Home » D-Link Manuals » Hubs & Switches » D-Link DGS-1510-28P » Manual Viewer

D-Link DGS-1510-28P User Manual - Page 306

IMPB, IPv4, DHCPv4 Snooping, DHCP Snooping Global Settings

View all D-Link DGS-1510-28P manuals

Add to My Manuals
Save this manual to your list of manuals

Page 306 highlights

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Figure 9-35 TACACS Statistic window The fields that can be configured are described below: Parameter Group Server Name Description Select the TACACS group server name from this list here. Click the Clear by Group button to clear the information based on the group selected. Click the Clear All button to clear all the information in this table. Click the Clear button to clear all the information for the specific port. IMPB The IP network layer uses a four-byte address. The Ethernet link-layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC-Port Binding (IMPB) is to restrict the access to a switch to a number of authorized users. Authorized clients can access a switch's port by either checking the pair of IP-MAC addresses with the pre-configured database or if DHCP snooping has been enabled in which case the switch will automatically learn the IP/MAC pairs by snooping DHCP packets and saving them to the IMPB white list. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will block the access by dropping its packet. Active and inactive entries use the same database. The function is port-based, meaning a user can enable or disable the function on the individual port. IPv4 DHCPv4 Snooping DHCP Snooping Global Settings This window is used to view and configure the DHCP snooping global settings. To view the following window, click Security > IMPB > IPv4 > DHCPv4 Snooping > DHCP Snooping Global Settings, as shown below: Figure 9-36 DHCP Snooping Global Settings window The fields that can be configured are described below: Parameter DHCP Snooping Information Option Allow Untrusted Source MAC Verification Station Move Deny Description Select to enable or disable the DHCP snooping global status. Select to enable or disable the option to globally allow DHCP packets with the relay Option 82 on the untrusted interface. Select to enable or disable the verification that the source MAC address in a DHCP packet matches the client hardware address. Select to enable or disable the DHCP snooping station move state. 298

Section	Page
Table of Contents	3
1. Introduction	9
Audience	9
Other Documentation	9
Conventions	9
Notes, Notices, and Cautions	9
2. Web-based Switch Configuration	11
Management Options	11
Connecting using the Web User Interface	11
Logging onto the Web Manager	11
Smart Wizard	12
Web User Interface (Web UI)	16
Areas of the User Interface	16
3. System	17
Device Information	17
System Information Settings	17
Peripheral Settings	18
Port Configuration	19
Port Settings	19
Port Status	20
Port Auto Negotiation	21
Error Disable Settings	22
Jumbo Frame	23
PoE (DGS-1510-28P Only)	24
PoE System	24
PoE Status	25
PoE Configuration	26
PoE Statistics	27
PoE Measurement	28
PoE LLDP Classification	29
System Log	30
System Log Settings	30
System Log Discriminator Settings	31
System Log Server Settings	32
System Log	33
System Attack Log	33
Time and SNTP	34
Clock Settings	34
Time Zone Settings	34
SNTP Settings	36
Time Range	37
4. Management	39
User Account Settings	39
Password Encryption	40
Login Method	41
SNMP	42
SNMP Global Settings	43
SNMP Linkchange Trap Settings	44
SNMP View Table Settings	45
SNMP Community Table Settings	46
SNMP Group Table Settings	47
SNMP Engine ID Local Settings	49
SNMP User Table Settings	49
SNMP Host Table Settings	50
RMON	51
RMON Global Settings	51
RMON Statistics Settings	52
RMON History Settings	53
RMON Alarm Settings	53
RMON Event Settings	54
Telnet/Web	55
Session Timeout	56
DHCP	57
Service DHCP	57
DHCP Class Settings	57
DHCP Relay	59
DHCP Relay Global Settings	59
DHCP Relay Pool Settings	59
DHCP Relay Information Settings	61
DHCP Relay Information Option Format Settings	62
DHCP Local Relay VLAN	64
DHCPv6 Relay	64
DHCPv6 Relay Global Settings	64
DHCPv6 Relay Interface Settings	65
DHCP Auto Configuration	66
DNS	66
DNS Global Settings	67
DNS Name Server Settings	68
DNS Host Settings	68
IP Source Interface	69
File System	69
Physical Stacking	71
Virtual Stacking (SIM)	76
Single IP Settings	78
Topology	79
Firmware Upgrade	86
Configuration File Backup/Restore	87
Upload Log File	87
D-Link Discovery Protocol	88
5. Layer 2 Features	90
FDB	90
Static FDB	90
Unicast Static FDB	90
Multicast Static FDB	91
MAC Address Table Settings	91
MAC Address Table	92
MAC Notification	93
VLAN	95
802.1Q VLAN	95
GVRP	96
GVRP Global	96
GVRP Port	96
GVRP Advertise VLAN	97
GVRP Forbidden VLAN	98
GVRP Statistics Table	99
Asymmetric VLAN	99
VLAN Interface	100
Auto Surveillance VLAN	103
Auto Surveillance Properties	103
MAC Settings and Surveillance Device	105
Voice VLAN	106
Voice VLAN Global	106
Voice VLAN Port	106
Voice VLAN OUI	107
Voice VLAN Device	108
Voice VLAN LLDP-MED Device	109
Spanning Tree	109
STP Global Settings	111
STP Port Settings	113
MST Configuration Identification	114
STP Instance	115
MSTP Port Information	116
Loopback Detection	116
Link Aggregation	118
L2 Multicast Control	120
IGMP Snooping	121
IGMP Snooping Settings	121
IGMP Snooping Groups Settings	123
IGMP Snooping Mrouter Settings	124
IGMP Snooping Statistics Settings	125
MLD Snooping	126
MLD Snooping Settings	127
MLD Snooping Groups Settings	130
MLD Snooping Mrouter Settings	131
MLD Snooping Statistics Settings	132
Multicast Filtering	133
LLDP	134
LLDP Global Settings	134
LLDP Port Settings	135
LLDP Management Address List	137
LLDP Basic TLVs Settings	137
LLDP Dot1 TLVs Settings	138
LLDP Dot3 TLVs Settings	139
LLDP-MED Port Settings	140
LLDP Statistics Information	141
LLDP Local Port Information	142
LLDP Neighbor Port Information	144
6. Layer 3 Features	145
ARP	145
ARP Aging Time	145
Static ARP	145
Proxy ARP	146
ARP Table	147
Gratuitous ARP	147
IPv4 Interface	148
IPv4 Static/Default Route	150
IPv4 Route Table	151
IPv6 Interface	152
IPv6 Neighbor	154
IPv6 Static/Default Route	155
IPv6 Route Table	155
7. Quality of Service (QoS)	157
Basic Settings	157
Port Default CoS	157
Port Scheduler Method	157
Queue Settings	159
CoS to Queue Mapping	160
Port Rate Limiting	160
Queue Rate Limiting	161
Advanced Settings	163
DSCP Mutation Map	163
Port Trust State and Mutation Binding	164
DSCP CoS Mapping	164
CoS Color Mapping	165
DSCP Color Mapping	166
Class Map	167
Aggregate Policer	169
Policy Map	172
Policy Binding	175
8. Access Control List (ACL)	177
ACL Configuration Wizard	177
ACL Access List	210
Standard IP ACL	211
Extended IP ACL	214
Standard IPv6 ACL	233
Extended IPv6 ACL	237
Extended MAC ACL	249
Extended Expert ACL	253
ACL Interface Access Group	278
ACL VLAN Access Map	279
ACL VLAN Filter	281
9. Security	283
Port Security	283
Port Security Global Settings	283
Port Security Port Settings	284
Port Security Address Entries	285
802.1X	286
802.1X Global Settings	291
802.1X Port Settings	291
Authentication Session Information	293
Authenticator Statistics	293
Authenticator Session Statistics	294
Authenticator Diagnostics	294
AAA	295
AAA Global Settings	295
Application Authentication Settings	295
Application Accounting Settings	296
Authentication Settings	297
Accounting Settings	299
RADIUS	300
RADIUS Global Settings	300
RADIUS Server Settings	301
RADIUS Group Server Settings	302
RADIUS Statistic	303
TACACS	304
TACACS Server Settings	304
TACACS Group Server Settings	304
TACACS Statistic	305
IMPB	306
IPv4	306
DHCPv4 Snooping	306
DHCP Snooping Global Settings	306
DHCP Snooping Port Settings	307
DHCP Snooping VLAN Settings	308
DHCP Snooping Database	308
DHCP Snooping Binding Entry	309
Dynamic ARP Inspection	310
ARP Access List	310
ARP Inspection Settings	312
ARP Inspection Port Settings	313
ARP Inspection VLAN	314
ARP Inspection Statistics	314
ARP Inspection Log	315
IP Source Guard	315
IP Source Guard Port Settings	315
IP Source Guard Binding	316
IP Source Guard HW Entry	317
Advanced Settings	317
IP-MAC-Port Binding Settings	317
IP-MAC-Port Binding Blocked Entry	319
IPv6	319
IPv6 Snooping	319
IPv6 ND Inspection	320
IPv6 RA Guard	321
IPv6 DHCP Guard	322
IPv6 Source Guard	323
IPv6 Source Guard Settings	323
IPv6 Neighbor Binding	324
DHCP Server Screening	325
DHCP Server Screening Global Settings	325
DHCP Server Screening Port Settings	326
ARP Spoofing Prevention	327
BPDU Attack Protection	327
MAC Authentication	329
Web-based Access Control	330
Web Authentication	333
WAC Port Settings	334
WAC Customize Page	334
Japanese Web-based Access Control	335
JWAC Global Settings	335
JWAC Port Settings	338
JWAC Customize Page Language	339
JWAC Customize Page	339
Network Access Authentication	340
Guest VLAN	340
Network Access Authentication Global Settings	341
Network Access Authentication Port Settings	343
Network Access Authentication Sessions Information	344
Safeguard Engine	345
Safeguard Engine Settings	346
CPU Protect Counters	347
CPU Protect Sub-Interface	348
CPU Protect Type	348
Trusted Host	349
Traffic Segmentation Settings	350
Storm Control	350
DoS Attack Prevention Settings	353
SSH	354
SSH Global Settings	355
Host Key	355
SSH Server Connection	356
SSH User Settings	356
SSL	357
SSL Global Settings	358
Crypto PKI Trustpoint	359
SSL Service Policy	360
10. OAM	361
Cable Diagnostics	361
DDM	361
DDM Settings	362
DDM Temperature Threshold Settings	362
DDM Voltage Threshold Settings	363
DDM Bias Current Threshold Settings	364
DDM TX Power Threshold Settings	364
DDM RX Power Threshold Settings	365
DDM Status Table	366
11. Monitoring	367
Utilization	367
Port Utilization	367
Statistics	368
Port	368
Port Counters	369
Counters	371
Mirror Settings	373
Device Environment	375
12. Green	376
Power Saving	376
EEE	377
13. Save and Tools	379
Save Configuration	379
Firmware Upgrade & Backup	379
Firmware Upgrade from HTTP	379
Firmware Upgrade from TFTP	380
Firmware Backup to HTTP	380
Firmware Backup to TFTP	381
Configuration Restore & Backup	381
Configuration Restore from HTTP	381
Configuration Restore from TFTP	382
Configuration Backup to HTTP	383
Configuration Backup to TFTP	383
Log Backup	384
Log Backup to HTTP	384
Log Backup to TFTP	384
Ping	385
Trace Route	387
Language Management	389
Reset	389
Reboot System	390
Appendix A - System Log Entries	391
802.1X	391
AAA	391
Auto Surveillance VLAN	394
BPDU Attack Protection	394
Configuration/Firmware	394
DAI	396
DDM	397
DHCPv6 Client	398
DHCPv6 Relay	400
DNS Resolver	400
DOS Prevention	400
Interface	401
JWAC	401
LACP	402
LBD	402
LLDP-MED	403
Login/Logout CLI	404
MAC-based Access Control	406
MSTP Debug Enhancement	407
Peripheral	409
PoE	410
Port Security	410
Safeguard	410
SNMP	411
SSH	411
Stacking	411
Storm Control	412
Voice-VLAN	413
Web	413
Web-Authentication	414
Appendix B - Trap Entries	415
802.1X	415
Authentication Fail	415
BPDU Attack Protection	415
DDM	416
DHCP Server Screen Prevention	416
DOS Prevention	416
ErrDisable	416
General Management	417
Gratuitous ARP Function	417
IMPB	417
LACP	417
LBD	418
LLDP	418
MAC-based Access Control	419
MAC-notification	419
MSTP	419
Peripheral	420
PoE	420
Port	421
Port Security	421
RMON	421
Safeguard	422
Stack	422
SIM	423
Start	424
Storm Control	424
System File	424
Web-Authentication	424
Appendix C - RADIUS Attributes Assignment	426

Match case Limit results 1 per page

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide

298

Figure 9-35 TACACS Statistic window

The fields that can be configured are described below:

Parameter

Description

Group Server Name

Select the TACACS group server name from this list here.

Click the

Clear by Group

button to clear the information based on the group selected.

Click the

Clear All

button to clear all the information in this table.

Click the

Clear

button to clear all the information for the specific port.

IMPB

The IP network layer uses a four-byte address. The Ethernet link-layer uses a six-byte MAC address.

Binding these two address types together allows the transmission of data between the layers. The

primary purpose of IP-MAC-Port Binding (IMPB) is to restrict the access to a switch to a number of

authorized users. Authorized clients can access a switch’s port by either checking the pair of IP-MAC

addresses with the pre-configured database or if DHCP snooping has been enabled in which case the

switch will automatically learn the IP/MAC pairs by snooping DHCP packets and saving them to the IMPB

white list. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will block

the access by dropping its packet. Active and inactive entries use the same database. The function is

port-based, meaning a user can enable or disable the function on the individual port.

IPv4

DHCPv4 Snooping

DHCP Snooping Global Settings

This window is used to view and configure the DHCP snooping global settings.

To view the following window, click

Security > IMPB > IPv4 > DHCPv4 Snooping > DHCP Snooping

Global Settings

, as shown below:

Figure 9-36 DHCP Snooping Global Settings window

The fields that can be configured are described below:

Parameter

Description

DHCP Snooping

Select to enable or disable the DHCP snooping global status.

Information Option Allow

Untrusted

Select to enable or disable the option to globally allow DHCP packets

with the relay Option 82 on the untrusted interface.

Source MAC Verification

Select to enable or disable the verification that the source MAC

address in a DHCP packet matches the client hardware address.

Station Move Deny

Select to enable or disable the DHCP snooping station move state.