DGS-3120_Series_FW_R2.00_HW_Installation_Guide

xStack

®

DGS-3120 Series Managed Switch Hardware Installation Guide

Chapter 4 Introduction to Switch

Management

Management Options

Connecting the Console Port (RS-232 DCE/RJ-45)

First Time Connecting to the Switch

Password Protection

SNMP Settings

IP Address Assignment

Management Options

This system may be managed out-of-band through the console port on the front panel or in-band using Telnet. The user may also choose the Web-based management, accessible through a Web browser.

Web-based Management Interface

After successfully installing the Switch, the user can configure the Switch, monitor the LED panel, and display statistics graphically using a Web browser, such as Microsoft® Internet Explorer (version 5.5 and later), Netscape

(version 8 and later), Mozilla Firefox (version 2.0 and later), Safari (version 4.0 and later), and Google Chrome

(version 6.0 and later).

SNMP-based Management

The Switch can be managed with an SNMP-compatible console program. The Switch supports SNMP version 1.0, version 2.0 and version 3.0. The SNMP agent decodes the incoming SNMP messages and responds to requests with

MIB objects stored in the database. The SNMP agent updates the MIB objects to generate statistics and counters.

Command Line Interface through the Serial Port or remote Telnet

The user can also connect a computer or terminal to the serial console port to access the Switch. The command line interface provides complete access to all Switch management features.

Connecting the Console Port

The front panel of the Switch provides a port that enables a connection to a computer monitoring and configuring the

Switch. The console port is an RJ-45 port and requires a special cable that is included with the Switch, to establish the physical connection.

To use the console port, the following equipment is needed:

• A terminal or a computer with both an RS-232 serial port and the ability to emulate a terminal.

• A console cable with a male DB-9 connector on one end and an RJ-45 connection on the other. This cable should be included with the Switch. It establishes the physical connection to the console port.

To connect a terminal to the console port:

Connect the male DB-9 connector on the console cable (shipped with the Switch) to the RS-232 serial port on the computer running terminal emulation software then insert the RJ-45 connector into the RJ-45 console port on the front of the Switch. Set the terminal emulation software as follows:

• Select the appropriate serial port (COM port 1 or COM port 2).

• Set the data rate to 115200 baud.

• Set the data format to 8 data bits, 1 stop bit, and no parity.

• Set flow control to None.

24

xStack

®

DGS-3120 Series Managed Switch Hardware Installation Guide

• Under Properties, select VT100 for Emulation mode.

• Select Terminal keys for Function, Arrow and Ctrl keys. Make sure to use Terminal keys (not Windows keys) are selected.

NOTE: When using HyperTerminal with the Microsoft® Windows® 2000 operating system, ensure that

Windows 2000 Service Pack 2 or later is installed. Windows 2000 Service Pack 2 allows use of arrow keys in HyperTerminal's VT100 emulation. See www.microsoft.com for information on Windows 2000 service packs.

• After you have correctly set up the terminal, plug the power cable into the power receptacle on the back of the

Switch. The boot sequence appears in the terminal.

• After the boot sequence completes, the console login screen displays.

• If the user has not logged into the command line interface (CLI) program, press the Enter key at the User name and password prompts. There is no default user name and password for the Switch. The administrator must first create user names and passwords. If user accounts have been previously set up, log in and continue to configure the Switch.

• Enter the commands to complete desired tasks. Many commands require administrator-level access privileges. Read the next section for more information on setting up user accounts. See the DGS-3120 Series

CLI Reference Guide on the documentation CD for a list of all commands and additional information on using the CLI.

• To end a management session, use the logout command or close the emulator program.

If problems occur in making this connection on a PC, make sure the emulation is set to VT-100. The emulation settings can be configured by clicking on the File menu in the HyperTerminal window by clicking on Properties in the drop-down menu, and then clicking the Settings tab. This is where you will find the Emulation options. If you still do not see anything, try rebooting the Switch by disconnecting its power supply.

Once connected to the console, the screen on the next page will appear on the console. This is where the user will enter commands to perform all the available management functions. The Switch will prompt the user to enter a user name and a password. Upon the initial connection, there is no user name or password and therefore just press Enter twice to access the command line interface.

Boot Procedure V2.00.003

-------------------------------------------------------------------------------

Power On Self Test ........................................ 100 %

MAC Address : 00-01-02-03-04-00

H/W Version : A1

Please Wait, Loading V2.00.010 Runtime Image .............. 100 %

UART init ................................................. 100 %

Starting runtime image

Device Discovery .......................................... \

Figure 4- 1. Boot up display in console screen

25

xStack

®

DGS-3120 Series Managed Switch Hardware Installation Guide

First Time Connecting to the Switch

The Switch supports user-based security that can allow prevention of unauthorized users from accessing the Switch or changing its settings. This section tells how to log onto the Switch via out-of-band console connection or out-ofband Management port connection.

Upon initial connection to the Switch, the login screen appears (see example below).

DGS-3120-24TC Gigabit Ethernet Switch

Command Line Interface

Firmware: Build 2.00.010

Copyright(C) 2011 D-Link Corporation. All rights reserved.

UserName:

Figure 4- 2. Initial screen, first time connecting to the Switch

Press Enter in both the Username and Password fields. Then access will be given to enter commands after the command prompt DGS-3120-24TC:admin#

There is no initial username or password. Leave the Username and Password fields blank.

NOTE: The first user automatically gets Administrator level privileges. At least one Admin-level user account must be created for the Switch.

Password Protection

The Switch does not have a default user name and password. One of the first tasks when settings up the Switch is to create user accounts. Logging in using a predefined administrator-level user name will give the user privileged access to the Switch's management software.

After the initial login, define new passwords for both default user names to prevent unauthorized access to the Switch, and record the passwords for future reference.

To create an administrator-level account for the Switch, do the following:

1. At the CLI login prompt, enter create account admin followed by the <user name> and press the Enter key.

2. The Switch will then prompt the user to provide a password. Type the <password> used for the administrator account being created and press the Enter key.

3. Once entered, the Switch will again ask the user to enter the same password again to verify it. Type the same password and press the Enter key.

4. A “Success” response by the Switch will verify the creation of the new administrator.

NOTE: Passwords are case sensitive. User names and passwords can be up to 15 characters in length.

26

xStack

®

DGS-3120 Series Managed Switch Hardware Installation Guide

IP Address Assignment

An IP address must be assigned to each switch, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch's default IP address is 10.90.90.90. The user may change the default Switch IP address to meet the specification of your networking address scheme.

The Switch is also assigned a unique MAC address by the factory. This MAC address cannot be changed, and can be found by entering the command "show switch" into the command line interface.

The Switch's MAC address also appears in the Device Information and System Information windows of the Webbased management interface. The IP address for the Switch must be set before using the Web-based manager. The

Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the Switch must be known.

SNMP Settings

Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches and other network devices. Use SNMP to configure system features for proper operation, monitor performance and detect potential problems in the Switch, switch group or network.

Managed devices that support SNMP include software (referred to as an agent), which runs locally on the device. A defined set of variables (managed objects) is maintained by the SNMP agent and used to manage the device. These objects are defined in a Management Information Base (MIB), which provides a standard presentation of the information controlled by the on-board SNMP agent. SNMP defines both the format of the MIB specifications and the protocol used to access this information over the network.

The Switch supports SNMP versions 1, 2c, and 3. The administrator may specify which version of SNMP to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.

In SNMP v1 and v2, user authentication is accomplished using 'community strings', which function like passwords.

The remote user SNMP application and the Switch SNMP must use the same community string. SNMP packets from any station that has not been authenticated are ignored (dropped).

The default community strings for the Switch used for SNMP v1 and v2 management access are:

• public - Allows authorized management stations to retrieve MIB objects.

• private - Allows authorized management stations to retrieve and modify MIB objects.

SNMP v3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager.

The Switch allows groups of users to be listed and configured with a shared set of privileges. The SNMP version may also be set for a listed group of SNMP managers. Thus, a group of SNMP managers can be created to view read-only information or receive traps using SNMP v1 while assigning a higher level of security to another group, granting read/write privileges using SNMP v3.

Using SNMP v3 individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions. The functions allowed or restricted are defined using the Object

Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMP v3 in that SNMP messages may be encrypted. To read more about how to configure SNMP v3 settings for the Switch read the section entitled Management.

27

xStack

®

DGS-3120 Series Managed Switch Hardware Installation Guide

Traps

Traps are messages that alert network personnel of events that occur on the Switch. The events can be as serious as a reboot (someone accidentally turned OFF the Switch), or less serious like a port status change. The Switch generates traps and sends them to the trap recipient (or network manager). Typical traps include trap messages for

Authentication Failure, Topology Change and Broadcast/Multicast Storm.

MIBs

The Switch in the Management Information Base (MIB) stores management and counter information. The Switch uses the standard MIB-II Management Information Base module. Consequently, values for MIB objects can be retrieved from any SNMP-based network management software. In addition to the standard MIB-II, the Switch also supports its own proprietary enterprise MIB as an extended Management Information Base. The proprietary MIB may also be retrieved by specifying the MIB Object Identifier. MIB values can be either read-only or read-write.

28