D-Link 18 Switch User Manual


 
xStack
®
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Trusted Host
Use the Security IP Management to permit remote stations to manage the Switch. If one or more designated
management stations are defined by the user, only the chosen stations, as defined by IP address, will be allowed
management privilege through the Web manager, Telnet session, or SNMP manager. To define a management
station IP setting, type in the IP address with a proper subnet mask and click the Add button.
To view this window, click Security > Trusted Host:
Figure 5 - 3. Trusted Host window
To delete an entry, click the corresponding Delete button. To delete all the entries on the Trusted Host Table, click the
Delete All button.
IP-MAC-Port Binding
The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these
two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC-port
binding is to restrict access to the Switch to a number of authorized users. Only authorized clients can access the
Switch’s port by checking the pair of IP-MAC addresses with the pre-configured database. If an unauthorized user
tries to access an IP-MAC-port binding enabled port, the system will block the access by dropping its packet. The
maximum number of IP-MAC-port binding entries is dependant on chip capability (e.g. the ARP table size) and
storage size of the device. Active and inactive entries use the same database. The maximum entry number is 500.
The creation of authorized users can be manually configured by CLI or Web. The function is port-based, meaning a
user can enable or disable the function on the individual port.
IMP Binding Global Settings
This window is used to enable or disable the Trap Log State and DHCP Snoop state on the Switch. The Trap/Log field
will enable and disable the sending of trap log messages for IP-MAC-port binding. When enabled, the Switch will send
a trap message to the SNMP agent and the Switch log when an ARP packet is received that doesn’t match the IP-
MAC-port binding configuration set on the Switch.
To view this window click, Security > IP-MAC-Port Binding > IMP Binding Global Settings:
Figure 5 - 4. IMP Binding Global Settings window
The following parameters can be set:
Parameter Description
Trap / Log
This field will enable and disable the sending of trap log messages for IP-MAC-port binding.
When Enabled, the Switch will send a trap log message to the SNMP agent and the Switch
log when an ARP packet is received that doesn’t match the IP-MAC-port binding
configuration set on the Switch.
117