Home » D-Link Manuals » Hubs & Switches » D-Link DGS-3024 » Manual Viewer

D-Link DGS-3024 Product Manual - Page 103

Configuration, Apply., Security > Secure Socket Layer SSL > Configuration

UPC - 790069273889

Add to My Manuals
Save this manual to your list of manuals

Page 103 highlights

DGS-3024 Gigabit Ethernet Switch Manual To download certificates, set the following parameters and click Apply. Parameter Description Server IP Enter the IP address of the TFTP server where the certificate files are located. Certificate File Name Enter the path and the filename of the certificate file to download. This file must have a .der extension. (Ex. c:/cert.der) Key File Name Enter the path and the filename of the key file to download. This file must have a .der extension (Ex. c:/pkey.der) Click Apply to implement changes made. Configuration This window will allow the user to enable SSL on the Switch and implement any one or combination of listed ciphersuites on the Switch. A ciphersuite is a security string that determines the exact cryptographic parameters, specific encryption algorithms and key sizes to be used for an authentication session. The Switch possesses four possible ciphersuites for the SSL function, which are all enabled by default. To utilize a particular ciphersuite, disable the unwanted ciphersuites, leaving the desired one for authentication. When the SSL function has been enabled, the web will become disabled. To manage the Switch through the web-based management while utilizing the SSL function, the web browser must support SSL encryption and the header of the URL must begin with https://. (Ex. https://10.90.90.90) Any other method will result in an error and no access can be authorized for the webbased management. To view the following window, click Security > Secure Socket Layer (SSL) > Configuration: Figure 8- 3. SSL Configuration window To set up the SSL function on the Switch, configure the following parameters and click Apply. Parameter Description Status Use the pull-down menu to enable or disable the SSL status on the Switch. The default is Disabled. RSA with RC4 128 MD5 This ciphersuite combines the RSA key exchange, stream cipher RC4 encryption with 128bit keys and the MD5 Hash Algorithm. Use the pull-down menu to enable or disable this ciphersuite. This field is Enabled by default. RSA with 3DES EDE CBC SHA This ciphersuite combines the RSA key exchange, CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm. Use the pull-down menu to enable or disable this ciphersuite. This field is Enabled by default. 89

Section	Page
D-Link ™ DGS-3024	1
Preface	9
Intended Readers	10
Notes, Notices, and Cautions	10
Safety Instructions	11
	11
Safety Cautions	11
General Precautions for Rack-Mountable Products	12
Protecting Against Electrostatic Discharge	14
Battery Handling Reminder	14
Features	15
Ports	15
Performance Features	15
Management	15
Packing List	17
Installation	17
Desktop or Shelf Installation	18
Rack Installation	18
Power on	19
Power Failure	19
External Redundant Power System	20
Front Panel	21
Rear Panel	21
Side Panels	22
LED Indicators	22
Switch to End Node	23
Switch to Hub or Switch	24
Switch to Core Router Switch	24
Management Options	25
Web-based Management Interface	25
SNMP-Based Management	25
Command Line Console Interface Through the Serial Port	25
Connecting the Console Port (RS-232 DCE)	25
First Time Connecting to The Switch	27
Password Protection	28
SNMP Settings	29
Traps	29
MIBs	29
IP Address Assignment	30
Connecting Devices to the Switch	31
Introduction	32
Login to Web Manager	32
Web-based User Interface	33
Areas of the User Interface	33
IP Address	34
Switch Information	37
Advanced Settings	38
Port Configuration	40
Port Description	42
Port Mirroring	43
Link Aggregation (Port Trunking)	44
LACP Port Settings	47
IGMP Snooping	48
IGMP Snooping	48
Static Router Ports Entry	50
Spanning Tree	51
	51
802.1s MSTP	51
802.1w Rapid Spanning Tree	51
Port Transition States	52
Edge Port	52
P2P Port	52
802.1d/802.1w/802.1s Compatibility	52
STP Loopback Detection	53
	53
	53
	53
Setting the Loopback Timer	53
Regulations and Restrictions for the Loopback Detection Function	53
STP Bridge Global Settings	54
MST Configuration Table	56
MSTI Settings	59
STP Instance Settings	60
STP Port Settings	63
Forwarding & Filtering	65
Unicast Forwarding	65
Multicast Forwarding	65
Multicast Filtering	66
VLANs	67
	67
Understanding IEEE 802.1p Priority	67
VLAN Description	67
Notes About VLANs on the DGS-3024	67
IEEE 802.1Q VLANs	68
802.1Q VLAN Tags	69
Port VLAN ID	70
Tagging and Untagging	70
Ingress Filtering	70
Default VLANs	71
VLAN and Trunk Groups	71
Static VLAN Entry	72
Time Zone and DST	76
QoS	78
	78
Advantages of QoS	78
Understanding QoS	79
Port Bandwidth	80
Traffic Control	81
802.1p Default Priority	82
802.1p User Priority	83
QoS Scheduling Mechanism	83
QoS Output Scheduling	84
MAC Notification	85
MAC Notification Global Settings	85
MAC Notification Port Settings	86
System Log Server	87
Port Access Entity	89
	89
802.1x Port-Based Access Control	89
Authentication Server	90
Authenticator	90
Client	91
Authentication Process	91
Port-Based Network Access Control	92
Configure Authenticator	93
Local Users	95
802.1x Capability Settings	96
Initialize Port(s)	97
Reauthenticate Port(s)	98
RADIUS Server	99
Static ARP Settings	100
Trusted Host	101
Secure Socket Layer (SSL)	102
Download Certificate	102
Configuration	103
Secure Shell (SSH)	105
SSH Configuration	106
SSH Algorithm	107
SSH User Authentication	109
Access Authentication Control	110
Policy and Parameters	111
Application Authentication Settings	111
Authentication Server Group	112
Authentication Server Host	114
Login Method Lists	115
Enable Method Lists	117
Configure Local Enable Password	118
Enable Admin	119
User Accounts	120
	121
Admin and User Privileges	121
SNMP Manager	123
SNMP User Table	123
SNMP View Table	125
SNMP Group Table	126
SNMP Community Table	128
SNMP Host Table	129
SNMP Engine ID	130
Port Utilization	131
Packets	132
Received (RX)	132
UMB Cast (RX)	134
Transmitted (TX)	136
Errors	138
Received (RX)	138
Transmitted (TX)	140
Size	142
Switch History Log	145
IGMP Snooping Group	146
IGMP Snooping Forwarding	147
VLAN Status	147
Router Port	148
Session Table	148
Port Access Control	149
RADIUS Authentication	149
TFTP Services	150
Download Firmware	150
Download Configuration File	150
Save Settings	151
Save History Log	151
Ping Test	152
Save Changes	152
Reboot Services	154
Reboot	154
Reset	154
Reset Config	155
Reset System	155
Logout	155
Technical Specifications	156
Cable Lengths	158
Glossary	159
Product Registration	167
Tech Support	178
International Offices	205

Match case Limit results 1 per page

DGS-3024 Gigabit Ethernet Switch Manual

To download certificates, set the following parameters and click

Apply.

Parameter

Description

Server IP

Enter the IP address of the TFTP server where the certificate files are located.

Certificate File Name

Enter the path and the filename of the certificate file to download. This file must have a .der

extension. (Ex. c:/cert.der)

Key File Name

Enter the path and the filename of the key file to download. This file must have a .der

extension (Ex. c:/pkey.der)

Click

Apply

to implement changes made.

Configuration

This window will allow the user to enable SSL on the Switch and implement any one or combination of listed ciphersuites on the

Switch. A

ciphersuite

is a security string that determines the exact cryptographic parameters, specific encryption algorithms and

key sizes to be used for an authentication session. The Switch possesses four possible ciphersuites for the SSL function, which are

all enabled by default. To utilize a particular ciphersuite, disable the unwanted ciphersuites, leaving the desired one for

authentication.

When the SSL function has been enabled, the web will become disabled. To manage the Switch through the web-based

management while utilizing the SSL function, the web browser must support SSL encryption and the header of the URL must

begin with https://. (Ex. https://10.90.90.90) Any other method will result in an error and no access can be authorized for the web-

based management.

To view the following window, click

Security > Secure Socket Layer (SSL) > Configuration

Figure 8- 3. SSL Configuration window

To set up the SSL function on the Switch, configure the following parameters and click

Apply

Parameter

Description

Status

Use the pull-down menu to enable or disable the SSL status on the Switch. The default is

Disabled

RSA with RC4 128

MD5

This ciphersuite combines the RSA key exchange, stream cipher RC4 encryption with 128-

bit keys and the MD5 Hash Algorithm. Use the pull-down menu to enable or disable this

ciphersuite. This field is

Enabled

by default.

RSA with 3DES EDE

CBC SHA

This ciphersuite combines the RSA key exchange, CBC Block Cipher 3DES_EDE encryption

and the SHA Hash Algorithm. Use the pull-down menu to enable or disable this ciphersuite.

This field is

Enabled

by default.