Home » D-Link Manuals » Hubs & Switches » D-Link DWS-4026 » Manual Viewer

D-Link DWS-4026 Product Manual - Page 498

Viewing Detected Client Pre-Authentication History, Table 319, WIDS Client Rogue Classification, Field

UPC - 790069325533

Add to My Manuals
Save this manual to your list of manuals

Page 498 highlights

D-Link Unified Access System Software User Manual 12/10/09 Table 319: WIDS Client Rogue Classification Field Description MAC Address Test Description The Ethernet MAC address of the detected wireless client. Identifies the tests that were performed, which includes the following: • Client is not listed in the Known Clients database. • Client exceeds the configured rate for transmitting 802.11 authentication requests. • Client exceeds the configured rate for transmitting probe requests. • Client exceeds the configured rate for transmitting de-authentication requests. • Client exceeds the maximum number of failing authentications. • Known Client is authenticated with an Unknown AP. Condition Detected Reporting MAC Address Indicates whether the result of the test was true or false. Identifies the MAC address of the AP that reported the test results. Radio Identifies which physical radio on the reporting AP was responsible for the test results. Test Config Shows whether this test is configured to report rogues. Each test can be globally enabled or disabled to report a positive result as a rogue. Test Result Shows whether this test reported the device as rogue. In some cases the test may report a positive result, be enabled, but not report the device as rogue because the device is allowed to operate in this mode. Time Since First Report Time stamp indicating how long ago this test first detected the condition. Time Since Last Report Time stamp indicating how long ago this test last detected the condition. Viewing Detected Client Pre-Authentication History To help authenticated clients roam without losing sessions and needing to re-authenticate, wireless clients can attempt to authenticate to other APs within range that the client could possibly associate with. For successful pre-authentication, the target AP must have a VAP with an SSID and security configuration that matches that of the client, including MAC authentication, encryption method, and pre-shared key or RADIUS parameters. The the AP that the client is associated with captures all pre-authentication requests and sends them to the switch. The Detected Client Pre-Authentication History page shows information about the pre-authentication requests that the detected client has made. Figure 343: Detected Client Pre-Authentication History Table 320 describes the fields on the Detected Client Pre-Authentication History page. Page 498 Monitoring and Managing Intrusion Detection Document 34CSFP6XXUWS-SWUM100-D7

Section	Page
Table of Contents	5
List of Tables	33
About This Document	43
Audience	43
Organization	43
Additional Documentation	44
Document Conventions	44
Section 1: Getting Started	45
Connecting the Switch to the Network	45
Understanding the User Interfaces	47
Using the Web Interface	48
Device View	49
Navigation Tree View	50
Configuration and Monitoring Options	51
Help Page Access	51
Using the Command-Line Interface	52
Using SNMP	53
Section 2: System Administration	55
Viewing ARP Cache	56
Viewing Inventory Information	57
Viewing the Dual Image Status	57
System Description	58
Defining System Information	60
Switch Configuration	60
Card Configuration	61
PoE Configuration	62
PoE Status	64
Serial Port	65
IP Address	66
Network DHCP Client Options	68
HTTP Configuration	69
User Accounts	70
Adding a User Account	71
Changing User Account Information	72
Deleting a User Account	72
Authentication List Configuration	72
Creating an Authentication List	74
Configuring an Authentication List	74
Deleting an Authentication List	74
Authentication List Summary	75
Login Session	76
User Login	77
Assigning a User to an Authentication List	77
Denial of Service Protection	78
Multiple Port Mirroring	79
Adding a Port Mirroring Session	80
Removing or Modifying a Port Mirroring Session	81
Configuring and Searching the Forwarding Database	82
Configuration	82
Search	83
Searching the Forwarding Database	83
Managing Logs	84
Buffered Log Configuration	85
Viewing Buffered Log Messages	85
Command Logger Configuration	86
Console Log Configuration	86
Event Log	87
Hosts Configuration	89
Adding a Remote Logging Host	89
Deleting a Remote Logging Host	90
Persistent Log Configuration	90
Persistent Log	91
Syslog Configuration	92
Telnet Sessions	93
Outbound Telnet Client Configuration	94
Ping Test	95
Configuring SNTP Settings	96
SNTP Settings	97
SNTP Server Configuration	98
SNTP Server Status	99
SNTP Global Status	100
Time Zone Configuration	101
Summer Time Configuration	103
Summer Time Recurring Configuration	104
Clock Detail	105
Configuring and Viewing Device Slot Information	106
Configuration	106
Summary	108
Configuring and Viewing Device Port Information	109
Port Configuration	109
Port Summary	112
Port Description	115
Multiple Port Mirroring	115
Multiple Port Mirroring	115
Adding a Port Mirroring Session	116
Removing or Modifying a Port Mirroring Session	117
Double VLAN Tunneling	117
Double VLAN Tunneling Summary	118
Configuring sFlow	120
sFlow Agent Summary	120
sFlow Receiver Configuration	121
sFlow Poller Configuration	122
Counter Sampling	122
sFlow Sampler Configuration	123
Packet Flow Sampling	123
Defining SNMP Parameters	124
SNMP v1 and v2	124
SNMP v3	124
SNMP Community Configuration	125
Trap Receiver Configuration	126
Trap Flags	127
Supported MIBs	128
Viewing System Statistics	129
Switch Detailed	129
Switch Summary	132
Port Detailed	133
Port Summary Statistics	137
Using System Utilities	139
Save All Applied Changes	139
System Reset	140
Reset Configuration to Defaults	140
Reset Passwords to Defaults	140
Download File To Switch (TFTP)	142
Downloading a File to the Switch	144
Upload File From Switch (TFTP)	145
Uploading Files	146
Multiple Image Service	146
HTTP File Download	147
Erase Startup-config File	148
AutoInstall	148
TraceRoute	149
Trap Log	151
Managing the DHCP Server	152
Global Configuration	152
Pool Configuration	154
Pool Options	157
Reset Configuration	158
DHCP Server Summary	158
Bindings Information	158
Server Statistics	160
Conflicts Information	161
Configuring DNS	162
Global Configuration	162
Server Configuration	163
DNS Host Name IP Mapping Configuration	163
DNS Host Name IP Mapping Summary	164
Configuring SNTP Settings	166
SNTP Global Configuration	167
SNTP Server Configuration	169
Configuring and Viewing ISDP Information	170
Global Configuration	170
Cache Table	171
Cache Table	171
Interface Configuration	172
Statistics	172
Section 3: Configuring L2 Features	175
Configuring DHCP Snooping	176
Global DHCP Snooping Configuration	176
DHCP Snooping VLAN Configuration	177
DHCP Snooping Interface Configuration	177
DHCP Snooping Binding Configuration	178
DHCP Snooping Statistics	181
Configuring DHCP L2 Relay	182
DHCP L2 Relay Global Configuration	182
DHCP L2 Relay Interface Configuration	183
DHCP L2 Relay VLAN Configuration	184
DHCP L2 Relay Interface Statistics	184
Managing VLANs	186
VLAN Configuration	186
VLAN Status	188
VLAN Port Configuration	189
VLAN Port Summary	190
Reset VLAN Configuration	191
Configuring Protected Ports	192
Protected Port Configuration	192
Assigning Ports to a Group	193
Protected Ports Summary	193
Managing Protocol-Based VLANs	194
Configuration	194
Protocol-Based VLAN Summary	195
Managing IP Subnet-Based VLANs	197
Configuration	197
Summary	198
Managing MAC-Based VLANs	199
MAC-based VLAN Configuration	199
MAC-based VLAN Summary	199
Voice VLAN Configuration	200
Creating MAC Filters	202
Adding MAC Filters	203
Modifying MAC Filters	203
Deleting MAC Filters	203
MAC Filter Summary	203
Configuring GARP	203
GARP Status	204
GARP Switch Configuration	206
GARP Port Configuration	207
Configuring Dynamic ARP Inspection	208
DAI Configuration	208
DAI VLAN Configuration	209
DAI Interface Configuration	210
DAI ARP ACL Configuration	211
DAI ARP ACL Rule Configuration	211
Dynamic ARP Inspection Statistics	212
Configuring IGMP Snooping	214
Global Configuration and Status	215
Interface Configuration	216
VLAN Configuration	217
VLAN Status	218
Multicast Router Configuration	219
Multicast Router Status	219
Multicast Router VLAN Configuration	221
Multicast Router VLAN Status	222
Configuring IGMP Snooping Queriers	223
IGMP Snooping Querier Configuration	223
IGMP Snooping Querier VLAN Configuration	224
IGMP Snooping Querier VLAN Configuration Summary	225
IGMP Snooping Querier VLAN Status	226
Configuring MLD Snooping	227
Configuration and Status	227
Interface Configuration	228
VLAN Status	229
VLAN Configuration	229
Multicast Router Configuration	231
Multicast Router Status	231
Multicast Router VLAN Configuration	232
Multicast Router VLAN Status	232
Configuring MLD Snooping Queriers	234
MLD Snooping Querier Configuration	234
MLD Snooping Querier VLAN Configuration	235
MLD Snooping Querier VLAN Configuration Summary	236
MLD Snooping Querier VLAN Status	237
Creating Port Channels (Trunking)	238
Port Channel Configuration	238
Port Channel Status	240
Viewing Multicast Forwarding Database Information	241
MFDB Table	241
MFDB GMRP Table	242
MFDB IGMP Snooping Table	243
MFDB MLD Snooping Table	244
MFDB Statistics	244
Configuring Spanning Tree Protocol	246
Switch Configuration/Status	247
CST Configuration/Status	248
MST Configuration/Status	250
CST Port Configuration/Status	252
MST Port Configuration/Status	254
Statistics	257
Configuring Port Security	258
Port Security Administration	258
Port Security Interface Configuration	259
Port Security Static	260
Port Security Dynamic	261
Port Security Violation Status	262
Managing LLDP	263
Global Configuration	264
Interface Configuration	265
Interface Summary	266
Statistics	267
Local Device Information	268
Local Device Summary	269
Remote Device Information	270
Remote Device Summary	271
LLDP-MED	272
LLDP-MED Global Configuration	272
LLDP-MED Interface Configuration	273
LLDP-MED Interface Summary	274
LLDP Local Device Information	274
LLDP-MED Remote Device Information	276
Section 4: Configuring L3 Features	279
Configuring ARP	279
ARP Create	280
ARP Table Configuration	281
Configuring Global and Interface IP Settings	283
IP Configuration	283
IP Interface Configuration	285
Helper IP Interface Configuration	286
IP Statistics	287
Managing the BOOTP/DHCP Relay Agent	290
BOOTP/DHCP Relay Agent Configuration	291
BOOTP/DHCP Relay Agent Status	292
Configuring RIP	293
RIP Configuration	293
RIP Interface Configuration	294
Configuring the RIP Interface	295
RIP Interface Summary	296
RIP Route Redistribution Configuration	297
RIP Route Redistribution Summary	298
Router Discovery	299
Router Discovery Configuration	299
Router Discovery Status	301
Router	302
Route Table	302
Best Routes Table	304
Configured (Static) Routes	305
Adding a Static Route	305
Deleting a Route	307
Route Preferences Configuration	308
VLAN Routing	309
VLAN Routing Configuration	309
Creating a VLAN Routing Interface	310
Deleting a VLAN Router Interface	310
VLAN Routing Summary	311
Virtual Router Redundancy Protocol (VRRP)	312
VRRP Configuration	312
Virtual Router Configuration	313
Configuring a Secondary VRRP Address	314
Creating a New Virtual Router	314
Modifying a Virtual Router	314
VRRP Interface Tracking Configuration	315
VRRP Interface Tracking	316
VRRP Route Tracking Configuration	316
VRRP Route Tracking	317
Virtual Router Status	318
Virtual Router Statistics	319
Loopback Interfaces	321
Loopbacks Configuration	321
Creating a New Loopback (IPv4)	322
Configuring an Existing Loopback	323
Removing a Loopback	323
Removing a Secondary Address	323
Loopback Summary	324
Section 5: Configuring Quality of Service	325
Configuring Differentiated Services	326
Defining DiffServ	326
Diffserv Configuration	326
Class Configuration	328
Policy Configuration	330
Policy Class Definition	332
Service Configuration	334
Configuring Class of Service	335
Mapping 802.1p Priority	335
Trust Mode Configuration	336
IP DSCP Mapping Configuration	338
CoS Interface Configuration	338
CoS Interface Queue Configuration	340
Configuring Auto VoIP	342
Auto VoIP Configuration	342
Section 6: Configuring Access Control Lists	344
IP Access Control Lists	345
IP ACL Configuration	345
IP ACL Rule Configuration	346
Modifying an IP-based Rule	350
Adding a New Rule to an IP-based ACL	350
Deleting a Rule from an IP-based ACL	351
MAC Access Control Lists	351
MAC ACL Configuration	351
MAC ACL Rule Configuration	352
Adding a New Rule to a MAC-based ACL	355
Removing a Rule From a MAC-based ACL	355
ACL Interface Configuration	355
Assigning an ACL to an Interface	356
Removing an ACL from an Interface	357
Section 7: Managing Device Security	359
Captive Portal Configuration	359
Captive Portal Global Configuration	359
CP Configuration	361
Changing the Captive Portal Settings	362
Customizing the Captive Portal Web Page	364
Local User	369
Adding a Local User	370
Configuring Users in the Local Database	371
Configuring Users in a Remote RADIUS Server	372
Interface Association	373
CP Global Status	375
Viewing CP Activation and Activity Status	375
Interface Status	377
Viewing Interface Activation Status	377
Viewing Interface Capability Status	377
Client Connection Status	378
Viewing Client Details	379
Viewing the Client Statistics	380
Viewing the Client Interface Association Status	381
Viewing the Client CP Association Status	382
SNMP Trap Configuration	382
Port Access Control	383
Global Port Access Control Configuration	384
Port Configuration	385
Port Access Entity Capability Configuration	386
Supplicant Port Configuration	387
User Login Configuration	389
Port Access Privileges	390
RADIUS Settings	391
RADIUS Configuration	391
RADIUS Server Configuration	392
Viewing Named Server Status Information	394
RADIUS Accounting Server Configuration	395
Viewing Named Accounting Server Status	396
Clear Statistics	397
TACACS+ Settings	398
TACACS+ Configuration	398
TACACS+ Server Configuration	399
Secure HTTP	400
Secure HTTP Configuration	400
Generating Certificates	401
Downloading SSL Certificates	401
Secure Shell	403
Secure Shell Configuration	403
Downloading SSH Host Keys	404
Section 8: Configuring the Wireless Features	405
D-Link Unified Access System Components	405
DWS-4026 Unified Switch	406
DWL-8600AP Unified Access Point	406
Unified Switch and AP Discovery Methods	406
L2 Discovery	407
IP Address of AP Configured in the Switch	407
IP Address of Switch Configured in the AP	407
Configuring the DHCP Option	408
Discovery and Peer Switches	411
Basic Setup	411
Wireless Global Configuration	411
Wireless Discovery Configuration	414
L3/IP Discovery	415
L2/VLAN Discovery	416
Profile	416
Radio	417
SSID Configuration	423
Managing Virtual Access Point Configuration	423
Configuring the Default Network	424
Configuring AP Security	431
Using No Security	431
Using Static or Dynamic WEP	431
Static WEP Rules	433
Using WPA/WPA2 Personal or Enterprise	433
Valid Access Point Summary	436
Valid Access Point Configuration	437
Local OUI Database Summary	439
AP Management	441
Reset	441
RF Management	441
Configuring Channel Plan and Power Settings	442
Viewing the Channel Plan History	444
Initiating Manual Channel Plan Assignments	445
Initiating Manual Power Adjustments	446
Access Point Software Download	446
Managed AP Advanced Settings	448
Debugging the AP	449
Adjusting the Channel and Power	450
Monitoring Status and Statistics	452
Wireless Global Status/Statistics	452
Viewing Switch Status and Statistics Information	455
Viewing IP Discovery Status	456
Viewing the Peer Switch Configuration Received Status	457
Viewing the AP Hardware Capability List	458
AP Hardware Radio Capability	459
All AP Status	460
Managed AP Status	462
Monitoring AP Status	462
Viewing Detailed Managed Access Point Status	464
Viewing Managed Access Point Radio Summary Information	466
Viewing Detailed Managed Access Point Radio Information	466
Viewing Managed Access Point Neighbor APs	467
Viewing Clients Associated with Neighbor Access Points	468
Viewing Managed Access Point VAPs	469
Viewing Distributed Tunneling Information	469
Managed Access Point Statistics	470
Viewing Managed Access Point Ethernet Statistics	471
Viewing Detailed Managed Access Point Statistics	471
Viewing Managed Access Point Radio Statistics	472
Viewing Managed Access Point VAP Statistics	474
Viewing Distributed Tunneling Statistics	474
Associated Client Status/Statistics	475
Viewing Associated Client Summary Status	476
Viewing Detailed Associated Client Status	477
Viewing Associated Client QoS Status	478
Viewing Associated Client Neighbor AP Status	479
Viewing Associated Client Distributed Tunneling Status	480
Viewing SSID Associated Client Status	481
Viewing VAP Associated Client Status	481
Viewing Switch Associated Client Status	482
Viewing Associated Client Statistics	482
Viewing Detailed Associated Client Association Statistics	484
Viewing Detailed Associated Client Session Statistics	484
Peer Switch Status	485
Viewing Peer Switch Configuration Status	486
Viewing Peer Switch Managed AP Status	487
Monitoring and Managing Intrusion Detection	488
AP RF Scan Status	488
Viewing Access Point Triangulation Status	491
Viewing WIDS AP Rogue Classification Information	492
Detected Client Status	494
Viewing Detailed Detected Client Status	495
Viewing WIDS Client Rogue Classification	497
Viewing Detected Client Pre-Authentication History	498
Viewing Detected Client Triangulation	499
Viewing Detected Client Roam History	500
Detected Client Pre-Authentication Summary	500
Detected Client Roam History Summary	501
Ad Hoc Client Status	502
AP Authentication Failure Status	503
AP De-Authentication Attack Status	505
Configuring Advanced Settings	506
Advanced Global Settings	506
Wireless SNMP Trap Configuration	508
Distributed Tunneling Configuration	510
Known Client	511
Known Client Configuration	512
Wireless Network List	513
Configuring Networks	513
AP Profiles	514
Creating, Copying, and Deleting AP Profiles	515
Applying an AP Profile	516
Access Point Profile QoS Configuration	518
Peer Switch	521
WIDS Security	524
WIDS AP Configuration	524
WIDS Client Configuration	527
Visualizing the Wireless Network	529
Importing and Configuring a Background Image	530
Setting Up the Graph Components	531
Creating a New Graph	531

Match case Limit results 1 per page

D-Link Unified Access System

Software User Manual

12/10/09

Page

498

Monitoring and Managing Intrusion Detection

Document

34CSFP6XXUWS-SWUM100-D7

Viewing Detected Client Pre-Authentication History

To help authenticated clients roam without losing sessions and needing to re-authenticate, wireless clients can attempt to

authenticate to other APs within range that the client could possibly associate with. For successful pre-authentication, the

target AP must have a VAP with an SSID and security configuration that matches that of the client, including MAC

authentication, encryption method, and pre-shared key or RADIUS parameters. The the AP that the client is associated with

captures all pre-authentication requests and sends them to the switch.

The

Detected Client Pre-Authentication History

page shows information about the pre-authentication requests that the

detected client has made.

Figure 343:

Detected Client Pre-Authentication History

Table 320

describes the fields on the

Detected Client Pre-Authentication History

page.

Table 319:

WIDS Client Rogue Classification

Field

Description

MAC Address

The Ethernet MAC address of the detected wireless client.

Test Description

Identifies the tests that were performed, which includes the following:

•

Client is not listed in the Known Clients database.

•

Client exceeds the configured rate for transmitting 802.11 authentication requests.

•

Client exceeds the configured rate for transmitting probe requests.

•

Client exceeds the configured rate for transmitting de-authentication requests.

•

Client exceeds the maximum number of failing authentications.

•

Known Client is authenticated with an Unknown AP.

Condition Detected

Indicates whether the result of the test was true or false.

Reporting MAC

Address

Identifies the MAC address of the AP that reported the test results.

Radio

Identifies which physical radio on the reporting AP was responsible for the test results.

Test Config

Shows whether this test is configured to report rogues. Each test can be globally enabled or

disabled to report a positive result as a rogue.

Test Result

Shows whether this test reported the device as rogue. In some cases the test may report a

positive result, be enabled, but not report the device as rogue because the device is allowed