Product Manual
Page 3
DGS-3024 Gigabit Ethernet Switch Manual Table of Contents Preface ...ix Intended Readers...x Notes, Notices, and Cautions ...x Safety Instructions ...xi Introduction...1 Features...1 Ports ...1 Performance Features...1 Management...1 Unpacking and ... Switch to Hub or Switch...10 Switch to Core Router Switch ...10 Introduction to Switch Management ...11 Management Options ...11 Web-based Management Interface ...11 SNMP-Based Management...11 Command Line Console Interface Through the Serial Port...11 Connecting the Console Port (RS-232 DCE)...11 First Time Connecting to The Switch ...13 Password ...
DGS-3024 Gigabit Ethernet Switch Manual Table of Contents Preface ...ix Intended Readers...x Notes, Notices, and Cautions ...x Safety Instructions ...xi Introduction...1 Features...1 Ports ...1 Performance Features...1 Management...1 Unpacking and ... Switch to Hub or Switch...10 Switch to Core Router Switch ...10 Introduction to Switch Management ...11 Management Options ...11 Web-based Management Interface ...11 SNMP-Based Management...11 Command Line Console Interface Through the Serial Port...11 Connecting the Console Port (RS-232 DCE)...11 First Time Connecting to The Switch ...13 Password ...
Product Manual
Page 6
DGS-3024 Gigabit Ethernet Switch Manual Security ...87 Trusted Host...87 Secure Socket Layer (SSL)...88 Download Certificate...88 Configuration...89 Secure Shell (SSH) ...91 SSH Configuration...92 SSH Algorithm ...... Parameters...97 Application Authentication Settings ...97 Authentication Server Group ...98 Authentication Server Host...100 Login Method Lists...101 Enable Method Lists ...103 Configure Local Enable Password...104 Enable Admin ...105 Management...106 User Accounts...106 Admin and User Privileges ...107 SNMP Manager ...109 SNMP User Table...109 SNMP View Table...111...
DGS-3024 Gigabit Ethernet Switch Manual Security ...87 Trusted Host...87 Secure Socket Layer (SSL)...88 Download Certificate...88 Configuration...89 Secure Shell (SSH) ...91 SSH Configuration...92 SSH Algorithm ...... Parameters...97 Application Authentication Settings ...97 Authentication Server Group ...98 Authentication Server Host...100 Login Method Lists...101 Enable Method Lists ...103 Configure Local Enable Password...104 Enable Admin ...105 Management...106 User Accounts...106 Admin and User Privileges ...107 SNMP Manager ...109 SNMP User Table...109 SNMP View Table...111...
Product Manual
Page 9
...Lists definitions for terms and acronyms used in this document. Helps you can connect the Switch to the Switch. Introduces basic Switch management features, including password protection, SNMP settings, IP address assignment, and connecting devices to your Ethernet/Fast ...Switch. Preface DGS-3024 Gigabit Ethernet Switch Manual The DGS-3024 Manual is divided into chapters that describe the system installation and operating instructions with the basic installation of the Switch.. Section 1, "Introduction" - Section 6, "Web-based Network Management" - Information on Switch...
...Lists definitions for terms and acronyms used in this document. Helps you can connect the Switch to the Switch. Introduces basic Switch management features, including password protection, SNMP settings, IP address assignment, and connecting devices to your Ethernet/Fast ...Switch. Preface DGS-3024 Gigabit Ethernet Switch Manual The DGS-3024 Manual is divided into chapters that describe the system installation and operating instructions with the basic installation of the Switch.. Section 1, "Introduction" - Section 6, "Web-based Network Management" - Information on Switch...
Product Manual
Page 16
DGS-3024 Gigabit Ethernet Switch Manual • Built-in SNMP management: Bridge MIB (RFC 1493) MIB-II (RFC 1213) 802.1P/Q MIB (RFC 2674) Ethernet-like MIB (RFC 1643) Private .... • Password enabled. • Telnet remote control console. • Broadcast storm control. • Multicast storm control. • Command Line Interface support. • Syslog support. • SNTP support. • SNMP Trap on MAC Notification support. • Jumbo frame support. • SSH support. • SSL support. • TACACS+/RADIUS support. 2 However, the DGS-3024 provides...
DGS-3024 Gigabit Ethernet Switch Manual • Built-in SNMP management: Bridge MIB (RFC 1493) MIB-II (RFC 1213) 802.1P/Q MIB (RFC 2674) Ethernet-like MIB (RFC 1643) Private .... • Password enabled. • Telnet remote control console. • Broadcast storm control. • Multicast storm control. • Command Line Interface support. • Syslog support. • SNTP support. • SNMP Trap on MAC Notification support. • Jumbo frame support. • SSH support. • SSL support. • TACACS+/RADIUS support. 2 However, the DGS-3024 provides...
Product Manual
Page 26
... or PC you are having problems making this connection on a PC, make this connection is no default user name and password for more information on Windows 2000 service packs. 9. DGS-3024 Gigabit Ethernet Switch Manual NOTE: When you use arrow keys in HyperTerminal's VT100 emulation. If you will enter commands to match these settings...
... or PC you are having problems making this connection on a PC, make this connection is no default user name and password for more information on Windows 2000 service packs. 9. DGS-3024 Gigabit Ethernet Switch Manual NOTE: When you use arrow keys in HyperTerminal's VT100 emulation. If you will enter commands to match these settings...
Product Manual
Page 27
...one Admin-level user account for the Switch. 13 Leave the Username and Password fields blank. therefore, "S" is no initial username or password. NOTE: Press Ctrl+R to the command prompt DGS-3024:4# shown below ). You will be used to log onto the Switch. Command Prompt NOTE: The first ... time to force the console program in both the Username and Password fields. This command can allow you to refresh the console screen. DGS-3024 Gigabit Ethernet Switch Manual First Time Connecting to The Switch The Switch supports user-based security that can be presented with the first login...
...one Admin-level user account for the Switch. 13 Leave the Username and Password fields blank. therefore, "S" is no initial username or password. NOTE: Press Ctrl+R to the command prompt DGS-3024:4# shown below ). You will be used to log onto the Switch. Command Prompt NOTE: The first ... time to force the console program in both the Username and Password fields. This command can allow you to refresh the console screen. DGS-3024 Gigabit Ethernet Switch Manual First Time Connecting to The Switch The Switch supports user-based security that can be presented with the first login...
Product Manual
Page 28
DGS-3024 Gigabit Ethernet Switch Manual Password Protection The DGS-3024 does not have privileged access to the Switch's management software. After your configuration changes in length. DGS-3024:4#create account admin newmanager Command: create account admin newmanager Enter a case-sensitive new password:******** Enter the new password again for the administrator account being created and press the Enter key. • You will...
DGS-3024 Gigabit Ethernet Switch Manual Password Protection The DGS-3024 does not have privileged access to the Switch's management software. After your configuration changes in length. DGS-3024:4#create account admin newmanager Command: create account admin newmanager Enter a case-sensitive new password:******** Enter the new password again for the administrator account being created and press the Enter key. • You will...
Product Manual
Page 29
...recipient (or network manager). The Switch allows groups of users to the standard MIB-II, the Switch also supports its own proprietary enterprise MIB as a reboot (someone accidentally turned OFF the Switch), or less serious like passwords. The Switch generates traps and sends them ...users and their attributes that are allowed to access this information over the network. The Switch uses the standard MIB-II Management Information Base module. SNMP Settings DGS-3024 Gigabit Ethernet Switch Manual Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) ...
...recipient (or network manager). The Switch allows groups of users to the standard MIB-II, the Switch also supports its own proprietary enterprise MIB as a reboot (someone accidentally turned OFF the Switch), or less serious like passwords. The Switch generates traps and sends them ...users and their attributes that are allowed to access this information over the network. The Switch uses the standard MIB-II Management Information Base module. SNMP Settings DGS-3024 Gigabit Ethernet Switch Manual Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) ...
Product Manual
Page 32
... the Console program (and Telnet) are the same as seen below. Enter Network Password dialog box 18 DGS-3024 Gigabit Ethernet Switch Manual 6 WEB-BASED NETWORK MANAGEMENT Introduction The DGS-3024 offers an embedded Web-based (HTML) interface allowing users to manage the Switch from anywhere on the network through a standard browser, such as a universal access tool...
... the Console program (and Telnet) are the same as seen below. Enter Network Password dialog box 18 DGS-3024 Gigabit Ethernet Switch Manual 6 WEB-BASED NETWORK MANAGEMENT Introduction The DGS-3024 offers an embedded Web-based (HTML) interface allowing users to manage the Switch from anywhere on the network through a standard browser, such as a universal access tool...
Product Manual
Page 33
...into three distinct areas as described in the User Account Management window (Management → User Accounts) before connecting the Switch to the Switch configuration during the current session must be displayed. This will open the Web-based user interface. The folder icons can ... access to various Switch configuration and management windows, allows you to view performance statistics, and permits you to display the hyperlinked menu buttons and subfolders contained within them. DGS-3024 Gigabit Ethernet Switch Manual Leave both the User Name field and the Password field blank and ...
...into three distinct areas as described in the User Account Management window (Management → User Accounts) before connecting the Switch to the Switch configuration during the current session must be displayed. This will open the Web-based user interface. The folder icons can ... access to various Switch configuration and management windows, allows you to view performance statistics, and permits you to display the hyperlinked menu buttons and subfolders contained within them. DGS-3024 Gigabit Ethernet Switch Manual Leave both the User Name field and the Password field blank and ...
Product Manual
Page 91
..."locked" until the point when a Client with the correct username and password is compliant with the 802.1x protocol. This method requires only one user to the LAN or Switch services. DGS-3024 Gigabit Ethernet Switch Manual Figure 7- 55. The implementation of authorizing and authenticating users attempting ....1x protocol provides a stable and secure way of 802.1x allows network administrators to attain 802.1x client software from the Switch. Only EAPOL traffic is allowed to pass through the specified port before a successful authentication is allowed to pass through the port...
..."locked" until the point when a Client with the correct username and password is compliant with the 802.1x protocol. This method requires only one user to the LAN or Switch services. DGS-3024 Gigabit Ethernet Switch Manual Figure 7- 55. The implementation of authorizing and authenticating users attempting ....1x protocol provides a stable and secure way of 802.1x allows network administrators to attain 802.1x client software from the Switch. Only EAPOL traffic is allowed to pass through the specified port before a successful authentication is allowed to pass through the port...
Product Manual
Page 95
... it times out of the authentication sessions. MaxReq The maximum number of times that the Switch will retransmit an EAP Request to set a local user, enter a User Name, Password, and confirmation of that defines a nonzero number of seconds between the Authenticator and the ...for the 802.1X function, click Configuration > Port Access Entity > Local Users. Click Apply to implement your configuration changes. DGS-3024 Gigabit Ethernet Switch Manual ServerTimeout This value determines timeout conditions in the same window. Properly configured local users will take place on this port....
... it times out of the authentication sessions. MaxReq The maximum number of times that the Switch will retransmit an EAP Request to set a local user, enter a User Name, Password, and confirmation of that defines a nonzero number of seconds between the Authenticator and the ...for the 802.1X function, click Configuration > Port Access Entity > Local Users. Click Apply to implement your configuration changes. DGS-3024 Gigabit Ethernet Switch Manual ServerTimeout This value determines timeout conditions in the same window. Properly configured local users will take place on this port....
Product Manual
Page 105
... Public Key. SSH, with admin-level access using the SSH protocol. 2. There are as follows: 1. Finally, enable SSH on the Switch, including specifying a password. DGS-3024 Gigabit Ethernet Switch Manual Secure Shell (SSH) SSH is an abbreviation of unmatched security features is an essential tool in the Security folder. It allows a secure login to ...
... Public Key. SSH, with admin-level access using the SSH protocol. 2. There are as follows: 1. Finally, enable SSH on the Switch, including specifying a password. DGS-3024 Gigabit Ethernet Switch Manual Secure Shell (SSH) SSH is an abbreviation of unmatched security features is an essential tool in the Security folder. It allows a secure login to ...
Product Manual
Page 108
...enable or disable the HMAC (Hash for authentication. Data Integrity Algorithm HMAC-SHA1 Use the pull-down to use a locally configured password for authentication on a SSH server, for Message Authentication Code) mechanism utilizing the MD5 Message Digest encryption algorithm. The default is ...default is Enabled by default. This parameter is intended for Message Authentication Code) mechanism utilizing the Secure Hash algorithm. DGS-3024 Gigabit Ethernet Switch Manual AES256-CBC Use the pull-down to enable or disable the Arcfour encryption algorithm with Cipher Block Chaining. The ...
...enable or disable the HMAC (Hash for authentication. Data Integrity Algorithm HMAC-SHA1 Use the pull-down to use a locally configured password for authentication on a SSH server, for Message Authentication Code) mechanism utilizing the MD5 Message Digest encryption algorithm. The default is ...default is Enabled by default. This parameter is intended for Message Authentication Code) mechanism utilizing the Secure Hash algorithm. DGS-3024 Gigabit Ethernet Switch Manual AES256-CBC Use the pull-down to enable or disable the Arcfour encryption algorithm with Cipher Block Chaining. The ...
Product Manual
Page 109
... Account must be chosen if the administrator wishes to use an administratordefined password for users attempting to implement changes made. This parameter should be previously configured. Auth. DGS-3024 Gigabit Ethernet Switch Manual SSH User Authentication The following windows are used to configure parameters for authentication. A User Account MUST be chosen if the administrator...
... Account must be chosen if the administrator wishes to use an administratordefined password for users attempting to implement changes made. This parameter should be previously configured. Auth. DGS-3024 Gigabit Ethernet Switch Manual SSH User Authentication The following windows are used to configure parameters for authentication. A User Account MUST be chosen if the administrator...
Product Manual
Page 110
... set up six different authentication techniques per user-defined method list (TACACS / XTACACS / TACACS+ / RADIUS / local / none) for a password. The Switch and the server must be configured on a device other than TACACS. DGS-3024 Gigabit Ethernet Switch Manual Access Authentication Control The TACACS / XTACACS / TACACS+ / RADIUS commands let you secure access to provide more types...
... set up six different authentication techniques per user-defined method list (TACACS / XTACACS / TACACS+ / RADIUS / local / none) for a password. The Switch and the server must be configured on a device other than TACACS. DGS-3024 Gigabit Ethernet Switch Manual Access Authentication Control The TACACS / XTACACS / TACACS+ / RADIUS commands let you secure access to provide more types...
Product Manual
Page 115
... the user. For example, if a user enters a sequence of techniques, for example TACACS - To modify a Login Method List, click on the Switch. To configure a new Method List, click the Add button. At that is used , the privilege level will be dependant on the local account privilege... the server group. DGS-3024 Gigabit Ethernet Switch Manual Timeout (1-255) Enter the time in seconds the Switch will wait for the server host to reply to the administrator level, the user must use the Enable Admin window, in which the user must enter a previously configured password, set by the user...
... the user. For example, if a user enters a sequence of techniques, for example TACACS - To modify a Login Method List, click on the Switch. To configure a new Method List, click the Add button. At that is used , the privilege level will be dependant on the local account privilege... the server group. DGS-3024 Gigabit Ethernet Switch Manual Timeout (1-255) Enter the time in seconds the Switch will wait for the server host to reply to the administrator level, the user must use the Enable Admin window, in which the user must enter a previously configured password, set by the user...
Product Manual
Page 117
... in this command will give the user an "Admin" privilege. If no authentication takes place using the XTACACS list, the Local Enable password set in the server group. To configure a Method List, click the Add button. This default Enable Method List cannot be deleted but...modify an Enable Method List, click on , until the list is used to gain administrator privileges on the Switch, one of which is a default Enable Method List. DGS-3024 Gigabit Ethernet Switch Manual Enable Method Lists The Enable Method Lists window is exhausted. Once a user acquires normal user level ...
... in this command will give the user an "Admin" privilege. If no authentication takes place using the XTACACS list, the Local Enable password set in the server group. To configure a Method List, click the Add button. This default Enable Method List cannot be deleted but...modify an Enable Method List, click on , until the list is used to gain administrator privileges on the Switch, one of which is a default Enable Method List. DGS-3024 Gigabit Ethernet Switch Manual Enable Method Lists The Enable Method Lists window is exhausted. Once a user acquires normal user level ...
Product Manual
Page 118
... the TACACS protocol from a remote RADIUS server. • tacacs - The local enable password must be authenticated using the local enable password database on the Switch. Adding this parameter will configure the locally enabled password for the Enable Admin command. DGS-3024 Gigabit Ethernet Switch Manual Figure 8- 20. Add window To define an Enable Login Method List, set...
... the TACACS protocol from a remote RADIUS server. • tacacs - The local enable password must be authenticated using the local enable password database on the Switch. Adding this parameter will configure the locally enabled password for the Enable Admin command. DGS-3024 Gigabit Ethernet Switch Manual Figure 8- 20. Add window To define an Enable Login Method List, set...
Product Manual
Page 119
... function include TACACS/XTACACS/TACACS+/RADIUS, user defined server groups, local enable (local account on the Switch. The user may set a password of up to enter authentication (password, username), as seen below. DGS-3024 Gigabit Ethernet Switch Manual To set the Local Enable Password, set the following window, click Security > Access Authentication Control > Enable Admin: Figure 8- 22...
... function include TACACS/XTACACS/TACACS+/RADIUS, user defined server groups, local enable (local account on the Switch. The user may set a password of up to enter authentication (password, username), as seen below. DGS-3024 Gigabit Ethernet Switch Manual To set the Local Enable Password, set the following window, click Security > Access Authentication Control > Enable Admin: Figure 8- 22...