Home » D-Link Manuals » Hubs & Switches » D-Link DES-3526DC » Manual Viewer

D-Link DES-3526DC Product Manual - Page 97

Parameter, Description, Profile ID 1-255, Source IP Mask, Destination IP Mask, Protocol

Add to My Manuals
Save this manual to your list of manuals

Page 97 highlights

Parameter xStack DES-3500 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Description Profile ID (1-255) Type in a unique identifier number for this profile set. The number is used to set the relative priority for the profile. Priority is set relative to other profiles where the lowest profile ID has the highest priority. If a conflict occurs among configured access rules, the profile ID establishes relative priority of the rules. The value can be set from 1 to 255 however there is a limit to the total number of profiles that can be created. Type Select profile based on Ethernet (MAC Address), IP address or packet content mask. This will change the menu according to the requirements for the type of profile. • Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header. • Select IP to instruct the Switch to examine the IP address in each frame's header. • Select Packet Content Mask to specify a mask to hide the content of the packet header. VLAN Selecting this option instructs the Switch to examine the VLAN part of each packet header and use this as the, or part of the criterion for forwarding. Source IP Mask Enter an IP address mask for the source IP address. Destination IP Mask Enter an IP address mask for the destination IP address. DSCP Selecting this option instructs the Switch to examine the DiffServ Code part of each packet header and use this as the, or part of the criterion for forwarding. Protocol Selecting this option instructs the Switch to examine the protocol type value in each frame's header. You must then specify what protocol(s) to include according to the following guidelines: Select ICMP to instruct the Switch to examine the Internet Control Message Protocol (ICMP) field in each frame's header. • Select Type to further specify that the access profile will apply an ICMP type value, or specify Code to further specify that the access profile will apply an ICMP code value. Select IGMP to instruct the Switch to examine the Internet Group Management Protocol (IGMP) field in each frame's header. • Select Type to further specify that the access profile will apply an IGMP type value Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion. Selecting TCP requires that you specify a source port mask and/or a destination port mask. The user may also identify which flag bits to deny. Flag bits are parts of a packet that determine what to do with the packet. The user may deny packets by denying certain flag bits within the packets, by checking the boxes corresponding to the flag bits of the TCP field. The user may choose between urg (urgent), ack (acknowledgement), psh (push), rst (reset), syn (synchronize), fin (finish). • src port mask - Specify a TCP port mask for the source port in hex form (hex 0x00xffff), which you wish to deny. • dest port mask - Specify a TCP port mask for the destination port in hex form (hex 0x0-0xffff) which you wish to deny. Select UDP to use the UDP port number contained in an incoming packet as the forwarding criterion. Selecting UDP requires that you specify a source port mask and/or a destination port mask. • src port mask - Specify a TCP port mask for the source port in hex form (hex 0x00xffff). • dest port mask - Specify a TCP port mask for the destination port in hex form (hex 0x0-0xffff). protocol id - Enter a value defining the protocol ID in the packet header to mask. Specify up to 5, Layer 4 port masks for the destination port in hex form (hex 0x0-0xffffffff). The window shown below is the Access Profile Configuration window for Packet Content Mask. 83

Section	Page
	1
Table of Contents	3
	8
Preface	9
	9
Intended Readers	10
Typographical Conventions	10
Bold font	10
	10
Notes, Notices, and Cautions	10
Safety Instructions	11
Safety Cautions	11
General Precautions for Rack-Mountable Products	12
Protecting Against Electrostatic Discharge	13
Gigabit Ethernet Technology	14
Switch Description	14
Features	14
Ports	14
Front-Panel Components	14
Side Panel Description	14
Rear Panel Description	14
Gigabit Combo Ports	14
Gigabit Ethernet Technology	14
Switch Description	14
Features	15
Ports	16
Front-Panel Components	16
LED Indicators	17
Rear Panel Description	18
Side Panel Description	18
Gigabit Combo Ports	19
Package Contents	21
Before You Connect to the Network	21
Installing the Switch without the Rack	21
Rack Installation	21
Power On	21
Package Contents	21
Before You Connect to the Network	21
Installing the Switch without the Rack	22
Installing the Switch in a Rack	23
Mounting the Switch in a Standard 19\	24
Power On (AC Power)	25
Power Failure	25
Connecting DC Power to DES-3526DC	25
Switch to End Node	26
Switch to Hub or Switch	26
Connecting To Network Backbone or Server	26
Switch to End Node	26
Switch to Hub or Switch	27
Connecting To Network Backbone or Server	28
Management Options	29
Web-based Management Interface	29
SNMP-Based Management	29
Managing User Accounts	29
Command Line Console Interface through the Serial Port	29
Connecting the Console Port (RS-232 DCE)	29
First Time Connecting to the Switch	29
Password Protection	29
SNMP Settings	29
IP Address Assignment	29
Connecting Devices to the Switch	29
Management Options	29
Web-based Management Interface	29
SNMP-Based Management	29
Connecting the Console Port (RS-232 DCE)	29
First Time Connecting to the Switch	31
Password Protection	31
	32
SNMP Settings	33
	33
Traps	33
MIBs	33
IP Address Assignment	34
Connecting Devices to the Switch	35
Introduction	36
Login to Web manager	36
Web-Based User Interface	36
Basic Setup	36
Reboot	36
Basic Switch Setup	36
Network Management	36
Switch Utilities	36
Network Monitoring	36
IGMP Snooping Status	36
Introduction	36
Login to Web Manager	36
Web-based User Interface	37
Areas of the User Interface	37
Web Pages	38
Switch Information	39
IP Address	39
Advanced Settings	39
Port Configuration	39
Port Description	39
Port Mirroring	39
Link Aggregation	39
LACP Port Setting	39
MAC Notification	39
IGMP	39
Spanning Tree	39
Forward Filtering	39
VLANs	39
Traffic Control	39
Port Security	39
QoS	39
System Log Servers	39
SNTP Settings	39
Access Profile Table	39
CPU Interface Filtering	39
Port Access Entity	39
IP-MAC Binding	39
Limited IP Multicast Range Settings	39
Layer 3 IP Networking	39
	39
Switch Information	40
IP Address	40
Advanced Settings	43
Port Configurations	45
Port Description	46
Port Mirroring	47
	47
Link Aggregation	48
Understanding Port Trunk Groups	48
LACP Port Setting	51
MAC Notification	52
MAC Notification Global Settings	52
MAC Notification Port Settings	53
IGMP	54
IGMP Snooping	54
Static Router Ports Entry	56
Forbidden Router Ports Entry	57
Spanning Tree	58
802.1s MSTP	58
802.1w Rapid Spanning Tree	58
Port Transition States	58
Edge Port	59
P2P Port	59
802.1d/802.1w/802.1s Compatibility	59
STP Loopback Detection	59
Setting the Loopback Timer	59
Regulations and Restrictions for the Loopback Detection Function	60
STP Bridge Global Settings	60
MST Configuration Table	63
MSTI Settings	65
STP Instance Settings	66
MSTP Port Information	67
Forwarding Filtering	69
Unicast Forwarding	69
Multicast Forwarding	69
Multicast Port Filtering Mode	71
VLANs	72
Understanding IEEE 802.1p Priority	72
VLAN Description	72
Notes about VLANs on the xStack DES-3500 Series switches	72
IEEE 802.1Q VLANs	72
802.1Q VLAN Tags	74
Port VLAN ID	74
Tagging and Untagging	75
Ingress Filtering	75
Default VLANs	75
Port-based VLANs	76
VLAN Segmentation	76
Asymmetric VLANs	77
VLAN and Trunk Groups	78
Static VLAN Entry	78
GVRP Setting	80
Traffic Control	81
Port Security	83
QoS	84
Advantages of QoS	84
Understanding QoS	85
Port Bandwidth	86
Scheduling	87
802.1p Default Priority	88
802.1p User Priority	88
Traffic Segmentation	89
System Severity Alerts	90
System Log Server	90
SNTP Settings	92
Time Setting	92
Time Zone and DST	93
Access Profile Table	95
Configuring the Access Profile Table	95
CPU Interface Filtering	106
CPU Interface Filtering Profile Table	106
Port Access Entity (802.1X)	116
802.1x Port-Based and MAC-Based Access Control	116
Authentication Server	117
Authenticator	117
Client	118
Authentication Process	118
Port-Based Network Access Control	119
MAC-Based Network Access Control	120
Configure Authenticator	121
PAE System Control	123
Port Capability	123
Initializing Ports for Port Based 802.1x	124
Initializing Ports for MAC Based 802.1x	125
Reauthenticate Port(s) for Port Based 802.1x	125
RADIUS Server	126
IP-MAC Binding	127
ACL Mode	127
IP-MAC Binding Port	129
IP-MAC Binding Table	130
IP-MAC Binding Blocked	131
Limited IP Multicast Range Settings	132
Layer 3 IP Networking	133
Static ARP Table	133
DHCP/BOOTP Relay	134
DHCP / BOOTP Relay Global Settings	134
The Implementation of DHCP Information Option 82 in the xStack DES-3500 Series switches	136
DHCP/BOOTP Relay Interface Settings	137
	137
Security IP	138
User Accounts	138
Access Authentication Control (TACACS)	138
Secure Sockets Layer (SSL)	138
Secure Shell (SSH)	138
SNMP Manager	138
Safeguard Engine Settings	138
Security IP	138
User Accounts	138
Admin and User Privileges	139
Access Authentication Control	140
Policy & Parameters	141
Application's Authentication Settings	141
Authentication Server Group Settings	142
Authentication Server Hosts	143
Login Method Lists	145
Enable Method Lists	146
Local Enable Password	147
Enable Admin	148
Secure Socket Layer (SSL)	149
Download Certificate	149
Configuration	150
Secure Shell (SSH)	151
SSH Configuration	151
SSH Algorithm	152
SSH User Authentication	154
SNMP Manager	155
SNMP Settings	155
Traps	155
MIBs	155
SNMP User Table	156
SNMP View Table	158
SNMP Group Table	159
SNMP Community Table Configuration	160
SNMP Host Table	161
SNMP Engine ID	162
Safeguard Engine	163
Port Utilization	165
CPU Utilization	165
Packets	165
Errors	165
Size	165
MAC Address	165
Switch History Log	165
IGMP Snooping Group	165
IGMP Snooping Forwarding	165
VLAN Status	165
Router Port	165
Port Access Control	165
Layer 3 Feature	165
Safeguard Engine Status	165
Port Utilization	165
CPU Utilization	166
	166
Packets	167
Received (RX)	167
UMB Cast (RX)	168
Transmitted (TX)	170
	171
Errors	172
Received (RX)	172
Transmitted (TX)	173
Size	175
	176
MAC Address	177
Switch History Log	178
	178
IGMP Snooping Group	179
IGMP Snooping Forwarding	180
	180
VLAN Status	181
Router Port	181
Port Access Control	182
Authenticator State	182
Layer 3 Feature	184
Browse ARP Table	184
Safeguard Engine Status	185
TFTP Services	186
Multiple Image Services	186
Switch History	186
Ping Test	186
Save Changes	186
Reboot Services	186
Logout	186
TFTP Services	186
Download Firmware from TFTP Server	186
Download Configuration File	187
Upload Configuration	187
Upload Log	188
Multiple Image Services	189
Firmware Information	189
Config Firmware Image	190
Ping Test	190
Save Changes	191
Reset	191
Reset System	192
Reset Config	192
Reboot Device	192
Logout	192
Single IP Management (SIM) Overview	193
Topology	193
Firmware Upgrade	193
Configuration Backup/Restore	193
Single IP Management (SIM) Overview	193
The Upgrade to v1.6	194
SIM Using the Web Interface	195
Topology	196
Tool Tips	198
Right-Click	199
Group Icon	199
Commander Switch Icon	200
Member Switch Icon	201
Candidate Switch Icon	201
Menu Bar	203
File	203
Group	203
Device	203
View	203
Firmware Upgrade	204
Configuration File Backup/Restore	204
Upload Log File	204
Copyright Statement: No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from D-Link Corporation/D-Link Systems, Inc., as stipulated by the United States Copyright Act of 1976 and any amendments thereto. Contents are subject to change without prior notice. Copyright 2004 by D-Link Corporation/D-Link Systems, Inc. All rights reserved.	227
FCC Statement: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communication. However, there is no guarantee that interference will not occur in a particular installation. Operation of this equipment in a residential environment is likely to cause harmful interference to radio or television reception. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:	227
Warranty beneficiary	229
Duration of Limited Lifetime Warranty	229
Replacement, Repair or Refund Procedure for Hardware	229
	229
D-Link Limited Lifetime Warranty	230

Match case Limit results 1 per page

xStack DES-3500 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual

Parameter

Description

Profile ID (1-255)

Type in a unique identifier number for this profile set. The number is used to set the relative

priority for the profile. Priority is set relative to other profiles where the lowest profile ID has the

highest priority. If a conflict occurs among configured access rules, the profile ID establishes

relative priority of the rules. The value can be set from

255

however there is a limit to the

total number of profiles that can be created.

Type

Select profile based on Ethernet (MAC Address), IP address or packet content mask. This will

change the menu according to the requirements for the type of profile.

•

Select

Ethernet

to instruct the Switch to examine the layer 2 part of each packet

header.

•

Select

to instruct the Switch to examine the IP address in each frame's header.

•

Select

Packet Content Mask

to specify a mask to hide the content of the packet

header.

VLAN

Selecting this option instructs the Switch to examine the VLAN part of each packet header and

use this as the, or part of the criterion for forwarding.

Source IP Mask

Enter an IP address mask for the source IP address.

Destination IP Mask

Enter an IP address mask for the destination IP address.

DSCP

Selecting this option instructs the Switch to examine the DiffServ Code part of each packet

header and use this as the, or part of the criterion for forwarding.

Protocol

Selecting this option instructs the Switch to examine the protocol type value in each frame's

header. You must then specify what protocol(s) to include according to the following

guidelines:

Select

ICMP

to instruct the Switch to examine the Internet Control Message Protocol (ICMP)

field in each frame's header.

•

Select

Type

to further specify that the access profile will apply an ICMP type value,

or specify Code to further specify that the access profile will apply an ICMP code

value.

Select

IGMP

to instruct the Switch to examine the Internet Group Management Protocol

(IGMP) field in each frame's header.

•

Select

Type

to further specify that the access profile will apply an IGMP type value

Select

TCP

to use the TCP port number contained in an incoming packet as the forwarding

criterion. Selecting TCP requires that you specify a source port mask and/or a destination port

mask. The user may also identify which flag bits to deny. Flag bits are parts of a packet that

determine what to do with the packet. The user may deny packets by denying certain flag bits

within the packets, by checking the boxes corresponding to the flag bits of the TCP field. The

user may choose between urg (urgent), ack (acknowledgement), psh (push), rst (reset), syn

(synchronize), fin (finish).

•

src port mask

- Specify a TCP port mask for the source port in hex form (hex 0x0-

0xffff), which you wish to deny.

•

dest port mask

- Specify a TCP port mask for the destination port in hex form (hex

0x0-0xffff) which you wish to deny.

Select

UDP

to use the UDP port number contained in an incoming packet as the forwarding

criterion. Selecting UDP requires that you specify a source port mask and/or a destination port

mask.

•

src port mask

- Specify a TCP port mask for the source port in hex form (hex 0x0-

0xffff).

•

dest port mask

- Specify a TCP port mask for the destination port in hex form (hex

0x0-0xffff).

protocol id

- Enter a value defining the protocol ID in the packet header to mask. Specify up to

5, Layer 4 port masks for the destination port in hex form (hex 0x0-0xffffffff).

The window shown below is the

Access Profile Configuration

window for Packet Content Mask.