Page 1: User Manual
User Manual Product Model: DWS-4000 series DWL-8600AP DWL-8610AP DWL-6600AP DWL-6610AP DWL-2600AP DWL-3600AP DWL-6700AP Unified Wired & Wireless Access System Release 2.01 October 2015 ©Copyright 2015. All rights reserved.
Page 2 D-Link UWS User Manual FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
Page 3 D-Link UWS User Manual MIC Warning CCC Warning Unified Wired and Wireless Access System D-Link July 2012 Page 3...
Page 4: Table Of Contents
D-Link UWS User Manual Table of Contents About This Document...........................45 Audience ..............................45 Organization............................45 Additional Documentation........................46 Document Conventions .........................46 Section 1: Getting Started ....................47 Connecting the Switch to the Network......................47 Booting the Switch ............................48 Boot Menu Functions..........................49 Start Operational Code ........................50 Change Baud Rate...........................50...
Page 5 D-Link UWS User Manual Card Configuration ............................66 Slot Summary............................68 PoE Configuration ..........................69 PoE Status ..............................71 Serial Port ..............................73 IP Address ..............................74 Network DHCP Client Options........................75 HTTP Configuration ............................77 User Accounts...............................78 Adding a User Account ........................80 Changing User Account Information ....................80 Deleting a User Account .........................80...
Page 6 D-Link UWS User Manual Configuring and Viewing Device Port Information..................107 Port Configuration ..........................107 Port Summary ............................110 Port Description ...........................113 Managing and Viewing Logs........................114 Buffered Log Configuration........................114 Viewing Buffered Log Messages ......................115 Command Logger Configuration......................116 Console Log Configuration ........................117 Event Log..............................118 Hosts Configuration ..........................119...
Page 7 D-Link UWS User Manual Global Configuration..........................145 Server Configuration ..........................146 DNS Host Name IP Mapping Configuration ..................147 DNS Host Name IP Mapping Summary ....................148 Configuring and Viewing ISDP Information ....................149 Global Configuration..........................149 Cache Table............................150 Interface Configuration........................151 Statistics ...............................152 Configuring sFlow ............................153 sFlow Agent Summary .........................153...
Page 8 D-Link UWS User Manual Section 4: Configuring L2 Features................. 181 Configuring and Searching the Forwarding Database ................182 Configuration ............................182 MAC Address Table ..........................183 Searching the Forwarding Database.....................184 Managing VLANs............................184 VLAN Configuration ..........................184 VLAN Status............................187 VLAN Port Configuration........................188 VLAN Port Summary ..........................189 Managing Protocol-Based VLANs......................190...
Page 9 D-Link UWS User Manual Global Configuration and Status ......................214 Interface Configuration........................215 VLAN Configuration ..........................216 VLAN Status............................217 Multicast Router Configuration ......................218 Multicast Router Status ........................219 Multicast Router VLAN Configuration....................220 Multicast Router VLAN Status......................221 Configuring IGMP Snooping Queriers ......................222 IGMP Snooping Querier Configuration ....................222 IGMP Snooping Querier VLAN Configuration ..................223...
Page 10 D-Link UWS User Manual CST Port Configuration/Status ......................249 MST Port Configuration/Status......................252 Statistics ...............................254 Configuring DHCP Snooping ........................255 Global DHCP Snooping Configuration ....................255 DHCP Snooping VLAN Configuration....................256 DHCP Snooping Interface Configuration....................257 Managing LLDP ............................258 Global Configuration..........................259 Interface Configuration........................260 Interface Summary ..........................261 Statistics ...............................262...
Page 11 D-Link UWS User Manual IP Helper Statistics ..........................287 Configuring ARP............................288 ARP Create ............................289 ARP Table Configuration ........................290 Viewing ARP Cache.............................292 Configuring Global and Interface IP Settings.....................293 IP Configuration ...........................293 IP Interface Configuration........................295 IP Statistics ............................297 Loopback Interfaces ...........................300 Loopbacks Configuration ........................300 Creating a New Loopback (IPv4) ....................301...
Page 12 D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP).....................324 VRRP Configuration..........................324 Virtual Router Configuration........................325 Configuring a Secondary VRRP Address..................326 Creating a New Virtual Router......................327 Modifying a Virtual Router ......................327 VRRP Interface Tracking Configuration..................327 VRRP Interface Tracking........................328 VRRP Route Tracking Configuration .....................329 VRRP Route Tracking ........................330...
Page 13 D-Link UWS User Manual Section 7: Configuring Access Control Lists ..............356 Configuring IP Access Control Lists ......................356 IP ACL Configuration ..........................357 IP ACL Rule Configuration ........................358 Modifying an IP-based Rule ....................362 Adding a New Rule to an IP-based ACL.................363 Deleting a Rule from an IP-based ACL ..................363...
Page 14 D-Link UWS User Manual Customizing the Captive Portal Web Page ...................389 Local User.............................395 Adding a Local User ........................396 Configuring Users in the Local Database ..................397 Configuring Users in a Remote RADIUS Server................398 Interface Association ...........................400 CP Global Status...........................401 Viewing CP Activation and Activity Status ..................402 Interface Status............................404...
Page 15 TACACS+ Configuration........................434 TACACS+ Server Configuration ......................435 Section 9: Configuring the Wireless Features..............437 Unified Wired and Wireless Access System Components.................437 D-Link DWS-4000 Series Unified Wireless Switch................438 DWL-X600AP Unified Access Points.....................438 DWS-4000 Series Switch and AP Discovery Methods ................439 L2 Discovery..........................439 IP Address of AP Configured in the Switch ...................440...
Page 16 D-Link UWS User Manual Viewing Managed Access Point Ethernet Statistics..............480 Viewing Detailed Managed Access Point Statistics ..............480 Viewing Managed Access Point Radio Statistics................482 Viewing Managed Access Point VAP Statistics ................483 Viewing Distributed Tunneling Statistics ..................484 AP Authentication Failure Status ......................486 Viewing Details About AP Authentication Failures...............488...
Page 17 D-Link UWS User Manual Detected Client Roam History Summary ..................527 Radio Resource Measurement Status Information................528 Viewing the RRM Channel Load Configuration................528 Viewing the RRM Channel Load History ..................530 Viewing RRM Neighbors .......................531 WDS-Managed AP Information......................532 WDS Group Status Summary ......................532 WDS AP Group Status ........................533...
Page 18 D-Link UWS User Manual Access Point Software Download ......................583 Managed AP Advanced Settings ......................586 Debugging the AP .........................587 Adjusting the Channel and Power ....................588 AP Provisioning ............................590 AP Provisioning Summary Status....................590 Detailed AP Provisioning Status....................591 Configuring Advanced Settings ........................594 Advanced Global Settings ........................594 Wireless SNMP Trap Configuration ....................597...
Page 19 D-Link UWS User Manual WDS Link Configuration ........................648 WDS Link Create ...........................649 Locating WLAN Devices ..........................650 Managed AP Location ..........................650 Building ............................650 Building Floor..........................652 Managed AP Coordinates ......................653 Managed AP Location Summary....................654 On-Demand Location Trigger......................655 On-Demand Location Trigger Status....................656 On-Demand Location Trigger Global Status .................656 On-Demand Location Trigger Floor Status ...................658...
Page 20 D-Link UWS User Manual Configuring Differentiated Services for VoIP.....................694 Configuring a Network with WDS-Managed APs ..................697 Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs.............706 Configuring Client Information on the RADIUS Server ................707 Configuring RADIUS Information and AP Profiles on the Switch ............708 Verifying the Configuration........................713...
Page 21 D-Link UWS User Manual List of Figures Figure 1: Web Interface Layout ........................57 Figure 2: Device View—Back ..........................57 Figure 3: Cascading Navigation Menu ......................58 Figure 4: Navigation Tree View ........................58 Figure 5: LAN and WLAN Tabs ..........................59 Figure 6: Help Link ............................60 Figure 7: System Description..........................63...
Page 22 D-Link UWS User Manual Figure 36: Summer Time Recurring Configuration..................105 Figure 37: Clock Detail............................106 Figure 38: Port Configuration .........................107 Figure 39: Port Summary..........................110 Figure 40: Port Description..........................113 Figure 41: Buffered Log Configuration ......................114 Figure 42: Buffered Log ..........................115 Figure 43: Command Logger Configuration ....................116 Figure 44: Console Log Configuration ......................117...
Page 23 D-Link UWS User Manual Figure 73: ISDP Statistics ..........................152 Figure 74: sFlow Agent Summary........................153 Figure 75: sFlow Receiver Configuration......................154 Figure 76: sFlow Poller Configuration ......................156 Figure 77: sFlow Sampler Configuration ......................157 Figure 78: Switch Detailed..........................158 Figure 79: Switch Summary..........................160 Figure 80: Port Detailed ..........................162 Figure 81: Port Summary..........................168...
Page 24 D-Link UWS User Manual Figure 110: Protected Port Configuration ......................200 Figure 111: Protected Ports Summary ......................201 Figure 112: MAC Filter Configuration......................202 Figure 113: MAC Filter Summary ........................203 Figure 114: GARP Status..........................204 Figure 115: GARP Switch Configuration ......................206 Figure 116: GARP Port Configuration ......................207 Figure 117: Port Channel Configuration......................209...
Page 25 D-Link UWS User Manual Figure 147: Multicast Forwarding Database Statistics ...................242 Figure 148: Spanning Tree Switch Configuration/Status................243 Figure 149: Spanning Tree CST Configuration/Status ..................245 Figure 150: Spanning Tree MST Configuration/Status ...................247 Figure 151: Spanning Tree MST Configuration/Status ...................247 Figure 152: Spanning Tree CST Port Configuration/Status................249 Figure 153: Spanning Tree MST Port Configuration/Status ................252...
Page 26 D-Link UWS User Manual Figure 184: ARP Create...........................289 Figure 185: ARP Table Configuration......................290 Figure 186: ARP Cache............................292 Figure 187: IP Configuration...........................293 Figure 188: IP Interface Configuration ......................295 Figure 189: IP Statistics ..........................297 Figure 190: Loopback Configuration—Create ....................300 Figure 191: Configured Loopback Interface ....................300 Figure 192: Loopbacks Configuration—IPv4 Entry ..................302...
Page 27 D-Link UWS User Manual Figure 221: Interface Configuration .......................338 Figure 222: Interface Queue Configuration....................339 Figure 223: Interface Queue Status........................340 Figure 224: DiffServ Configuration .........................342 Figure 225: DiffServ Class Configuration ......................343 Figure 226: DiffServ Class Configuration ......................343 Figure 227: Class Summary ..........................345 Figure 228: Policy Configuration ........................346...
Page 28 D-Link UWS User Manual Figure 258: Secure Shell Configuration ......................382 Figure 259: Captive Portal Global Configuration....................384 Figure 260: Captive Portal Summary......................386 Figure 261: Captive Portal Configuration .......................387 Figure 262: CP Web Page Customization — Global Parameters ..............390 Figure 263: CP Web Page Customization — Authentication page ..............391 Figure 264: CP Web Page Customization —...
Page 29 D-Link UWS User Manual Figure 295: Port Access Control Status ......................425 Figure 296: Port Access Control Status - MAC-based Control Mode .............426 Figure 297: Port Access Control Port Summary .....................429 Figure 298: Port Access Control Statistics ......................431 Figure 299: Port Access Control Client Summary ...................432 Figure 300: Port Access Privileges ........................433...
Page 30 D-Link UWS User Manual Figure 332: VAP Associated Client Status.......................508 Figure 333: Switch Associated Client Status....................509 Figure 334: Associated Client Association Summary Statistics ..............510 Figure 335: Associated Client Statistics Session Summary................511 Figure 336: Associated Client Association Detail Statistics ................512 Figure 337: Associated Client Session Detail Statistics...................513 Figure 338: Associated Client Session Detail Statistics...................514...
Page 31 D-Link UWS User Manual Figure 369: RF Channel Plan and Power Configuration..................577 Figure 370: Channel Plan History ........................579 Figure 371: Manual Channel Plan........................580 Figure 372: Manual Power Adjustments ......................582 Figure 373: Software Download........................583 Figure 374: Advanced AP Management ......................586 Figure 375: Managed AP Debug ........................587 Figure 376: Managed AP Debug ........................588...
Page 32 D-Link UWS User Manual Figure 406: WDS AP Link Configuration ......................648 Figure 407: WDS Link Create ..........................649 Figure 408: Building............................651 Figure 409: Building Floor..........................652 Figure 410: Managed AP Coordinates......................653 Figure 411: Managed AP Location Summary ....................654 Figure 412: On-Demand Location Trigger ......................655 Figure 413: On-Demand Location Trigger Global Status ................656...
Page 33 D-Link UWS User Manual Figure 443: Honeypot AP..........................728 Figure 444: All AP Status with Rogue ......................729 Figure 445: Honeypot AP Rogue Status......................729 Figure 446: WIDS Test Discovers Rogue ......................730 Figure 447: De-Authentication Attack Enabled ....................730 Figure 448: Rogue AP Mitigation........................731 Figure 449: De-Authentication Attack Status....................731...
Page 34 D-Link UWS User Manual List of Tables Table 1: Typographical Conventions ........................46 Table 2: Common Command Buttons ......................59 Table 3: System Description Fields........................63 Table 4: Switch Configuration Fields ........................64 Table 5: Card Configuration Fields ........................67 Table 6: Slot Summary Fields ...........................68 Table 7: PoE Configuration Fields........................69...
Page 35 D-Link UWS User Manual Table 36: Buffered Log Fields .........................115 Table 37: Command Logger Configuration Fields...................116 Table 38: Console Log Configuration Fields....................117 Table 39: Event Log Fields ..........................118 Table 40: Persistent Log Configuration Fields ....................121 Table 41: Persistent Log Fields ........................122 Table 42: Syslog Configuration Fields......................123...
Page 36 D-Link UWS User Manual Table 73: Port Summary Statistics Fields......................168 Table 74: Download File to Switch Fields .......................172 Table 75: HTTP File Download Fields......................174 Table 76: Upload File from Switch Fields .......................175 Table 77: Multiple Image Service Fields ......................177 Table 78: Dual Image Status Fields.........................178 Table 79: AutoInstall Fields ..........................180...
Page 37 D-Link UWS User Manual Table 110: Multicast Router VLAN Status Fields ....................221 Table 111: IGMP Snooping Querier Configuration Fields................222 Table 112: IGMP Snooping Querier VLAN Configuration Fields ..............223 Table 113: IGMP Snooping Querier VLAN Configuration Summary Fields.............224 Table 114: IGMP Snooping Querier VLAN Status Fields .................225 Table 115: MLD Snooping Global Configuration and Status Fields ..............226...
Page 38 D-Link UWS User Manual Table 147: LLDP Remote Device Information Fields..................265 Table 148: LLDP Remote Device Summary Columns..................266 Table 149: LLDP Global Configuration Fields....................267 Table 150: LLDP-MED Interface Configuration Fields..................268 Table 151: LLDP-MED Interface Summary Fields ...................269 Table 152: LLDP-MED Local Device Information Fields ..................270 Table 153: LLDP-MED Remote Device Information Fields................272...
Page 39 D-Link UWS User Manual Table 184: Route Table Fields ........................314 Table 185: Best Routes Table Fields .......................316 Table 186: Configured Routes Fields ......................317 Table 187: Route Entry Create Fields ......................318 Table 188: Route Preferences Configuration Fields ..................319 Table 189: VLAN Routing Configuration Fields....................321 Table 190: VLAN Routing Summary Fields .....................323...
Page 40 D-Link UWS User Manual Table 221: Secure HTTP Configuration Fields....................379 Table 222: Secure Shell Configuration Fields ....................382 Table 223: Captive Portal Global Configuration .....................385 Table 224: Captive Portal Summary .......................386 Table 225: CP Configuration...........................387 Table 226: CP Web Page Customization......................392 Table 227: Local User Summary ........................395...
Page 41 D-Link UWS User Manual Table 258: Global WLAN Status/Statistics......................446 Table 259: Switch Status/Statistics.........................450 Table 260: AP Hardware Capability Radio Detail....................453 Table 261: Peer Switch Configuration ......................455 Table 262: AP Hardware Capability Summary....................457 Table 263: AP Hardware Capability Radio Detail....................457 Table 264: AP Image Capability ........................458 Table 265: Peer Switch Status ........................459...
Page 42 D-Link UWS User Manual Table 295: Associated Client Neighbor AP Status ..................502 Table 296: Associated Client Distributed Tunneling Status................504 Table 297: Associated Client TSPEC Status.....................505 Table 298: Associated Client RRM Status.......................506 Table 299: SSID Associated Client Status .......................507 Table 300: VAP Associated Client Status ......................508 Table 301: Switch Associated Client Status ....................509...
Page 43 D-Link UWS User Manual Table 332: WPA Security ..........................567 Table 333: Valid Access Point Summary......................569 Table 334: Valid AP Configuration........................571 Table 335: Valid AP Configuration (Standalone Mode)..................573 Table 336: Local OUI Database Summary ......................574 Table 337: Reset Fields...........................575 Table 338: RF Channel Plan and Power Adjustment ..................578 Table 339: Channel Plan History........................580...
Page 44 D-Link UWS User Manual Table 369: Edit WDS Managed AP Group Settings..................645 Table 370: WDS Managed AP Summary......................646 Table 371: WDS Managed AP Configuration - Add AP ...................647 Table 372: WDS AP Link Configuration......................648 Table 373: WDS Link Create ...........................649 Table 374: Building ............................651...
Page 45: About This Document
Web-based graphical user interface (GUI). The Unified Wired and Wireless Access System architecture accommodates a variety of software modules, so D-Link DWS-4000 Series can be a Layer 2 switch in a basic network or a Layer 3 router in a large, complex network. The switch software includes WLAN features that allow it to manage and monitor multiple D-Link DWL-x600AP Access Points.
Page 46: Additional Documentation
• The Unified Wired & Wireless Access System Configuration Guide contains several configuration scenarios that show how to set up a WLAN network and configure the wireless features. • Release notes for this D-Link DWS-4000 Series product detail the platform-specific functionality of the software packages, including issues and workarounds.
Page 47: Section 1: Getting Started
There is no default password. Press ENTER at the password prompt if you admin did not change the default password. After a successful login, the screen shows the system prompt, which varies based on the D-Link DWS-4000 Series switch model. For example, the default prompt for a DWS-4026 switch is (DWS-4026)>...
Page 48: Booting The Switch
D-Link UWS User Manual Booting the Switch password to enter Privileged EXEC mode. Press ENTER at the password prompt if you did not change the default password. The command prompt changes to ( DWS-4026)# 6. Configure network information. – To use a DHCP server to obtain the IP address, subnet mask, and default gateway information, enter: network protocol dhcp –...
Page 49: Boot Menu Functions
D-Link UWS User Manual Booting the Switch For information about the Boot menu, see ““Boot Menu Functions” on page 49." If you do not start the boot menu, the operational code continues to load.After the switch boots successfully, the User login prompt appears and you can use the local terminal to begin configuring the switch.
Page 50: Start Operational Code
D-Link UWS User Manual Booting the Switch Start Operational Code Use option 1 to resume loading the operational code. To relaunch the boot process from the Boot menu: 1. On the Boot menu, select 1 and press <Enter>. The following prompt displays: Operational Code Date: Thu Jun 8 12:51:44 2006 Uncompressing..
Page 51: Retrieve Event Log Using Xmodem
D-Link UWS User Manual Booting the Switch Retrieve Event Log Using XMODEM Use option 3 to retrieve the event log and download it to your ASCII terminal. To retrieve the event log from the Boot menu: 1. On the Boot menu, select 3 and press <Enter>.
Page 52: Load Configuration Using Xmodem
D-Link UWS User Manual Booting the Switch Load Configuration Using XMODEM Use option 5 when a new configuration file must be downloaded to replace the saved system configuration file. To download software from the Boot menu: 1. On the Boot menu, select 5 and press <Enter>.
Page 53: Run Flash Diagnostics
D-Link UWS User Manual Booting the Switch Run Flash Diagnostics Use option 7 to run flash diagnostics. User action is confirmed with a Y/N question before executing the command. To perform a complete test of the flash memory from the Boot menu: 1.
Page 54: Update Boot Code
D-Link UWS User Manual Booting the Switch Update Boot Code Use option 8 to update the boot code in the flash memory. This option is only valid after loading new boot code using Boot Menu option 4. User action is confirmed with a Y/N question before executing the command.
Page 55: Reset The System
D-Link UWS User Manual Booting the Switch Reset the System Use option 10 to clear all flash and reset the system to its default setting. User action is confirmed with a Y/N question before executing the command. To reset the system from the Boot menu: 1.
Page 56: Understanding The User Interfaces
This guide describes how to use the Web-based interface to manage and monitor the system. For information about how to manage and monitor the system by using the CLI, see the D-Link DWS-4000 Series CLI Command Reference.
Page 57: Device View
D-Link UWS User Manual Understanding the User Interfaces 3. After the system authenticates you, the System Description page displays. Figure 1 shows the layout of the switch Web interface. Each Web page contains three main areas: device view, the navigation tree, and the configuration status and options.
Page 58: Navigation Tree View
D-Link UWS User Manual Understanding the User Interfaces Click the port you want to view or configure to see a menu that displays statistics and configuration options. Click the menu option to access the page that contains the configuration or monitoring options.
Page 59: Configuration And Monitoring Options
D-Link UWS User Manual Understanding the User Interfaces The D-Link DWS-4000 Series switch navigation tree also contains a LAN tab for wired features and a WLAN tab for Wireless features, as the following figure shows. LAN Tab WLAN Tab Figure 5: LAN and WLAN Tabs...
Page 60: Help Page Access
For more information about the CLI, see the D-Link DWS-4000 Series CLI Command Reference. The D-Link DWS-4000 Series CLI Command Reference lists each command available from the CLI by the command name and provides a brief description of the command. Each command reference also contains the following information: •...
Page 61: Using Snmp
Understanding the User Interfaces Using SNMP You can manage the D-Link DWS-4000 Series switch using SNMP. You can configure SNMP groups and users that can manage traps that the SNMP agent generates. D-Link DWS-4000 Series uses both standard public MIBs for standard functionality and private MIBs that support additional switch functionality.
Page 62: Section 2: System Administration
D-Link UWS User Manual System Administration Section 2: System Administration Use the features in the Administration navigation tree folder to define the switch’s relationship to its environment. The Administration folder contains links to the following features: • “System Description” •...
Page 63: System Description
D-Link UWS User Manual System Description System Description After a successful login, the System Description page displays. Use this page to configure and view general device information. To display the System Description page, click LAN > Administration > System Description in the navigation tree.
Page 64: Defining System Information
D-Link UWS User Manual Switch Configuration Defining System Information 1. Open the System Description page. 2. Define the following fields: System Name, System Contact, and System Location. 3. If the SNTP Time has synchronized, you can click the Synchronize system time with NTP time to apply the SNTP time to system time 4.
Page 65 D-Link UWS User Manual Switch Configuration • If you change the mode, click Submit to apply the changes to the system. If you want the switch to retain the new values across a power cycle, you must perform a save.
Page 66: Viewing Inventory Information
D-Link UWS User Manual Viewing Inventory Information Viewing Inventory Information Use the Inventory Information page to display the switch's Vital Product Data, which is stored in non-volatile memory at the factory. To display the inventory information, click LAN > Monitoring  Inventory Information page in the navigation tree.
Page 67: Table 5: Card Configuration Fields
D-Link UWS User Manual Card Configuration Table 5: Card Configuration Fields Field Description Slot Indicates the slot in the selected unit for which data is to be displayed or configured. Slot Status Indicates whether a card is in the slot (Full or Empty).
Page 68: Slot Summary
D-Link UWS User Manual Card Configuration Slot Summary The Slot Summary page displays information about the slots present in the switch. To access the Slot Summary page, click LAN > Monitoring > Slot Summary in the navigation tree. Figure 11: Slot Summary...
Page 69: Poe Configuration
D-Link UWS User Manual Card Configuration PoE Configuration Use the PoE Configuration page to configure the Power over Ethernet (PoE) features. To access the PoE Configuration page, click LAN > Administration > PoE Configuration in the navigation menu. The following figure shows the fields that display.
Page 70 D-Link UWS User Manual Card Configuration Table 7: PoE Configuration Fields (Cont.) Field Description Priority The switch may not be able to supply power to all connected devices. So, priority is used to determine which ports can supply power. For ports with the same priority, the lower numbered port will have a higher priority.
Page 71: Poe Status
D-Link UWS User Manual PoE Status PoE Status Power over Ethernet (PoE) technology allows IP telephones, wireless LAN Access Points, Web-Cameras and many other appliances to receive power as well as data over existing LAN cabling, without needing to modify the existing Ethernet infrastructure.
Page 72 D-Link UWS User Manual PoE Status Table 8: PoE Status Fields (Cont.) Field Description Status Operational status of the port PD detection. The possible values for this field are: • Disabled: Indicates no power being delivered. • Requesting Power: Indicates PoE switch does not have enough power to supply power to the requesting powered device.
Page 73: Serial Port
D-Link UWS User Manual Serial Port Serial Port The Serial Port Configuration page allows you to change the switch’s serial port settings. In order for a terminal or terminal emulator to communicate with the switch, the serial port settings on both devices must be the same.
Page 74: Ip Address
D-Link UWS User Manual IP Address IP Address The network interface is the logical interface used for in-band connectivity with the switch via any of the switch's front panel ports. The configuration parameters associated with the switch's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.
Page 75: Network Dhcp Client Options
D-Link UWS User Manual Network DHCP Client Options Table 10: Network Connectivity Fields (Cont.) Field Description Locally Administered MAC You can optionally configure a locally administered MAC address for in-band Address connectivity instead of using the burned-in universally administered MAC address.
Page 76: Figure 16: Dhcp Client Options
D-Link UWS User Manual Network DHCP Client Options Figure 16: DHCP Client Options Table 11: DHCP Client Option Fields Field Description DHCP Vendor Class ID Mode Specify whether to enable or disable the vendor class identifier mode. DHCP Vendor Class ID String Enter the text to add to DHCP requests as Option-60, which is the Vendor Class Identifier option.
Page 77: Http Configuration
D-Link UWS User Manual HTTP Configuration HTTP Configuration Use the HTTP Configuration page to configure the HTTP server settings on the system. To access the HTTP Configuration page, click LAN > Administration > HTTP Configuration in the navigation menu. Figure 17: HTTP Configuration...
Page 78: User Accounts
D-Link UWS User Manual User Accounts User Accounts By default, the switch contains two user accounts: • admin, with 'Read/Write' privileges • guest, with 'Read Only' privileges Both of these accounts have blank passwords by default. The names are not case sensitive.
Page 79: Table 13: User Accounts Fields
D-Link UWS User Manual User Accounts Table 13: User Accounts Fields Field Description User From the User menu, select an existing user to configure, or select Create to create a new user account. The system can have a maximum of five 'Read Only' accounts and one Read/Write account.
Page 80: Adding A User Account
D-Link UWS User Manual User Accounts Table 13: User Accounts Fields (Cont.) Field Description Encryption Key If you selected DES in the Encryption Protocol field enter the SNMPv3 Encryption Key here. Otherwise this field is ignored. Valid keys are 0 to 15 characters long.
Page 81: Authentication List Configuration
D-Link UWS User Manual Authentication List Configuration Authentication List Configuration Use the Authentication List page to configure login lists. A login list specifies one or more authentication methods to validate switch or port access for the users associated with the list.
Page 82 D-Link UWS User Manual Authentication List Configuration Table 14: Authentication Profile Fields (Cont.) Field Description Method 1 Use the menu to select the method that should appear first in the selected authentication login list. User authentication occurs in the order the methods are selected.
Page 83: Creating An Authentication List
D-Link UWS User Manual Authentication List Configuration Creating an Authentication List To create a new authentication list, use the following procedures. 1. Select Create from the Authentication List field. The page refreshes, and different fields are available. 2. In the Authentication List Name field, enter a name of 1 to 12 characters.
Page 84: Authentication List Summary
D-Link UWS User Manual Authentication List Summary Authentication List Summary Use the Authentication List Summary page to view information about the authentication lists on the system and which users are associated with each list. The page also displays information about 802.1X port security users.
Page 85 D-Link UWS User Manual Authentication List Summary The same fields are displayed in case of Enable Authentication List Table and the Authentication Lists and Authentication Methods configured for each List of Console, Telnet, SSH, HTTPS, HTTP and DOT1X are displayed respectively.
Page 86: Login Session
D-Link UWS User Manual Login Session Login Session Use the Login Session page to view information about users who have logged on to the switch. To access the Login Session page, click LAN > Monitoring > Login Session in the navigation tree.
Page 87: User Login
D-Link UWS User Manual User Login User Login Each configured user is assigned to a login list that specifies how the user should be authenticated when attempting to access the switch or a port on the switch. After creating a new user account on the User Account screen, you can use the User Login page to assign the user to a login list for the switch.
Page 88: Assigning A User To An Authentication List
3. Click Submit to apply the changes to the switch. Denial of Service Protection Use the Denial of Service (DoS) page to configure DoS control. D-Link DWS-4000 Series software provides support for classifying and blocking specific types of DoS attacks. You can configure your system to monitor and block a variety of DoS attacks.
Page 89: Table 18: Denial Of Service Configuration Fields
D-Link UWS User Manual Denial of Service Protection Table 18: Denial of Service Configuration Fields Field Description Denial of Service First Enable or disable this option by selecting the corresponding line on the Fragment pulldown entry field. Enabling First Fragment DoS prevention causes the switch to drop packets that have a TCP header smaller then the configured Min TCP Hdr Size.
Page 90: Multiple Port Mirroring
D-Link UWS User Manual Multiple Port Mirroring Multiple Port Mirroring Port mirroring selects the network traffic for analysis by a network analyzer. This is done for specific ports of the switch. As such, many switch ports are configured as source ports and one switch port is configured as a destination port.
Page 91: Adding A Port Mirroring Session
D-Link UWS User Manual Multiple Port Mirroring Adding a Port Mirroring Session Note: A Port will be removed from a VLAN or LAG when it becomes a destination mirror. 1. From the LAN > Administration > Multiple Port Mirroring page, click Add Source Port to display the Add Source Port page.
Page 92: Removing Or Modifying A Port Mirroring Session
D-Link UWS User Manual Telnet Sessions Removing or Modifying a Port Mirroring Session 1. From the Port Mirroring page, click Remove Source Port. 2. Select one or more source ports to remove from the session. Use the CTRL key to select multiple ports to remove.
Page 93: Table 21: Telnet Session Configuration Fields
D-Link UWS User Manual Telnet Sessions Table 21: Telnet Session Configuration Fields Field Description Telnet Session Timeout Specify how many minutes of inactivity should occur on a telnet session (minutes) before the session is logged off. You may enter any number from 1 to 160. The factory default is 5.
Page 94: Outbound Telnet Client Configuration
D-Link UWS User Manual Outbound Telnet Client Configuration Outbound Telnet Client Configuration The outbound telnet feature is not available on all platforms. Use the outbound telnet client settings to control the telnet sessions that originate from the switch and connect to a remote system.
Page 95: Ping Test
D-Link UWS User Manual Ping Test Ping Test Use the Ping page to tell the switch to send a Ping request to a specified IP address. You can use this feature to check whether the switch can communicate with a particular network host.
Page 96: Traceroute
D-Link UWS User Manual TraceRoute TraceRoute You can use the TraceRoute utility to discover the paths that a packet takes to a remote destination. To display this page, click LAN > Administration > TraceRoute in the navigation tree. Figure 29: TraceRoute...
Page 97: Configuring Sntp Settings
D-Link DWS-4000 Series DWS-4000 Series switch software supports the Simple Network Time Protocol (SNTP). SNTP assures accurate network device clock time synchronization up to the millisecond. Time synchronization is performed by a network SNTP server. D-Link DWS-4000 Series software operates only as an SNTP client and cannot provide time services to other systems.
Page 98: Sntp Settings
D-Link UWS User Manual Configuring SNTP Settings MD5 (Message Digest 5) Authentication safeguards device synchronization paths to SNTP servers. MD5 is an algorithm that produces a 128-bit hash. MD5 is a variation of MD4, and increases MD4 security. MD5 verifies the integrity of the communication, authenticates the origin of the communication.
Page 99: Sntp Server Configuration
D-Link UWS User Manual Configuring SNTP Settings Table 25: SNTP Global Configuration Fields (Cont.) Field Description Unicast Poll Timeout Specifies the number of seconds to wait for an SNTP response when configured in unicast mode. Allowed range is (1 to 30). Default value is 5.
Page 100: Sntp Server Status
D-Link UWS User Manual Configuring SNTP Settings • To add an SNTP server, select Create from the Server list, complete the remaining fields as desired, and click Submit. The SNTP server is added, and is now reflected in the Server list. You must perform a save to retain your changes over a power cycle.
Page 101: Sntp Global Status
D-Link UWS User Manual Configuring SNTP Settings Table 27: SNTP Server Status Fields (Cont.) Field Description Last Attempt Status Specifies the status of the last SNTP request to this server. If no packet has been received from this server, a status of Other is displayed: •...
Page 102: Figure 33: Global Status
D-Link UWS User Manual Configuring SNTP Settings Figure 33: Global Status Table 28: Global Status Fields Field Description Version Specifies the SNTP Version the client supports. Supported Mode Specifies the SNTP modes the client supports. Multiple modes may be supported by a client.
Page 103: Time Zone Configuration
D-Link UWS User Manual Configuring SNTP Settings Table 28: Global Status Fields (Cont.) Field Description Address Type Specifies the address type of the SNTP Server address for the last received valid packet. Server Stratum Specifies the claimed stratum of the server for the last received valid packet.
Page 104: Summer Time Configuration
D-Link UWS User Manual Configuring SNTP Settings Summer Time Configuration Use the Summer Time Configuration page to specify a defined summer time duration and offset. To display the Summer Time Configuration page, click LAN > Administration > SNTP Summer Time Configuration in the navigation menu.
Page 105: Summer Time Recurring Configuration
D-Link UWS User Manual Configuring SNTP Settings Summer Time Recurring Configuration Clicking the Recurring check box indicates that the configuration is to be repeated every year. When you select Recurring, the fields shown in the following table occur. Figure 36: Summer Time Recurring Configuration...
Page 106: Clock Detail
D-Link UWS User Manual Configuring SNTP Settings Clock Detail Use the Clock Detail page to view information about the current time, time zone, and summer time settings. To display the Clock Detail page, click LAN > Monitoring Clock Detail in the navigation menu. The following figure shows the Clock Detail page when Summertime is enabled.
Page 107: Configuring And Viewing Device Port Information
D-Link UWS User Manual Configuring and Viewing Device Port Information Configuring and Viewing Device Port Information The pages in the Port folder allow you to view and monitor the physical port information for the ports available on the switch. Port Configuration Use the Port Configuration page to configure the physical interfaces on the switch.
Page 108: Table 33: Port Configuration Fields
D-Link UWS User Manual Configuring and Viewing Device Port Information Table 33: Port Configuration Fields Field Description Slot/Port Select the port from the menu to display or configure data for that port. If you select All, the changes you make to the Port Configuration page apply to all physical ports on the system.
Page 109 • <Speed> Half Duplex: The port speeds available from the menu depend on the platform on which the D-Link DWS-4000 Series software is running and which port you select. In half-duplex mode, the transmissions are one- way. In other words, the port does not send and receive traffic at the same time.
Page 110: Port Summary
D-Link UWS User Manual Configuring and Viewing Device Port Information Port Summary Use the Port Summary page to view the settings for all physical ports on the platform. To access the Port Summary page, click LAN > Monitoring > Port Utilization in the navigation menu.
Page 111 D-Link UWS User Manual Configuring and Viewing Device Port Information Table 34: Port Summary Fields (Cont.) Field Description Forwarding State The port's current state Spanning Tree state. This state controls what action a port takes on receipt of a frame. If the bridge detects a malfunctioning port it will place that port into the broken state.
Page 112 • <Speed> Half Duplex: The port speeds available from the menu depend on the platform on which the D-Link DWS-4000 Series software is running and which port you select. In half-duplex mode, the transmissions are one- way. In other words, the port does not send and receive traffic at the same time.
Page 113: Port Description
D-Link UWS User Manual Configuring and Viewing Device Port Information Port Description Use the Port Description page to configure a human-readable description of the port. To access the Port Description page, click LAN > Administration > Port Configuration > Port Description in the navigation tree.
Page 114: Managing And Viewing Logs
D-Link UWS User Manual Managing and Viewing Logs Managing and Viewing Logs The switch may generate messages in response to events, faults, or errors occurring on the platform as well as changes in configuration or other occurrences. These messages are stored both locally on the platform and forwarded to one or more centralized points of collection for monitoring purposes as well as long term archival storage.
Page 115: Viewing Buffered Log Messages
D-Link UWS User Manual Managing and Viewing Logs Viewing Buffered Log Messages Use the Buffered Log page to view the log messages in the system buffer. The newest messages are displayed at the bottom of the page. To access the Buffered Log page, click LAN > Monitoring > Log > Buffered Log in the navigation menu.
Page 116: Command Logger Configuration
D-Link UWS User Manual Managing and Viewing Logs Command Logger Configuration Use the Command Logger Configuration page to enable the system to log all CLI commands issued on the system. The command log messages are interleaved with the other system logs messages.
Page 117: Console Log Configuration
D-Link UWS User Manual Managing and Viewing Logs Console Log Configuration Use the Console Log Configuration page to control logging to any serial device attached to the switch. To access the Console Log Configuration page, click LAN > Administration > Log > Console Log Configuration in the navigation menu.
Page 118: Event Log
Entry The number of the entry within the event log. The most recent entry is first. Filename The D-Link DWS-4000 Series source code filename identifying the code that detected the event. Line The line number within the source file of the code that detected the event.
Page 119: Hosts Configuration
D-Link UWS User Manual Managing and Viewing Logs Hosts Configuration Use the Host Configuration page to configure remote logging hosts where the switch can send logs. To enable remote logging, see “Syslog Configuration” on page 123. To access the Host Configuration page, click LAN > Administration > Log > Host Configuration in the navigation tree.
Page 120: Deleting A Remote Logging Host
D-Link UWS User Manual Managing and Viewing Logs Deleting a Remote Logging Host To delete a remote logging host from the configured list, select the IP address of the host from the Host field, and then click Delete. Persistent Log Configuration The persistent log is stored in persistent storage, which means that the log messages are retained across a switch reboot.
Page 121: Table 40: Persistent Log Configuration Fields
D-Link UWS User Manual Managing and Viewing Logs Table 40: Persistent Log Configuration Fields Field Description Admin Status Select whether to enable or disable persistent logging. The default is disabled. • Enabled: Prints log messages to the device attached to the switch serial port.
Page 122: Persistent Log
D-Link UWS User Manual Managing and Viewing Logs Persistent Log Use the Persistent Log page to view the persistent log messages. To access the Persistent Log page, click LAN > Monitoring > Log > Persistent Log in the navigation tree menu.
Page 123: Syslog Configuration
D-Link UWS User Manual Managing and Viewing Logs Syslog Configuration Use the Syslog Configuration page to allow the switch to send log messages to the remote logging hosts configured on the system. To access the System Log Configuration page, click LAN > Administration > Log > System Log Configuration in the navigation tree.
Page 124: Trap Log
D-Link UWS User Manual Managing and Viewing Logs Trap Log Use the Trap Log page to view the entries in the trap log. For information about how to copy the file to a TFTP server, see “Upload File From Switch (TFTP)” on page 175.
Page 125: Defining Snmp Parameters
D-Link UWS User Manual Defining SNMP Parameters Defining SNMP Parameters Simple Network Management Protocol (SNMP) provides a method for managing network devices. The device supports SNMP version 1, SNMP version 2, and SNMP version 3. The Web interfaces supports configuration of SNMPv1 and v2;...
Page 126: Snmp Community Configuration
D-Link UWS User Manual Defining SNMP Parameters SNMP Community Configuration Access rights are managed by defining communities on the SNMPv1, 2 Community page. When the community names are changed, access rights are also changed. SNMP Communities are defined only for SNMP v1 and SNMP v2.
Page 127: Trap Receiver Configuration
D-Link UWS User Manual Defining SNMP Parameters Table 44: Community Configuration Fields (Cont.) Field Description Client IP Mask Along with the Client IP Address, the Client IP Mask denotes a range of IP addresses from which SNMP clients may use that community to access this device.
Page 128: Trap Flags
D-Link UWS User Manual Defining SNMP Parameters Table 45: Trap Receiver Configuration Fields Field Description SNMP Trap Name Select Create, to configure the SNMP trap name for the SNMP trap packet to be sent to the trap manager. If you have already configured an SNMP trap name, you can select it from the drop-down menu to change the settings or delete it.
Page 129: Figure 54: Trap Flags Configuration
D-Link UWS User Manual Defining SNMP Parameters Figure 54: Trap Flags Configuration Table 46: Trap Flags Configuration Fields Field Description Authentication Enable or disable activation of authentication failure traps by selecting the corresponding line on the pulldown entry field. The factory default is enabled.
Page 130: Supported Mibs
D-Link UWS User Manual Defining SNMP Parameters Supported MIBs The Supported MIBs page lists the MIBs that the system currently supports. To access the Supported MIBs page, click LAN > Monitoring > Supported MIBs in the navigation menu. A portion of the web screen is shown...
Page 131: Managing The Dhcp Server
D-Link UWS User Manual Managing the DHCP Server Managing the DHCP Server DHCP is generally used between clients (e.g., hosts) and servers (e.g., routers) for the purpose of assigning IP addresses, gateways, and other networking definitions such as DNS, NTP, and/or SIP parameters. The DHCP Server folder contains links to web pages that define and display DHCP parameters and data.
Page 132 D-Link UWS User Manual Managing the DHCP Server Table 48: DHCP Server Global Configuration Fields (Cont.) Field Description Add Excluded Addresses Use the From and To fields to specify the IP addresses that the server should not assign to the client. If you want to exclude a range of addresses, set the range boundaries.
Page 133: Pool Configuration
D-Link UWS User Manual Managing the DHCP Server Pool Configuration Use the DHCP Pool Configuration page to create the pools of addresses that can be assigned by the server. To access the Pool Configuration page, click LAN > Administration > DHCP Server > Pool Configuration in the navigation tree.
Page 134: Table 49: Pool Configuration Fields
D-Link UWS User Manual Managing the DHCP Server Table 49: Pool Configuration Fields Field Description Pool Name For a user with read/write permission, this field would show names of all the existing pools along with an additional option Create. When the user selects Create, another text box, Pool Name, appears where the user may enter name for the Pool to be created.For a user with read-only permission, this field would show names of the...
Page 135 D-Link UWS User Manual Managing the DHCP Server Table 49: Pool Configuration Fields (Cont.) Field Description Lease Time Specifies the type of lease to assign clients: • Infinite: For dynamic bindings, an infinite least time is a lease period of 60 days. For manual bindings, an infinite lease time means the lease period does not expire.
Page 136: Pool Options
D-Link UWS User Manual Managing the DHCP Server Pool Options Use the Pool Options page to configure DHCP options that the DHCP server can pass to the client. For more information about DHCP options, see RFC 2132. To access the Pool Options page, click LAN > Administration > DHCP Server > Pool Options in the navigation menu.
Page 137: Reset Configuration
D-Link UWS User Manual Managing the DHCP Server Reset Configuration Use the Reset Configuration page to clear IP address bindings between that the DHCP server assigned to the client. To access the Reset Configuration page, click LAN > Administration > DHCP Server > Reset Configuration in the navigation tree.
Page 138: Bindings Information
D-Link UWS User Manual Managing the DHCP Server Bindings Information Use the DHCP Server Bindings Information page to view information about the IP address bindings in the DHCP server database. To access the DHCP Server Bindings Information page, click LAN > Monitoring > DHCP Server Summary >...
Page 139: Server Statistics
D-Link UWS User Manual Managing the DHCP Server Server Statistics Use the DHCP Server Statistics page to view information about the DHCP server bindings and messages. To access the Server Statistics page, click LAN > Monitoring > DHCP Server Summary > Server Statistics in the navigation menu.
Page 140: Conflicts Information
D-Link UWS User Manual Managing the DHCP Server • Click Refresh to update the information on the screen. • Click Clear Server Statistics to reset all counters to zero. Conflicts Information Use the Conflicts Information page to view information on hosts that have address conflicts; i.e., when the same IP address is assigned to two or more devices on the network.
Page 141: Configuring Time Ranges
D-Link UWS User Manual Configuring Time Ranges Configuring Time Ranges Use these pages to configure time ranges to use in time-based access control list (ACL) rules. Time-based ACLs allow one or more rules within an ACL to be based on a periodic or absolute time. Each ACL rule within an ACL except for the implicit deny all rule can be configured to be active and operational only during a specific time period.
Page 142: Time Range Summary
D-Link UWS User Manual Configuring Time Ranges • Use Submit to add a new time range. • Use Delete to remove an existing time range. Time Range Summary Use this page to view summary information about configured time ranges. To access this page, click LAN > Administration > Time Range > Summary.
Page 143: Time Range Entry Configuration
D-Link UWS User Manual Configuring Time Ranges Time Range Entry Configuration Use this page to configure periodic and absolute time range entries and add them to named time ranges. Note: The time range entries use the system time for the time periods in which they take effect.
Page 144 D-Link UWS User Manual Configuring Time Ranges Table 57: Time Range Entry Configuration Field Description Periodic Time Range Entry Applicable Days Specify the day(s) when the time entry occurs: • Daily — Has the same start and end time every day •...
Page 145: Configuring Dns
D-Link UWS User Manual Configuring DNS Configuring DNS You can use these pages to configure information about DNS servers the network uses and how the switch/ router operates as a DNS client. Global Configuration Use this page to configure global DNS settings and to view DNS client status information.
Page 146: Server Configuration
D-Link UWS User Manual Configuring DNS • To create a new list of domain names, click Create. Then enter a name of the list and click submit. Repeat this step to add multiple domains to the default domain list. • To remove a domain from the default list select the Remove option next to the item you want to remove and click Submit.
Page 147: Dns Host Name Ip Mapping Configuration
D-Link UWS User Manual Configuring DNS DNS Host Name IP Mapping Configuration Use this page to configure DNS host names for hosts on the network. The host names are associated with IPv4 or IPv6 addresses on the network, which are statically assigned to particular hosts.
Page 148: Dns Host Name Ip Mapping Summary
D-Link UWS User Manual Configuring DNS DNS Host Name IP Mapping Summary Use this page to configure static and dynamic DNS host names for hosts on the network. The host names are associated with IPv4 or IPv6 addresses on the network, which are assigned to particular hosts.
Page 149: Configuring And Viewing Isdp Information
Cisco® devices running the Cisco Discovery Protocol (CDP). ISDP is used to share information between neighboring devices. D-Link DWS-4000 Series switches participate in the CDP protocol and are able to both discover and be discovered by other CDP supporting devices.
Page 150: Cache Table
D-Link UWS User Manual Configuring and Viewing ISDP Information Table 62: ISDP Global Configuration Field Description Device ID Format Indicates the Device ID format capability of the device. Capability • serialNumber—Indicates that the device uses serial number as the format for its Device ID.
Page 151: Interface Configuration
D-Link UWS User Manual Configuring and Viewing ISDP Information Table 63: ISDP Cache Table (Cont.) Field Description Holdtime Displays the ISDP holdtime for the neighbor. Capability Displays the ISDP Functional Capabilities for the neighbor. Platform Displays the ISDP Hardware Platform for the neighbor.
Page 152: Statistics
D-Link UWS User Manual Configuring and Viewing ISDP Information Statistics From the ISDP Statistics page, you can view information about the ISDP packets sent and received by the switch. To display the ISDP Statistics page, click LAN > Monitoring > ISDP > Statistics in the navigation tree.
Page 153: Configuring Sflow
D-Link UWS User Manual Configuring sFlow Configuring sFlow sFlow® is the standard for monitoring high-speed switched and routed networks. sFlow technology is built into network equipment and gives complete visibility into network activity, enabling effective management and control of network resources.
Page 154: Sflow Receiver Configuration
D-Link UWS User Manual Configuring sFlow Table 66: sFlow Agent Summary Field Description Version Uniquely identifies the version and implementation of this MIB. The version string must have the following structure: MIB Version;Organization;Software Revision where: • MIB Version: ‘1.3’, the version of this MIB.
Page 155: Table 67: Sflow Receiver Configuration
D-Link UWS User Manual Configuring sFlow Table 67: sFlow Receiver Configuration Field Description Receiver Index Selects the receiver for which data is to be displayed or configured. The allowed range is 1 to Receiver Owner The entity making use of this sFlowRcvrTable entry. The empty string indicates that the entry String is currently unclaimed and the receiver configuration is reset to the default values.
Page 156: Sflow Poller Configuration
D-Link UWS User Manual Configuring sFlow sFlow Poller Configuration The sFlow agent collects time-based sampling of network interface statistics and sends them to the configured sFlow receivers. A data source configured to collect counter samples is called a poller. Counter Sampling The primary objective of Counter Sampling is to efficiently, periodically export counters associated with Data Sources.
Page 157: Sflow Sampler Configuration
D-Link UWS User Manual Configuring sFlow sFlow Sampler Configuration The sFlow Agent collects a statistical packet-based sampling of the switched flows and sends them to the configured receivers. A data source configured to collect flow samples is called a sampler.
Page 158: Viewing System Statistics
D-Link UWS User Manual Viewing System Statistics Viewing System Statistics The pages in the Statistics folder contain a variety of information about the number and type of traffic transmitted from and received on the switch. Switch Detailed The Switch Detailed page shows detailed statistical information about the traffic the switch handles.
Page 159: Table 70: Switch Detailed Statistics Fields
D-Link UWS User Manual Viewing System Statistics Table 70: Switch Detailed Statistics Fields Field Description fIndex This object indicates the ifIndex of the interface table entry associated with the processor of this switch. Octets Received The total number of octets of data received by the processor (excluding framing bits but including FCS octets).
Page 160: Switch Summary
D-Link UWS User Manual Viewing System Statistics Table 70: Switch Detailed Statistics Fields (Cont.) Field Description VLAN Deletes The number of VLANs on this switch that have been created and then deleted since the last reboot. Time Since Counters Last...
Page 161 D-Link UWS User Manual Viewing System Statistics Table 71: Switch Summary Fields (Cont.) Field Description Packets Received With Error The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. Packets Transmitted Without The total number of packets transmitted out of the interface.
Page 162: Port Detailed
D-Link UWS User Manual Viewing System Statistics Port Detailed The Port Detailed page displays a variety of per-port traffic statistics. To access the Port Detailed page, click LAN > Monitoring > System Statistics > Port Detailed in the navigation tree.
Page 163 D-Link UWS User Manual Viewing System Statistics Table 72: Detailed Port Statistics Fields (Cont.) Field Description Packets RX and TX 128-255 The total number of packets (including bad packets) received or transmitted Octets that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
Page 164 D-Link UWS User Manual Viewing System Statistics Table 72: Detailed Port Statistics Fields (Cont.) Field Description Packets Received > 1522 The total number of packets received that were longer than 1522 octets Octets (excluding framing bits, but including FCS octets) and were otherwise well formed.
Page 165 D-Link UWS User Manual Viewing System Statistics Table 72: Detailed Port Statistics Fields (Cont.) Field Description 802.3x Pause Frames A count of MAC Control frames received on this interface with an opcode Received indicating the PAUSE operation. This counter does not increment when the interface is operating in half-duplex mode.
Page 166 D-Link UWS User Manual Viewing System Statistics Table 72: Detailed Port Statistics Fields (Cont.) Field Description Unicast Packets Transmitted The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent.
Page 167 D-Link UWS User Manual Viewing System Statistics Table 72: Detailed Port Statistics Fields (Cont.) Field Description 802.3x Pause Frames A count of MAC Control frames transmitted on this interface with an opcode Transmitted indicating the PAUSE operation. This counter does not increment when the interface is operating in half-duplex mode.
Page 168: Port Summary Statistics
D-Link UWS User Manual Viewing System Statistics Port Summary Statistics The Port Summary Statistics page shows a summary of per-port traffic statistics on the switch. To access the Port Summary Statistics page, click LAN > Monitoring > System Statistics > Port Summary.
Page 169: Section 3: Using System Tools
D-Link UWS User Manual Using System Tools Section 3: Using System Tools The Tools menu contains links to the following Web pages that help you perform switch maintenance: • “Reset Configuration to Defaults” • “Reset Passwords to Defaults” • “System Reset”...
Page 170: Reset Passwords To Defaults
D-Link UWS User Manual Reset Passwords to Defaults Reset Passwords to Defaults Use the Reset Passwords to Defaults page to reset the passwords for the default read/write (admin) and read- only (guest) users on the system. By default, the passwords are blank. If you have configured additional read- only users on your system, their passwords are not affected.
Page 171: Save All Applied Changes
D-Link UWS User Manual Save All Applied Changes Save All Applied Changes When you click Submit, the changes are applied to the system and saved in the running configuration file. However, these changes are not saved to non-volatile memory and will be lost if the system resets. Use the Save All Applied Changes page to make the changes you submit persist across a system reset.
Page 172: Table 74: Download File To Switch Fields
• Text Configuration: A text-based configuration file enables you to edit a configured text file (startup-config) offline as needed without having to translate the contents for the D-Link software to understand. The most common usage of text-based configuration is to upload a working configuration from a device, edit it offline to personalize it for another similar device (i.e., change the device name, serial number, IP address,...
Page 173: Downloading A File To The Switch
1. From the File Type field, select the type of file to download. 2. If you are downloading a D-Link DWS-4000 Series image (Code), select the image on the switch to overwrite. If you are downloading another type of file, the Image field is not available.
Page 174: Http File Download
D-Link UWS User Manual HTTP File Download HTTP File Download Use the HTTP File Download page to download files of various types to the switch using an HTTP session (i.e., via your web browser). To display this page, click Tool > HTTP File Download in the navigation menu.
Page 175: Upload File From Switch (Tftp)
D-Link UWS User Manual Upload File From Switch (TFTP) • Click the Start File Transfer button to initiate the file download. Upload File From Switch (TFTP) Use the Upload File from Switch page to upload configuration (ASCII) and image (binary) files from the switch to the TFTP server.
Page 176: Uploading Files
1. From the File Type field, select the type of file to copy from the switch to the TFTP server. 2. If you are uploading a D-Link DWS-4000 Series image (Code), select the image on the switch to upload. If you are uploading another type of file, the Image Name field is not available.
Page 177: Figure 89: Multiple Image Service
D-Link UWS User Manual Multiple Image Service Figure 89: Multiple Image Service The Active Image page contains the following fields: Table 77: Multiple Image Service Fields Field Description Image Name Select Active or Backup from the menu to activate on the next reload or to be deleted.
Page 178: Viewing The Dual Image Status
Viewing the Dual Image Status The Dual Image feature allows the switch to have two D-Link DWS-4000 Series software images in the permanent storage. One image is the active image, and the second image is the backup. This feature reduces the system down-time during upgrades and downgrades.
Page 179: Erase Startup-Config File
D-Link UWS User Manual Erase Startup-config File Erase Startup-config File Use the Erase Startup-config File to erase the startup-configuration file. To display this page, click Tool > Erase Startup-config File in the navigation menu. Figure 91: Erase Startup-config File AutoInstall The AutoInstall feature enables the configuration of a switch automatically when the device is turned on and, during the boot process, no configuration file is found in device storage.
Page 180: Table 79: Autoinstall Fields
D-Link UWS User Manual AutoInstall Table 79: AutoInstall Fields Field Description AutoInstall Mode • Select Start to initiate sending a request to a DHCP server to obtain an IP address of a server and the configuration file name. If it obtains the server address, AutoInstall proceeds to search for and download a configuration file from the server.
Page 181: Section 4: Configuring L2 Features
Section 4: Configuring L2 Features Use the pages in the L2 Features navigation tree folder to configure the Layer 2 switching features available on the D-Link DWS-4000 Series switch. The L2 Features folder contains links to the following features: •...
Page 182: Configuring And Searching The Forwarding Database
D-Link UWS User Manual Configuring and Searching the Forwarding Database Configuring and Searching the Forwarding Database The forwarding database maintains a list of MAC addresses after having received a packet from this MAC address. The transparent bridging function uses the forwarding database entries to determine how to forward a received frame.
Page 183: Mac Address Table
D-Link UWS User Manual Configuring and Searching the Forwarding Database MAC Address Table Use the MAC Address Table page to display information about entries in the forwarding database. To access the page, click LAN > Monitoring > MAC Address Table in the navigation tree.
Page 184: Searching The Forwarding Database
D-Link UWS User Manual Managing VLANs Searching the Forwarding Database Use the following procedures to search the forwarding database. 1. Enter the two-byte hexadecimal VLAN ID followed by the six byte hexadecimal MAC address in two-digit groups separated by colons.
Page 185: Figure 95: Vlan Configuration
D-Link UWS User Manual Managing VLANs Figure 95: VLAN Configuration Table 81: VLAN Configuration Fields Field Description VLAN ID List You can use this screen view/modify/delete an existing VLAN configuration or to create new single/multiple VLAN IDs specified in VLAN ID field. Use this pull down menu to select one of the existing VLANs to view/modify the configuration.
Page 186 D-Link UWS User Manual Managing VLANs Table 81: VLAN Configuration Fields (Cont.) Field Description Participation Use this field to specify whether a port will participate in this VLAN. The factory default is “Autodetect.” The possible values are: • Include: This port is always a member of this VLAN. This is equivalent to registration fixed in the IEEE 802.1Q standard.
Page 187: Vlan Status
D-Link UWS User Manual Managing VLANs VLAN. VLAN Status Use the VLAN Status page to view information about the VLANs configured on your system. To access the VLAN Status page, click LAN > Monitoring> VLAN Summary > VLAN Status in the navigation tree.
Page 188: Vlan Port Configuration
D-Link UWS User Manual Managing VLANs VLAN Port Configuration Use the VLAN Port Configuration page to configure a virtual LAN on a port. To access the VLAN Port Configuration page, click LAN > L2 Features> VLAN > Port Configuration in the navigation tree.
Page 189: Vlan Port Summary
D-Link UWS User Manual Managing VLANs VLAN Port Summary Use the VLAN Port Summary page to view VLAN configuration information for all the ports on the system. To access the VLAN Port Summary page, click LAN > Monitoring> VLAN Summary > VLAN Port Summary in the navigation menu.
Page 190: Managing Protocol-Based Vlans
D-Link UWS User Manual Managing VLANs Managing Protocol-Based VLANs In a protocol-based VLAN, traffic is bridged through specified ports based on the protocol associated with the VLAN. User-defined packet filters determine whether a particular packet belongs to a particular VLAN.
Page 191: Figure 100: Protocol Group
D-Link UWS User Manual Managing VLANs To create and configure a protocol group, enter a group ID and click Submit. The page refreshes and additional fields appear. Figure 100: Protocol Group Table 86: Protocol Group Fields Field Description Group ID Use the drop-down menu to create a new group or to configure the selected protocol group.
Page 192: Protocol-Based Vlan Summary
D-Link UWS User Manual Managing VLANs Protocol-Based VLAN Summary Use the Protocol-based VLAN Summary page to view information about protocol-based VLAN groups configured on the system. To access the Protocol-based VLAN Summary page, click LAN > Monitoring> VLAN Summary > Protocol-based VLAN Port Summary in the navigation tree.
Page 193: Managing Ip Subnet-Based Vlans
D-Link UWS User Manual Managing VLANs Managing IP Subnet-Based VLANs If a packet is untagged or priority- tagged, the device associates the packet with any matching IP subnet classification. If no IP subnet classification can be made, then the packet is subjected to the normal VLAN classification rules of the device.
Page 194: Ip Subnet-Based Vlan Summary
D-Link UWS User Manual Managing VLANs IP Subnet-based VLAN Summary Use the IP Subnet-based VLAN Summary page to view information about IP subnet to VLAN mappings configured on your system. If no mappings are configured, the screen displays a “No IP Subnet-based VLAN Configured”...
Page 195: Mac-Based Vlan Summary
D-Link UWS User Manual Managing VLANs Figure 104: MAC-based VLAN Configuration Table 90: MAC-based VLAN Configuration Fields Field Description MAC Address Specifies the source MAC address to map to a VLAN. VLAN ID Specifies the VLAN to which the source MAC address is to be bound.
Page 196: Double Vlan Tunneling
D-Link UWS User Manual Managing VLANs Double VLAN Tunneling Double VLAN Tunneling allows the use of a second tag on network traffic. The additional tag helps differentiate between customers in the Metropolitan Area Networks (MAN) while preserving individual customer’s VLAN identification when they enter their own 802.1Q domain.
Page 197: Double Vlan Tunneling Summary
D-Link UWS User Manual Managing VLANs Double VLAN Tunneling Summary The Double VLAN Tunneling Summary page shows the double VLAN tunneling configuration status for all ports on the system. To access the Double VLAN Tunneling Summary page, click LAN > Monitoring > VLAN Summary > Double VLAN Status in the navigation tree.
Page 198: Voice Vlan Configuration
D-Link UWS User Manual Voice VLAN Configuration Voice VLAN Configuration The voice VLAN feature enables switch ports to carry voice traffic with defined settings so that voice and data traffic are separated when coming onto the port. A voice VLAN ensures that the sound quality of an IP phone is safeguarded from deterioration when data traffic on the port is high.
Page 199: Reset Vlan Configuration
D-Link UWS User Manual Voice VLAN Configuration Table 94: Voice VLAN Configuration Fields (Cont.) Field Description Voice VLAN Interface Mode Select one of the following interface modes: • Disable: The voice VLAN service is disabled on this interface. Note that the Admin mode field takes precedence;...
Page 200: Configuring Protected Ports
D-Link UWS User Manual Configuring Protected Ports Configuring Protected Ports The Protected Ports feature assists in Layer 2 security. Ports that are configured to be protected cannot forward traffic to other protected ports in the same group, regardless of having the same VLAN membership.
Page 201: Assigning Ports To A Group
D-Link UWS User Manual Configuring Protected Ports Assigning Ports to a Group 1. Select a group ID from the Group ID field. 2. From the Protected Port(s) field, click one port to add a single port to the group, or hold the CTRL key and click multiple ports to add more than one port to the group.
Page 202: Creating Mac Filters
D-Link UWS User Manual Creating MAC Filters Creating MAC Filters Use the MAC Filtering Configuration page to associate a MAC address with a VLAN and set of source ports and destination ports. Any packet with a static MAC address in a specific VLAN is admitted only if the ingress port is included in the set of source ports;...
Page 203: Adding Mac Filters
D-Link UWS User Manual Creating MAC Filters • Click Submit to update the switch with the values on the screen. If you want the switch to retain the new values across a power cycle, you must perform a save. • Click Delete to remove the currently selected filter.
Page 204: Configuring Garp
D-Link UWS User Manual Configuring GARP Configuring GARP Generic Attribute Registration Protocol (GARP) is a general-purpose protocol that registers any network connectivity or membership-style information. GARP defines a set of switches interested in a given network attribute, such as VLAN or multicast address.
Page 205: Table 98: Garp Status Fields
D-Link UWS User Manual Configuring GARP The GARP Status page contains the following fields: Table 98: GARP Status Fields Field Description Switch GVRP Shows whether the switch GVRP protocol is enabled or disabled. Switch GMRP Shows whether the switch GMRP protocol is enabled or disabled.
Page 206: Garp Switch Configuration
D-Link UWS User Manual Configuring GARP GARP Switch Configuration Use the GARP Switch Configuration page to configure GARP settings for the system. To access the GARP Switch Configuration page, click LAN > L2 Features> GARP > Switch Configuration in the navigation tree.
Page 207: Garp Port Configuration
D-Link UWS User Manual Configuring GARP GARP Port Configuration Use the GARP Port Configuration page to configure GARP settings for a specific interface. To access the GARP Port Configuration page, click LAN > L2 Features> GARP > Port Configuration in the navigation tree.
Page 208 D-Link UWS User Manual Configuring GARP Table 100: GARP Port Configuration Fields (Cont.) Field Description GARP Leave Timer (centisecs) Displays time lapse, in centiseconds, that the switch waits before leaving its GARP state. Leave time is activated by a Leave All Time message sent/ received, and cancelled by the Join message received.This allows time for...
Page 209: Creating Port Channels (Trunking)
D-Link UWS User Manual Creating Port Channels (Trunking) Creating Port Channels (Trunking) Port-trunks, which are also known as link aggregation groups (LAGs), allow you to combine multiple full-duplex Ethernet links into a single logical link. Network devices treat the aggregation as if it were a single link, which increases fault tolerance and provides load sharing.
Page 210: Table 101: Port Channel Configuration Fields
D-Link UWS User Manual Creating Port Channels (Trunking) Table 101: Port Channel Configuration Fields Field Description Port Channel Interface You can use this screen to reconfigure an existing Port Channel, or to create a new one. Use this pull down menu to select one of the existing Port Channels, or select 'Create' to add a new one.
Page 211: Port Channel Status
D-Link UWS User Manual Creating Port Channels (Trunking) Table 101: Port Channel Configuration Fields (Cont.) Field Description Participation Select each port’s membership status for the Port Channel you are configuring. There can be a maximum of 8 ports assigned to a Port Channel.
Page 212 D-Link UWS User Manual Creating Port Channels (Trunking) Table 102: Port Channel Status Fields (Cont.) Field Description Admin Mode Select enable or disable from the pulldown menu. When the Port Channel is disabled no traffic will flow and LACPDUs will be dropped, but the links that form the Port Channel will not be released.
Page 213: Configuring Igmp Snooping
D-Link UWS User Manual Configuring IGMP Snooping Configuring IGMP Snooping Internet Group Management Protocol (IGMP) Snooping is a feature that allows a switch to forward multicast traffic intelligently on the switch. Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255.
Page 214: Global Configuration And Status
D-Link UWS User Manual Configuring IGMP Snooping Global Configuration and Status Use the IGMP Snooping Global Configuration and Status page to enable IGMP snooping on the switch and view information about the current IGMP configuration. To access the IGMP Snooping Configuration and Status page, click LAN > L2 Features> IGMP Snooping >...
Page 215: Interface Configuration
D-Link UWS User Manual Configuring IGMP Snooping Interface Configuration Use the IGMP Snooping Interface Configuration page to configure IGMP snooping settings on specific interfaces. To access the IGMP Snooping Interface Configuration page, click LAN > L2 Features> IGMP Snooping >...
Page 216: Vlan Configuration
D-Link UWS User Manual Configuring IGMP Snooping VLAN Configuration Use the IGMP Snooping VLAN Configuration page to configure IGMP snooping settings for VLANs on the system. To access the IGMP Snooping VLAN Configuration page, click LAN > L2 Features> IGMP Snooping > VLAN Configuration in the navigation tree.
Page 217: Vlan Status
D-Link UWS User Manual Configuring IGMP Snooping Table 105: IGMP Snooping VLAN Configuration Fields (Cont.) Field Description Operational Maximum This read-only field displays the value for maximum response time of IGMP Response Time Snooping for the specified VLAN ID. Its value is learned dynamically from the IGMPv2 or IGMPv3 queries received on this VLAN.
Page 218: Multicast Router Configuration
D-Link UWS User Manual Configuring IGMP Snooping Table 106: IGMP Snooping VLAN Status Fields (Cont.) Field Description Operational Maximum Displays the value for maximum response time of IGMP Snooping for the Response Time specified VLAN ID. Its value is learned dynamically from the IGMPv2 or IGMPv3 queries received on this VLAN.
Page 219: Multicast Router Status
D-Link UWS User Manual Configuring IGMP Snooping Multicast Router Status Use the IGMP Snooping Multicast Router Status page to see whether a particular interface is configured as a multicast router interface. To access the IGMP Snooping Multicast Router Statistics page, click Monitoring> IGMP Snooping Status >...
Page 220: Multicast Router Vlan Configuration
D-Link UWS User Manual Configuring IGMP Snooping Multicast Router VLAN Configuration Use the IGMP Snooping Multicast Router VLAN Configuration page to configure multicast router settings for VLANs on an interface. To access the IGMP Snooping Multicast Router VLAN Configuration page, click LAN > L2 Features> IGMP Snooping >...
Page 221: Multicast Router Vlan Status
D-Link UWS User Manual Configuring IGMP Snooping Multicast Router VLAN Status Use the IGMP Snooping Multicast Router VLAN Status page to view multicast router settings for VLANs on a specific interface. To access the IGMP Snooping Multicast Router VLAN Status page, click Monitoring> IGMP Snooping Status >...
Page 222: Configuring Igmp Snooping Queriers
D-Link UWS User Manual Configuring IGMP Snooping Queriers Configuring IGMP Snooping Queriers IGMP snooping requires that one central switch or router periodically query all end-devices on the network to announce their multicast memberships. This central device is the 'IGMP querier'. The IGMP query responses, known as IGMP reports, keep the switch updated with the current multicast group membership on a port-by- port basis.
Page 223: Igmp Snooping Querier Vlan Configuration
D-Link UWS User Manual Configuring IGMP Snooping Queriers Table 111: IGMP Snooping Querier Configuration Fields (Cont.) Field Description Querier Expiry Interval Specify the time interval in seconds after which the last querier information is removed. The Querier Expiry Interval must be a value in the range of 60 and 300.
Page 224: Igmp Snooping Querier Vlan Configuration Summary
D-Link UWS User Manual Configuring IGMP Snooping Queriers IGMP Snooping Querier VLAN Configuration Summary Use this page to view summary information for IGMP snooping queriers for on VLANs in the network. To access this page, click LAN > L2 Features> IGMP Snooping Querier > IGMP Snooping Querier VLAN Configuration Summary in the navigation tree.
Page 225: Igmp Snooping Querier Vlan Status
D-Link UWS User Manual Configuring IGMP Snooping Queriers IGMP Snooping Querier VLAN Status Use this page to view the operational state and other information for IGMP snooping queriers for VLANs on the network. To access this page, click Monitoring > Querier VLAN Status in the navigation tree.
Page 226: Configuring Mld Snooping
D-Link UWS User Manual Configuring MLD Snooping Configuring MLD Snooping In IPv4, Layer 2 switches can use IGMP snooping to limit the flooding of multicast traffic by dynamically configuring Layer-2 interfaces so that multicast traffic is forwarded to only those interfaces associated with an IP multicast address.
Page 227: Interface Configuration
D-Link UWS User Manual Configuring MLD Snooping Table 115: MLD Snooping Global Configuration and Status Fields (Cont.) Field Description Data Frames Forwarded by Shows the number of data frames forwarded by the CPU. the CPU VLAN Ids Enabled For MLD Displays VLAN Ids enabled for MLD snooping.
Page 228: Vlan Status
D-Link UWS User Manual Configuring MLD Snooping Table 116: MLD Snooping Interface Configuration Fields (Cont.) Field Description Multicast Router Present Specify the amount of time you want the switch to wait to receive a query on Expiration Time an interface before removing it from the list of interfaces with multicast routers attached.
Page 229: Vlan Configuration
D-Link UWS User Manual Configuring MLD Snooping VLAN Configuration Use the MLD Snooping VLAN Configuration page to configure MLD Snooping settings for VLANs on the system. To access the MLD Snooping VLAN Configuration page, click LAN > L2 Features> MLD Snooping > VLAN Configuration in the navigation tree.
Page 230: Multicast Router Configuration
D-Link UWS User Manual Configuring MLD Snooping Table 118: MLD Snooping VLAN Configuration Fields (Cont.) Field Description Multicast Router Expiry Time Enter the amount of time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached.
Page 231: Multicast Router Status
D-Link UWS User Manual Configuring MLD Snooping Multicast Router Status Use the MLD Snooping Multicast Router Status page to view multicast router functionality on selected ports. To access this page, click Monitoring > MLD Snooping > Multicast Router Status in the navigation tree.
Page 232: Multicast Router Vlan Configuration
D-Link UWS User Manual Configuring MLD Snooping Multicast Router VLAN Configuration Use the MLD Snooping Multicast Router VLAN Configuration page to configure multicast router settings for VLANs on an interface. To access the MLD Snooping Multicast Router VLAN Configuration page, click LAN > L2 Features> MLD Snooping >...
Page 233: Multicast Router Vlan Status
D-Link UWS User Manual Configuring MLD Snooping Multicast Router VLAN Status Use the MLD Snooping Multicast Router VLAN Status page to view multicast router settings for VLANs on a specific interface. To access the MLD Snooping Multicast Router VLAN Statistics page, click Monitoring > MLD Snooping >...
Page 234: Configuring Mld Snooping Queriers
D-Link UWS User Manual Configuring MLD Snooping Queriers Configuring MLD Snooping Queriers In an IPv6 environment, MLD Snooping requires that one central switch or router periodically query all end- devices on the network to announce their multicast memberships. This central device is the 'MLD querier'. The MLD query responses, known as MLD reports, keep the switch updated with the current multicast group membership on a port-by-port basis.
Page 235: Mld Snooping Querier Vlan Configuration
D-Link UWS User Manual Configuring MLD Snooping Queriers Table 123: MLD Snooping Querier Configuration Fields (Cont.) Field Description Querier Expiry Interval Specify the time interval in seconds after which the last querier information is removed. The Querier Expiry Interval must be a value in the range of 60 and 300.
Page 236: Mld Snooping Querier Vlan Configuration Summary
D-Link UWS User Manual Configuring MLD Snooping Queriers MLD Snooping Querier VLAN Configuration Summary Use this page to view summary information for MLD Snooping queriers for on VLANs in the network. To access this page, click Monitoring > MLD Snooping Querier > Querier VLAN Configuration Summary in the navigation tree.
Page 237: Mld Snooping Querier Vlan Status
D-Link UWS User Manual Configuring MLD Snooping Queriers MLD Snooping Querier VLAN Status Use this page to view the operational state and other information for MLD Snooping queriers for VLANs on the network. To access this page, click LAN > Monitoring > MLD Snooping Querier > Querier VLAN Status in the navigation tree.
Page 238: Viewing Multicast Forwarding Database Information
D-Link UWS User Manual Viewing Multicast Forwarding Database Information Viewing Multicast Forwarding Database Information The Layer 2 Multicast Forwarding Database (MFDB) is used by the switch to make forwarding decisions for packets that arrive with a multicast destination MAC address. By limiting multicasts to only certain ports in the switch, traffic is prevented from going to parts of the network where that traffic is unnecessary.
Page 239: Mfdb Gmrp Table
D-Link UWS User Manual Viewing Multicast Forwarding Database Information Table 127: MFDB Table Fields (Cont.) Field Description Description The text description of this multicast table entry. Possible values are Management Configured, Network Configured and Network Assisted. Interface(s) The list of interfaces that are designated for forwarding (Fwd) and filtering (Flt) for the selected address.
Page 240: Mfdb Igmp Snooping Table
D-Link UWS User Manual Viewing Multicast Forwarding Database Information MFDB IGMP Snooping Table Use the IGMP Snooping Table page to view all of the entries in the Multicast Forwarding Database that were created for IGMP snooping. To access the IGMP Snooping Table page, click LAN > Monitoring > Multicast Forwarding Database > IGMP Snooping Table in the navigation tree.
Page 241: Mfdb Mld Snooping Table
D-Link UWS User Manual Viewing Multicast Forwarding Database Information MFDB MLD Snooping Table Use the MLD Snooping Table page to view all of the entries in the Multicast Forwarding Database that were created for MLD Snooping. To access the MLD Snooping Table page, click LAN > Monitoring> Multicast Forwarding Database > MLD Snooping Table in the navigation tree.
Page 242: Mfdb Statistics
D-Link UWS User Manual Viewing Multicast Forwarding Database Information MFDB Statistics Use the multicast forwarding database Stats page to view statistical information about the MFDB table. To access the Stats page, click LAN > Monitoring > Multicast Forwarding Database > Statistics in the navigation tree.
Page 243: Configuring Spanning Tree Protocol
D-Link UWS User Manual Configuring Spanning Tree Protocol Configuring Spanning Tree Protocol The Spanning Tree Protocol () provides a tree topology for any arrangement of bridges. also provides one path between end stations on a network, eliminating loops. Spanning tree versions supported include Common , Multiple , and Rapid .
Page 244: Table 132: Spanning Tree Switch Configuration/Status Fields
D-Link UWS User Manual Configuring Spanning Tree Protocol Table 132: Spanning Tree Switch Configuration/Status Fields Field Description Spanning Tree Admin Mode Enables or disables on the switch. Force Protocol Version Specifies the Force Protocol Version parameter for the switch: • IEEE 802.1D: Spanning Tree Protocol () •...
Page 245: Cst Configuration/Status
D-Link UWS User Manual Configuring Spanning Tree Protocol CST Configuration/Status Use the Spanning Tree CST Configuration/Status page to configure Common Spanning Tree (CST) and Internal Spanning Tree on the switch. To display the Spanning Tree CST Configuration/Status page, click LAN > L2 FeaturesSpanning TreeCST Configuration/Status in the navigation tree.
Page 246 D-Link UWS User Manual Configuring Spanning Tree Protocol Table 133: Spanning Tree CST Configuration/Status Fields (Cont.) Field Description Bridge Max Age (secs) Specifies the switch maximum age time, which indicates the amount of time in seconds a bridge waits before implementing a topological change. The valid range is 6-40, and the value must be less than or equal to (2 * Bridge Forward Delay) –...
Page 247: Mst Configuration/Status
D-Link UWS User Manual Configuring Spanning Tree Protocol MST Configuration/Status Use the Spanning Tree MST Configuration/Status page to configure Multiple Spanning Tree (MST) on the switch. To display the Spanning Tree MST Configuration/Status page, click LAN > L2 FeaturesSpanning TreeMST Configuration/Status Identification in the navigation tree.
Page 248: Table 134: Spanning Tree Mst Configuration/Status
D-Link UWS User Manual Configuring Spanning Tree Protocol Table 134: Spanning Tree MST Configuration/Status Field Description Use the drop-down menu to create and configure a new MST or select an existing MST to display or configure. MST ID This is only visible when Create is selected from the MST field drop-down menu. The ID of the MST being created.
Page 249: Cst Port Configuration/Status
D-Link UWS User Manual Configuring Spanning Tree Protocol CST Port Configuration/Status Use the Spanning Tree CST Port Configuration/Status page to configure Common Spanning Tree (CST) and Internal Spanning Tree on a specific port on the switch. To display the Spanning Tree CST Port Configuration/Status page, click LAN > L2 FeaturesSpanning Tree...
Page 250: Table 135: Spanning Tree Cst Port Configuration/Status Fields
D-Link UWS User Manual Configuring Spanning Tree Protocol Table 135: Spanning Tree CST Port Configuration/Status Fields Field Description Interface Select a physical or port channel interface to configure. The port is associated with the VLAN(s) associated with the CST. Port Priority The priority for a particular port within the CST.
Page 251 D-Link UWS User Manual Configuring Spanning Tree Protocol Table 135: Spanning Tree CST Port Configuration/Status Fields (Cont.) Field Description Port Forwarding State Indicates the current state of a port. If enabled, the port state determines what forwarding action is taken on traffic. Possible port states are: •...
Page 252: Mst Port Configuration/Status
D-Link UWS User Manual Configuring Spanning Tree Protocol Table 135: Spanning Tree CST Port Configuration/Status Fields (Cont.) Field Description Transitions Into Loop Shows the number of times this interface has moved into a loop inconsistent Inconsistent State state. Transitions Out Of Loop...
Page 253: Table 136: Spanning Tree Mst Port Configuration/Status Fields
D-Link UWS User Manual Configuring Spanning Tree Protocol Table 136: Spanning Tree MST Port Configuration/Status Fields Field Description MST ID Select an existing MST instance from drop-down list to display or configure its values. Interface Select a physical or port channel interface to configure. The port is associated with the VLAN(s) associated with the MST.
Page 254: Statistics
D-Link UWS User Manual Configuring Spanning Tree Protocol Table 136: Spanning Tree MST Port Configuration/Status Fields (Cont.) Field Description Loop Inconsistent State This parameter identifies whether the port is in a loop inconsistent state in the specified MST instance. If the port is in a loop inconsistent state, it does not forward packets.
Page 255: Configuring Dhcp Snooping
D-Link UWS User Manual Configuring DHCP Snooping Table 137: Spanning Tree Statistics Fields (Cont.) Field Description R BPDUs Transmitted Number of R BPDUs transmitted from the selected port. M BPDUs Received Number of M BPDUs received at the selected port.
Page 256: Dhcp Snooping Vlan Configuration
D-Link UWS User Manual Configuring DHCP Snooping Table 138: DHCP Snooping Configuration Field Description DHCP Snooping Mode Enables or disables the DHCP Snooping feature. The default is Disable. MAC Address Validation Enables or disables the validation of sender MAC Address for DHCP Snooping.
Page 257: Dhcp Snooping Interface Configuration
D-Link UWS User Manual Configuring DHCP Snooping DHCP Snooping Interface Configuration The hardware rate limits DHCP packets sent to the CPU from untrusted interfaces to 15 packets per second. There is no hardware rate limiting on trusted interfaces. To prevent DHCP packets from being used as a DoS attack when DHCP snooping is enabled, the snooping application enforces a rate limit for DHCP packets received on untrusted interfaces.
Page 258: Managing Lldp
D-Link DWS-4000 Series allows LLDP to have multiple LLDP neighbors per interface. The number of such neighbors is limited by the memory constraints. A product-specific constant defines the maximum number of neighbors supported by the switch.
Page 259: Global Configuration
D-Link UWS User Manual Managing LLDP Global Configuration Use the LLDP Global Configuration page to specify LLDP parameters that are applied to the switch. To display the LLDP Global Configuration page, click LAN > L2 Features > LLDP > Global Configuration in the navigation tree.
Page 260: Interface Configuration
D-Link UWS User Manual Managing LLDP Interface Configuration Use the LLDP Interface Configuration page to specify LLDP parameters that are applied to a specific interface. To display the LLDP Interface Configuration page, click LAN > L2 FeaturesLLDPInterface Configuration in the navigation tree.
Page 261: Interface Summary
D-Link UWS User Manual Managing LLDP Interface Summary Use the LLDP Interface Summary page to view the LLDP parameters configured on each physical port on the system. To display the LLDP Interface Summary page, click LAN > Monitoring > LLDP StatusInterface Summaryin the navigation tree.
Page 262: Statistics
D-Link UWS User Manual Managing LLDP Statistics Use the LLDP Statistics page to view the global and interface LLDP statistics. To display the LLDP Statistics page, click LAN > Monitoring > LLDP StatusStatistics in the navigation tree. Figure 161: LLDP Statistics...
Page 263: Local Device Information
D-Link UWS User Manual Managing LLDP Table 144: LLDP Statistics Fields (Cont.) Field Description Errors Displays the number of invalid LLDP frames received by the LLDP agent on the corresponding port, while the LLDP agent is enabled. Ageouts Displays the number of age-outs that occurred on a given port. An age-out is the number...
Page 264: Local Device Summary
D-Link UWS User Manual Managing LLDP Table 145: LLDP Local Device Information Fields Field Description Interface Select from the list of all the ports on which LLDP-802.1AB frames can be transmitted. Chassis ID Subtype Displays the string that describes the source of the chassis identifier.
Page 265: Remote Device Information
D-Link UWS User Manual Managing LLDP Table 146: LLDP Local Device Summary Columns Field Description Interface Displays the slot/port on which LLDP-802.1AB frames can be transmitted. Port ID Displays the string describing the source of the port identifier. Port Description Displays the description of the port associated with the local system.
Page 266: Remote Device Summary
D-Link UWS User Manual Managing LLDP Table 147: LLDP Remote Device Information Fields (Cont.) Field Description Port Description Displays the user-defined description of the port. System Capabilities Displays the system capabilities of the remote system. Supported System Capabilities Enabled Displays the system capabilities of the remote system which are supported and enabled.
Page 267: Lldp-Med
D-Link UWS User Manual Managing LLDP LLDP-MED The Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED) is an enhancement to LLDP that features: • Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority and DiffServ settings), enabling plug and play networking.
Page 268: Lldp-Med Interface Configuration
D-Link UWS User Manual Managing LLDP LLDP-MED Interface Configuration Use this page to enable LLDP-MED mode on an interface and configure its properties. To display this page, click LAN > L2 Features > LLDP > LLDP-MED > Interface Configuration in the navigation tree.
Page 269: Lldp-Med Interface Summary
D-Link UWS User Manual Managing LLDP LLDP-MED Interface Summary This page lists each switch interface and its LLDP configuration status. To display this page, click LAN > Monitoring > LLDP Status LLDP-MED > Interface Summary in the navigation tree. Figure 168: LLDP-MED Interface Summary...
Page 270: Lldp Local Device Information
D-Link UWS User Manual Managing LLDP LLDP Local Device Information This page displays information on LLDP-MED information advertised on the selected local interface. To display this page, click LAN > Monitoring > LLDP Status LLDP-MED > Local Device Information in the navigation tree.
Page 271 D-Link UWS User Manual Managing LLDP Table 152: LLDP-MED Local Device Information Fields (Cont.) Field Description Inventory Specifies the inventory TLV present in LLDP frames: • Hardware Revisions. Specifies hardware version. • Firmware Revisions. Specifies firmware version. • Software Revisions. Specifies software version.
Page 272: Lldp-Med Remote Device Information
D-Link UWS User Manual Managing LLDP LLDP-MED Remote Device Information This page displays information on LLDP-MED information received from remote clients on the selected local interface. To display this page, click LAN > Monitoring > LLDP Status > LLDP-MED > Remote Device Information in the navigation tree.
Page 273 D-Link UWS User Manual Managing LLDP Table 153: LLDP-MED Remote Device Information Fields (Cont.) Field Description Network Policy Information Specifies if network policy TLV is received in the LLDP frames on this port: • Media Application Type: Specifies the application type. Types of...
Page 274: Configuring Dynamic Arp Inspection
D-Link UWS User Manual Configuring Dynamic ARP Inspection Configuring Dynamic ARP Inspection Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and malicious ARP packets. DAI prevents a class of man-in-the-middle attacks, where an unfriendly station intercepts traffic for other stations by poisoning the ARP caches of its unsuspecting neighbors.
Page 275: Dai Vlan Configuration
D-Link UWS User Manual Configuring Dynamic ARP Inspection DAI VLAN Configuration Use the DAI VLAN Configuration page to select the DAI-capable VLANs for which information is to be displayed or configured. To display the DAI Configuration page, click LAN > L2 Features>Dynamic ARP Inspection > DAI VLAN Configuration in the navigation tree.
Page 276: Dai Interface Configuration
D-Link UWS User Manual Configuring Dynamic ARP Inspection DAI Interface Configuration Use the DAI Interface Configuration page to select the DAI Interface for which information is to be displayed or configured. To display the DAI Interface Configuration page, click LAN > L2 Features>Dynamic ARP Inspection > DAI Interface Configuration in the navigation tree.
Page 277: Dai Arp Acl Configuration
D-Link UWS User Manual Configuring Dynamic ARP Inspection DAI ARP ACL Configuration Use the DAI ARP ACL Configuration page to add or remove DAI ARP ACLs. To display the DAI ARP ACL Configuration page, click LAN > L2 Features>Dynamic ARP Inspection > DAI ARP ACL Configuration in the navigation tree.
Page 278: Dai Arp Acl Rule Configuration
D-Link UWS User Manual Configuring Dynamic ARP Inspection DAI ARP ACL Rule Configuration Use the DAI ARP ACL Rule Configuration page to add or remove DAI ARP ACL Rules. To display the DAI ARP ACL Rule Configuration page, click LAN > L2 Features>Dynamic ARP Inspection > DAI ARP ACL Rule Configuration in the navigation tree.
Page 279: Dynamic Arp Inspection Statistics
D-Link UWS User Manual Configuring Dynamic ARP Inspection Dynamic ARP Inspection Statistics Use the Dynamic ARP Inspection (DAI) Statistics page to display the statistics per VLAN. To display the DAI Statistics page, click LAN > Monitoring > Dynamic ARP Inspection Statistics in the navigation tree.
Page 280: Section 5: Configuring L3 Features
Configuring L3 Features Section 5: Configuring L3 Features The D-Link Unified Switch supports IP routing. Use the pages in the LAN > L3 Features navigation tree folder to manage routing on the system. This section contains the following information: •...
Page 281: Bootp/Dhcp Relay Agent Configuration
D-Link UWS User Manual Managing the BOOTP/DHCP Relay Agent BootP/DHCP Relay Agent Configuration Use the BOOTP/DHCP Relay Agent Configuration page to configure and display a BOOTP/DHCP relay agent. To display the page, click LAN > L3 Features > BOOTP/DHCP Relay Agent > Configuration in the navigation tree.
Page 282: Bootp/Dhcp Relay Agent Status
D-Link UWS User Manual Managing the BOOTP/DHCP Relay Agent BOOTP/DHCP Relay Agent Status Use the BOOTP/DHCP Relay Agent Status page to display the BOOTP/DHCP Relay Agent configuration and status information. To display the page, click LAN > Monitoring > L3 Status > BOOTP/DHCP Relay Agent Status in the navigation tree.
Page 283: Configuring The Ip Helper Features
D-Link UWS User Manual Configuring the IP Helper Features Configuring the IP Helper Features The IP Helper feature provides the ability for a router to forward configured UDP broadcast packets to a particular IP address. This allows applications to reach servers on non-local subnets. This is possible even when the application is designed to assume a server is always on a local subnet or when the application uses broadcast packets to reach the server (with the limited broadcast address 255.255.255.255, or a network...
Page 284: Figure 180: Adding A Global Ip Helper Entry
D-Link UWS User Manual Configuring the IP Helper Features Table 162: IP Helper Global Configuration Fields (Cont.) Field Description Server Address Shows the Server Address to which the packets with the given UDP Destination Port will be relayed. Hit Count Shows the number of times a packet has been forwarded or discarded according to this entry.
Page 285: Ip Helper Interface Configuration
D-Link UWS User Manual Configuring the IP Helper Features IP Helper Interface Configuration Use the IP Helper Interface Configuration page to configure per-interface relay settings. To display the page, click LAN > L3 Features >IP Helper > Interface Configuration in the navigation tree.
Page 286: Figure 182: Adding An Ip Helper Entry To An Interface
D-Link UWS User Manual Configuring the IP Helper Features To add a relay entry, click Add. The page refreshes and provides the configurable fields to add a UDP destination port and server IP address. Figure 182: Adding an IP Helper Entry to an Interface...
Page 287: Ip Helper Statistics
D-Link UWS User Manual Configuring the IP Helper Features IP Helper Statistics Use the IP Helper – Helper Statistics page to view IP Helper statistics. To display the page, click LAN > L3 Features >IP Helper > Statistics in the navigation tree.
Page 288: Configuring Arp
Specifies the number of UDP packets discarded. Configuring ARP The ARP protocol associates a layer 2 MAC address with a layer 3 IPv4 address. D-Link DWS-4000 Series software features both dynamic and manual ARP configuration. With manual ARP configuration, you can statically add entries into the ARP table.
Page 289: Arp Create
D-Link UWS User Manual Configuring ARP ARP Create Use the ARP Create page to add an entry to the Address Resolution Protocol table. To display the page, click LAN > L3 Features > ARP > ARP Create in the navigation tree.
Page 290: Arp Table Configuration
D-Link UWS User Manual Configuring ARP ARP Table Configuration Use this page to change the configuration parameters for the Address Resolution Protocol Table. You can also use this screen to display the contents of the table. To display the page, click LAN > L3 Features > ARP > ARP Table Configuration in the navigation tree.
Page 291: Table 169: Arp Table Fields
D-Link UWS User Manual Configuring ARP Table 168: ARP Table Configuration Fields (Cont.) Field Description Peak Total Entries Highest value reached by Total Entry Count. This counter value is restarted whenever the ARP table Cache Size value is changed. Active Static Entries Total number of active static entries in the ARP table.
Page 292: Viewing Arp Cache
D-Link UWS User Manual Viewing ARP Cache Viewing ARP Cache The ARP cache is a table maintained locally in each station on a network. ARP cache entries are learned by examining the source information in the ARP packet payload fields, regardless of whether it is an ARP request or response.
Page 293: Configuring Global And Interface Ip Settings
By default, the D-Link DWS-4000 Series switch functions as a layer 2 switch. The pages under the IP folder allow you to enable routing and configure port or VLAN IP addresses so that the D-Link DWS-4000 Series switch also performs layer 3 routing and can route IP packets between devices in different subnets.
Page 294 D-Link UWS User Manual Configuring Global and Interface IP Settings Table 171: IP Configuration Fields (Cont.) Field Description ICMP Rate Limit Interval To control the ICMP error packets, you can specify the number of ICMP error packets that are allowed per burst interval. By default, the rate limit is 100 packets per second, i.e.
Page 295: Ip Interface Configuration
D-Link UWS User Manual Configuring Global and Interface IP Settings IP Interface Configuration Use the IP Interface Configuration page to update IP interface data for this switch. To display the page, click LAN > L3 Features > IP > Interface Configuration in the navigation tree.
Page 296 D-Link UWS User Manual Configuring Global and Interface IP Settings Table 172: IP Interface Configuration Fields (Cont.) Field Description Routing Mode Setting this Enables or Disables routing for an interface. By default, routing is disabled on port-based routing interfaces and enabled on VLAN-based routing interfaces.
Page 297: Ip Statistics
D-Link UWS User Manual Configuring Global and Interface IP Settings IP Statistics The statistics reported on the IP Statistics page are as specified in RFC 1213. To display the page, click LAN > Monitoring > L3 Status > IP Statistics in the navigation tree.
Page 298 D-Link UWS User Manual Configuring Global and Interface IP Settings Table 173: IP Statistics Fields (Cont.) Field Description IpInDelivers The total number of input datagrams successfully delivered to IP user- protocols (including ICMP). IpOutRequests The total number of IP datagrams which local IP user-protocols (including ICMP) supplied to IP in requests for transmission.
Page 299 D-Link UWS User Manual Configuring Global and Interface IP Settings Table 173: IP Statistics Fields (Cont.) Field Description IcmpInEchoReps The number of ICMP Echo Reply messages received. IcmpInTimestamps The number of ICMP Timestamp (request) messages received. IcmpInTimestampReps The number of ICMP Timestamp Reply messages received.
Page 300: Loopback Interfaces
D-Link UWS User Manual Loopback Interfaces Loopback Interfaces D-Link DWS-4000 Series software provides for the creation, deletion, and management of loopback interfaces. They are dynamic interfaces that are created and deleted via user-configuration. D-Link DWS-4000 Series software supports multiple loopback interfaces.
Page 301: Creating A New Loopback (Ipv4)
D-Link UWS User Manual Loopback Interfaces The fields available on the Loopbacks Configuration page depend on whether any loopback interfaces exist and whether the protocol is IPv4 or IPv6. The following table describes all fields, which are not all on the same screen at the same time.
Page 302: Removing A Loopback
D-Link UWS User Manual Loopback Interfaces Figure 192: Loopbacks Configuration—IPv4 Entry 4. In the Protocol field, select IPv4 5. Enter desired values in the remaining fields. 6. Click Submit. The new loopback is saved, and the web page reappears showing secondary address configuration fields.
Page 303: Loopbacks Summary
D-Link UWS User Manual Loopback Interfaces Loopbacks Summary Use the Loopbacks Summary page to display a summary of configured loopbacks. To display the page, click LAN > Monitoring > L3 Status > Loopback Summary in the navigation tree. Figure 193: Loopbacks Summary...
Page 304: Configuring Rip
D-Link UWS User Manual Configuring RIP Configuring RIP RIP is an Interior Gateway Protocol (IGP) based on the Bellman-Ford algorithm and targeted at smaller networks (network diameter no greater than 15 hops). The routing information is propagated in RIP update packets that are sent out both periodically and in the event of a network topology change.
Page 305: Rip Interface Configuration
D-Link UWS User Manual Configuring RIP Table 177: RIP Configuration Fields (Cont.) Field Description Auto Summary Mode Select Enable or Disable from the dropdown menu. If you select Enable, groups of adjacent routes are summarized into single entries, in order to reduce the total number of entries.
Page 306: Table 178: Rip Interface Configuration Fields
D-Link UWS User Manual Configuring RIP Table 178: RIP Interface Configuration Fields Field Description Interface Select the interface for which data is to be configured from the menu. Send Version RIP Version that router sends with its routing updates. The default is RIP-2.
Page 307: Configuring The Rip Interface
D-Link UWS User Manual Configuring RIP Configuring the RIP Interface 1. Open the RIP Interface Configuration page. 2. Specify the interface for which data is to be configured. 3. Enter data into the fields as needed. 4. To change the Authentication Type, click Configure Authentication to configure different Authentication Types.
Page 308: Rip Interface Summary
D-Link UWS User Manual Configuring RIP RIP Interface Summary Use the RIP Interface Summary page to display RIP configuration status on an interface. To display the page, click LAN > Monitoring > L3 Status > RIP > Interface Summary in the navigation tree.
Page 309: Rip Route Redistribution Configuration
D-Link UWS User Manual Configuring RIP RIP Route Redistribution Configuration Use the RIP Route Redistribution Configuration page to configure which routes are redistributed to other routers using RIP. The allowable values for each fields are displayed next to the field. If any invalid values are entered, an alert message is displayed with the list of all the valid values.
Page 310: Rip Route Redistribution Summary
D-Link UWS User Manual Configuring RIP When an access list rule includes a destination IP address and netmask (an extended access list), the destination IP address is compared to the network mask of the destination of the route. The destination netmask in the access list serves as a wildcard mask, indicating which bits in the route’s destination mask are...
Page 311: Router Discovery
D-Link UWS User Manual Router Discovery Router Discovery The Router Discovery protocol is used by hosts to identify operational routers on the subnet. Router Discovery messages are of two types: “Router Advertisements” and “Router Solicitations.” The protocol mandates that every router periodically advertise the IP Addresses it is associated with. Hosts listen for these advertisements and discover the IP Addresses of neighboring routers.
Page 312 D-Link UWS User Manual Router Discovery • If you make any changes to the page, click Submit to apply the changes to the system. Unified Wired and Wireless Access System D-Link Oct. 2015 Page 312...
Page 313: Router Discovery Status
D-Link UWS User Manual Router Discovery Router Discovery Status Use the Router Discovery Status page to display Router Discovery data for each port. To display the page, click LAN > L3 Features > Router Discovery > Status in the navigation tree.
Page 314: Router
D-Link UWS User Manual Router Table 183: Router Discovery Status Fields (Cont.) Field Description Minimum Advertise The minimum time (in seconds) allowed between router advertisements Interval(secs) sent from the interface. Advertise Lifetime(secs) The value (in seconds) used as the lifetime field in router advertisements sent from the interface.
Page 315 D-Link UWS User Manual Router Table 184: Route Table Fields (Cont.) Field Description Protocol This field tells which protocol created the specified route. The possibilities are one of the following: • Local • Static • Default • RIP Next Hop Slot/Port The outgoing router interface to use when forwarding traffic to the destination.
Page 316: Best Routes Table
D-Link UWS User Manual Router Best Routes Table The route table manager collects routes from multiple sources: static routes, RIP routes, and local routes. The route table manager may learn multiple routes to the same destination from multiple sources. In that case, the route table manager selects the route with the lowest route preference value to use for forwarding to that destination.
Page 317: Configured (Static) Routes
D-Link UWS User Manual Router Configured (Static) Routes Use the Configured Routes page to create and display static routes. To display the page, click LAN > L3 Features > Router > Configured Routes in the navigation tree. Figure 204: Configured Routes...
Page 318: Deleting A Route
D-Link UWS User Manual Router Figure 205: Create Static Route Table 187: Route Entry Create Fields Field Description Route Type Specifies whether the route is to be a Default, Static, or Static Reject route. Packets sent to the static reject route are dropped.
Page 319: Route Preferences Configuration
D-Link UWS User Manual Router Route Preferences Configuration Use the Route Preferences Configuration page to configure the default preference for each protocol. These values are arbitrary values that range from 1 to 255, and are independent of route metrics. Most routing protocols use a route metric to determine the shortest path known to the protocol, independent of any other protocol.
Page 320: Vlan Routing
VLAN Routing You can configure the D-Link DWS-4000 Series switch with some ports supporting VLANs and some supporting routing. You can also configure the software to allow traffic on a VLAN to be treated as if the VLAN were a router port.
Page 321: Creating A Vlan Routing Interface
D-Link UWS User Manual VLAN Routing Figure 207 shows the page when at least one VLAN routing interface has been created. Figure 208: VLAN Routing Configuration - Interface Exists Table 189: VLAN Routing Configuration Fields Field Description VLAN ID Enter the ID of a VLAN to configure for VLAN Routing. Initially, the field will display the ID of the first VLAN.
Page 322: Deleting A Vlan Router Interface
D-Link UWS User Manual VLAN Routing 5. Enter the IP address and subnet mask for the VLAN, and configure any other interface settings. 6. Click Submit to apply the settings to the VLAN routing interface. 7. Navigate to the LAN > Monitoring > VLAN Routing Summary page to view the new VLAN in the table.
Page 323: Vlan Routing Summary
D-Link UWS User Manual VLAN Routing VLAN Routing Summary Use the VLAN Routing Summary page to display information about the VLAN Routing interfaces configured on the system. To display the page, click LAN > Monitoring > L3 Status > VLAN Routing Summary in the navigation tree.
Page 324: Virtual Router Redundancy Protocol (Vrrp)
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) Virtual Router Redundancy Protocol (VRRP) The Virtual Router Redundancy protocol is designed to handle default router failures by providing a scheme to dynamically elect a backup router. The driving force was to minimize “black hole” periods due to the failure of the default gateway router during which all traffic directed towards it is lost until the failure is detected.
Page 325: Virtual Router Configuration
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) Virtual Router Configuration Use the Virtual Router Configuration page to create a new virtual router or to configure an existing one. To display the page, click LAN > L3 Features > VRRP > Virtual Router Interface in the navigation tree.
Page 326: Configuring A Secondary Vrrp Address
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) Table 192: Virtual Router Configuration Fields (Cont.) Field Description Configured Priority Enter the priority value to be used by the VRRP router in the election for the master virtual router. If the Virtual IP Address is the same as the interface IP Address, the priority gets set to 255 no matter what you enter.
Page 327: Creating A New Virtual Router
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) Creating a New Virtual Router 1. From the Virtual Router Configuration page, select Create from the VRID and Slot/Port menu. 2. Specify the VRID, the virtual router address, and the interface for the new virtual router.
Page 328: Vrrp Interface Tracking
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) • Click Add to proceed to the VRRP Interface Tracking page. • Click Submit to apply the new configuration. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a Save configuration is performed.
Page 329: Vrrp Route Tracking Configuration
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) VRRP Route Tracking Configuration Use VRRP Route Tracking Configuration to track specific route IP states within the router that can alter the priority level of a virtual router for a VRRP group.
Page 330: Vrrp Route Tracking
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) VRRP Route Tracking Use the VRRP Route Tracking page to add a route into the tracking list. To access this page, click Add from the VRRP Route Tracking page. Figure 215: VRRP Route Tracking...
Page 331: Table 197: Virtual Router Status Fields
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) Table 197: Virtual Router Status Fields Field Description VRID Virtual Router Identifier. Slot/Port Indicates the interface associate with the VRID. Priority The priority value used by the VRRP router in the election for the master virtual router.
Page 332: Virtual Router Statistics
D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) Virtual Router Statistics Use the Virtual Router Statistics page to display statistics for a specified virtual router. To display the page, click LAN > Monitoring > L3 Status > Virtual Router Statistics in the navigation tree.
Page 333 D-Link UWS User Manual Virtual Router Redundancy Protocol (VRRP) Table 198: Virtual Router Statistics Fields (Cont.) Field Description Slot/Port The interface for the selected Virtual Router. Up Time The time, in days, hours, minutes and seconds, that has elapsed since the virtual router transitioned to the initialized state.
Page 334: Section 6: Configuring Quality Of Service
D-Link UWS User Manual Configuring Quality of Service Section 6: Configuring Quality of Service This section gives an overview of Quality of Service (QoS) and explains the QoS features available from the Quality of Service navigation tree menu, which include the following: •...
Page 335: Trust Mode Configuration
D-Link UWS User Manual Configuring Class of Service To display the page, click LAN > QoS> Class of Service802.1p Priority Mapping in the navigation tree. Figure 218: 802.1p Priority Mapping Table 199: 802.1p Priority Mapping Field Description Interface Selects the interface to which the class of service configuration is applied.
Page 336: Figure 219: Trust Mode Configuration
D-Link UWS User Manual Configuring Class of Service Alternatively, when a port is configured as untrusted, it does not trust any incoming packet priority designation and uses the port default priority value instead. All packets arriving at the ingress of an untrusted port are directed to a specific CoS queue on the appropriate egress port(s) in accordance with the configured default priority of the ingress port.
Page 337: Ip Dscp Mapping Configuration
D-Link UWS User Manual Configuring Class of Service The Trust Mode Configuration page also displays the Current 802.1p Priority Mapping table. For information about 802.1p priority mapping, see “Mapping 802.1p Priority” on page 334. To access the 802.1 priority mapping configuration page, click LAN > QoS > Class of Service > 802.1p Priority Mapping in the navigation menu.
Page 338: Cos Interface Configuration
D-Link UWS User Manual Configuring Class of Service CoS Interface Configuration Use the CoS Interface Configuration page to apply an interface shaping rate to all ports or to a specific port. To display the CoS Interface Configuration page, click LAN > QoS > Class of Service > CoS Interface Configuration in the navigation menu.
Page 339: Cos Interface Queue Configuration
D-Link UWS User Manual Configuring Class of Service CoS Interface Queue Configuration Use the CoS Interface Queue Configuration page to define what a particular queue does by configuring switch egress queues. User-configurable parameters control the amount of bandwidth used by the queue, the queue depth during times of congestion, and the scheduling of packet transmission from the set of all queues on a port.
Page 340: Cos Interface Queue Status
D-Link UWS User Manual Configuring Class of Service Table 203: Interface Queue Configuration Fields (Cont.) Field Description Scheduler Type Selects the type of queue processing from the dropdown menu. Options are Weighted and Strict. Defining on a per-queue basis allows the user to create the desired service characteristics for different types of traffic.
Page 341: Configuring Differentiated Services
D-Link UWS User Manual Configuring Differentiated Services Configuring Differentiated Services The QoS feature contains Differentiated Services (DiffServ) support that allows traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors. Standard IP-based networks are designed to provide “best effort” data delivery service. “Best effort” service implies that the network delivers the data in a timely fashion, although there is no guarantee that it will.
Page 342: Figure 224: Diffserv Configuration
D-Link UWS User Manual Configuring Differentiated Services To display the page, click LAN > Quality of Service > Differentiated Services > Diffserv Configuration in the navigation menu. Figure 224: DiffServ Configuration Table 204: DiffServ Configuration Fields Field Description DiffServ Admin Mode Turns admin mode on and off.
Page 343: Class Configuration
D-Link UWS User Manual Configuring Differentiated Services Class Configuration Use the Class Configuration page to add a new Diffserv class name, or to rename or delete an existing class. The page also allows you to define the criteria to associate with a DiffServ class. As packets are received, these DiffServ classes are used to prioritize packets.
Page 344: Table 205: Diffserv Class Configuration Fields
D-Link UWS User Manual Configuring Differentiated Services Table 205: DiffServ Class Configuration Fields Field Description Class Selector To configure a new DiffServ class, select Create. To modify or view an existing class, select the name of the class from the dropdown menu.
Page 345: Diffserv Class Summary
D-Link UWS User Manual Configuring Differentiated Services Table 205: DiffServ Class Configuration Fields (Cont.) Field Description Class Match Selector (cont.) • Protocol: Requires a packet’s layer 4 protocol to match the protocol you select. If you select Other, enter a protocol number in the field that appears.
Page 346: Policy Configuration
D-Link UWS User Manual Configuring Differentiated Services Policy Configuration Use the Policy Configuration page to associate a collection of classes with one or more policy statements. To display the page, click LAN > QoS > Differentiated Services > Policy Configuration in the navigation menu.
Page 347: Diffserv Policy Summary
D-Link UWS User Manual Configuring Differentiated Services Table 206: Policy Configuration Fields (Cont.) Field Description Policy Type The available policy type is In, which indicates the type is specific to inbound traffic. Out indicates the type is specific to outbound traffic direction. This field is only configurable when you create a new policy.
Page 348: Policy Class Definition
D-Link UWS User Manual Configuring Differentiated Services Policy Class Definition Use the Policy Class Definition page to associate a class to a policy and to define attributes for that policy-class instance. To display the page, click LAN > QoS > Differentiated Services > Policy Class Definition in the navigation menu.
Page 349 D-Link UWS User Manual Configuring Differentiated Services Table 207: Policy Class Definition Fields (Cont.) Field Description Policy Attribute • Mark IP Precedence: Use this attribute to mark all packets for the associated traffic Selector (Cont.) stream with the IP Precedence value you enter in the IP Precedence Value field.
Page 350: Diffserv Policy Attribute Summary
D-Link UWS User Manual Configuring Differentiated Services DiffServ Policy Attribute Summary The DiffServ Policy Attribute Summary page provides an overview of the attributes that have been configured for each policy. To display the page, click LAN > Monitoring > Differentiated Services > Policy Attribute Summary in the navigation menu.
Page 351: Diffserv Service Summary
D-Link UWS User Manual Configuring Differentiated Services DiffServ Service Summary The DiffServ Service Summary page provides an overview of the policies-port associations. To display the page, click LAN > Monitoring > Differentiated Services > Service Summary in the navigation menu.
Page 352: Service Detailed Statistics
D-Link UWS User Manual Configuring Differentiated Services Table 209: Service Statistics Fields (Cont.) Field Description Operational Status Shows the operational status of this service interface, which is either Up or Down. Offered Octets Shows the total number of packets/octets offered to all class instances in this service policy before their defined DiffServ treatment is applied.
Page 353: Table 210: Service Detailed Statistics Fields
D-Link UWS User Manual Configuring Differentiated Services Table 210: Service Detailed Statistics Fields Field Description Counter Mode Selects the format of the displayed counter values, which must be either Octets or Packets. Selector The default is Octets. Interface List of all valid slot number and port number combinations in the system that have a DiffServ policy currently attached in the In direction.
Page 354: Configuring Auto Voip
D-Link UWS User Manual Configuring Auto VoIP Configuring Auto VoIP Voice over Internet Protocol (VoIP) allows you to make telephone calls using a computer network over a data network like the Internet. With the increased prominence of delay-sensitive applications (voice, video, and other multimedia applications) deployed in networks today, proper QoS configuration will ensure high-quality application performance.
Page 355: Auto Voip Summary
D-Link UWS User Manual Configuring Auto VoIP Table 211: Auto VoIP Configuration Fields Field Description Interface Specifies all Auto VoIP configurable interfaces. The All option represents the most recent configuration settings done for all ports. These settings may be overridden on a per-interface basis.
Page 356: Section 7: Configuring Access Control Lists
D-Link DWS-4000 Series software supports IPv4 and MAC ACLs. The total number of MAC and IP ACLs supported by D-Link DWS-4000 Series software is 100.
Page 357: Ip Acl Configuration
D-Link UWS User Manual Configuring IP Access Control Lists IP ACL Configuration Use the IP ACL Configuration page to add or remove IP-based ACLs. On this menu the interfaces to which an IP ACL applies must be specified, as well as whether it applies to inbound or outbound traffic. Rules for the IP ACL are specified/created using the “IP ACL Rule...
Page 358: Ip Acl Rule Configuration
D-Link UWS User Manual Configuring IP Access Control Lists The ACL Table at the bottom of the page shows the current size of the ACL table versus the maximum size of the ACL table. The current size is equal to the number of configured IPv4 and IPv6 ACLs plus the number of configured MAC ACLs.
Page 359: Figure 241: Ip Acl Rule Configuration (Extended Acl Rule)
D-Link UWS User Manual Configuring IP Access Control Lists Figure 241 shows the fields available when you create a rule for an extended IP ACL. Figure 241: IP ACL Rule Configuration (Extended ACL Rule) Table 213 shows all possible fields on the IP ACL Rule Configuration page. The actual fields available on the page depend on what type of rule you configure, whether you create a new rule or modify an existing rule, and whether the rule action is Permit or Deny.
Page 360 D-Link UWS User Manual Configuring IP Access Control Lists Table 213: IP ACL Rule Configuration Fields (Cont.) Field Description Logging This field is only visible for a Deny Action. When set to True, logging is enabled for this ACL rule (subject to resource availability in the device). If the Access...
Page 361 D-Link UWS User Manual Configuring IP Access Control Lists Table 213: IP ACL Rule Configuration Fields (Cont.) Field Description Source IP Address Requires a packet’s source port IP address to match the address listed here. Click Configure, and then enter an IP Address in the appropriate field using dotted-decimal notation.
Page 362: Modifying An Ip-Based Rule
D-Link UWS User Manual Configuring IP Access Control Lists Table 213: IP ACL Rule Configuration Fields (Cont.) Field Description Service Type Select one of the following three Match conditions for the extended IP ACL rule. These are alternative ways of specifying a match condition for the same Service Type field in the IP header, however each uses a different user notation.
Page 363: Adding A New Rule To An Ip-Based Acl
D-Link UWS User Manual Configuring IP Access Control Lists Adding a New Rule to an IP-based ACL 1. Open the IP ACL Rule Configuration page. 2. Select the desired ACL from the IP ACL menu. 3. Specify Create Rule for Rule ID and enter a new ID number.
Page 364: Ip Acl Rule Summary
D-Link UWS User Manual MAC Access Control Lists IP ACL Rule Summary Use the IP ACL Rule Summary page to view a summary of the IP ACLs that have been configured on the switch. To access the page, click LAN > Monitoring > Access Control Lists > IP Access Control Lists > Summary.
Page 365: Mac Acl Configuration
D-Link UWS User Manual MAC Access Control Lists MAC ACL Configuration The MAC ACL Configuration page allows network administrators to define a MAC-based ACL. To display the MAC ACL Configuration page, click LAN > QoS > Access Control Lists > MAC Access Control Lists >...
Page 366: Mac Acl Rule Configuration
D-Link UWS User Manual MAC Access Control Lists MAC ACL Rule Configuration Use the MAC ACL Rule Configuration page to define rules for MAC-based ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. A default 'deny all' rule is the last rule of every list.
Page 367: Figure 247: Mac Acl Rule Configuration (Permit Action)
D-Link UWS User Manual MAC Access Control Lists Figure 247 shows the fields available when you create a rule for a MAC ACL. Figure 247: MAC ACL Rule Configuration (Permit Action) Table 215 shows all possible fields on the MAC ACL Rule Configuration page. The actual fields available on the page depend on whether you create a new rule or modify an existing rule, and whether the rule action is Permit or Deny.
Page 368 D-Link UWS User Manual MAC Access Control Lists Table 215: MAC ACL Rule Configuration Fields (Cont.) Field Description Logging This field is only visible for a Deny Action. When set to True, logging is enabled for this ACL rule (subject to resource availability in the device). If the Access...
Page 369: Adding A New Rule To A Mac-Based Acl
D-Link UWS User Manual MAC Access Control Lists Table 215: MAC ACL Rule Configuration Fields (Cont.) Field Description EtherType Key Requires a packet’s EtherType to match the EtherType you select. Click Configure, and then select the EtherType value from the dropdown menu. If you select User Value, you can enter a custom EtherType value.
Page 370: Mac Acl Summary
D-Link UWS User Manual MAC Access Control Lists MAC ACL Summary Use the MAC ACL Summary page to view a summary of the MAC ACLs that have been configured on the switch. To access the page, click LAN > Monitoring > Access Control Lists > MAC Access Control Lists > Summary.
Page 371: Acl Interface Configuration
D-Link UWS User Manual ACL Interface Configuration ACL Interface Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the ACL Interface Configuration page to assign ACLs and Interfaces and prioritize the ACLs that are bound to each interface.
Page 372: Assigning An Acl To An Interface
D-Link UWS User Manual ACL Interface Configuration Assigning an ACL to an Interface 1. Open the ACL Interface Configuration page. 2. Select the interface from the Slot/Port field to which you want to bind the ACL. 3. Select the type of ACL in the ACL Type field.
Page 373: Section 8: Managing Device Security
D-Link UWS User Manual Managing Device Security Section 8: Managing Device Security Use the features in the Security folder on the navigation tree menu to set management security parameters for port, user, and server security. The Security folder contains links to the following features: •...
Page 374: Port Security Administration
D-Link UWS User Manual Configuring Port Security Port Security Administration Use the Port Security Administration page to enable or disable the port security feature on your switch. To access the Port Security Administration page, click LAN > Security > Port Security Administration in the navigation tree.
Page 375: Table 217: Port Security Interface Configuration Fields
D-Link UWS User Manual Configuring Port Security Table 217: Port Security Interface Configuration Fields Field Description Interface Select the physical interface or the LAG on which to configure port security information. Port Security Determines whether port security is enabled. The default mode is Disable.
Page 376: Port Security Static
D-Link UWS User Manual Configuring Port Security Port Security Static Use the Port Security Static page to view static MAC addresses configured on an interface. To access the Port Security Static page, click LAN > Security > Port Security Static in the navigation tree.
Page 377: Port Security Dynamic
D-Link UWS User Manual Configuring Port Security Port Security Dynamic Use the Port Security Dynamic page to view a table with the dynamically learned MAC addresses on an interface. With dynamic locking, MAC addresses are learned on a “first arrival” basis. You specify how many addresses can be learned on the locked port.
Page 378: Port Security Violation Status
D-Link UWS User Manual Configuring Port Security Port Security Violation Status Use the Port Security Violation Status page to enable or disable the port security feature on your switch. To access the Port Security Violation Status page, click LAN > Monitoring > Port Security > Port Security Violation in the navigation tree.
Page 379: Ssl/Secure Http Configuration
D-Link UWS User Manual SSL/Secure HTTP Configuration SSL/Secure HTTP Configuration Secure HTTP enables the transmission of HTTP over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. When you manage the switch by using a Web interface, secure HTTP can help ensure that communication between the management system and the switch is protected from eavesdroppers and man-in-the-middle attacks.
Page 380: Generating Certificates
D-Link UWS User Manual SSL/Secure HTTP Configuration Table 221: Secure HTTP Configuration Fields (Cont.) Field Description HTTPS Session Hard Timeout Sets the hard timeout for HTTPS sessions. This timeout is unaffected by the activity level of the session. The value must be in the range of (1 to 168) hours.
Page 381: Figure 257: File Download
D-Link UWS User Manual SSL/Secure HTTP Configuration Figure 257: File Download 2. From the File Type field on the File Download page, select one of the following types of SSL files to download: – SSL Trusted Root Certificate PEM File: SSL Trusted Root Certificate File (PEM Encoded).
Page 382: Secure Shell (Ssh) Configuration
D-Link UWS User Manual Secure Shell (SSH) Configuration Secure Shell (SSH) Configuration If you use the command-line interface (CLI) to manage the switch from a remote system, you can use Secure Shell (SSH) to establish a secure connection. SSH uses public-key cryptography to authenticate the remote computer.
Page 383: Downloading Ssh Host Keys
D-Link UWS User Manual Secure Shell (SSH) Configuration Table 222: Secure Shell Configuration Fields (Cont.) Field Description SSH Session Timeout This text field is used to configure the inactivity timeout value for incoming (Minutes) SSH sessions to the switch. The acceptable range for this value is (1-160) minutes.
Page 384: Captive Portal Configuration
D-Link UWS User Manual Captive Portal Configuration Captive Portal Configuration The Captive Portal (CP) feature allows you to block both wired and wireless clients from accessing the network until user verification has been established. You can configure CP verification to allow access for both guest and authenticated users.
Page 385: Table 223: Captive Portal Global Configuration
D-Link UWS User Manual Captive Portal Configuration The following table describes the global CP fields you can view or configure. Table 223: Captive Portal Global Configuration Field Description Enable Captive Select the check box to enable the CP feature on the switch. Clear the check box to Portal disable the captive portal feature.
Page 386: Cp Configuration
D-Link UWS User Manual Captive Portal Configuration CP Configuration From the CP Configuration page, you can view summary information about captive portals on the system, add a captive portal, and configure existing captive portals. Use the CP Summary page to create or delete captive portal configurations. The switch supports 10 CP configurations.
Page 387: Changing The Captive Portal Settings
D-Link UWS User Manual Captive Portal Configuration Table 224: Captive Portal Summary (Cont.) Field Description Protocol Indicates whether the portal uses HTTP or HTTPS. Verification Specifies which type of user verification to perform: • Guest: The user does not need to be authenticated by a database.
Page 388 D-Link UWS User Manual Captive Portal Configuration Table 225: CP Configuration (Cont.) Field Description Configuration This field allows you to change the name of the portal added from the CP Summary page. Name Protocol Mode Choose whether to use HTTP or HTTPs as the protocol for the portal to use during the verification process.
Page 389: Customizing The Captive Portal Web Page
D-Link UWS User Manual Captive Portal Configuration Table 225: CP Configuration (Cont.) Field Description Max Transmit Enter the maximum number of bytes that a client is allowed to transmit when using the captive portal. After this limit has been reached the user will be disconnected.
Page 390: Figure 262: Cp Web Page Customization - Global Parameters
D-Link UWS User Manual Captive Portal Configuration deauthenticate. The fields available on the CP WEB Customization page depend on the category you select from the menu. After you modify the fields within a category, make sure you click Submit before you select a different category;...
Page 391: Figure 263: Cp Web Page Customization - Authentication Page
D-Link UWS User Manual Captive Portal Configuration Figure 263: CP Web Page Customization — Authentication page Figure 264: CP Web Page Customization — Welcome Page Unified Wired and Wireless Access System D-Link Oct. 2015 Page 391...
Page 392: Figure 265: Cp Web Page Customization - Logout Page
D-Link UWS User Manual Captive Portal Configuration Figure 265: CP Web Page Customization — Logout Page Figure 266: CP Web Page Customization — Logout Success Page Table 226 describes the fields on the CP Web Page Customization page. Table 226: CP Web Page Customization...
Page 393 D-Link UWS User Manual Captive Portal Configuration Table 226: CP Web Page Customization Field Description Background Image Select the name of the image to display as the page background. Use the drop-down menu to display the file names of the available images. Click the ...
Page 394 D-Link UWS User Manual Captive Portal Configuration Table 226: CP Web Page Customization Field Description Denied Message Enter the text to display when the user does not provide valid authentication information. This message displays after the user clicks the button to connect to the network.
Page 395: Local User
D-Link UWS User Manual Captive Portal Configuration Local User You can configure a portal to accommodate guest users and authorized users. Guest users do not have assigned user names and passwords. Authorized users provide a valid user name and password that must first be validated against a local database or RADIUS server.
Page 396: Adding A Local User
D-Link UWS User Manual Captive Portal Configuration Adding a Local User When you click Add from the Local User Summary page, the screen refreshes, and you can add a new user to the Local User database. To configure additional parameters for the new user, return to the Local User Summary page and click the name of the new user.
Page 397: Configuring Users In The Local Database
D-Link UWS User Manual Captive Portal Configuration Configuring Users in the Local Database From the Local User Configuration page, you can configure additional settings for an existing CP user in the local database. When you add a user, you can set maximum data transmission rates to control bandwidth usage.
Page 398: Configuring Users In A Remote Radius Server
D-Link UWS User Manual Captive Portal Configuration Table 229: Local User Configuration (Cont.) Field Description Max Transmit Enter the maximum number of bytes that the user is allowed to transmit when using the captive portal. After this limit has been reached the user will be disconnected.
Page 399 D-Link UWS User Manual Captive Portal Configuration Table 230: Captive Portal User RADIUS Attributes Attribute Number Description Range Usage Default WISPr-Bandwidth- 14122, 8 Maximum client receive rate Integer Optional – Max-Down (b/s). Limits the bandwidth at which the client can receive data from the network.
Page 400: Interface Association
D-Link UWS User Manual Captive Portal Configuration Interface Association From the Interface Association page, you can associate a configured captive portal with a specific physical interface or wireless network (SSID). The CP feature only runs on the wired or wireless interfaces that you specify.
Page 401: Cp Global Status
D-Link UWS User Manual Captive Portal Configuration Use the following steps to associate one or more interfaces with a captive portal. 1. Select the desired captive portal from the CP Configuration list. 2. Select the interface or interfaces from the Interface List. To select more than one interface, hold CTRL and click multiple interfaces.
Page 402: Viewing Cp Activation And Activity Status
D-Link UWS User Manual Captive Portal Configuration Table 232 describes the fields displayed on the CP Global Status page. Table 232: Global Captive Portal Status Field Description CP Global Operational Status Shows whether the CP feature is enabled. CP Global Disable Reason...
Page 403: Table 233: Cp Activation And Activity Status
D-Link UWS User Manual Captive Portal Configuration Table 233 describes the information that displays for each portal. Table 233: CP Activation and Activity Status Field Description Operational Status Indicates whether the captive portal is enabled or disabled. Disable Reason If the captive portal is disabled, then this field indicates the reason. The portal instance may be disabled for the following reasons: •...
Page 404: Interface Status
D-Link UWS User Manual Captive Portal Configuration Interface Status The pages available from the Interface Status link provide information about the captive portal interfaces and their capabilities. Viewing Interface Activation Status The Interface Activation Status page shows information for every interface assigned to a captive portal instance.
Page 405: Viewing Interface Capability Status
D-Link UWS User Manual Captive Portal Configuration Viewing Interface Capability Status The Interface Capability Status page contains information about interfaces that can have CPs associated with them. The page also contains status information for various capabilities. Specifically, this page indicates what services are provided through the CP to clients connected on this interface.
Page 406: Client Connection Status
D-Link UWS User Manual Captive Portal Configuration Client Connection Status From the Client Connection Status page, you can access several pages that provide information about clients that are connected to the switch through the CP. Use the Client Summary page to view summary information about all authenticated wireless clients that are connected through the captive portal.
Page 407: Viewing Client Details
D-Link UWS User Manual Captive Portal Configuration Viewing Client Details The Client Detail page shows detailed information about each client connected to the network through a captive portal. Figure 276: Client Detail The drop-down menu lists each associated client by MAC address. To view status information for a different client, select its MAC address from the list.
Page 408: Viewing The Client Statistics
D-Link UWS User Manual Captive Portal Configuration Viewing the Client Statistics Use the Client Statistics page to view information about the traffic a client has sent or received. Figure 277: Client Statistics The drop-down menu lists each associated client by MAC address. To view statistical information for a client, select it from the list.
Page 409: Viewing The Client Cp Association Status
D-Link UWS User Manual Captive Portal Configuration Table 239 describes the fields on the Interface - Client Status page. Table 239: Interface - Client Status Field Description MAC Address Identifies the MAC address of the wireless client. If the MAC address is marked with an asterisk (*), the authenticated client is authenticated by a peer switch.
Page 410: Snmp Trap Configuration
D-Link UWS User Manual Captive Portal Configuration SNMP Trap Configuration Use the SNMP Trap Configuration page to configure whether or not SNMP traps are sent from the Captive Portal and to specify captive portal events that will generate a trap.
Page 411: Radius Settings
D-Link UWS User Manual RADIUS Settings RADIUS Settings Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks. The RADIUS server maintains a user database, which contains per-user authentication information. RADIUS servers provide a centralized authentication method for: •...
Page 412 D-Link UWS User Manual RADIUS Settings Table 242: RADIUS Configuration Fields (Cont.) Field Description Number of Named Accounting The number of accounting server groups configured on the system. An Server Groups accounting server group contains one or more configured authentication servers that share the same RADIUS server name.
Page 413: Radius Server Configuration
D-Link UWS User Manual RADIUS Settings RADIUS Server Configuration From the RADIUS Authentication Server Configuration page, you can add a new RADIUS server, configure settings for a new or existing RADIUS server, and view RADIUS server status information. The RADIUS client on the switch supports up to 32 named authentication and accounting servers.
Page 414: Table 243: Radius Server Configuration Fields
D-Link UWS User Manual RADIUS Settings Table 243: RADIUS Server Configuration Fields Field Description RADIUS Server Host Address Use the drop-down menu to select the IP address of the RADIUS server to view or configure. Select Add to configure additional RADIUS servers.
Page 415: Viewing Named Server Status Information
D-Link UWS User Manual RADIUS Settings Use the buttons at the bottom of the page to perform the following actions: • If you make changes to the page, click Submit to apply the changes to the system. • To delete a configured RADIUS authentication server, select the IP address of the server from the RADIUS Server Host Address menu, and then click Remove.
Page 416: Radius Server Statistics
D-Link UWS User Manual RADIUS Settings RADIUS Server Statistics To access the RADIUS Server Statistics page, click LAN > Monitoring > RADIUS Statistics > Server Statistics in the navigation menu. Figure 285: RADIUS Server Statistics RADIUS Accounting Server Configuration From the RADIUS Accounting Server Configuration page, you can add a new RADIUS accounting server, configure settings for a new or existing RADIUS accounting server, and view RADIUS accounting server status information.
Page 417: Figure 287: Radius Accounting Server Configuration-Server Added
D-Link UWS User Manual RADIUS Settings If at least one RADIUS accounting server is configured on the switch, and a host address is selected in the Accounting Server Host Address field, then additional fields are available on the Accounting Server Configuration page.
Page 418: Viewing Named Accounting Server Status
D-Link UWS User Manual RADIUS Settings Viewing Named Accounting Server Status The RADIUS Named Accounting Server Status page shows summary information about the accounting servers configured on the system. Figure 288: RADIUS Named Accounting Server Status Table 246: Named Accounting Server Fields...
Page 419: Radius Server Statistics
D-Link UWS User Manual RADIUS Settings RADIUS Server Statistics To access the RADIUS Server Statistics page, click LAN > Monitoring > RADIUS Statistics > Server Statistics in the navigation menu. Figure 289: RADIUS Accounting Server Statistics Clear Statistics Use the RADIUS Clear Statistics page to reset all RADIUS authentication and accounting statistics to zero.
Page 420: Port Access Control
D-Link UWS User Manual Port Access Control Port Access Control In port-based authentication mode, when 802.1X is enabled globally and on the port, successful authentication of any one supplicant attached to the port results in all users being able to use the port without restrictions.
Page 421: Port Configuration
D-Link UWS User Manual Port Access Control Table 247: Global Port Access Control Configuration Fields (Cont.) Field Description Dynamic VLAN Creation Mode Select Enable to allow the switch to dynamically create a RADIUS-assigned VLAN if it does not already exist in the VLAN database.
Page 422: Table 248: Port Access Control Port Configuration Fields
D-Link UWS User Manual Port Access Control Table 248: Port Access Control Port Configuration Fields Field Description Interface Selects the Port to configure. Control Mode Defines the port authorization state. The control mode is only set if the link status of the port is link up. The possible field values are: •...
Page 423: Port Access Entity Capability Configuration
D-Link UWS User Manual Port Access Control • Click Submit to send the updated screen to the switch and cause the changes to take effect on the switch but these changes will not be retained across a power cycle unless a save is performed.
Page 424: Supplicant Port Configuration
D-Link UWS User Manual Port Access Control Supplicant Port Configuration After you have configured a port as a supplicant, use this page to configure operational properties of the port. To access the Supplicant Port Configuration page, click LAN > Security > Port Access Control > Supplicant Port Configuration.
Page 425: Port Status
D-Link UWS User Manual Port Access Control Port Status Use the Port Access Control Port Status page to view information about the port access control settings on a specific port. To access the Port Access Control Port Status page, click Security > Port Access Control > Port Status in the navigation menu.
Page 426: Figure 296: Port Access Control Status - Mac-Based Control Mode
D-Link UWS User Manual Port Access Control Figure 296: Port Access Control Status - MAC-based Control Mode Table 251: Port Access Control Status Fields Field Description Interface Selects the Unit and Port to view. Protocol Version This field displays the protocol version associated with the selected port. The only possible value is 1, corresponding to the first version of the 802.1x...
Page 427 D-Link UWS User Manual Port Access Control Table 251: Port Access Control Status Fields (Cont.) Field Description Authenticator PAE State This field displays the current state of the authenticator PAE state machine. Possible values are as follows: • Initialize • Disconnected •...
Page 428 D-Link UWS User Manual Port Access Control Table 251: Port Access Control Status Fields (Cont.) Field Description Maximum Requests Displays the configured maximum requests for the selected port. The maximum requests value is the maximum number of times the authenticator state machine on this port will retransmit an EAPOL EAP Request/Identity before timing out the supplicant.
Page 429: Port Summary
D-Link UWS User Manual Port Access Control Table 251: Port Access Control Status Fields (Cont.) Field Description Session Termination Action Displays the Termination Action set by the RADIUS Server for the selected port. Possible values are: • Default • Reauthenticate If the termination action is Default then, at the end of the session, the client details are initialized.
Page 430: Table 252: Port Access Control Port Summary Fields
D-Link UWS User Manual Port Access Control Table 252: Port Access Control Port Summary Fields Field Description Interface Selects the Unit and Port to view. Control Mode Displays the port authorization state. The possible field values are: • Auto: Automatically detects the mode of the interface.
Page 431: Port Access Control Statistics
D-Link UWS User Manual Port Access Control Port Access Control Statistics Use the Port Access Control Statistics page to view EAP and EAPOL information on a specific port. To access the Port Based Access Control Statistics page, click Security > Port Based Access Control > Statistics in the navigation menu.
Page 432: Client Summary
D-Link UWS User Manual Port Access Control Table 253: Port Access Control Statistics Fields (Cont.) Field Description EAP Request/ID Frames Displays the number of EAP Requested ID frames transmitted via the port. Transmitted EAP Request Frames Displays the number of EAP Request frames transmitted via the port.
Page 433: Port Access Privileges
D-Link UWS User Manual Port Access Control Port Access Privileges Use the Port Access Control Privileges page to grant or deny port access to users configured on the system. To access the Port Based Access Control Privileges page, click LAN > Security > Port Access Control > Port Access Privileges in the navigation menu.
Page 434: Tacacs+ Settings
TACACS+ Settings TACACS+ Settings D-Link DWS-4000 Series switch provides Terminal Access Controller Access Control System (TACACS+) client support. TACACS+ provides centralized security for validation of users accessing the device. TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes.
Page 435: Tacacs+ Server Configuration
D-Link UWS User Manual TACACS+ Settings TACACS+ Server Configuration Use the TACACS+ Server Configuration page to configure up to five TACACS+ servers with which the switch can communicate. To display the TACACS+ Server Configuration page, click LAN > Security > TACACS+ > Server Configuration in the navigation menu.
Page 436 D-Link UWS User Manual TACACS+ Settings Unified Wired and Wireless Access System D-Link Oct. 2015 Page 436...
Page 437: Section 9: Configuring The Wireless Features
D-Link UWS User Manual Configuring the Wireless Features Section 9: Configuring the Wireless Features The D-Link Unified Switch is a wireless local area network (WLAN) solution that enables WLAN deployment while providing state-of-the-art wireless networking features. It is a scalable solution that provides secure wireless connectivity and seamless layer 2 and layer 3 fast roaming for end users.
Page 438: D-Link Dws-4000 Series Unified Wireless Switch
AP management and streamline the AP upgrade process by pushing configuration profiles and software upgrades from the DWS-4000 Series switch to the managed APs. The DWL-8600AP and DWL-6600AP each have two radios and are capable of broadcasting in the following wireless modes: •...
Page 439: Dws-4000 Series Switch And Ap Discovery Methods
D-Link UWS User Manual Unified Wired and Wireless Access System Components The DWL-3600AP has one radio and is capable of broadcasting in the following wireless modes: • IEEE 802.11b mode • IEEE 802.11g mode • IEEE 802.11n mode (2.4 GHz) The DWL-X600AP access points support up to 16 virtual access points (VAPs) per radio.
Page 440: Ip Address Of Ap Configured In The Switch
D-Link UWS User Manual Unified Wired and Wireless Access System Components IP Address of AP Configured in the Switch If APs are in a different broadcast domain than the DWS-4000 Series switch or use different management VLANs, You can add the IP addresses of the APs to the L3 Discovery list on the switch. The DWS-4000 Series switch sends UDP discovery messages to the IP addresses in its list.
Page 441: Configuring The Dhcp Option
D-Link UWS User Manual Unified Wired and Wireless Access System Components switch-address-2 192.168.19.242 switch-address-3 switch-address-4 dhcp-switch-address-1 dhcp-switch-address-2 dhcp-switch-address-3 dhcp-switch-address-4 managed-mode-watchdog 0 Configuring the DHCP Option You can configure the IP address of the DWS-4000 Series switch as an option in the DHCP response to the DHCP request that the AP sends the DHCP server.
Page 442 D-Link UWS User Manual Unified Wired and Wireless Access System Components 2. From the Available Options list, scroll to Option 43 and select the 043 Vendor Specific Info check box. 3. Enter the Option 43 data into the Data Entry field.
Page 443: Discovery And Peer Switches
D-Link UWS User Manual Unified Wired and Wireless Access System Components Discovery and Peer Switches When multiple peer switches are present in the network, you can control which switch or switches are allowed to discover a particular AP by the discovery method you use.
Page 444: Monitoring Status And Statistics
• Configure the DHCP option 43 with the IP addresses of additional switches in the cluster. Monitoring Status and Statistics The Status/Statistics folder contains links to the following pages that help you monitor the status and statistics for your D-Link Unified Switch network: • Monitoring Status and Statistics •...
Page 445: Figure 303: Global Wlan Status/Statistics
D-Link UWS User Manual Monitoring Status and Statistics Figure 303: Global WLAN Status/Statistics Table 258 on page 446 describes the fields on the Wireless Global Status/Statistics page. Unified Wired and Wireless Access System D-Link Oct. 2015 Page 445...
Page 446: Table 258: Global Wlan Status/Statistics
D-Link UWS User Manual Monitoring Status and Statistics Table 258: Global WLAN Status/Statistics Field Description WLAN Switch This status field displays the operational status of the WLAN Switch. The WLAN Operational Status Switch may be configured as enabled, but is operationally disabled due to configuration dependencies.
Page 447 D-Link UWS User Manual Monitoring Status and Statistics Table 258: Global WLAN Status/Statistics (Cont.) Field Description Discovered Access APs that have a connection with the switch, but haven't been completely configured. Points This value includes all managed APs with a Discovered or Authenticated status.
Page 448 D-Link UWS User Manual Monitoring Status and Statistics Table 258: Global WLAN Status/Statistics (Cont.) Field Description Maximum AP Number of AP provisioning entries that can be stored by the system. Provisioning Entries RRM Channel Load Current number of RRM channel load history entries in use by the system.
Page 449: Viewing Switch Status And Statistics Information
D-Link UWS User Manual Monitoring Status and Statistics Table 258: Global WLAN Status/Statistics (Cont.) Field Description TSPEC Statistics (Voice and Video) Total TSPEC Packets The number of TSPEC packets sent from the wireless client to the AP. The number is Received a total for all APs managed by the switch.
Page 450: Figure 304: Switch Status/Statistics
D-Link UWS User Manual Monitoring Status and Statistics Figure 304: Switch Status/Statistics Table 258 on page 446 describes the fields on the Wireless Global Status page. Table 259: Switch Status/Statistics Field Description Total Access Points Total number of Managed APs in the database. This value is always equal to the sum of Managed Access Points, Connection Failed Access Points, and Discovered Access Points.
Page 451 D-Link UWS User Manual Monitoring Status and Statistics Table 259: Switch Status/Statistics Field Description Maximum Managed Maximum number of access points that can be managed by the switch. Access Points WLAN Utilization Total network utilization across all APs managed by this switch. This is based on global statistics.
Page 452 D-Link UWS User Manual Monitoring Status and Statistics Table 259: Switch Status/Statistics Field Description TSPEC Statistics (Voice and Video) Total TSPEC Packets The number of TSPEC packets sent from the wireless client to the AP. The number is Received a total for all APs managed by the switch.
Page 453: Viewing Ip Discovery Status
D-Link UWS User Manual Monitoring Status and Statistics Viewing IP Discovery Status From the WLAN > Monitoring > Global > IP Discovery tab, you can view information about communication with the devices in the IP discovery list on the WLAN > Administration > Basic Setup > Discovery page.
Page 454 D-Link UWS User Manual Monitoring Status and Statistics Table 260: AP Hardware Capability Radio Detail (Cont.) Field Description IP Address Shows the IP address of the device configured in the IP Discovery list. Status The status is in one of the following states: •...
Page 455: Viewing The Peer Switch Configuration Received Status
D-Link UWS User Manual Monitoring Status and Statistics Viewing the Peer Switch Configuration Received Status The Peer Switch Configuration feature allows you to send the critical wireless configuration from one switch to all other switches. In addition to keeping the switches synchronized, this function enables the administrator to manage all wireless switches in the cluster from one switch.
Page 456: Viewing The Ap Hardware Capability List
D-Link UWS User Manual Monitoring Status and Statistics Table 261: Peer Switch Configuration (Cont.) Field Description Configuration Indicates which portions of configuration were last received from a peer switch, which can be one or more of the following: • Global •...
Page 457: Ap Hardware Radio Capability
D-Link UWS User Manual Monitoring Status and Statistics Table 262 describes the fields available on the AP Hardware Capabilities page. Table 262: AP Hardware Capability Summary Field Description Hardware Type Identifies the ID number assigned to each AP hardware type. The switch supports up to six different AP hardware types.
Page 458: Ap Image Capability
D-Link UWS User Manual Monitoring Status and Statistics AP Image Capability The switch is able to update software on the access points that it manages. To update the AP with the correct software, the UWS can store up to three AP software images to support different AP hardware types. This page displays the image ID-to-hardware type mapping.
Page 459: Peer Switch Status
D-Link UWS User Manual Monitoring Status and Statistics Peer Switch Status The Peer Switch Status page provides information about other Unified Wireless Switches in the network. To access the peer switch information, click WLAN > Monitoring > Peer Switch. Peer wireless switches within the same cluster exchange data about themselves, their managed APs, and clients.
Page 460: Viewing Peer Switch Configuration Status
D-Link UWS User Manual Monitoring Status and Statistics Viewing Peer Switch Configuration Status You can push portions of the switch configuration from one switch to another switch in the cluster. The Peer Switch Configuration Status page displays information about the configuration sent by a peer switch in the cluster.
Page 461: Viewing Peer Switch Managed Ap Status
D-Link UWS User Manual Monitoring Status and Statistics Command Buttons The page includes the following button: • Refresh—Updates the page with the latest information. Viewing Peer Switch Managed AP Status The Peer Switch Managed AP Status page displays information about the APs that each peer switch in the cluster manages.
Page 462: All Ap Status
The network address of the access point. Software Version Shows the version of D-Link Access Point software that the AP is running. Shows how much time has passed since the AP was last detected and the information was last updated.
Page 463 D-Link UWS User Manual Monitoring Status and Statistics Table 268: Monitoring All Access Points (Cont.) Field Description Status Shows the access point status: • Managed—The AP profile configuration has been applied to the AP and it's operating in managed mode.
Page 464: Managed Ap Status
D-Link UWS User Manual Monitoring Status and Statistics Table 268: Monitoring All Access Points (Cont.) Field Description Radio Shows the wireless radio mode the AP is using. Channel Shows the operating channel for the radio. Authenticated Clients Shows the number of wireless clients that are associated and authenticated with the access point per radio.
Page 465: Monitoring Ap Status
D-Link UWS User Manual Monitoring Status and Statistics Monitoring AP Status The following figure shows the Managed Access Point Status page with two managed APs. Figure 314: Managed AP Status The following tabs are available from the Managed AP Status page: •...
Page 466 D-Link UWS User Manual Monitoring Status and Statistics Table 269: Managed Access Point Status (Cont.) Field Description IP Address The network IP address of the managed AP. Software Version The software version the AP is currently running. Time since last communication between the DWS-4000 Series switch and the AP.
Page 467: Viewing Detailed Managed Access Point Status
D-Link UWS User Manual Monitoring Status and Statistics Note: You can sort the list of APs by clicking any of the column headings. For example, to sort the APs by the profile they use, click Profile. Command Buttons The page includes the following buttons: •...
Page 468 D-Link UWS User Manual Monitoring Status and Statistics Table 270: Detailed Managed Access Point Status (Cont.) Field Description Code Download Status Indicates the current status of a code download request for this AP. The possible values include the following: • Not Started: No download has begun.
Page 469 IP address. • Switch IP DHCP: The managed AP learned the current DWL-X600AP IP address through DHCP option 43. • L2 Poll Received: The AP was discovered through the D-Link Wireless Device Discovery protocol. Protocol Version Indicates the protocol version supported by the software on the AP, which is learned from the AP during discovery.
Page 470 D-Link UWS User Manual Monitoring Status and Statistics • Back—Returns to the Managed AP Status page. Unified Wired and Wireless Access System D-Link Oct. 2015 Page 470...
Page 471: Viewing Managed Access Point Radio Summary Information
D-Link UWS User Manual Monitoring Status and Statistics Viewing Managed Access Point Radio Summary Information You can view general information about each operational radio on all APs managed by the switch. The Managed Access Point Radio Summary page shows the channel, transmit power, and number of associated wireless clients for all managed APs.
Page 472 D-Link UWS User Manual Monitoring Status and Statistics Table 272: Managed AP Radio Detail (Cont.) Field Description Manual Channel Indicates the current state of a manual request to change the channel on this radio. Adjustment Status The valid values are: •...
Page 473: Viewing Managed Access Point Neighbor Aps
D-Link UWS User Manual Monitoring Status and Statistics Table 272: Managed AP Radio Detail (Cont.) Field Description Medium Time Current sum of medium time (bandwidth) allocated to clients using a traffic stream Admitted on the radio. Medium time is measured in 32 μsec/sec units.
Page 474: Viewing Clients Associated With Neighbor Access Points
The Ethernet MAC address of the neighbor AP network, this could be a physical radio interface or VAP MAC address. For D-Link APs this is always a VAP MAC address. The neighbor AP MAC address may be cross-referenced in the RF Scan status.
Page 475: Table 275: Neighbor Ap Clients
D-Link UWS User Manual Monitoring Status and Statistics Table 275 describes the fields you see on the Neighbor Clients page for the managed access point status. Table 275: Neighbor AP Clients Field Description Neighbor Client MAC The Ethernet address of client station.
Page 476: Viewing Managed Access Point Vaps
D-Link UWS User Manual Monitoring Status and Statistics Viewing Managed Access Point VAPs There are 16 virtual access points (VAPs) available on each radio of an AP. For each radio of an access point managed by the switch, you can view a summary of the VAP configuration and the number of wireless clients associated with a particular VAP.
Page 477: Table 277: Managed Access Point Vap Tspec Status
D-Link UWS User Manual Monitoring Status and Statistics The following table describes the fields you see on the VAP TSPEC page. Table 277: Managed Access Point VAP TSPEC Status Field Description VAP ID The integer ID used to identify the VAP (0-15), this is used to uniquely identify the VAP for configuration via CLI/SNMP.
Page 478: Viewing Distributed Tunneling Information
D-Link UWS User Manual Monitoring Status and Statistics Viewing Distributed Tunneling Information The AP-AP tunneling mode is used to support L3 roaming for wireless clients without forwarding any data traffic to the wireless switch. In the AP-AP tunneling mode, when a client first associates with an AP in the wireless system, the AP forwards the wireless client’s data using VLAN forwarding mode.
Page 479: Managed Access Point Statistics
D-Link UWS User Manual Monitoring Status and Statistics Managed Access Point Statistics The managed AP statistics page shows information about traffic on the wired and wireless interfaces of the access point. This information can help diagnose network issues, such as throughput problems.
Page 480: Viewing Managed Access Point Ethernet Statistics
D-Link UWS User Manual Monitoring Status and Statistics Note: You can sort the list of APs by clicking any of the column headings. For example, to sort the APs by the number of packets transmitted, click Packets Transmitted. Command Buttons The page includes the following button: •...
Page 481 D-Link UWS User Manual Monitoring Status and Statistics Table 281: Detailed Managed Access Point Statistics (Cont.) Field Description WLAN Bytes Receive Dropped Number of bytes received by the AP on the wireless network that were dropped. WLAN Packets Transmit Dropped Number of packets transmitted by the AP on the wireless network that were dropped.
Page 482: Viewing Managed Access Point Radio Statistics
D-Link UWS User Manual Monitoring Status and Statistics Viewing Managed Access Point Radio Statistics The radio statistics show detailed information about the packets and bytes transmitted and received on the radio (wireless) interface of a particular access point managed by the switch.
Page 483: Viewing Managed Access Point Vap Statistics
D-Link UWS User Manual Monitoring Status and Statistics Table 282: Managed Access Point Radio Statistics Field Description Frames Transmitted Count of each successfully transmitted MSDU. WEP Undecryptable Count Count of encrypted frames received and the key configuration of the transmitter indicates that the frame should not have been encrypted or that frame was discarded due to the receiving station not implementing the privacy option.
Page 484: Viewing Distributed Tunneling Statistics
D-Link UWS User Manual Monitoring Status and Statistics Table 283: Managed Access Point VAP Statistics Field Description Client Association Failures Number of clients that have been denied association to the VAP. Client Authentication Failures Number of clients that have failed authentication to the VAP.
Page 485 D-Link UWS User Manual Monitoring Status and Statistics Table 284: Managed Access Point Distributed Tunneling Statistics Field Description Roamed Clients Age Timed Out Number of Clients that roamed away from this AP and were timed out due to age of the tunnel.
Page 486: Ap Authentication Failure Status
D-Link UWS User Manual Monitoring Status and Statistics AP Authentication Failure Status An AP might fail to associate to the switch due to errors such as invalid packet format or vendor ID, or because the AP is not configured as a valid AP with the correct local or RADIUS authentication information.
Page 487: Table 285: Access Point Authentication Failure Status
D-Link UWS User Manual Monitoring Status and Statistics Click the MAC address of the AP to view more information about the AP. If the AP is not a D-Link AP, some values are unknown. Table 285: Access Point Authentication Failure Status...
Page 488: Viewing Details About Ap Authentication Failures
D-Link UWS User Manual Monitoring Status and Statistics Viewing Details About AP Authentication Failures To view additional data (beacon information) for an AP in the authentication failure list, click the MAC address of the AP. Figure 317: AP Authentication Failure Details The following table describes the fields on the detailed Access Point Authentication Failure Status page.
Page 489: Ap Rf Scan Status
D-Link UWS User Manual Monitoring Status and Statistics Table 286: Access Point Authentication Failure Details (Cont.) Field Description Switch IP Address Shows the MAC address of the switch in the cluster that reported the AP authentication failure. Validation Failures The count of association failures for this AP.
Page 490: Figure 318: Rf Scan
MAC Address The Ethernet MAC address of the detected AP. This could be a physical radio interface or VAP MAC. For D-Link APs this is always a VAP MAC address. SSID Service Set ID of the network, which is broadcast in the detected beacon frame.
Page 491: Viewing Details About An Ap Detected In The Rf Scan
D-Link UWS User Manual Monitoring Status and Statistics Command Buttons The page includes the following buttons: • Delete All—Clears all APs from the RF scan list. The list repopulates as the APs are discovered. • Manage—Configures a Rogue AP to be managed by the switch the next time it is discovered. The switch adds the selected AP to the Valid AP database as a Managed AP and assigns it the default AP profile.
Page 492: Table 288: Detailed Access Point Rf Scan Status
MAC Address The Ethernet MAC address of the detected AP. This could be a physical radio interface or VAP MAC. For D-Link APs this is always a VAP MAC address. SSID Service Set ID of the network, which is broadcast in the detected beacon frame.
Page 493: Viewing Ap Triangulation Information
The Ethernet MAC address of the detected AP. This could be a physical radio Address interface or VAP MAC. For D-Link APs this is always a VAP MAC address. Sentry Identifies whether the AP that detected the entry is in sentry or non-sentry mode.
Page 494: Viewing Wids Ap Rogue Classification Information
D-Link UWS User Manual Monitoring Status and Statistics Command Buttons The page includes the following button: • Refresh—Updates the page with the latest information. Viewing WIDS AP Rogue Classification Information The Wireless Intrusion Detection System (WIDS) can help detect intrusion attempts into the wireless network and take automatic actions to protect the network.
Page 495: Table 290: Wids Ap Rogue Classification
MAC Address The Ethernet MAC address of the detected AP. This could be a physical radio interface or VAP MAC. For D-Link APs this is always a VAP MAC address. Status Indicates the managed status of the AP, whether this is a valid AP known to the switch or a Rogue on the network.
Page 496: Ap De-Authentication Attack Status
D-Link UWS User Manual Monitoring Status and Statistics AP De-Authentication Attack Status The AP De-Authentication Attack Status page contains information about rogue APs that the Cluster Controller has attacked by using the de-authentication attack feature. The wireless switch can protect against rogue APs by sending de-authentication messages to the rogue AP. The de-authentication attack feature must be globally enabled in order for the wireless system to do this function.
Page 497: Associated Client Status/Statistics
D-Link UWS User Manual Monitoring Status and Statistics Command Buttons The page includes the following button: • Refresh—Updates the page with the latest information. Associated Client Status/Statistics You can view a variety of information about the wireless clients that are associated with the APs the switch manages.
Page 498: Viewing Associated Client Summary Status
D-Link UWS User Manual Monitoring Status and Statistics Since the associated client database supports roaming across APs, an entry is not removed when a client disassociates from a specific AP. After a client has disassociated, the entry is deleted after the client times out.
Page 499: Viewing Detailed Associated Client Status
D-Link UWS User Manual Monitoring Status and Statistics Table 292: Associated Client Status Summary Field Description Status Indicates whether or not the client has associated and/or authenticated. The valid values are: • Associated: The client is currently associated to the managed AP.
Page 500: Table 293: Detailed Associated Client Status
D-Link UWS User Manual Monitoring Status and Statistics Table 293: Detailed Associated Client Status Field Description SSID Indicates the network on which the client is connected. BSSID Indicates the Ethernet MAC address for the managed AP VAP where this client is associated.
Page 501: Viewing Associated Client Qos Status
D-Link UWS User Manual Monitoring Status and Statistics Table 293: Detailed Associated Client Status (Cont.) Field Description Captive Portal If client is authenticated via Captive Portal, this field contains a link to the associated Captive Portal client status page. Note: This field is visible only for Captive Portal-enabled switch configurations.
Page 502: Viewing Associated Client Neighbor Ap Status
D-Link UWS User Manual Monitoring Status and Statistics Table 294: Associated Client QoS Status (Cont.) Field Description Bandwidth Limit Down Shows the maximum rate at which the client receives traffic from the AP in bits per second. The rate shown in this field is the configured value rounded down to the nearest 64 kbps, A value of 0 means no bandwidth limiting is in effect in this direction.
Page 503: Viewing Associated Client Distributed Tunneling Status
D-Link UWS User Manual Monitoring Status and Statistics Table 295: Associated Client Neighbor AP Status (Cont.) Field Description Discovery Reason Indicates one or more discovery methods for the neighbor client. One or more of the following values may be displayed: •...
Page 504: Table 296: Associated Client Distributed Tunneling Status
D-Link UWS User Manual Monitoring Status and Statistics Table 296 describes the information available on the Distributed Tunneling page for the associated client status. Table 296: Associated Client Distributed Tunneling Status Field Description Distributed Tunneling Status Indicates whether this client is associated with a network that supports L2 distributed tunneling.
Page 505: Viewing Associated Client Tspec Status
D-Link UWS User Manual Monitoring Status and Statistics Viewing Associated Client TSPEC Status The TSPEC page for the associated client status shows information about a client’s active traffic streams. If there are no associated clients with active traffic streams, the page displays a message indicating that there are no traffic streams for any associated clients.
Page 506: Viewing Associated Client Rrm Status
D-Link UWS User Manual Monitoring Status and Statistics Table 297: Associated Client TSPEC Status (Cont.) Field Description Radio Radio number to which the client is associated. Roam TS (managed AP only) Indicates whether this traffic stream was established by a roaming client.
Page 507: Viewing Associated Client Ssid Status
D-Link UWS User Manual Monitoring Status and Statistics Table 298: Associated Client RRM Status (Cont.) Field Description RRM Beacon Passive Measurement Indicates whether the client supports passive scan capability. Mode RRM Channel Load Measurement Mode Indicates whether the client supports channel load measurement...
Page 508: Viewing Associated Client Vap Status
D-Link UWS User Manual Monitoring Status and Statistics Viewing Associated Client VAP Status Each AP has 16 Virtual Access Points (VAPs) per radio, and every VAP has a unique MAC address (BSSID). The WLAN > Monitoring > Client > Associated Clients > VAP Status tab displays the VAP Associated Client Status page which shows information about the VAPs on the managed AP that have associated wireless clients.
Page 509: Switch Associated Client Status
D-Link UWS User Manual Monitoring Status and Statistics Switch Associated Client Status The WLAN > Monitoring > Client > Associated Clients > Switch Status tab displays the Switch Associated Client Status page which shows information about the switch that manages the AP to which the client is associated.
Page 510: Viewing Associated Client Statistics
D-Link UWS User Manual Monitoring Status and Statistics Viewing Associated Client Statistics A wireless client can roam among APs without interruption in WLAN service. The DWS-4000 Series switch tracks the traffic the client sends and receives during the entire wireless session while the client roams among APs that the switch manages.
Page 511: Viewing Associated Client Session Summary Statistics
D-Link UWS User Manual Monitoring Status and Statistics Viewing Associated Client Session Summary Statistics The statistics on the WLAN > Monitoring > Client > Associated Clients > Statistics > Session Summary page show information about the traffic a wireless client receives and transmits while it is connected to the same WLAN network shared by APs that the switch manages.
Page 512: Viewing Detailed Associated Client Association Statistics
D-Link UWS User Manual Monitoring Status and Statistics Viewing Detailed Associated Client Association Statistics The statistics on the WLAN > Monitoring > Client > Associated Clients > Statistics > Association Detail tab displays the Associated Client Statistics page. This page shows information about the traffic a wireless client receives and transmits while it is associated with a single AP.
Page 513: Viewing Detailed Associated Client Session Statistics
D-Link UWS User Manual Monitoring Status and Statistics Table 304: Associated Client Association Detail Statistics (Cont.) Field Description Duplicates Received Total duplicate packets received from the client station. Command Buttons The page includes the following button: • Refresh—Updates the page with the latest information.
Page 514: Viewing Detailed Associated Client Tspec Statistics
D-Link UWS User Manual Monitoring Status and Statistics Table 305: Associated Client Session Detail Statistics (Cont.) Field Description Fragments Received Total fragmented packets received from the client station. Fragments Transmitted Total fragmented packets transmitted to the client station. Transmit Retries Number of times transmits to client station succeeded after one or more retries.
Page 515: Ad Hoc Client Status
D-Link UWS User Manual Monitoring Status and Statistics Table 306: Associated Client TSPEC Statistics Field Description TS Packets Received Count of packets received by an AP from a wireless client for the specified access category. TS Bytes Received Count of bytes received by an AP from a wireless client for the specified access category.
Page 516: Detected Client Status
D-Link UWS User Manual Monitoring Status and Statistics Table 307: Ad Hoc Client Status Field Description MAC Address The Ethernet address of the client. If the Detection Mode is Beacon then the client is represented as an AP in the RF Scan database and the Neighbor AP List. If the Detection Mode is Data Frame then the client information is in the Neighbor Client List.
Page 517: Figure 340: Detected Client Status
D-Link UWS User Manual Monitoring Status and Statistics Figure 340: Detected Client Status To learn more about a client listed on the page, click the MAC address of the client. Table 308: Detected Client Status Field Description MAC Address The Ethernet address of the client.
Page 518: Viewing Detailed Detected Client Status
D-Link UWS User Manual Monitoring Status and Statistics • Acknowledge All Rogues—Clear the rogue status of all clients listed as rogues in the Detected Client database, The status of an acknowledge client is returned to the status it had when it was first detected. If the detected client fails any of the tests that classify it as a threat, it will be listed as a Rogue again •...
Page 519 D-Link UWS User Manual Monitoring Status and Statistics Table 309: Detailed Detected Client Status (Cont.) Field Description Authentication Status Indicates whether this client is authenticated. Note: The Client Status can be Rogue, but the authentication status can still be Authenticated.
Page 520: Viewing Wids Client Rogue Classification
D-Link UWS User Manual Monitoring Status and Statistics Table 309: Detailed Detected Client Status (Cont.) Field Description Broadcast BSSID Probes Shows the number of probes to broadcast BSSID in the last RF Scan. Broadcast SSID Probes Shows the number of probes to broadcast SSID in the last RF Scan.
Page 521: Figure 342: Wids Client Rogue Classification
D-Link UWS User Manual Monitoring Status and Statistics Figure 342: WIDS Client Rogue Classification The following table shows information about the security test performed on the detected client. Table 310: WIDS Client Rogue Classification Field Description MAC Address The Ethernet MAC address of the detected wireless client.
Page 522 D-Link UWS User Manual Monitoring Status and Statistics • Refresh—Updates the page with the latest information. Unified Wired and Wireless Access System D-Link Oct. 2015 Page 522...
Page 523: Viewing Detected Client Pre-Authentication History
D-Link UWS User Manual Monitoring Status and Statistics Viewing Detected Client Pre-Authentication History To help authenticated clients roam without losing sessions and needing to re-authenticate, wireless clients can attempt to authenticate to other APs within range that the client could possibly associate with. For successful pre-authentication, the target AP must have a VAP with an SSID and security configuration that matches that of the client, including MAC authentication, encryption method, and pre-shared key or RADIUS parameters.
Page 524: Viewing Detected Client Triangulation
D-Link UWS User Manual Monitoring Status and Statistics Viewing Detected Client Triangulation The Detected Client Triangulation page lists up to three non-sentry and three sentry managed APs that have detected the client. The signal strength reported by the APs can help triangulate the location of the client.
Page 525: Viewing Detected Client Roam History
D-Link UWS User Manual Monitoring Status and Statistics Viewing Detected Client Roam History The wireless system keeps a record of clients as they roam from one managed AP to another managed AP. A history of up to 10 APs is kept for each client. The Detected Client Roam History page shows the managed APs with which the client has associated.
Page 526: Detected Client Pre-Authentication Summary
D-Link UWS User Manual Monitoring Status and Statistics Detected Client Pre-Authentication Summary To help authenticated clients roam without losing sessions and needing to re-authenticate, wireless clients can attempt to authenticate to other APs within range that the client could possibly associate with. For successful pre-authentication, the target AP must have a VAP with an SSID and security configuration that matches that of the client, including MAC authentication, encryption method, and pre-shared key or RADIUS parameters.
Page 527: Detected Client Roam History Summary
D-Link UWS User Manual Monitoring Status and Statistics Detected Client Roam History Summary The wireless system keeps a record of clients as they roam from one managed AP to another managed AP. A history of up to 10 APs is kept for each client. The Detected Client Roam History Summary page lists each client that has roamed from at least one AP and provides information about the roaming history.
Page 528: Radio Resource Measurement Status Information
D-Link UWS User Manual Monitoring Status and Statistics Radio Resource Measurement Status Information The Radio Resource Measurement (RRM) feature enables the Wireless System to provide information to the wireless clients to help them make roaming decisions. The RRM feature also enables the Wireless system to gather information from wireless clients.
Page 529 D-Link UWS User Manual Monitoring Status and Statistics Table 316: RRM Channel Load Configuration (Cont.) Field Description Channel Load Status of the current measurement, which is one of the following: Measurement Status • Not Started • In Progress • Success—Last measurement completed.
Page 530: Viewing The Rrm Channel Load History
D-Link UWS User Manual Monitoring Status and Statistics Viewing the RRM Channel Load History The RRM Channel Load History page shows the last 100 channel load history entries. If a new entry is added when the list is full then the oldest entry is purged.
Page 531: Viewing Rrm Neighbors
D-Link UWS User Manual Monitoring Status and Statistics Viewing RRM Neighbors The RRM Neighbors Summary page shows neighbor information for each VAP. This table is visible only from the Cluster Controller. The Cluster Controller builds the neighbor summary table from RF Scan reports, from the list of managed APs in the cluster, and from the information available in the profile configuration database.
Page 532: Wds-Managed Ap Information
D-Link UWS User Manual Monitoring Status and Statistics WDS-Managed AP Information The Wireless Distribution System (WDS)-Managed AP feature allows you to add managed APs to the cluster using over-the-air WDS links through other managed APs. With WDS, APs may be located outdoors where wired connection to the data network is unavailable, or in remote buildings that are not connected to the main campus with a wired network.
Page 533: Wds Ap Group Status
D-Link UWS User Manual Monitoring Status and Statistics Table 319: WDS Group Status Summary (Cont.) Field Description Configured WDS Link Number of configured bidirectional links in the WDS AP group. Count Detected WDS Links Number of WDS links detected in the system. APs on both sides of the link must Count detect each other in order for the link to be counted.
Page 534 D-Link UWS User Manual Monitoring Status and Statistics Table 320: WDS AP Group Status (Cont.) Field Description Satellite AP Count Number of satellite APs currently being managed by the switch that are members of this WDS AP group. Root Bridge AP MAC MAC Address of the device elected as the Spanning Tree Root Bridge.
Page 535: Wds Group Ap Status Summary
D-Link UWS User Manual Monitoring Status and Statistics WDS Group AP Status Summary The WDS AP Group Status Summary page displays summary information about the APs in a configured WDS group. Figure 353: WDS AP Group Status Summary The following table describes the fields on the WDS AP Group Status Summary page.
Page 536: Wds Ap Link Status Summary
D-Link UWS User Manual Monitoring Status and Statistics Command Buttons The page includes the following button: • Refresh — Updates the page with the latest information. WDS AP Link Status Summary The WDS AP Link Status Summary page displays summary information about the link configuration and link state in a WDS group.
Page 537 D-Link UWS User Manual Monitoring Status and Statistics Table 322: WDS AP Link Status Summary Field Description Source State Spanning Tree State of the link on the source AP, which is one of the following: • Disabled ( is disabled or Link is down) •...
Page 538: Wds Group Link Statistics Summary
D-Link UWS User Manual Monitoring Status and Statistics WDS Group Link Statistics Summary The WDS Group Link Statistics Summary page displays summary information about the packets sent and received on the WDS links. Figure 355: WDS Group Link Statistics Summary The following table describes the fields on the WDS AP Link Status Summary page.
Page 539: Basic Setup
D-Link UWS User Manual Basic Setup Basic Setup The WLAN > Administration > Basic Setup page contains several tabs that allow you to access Web pages to configure global wireless settings for the DWS-4000 Series switch, device discovery settings, and default AP profile settings.
Page 540: Table 324: Basic Wireless Global Configuration
D-Link UWS User Manual Basic Setup The following table describes the fields available on the Wireless Global Configuration page. Table 324: Basic Wireless Global Configuration Field Description Enable WLAN Switch Select this option to enable WLAN switching functionality on the system. Clear the option to administratively disable the WLAN switch.
Page 541 D-Link UWS User Manual Basic Setup Table 324: Basic Wireless Global Configuration (Cont.) Field Description IP Address This field shows the IP address of the WLAN interface on the switch. If the switch does not have the Routing Package installed, or if routing is disabled, the IP address is the network interface.
Page 542 D-Link UWS User Manual Basic Setup Table 324: Basic Wireless Global Configuration (Cont.) Field Description RADIUS Server Configuration RADIUS Authentication Enter the name of the RADIUS server used for AP and client authentications when a Server Name network-level RADIUS server is not defined on the WAN > Basic Setup > SSID >...
Page 543 D-Link UWS User Manual Basic Setup Table 324: Basic Wireless Global Configuration (Cont.) Field Description Regenerate X.509 Status of the request to generate an X.509 certificate. To initiate X.509 certificate Certificate Status generation, go to the Advanced Configuration > Switch Provisioning page.
Page 544: Wireless Discovery Configuration
D-Link UWS User Manual Basic Setup Wireless Discovery Configuration The DWS-4000 Series switch can discover, validate, authenticate, or monitor the following system devices: • Peer wireless switches • APs • Wireless clients • Rogue APs • Rogue wireless clients The DWS-4000 Series switch can discover peer wireless switches and APs regardless of whether these devices are connected to each other, located in the same Layer 2 broadcast domain, or attached to different IP subnets.
Page 545: L3/Ip Discovery
D-Link UWS User Manual Basic Setup Figure 357: Wireless Discovery Configuration In order for the DWS-4000 Series switch to discover other WLAN devices and establish communication with them, the devices must have their own IP address, must be able to find other WLAN devices, and must be compatible.
Page 546: L2/Vlan Discovery
IP address you entered, navigate to the WLAN > Monitoring > Global > IP Discovery tab. L2/VLAN Discovery The D-Link Wireless Device Discovery Protocol is a good discovery method to use if the DWS-4000 Series switch and APs are located in the same Layer 2 multicast domain. The DWS-4000 Series switch periodically sends a multicast packet containing the discovery message on each VLAN enabled for discovery.
Page 547 D-Link UWS User Manual Basic Setup Table 326: L2/VLAN Discovery Field Description VLAN To add entries to the VLAN List, enter a valid VLAN ID (1 - 4094) and click Add. Once all desired entries are added, click submit to save the list in the running configuration.
Page 548: Profile
(a/b/g or a/b/g/n). The options available in the Hardware Type ID are: • Any (can support all models in the DWL-X600AP family) • DWL-8600AP Dual Radio a/b/g/n • DWL-3600AP Single Radio b/g/n • DWL-6600AP Dual Radio a/b/g/n...
Page 549: Radio Configuration
D-Link UWS User Manual Basic Setup Radio Configuration In order to accommodate a broad range of wireless clients and wireless network requirements, the DWL-8600AP and DWL-6600AP support two radios. Radio 1 can broadcast in one of the following modes: • IEEE 802.11a mode •...
Page 550: Table 328: Radio Settings
D-Link UWS User Manual Basic Setup The following table describes the fields you can configure from the Radio tab on the Basic Setup page. To change the settings on this page, you must first select the radio you want to configure (1 or 2). After you change the settings, click Submit to apply the settings.
Page 551 D-Link UWS User Manual Basic Setup Table 328: Radio Settings (Cont.) Field Description Mode The Mode defines the Physical Layer (PHY) standard the radio uses. Select one of the following modes for each radio interface. Radio 1 supports: • IEEE 802.11a is a PHY standard that specifies operating in the 5 GHz U-NII band using orthogonal frequency division multiplexing (OFDM).
Page 552 D-Link UWS User Manual Basic Setup Table 328: Radio Settings (Cont.) Field Description RTS Threshold Specify a Request to Send (RTS) Threshold value between 0 and 2347. The RTS threshold indicates the number of octets in an MPDU, below which an RTS/ CTS handshake is not performed.
Page 553 D-Link UWS User Manual Basic Setup Table 328: Radio Settings (Cont.) Field Description Automatic Channel The channel defines the portion of the radio spectrum that the radio uses for transmitting and receiving. The range of channels and the default channel are determined by the Mode of the radio interface.
Page 554 D-Link UWS User Manual Basic Setup Table 328: Radio Settings (Cont.) Field Description RF Scan Sentry Select this option to allow the radio to operate in sentry mode. When the RF Scan Sentry option is selected, the radio primarily performs dedicated RF scanning.
Page 555: Wireless Default Vap Configuration
D-Link UWS User Manual Basic Setup • Clear—Resets the settings on the page to the default values. • Submit—Updates the switch with the values you enter. To retain the new values across a power cycle, you must perform a save on the WLAN switch (not the AP).
Page 556: Table 329: Default Vap Configuration
D-Link UWS User Manual Basic Setup The following table describes the fields on the SSID page. Table 329: Default VAP Configuration Field Description Radio 1 You configure the VAPs for Radio 1 and Radio 2 separately. Select the radio to configure the settings for before you enable the VAP.
Page 557: Configuring The Default Network
D-Link UWS User Manual Basic Setup Configuring the Default Network Each network is identified by its Service Set Identifier (SSID), which is an alphanumeric key that identifies a wireless local area network. You can configure up to 64 different networks on the DWS-4000 Series switch.
Page 558: Table 330: Wireless Network Configuration
The nodes in a VLAN share resources and bandwidth and are isolated on that network. The D-Link Unified Switch supports the configuration of a wireless VLAN. You can configure each VAP to be on a unique VLAN or on the same VLAN as other VAPs.
Page 559 D-Link UWS User Manual Basic Setup Table 330: Wireless Network Configuration (Cont.) Field Description L3 Tunnel Status This field shows the status of L3 Tunneling. In order for tunnel to be completely configured, routing must be enabled and the switch must have a routing interface IP address that is in the tunnel subnet.
Page 560 D-Link UWS User Manual Basic Setup Table 330: Wireless Network Configuration (Cont.) Field Description L2 Distributed The distributed L2 tunneling mode supports L3 roaming for wireless clients without Tunneling Mode forwarding any data traffic to the DWS-4000 Series switch. Use the menu to enable or disable the mode.
Page 561 Select this option to enable RADIUS accounting for wireless clients. Security The default AP profile does not use any security mechanism by default. In order to protect your network, D-Link strongly recommends that you select a security mechanism so that unauthorized wireless clients cannot gain access to your network.
Page 562 D-Link UWS User Manual Basic Setup Table 330: Wireless Network Configuration (Cont.) Field Description Client QoS Bandwidth Enter the maximum allowed transmission rate from the AP to the wireless client in Limit Down bits per second. The valid range is 0-4294967295 bps.
Page 563 D-Link UWS User Manual Basic Setup Table 330: Wireless Network Configuration (Cont.) Field Description Client QoS DiffServ Select the name of the DiffServ policy applied to traffic sent to the AP in the inbound Policy Up (up) direction. Only existing DiffServ policies are listed in the menu. To create a DiffServ policy, use the pages in the LAN >...
Page 564: Configuring Ap Security
Basic Setup Configuring AP Security The Default AP profile does not use any security mechanism by default. To protect your network, D-Link strongly recommends that you select a security mechanism so that unauthorized wireless clients cannot gain access to your network.
Page 565: Figure 363: Static Wep Configuration
D-Link UWS User Manual Basic Setup If you select WEP as the Security Mode, additional fields display, as the following figure shows. Figure 363: Static WEP Configuration Table 331 describes the configuration options for WEP. Table 331: Static WEP Field...
Page 566: Static Wep Rules
D-Link UWS User Manual Basic Setup Table 331: Static WEP (Cont.) Field Description WEP Key Length Specify the length of the key by clicking one of the radio buttons: • 64 bits • 128 bits The Transfer Key Index indicates which WEP key the access point uses to encrypt the data it transmits.
Page 567: Figure 364: Wpa Personal Configuration
• WPA: If all client stations on the network support the original WPA but none support the newer WPA2, then select WPA. • WPA2: If all client stations on the network support WPA2, D-Link suggests using WPA2 which provides the best security per the IEEE 802.11i standard.
Page 568 D-Link UWS User Manual Basic Setup Table 332: WPA Security (Cont.) Field Description WPA Key Type The key type is ASCII, which includes upper and lower case alphabetic letters, the numeric digits, and special symbols such as @ and #.
Page 569: Valid Access Point Summary
D-Link UWS User Manual Basic Setup Valid Access Point Summary The Wireless Global Configuration page contains a field to select whether to use a local or RADIUS database for AP Validation. The Valid Access Point Summary page contains information about APs configured in the local database.
Page 570: Valid Access Point Configuration
D-Link UWS User Manual Basic Setup Table 333: Valid Access Point Summary Field Description Profile This field displays the AP profile assigned to the AP. To assign a different profile to the AP, click the MAC address of the AP to go to the Valid Access Point Configuration page.
Page 571: Figure 366: Configuring A Valid Ap
See the following table for the Standalone mode field descriptions. • Managed: The AP is part of the D-Link Unified Switch, and you manage it by using the DWS-4000 Series switch. If an AP is in Managed Mode, the Administrator Web UI and SNMP services on the AP are disabled.
Page 572 D-Link UWS User Manual Basic Setup Table 334: Valid AP Configuration (Cont.) Field Description Forced Roaming Forced Roaming aims to improve users network experience by forcing a client to disassociate with the already associated UAP, where the radio signal strength among the client and the UAP is below the configured threshold.
Page 573: Table 335: Valid Ap Configuration (Standalone Mode)
D-Link UWS User Manual Basic Setup Standalone APs are managed individually, and not by using a D-Link Unified Switch. By including standalone APs in the Valid AP database and specifying their expected settings, you can help ensure that only legitimate APs are on your network.
Page 574: Local Oui Database Summary
D-Link UWS User Manual Basic Setup Local OUI Database Summary To help identify AP and Wireless Client adapter manufacturers detected in the wireless network, the wireless switch contains a database of registered Organizationally Unique Identifiers (OUIs). This is a read-only list with over 10,000 registrations.
Page 575: Ap Management
D-Link UWS User Manual AP Management AP Management The AP Management folder contains links to the following pages that help you manage and maintain the APs on your D-Link Unified Switch network: • Reset • RF Management • Access Point Software Download •...
Page 576: Rf Management
IEEE 802.11 mode (also referred to as band) of the access point. The DWL-8600AP and DWL-6600AP are dual-band systems capable of operating in the 2.4 GHz and 5 GHz frequencies. The DWL-3600 is a single-band system and operates in the 2.4 GHz frequency. Multiple operating modes are available within each frequency.
Page 577: Figure 369: Rf Channel Plan And Power Configuration
D-Link UWS User Manual AP Management The automatic channel selection algorithm does not affect APs that meet any of the following conditions: • The channel is statically assigned to the AP in the RADIUS or local AP database. • The channel has been statically assigned to the AP from the WLAN > Administration > AP Management >...
Page 578: Table 338: Rf Channel Plan And Power Adjustment
D-Link UWS User Manual AP Management Table 338: RF Channel Plan and Power Adjustment Field Description Channel Plan Each AP is dual-band capable of operating in the 2.4 GHz and 5 GHz frequencies. The 802.11a/n and 802.11b/g/n modes use different channel plans. Before you configure channel plan settings, select the mode to configure.
Page 579: Viewing The Channel Plan History
D-Link UWS User Manual AP Management Table 338: RF Channel Plan and Power Adjustment (Cont.) Field Description Power Adjustment This field indicates the power adjustment mode. The mode of power adjustment can Mode be one of the following: • Manual: In this mode, you run the proposed power adjustments manually from the Manual Power Adjustments page.
Page 580: Initiating Manual Channel Plan Assignments
D-Link UWS User Manual AP Management Table 339: Channel Plan History Field Description 5 GHz (802.11a/n) The 5 GHz and 2.4 GHz radios use different channel plans, so the switch tracks the 2.4 GHz (802.11b/g/n) channel history separately for each radio. The channel information that displays on the page is only for the radio you select.
Page 581: Table 340: Manual Channel Plan
D-Link UWS User Manual AP Management To apply proposed channel changes, click Apply. Table 340: Manual Channel Plan Field Description Current Status Shows the status of the plan, which is one of the following states: • None: The channel plan algorithm has not been manually run since the last switch reboot.
Page 582: Initiating Manual Power Adjustments
D-Link UWS User Manual AP Management Initiating Manual Power Adjustments If you select Manual as the Power Adjustment Mode on the Configuration tab, you can manually initiate the power adjustment algorithm on the Manual Power Adjustments page. Figure 372: Manual Power Adjustments...
Page 583: Access Point Software Download
D-Link UWS User Manual AP Management Access Point Software Download The DWS-4000 Series switch can upgrade software on the APs that it manages. The Cluster Controller can update code on the APs that it manages as well as APs managed by peer wireless switches.
Page 584: Table 342: Software Download
AP upgrades so the TFTP server is not overwhelmed. To select multiple APs to upgrade, CTRL + click each AP to upgrade. Note: D-Link recommends that you upgrade all managed APs at the same time. However if the network includes WDS managed APs, the satellite APs should be upgraded before the root APs.
Page 585 D-Link UWS User Manual AP Management Table 342: Software Download (Cont.) Field Description The following fields display after you click Start: Status (Global) The status of the upgrade process for all APs: • Not Started: The DWS-4000 Series switch has not started the download process.
Page 586: Managed Ap Advanced Settings
D-Link UWS User Manual AP Management Managed AP Advanced Settings When the AP is in Managed mode, remote access to the AP is disabled. However, you can enable Telnet access by enabling the Debug feature on the AP Management > Advanced Settings page. From the Managed AP Advanced Settings page, you can also manually change the RF channel and power for each radio on an AP.
Page 587: Debugging The Ap
D-Link UWS User Manual AP Management Table 343: Advanced AP Management (Cont.) Field Description Power Click the Power link to access the Managed AP Channel/Power Adjust page. From that page, you can set a new power level for the AP. The manual power change overrides the power setting configured in the AP profile and is not retained when the AP reboots or when the AP profile is reapplied.
Page 588: Adjusting The Channel And Power
D-Link UWS User Manual AP Management Table 344: Managed AP Debug Field Description Confirm Password Since the password is encrypted, you must retype the password to confirm the password. Enable Debug Select or clear the Enable check box to enable or disable debugging.
Page 589: Table 345: Managed Ap Channel/Power Adjust
D-Link UWS User Manual AP Management Table 345: Managed AP Channel/Power Adjust Field Description AP MAC Address Shows the MAC address of the access point. Radio Displays the radio and its mode. The changes apply only to this radio. Channel Status The status is one of the following: •...
Page 590: Ap Provisioning
D-Link UWS User Manual AP Management AP Provisioning The AP Provisioning feature helps you add new APs to an existing switch cluster. With AP Provisioning, you can configure the access points with parameters that are needed to connect to the wireless network.
Page 591: Detailed Ap Provisioning Status
D-Link UWS User Manual AP Management Table 346: AP Provisioning Summary Status (Cont.) Field Description Status Status of the most recently issued AP provisioning command, which has one of the following values: • Not Started—Provisioning has not been done for this AP.
Page 592: Figure 378: Ap Provisioning Status-Detail
D-Link UWS User Manual AP Management Figure 378: AP Provisioning Status—Detail The following table shows the fields available on the AP Provisioning Status page. Table 347: AP Provisioning Status Field Description IP Address IP Address of the AP. Time Since Last Update Time since any information has been received from this access point.
Page 593 D-Link UWS User Manual AP Management Table 347: AP Provisioning Status (Cont.) Field Description AP Certificate and Profile Transmit Status of the last AP profile and X.509 Certificate distribution to the Status Primary and Backup switches. This status is changed as a result of the AP provisioning command.
Page 594: Configuring Advanced Settings
D-Link UWS User Manual Configuring Advanced Settings Configuring Advanced Settings The Advanced Configuration folder contains links to the following pages: • Advanced Global Settings • Known Client • Wireless Network List • AP Profiles • Peer Switch • WIDS Security •...
Page 595: Table 348: General Global Configurations
D-Link UWS User Manual Configuring Advanced Settings Table 348 describes the fields on the Wireless Global Configuration page. Table 348: General Global Configurations Field Description Peer Group ID In order to support larger networks, you can configure wireless switches as peers, with up to 8 switches in a cluster (peer group).
Page 596 D-Link UWS User Manual Configuring Advanced Settings Table 348: General Global Configurations Field Description Tunnel IP MTU Size Select the maximum size of an IP packet handled by the network. The MTU is enforced only on tunneled VAPs. When IP packets are tunneled between the APs and the DWS-4000 Series switch, the packet size is increased by 20 bytes during transit.
Page 597: Wireless Snmp Trap Configuration
D-Link UWS User Manual Configuring Advanced Settings Command Buttons The page includes the following buttons: • Submit—Updates the switch with the values you enter. To retain the new values across a power cycle, you must perform a save (Tool > Save Changes).
Page 598: Table 349: Snmp Traps
D-Link UWS User Manual Configuring Advanced Settings The traps specified in Table 349 below are generated only by the Cluster Controller unless otherwise specified. Table 349: SNMP Traps Field Description AP Failure Traps If you enable this field, the SNMP agent sends a trap if an AP fails to associate or authenticate with the switch.
Page 599 D-Link UWS User Manual Configuring Advanced Settings Table 349: SNMP Traps (Cont.) Field Description Wireless Status Traps If you enable this field, the SNMP agent sends a trap if the operational status of the DWS-4000 Series switch (it need not be Cluster Controller for this trap) changes. It sends a trap if the Channel Algorithm is complete or the Power Algorithm is complete.
Page 600: Distributed Tunneling Configuration
D-Link UWS User Manual Configuring Advanced Settings Distributed Tunneling Configuration The Distributed Tunneling mode, also known as AP-AP tunneling mode, is used to support L3 roaming for wireless clients without forwarding any data traffic to the wireless switch. In the AP-AP tunneling mode, when a client first associates with an AP in the wireless system the AP forwards its data using the VLAN forwarding mode.
Page 601: Device Location Configuration
D-Link UWS User Manual Configuring Advanced Settings Device Location Configuration The Device Location feature can help you physically locate APs and other WLAN devices in different buildings and on multiple floors of a building. You can configure the information manually or use the WLAN Visualization tool to place the managed APs on floor plans, and then import the Building Floor objects with their associated APs from the WLAN Visualization tool to the switch.
Page 602: Wireless Network List
D-Link UWS User Manual Configuring Advanced Settings Wireless Network List The wireless network list shows all the wireless networks configured on the switch. The first 16 networks are created by default. You can modify the default networks, but you cannot delete them. You can add and configure up to 48 additional networks for a total of 64 wireless networks.
Page 603: Configuring Networks
D-Link UWS User Manual Configuring Advanced Settings Configuring Networks For information about the fields available on the Advanced > Networks page, see “Configuring the Default Network” on page 557. AP Profiles Access point configuration profiles are a useful feature for large wireless networks with APs that serve a variety of different users.
Page 604: Creating, Copying, And Deleting Ap Profiles
D-Link UWS User Manual Configuring Advanced Settings Building 3 is the Sales and Marketing building. The Building 3 AP uses a profile called “Marketing.” The Marketing AP Profile has three VAPs. The SSIDs for the VAPs are: Sales, Marketing, and Program Management.
Page 605: Figure 385: Configuring An Ap Profile
D-Link UWS User Manual Configuring Advanced Settings Profiles Profile Configuration Pages Figure 385: Configuring an AP Profile Table 353: Access Point Profile Summary Field Description Profile Identifies the name of the configured profile. Profile Status Indicates whether a profile is applied to one or more managed APs and shows the status for a request to re-apply the profile to its associated managed APs.
Page 606: Applying An Ap Profile
D-Link UWS User Manual Configuring Advanced Settings Command Buttons The page includes the following buttons: • Add— Adds a profile with the name you enter in the associated field. The Access Point Profile Global Configuration page for the new profile appears after you click Add.
Page 607: Figure 386: Applying The Ap Profile
Note: When you apply new AP Profile settings to an AP, the access point stops and restarts system processes. If this happens, wireless clients will temporarily lose connectivity. D-Link recommends that you change access point settings when WLAN traffic is low.
Page 608: Configuring The Ap Profile Global Settings
AP supports (single or dual) and the IEEE 802.11 modes that the radio supports (a/b/g or a/b/g/n/ac). The available options are: • Any • DWL-8600AP Dual Radio a/b/g/n • DWL-8610AP Dual Radio a/b/g/n/ac • DWL-3600AP Single Radio b/g/n •...
Page 609: Access Point Profile Radio Configuration
Description DDP Support DDP (D-Link Discover Protocol) supports basic command (IP, factory reset, F/W upgrade, etc.) to setting UAP, and user can use DNA (D-Link Network Assistance) to control UAP. factory default is disabled • Enable: Enables the DDP support •...
Page 610: Figure 388: Ap Profile Radio Settings
D-Link UWS User Manual Configuring Advanced Settings Figure 388: AP Profile Radio Settings Unified Wired and Wireless Access System D-Link Oct. 2015 Page 610...
Page 611: Table 355: Radio Settings
D-Link UWS User Manual Configuring Advanced Settings To change the settings for a radio, you must first select the radio you want to configure (1 or 2). After you change the settings, click Submit to apply the settings. Changes to the settings apply only to the selected radio.
Page 612 D-Link UWS User Manual Configuring Advanced Settings Table 355: Radio Settings (Cont.) Field Description Mode The Mode defines the Physical Layer (PHY) standard the radio uses. Select one of the following modes for each radio interface: • IEEE 802.11a is a PHY standard that specifies operating in the 5 GHz U-NII band using orthogonal frequency division multiplexing (OFDM).
Page 613 D-Link UWS User Manual Configuring Advanced Settings Table 355: Radio Settings (Cont.) Field Description RTS Threshold Specify a Request to Send (RTS) Threshold value between 0 and 2347. The RTS threshold indicates the number of octets in an MPDU, below which an RTS/ CTS handshake is not performed.
Page 614 D-Link UWS User Manual Configuring Advanced Settings Table 355: Radio Settings (Cont.) Field Description Rate Limiting Enabling multicast and broadcast rate limiting can improve overall network performance by limiting the number of packets transmitted across the network. This feature is disabled by default.
Page 615 D-Link UWS User Manual Configuring Advanced Settings Table 355: Radio Settings (Cont.) Field Description DTIM Period The Delivery Traffic Information Map (DTIM) message is an element included in some Beacon frames. It indicates which client stations, currently sleeping in low-power mode, have data buffered on the access point awaiting pick-up.
Page 616 D-Link UWS User Manual Configuring Advanced Settings Table 355: Radio Settings (Cont.) Field Description APSD Mode Select Enable to enable Automatic Power Save Delivery (APSD), which is a power management method. APSD is recommended if VoIP phones access the network through the AP.
Page 617 D-Link UWS User Manual Configuring Advanced Settings Table 355: Radio Settings (Cont.) Field Description Radio Resource Radio Resource Measurement (RRM) mode requires the Wireless System to send Management additional information in beacons, probe responses, and association responses. Enable or disable the support for radio resource measurement feature in the AP profile.
Page 618 D-Link UWS User Manual Configuring Advanced Settings • Clear—Resets the settings on the page to the default values. • Submit—Updates the switch with the values you enter. To retain the new values across a power cycle, you must perform a save (Tool > Save Changes).
Page 619: Access Point Profile Vap Configuration
D-Link UWS User Manual Configuring Advanced Settings Access Point Profile VAP Configuration The Access Point Profile VAP Configuration page displays the virtual access point (VAP) settings associated with the selected AP profile. Each VAP is identified by its network number and Service Set Identifier (SSID). You can configure and enable up to 16 VAPs per radio on each physical access point.
Page 620 D-Link UWS User Manual Configuring Advanced Settings Table 356: Default VAP Configuration (Cont.) Field Description Network Use the option to the left of the network to enable or disable the corresponding VAP on the selected radio. When enabled, use the menu to select a networks to assign to the VAP. You can configure up to 64 separate networks on the switch and apply them across multiple radio and VAP interfaces.
Page 621: Access Point Profile Qos Configuration
Voice-over-IP (VoIP), other types of audio, video, and streaming media as well as traditional IP data over the D-Link Unified Switch. To display the QoS Configuration page for an AP profile, click WLAN > Advanced Configuration > AP Profiles, select the tab corresponding to the profile, and click the QoS tab.
Page 622: Table 357: Qos Settings
D-Link UWS User Manual Configuring Advanced Settings Table 357 describes the QoS settings you can configure. Table 357: QoS Settings Field Description 1-802.11a/n From this field, you can select the radio for which you want to configure QoS settings. Settings for each radio are configured separately.
Page 623 Wi-Fi MultiMedia (WMM) is enabled by default. With WMM enabled, QoS prioritization and coordination of wireless medium access is on. With WMM enabled, QoS settings on the D-Link Unified Switch control downstream traffic flowing from the access point to client station (AP EDCA parameters) and the upstream traffic flowing from the station to the access point (station EDCA parameters).
Page 624: Access Point Profile Tspec Configuration
D-Link UWS User Manual Configuring Advanced Settings Table 357: QoS Settings (Cont.) Field Description cwMin This parameter is used by the algorithm that determines the initial random (Minimum Contention backoff wait time (window) for data transmission during a period of contention...
Page 625: Figure 391: Ap Profile Tspec Configuration
D-Link UWS User Manual Configuring Advanced Settings Caution! If you change any of the settings on the TSPEC Configuration page, the AP radios will restart when this profile is applied. Figure 391: AP Profile TSPEC Configuration The following table describes the fields on the Access Point Profile TSPEC Configuration page.
Page 626 D-Link UWS User Manual Configuring Advanced Settings Table 358: TSPEC Configuration (Cont.) Field Description Video ACM Mode Regulates mandatory admission control for the video access category. The options are: • Enabled—A station is required to send a TSPEC request for bandwidth to the AP before sending or receiving a video traffic stream.
Page 627: Peer Switch
D-Link UWS User Manual Configuring Advanced Settings Peer Switch The Peer Switch Configuration feature allows you to send a variety of configuration information from one switch to all other switches. In addition to keeping the switches synchronized, this function allows you to manage all wireless switches in the cluster from one switch.
Page 628: Peer Switch Configuration Enable/Disable
D-Link UWS User Manual Configuring Advanced Settings Peer Switch Configuration Enable/Disable You can copy portions of the switch configuration from one switch to another switch in the cluster. The Peer Switch Configuration Enable/Disable page allows you to select which parts of the configuration to copy to one or more peer switches in the group.
Page 629 D-Link UWS User Manual Configuring Advanced Settings Table 360: Peer Switch Configuration Enable/Disable (Cont.) Field Description Channel/Power Enable this field to include the RF management information in the configuration that the switch pushes to its peers. To view the channel and power settings on the local switch, click the WLAN >...
Page 630: Mutual Authentication
D-Link UWS User Manual Configuring Advanced Settings Mutual Authentication Mutual Authentication provides security when adding switches and APs to the wireless network. If Mutual Authentication mode is enabled, the APs and switches perform X.509 Mutual Certificate exchanges. Each device compares the certificate received from the remote end-point with the local copy of the remote device's certificate.
Page 631: Wids Security
D-Link UWS User Manual Configuring Advanced Settings WIDS Security The D-Link Unified Switch Wireless Intrusion Detection System (WIDS) can help detect intrusion attempts into the wireless network and take automatic actions to protect the network. WIDS AP Configuration The WIDS AP Configuration page allows you to activate or deactivate various threat detection tests and set threat detection thresholds in order to help detect rogue APs on the wireless network.
Page 632: Table 362: Wids Ap Configuration
D-Link UWS User Manual Configuring Advanced Settings Table 362 shows the fields on the WIDS Security AP Configuration page. Table 362: WIDS AP Configuration Field Description Administrator configured If the source MAC address is in the valid-AP database on the switch or on the...
Page 633 D-Link UWS User Manual Configuring Advanced Settings Table 362: WIDS AP Configuration (Cont.) Field Description Standalone AP with If the AP is classified as a known standalone AP, then the switch checks unexpected configuration whether the AP is operating with the expected configuration parameters.
Page 634: Wids Client Configuration
Configuring Advanced Settings WIDS Client Configuration The D-Link Unified Switch Wireless Intrusion Detection System (WIDS) can help detect intrusion attempts into the wireless network and take automatic actions to protect the network. The settings you configure on the WIDS Client Configuration page help determine whether a detected client is classified as a rogue. Clients classified as rogues are considered to be a threat to network security.
Page 635: Table 363: Wids Client Configuration
D-Link UWS User Manual Configuring Advanced Settings Table 363 describes the fields on the WIDS Client Configuration page. Table 363: WIDS Client Configuration Field Description Not Present in OUI Database This test checks whether the MAC address of the client is from a registered Test manufacturer identified in the OUI database.
Page 636: Known Client
D-Link UWS User Manual Configuring Advanced Settings Table 363: WIDS Client Configuration (Cont.) Field Description Probe Requests Threshold Specify the number of seconds an AP should spend counting the probe Interval messages sent by wireless clients. Probe Requests Threshold Specify the number of probe requests a wireless client is allowed to send Value during the threshold interval before the event is reported as a threat.
Page 637: Table 364: Known Client Summary
D-Link UWS User Manual Configuring Advanced Settings Table 364 describes the fields on Known Client Summary page. Table 364: Known Client Summary Field Description MAC Address Shows the MAC address of the known client. Name Shows the descriptive name configured for the client when it was added to the Known Client database.
Page 638: Known Client Configuration
D-Link UWS User Manual Configuring Advanced Settings Known Client Configuration The Known Client Configuration page allows you to add wireless clients to the Known Client Database and specify the authentication action to take on the client when it attempts to access the network. The database contains wireless client MAC addresses and names.
Page 639: Switch Provisioning
D-Link UWS User Manual Configuring Advanced Settings Switch Provisioning Use the Switch Certificate Request page to request a X.509 certificate from the cluster controller. The X.509 mutual certificate exchange is the only mechanism for peer switches to authenticate with each other because switches do not support pass-phrase authentication.
Page 640: Provisioning
D-Link UWS User Manual Configuring Advanced Settings Provisioning Use the Switch Provisioning page to request provisioning information from a switch in the cluster. After the new switch receives the provisioning information, it can join the cluster. Figure 400: Switch Provisioning The following table shows the fields available on the Switch Provisioning page.
Page 641: Enabling Aeroscout™ Engine Support
608. Note: The following notes apply to AeroScout product and protocol support: • D-Link does not sell AeroScout products. Contact AeroScout for AeroScout hardware, software or deployment information. • The AE protocol does not support any authentication or encryption between the AE server and the access point.
Page 642: Figure 401: Wds-Managed Ap Group
D-Link UWS User Manual Configuring the Wireless Distribution System Support for the WDS-managed AP feature within the Unified Wired and Wireless Access System includes the following: • The wireless system can contain up to two WDS-managed AP groups. • Each WDS-managed AP group can contain up to four APs.
Page 643 – On the Radio page for the AP profile, select only one channel in the list of Auto Eligible channels. By default, multiple channels are enabled. • D-Link recommends that satellite APs do not have wired connectivity to the wireless switch. • A configuration push to WDS APs may take up to three minutes to complete.
Page 644: Wds Managed Ap Group Configuration
D-Link UWS User Manual Configuring the Wireless Distribution System WDS Managed AP Group Configuration Use the WDS Managed AP Group Configuration page to add or delete WDS-Managed AP groups and to configure group settings. Changes to the WDS AP group do not take effect on the APs until the WDS AP group database is pushed to the cluster.
Page 645: Figure 403: Edit Wds Managed Ap Group Settings
D-Link UWS User Manual Configuring the Wireless Distribution System When you add a new WDS-Managed AP group or click the group name, the page refreshes and fields to configure the group setting appear. Note: After you change WDS-Managed AP group settings, make sure you push the configuration to other switches in the cluster.
Page 646: Wds Managed Ap Configuration
D-Link UWS User Manual Configuring the Wireless Distribution System WDS Managed AP Configuration After you create a WDS-Managed AP group, use the WDS Managed AP Configuration page to view the APs that are members of the group, add new members, and change Priority values for existing members.
Page 647: Figure 405: Wds Managed Ap Settings
D-Link UWS User Manual Configuring the Wireless Distribution System Note: If no APs have been added to the selected WDS group, only the Add and Refresh buttons display. When you click Add from the WDS Managed AP Summary page, the page refreshes and displays fields to configure the WDS Managed AP settings.
Page 648: Wds Link Configuration
D-Link UWS User Manual Configuring the Wireless Distribution System Command Buttons The page includes the following buttons: • Submit—Update the switch with the values you enter. WDS Link Configuration After you create a WDS-Managed AP group, use the WDS AP Link Configuration page to configure the WDS links between the APs that are members of the group.
Page 649: Wds Link Create
D-Link UWS User Manual Configuring the Wireless Distribution System Command Buttons The page includes the following buttons: • Add—Allows you to configure a new WDS link for the selected group. When you click Add, the WDS Link Create page displays.
Page 650: Locating Wlan Devices
Note: D-Link recommends that you do not attempt to configure location information by using the switch UI and the WLAN Visualization at the same time.
Page 651: Figure 408: Building
D-Link UWS User Manual Locating WLAN Devices Figure 408: Building The following table shows the fields available on the Building page. Table 374: Building Field Description Building Number Unique number from 1–8 that identifies a building within the wireless system.
Page 652: Building Floor
D-Link UWS User Manual Locating WLAN Devices Building Floor Use the Building Floor page to define the floors within the buildings where APs are deployed. Figure 409: Building Floor The following table shows the fields available on the Building Floor page.
Page 653: Managed Ap Coordinates
D-Link UWS User Manual Locating WLAN Devices Managed AP Coordinates Use the Managed AP Coordinates page to manually specify where APs are physically located. Figure 410: Managed AP Coordinates The following table shows the fields available on the Managed AP Coordinates page.
Page 654: Managed Ap Location Summary
D-Link UWS User Manual Locating WLAN Devices Managed AP Location Summary Use the Managed AP Location Summary page to view summary information about the location of the APs in the wireless network. The page displays the APs with a location that has been manually configured or imported from the WLAN Visualization tool.
Page 655: On-Demand Location Trigger
D-Link UWS User Manual Locating WLAN Devices On-Demand Location Trigger Use the On-Demand Location Trigger page to find the location of an AP or wireless client. You can request the location of an AP or a client which is already detected by the system, or specify a MAC address of the device that has not yet been detected.
Page 656: On-Demand Location Trigger Status
D-Link UWS User Manual Locating WLAN Devices Command Buttons The page includes the following buttons: • Count Search APs—Recalculates the number of Locator APs. Modifying the building number, floor number, or inclusion of operational mode radios can change the number of APs that participate in the search.
Page 657: Table 379: On-Demand Location Trigger Global Status
D-Link UWS User Manual Locating WLAN Devices The following table shows the fields available on the On-Demand Location Trigger Global Status page. Table 379: On-Demand Location Trigger Global Status Field Description Type of Device Indicates whether the most recent On-Demand Location process was invoked to find an AP or a Client.
Page 658: On-Demand Location Trigger Floor Status
D-Link UWS User Manual Locating WLAN Devices On-Demand Location Trigger Floor Status Use the On-Demand Location Trigger Floor Status page to view the results of the most recent On-Demand Location procedure for each floor. The page can display entries for each floor, even if the device is not detected on the floor.
Page 659: Ap Triangulation Location
D-Link UWS User Manual Locating WLAN Devices Command Buttons The page includes the following button: • Refresh—Updates the page with the latest information. AP Triangulation Location The Wireless System continually collects detected signal information about APs and records the data in the AP triangulation table.
Page 660: Detailed Ap Triangulation Status
D-Link UWS User Manual Locating WLAN Devices The following table shows the fields available on the AP Triangulation Summary page. Table 381: AP Triangulation Summary Field Description Device MAC Address MAC address of the AP Device Type Indicates whether the device is a Managed AP or a Detected AP. If the type of device changes, the change might not be reflected until the device location is next computed.
Page 661: Table 382: Detailed Ap Triangulation Status
D-Link UWS User Manual Locating WLAN Devices The following table shows the fields available on the Detailed AP Triangulation Status page. Table 382: Detailed AP Triangulation Status Field Description MAC Address Selector The menu contains the MAC address of each AP listed on the summary page.
Page 662: Client Triangulation Location
D-Link UWS User Manual Locating WLAN Devices Client Triangulation Location The Wireless System continually collects detected signal information about wireless clients and records the data in the Client triangulation tables. The Cluster Controller periodically iterates through the triangulation tables for all clients in the Detected Clients table and computes the location for each device. Use the pages available from the Client Triangulation Location link to view device location information derived from the Client triangulation table.
Page 663: Detailed Ap Triangulation Status
D-Link UWS User Manual Locating WLAN Devices The following table shows the fields available on the Client Triangulation Summary page. Table 383: Client Triangulation Summary Field Description Device MAC Address MAC address of the wireless client. Device Type Indicates whether the device is an Associated Client or a Detected Client.
Page 664: Table 384: Detailed Client Triangulation Status
D-Link UWS User Manual Locating WLAN Devices The following table shows the fields available on the Detailed Client Triangulation Status page. Table 384: Detailed Client Triangulation Status Field Description MAC Address Selector The menu contains the MAC address of each wireless client listed on the summary page.
Page 665: Ap Scheduler
D-Link UWS User Manual AP Scheduler AP Scheduler AP scheduler allows you to configure a rule with a specific time interval for VAPs or radios to be operational, thereby automating the enabling or disabling of the VAPs and Radios. One of the ways you can use this feature is to schedule radios to operate only during the office working hours in order to achieve security and reduce power consumption.
Page 666 D-Link UWS User Manual AP Scheduler Table 385: AP Scheduler Configuration Field Description Profile Name When creating a new scheduler profile, specify the name, which may include alphabetic, numeric, dash, underscore or space characters only. The name must start with an alphabetic character and can contain up to 31 characters.
Page 667: Visualizing The Wireless Network
D-Link UWS User Manual Visualizing the Wireless Network Visualizing the Wireless Network The WLAN Visualization component is an optional feature that graphically shows information about the wireless network. WLAN Visualization uses a Java applet to display switches, APs, and associated wireless clients.
Page 668: Importing And Configuring A Background Image
• GIF (Graphics Interchange Format) • JPG (Joint Photographic Experts Group) Additionally, D-Link recommends that you do not use color images since the WLAN components might not show up as well. To load an image onto the switch to use as a background for the WLAN Visualization graph, use the following procedures: 1.
Page 669: Setting Up The Graph
D-Link UWS User Manual Visualizing the Wireless Network Setting Up the Graph To start the WLAN Visualization tool, click WLAN Visualization > Launch... This opens a new browser window and starts the Java applet. Note: Your browser must allow pop-up windows to open from the switch.
Page 670 D-Link UWS User Manual Visualizing the Wireless Network 5. Enter the represented length for one of the graph dimensions (height or width). Use the Selection and Measurement drop-down menus to specify whether the length is the height or width, and whether it is in meters or feet. You must use the same unit of measurement for all floors within the building.
Page 671: Manually Graphing The Components
D-Link UWS User Manual Visualizing the Wireless Network Manually Graphing the Components You must manually place each Unified Switch on the graph because the switch does not contain any radios. Click the IP address of the switch in the Switches window for ungraphed components and drag it to its approximate location on the graph.
Page 672: Figure 424: Device Location Progress Timer
D-Link UWS User Manual Visualizing the Wireless Network By default, the device search uses operational radios on managed APs use triangulation to try to determine the location of a neighboring device. Traffic for wireless clients associated with the operational radios is disrupted as they perform the search.
Page 673: Figure 426: Probable Device Location - Point Solution
D-Link UWS User Manual Visualizing the Wireless Network When the device has been located, a location map appears on the map to indicate the probably location of the device. The location map is either a point solution or a circle solution.
Page 674: Understanding The Menu Options And Icons
D-Link UWS User Manual Visualizing the Wireless Network If the locator APs are not able to determine the location of a device, the Device Location status indicates that the device is not located. A device might not be found if, for example, the search APs are unable to triangulate on the target device.
Page 675 D-Link UWS User Manual Visualizing the Wireless Network Table 386: WLAN Visualization Menu Bar Options (Cont.) Menu Item Description View Ungraphed Components Allows you to change the view of the ungraphed components in the panel on the left: • Tab View: Organizes the component windows and the Device Location window by tabs.
Page 676: Figure 429: Toolbar Icons
D-Link UWS User Manual Visualizing the Wireless Network Table 386: WLAN Visualization Menu Bar Options (Cont.) Menu Item Description Locate Target Access Point Select this option to allow the wireless system to search for an AP and update its location based on the received search information.
Page 677: Legend Menu
D-Link UWS User Manual Visualizing the Wireless Network Legend Menu The items in the Legend menu contain information about the icons and colors that appear on the graph. The Images menu item shows the icons that represent the WLAN components on the graph.
Page 678: Viewing Component Information
D-Link UWS User Manual Visualizing the Wireless Network A radio operating in Sentry Mode displays the letter “S” in place of the antenna on the AP icon, as Figure 431 shows. Figure 431: Sentry Mode—Detailed View When the AP Power Display is enabled, radios in sentry mode show a gray AP power display image around the The Channel Color legend maps the color of the power display image to the channel that the image color represents.
Page 679: Appendix A: Configuration Examples
D-Link UWS User Manual Configuration Examples Appendix A: Configuration Examples This appendix contains examples of how to configure selected features available in the Unified Wired and Wireless Access System software. Each example contains procedures on how to configure the feature by using the Web interface, CLI, and SNMP.
Page 680: Figure 433: Vlan Example Network Diagram
D-Link UWS User Manual Configuring VLANs Layer 3 Switch Port 0/4 Port 0/1 VLAN 3 VLAN 2 Port 0/2 Port 0/3 VLANs 2 & 3 VLAN 3 VLAN 2 VLAN 3 Figure 433: VLAN Example Network Diagram 1. Access the LAN > L2 Features > VLAN > VLAN Configuration page.
Page 681 D-Link UWS User Manual Configuring VLANs tagged from ports that are members of VLAN 2. 9. Click Submit. 10. Select VLAN 3 from the VLAN ID and Name List. 11. Select the Participate option in the VLAN field. 12. For ports 0/2, 0/3 and 0/4, select Include from the Participation menu to specify that these ports are members of VLAN 3.
Page 682: Configuring Multiple Spanning Tree Protocol
D-Link UWS User Manual Configuring Multiple Spanning Tree Protocol Configuring Multiple Spanning Tree Protocol This example shows how to enable IEEE 802.1s Multiple Spanning Tree (MST) protocol on the switch and all of the ports and to set the bridge priority.
Page 683 D-Link UWS User Manual Configuring Multiple Spanning Tree Protocol d. Click Submit. e. Repeat the steps to create an MST instance with an ID of 20. 5. Associate MST ID 10 with VLAN 10 and assign a bridge priority of 16384 a.
Page 684 D-Link UWS User Manual Configuring Multiple Spanning Tree Protocol 8. Use similar procedures to enable on port 0/2. 9. Force port 0/2 to be the root port for MST 20, which is the non-root bridge. a. Go to the LAN > L2 Features > Spanning Tree > MST Port Configuration/Status page.
Page 685: Configuring Vlan Routing
D-Link UWS User Manual Configuring VLAN Routing Configuring VLAN Routing This section provides an example of how to configure Unified Wired and Wireless Access System software to support VLAN routing. The configuration of the VLAN router port is similar to that of a physical port. The main difference is that, after the VLAN has been created, you must use the show ip vlan command to determine the VLAN’s interface ID so that you can use it in the router configuration commands.
Page 686 D-Link UWS User Manual Configuring VLAN Routing 5. Note the slot/port ID assigned to the VLAN routing interface, which is 4/1 for VLAN 10 in this example. 6. Enter 20 in the VLAN ID field, and then click Create. Note that the VLAN is assigned an interface ID of 4/2.
Page 687 D-Link UWS User Manual Configuring VLAN Routing 8. Go to the LAN > L3 Features > IP > Interface Configuration page to configure the IP addresses and subnet masks for the virtual router ports. a. From the Interface menu, select 4/1.
Page 688: Configuring 802.1X Network Access Control
D-Link UWS User Manual Configuring 802.1X Network Access Control Configuring 802.1X Network Access Control This example configures a single RADIUS server used for authentication and accounting at 10.10.10.10. The shared secret is configured to be secret. The process creates a new authentication list, called radiusList, which uses RADIUS as the authentication method.
Page 689 D-Link UWS User Manual Configuring 802.1X Network Access Control 7. Click Submit to apply the changes to the system. 8. Configure the RADIUS accounting server information. a. Go to the LAN > Security > RADIUS > Accounting Server page. b. Select Add from Accounting Server Host Address field.
Page 690: Configuring A Virtual Access Point
D-Link UWS User Manual Configuring a Virtual Access Point 12. To enable IEEE 802.1X authentication on the switch, go to the LAN > Security > Port Access Control > Configuration page, select Enable from the Administrative Mode menu, and then click Submit.
Page 691 D-Link UWS User Manual Configuring a Virtual Access Point d. In the Redirect field, select the HTTP option. e. In the Redirect URL field, enter www.dlink.com.tw f. In the Bandwidth Limit Down field, enter 3000000 to limit the download speed to 3 Mbps for the VAP.
Page 692 D-Link UWS User Manual Configuring a Virtual Access Point 8. Configure the third VAP. Note: Because this VAP uses WPA Enterprise, wireless clients must authenticate by using an external RADIUS server. Make sure that the RADIUS Authentication Server Configured field shows the status as Configured.
Page 693 D-Link UWS User Manual Configuring a Virtual Access Point Unified Wired and Wireless Access System D-Link July 2012 Page 693...
Page 694: Configuring Differentiated Services For Voip
D-Link UWS User Manual Configuring Differentiated Services for VoIP Configuring Differentiated Services for VoIP One of the most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time- sensitive: for a network to provide acceptable service, a guaranteed transmission rate is vital. This example shows one way to provide the necessary quality of service: how to set up a class for UDP traffic, have that traffic marked on the inbound side, and then expedite the traffic on the outbound side.
Page 695 D-Link UWS User Manual Configuring Differentiated Services for VoIP 3. Go to the LAN > QoS > Differentiated Services > DiffServ Configuration page and enable DiffServ for the switch. 4. Go to the LAN > QoS > Differentiated Services > Class Configuration page, select Create from the Class Selector field, enter class_voip in the Class Name field, select All as the Class Type, and then click Submit.
Page 696 D-Link UWS User Manual Configuring Differentiated Services for VoIP 10. From the Available Class List menu, select class_voip, and then click Add Selected Class. 11. From the Available Class List menu, select class_ef, and then click Add Selected Class. 12. Go to the Policy Class Definition page and configure how classes that match the policy are handled.
Page 697: Configuring A Network With Wds-Managed Aps
D-Link UWS User Manual Configuring a Network with WDS-Managed APs Configuring a Network with WDS-Managed APs In this example, a company has a main building that houses most of the employees and contains all the network infrastructure. The company has has acquired some additional office space in the building next door.
Page 698 D-Link UWS User Manual Configuring a Network with WDS-Managed APs To configure the WDS-managed AP group and its links, use the following steps: 1. Configure Satellite AP1 while it is in stand-alone mode. a. Connect to the web-based administration interface for Satellite AP1.
Page 699 D-Link UWS User Manual Configuring a Network with WDS-Managed APs i. Set the radio(s) that will participate in the WDS link to a static channel. In this example, the APs in the WDS group use channel 36 on Radio 1 (IEEE 802.11a/n).
Page 700 DHCP server. 3. Connect to the web-based administration interface for the D-Link DWS-4000 Series switch If you know the IP address of the switch, enter it into a browser to access the administration pages for the switch.
Page 701 D-Link UWS User Manual Configuring a Network with WDS-Managed APs 6. Repeat Step 4 Step 5 to add Satellite AP1 and Satellite AP2 to the Valid AP database. 7. From the WLAN > Administration > WDS Configuration > Group Configuration page, enter the group name and click Add.
Page 702 D-Link UWS User Manual Configuring a Network with WDS-Managed APs 8. Select the Edit check box and enter the WDS group password in the appropriate field (password12345). 9. Click Submit. 10. From the WLAN > Administration > WDS Configuration > AP Configuration page, click Add to add the root AP to the selected group.
Page 703 D-Link UWS User Manual Configuring a Network with WDS-Managed APs 15. From the WLAN > Administration > WDS Configuration > Link Configuration page, click Add to add the links to the selected group. If multiple WDS groups are configured, make sure you select the appropriate group ID before you click Add.
Page 704 D-Link UWS User Manual Configuring a Network with WDS-Managed APs 20. Return to the WLAN > Administration > WDS Configuration > Link Configuration page to verify the link settings. 21. Deploy the APs, if they have not already been deployed. After the Root AP is discovered and has become managed, it will scan for the Satellite APs.
Page 705 D-Link UWS User Manual Configuring a Network with WDS-Managed APs Unified Wired and Wireless Access System D-Link July 2012 Page 705...
Page 706: Configuring A Network To Use Wpa2-Enterprise And Dynamic Vlans
D-Link UWS User Manual Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs This configuration example shows a company deploying a wireless network that uses WPA2-Enterprise encryption and dynamic VLANs. To keep financial information separate from other corporate data, the network administrator has configured a separate VLAN for Accounting Department employees.
Page 707: Configuring Client Information On The Radius Server
D-Link UWS User Manual Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs Configuring Client Information on the RADIUS Server To use WPA-Enterprise and RADIUS-assigned VLANs, you must configure information about the clients on the network RADIUS server. The configuration of your RADIUS server will vary depending on the manufacturer of the RADIUS server, but the parameters for dynamic VLAN tagging are the same, regardless of the RADIUS server you use.
Page 708: Configuring Radius Information And Ap Profiles On The Switch
RADIUS-assigned VLANs, and how to configure the AP profile to be applied to the APs that the switch manages. 1. Connect to the web-based administration interface on the D-Link DWS-4000 Series switch. If you know the IP address of the switch, enter it into a browser to access the administration pages for the switch. If you do...
Page 709 D-Link UWS User Manual Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs c. Click Submit. 4. Configure the Wireless Network Information for the Visitor network. a. Go to the WLAN > Administration > Basic Setup > SSID page. b. Select the radio to configure. This example configures Radio 2 - 802.11b/g/n.
Page 710 D-Link UWS User Manual Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs e. Click Submit. 5. Configure the Wireless Network Information for the Corporate network. a. Click the SSID tab (or click WLAN > Administration > Basic Setup > SSID) to return to the Wireless Default VAP Configuration page.
Page 711 D-Link UWS User Manual Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs d. Configure the following information in the appropriate fields: SSID = Corporate VLAN = 20 Radius Authentication Server Name = RADIUS Security = WPA/WPA2, WPA Enterprise Note: The WPA Enterprise option is available only after you select the WPA/WPA2 option.
Page 712 D-Link UWS User Manual Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs 6. Add the AP to the Valid AP database so that it can become managed when the switch discovers it. a. Go to the WLAN > Administration > Basic Setup > Valid AP page.
Page 713: Verifying The Configuration
D-Link UWS User Manual Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs Verifying the Configuration This section describes the pages available for monitoring information the managed AP and its associated clients. 1. Verify that the AP is now managed by the switch.
Page 714 D-Link UWS User Manual Configuring a Network to Use WPA2-Enterprise and Dynamic VLANs 3. Verify that the accountant user can connect to the Corporate network and is assigned to VLAN 30. a. Use a wireless client to access the wireless network with the Corporate SSID.
Page 715: Optimizing Wlan Traffic
D-Link UWS User Manual Optimizing WLAN Traffic Optimizing WLAN Traffic The Unified Wired and Wireless Access System includes features that automatically help to optimize wireless traffic on the network. This section describes the following features: • Automatic channel selection and adjustment on access point radios •...
Page 716: Figure 439: Monitoring Managed Ap Channels
D-Link UWS User Manual Optimizing WLAN Traffic Figure 439: Monitoring Managed AP Channels A second algorithm, the Auto Channel Adjustment (ACA) can periodically evaluate the operating channel and can automatically change the channel if the current operating channel is noisy. The cluster controller runs the ACA algorithm for the whole cluster.
Page 717: Running And Applying A Manual Channel Plan
Fixed Time (once per day) or Interval (once every 6–24 hours). Note: D-Link recommends that you run the ACA algorithm (either manually or periodically) when WLAN traffic is low because wireless clients must briefly disassociate from any radio that changes its channel.
Page 718 5. To apply the suggested channel plan, click Apply. Note: D-Link recommends that you apply the channel plan when WLAN traffic is low. When a radio changes to a different channel, any associated clients are forced to disassociate and reassociate.
Page 719: Monitoring The Rf Transmission Power Level
D-Link UWS User Manual Optimizing WLAN Traffic 6. To view the operating channel for AP_3 and all managed APs, go to the WLAN > Monitoring > Access Point > Managed AP Status page. Monitoring the RF Transmission Power Level The RF signal transmission power level directly affects the broadcast range of the AP signal. If the power level is too low, wireless clients will not detect the signal or experience poor WLAN performance.
Page 720: Configuring The Automatic Power Adjustment
D-Link UWS User Manual Optimizing WLAN Traffic Configuring the Automatic Power Adjustment This example describes how to run and apply the Automatic Power Adjustment (APA) algorithm. 1. To adjust the minimum power level setting on the AP profile, go to the WLAN > Administration > Basic Settings >...
Page 721 D-Link UWS User Manual Optimizing WLAN Traffic A message appears and indicates that the AP radios will be reset, which will disassociate any associated wireless clients. Click OK to continue. 5. View the transmit power for the associated APs by clicking WLAN > Monitoring > Access Points > Managed AP Status >...
Page 722 D-Link UWS User Manual Optimizing WLAN Traffic The following figure shows that the APA algorithm detected a high number of transmission errors on AP_2, and that the power level should be increased by 10% to increase the transmission area. 10. To apply the recommendation and allow the AP to adjust its transmission power level, click Apply.
Page 723: Load Balancing And Wlan Utilization
D-Link UWS User Manual Optimizing WLAN Traffic Load Balancing and WLAN Utilization When the power level on an access point is high and the RF broadcast area is large, more wireless clients can detect the signal and associate with the AP than when the power is low and the broadcast area is small.
Page 724 D-Link UWS User Manual Optimizing WLAN Traffic 5. If the APs are already managed, use the following steps to reapply the profile so the new settings take effect: a. Go to the WLAN > Administration > Advanced Configuration > AP Profiles page.
Page 725 D-Link UWS User Manual Optimizing WLAN Traffic 7. To monitor the current WLAN utilization rate for the FASTPATH Unified Wireless System, go to the WLAN > Monitoring > Global page and view the WLAN Utilization field. 8. If the FASTPATH Unified Wireless System includes multiple switches in a cluster, click the Switch Status tab to view WLAN Utilization information for an individual switch within the cluster.
Page 726: Detecting And Preventing Wireless Intrusion
This section describes how to use of some of the Wireless Intrusion Detection System (WIDS) and Wireless Intrusion Prevention System (WIPS) functions on the D-Link Unified Wireless Switch. In this example, a company has configured a wireless network with the VAPs shown in Table 390.
Page 727: Configuring And Monitoring Wids/Wips To Detect Rogue Aps
D-Link UWS User Manual Detecting and Preventing Wireless Intrusion 4. Click Submit to apply the changes to the running configuration on the switch. Note that the label for radio 1 changes to Sentry. 5. If an AP is already managed, use the following steps to reapply the profile so the new settings take effect: a.
Page 728: Figure 442: Wids Ap Configuration
D-Link UWS User Manual Detecting and Preventing Wireless Intrusion Figure 442 shows the default values on the WIDS configuration page for the AP. Figure 442: WIDS AP Configuration To demonstrate the WIDS and WIPS capabilities of the DWS-4000 Series switch, in this scenario a hacker has set up a Honeypot AP in the parking lot of the company's building.
Page 729: Figure 444: All Ap Status With Rogue
D-Link UWS User Manual Detecting and Preventing Wireless Intrusion Figure 443 on page 728 shows, most clients have authenticated with the legitimate AP within the company. However, one client within the company has unknowingly associated with the honeypot AP that is physically located outside the walls of the company.
Page 730: Figure 446: Wids Test Discovers Rogue
D-Link UWS User Manual Detecting and Preventing Wireless Intrusion Click the WIDS AP Rogue Classification tab to learn which WIDS test triggered the rogue status. Figure 446: WIDS Test Discovers Rogue Figure 446 shows, the honeypot AP is identified as a rogue because it triggered the Managed SSID from an unknown AP test.
Page 731: Figure 448: Rogue Ap Mitigation
AP is located and disabled. Note: Radios in non-sentry mode transmit deauthentication frames only on their active channel. Therefore, D-Link recommends that you deploy radios in sentry mode to effectively implement rogue AP deauthentication attacks.
Page 732: Using Wids/Wips To Detect Rogue Clients
D-Link UWS User Manual Detecting and Preventing Wireless Intrusion Using WIDS/WIPS to Detect Rogue Clients In addition to targeting Rogue APs, the DWS-4000 Series switch supports client-based security detection algorithms to help monitor and control wireless clients on the network.
Page 733: Figure 451: Excessive Authentication Failures
D-Link UWS User Manual Detecting and Preventing Wireless Intrusion Figure 451 shows a client that is identified as a rogue because the Authentication Failure Threshold Value configured on the WIDS Client Configuration page shown in Figure 451 is five, and the client has failed the authentication 12 times.
Page 734: Mitigating A Rogue Client Threat
D-Link UWS User Manual Detecting and Preventing Wireless Intrusion Mitigating a Rogue Client Threat In this scenario, the network administrator for a retail store is implementing Rogue Client Threat Mitigation to provide additional security in her store located in a shopping mall. Several tablet PCs are used to track inventory within the establishment.
Page 735 D-Link UWS User Manual Detecting and Preventing Wireless Intrusion 2. On the WLAN > Administration > Advanced Configuration > Clients > Known Clients page, type the MAC addresses of a tablet PC into the available field. 3. Click Add. The Known Client Configuration page appears.
Page 736 D-Link UWS User Manual Detecting and Preventing Wireless Intrusion 8. View information about all detected clients on the WLAN > Monitoring > Client > Detected Clients page. In the following figure, the Known Client is shown as Authenticated while it is associated to the Corporate SSID.
Page 737 D-Link UWS User Manual Detecting and Preventing Wireless Intrusion If an employee using Tablet_5 attempts to use an unknown AP with one of the tablets, the DWS-4000 Series switch initiates a Client Threat Mitigation attack. The WLAN > Monitoring > Client > Detected Clients page shows that the Tablet_5 client now has a client status of Rogue.
Page 738 D-Link UWS User Manual Detecting and Preventing Wireless Intrusion Click the Rogue Classification tab to confirm the WIDS security test results for the client. Unified Wired and Wireless Access System D-Link Oct. 2015 Page 738...
Page 739: Appendix B: Limited Warranty (Usa Only)
The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D-Link to confirm the same, along with proof of purchase of the product (such as a copy of the dated purchase invoice for the product) if the product is not registered.
Page 740 D-Link Corporation/D-Link Systems, Inc., as stipulated by the United States Copyright Act of 1976 and any amendments thereto. Contents are subject to change without prior notice. Copyright 2004 by D-Link Corporation/D-Link Systems, Inc.
Page 741 Product Registration Register your D-Link product online at http://support.dlink.com/register/ Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights.
Page 742: Product Registration
This guide is only for initial configuration. Please refer to the user manual to learn more or visit http://www.mydlink.com for more information. Also feel free to contact us. U.S. and Canadian customers can contact D-Link Technical Support through our website. http://support.dlink.com Canada...
Page 743 Europe customers TECHNICAL SUPPORT TECHNISCHE UNTERSTÜTZUNG ASSISTANCE TECHNIQUE ASISTENCIA TÉCNICA SUPPORTO TECNICO TECHNISCHE ONDERSTEUNING POMOC TECHNICZNA TECHNICKÁ PODPORA TECHNICKÁ PODPORA dlink.com/support TECHNIKAI TÁMOGATÁS TEKNISK SUPPORT TEKNISK SUPPORT TEKNISK STØTTE TEKNINEN TUKI ASSISTÊNCIA TÉCNICA ΤΕΧΝΙΚΉ ΥΠΟΣΤΉΡΙΞΗ TEHNIČKA PODRŠKA TEHNIČNA PODPORA SUPORT TEHNIC ТЕХНИЧЕСКА...
Page 744: What You Must Do For Warranty Service
Indonesia - www.dlink.co.id Malaysia - www.dlink.com.my Philippines - www.dlink.com.ph Vietnam - www.dlink.com.vn Korea customers Tel : +82-2-2028-1810 Monday to Friday 9:00am to 6:00pm Web : http://d-link.co.kr E-mail : g2b@d-link.co.kr New Zealand customers Tel: 0800-900-900 24/7 Technical Support Web: http://www.dlink.co.nz E-mail: support@dlink.co.nz...
Page 745: Trademarks
08600 DLINK (for South Africa only) Monday to Friday 8:30am to 9:00pm South Africa Time Web: http://www.d-link.co.za E-mail: support@d-link.co.za D-Link Middle East - Dubai, U.A.E. customers Plot No. S31102, Jebel Ali Free Zone South, P.O.Box 18224, Dubai, U.A.E. Tel: +971-4-8809022...
Page 746: Appendix C: Technical Support
Pakistan customers Islamabad Office: 61-A, Jinnah Avenue, Blue Area, Suite # 11, EBC, Saudi Pak Tower, Islamabad - Pakistan Tel.: +92-51-2800397, 2800398 Fax: +92-51-2800399 Karachi Office: D-147/1, KDA Scheme # 1, Opposite Mudassir Park, Karsaz Road, Karachi – Pakistan Phone: +92-21-34548158, 34326649 Fax: +92-21-4375727 Technical Support: +92-21-34548310, 34305069 General Inquiries: info.pk@dlinkmea.com...
Page 747 Lebanon RMA center customers Dbayeh/Lebanon PO Box:901589 Tel: +961 4 54 49 71 Ext:14 Fax: +961 4 54 49 71 Ext:12 Email: taoun@dlinkmea.com Bahrain customers Technical Support: +973 1 3332904 Kuwait customers Technical Support: + 965 22453939 / +965 22453949 Türkiye customers Büyükdere Cad.
Page 748 Обновления программного обеспечения и документация доступны на Интернет-сайте D-Link. D-Link предоставляет бесплатную поддержку для клиентов в течение гарантийного срока. Клиенты могут обратиться в группу технической поддержки D-Link по телефону или через Интернет. Техническая поддержка компании D-Link работает в круглосуточном режиме ежедневно, кроме...
Page 749 Soporte Técnico Para Usuarios En Latino America Por favor revise el número telefónico del Call Center de su país en http://www.dlinkla.com/soporte/call-center Soporte Técnico de D-Link a través de Internet Horario de atención Soporte Técnico en www.dlinkla.com e-mail: soporte@dlinkla.com & consultas@dlinkla.com...
Page 750 Clientes de Brasil Caso tenha dúvidas na instalação do produto, entre em contato com o Suporte Técnico D-Link. Acesse o site: www.dlink.com.br/suporte...
Page 751 D-Link 友訊科技台灣分公司技術支援資訊如果您還有任何本使用手冊無法協助您解決的產品相關問題，台灣地區用戶可以透過我們的網站、電子郵件或電話等方式與 D-Link 台灣地區技術支援工程師聯絡。 D-Link 免付費技術諮詢專線 0800-002-615 手機付費電話 (02)6600-0123#8715 服務時間：週一至週五，早上 9:00 到晚上 9:00 週六日及國定假日(不含農曆春節) 早上10:00到晚上7:00 站： http://www.dlink.com.tw 網電子郵件： dssqa_service@dlink.com.tw 如果您是台灣地區以外的用戶，請參考D-Link網站，全球各地分公司的聯絡資訊以取得相關支援服務。產品保固期限、台灣區維修據點查詢，請參考以下網頁說明： http://www.dlink.com.tw 產品維修：使用者可直接送至全省聯強直營維修站或請洽您的原購買經銷商。...
Page 752 Pelanggan Indonesia Update perangkat lunak dan dokumentasi pengguna dapat diperoleh pada situs web D-Link. Dukungan Teknis untuk pelanggan: Tel: +62-21-5731610 Dukungan Teknis D-Link melalui Internet: Email : support@dlink.co.id Website : http://support.dlink.co.id 日本のお客様この度は弊社製品をお買い上げいただき、誠にありがとうございます。製品に同梱されている保証書の購入元にお問い合わせください。中國客戶技術支持中心電話： 400-629-6688 技術支持中心郵箱： dlink400@cn.dlink.com 各地維修中心地址請登陸官方網站查詢...
Page 753: Registration Card All Countries And Regions Excluding Usa
8. What category best describes your company? Aerospace Engineering Education Finance Hospital Legal Insurance/Real Estate Manufacturing Retail/Chain store/Wholesale Government Transportation/Utilities/Communication System house/company Other________________________________ 9. Would you recommend your D-Link product to a friend? Don't know yet 10.Your comments on this product? __________________________________________________________________________________________ __________________________________________________________________________________________...

This manual is also suitable for:

Dwl-8610ap Dwl-6600ap Dwl-3600ap Dwl-6700ap Dwl-6610ap Dwl-2600ap

D-Link DWL-8600AP User Manual

About this Document

Section 1: Getting Started

Connecting the Switch to the Network

Booting the Switch

Understanding the User Interfaces

Section 2: System Administration

System Description

Switch Configuration

Card Configuration

Viewing Inventory Information

Poe Status

Serial Port

IP Address

Network DHCP Client Options

HTTP Configuration

User Accounts

Authentication List Configuration

Authentication List Summary

Login Session

User Login

Denial of Service Protection

Multiple Port Mirroring

Telnet Sessions

Outbound Telnet Client Configuration

Ping Test

Traceroute

Configuring SNTP Settings

Configuring and Viewing Device Port Information

Managing and Viewing Logs

Defining SNMP Parameters

Managing the DHCP Server

Configuring Time Ranges

Configuring DNS

Configuring and Viewing ISDP Information

Configuring Sflow

Viewing System Statistics

Section 3: Using System Tools

Reset Configuration to Defaults

Reset Passwords to Defaults

System Reset

Save All Applied Changes

Download File to Switch (TFTP)

HTTP File Download

Upload File from Switch (TFTP)

Multiple Image Service

Erase Startup-Config File

Autoinstall

Quick Links

User Manual

Related Manuals for D-Link DWL-8600AP

Summary of Contents for D-Link DWL-8600AP