unified Access System Software User Manual 12/10/09...
Product Manual
Page 39
... Table 241: SNMP Trap Configuration ...383 Table 242: Port Access Control-Port Configuration Fields 384 Table 243: Port Access Control Port Configuration Fields 385 Document 34CSFP6XXUWS-SWUM100-D7 Page 39 Client Status ...382 Table 240: CP - Software User Manual 12/10/09 D-Link Unified Access System Table 209: Policy Configuration Fields ...331 Table...
... Table 241: SNMP Trap Configuration ...383 Table 242: Port Access Control-Port Configuration Fields 384 Table 243: Port Access Control Port Configuration Fields 385 Document 34CSFP6XXUWS-SWUM100-D7 Page 39 Client Status ...382 Table 240: CP - Software User Manual 12/10/09 D-Link Unified Access System Table 209: Policy Configuration Fields ...331 Table...
Product Manual
Page 40
D-Link Unified Access System Software User Manual 12/10/09 Table 244: PAE Capability Configuration...387 Table 245: Dot1x Supplicant Port Configuration 387 Table 246: Port Access Control user Login Configuration Fields 389 Table 247: Port Access Privileges Fields...390 Table 248: RADIUS Configuration Fields ...391 Table 249: RADIUS Server Configuration Fields 393...
D-Link Unified Access System Software User Manual 12/10/09 Table 244: PAE Capability Configuration...387 Table 245: Dot1x Supplicant Port Configuration 387 Table 246: Port Access Control user Login Configuration Fields 389 Table 247: Port Access Privileges Fields...390 Table 248: RADIUS Configuration Fields ...391 Table 249: RADIUS Server Configuration Fields 393...
Product Manual
Page 43
... the Differentiated Services, Class of Service, and Auto VoIP features. • Section 6: "Configuring Access Control Lists" on page 344 describes how to manage the D-Link software ACLs. • Section 7: "Managing Device Security" on page 359 contains information about configuring switch... security information such as captive portal configuration, port access control, TACACS+, and RADIUS server settings. • Section 8:...
... the Differentiated Services, Class of Service, and Auto VoIP features. • Section 6: "Configuring Access Control Lists" on page 344 describes how to manage the D-Link software ACLs. • Section 7: "Managing Device Security" on page 359 contains information about configuring switch... security information such as captive portal configuration, port access control, TACACS+, and RADIUS server settings. • Section 8:...
Product Manual
Page 45
Software User Manual 12/10/09 D-Link Unified Access System Section 1: Getting Started This section ... 232 port. Data bits: 8 - There is no default password to the console (serial) port. Flow control: none 3 Power on the switch. Press ENTER at the password prompt if you did not change the default...network management system. Stop bit: 1 - After a successful login, the screen shows the system prompt(DWS-4026)>. 5 At the (DWS-4026)> prompt, enter enable to (DWS-4026)#. 6 Configure network information. - So you must either connect the switch to a 10.0.0.0 network or ...
Software User Manual 12/10/09 D-Link Unified Access System Section 1: Getting Started This section ... 232 port. Data bits: 8 - There is no default password to the console (serial) port. Flow control: none 3 Power on the switch. Press ENTER at the password prompt if you did not change the default...network management system. Stop bit: 1 - After a successful login, the screen shows the system prompt(DWS-4026)>. 5 At the (DWS-4026)> prompt, enter enable to (DWS-4026)#. 6 Configure network information. - So you must either connect the switch to a 10.0.0.0 network or ...
Product Manual
Page 60
The system parameters are temporarily halted to prevent buffer overflows. IEEE 802.3x flow control works by requesting that the higher speed switch refrains from sending packets. D-Link Unified Access System Software User Manual 12/10/09 Defining System Information 1 Open the System Description page. 2 Define the following fields: System Name, System Contact...
The system parameters are temporarily halted to prevent buffer overflows. IEEE 802.3x flow control works by requesting that the higher speed switch refrains from sending packets. D-Link Unified Access System Software User Manual 12/10/09 Defining System Information 1 Open the System Description page. 2 Define the following fields: System Name, System Contact...
Product Manual
Page 61
...does not block broadcast traffic if traffic exceeds the configured threshold on any Ethernet port. Software User Manual 12/10/09 D-Link Unified Access System Field Broadcast Storm Recovery Mode Broadcast Storm Recovery Level Multicast Storm Recovery Mode Multicast Storm Recovery Level Unicast ...Storm Recovery Mode Unicast Storm Recovery Level IEEE 802.3x Flow Control Mode Table 6: Switch Configuration Fields Description Enable or disable this option by selecting one of the following options on the pulldown...
...does not block broadcast traffic if traffic exceeds the configured threshold on any Ethernet port. Software User Manual 12/10/09 D-Link Unified Access System Field Broadcast Storm Recovery Mode Broadcast Storm Recovery Level Multicast Storm Recovery Mode Multicast Storm Recovery Level Unicast ...Storm Recovery Mode Unicast Storm Recovery Level IEEE 802.3x Flow Control Mode Table 6: Switch Configuration Fields Description Enable or disable this option by selecting one of the following options on the pulldown...
Product Manual
Page 65
...for a terminal or terminal emulator to communicate with the switch, the serial port settings on both devices must perform a save. Whether hardware flow control is always 1. Its is enabled or disabled. To view or configure the serial port settings on a serial port connection before the switch closes the...switch to retain the new values across a power cycle, you change the switch's serial port settings. Software User Manual 12/10/09 D-Link Unified Access System SERIAL PORT The Serial Port Configuration page allows you to change any data, click Submit to apply the changes to the ...
...for a terminal or terminal emulator to communicate with the switch, the serial port settings on both devices must perform a save. Whether hardware flow control is always 1. Its is enabled or disabled. To view or configure the serial port settings on a serial port connection before the switch closes the...switch to retain the new values across a power cycle, you change the switch's serial port settings. Software User Manual 12/10/09 D-Link Unified Access System SERIAL PORT The Serial Port Configuration page allows you to change any data, click Submit to apply the changes to the ...
Product Manual
Page 67
.... Management VLAN ID Specifies the management VLAN ID of the network interface. The factory default is 0.0.0.0. Software User Manual 12/10/09 D-Link Unified Access System Table 10: Network Connectivity Fields Field Description Protocol Selects the IP protocol version you must also set to a 1 and... is None. The default gateway for other than zero. The factory default is disabled, you must manage the switch by a blank area. Controls whether to a 0; This field is used for management of using the navigation tree at the top right of the screen. • Disable...
.... Management VLAN ID Specifies the management VLAN ID of the network interface. The factory default is 0.0.0.0. Software User Manual 12/10/09 D-Link Unified Access System Table 10: Network Connectivity Fields Field Description Protocol Selects the IP protocol version you must also set to a 1 and... is None. The default gateway for other than zero. The factory default is disabled, you must manage the switch by a blank area. Controls whether to a 0; This field is used for management of using the navigation tree at the top right of the screen. • Disable...
Product Manual
Page 74
...4 Click Submit to apply the changes to create the name and display the Method fields for system login or IEEE 802.1X port access control. Page 74 Authentication List Configuration Document 34CSFP6XXUWS-SWUM100-D7 You are now ready to 12 characters. The delete will fail if the selected login ...list is set as the initial authentication method. D-Link Unified Access System Software User Manual 12/10/09 Creating an Authentication List To create a new authentication list, use the following procedures. 1 ...
...4 Click Submit to apply the changes to create the name and display the Method fields for system login or IEEE 802.1X port access control. Page 74 Authentication List Configuration Document 34CSFP6XXUWS-SWUM100-D7 You are now ready to 12 characters. The delete will fail if the selected login ...list is set as the initial authentication method. D-Link Unified Access System Software User Manual 12/10/09 Creating an Authentication List To create a new authentication list, use the following procedures. 1 ...
Product Manual
Page 75
...for the list. Shows the order of the authentication login list summarized in the navigation tree. Shows the port access control users assigned to a specific authentication list, see "Port Access Control" on page 77. To configure the 802.1X port security users, see "User Login" on page 383. Figure... Refresh to update the information on the system and which users are associated with each list. Software User Manual 12/10/09 D-Link Unified Access System AUTHENTICATION LIST SUMMARY Use the Authentication List Summary page to view information about 802.1X port security users.
...for the list. Shows the order of the authentication login list summarized in the navigation tree. Shows the port access control users assigned to a specific authentication list, see "Port Access Control" on page 77. To configure the 802.1X port security users, see "User Login" on page 383. Figure... Refresh to update the information on the system and which users are associated with each list. Software User Manual 12/10/09 D-Link Unified Access System AUTHENTICATION LIST SUMMARY Use the Authentication List Summary page to view information about 802.1X port security users.
Product Manual
Page 78
...and FIN set to monitor and block these types of ICMP Ping packets. Page 78 Denial of Service Protection in the navigation menu. D-Link software provides support for classifying and blocking specific types of Service (DoS) page to drop ICMP packets that have a TCP header smaller ... line on the pulldown entry field. Specify the Min TCP Hdr Size allowed. Enabling ICMP DoS prevention causes the switch to configure DoS control. If First Fragment DoS prevention is disabled. The factory default is disabled. The factory default is disabled. The factory default is enabled,...
...and FIN set to monitor and block these types of ICMP Ping packets. Page 78 Denial of Service Protection in the navigation menu. D-Link software provides support for classifying and blocking specific types of Service (DoS) page to drop ICMP packets that have a TCP header smaller ... line on the pulldown entry field. Specify the Min TCP Hdr Size allowed. Enabling ICMP DoS prevention causes the switch to configure DoS control. If First Fragment DoS prevention is disabled. The factory default is disabled. The factory default is disabled. The factory default is enabled,...
Product Manual
Page 79
.... This is done for analysis by selecting the corresponding line on the pulldown entry field. This means that have a size greater than 1024 or TCP control flags set to 0 and TCP sequence number set to 0 or TCP flags FIN, URG, and PSH set and TCP sequence number set to 0 or both... this option by selecting the corresponding line on the wire. Enable or disable this configured Max ICMP Pkt Size. Software User Manual 12/10/09 D-Link Unified Access System Table 19: Denial of Service Configuration Fields (Cont.) Field Denial of Service Max ICMP Size Denial of Service L4 Port Denial of...
.... This is done for analysis by selecting the corresponding line on the pulldown entry field. This means that have a size greater than 1024 or TCP control flags set to 0 and TCP sequence number set to 0 or TCP flags FIN, URG, and PSH set and TCP sequence number set to 0 or both... this option by selecting the corresponding line on the wire. Enable or disable this configured Max ICMP Pkt Size. Software User Manual 12/10/09 D-Link Unified Access System Table 19: Denial of Service Configuration Fields (Cont.) Field Denial of Service Max ICMP Size Denial of Service L4 Port Denial of...
Product Manual
Page 86
.... The commands appear in thread id 2110. CONSOLE LOG CONFIGURATION Use the Console Log Configuration page to control logging to any serial device attached to log all CLI commands issued on the Buffered Log page. D-Link Unified Access System Software User Manual 12/10/09 This log message has a severity level of...
.... The commands appear in thread id 2110. CONSOLE LOG CONFIGURATION Use the Console Log Configuration page to control logging to any serial device attached to log all CLI commands issued on the Buffered Log page. D-Link Unified Access System Software User Manual 12/10/09 This log message has a severity level of...
Product Manual
Page 93
Software User Manual 12/10/09 D-Link Unified Access System TELNET SESSIONS Telnet is applied to all... Telnet Server Admin Mode Table 30: Telnet Session Configuration Fields Description Specify how many simultaneous telnet sessions to control inbound telnet settings on page 94. The maximum is logged off. To display the Telnet Session Configuration page...you want the switch to allow a user on a telnet session before the session is 5, which are not disconnected. Controls whether to retain the new values across a power cycle, you change the timeout value, the new value is a...
Software User Manual 12/10/09 D-Link Unified Access System TELNET SESSIONS Telnet is applied to all... Telnet Server Admin Mode Table 30: Telnet Session Configuration Fields Description Specify how many simultaneous telnet sessions to control inbound telnet settings on page 94. The maximum is logged off. To display the Telnet Session Configuration page...you want the switch to allow a user on a telnet session before the session is 5, which are not disconnected. Controls whether to retain the new values across a power cycle, you change the timeout value, the new value is a...
Product Manual
Page 94
D-Link Unified Access System Software User Manual 12/10/09 OUTBOUND TELNET CLIENT CONFIGURATION The outbound telnet feature is not available on all platforms. Use the outbound telnet client settings to control the telnet sessions that originate from the switch. Figure 41: Outbound Telnet Field Admin Mode Maximum Sessions Session Timeout Table 31...
D-Link Unified Access System Software User Manual 12/10/09 OUTBOUND TELNET CLIENT CONFIGURATION The outbound telnet feature is not available on all platforms. Use the outbound telnet client settings to control the telnet sessions that originate from the switch. Figure 41: Outbound Telnet Field Admin Mode Maximum Sessions Session Timeout Table 31...
Product Manual
Page 110
...Protocol for this port. • Disable: Disables the Spanning Tree Protocol for this option by selecting one of a portchannel, which storm control activates. For more information about port monitoring and probe ports, see "Multiple Port Mirroring" on page 115. • Port Channel: Indicates... The value is 5 percent of port speed and ranges from 0-100. Selects the Link Aggregation Control Protocol administration state: • Enable: Specifies that the port is allowed to select the port control administration state, which is the default mode. • Disable: Specifies that the port...
...Protocol for this port. • Disable: Disables the Spanning Tree Protocol for this option by selecting one of a portchannel, which storm control activates. For more information about port monitoring and probe ports, see "Multiple Port Mirroring" on page 115. • Port Channel: Indicates... The value is 5 percent of port speed and ranges from 0-100. Selects the Link Aggregation Control Protocol administration state: • Enable: Specifies that the port is allowed to select the port control administration state, which is the default mode. • Disable: Specifies that the port...