Home » D-Link Manuals » Hubs & Switches » D-Link DGS-1510-28P » Manual Viewer

D-Link DGS-1510-28P User Manual - Page 358

SSL Global Settings, Hash Algorithm, Security > SSL > SSL Global Settings, SSL Status

View all D-Link DGS-1510-28P manuals

Add to My Manuals
Save this manual to your list of manuals

Page 358 highlights

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide block. The Switch supports the 3DES EDE encryption code defined by the Data Encryption Standard (DES) to create the encrypted text. • Hash Algorithm: This part of the cipher suite allows the user to choose a message digest function which will determine a Message Authentication Code. This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks. The Switch supports two hash algorithms, MD5 (Message Digest 5) and SHA (Secure Hash Algorithm). These three parameters are uniquely assembled in four choices on the Switch to create a three-layered encryption code for secure communication between the server and the host. The user may implement any one or combination of the cipher suites available, yet different cipher suites will affect the security level and the performance of the secured connection. The information included in the cipher suites is not included with the Switch and requires downloading from a third source in a file form called a certificate. This function of the Switch cannot be executed without the presence and implementation of the certificate file and can be downloaded to the Switch by utilizing a TFTP server. The Switch supports SSLv3. Other versions of SSL may not be compatible with this Switch and may cause problems upon authentication and transfer of messages from client to host. When the SSL function has been enabled, the web will become disabled. To manage the Switch through the web based management while utilizing the SSL function, the web browser must support SSL encryption and the header of the URL must begin with https://. (Ex. https://xx.xx.xx.xx) Any other method will result in an error and no access can be authorized for the web-based management. Users can download a certificate file for the SSL function on the Switch from a TFTP server. The certificate file is a data record used for authenticating devices on the network. It contains information on the owner, keys for authentication and digital signatures. Both the server and the client must have consistent certificate files for optimal use of the SSL function. The Switch only supports certificate files with .der file extensions. Currently, the Switch comes with a certificate pre-loaded though the user may need to download more, depending on user circumstances. SSL Global Settings This window is used to view and configure the SSL feature's global settings. To view the following window, click Security > SSL > SSL Global Settings, as shown below: Figure 9-91 SSL Global Settings window The fields that can be configured for SSL Global Settings are described below: Parameter SSL Status Service Policy Description Select to enable or disable the SSL feature's global status here. Enter the service policy name here. This name can be up to 32 characters long. Click the Apply button to accept the changes made. 350

Section	Page
Table of Contents	3
1. Introduction	9
Audience	9
Other Documentation	9
Conventions	9
Notes, Notices, and Cautions	9
2. Web-based Switch Configuration	11
Management Options	11
Connecting using the Web User Interface	11
Logging onto the Web Manager	11
Smart Wizard	12
Web User Interface (Web UI)	16
Areas of the User Interface	16
3. System	17
Device Information	17
System Information Settings	17
Peripheral Settings	18
Port Configuration	19
Port Settings	19
Port Status	20
Port Auto Negotiation	21
Error Disable Settings	22
Jumbo Frame	23
PoE (DGS-1510-28P Only)	24
PoE System	24
PoE Status	25
PoE Configuration	26
PoE Statistics	27
PoE Measurement	28
PoE LLDP Classification	29
System Log	30
System Log Settings	30
System Log Discriminator Settings	31
System Log Server Settings	32
System Log	33
System Attack Log	33
Time and SNTP	34
Clock Settings	34
Time Zone Settings	34
SNTP Settings	36
Time Range	37
4. Management	39
User Account Settings	39
Password Encryption	40
Login Method	41
SNMP	42
SNMP Global Settings	43
SNMP Linkchange Trap Settings	44
SNMP View Table Settings	45
SNMP Community Table Settings	46
SNMP Group Table Settings	47
SNMP Engine ID Local Settings	49
SNMP User Table Settings	49
SNMP Host Table Settings	50
RMON	51
RMON Global Settings	51
RMON Statistics Settings	52
RMON History Settings	53
RMON Alarm Settings	53
RMON Event Settings	54
Telnet/Web	55
Session Timeout	56
DHCP	57
Service DHCP	57
DHCP Class Settings	57
DHCP Relay	59
DHCP Relay Global Settings	59
DHCP Relay Pool Settings	59
DHCP Relay Information Settings	61
DHCP Relay Information Option Format Settings	62
DHCP Local Relay VLAN	64
DHCPv6 Relay	64
DHCPv6 Relay Global Settings	64
DHCPv6 Relay Interface Settings	65
DHCP Auto Configuration	66
DNS	66
DNS Global Settings	67
DNS Name Server Settings	68
DNS Host Settings	68
IP Source Interface	69
File System	69
Physical Stacking	71
Virtual Stacking (SIM)	76
Single IP Settings	78
Topology	79
Firmware Upgrade	86
Configuration File Backup/Restore	87
Upload Log File	87
D-Link Discovery Protocol	88
5. Layer 2 Features	90
FDB	90
Static FDB	90
Unicast Static FDB	90
Multicast Static FDB	91
MAC Address Table Settings	91
MAC Address Table	92
MAC Notification	93
VLAN	95
802.1Q VLAN	95
GVRP	96
GVRP Global	96
GVRP Port	96
GVRP Advertise VLAN	97
GVRP Forbidden VLAN	98
GVRP Statistics Table	99
Asymmetric VLAN	99
VLAN Interface	100
Auto Surveillance VLAN	103
Auto Surveillance Properties	103
MAC Settings and Surveillance Device	105
Voice VLAN	106
Voice VLAN Global	106
Voice VLAN Port	106
Voice VLAN OUI	107
Voice VLAN Device	108
Voice VLAN LLDP-MED Device	109
Spanning Tree	109
STP Global Settings	111
STP Port Settings	113
MST Configuration Identification	114
STP Instance	115
MSTP Port Information	116
Loopback Detection	116
Link Aggregation	118
L2 Multicast Control	120
IGMP Snooping	121
IGMP Snooping Settings	121
IGMP Snooping Groups Settings	123
IGMP Snooping Mrouter Settings	124
IGMP Snooping Statistics Settings	125
MLD Snooping	126
MLD Snooping Settings	127
MLD Snooping Groups Settings	130
MLD Snooping Mrouter Settings	131
MLD Snooping Statistics Settings	132
Multicast Filtering	133
LLDP	134
LLDP Global Settings	134
LLDP Port Settings	135
LLDP Management Address List	137
LLDP Basic TLVs Settings	137
LLDP Dot1 TLVs Settings	138
LLDP Dot3 TLVs Settings	139
LLDP-MED Port Settings	140
LLDP Statistics Information	141
LLDP Local Port Information	142
LLDP Neighbor Port Information	144
6. Layer 3 Features	145
ARP	145
ARP Aging Time	145
Static ARP	145
Proxy ARP	146
ARP Table	147
Gratuitous ARP	147
IPv4 Interface	148
IPv4 Static/Default Route	150
IPv4 Route Table	151
IPv6 Interface	152
IPv6 Neighbor	154
IPv6 Static/Default Route	155
IPv6 Route Table	155
7. Quality of Service (QoS)	157
Basic Settings	157
Port Default CoS	157
Port Scheduler Method	157
Queue Settings	159
CoS to Queue Mapping	160
Port Rate Limiting	160
Queue Rate Limiting	161
Advanced Settings	163
DSCP Mutation Map	163
Port Trust State and Mutation Binding	164
DSCP CoS Mapping	164
CoS Color Mapping	165
DSCP Color Mapping	166
Class Map	167
Aggregate Policer	169
Policy Map	172
Policy Binding	175
8. Access Control List (ACL)	177
ACL Configuration Wizard	177
ACL Access List	210
Standard IP ACL	211
Extended IP ACL	214
Standard IPv6 ACL	233
Extended IPv6 ACL	237
Extended MAC ACL	249
Extended Expert ACL	253
ACL Interface Access Group	278
ACL VLAN Access Map	279
ACL VLAN Filter	281
9. Security	283
Port Security	283
Port Security Global Settings	283
Port Security Port Settings	284
Port Security Address Entries	285
802.1X	286
802.1X Global Settings	291
802.1X Port Settings	291
Authentication Session Information	293
Authenticator Statistics	293
Authenticator Session Statistics	294
Authenticator Diagnostics	294
AAA	295
AAA Global Settings	295
Application Authentication Settings	295
Application Accounting Settings	296
Authentication Settings	297
Accounting Settings	299
RADIUS	300
RADIUS Global Settings	300
RADIUS Server Settings	301
RADIUS Group Server Settings	302
RADIUS Statistic	303
TACACS	304
TACACS Server Settings	304
TACACS Group Server Settings	304
TACACS Statistic	305
IMPB	306
IPv4	306
DHCPv4 Snooping	306
DHCP Snooping Global Settings	306
DHCP Snooping Port Settings	307
DHCP Snooping VLAN Settings	308
DHCP Snooping Database	308
DHCP Snooping Binding Entry	309
Dynamic ARP Inspection	310
ARP Access List	310
ARP Inspection Settings	312
ARP Inspection Port Settings	313
ARP Inspection VLAN	314
ARP Inspection Statistics	314
ARP Inspection Log	315
IP Source Guard	315
IP Source Guard Port Settings	315
IP Source Guard Binding	316
IP Source Guard HW Entry	317
Advanced Settings	317
IP-MAC-Port Binding Settings	317
IP-MAC-Port Binding Blocked Entry	319
IPv6	319
IPv6 Snooping	319
IPv6 ND Inspection	320
IPv6 RA Guard	321
IPv6 DHCP Guard	322
IPv6 Source Guard	323
IPv6 Source Guard Settings	323
IPv6 Neighbor Binding	324
DHCP Server Screening	325
DHCP Server Screening Global Settings	325
DHCP Server Screening Port Settings	326
ARP Spoofing Prevention	327
BPDU Attack Protection	327
MAC Authentication	329
Web-based Access Control	330
Web Authentication	333
WAC Port Settings	334
WAC Customize Page	334
Japanese Web-based Access Control	335
JWAC Global Settings	335
JWAC Port Settings	338
JWAC Customize Page Language	339
JWAC Customize Page	339
Network Access Authentication	340
Guest VLAN	340
Network Access Authentication Global Settings	341
Network Access Authentication Port Settings	343
Network Access Authentication Sessions Information	344
Safeguard Engine	345
Safeguard Engine Settings	346
CPU Protect Counters	347
CPU Protect Sub-Interface	348
CPU Protect Type	348
Trusted Host	349
Traffic Segmentation Settings	350
Storm Control	350
DoS Attack Prevention Settings	353
SSH	354
SSH Global Settings	355
Host Key	355
SSH Server Connection	356
SSH User Settings	356
SSL	357
SSL Global Settings	358
Crypto PKI Trustpoint	359
SSL Service Policy	360
10. OAM	361
Cable Diagnostics	361
DDM	361
DDM Settings	362
DDM Temperature Threshold Settings	362
DDM Voltage Threshold Settings	363
DDM Bias Current Threshold Settings	364
DDM TX Power Threshold Settings	364
DDM RX Power Threshold Settings	365
DDM Status Table	366
11. Monitoring	367
Utilization	367
Port Utilization	367
Statistics	368
Port	368
Port Counters	369
Counters	371
Mirror Settings	373
Device Environment	375
12. Green	376
Power Saving	376
EEE	377
13. Save and Tools	379
Save Configuration	379
Firmware Upgrade & Backup	379
Firmware Upgrade from HTTP	379
Firmware Upgrade from TFTP	380
Firmware Backup to HTTP	380
Firmware Backup to TFTP	381
Configuration Restore & Backup	381
Configuration Restore from HTTP	381
Configuration Restore from TFTP	382
Configuration Backup to HTTP	383
Configuration Backup to TFTP	383
Log Backup	384
Log Backup to HTTP	384
Log Backup to TFTP	384
Ping	385
Trace Route	387
Language Management	389
Reset	389
Reboot System	390
Appendix A - System Log Entries	391
802.1X	391
AAA	391
Auto Surveillance VLAN	394
BPDU Attack Protection	394
Configuration/Firmware	394
DAI	396
DDM	397
DHCPv6 Client	398
DHCPv6 Relay	400
DNS Resolver	400
DOS Prevention	400
Interface	401
JWAC	401
LACP	402
LBD	402
LLDP-MED	403
Login/Logout CLI	404
MAC-based Access Control	406
MSTP Debug Enhancement	407
Peripheral	409
PoE	410
Port Security	410
Safeguard	410
SNMP	411
SSH	411
Stacking	411
Storm Control	412
Voice-VLAN	413
Web	413
Web-Authentication	414
Appendix B - Trap Entries	415
802.1X	415
Authentication Fail	415
BPDU Attack Protection	415
DDM	416
DHCP Server Screen Prevention	416
DOS Prevention	416
ErrDisable	416
General Management	417
Gratuitous ARP Function	417
IMPB	417
LACP	417
LBD	418
LLDP	418
MAC-based Access Control	419
MAC-notification	419
MSTP	419
Peripheral	420
PoE	420
Port	421
Port Security	421
RMON	421
Safeguard	422
Stack	422
SIM	423
Start	424
Storm Control	424
System File	424
Web-Authentication	424
Appendix C - RADIUS Attributes Assignment	426

Match case Limit results 1 per page

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide

350

block. The Switch supports the 3DES EDE encryption code defined by the Data

Encryption Standard (DES) to create the encrypted text.

•

Hash Algorithm:

This part of the cipher suite allows the user to choose a message digest

function which will determine a Message Authentication Code. This Message Authentication

Code will be encrypted with a sent message to provide integrity and prevent against replay

attacks. The Switch supports two hash algorithms, MD5 (Message Digest 5) and SHA (Secure

Hash Algorithm).

These three parameters are uniquely assembled in four choices on the Switch to create a three-layered

encryption code for secure communication between the server and the host. The user may implement

any one or combination of the cipher suites available, yet different cipher suites will affect the security

level and the performance of the secured connection. The information included in the cipher suites is not

included with the Switch and requires downloading from a third source in a file form called a certificate.

This function of the Switch cannot be executed without the presence and implementation of the certificate

file and can be downloaded to the Switch by utilizing a TFTP server. The Switch supports SSLv3. Other

versions of SSL may not be compatible with this Switch and may cause problems upon authentication

and transfer of messages from client to host.

When the SSL function has been enabled, the web will become disabled. To manage the Switch through

the web based management while utilizing the SSL function, the web browser must support SSL

encryption and the header of the URL must begin with https://. (Ex. https://xx.xx.xx.xx) Any other method

will result in an error and no access can be authorized for the web-based management.

Users can download a certificate file for the SSL function on the Switch from a TFTP server. The

certificate file is a data record used for authenticating devices on the network. It contains information on

the owner, keys for authentication and digital signatures. Both the server and the client must have

consistent certificate files for optimal use of the SSL function. The Switch only supports certificate files

with .der file extensions. Currently, the Switch comes with a certificate pre-loaded though the user may

need to download more, depending on user circumstances.

SSL Global Settings

This window is used to view and configure the SSL feature’s global settings.

To view the following window, click

Security > SSL > SSL Global Settings

, as shown below:

Figure 9-91 SSL Global Settings window

The fields that can be configured for

SSL Global Settings

are described below:

Parameter

Description

SSL Status

Select to enable or disable the SSL feature’s global status here.

Service Policy

Enter the service policy name here. This name can be up to 32

characters long.

Click the

Apply

button to accept the changes made.