#-------------------------------------------------------------------------------
#                      DGS-3426P Gigabit Ethernet Switch
#                                Configuration
#
#                           Firmware: Build 1.20-B29
#        Copyright(C) 2004-2007 D-Link Corporation. All rights reserved.
#-------------------------------------------------------------------------------
 

# STACK


# BASIC

config serial_port auto_logout 10_minutes
disable telnet
enable web 80
enable clipaging

# STORM


config traffic control  1-26 broadcast disable multicast disable dlf disable action drop threshold 131072 countdown 0 time_interval 5

# GM

config sim candidate
disable sim
config sim dp_interval 30
config sim hold_time 100

# SYSLOG

disable syslog
config system_severity log information
config system_severity trap information

# QOS

config scheduling_mechanism strict
config scheduling 0 max_packet 1
config scheduling 1 max_packet 2

config scheduling 3 max_packet 4
config scheduling 4 max_packet 5
config scheduling 5 max_packet 6
config scheduling 6 max_packet 7
config 802.1p user_priority 0  2
config 802.1p user_priority 1  0
config 802.1p user_priority 2  1
config 802.1p user_priority 3  3
config 802.1p user_priority 4  4
config 802.1p user_priority 5  5
config 802.1p user_priority 6  6
config 802.1p user_priority 7  6
enable hol_prevention
config 802.1p default_priority 1-26 0
config bandwidth_control 1-26 rx_rate no_limit tx_rate no_limit

# MIRROR

disable mirror

# TRAF-SEGMENTATION

config traffic_segmentation 1-26 forward_list all

# SSL

disable ssl 
enable ssl ciphersuite RSA_with_RC4_128_MD5 
enable ssl ciphersuite RSA_with_3DES_EDE_CBC_SHA 
enable ssl ciphersuite DHE_DSS_with_3DES_EDE_CBC_SHA 
enable ssl ciphersuite RSA_EXPORT_with_RC4_40_MD5 
config ssl cachetimeout 600 

# PORT

disable jumbo_frame
config ports 1-20,25-26 speed auto flow_control disable learning enable state enable
config ports 21-24 medium_type copper speed auto flow_control disable learning enable state enable
config ports 21-24 medium_type fiber speed auto flow_control disable learning enable state enable



config poe system power_limit 370 power_disconnect_method deny_next_port

config poe port 1 state enable priority low  power_limit user_define 15400
config poe port 2 state enable priority low  power_limit user_define 15400
config poe port 3 state enable priority low  power_limit user_define 15400
config poe port 4 state enable priority low  power_limit user_define 15400
config poe port 5 state enable priority low  power_limit user_define 15400
config poe port 6 state enable priority low  power_limit user_define 15400
config poe port 7 state enable priority low  power_limit user_define 15400
config poe port 8 state enable priority low  power_limit user_define 15400
config poe port 9 state enable priority low  power_limit user_define 15400
config poe port 10 state enable priority low  power_limit user_define 15400
config poe port 11 state enable priority low  power_limit user_define 15400
config poe port 12 state enable priority low  power_limit user_define 15400
config poe port 13 state enable priority low  power_limit user_define 15400
config poe port 14 state enable priority low  power_limit user_define 15400
config poe port 15 state enable priority low  power_limit user_define 15400
config poe port 16 state enable priority low  power_limit user_define 15400
config poe port 17 state enable priority low  power_limit user_define 15400
config poe port 18 state enable priority low  power_limit user_define 15400

config poe port 20 state enable priority low  power_limit user_define 15400
config poe port 21 state enable priority low  power_limit user_define 15400
config poe port 22 state enable priority low  power_limit user_define 15400
config poe port 23 state enable priority low  power_limit user_define 15400
config poe port 24 state enable priority low  power_limit user_define 15400

# PORT_LOCK

config port_security ports 1-26 admin_state disable max_learning_addr 1 lock_address_mode DeleteOnReset

# ADDRBIND

config address_binding ip_mac ports 1-26 state disable

# SNMPv3

delete snmp community public
delete snmp community private
delete snmp user initial
delete snmp group initial

delete snmp view CommunityView all
config snmp engineID 800000ab0300179ac04d05
create snmp view restricted 1.3.6.1.2.1.1 view_type included
create snmp view restricted 1.3.6.1.2.1.11 view_type included
create snmp view restricted 1.3.6.1.6.3.10.2.1 view_type included
create snmp view restricted 1.3.6.1.6.3.11.2.1 view_type included
create snmp view restricted 1.3.6.1.6.3.15.1.1 view_type included
create snmp view CommunityView 1 view_type included
create snmp view CommunityView 1.3.6.1.6.3 view_type excluded
create snmp view CommunityView 1.3.6.1.6.3.1 view_type included
create snmp group public v1 read_view CommunityView notify_view CommunityView 
create snmp group public v2c read_view CommunityView notify_view CommunityView 
create snmp group initial v3  noauth_nopriv read_view restricted notify_view restricted 
create snmp group private v1 read_view CommunityView write_view CommunityView notify_view CommunityView 
create snmp group private v2c read_view CommunityView write_view CommunityView notify_view CommunityView 
create snmp group ReadGroup v1 read_view CommunityView notify_view CommunityView 

create snmp group WriteGroup v1 read_view CommunityView write_view CommunityView notify_view CommunityView 
create snmp group WriteGroup v2c read_view CommunityView write_view CommunityView notify_view CommunityView 
create snmp community private view CommunityView read_write
create snmp community public view CommunityView read_only
create snmp user initial initial 

# MANAGEMENT

enable snmp traps 
enable snmp authenticate_traps 
config snmp system_name coresw
disable rmon 

# VLAN

config vlan default delete 1-26
config vlan default add untagged 14-26
config vlan default advertisement enable

config vlan Telenor add tagged 13-26 advertisement disable
create vlan Klientnett tag 10
config vlan Klientnett add tagged 14-26
config vlan Klientnett add untagged 1-12 advertisement disable
create vlan Organizers tag 11
config vlan Organizers add tagged 14-26 advertisement disable
create vlan Stream tag 12
config vlan Stream add tagged 14-26
config vlan Stream add untagged 13 advertisement disable
disable gvrp
config gvrp 1-12 state disable ingress_checking enable acceptable_frame admit_all pvid 10
config gvrp 13 state disable ingress_checking enable acceptable_frame admit_all pvid 12
config gvrp 14-26 state disable ingress_checking enable acceptable_frame admit_all pvid 1

# 8021X

disable 802.1x
config 802.1x auth_protocol radius_eap

config 802.1x auth_parameter ports 1-26 direction both port_control auto quiet_period 60 tx_period 30 supp_timeout 30 server_timeout 30 max_req 2 reauth_period 3600 enable_reauth disable

# FDB

config fdb aging_time 300
config multicast filtering_mode default forward_unregistered_groups
config multicast filtering_mode Telenor forward_unregistered_groups
config multicast filtering_mode Klientnett forward_unregistered_groups
config multicast filtering_mode Organizers forward_unregistered_groups
config multicast filtering_mode Stream forward_unregistered_groups

# MAC_ADDRESS_TABLE_NOTIFICATION

disable mac_notification
config mac_notification interval 1 historysize 1
config mac_notification ports 1-26 disable

# STP


 config stp maxage 20 maxhops 20 forwarddelay 15 txholdcount 3 fbpdu enable hellotime 2 lbd enable lbd_recover_timer 60
 config stp priority 32768 instance_id 0 
 config stp mst_config_id name 00:17:9A:C0:4D:05 revision_level 0
 disable stp
 config stp ports 1-26 externalCost auto  edge false p2p auto state enable lbd disable
 config stp mst_ports 1-26 instance_id 0 internalCost auto priority 128

# SAFEGUARD_ENGINE

config safeguard_engine state disable utilization rising 30 falling 20 trap_log disable mode fuzzy

# BANNER_PROMP

config command_prompt default
config greeting_message default

# SSH


 config ssh algorithm AES128 enable
 config ssh algorithm AES192 enable
 config ssh algorithm AES256 enable
 config ssh algorithm arcfour enable
 config ssh algorithm blowfish enable
 config ssh algorithm cast128 enable
 config ssh algorithm twofish128 enable
 config ssh algorithm twofish192 enable
 config ssh algorithm twofish256 enable
 config ssh algorithm MD5 enable
 config ssh algorithm SHA1 enable
 config ssh algorithm RSA enable
 config ssh algorithm DSA enable
 config ssh authmode password enable
 config ssh authmode publickey enable
 config ssh authmode hostbased enable
 config ssh server maxsession 8
 config ssh server contimeout 120
 config ssh server authfail 2
 config ssh server rekey never
 config ssh user admin authmode password


# TR


# ACL

disable cpu_interface_filtering 

# SNTP

disable sntp
config time_zone operator + hour 0 min 0
config sntp primary 0.0.0.0 secondary 0.0.0.0 poll-interval 720
config dst disable

# LACP

config link_aggregation algorithm mac_source
config lacp_port 1-26 mode passive

# IP

config ipif System vlan Klientnett ipaddress 193.35.53.4/24 state enable
disable autoconfig 

# SNOOP

config igmp_snooping vlan default host_timeout 260 router_timeout 260 leave_timer 2 state disable fast_leave disable
config igmp_snooping querier vlan default query_interval 125 max_response_time 10 robustness_variable 2 last_member_query_interval 1 state disable
config igmp_snooping vlan Telenor host_timeout 260 router_timeout 260 leave_timer 2 state disable fast_leave disable
config igmp_snooping querier vlan Telenor query_interval 125 max_response_time 10 robustness_variable 2 last_member_query_interval 1 state disable
config igmp_snooping vlan Klientnett host_timeout 260 router_timeout 260 leave_timer 2 state disable fast_leave disable
config igmp_snooping querier vlan Klientnett query_interval 125 max_response_time 10 robustness_variable 2 last_member_query_interval 1 state disable
config igmp_snooping vlan Organizers host_timeout 260 router_timeout 260 leave_timer 2 state disable fast_leave disable
config igmp_snooping querier vlan Organizers query_interval 125 max_response_time 10 robustness_variable 2 last_member_query_interval 1 state disable

config igmp_snooping querier vlan Stream query_interval 125 max_response_time 10 robustness_variable 2 last_member_query_interval 1 state disable

# MLDSNP

config mld_snooping vlan default node_timeout 260 router_timeout 260 done_timer 2 state disable fast_done disable
config mld_snooping querier vlan default query_interval 125 max_response_time 10 robustness_variable 2 last_listener_query_interval 1 state disable
config mld_snooping vlan Telenor node_timeout 260 router_timeout 260 done_timer 2 state disable fast_done disable
config mld_snooping querier vlan Telenor query_interval 125 max_response_time 10 robustness_variable 2 last_listener_query_interval 1 state disable
config mld_snooping vlan Klientnett node_timeout 260 router_timeout 260 done_timer 2 state disable fast_done disable
config mld_snooping querier vlan Klientnett query_interval 125 max_response_time 10 robustness_variable 2 last_listener_query_interval 1 state disable
config mld_snooping vlan Organizers node_timeout 260 router_timeout 260 done_timer 2 state disable fast_done disable

config mld_snooping vlan Stream node_timeout 260 router_timeout 260 done_timer 2 state disable fast_done disable
config mld_snooping querier vlan Stream query_interval 125 max_response_time 10 robustness_variable 2 last_listener_query_interval 1 state disable

# ACCESS_AUTHENTICATION_CONTROL

config authen_login default method local
config authen_enable default method  local_enable
config authen application console login default
config authen application console enable default
config authen application telnet login default
config authen application telnet enable default
config authen application ssh login default
config authen application ssh enable default
config authen application http login default
config authen application http enable default
config authen parameter response_timeout 30
config authen parameter attempt 3
disable authen_policy

# ARP

config arp_aging time 20

# ROUTE


#-------------------------------------------------------------------
#             End of configuration file for DGS-3426P
#-------------------------------------------------------------------
