Home » D-Link Manuals » Hubs & Switches » D-Link DWS-3160-24TC » Manual Viewer

D-Link DWS-3160-24TC DWS-3160 Series Web UI Reference Guide - Page 438

Standalone AP with, Rogue Detected Trap

View all D-Link DWS-3160-24TC manuals

Add to My Manuals
Save this manual to your list of manuals

Page 438 highlights

DWS-3160 Series Gigabit Ethernet Unified Switch Web UI Reference Guide AP is operating on an illegal channel Select Enabled to detect hackers or incorrectly configured devices that are operating on channels that are not legal in the country where the wireless system is set up. NOTE: In order for the wireless system to detect this threat, the wireless network must contain one or more radios that operate in sentry mode. Standalone AP with unexpected configuration If the AP is classified as a known standalone AP, the switch checks whether the AP is operating with the expected configuration parameters. You configure the expected parameters for the standalone AP in the local or RADIUS Valid AP database. Unmanaged AP detected on wired network Select Enabled to check whether the AP is detected on the wired network. If the AP state is Unknown, then the test changes the AP state to Rogue. The flag indicating whether AP is detected on the wired network is reported as part of the RF Scan report. If AP is managed and is detected on the network then the switch simply reports this fact and doesn't change the AP state to Rogue. In order for the wireless system to detect this threat, the wireless network must contain one or more radios that operate in sentry mode. Rogue Detected Trap Interval(60-3600 seconds or 0 is disable) Enter the interval, in seconds, between transmissions of the SNMP trap telling the administrator that rogue APs are present in the RF Scan database. Enter 0 to disable the function. Wired Network Detection Interval(13600 seconds or 0 is disable) Enter the number of seconds that the AP waits before starting a new wired network detection cycle. Enter 0 to disable the function. AP De-authentication Attach Select to enable or disable the AP de-authentication attack. The wireless switch can protect against rogue APs by sending de-authentication messages to the rogue AP. The de-authentication attack feature must be globally enabled in order for the wireless system to do this function. Make sure that no legitimate APs are classified as rogues before enabling the attack feature. This feature is disabled by default. Click the Apply button to accept the changes made. After clicking the Client Configuration tab, the following page will appear: Figure 3-37 WIDS Security Client Configuration window The fields that can be configured are described below: Parameter Description 433

Section	Page
Table of Contents	3
Intended Readers	6
Typographical Conventions	6
Notes, Notices and Cautions	6
Section 1 Web-based Switch Configuration	7
Chapter 1 Introduction	7
Chapter 2 Login to the Web Manager	7
Chapter 3 Web-based User Interface	8
Areas of the User Interface	8
Chapter 4 Web Pages	9
Section 2 LAN	11
Chapter 1 System Configuration	11
Device Information	11
System Information Settings	12
Port Configuration	12
PoE	16
Serial Port Settings	19
Warning Temperature Settings	19
System Log Configuration	20
Time Range Settings	23
Port Group Settings	24
Time Settings	24
User Accounts Settings	25
Command Logging Settings	26
Chapter 2 Management	27
ARP	27
Gratuitous ARP	28
IPv6 Neighbor Settings	30
IP Interface	31
Management Settings	35
Session Table	36
Single IP Management	37
SNMP Settings	46
Telnet Settings	55
Web Settings	55
Chapter 3 L2 Features	56
VLAN	56
QinQ	74
Spanning Tree	77
Link Aggregation	84
FDB	87
L2 Multicast Control	91
Multicast Filtering	113
ERPS Settings	118
LLDP	121
NLB FDB Settings	130
Chapter 4 L3 Features	131
IPv4 Static/Default Route Settings	131
IPv4 Route Table	132
IPv6 Static/Default Route Settings	132
IP Forwarding Table	133
VRRP	133
Chapter 5 QoS	138
802.1p Settings	139
Bandwidth Control	141
Traffic Control Settings	143
DSCP	145
HOL Blocking Prevention	147
Scheduling Settings	147
Chapter 6 ACL	150
ACL Configuration Wizard	150
Access Profile List	151
CPU Access Profile List	167
ACL Finder	181
ACL Flow Meter	181
Egress Access Profile List	184
Egress ACL Flow Meter	196
Chapter 7 Security	199
802.1X	199
RADIUS	211
IP-MAC-Port Binding (IMPB)	215
MAC-based Access Control (MAC)	220
Compound Authentication	223
Port Security	226
ARP Spoofing Prevention Settings	228
BPDU Attack Protection	229
Loopback Detection Settings	230
Traffic Segmentation Settings	231
NetBIOS Filtering Settings	232
DHCP Server Screening	233
Access Authentication Control	235
SSL Settings	243
SSH	245
Trusted Host Settings	249
Safeguard Engine Settings	249
Captive Portal (CP)	251
Chapter 8 Network Application	271
DHCP	271
SNTP	277
Flash File System Settings	279
Chapter 9 OAM	281
CFM	281
Ethernet OAM	291
Cable Diagnostics	295
Chapter 10 Monitoring	297
Utilization	297
Statistics	298
Received (RX)	299
UMB_Cast (RX)	300
Transmitted (TX)	302
Received (RX)	303
Transmitted (TX)	305
Mirror	308
sFlow	310
Ping Test	313
Trace Route	314
Peripheral	315
Chapter 11 Save and Tools	316
Section 3 WLAN	317
Chapter 1 Security	317
Captive Portal (CP)	317
Chapter 2 Monitoring	336
Global	336
Peer Switch	344
Access Point	347
Client	368
QoS	387
Chapter 3 Administration	395
Basic Setup	395
AP Management	407
Advanced Configuration	416
Chapter 4 QoS	443
Access Control Lists	443
Differentiated Services	456
Chapter 5 Network Visualization	462
Download Image	462
Launch…	462
Section 4 Save and Tools	465
Chapter 1 Save	465
Save Configuration / Log	465
Chapter 2 Tools	466
License Management	466
Download Firmware	466
Upload Firmware	467
Download Configuration	467
Upload Configuration	468
Upload Log File	469
Reset	470
Reboot System	471
Appendices	473
Appendix A Mitigating ARP Spoofing Attacks Using Packet Content ACL	473
Appendix B Password Recovery Procedure	479
Appendix C System Log Entries	480
Appendix D Trap Log Entries	491
Appendix E RADIUS Attributes Assignment	495

Match case Limit results 1 per page

DWS-3160 Series Gigabit Ethernet Unified Switch Web UI Reference Guide

433

AP is operating on

an illegal channel

Select

Enabled

to detect hackers or incorrectly configured devices that are operating

on channels that are not legal in the country where the wireless system is set up.

NOTE:

In order for the wireless system to detect this threat, the wireless network must

contain one or more radios that operate in sentry mode.

Standalone AP with

unexpected

configuration

If the AP is classified as a known standalone AP, the switch checks whether the AP is

operating with the expected configuration parameters. You configure the expected

parameters for the standalone AP in the local or RADIUS Valid AP database.

Unmanaged AP

detected on wired

network

Select

Enabled

to check whether the AP is detected on the wired network. If the AP

state is Unknown, then the test changes the AP state to Rogue. The flag indicating

whether AP is detected on the wired network is reported as part of the RF Scan report.

If AP is managed and is detected on the network then the switch simply reports this

fact and doesn't change the AP state to Rogue. In order for the wireless system to

detect this threat, the wireless network must contain one or more radios that operate in

sentry mode.

Rogue Detected Trap

Interval(60-3600

seconds or 0 is

disable)

Enter the interval, in seconds, between transmissions of the SNMP trap telling the

administrator that rogue APs are present in the RF Scan database. Enter

to disable

the function.

Wired Network

Detection Interval(1-

3600 seconds or 0 is

disable)

Enter the number of seconds that the AP waits before starting a new wired network

detection cycle. Enter

to disable the function.

AP De-authentication

Attach

Select to enable or disable the AP de-authentication attack. The wireless switch can

protect against rogue APs by sending de-authentication messages to the rogue AP.

The de-authentication attack feature must be globally enabled in order for the wireless

system to do this function. Make sure that no legitimate APs are classified as rogues

before enabling the attack feature. This feature is disabled by default.

Click the

Apply

button to accept the changes made.

After clicking the

Client Configuration

tab, the following page will appear:

Figure 3-37 WIDS Security Client Configuration window

The fields that can be configured are described below:

Parameter

Description