Allied Telesis AT-GS950/48 User Manual Download Page 304 | Manualshive

Page: 304 / 410

background image

Chapter 22: DHCP Snooping

304

Overview

The DHCP Snooping feature provides security by inspecting ingress
packets for the correct IP and MAC address information. The DHCP
Snooping feature defines the AT-GS950/48 ports as either trusted or
untrusted. With DHCP Snooping enabled, two network security issues are
addressed:



All ingress DHCP packets are examined on the
untrusted ports and only authorized packets are
passed through the switch. Unwanted ingress DHCP
packets are discarded. See "Unauthorized DHCP
Servers" below.



DHCP ingress packets on an untrusted port are
inspected to insure that the source IP Address and
MAC Address combination in each packet is valid
when compared to the DHCP Snooping Binding Table.
If a match is not found, the packet is discarded.

Trusted Ports

By definition, trusted ports inherently trust all ingress Ethernet traffic.
There is no checking or testing on ingress packets for this type of port. A
trusted port connects to a DHCP server in one of the following ways:



Directly to the legitimate trusted DHCP Server



A network device relaying DHCP messages to and
from a trusted server



Another trusted source such as a switch with DHCP
Snooping enabled

Untrusted Ports

The Ethernet traffic on an untrusted port is inherently not trusted. The
ingress packets are consequently tested against specific criteria to
determine if they can be forwarded through the switch or should be
immediately discarded. Untrusted ports are connected to DHCP clients
and to traffic that originates outside of the LAN.

Unauthorized

DHCP Servers

Normally in a network, a single DHCP server exists in a local area network
(LAN). The DHCP server supplies network configuration information to
individual devices on the network, including the assigned IP address for
each host. A trusted DHCP server is connected to a trusted port on the
switch.

It is possible that another unauthorized and unwanted DHCP server could
be connected to the network. This situation can occur if a client on the
network happens to enable a DHCP server application on his workstation
or if someone outside the network attempts to send DHCP packets to your
network. These situations pose a security risk.

«
...
302
303
304
305
306
...
»

Summary of Contents for AT-GS950/48

Page 1: ...613 001806 Rev C AT GS950 48 Gigabit Ethernet Switch AT GS950 48 Web Interface User Guide AT S116 Version 2 0 0 1 00 016...

Page 2: ...espective owners Allied Telesis Inc reserves the right to make changes in specifications and other information contained in this document without prior written notice The information provided herein i...

Page 3: ...bor List 36 Delete an IPv6 Neighbor Entry 37 Find an IPv6 Neighbor 37 IP Access List Configuration 40 Create an IP Access List 40 Delete an IP Address List Entry 41 User Name and Password Configuratio...

Page 4: ...l 94 Create VLAN Mapping to MST Instance 95 Modify MST Instance 95 Delete MST Instance 95 MST Port Settings 96 Instance Information 98 Chapter 6 Static Port Trunking 99 Overview 100 Create a Port Trun...

Page 5: ...ete a Tagged VLAN 171 Tagged VLAN Port Settings 172 Port Based VLAN Configuration 174 Create a Port Based VLAN 174 Modify a Port Based VLAN 175 Delete a Port Based VLAN 176 Select MAC Address Forwardi...

Page 6: ...Entry 223 Chapter 17 SNMPv3 225 Overview 226 SNMPv3 Authentication Protocols 226 SNMPv3 Privacy Protocol 227 SNMPv3 MIB Views 227 SNMPv3 Configuration Process 228 SNMPv3 User and Group Names 230 Crea...

Page 7: ...Delete OUI Setting 282 Chapter 21 Security 283 Port Access Control 284 Port Access Control Overview 284 Port Access Control Configuration 285 RADIUS Client 290 RADIUS Overview 290 General Guidelines 2...

Page 8: ...Updates 339 Overview 340 Upgrade Firmware Image via HTTP 341 Upgrade Firmware Image via TFTP 343 Download or Upload a Configuration File via HTTP 345 Configuration File Download 346 Configuration Fil...

Page 9: ...General Guidelines 379 VLAN and MSTI Associations 380 Ports in Multiple MSTIs 381 Multiple Spanning Tree Regions 382 MST Region Guidelines 384 Common and Internal Spanning Tree CIST 385 MSTP with STP...

Page 10: ...Contents 10...

Page 11: ...25 Edge Port 77 Figure 26 STP and VLAN Fragmentation with Untagged Ports 79 Figure 27 STP and VLAN Compatibility with Tagged Ports 80 Figure 28 Spanning Tree Protocol Settings Page 81 Figure 29 Port S...

Page 12: ...MP User Group Page 215 Figure 78 SNMP User Group Page Example 216 Figure 79 Community Table Page 218 Figure 80 SNMP Community Table Page Example 219 Figure 81 Trap Management Page 221 Figure 82 Trap M...

Page 13: ...irmware Upgrade via HTTP Page 342 Figure 135 Firmware Upgrade via TFTP Page 344 Figure 136 Configuration File Backup Restore via HTTP Page 345 Figure 137 Save Configuration File Message 346 Figure 138...

Page 14: ...Figures 14...

Page 15: ...pings Priority Levels to Priority Queues 197 Table 4 Example of Weighted Round Robin Priority 199 Table 5 Traffic Comparison Options 328 Table 6 Historical Status Options 334 Table 7 MSTP Region 383 T...

Page 16: ...List of Tables 16...

Page 17: ...GS950 48 Gigabit Ethernet Switch The AT S116 Management software has a web browser interface that you can access from any management workstation on your network that has a web browser application This...

Page 18: ...tions Note Notes provide additional information Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data Warning Warnings inform you tha...

Page 19: ...n about RMAs and contact Allied Telesis technical experts USA and EMEA phone support Select the phone number that best fits your location and customer type Hardware warranty information Learn about Al...

Page 20: ...Preface 20...

Page 21: ...21 Section I Getting Started This section contains the following chapters Chapter 1 Starting a Web Browser Session on page 23 Chapter 2 System Configuration on page 29...

Page 22: ...22...

Page 23: ...tarting using and quitting a web browser management session on the AT GS950 48 switch This chapter includes the following sections Establishing a Remote Connection to the Web Browser Interface on page...

Page 24: ...ration on page 53 Whether you use the pre assigned IP address or assign a new one you must set your local PC to the same subnet as the switch To start a web browser management session perform the foll...

Page 25: ...assword refer to User Name and Password Configuration on page 42 Figure 3 AT GS950 48 Switch Information Page The main menu appears on the left side and is common for all of the management pages discu...

Page 26: ...at have a link to an end node Ports without a link are grey To view the status of the ports for an MSTP instance select the instance from the MST Instance ID drop down menu The AT GS950 48 switch fron...

Page 27: ...b Browser Tools You can use the web browser tools to move around the management pages Selecting Back on your browser s toolbar returns you to the previous display You can also use the browser s Bookma...

Page 28: ...Chapter 1 Starting a Web Browser Session 28 Quitting a Web Browser Management Session To exit a web browser management session close the web browser...

Page 29: ...onfiguration on page 36 IP Access List Configuration on page 40 User Name and Password Configuration on page 42 User Interface Configuration on page 45 System Time on page 47 SSL Settings on page 50 D...

Page 30: ...an also help to avoid performing a configuration procedure on the wrong switch To set a switch s administration information perform the following procedure 1 From the main menu on the left side of the...

Page 31: ...ystem Contact Specifies the name of the network administrator responsible for managing the switch This contact name is optional and may contain up to 30 characters 4 Click Apply 5 From the main menu o...

Page 32: ...DHCP Client Configuration on page 53 To change the switch s IPv4 configuration perform the following procedure 1 From the main menu on the left side of the page click the System folder The System fold...

Page 33: ...dress System Subnet Mask and System Default Gateway parameters because these parameters are automatically retrieved by the DHCP or BootP server For information about setting the DHCP mode refer to DHC...

Page 34: ...enu on the left side of the page click the System folder The System folder expands 2 From the System folder select IPv6 System Settings The IPv6 System Settings Page is displayed See Figure 7 Figure 7...

Page 35: ...hange this parameter 6 Click Apply 7 To change the Neighbor Solicitation NS retransmit time enter the new time in the field next to NS Retransmit Time The range is from 1 to 3600 seconds 8 Change the...

Page 36: ...te a list of IPv6 neighbors perform the following procedure 1 From the main menu on the left side of the page click the System folder The System folder expands 2 From the System folder select IPv6 Nei...

Page 37: ...u want to remove The IP address is removed from the list You can also delete multiple entries by using the top row of the table To delete all entries select All from the drop down menu under State the...

Page 38: ...isk in the Link Layer MAC Address field The asterisk serves as a wildcard character See Figure 10 for an example Figure 10 Example Search with Neighbor IPv6 Address Or Type an asterisk in the Neighbor...

Page 39: ...om the drop down menu under State To find all dynamic IPv6 neighbors type asterisks in the Neighbor IPv6 Address and Link Layer MAC Address fields then select Dynamic from the drop down menu under Sta...

Page 40: ...st See the following sections Create an IP Access List Delete an IP Address List Entry on page 41 Note To modify an IP address that has already been created it must first be deleted and then re create...

Page 41: ...ion allows unrestricted access to the AT S116 management software 6 Click Apply Access to the management software is now restricted to those IP addresses listed in the IP Access List table 7 From the...

Page 42: ...me and Password is manager and friend both without the quotes To configure new User Name and Password information perform the following procedure 1 From the main menu on the left side of the page clic...

Page 43: ...lash to permanently save your changes Modify User Name and Password To modify a user name password perform the following procedure 1 From the main menu on the left side of the page click the System fo...

Page 44: ...Delete User Name and Password To delete a user name that you have previously added perform the following procedure 1 From the main menu on the left side of the page click the System folder The System...

Page 45: ...led SNMP Interface To enable or disable the AT GS950 48 SNMP interface perform the following procedure 1 From the main menu on the left side of the page click the System folder The System folder expan...

Page 46: ...7 on page 45 3 Refer to the bottom portion of the web page Enter the Web Idle Timeout parameter The range is from 3 to 60 minutes 4 From the main menu on the left side of the page select Save Settings...

Page 47: ...e following sections Manually Setting System Time Setting SNTP on page 48 Setting Daylight Savings Parameters on page 49 Manually Setting System Time To set the system time manually perform the follow...

Page 48: ...om the System folder select System Time The System Time Page is displayed See Figure 18 on page 47 3 Use the pull down menu to set the Clock Mode parameter to SNTP 4 Enter the IPv4 or IPv6 address of...

Page 49: ...Figure 18 on page 47 3 In the Daylight Savings Time Status field select Enabled 4 Specify the Month Day Hour and Minute when Daylight Savings will take effect in the From time fields 5 Specify the Mo...

Page 50: ...urity risks and web sessions conducted in the non secure HTTP mode are vulnerable to security issues because the packets are sent in clear text Web browser management sessions that use the secure HTTP...

Page 51: ...ust log into the switch s management using the HTTPS mode on your browser Disabled The secure SSL mode is inactive You must log into the switch s management using the HTTP mode on your browser 4 Click...

Page 52: ...r When the DHCP feature is enabled a DHCP server automatically assigns an IP address which is not advertised over the network As a consequence you do not know the IP address that has been assigned to...

Page 53: ...r more information After you enable DHCP your current management session ends because a different IP address is assigned to the switch by the DHCP server The new IP address can be discovered using the...

Page 54: ...then save your configuration you are saving the DHCP setting The next time the switch boots up it will use the DHCP process to establish the IP address used to manage the AT GS950 48 switch If you en...

Page 55: ...ction to the Web Browser Interface on page 24 6 Save your new settings or any changes to the configuration file by selecting Save Settings to Flash from the main menu on the left side of the page to p...

Page 56: ...he page click the System folder The System folder expands 2 From the System folder select System The DHCP Auto Configuration Settings Page is shown in Figure 20 Figure 20 DHCP Auto Configuration Setti...

Page 57: ...edure 1 From the main menu on the left side of the page select Switch Info The Switch Information Page is displayed See Figure 21 Figure 21 AT GS950 48 Switch Information Page The Switch Information P...

Page 58: ...This parameter displays the system IP address Refer to Configuration of IPv4 Address Subnet Mask and Gateway Address on page 32 to manually assign an IP address or DHCP Client Configuration on page 5...

Page 59: ...nk local address Automatic Network Features Section IPv4 DHCP Client Mode This parameter displays the status of the DHCP client on the switch For information about setting this parameter refer to DHCP...

Page 60: ...vide vital information about system activity that can help in the identification and solutions of system problems To configure the System log perform the following procedure 1 From the main menu on th...

Page 61: ...xx xxx xxx xxx If the address is left at the default setting of 0 0 0 0 no server is specified IPv6 addresses Click IPv6 then enter the address The format is xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxx in...

Page 62: ...Chapter 2 System Configuration 62...

Page 63: ...87 Chapter 6 Static Port Trunking on page 99 Chapter 7 LACP Port Trunks on page 109 Chapter 8 Port Mirroring on page 119 Chapter 9 Loopback Protection on page 125 Chapter 10 MAC Address Table on page...

Page 64: ...64...

Page 65: ...e that explains how to view and change the port settings This chapter includes the following sections Overview on page 66 Displaying and Configuring Ports on page 67 Note To permanently save your new...

Page 66: ...cs of an AT GS950 48 switch You can display and modify the settings of all the ports on one web page The port characteristics that are displayed are Trunk Group Number Port type Link Status Admin Stat...

Page 67: ...e adjustable The parameters are defined as follows Port Specifies the port number The All value indicates all ports on the AT GS950 48 switch You cannot change this parameter Note You can use the All...

Page 68: ...le the port to resume normal operation after the problem has been fixed You can also disable an unused port to secure it from unauthorized connections The possible values are Ignore This parameter app...

Page 69: ...tiation mode 1000 Full This parameter indicates the port is configured for 1000Mbps operation in full duplex mode 100 Full This parameter indicates the port is configured for 100Mbps operation in full...

Page 70: ...that the All setting does not apply to the EAP Pass field In other words each port is set individually Enabled This parameter indicates that the port is able to send and receive EAP packets Disabled T...

Page 71: ...sections in the chapter include Overview on page 72 STP and RSTP Global Settings on page 81 STP and RSTP Port Settings on page 84 For detailed information about STP refer to IEEE Std 802 1D For detail...

Page 72: ...ath in case a main link fails Where the two protocols differ is in the time each takes to complete the process referred to as convergence With the convergence process when a change is made to the netw...

Page 73: ...rity number the one with the lowest MAC address is designated as the root bridge You can change the bridge priority number in the AT S116 Management software You can designate which switch on your net...

Page 74: ...o a blocking state Path cost is determined by evaluating port costs Every port on a bridge participating in STP has a cost associated with it The cost of a port on a bridge is typically based on port...

Page 75: ...topology change is made before all bridges have been notified and that could adversely impact network performance To forestall the formation of temporary data loops during topology changes a port des...

Page 76: ...hether it has the lowest bridge priority number of all the bridges and should therefore become the root bridge The root bridge periodically transmits a BPDU to determine whether there have been any ch...

Page 77: ...An edge port on a bridge should not have any STP or RSTP devices connected to it either directly or through another device connected to that port In this configuration since the port has no STP or RS...

Page 78: ...his chapter If you choose to define multiple spanning trees on this switch go to Chapter 5 Multiple Spanning Tree Protocol on page 87 The single spanning tree encompasses all ports on the switch If th...

Page 79: ...e STP or RSTP enabled on your network If each port connecting the two bridges is a tagged member of all three VLANs then traffic for each of the VLANs can still flow through one of the data links if t...

Page 80: ...patibility with Tagged Ports Note For information about tagged and untagged ports refer to Chapter 13 VLAN Overview on page 158 T T T T T T Ports blocked by STP Blocked Data Links VLAN 1 3 VLAN 1 3 VL...

Page 81: ...procedure 1 From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select the Spanning Tree folder The Spanning Tree folder expands 3 From th...

Page 82: ...is used to determine the root bridge for RSTP The bridge with the lowest priority number is selected as the root bridge If two or more bridges have the same priority value that is the lowest value of...

Page 83: ...Root Cost The sum of all root port costs of all bridges between the switch s root port and the root bridge including the switch s root port cost Root Maximum Age The parameter displays the maximum amo...

Page 84: ...splays the following information about the ports Port Indicates the port numbers on the AT GS950 48 switch You can select the All row to apply the same setting to all ports of your switch STP Status I...

Page 85: ...tate Learning While the port does not yet forward frames packets in this state the port does learn source addresses from frames received and adds them to the filtering switching database Forwarding A...

Page 86: ...CN Applies only to MSTP For information on MSTP refer to Chapter 5 Multiple Spanning Tree Protocol on page 87 Migrate Clicking the Restart button under the Migrate field in the All row restarts the pr...

Page 87: ...verview and configuration guidelines for this feature in MSTP Overview on page 373 When you configure MSTP the information should be entered in order on the following web pages MSTP Global Settings on...

Page 88: ...lder expands 2 From the Bridge folder select the Spanning Tree folder The Spanning Tree folder expands 3 From the Spanning Tree folder select Protocol Settings The Spanning Tree Protocol Settings Page...

Page 89: ...u enable MSTP Refer to Displaying and Configuring Ports on page 67 Protocol Version Select MSTP Bridge Priority This parameter specifies the priority used in determining the regional root for a partic...

Page 90: ...entifier is used as a tie breaker in the selection of the root bridge when two or more bridges have the same bridge priority Root Cost The sum of all root port costs of all bridges between the switch...

Page 91: ...w of this page Figure 31 Port Settings Page You may choose a port and configure its MSTP parameters on this page The following information is displayed Port Indicates the port numbers on the AT GS950...

Page 92: ...continues to monitor the port for incoming BPDUs that indicate the port should return to the blocking state to prevent a loop Disabled This state is not strictly part of STP However a network adminis...

Page 93: ...DU packets Migrate A switch running MSTP supports a built in protocol migration mechanism that enables it to inter operate with legacy 802 1D switches Clicking the Restart button under the Migrate fie...

Page 94: ...m the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select the Spanning Tree folder The Spanning Tree folder expands 3 From the Spanning Tree...

Page 95: ...termines the regional root using the Priority drop down menu 4 Click Add The Instance ID and the Mapped VLAN or VLANs will be displayed in the table on the page 5 From the main menu on the left side o...

Page 96: ...eters on this page The following information is displayed Port You can select one of the ports on the AT GS950 48 switch using the Port drop down menu MSTI ID Indicates the MSTP Instance associated wi...

Page 97: ...used to communicate with the root bridge Disabled This switch can only operate with RSTP and MSTP packets 4 Once you have configured the parameters click Apply in the Action column 5 If you choose to...

Page 98: ...Page is displayed See Figure 34 Figure 34 Instance Information Page The following information displayed on this page shows the current status of each MST instance MSTI ID MST instance ID Internal Root...

Page 99: ...rview on page 100 Create a Port Trunk on page 103 Modify a Port Trunk on page 105 Disable a Port Trunk on page 107 Note For information about Link Aggregation Control Protocol LACP port trunking see C...

Page 100: ...insufficient to handle the traffic load A static port trunk consists of 2 or more ports on the switch that function as a single virtual link between the switch and another device A static port trunk...

Page 101: ...ng a static trunk Allied Telesis recommends setting static port trunks between Allied Telesis networking devices to ensure compatibility A static trunk can contain up to 10 ports The ports of a static...

Page 102: ...o be members of more than one VLAN The ports of a static trunk can be either untagged or untagged members of the same VLAN The switch selects a port in the trunk to handle broadcast packets and packet...

Page 103: ...to configuring the ports can create loops in your network topology Loops can result in broadcast storms which can severely limit the effective bandwidth of your network To create a port trunk perform...

Page 104: ...P Data Unit LACPDU packets This setting enables the LACP feature for the trunk Passive The specific aggregator will not broadcast LACPDU packets but it will respond to them This setting disables the L...

Page 105: ...unk Config folder expands 4 From the Trunk Config folder select Trunking The Trunking Page is shown in Figure 36 on page 103 5 Click the pull down menu of the port trunk you want to modify and change...

Page 106: ...atic Port Trunking 106 9 Configure the port trunk on the other switch with the same parameters 10 Connect the Ethernet cables between trunk ports on the AT GS950 48 switch and the trunk ports on the o...

Page 107: ...unk perform the following procedure 1 Disconnect all of the Ethernet cables from the ports of the trunk 2 Select the Bridge folder The Bridge folder expands 3 From the Bridge folder select the Trunk C...

Page 108: ...Chapter 6 Static Port Trunking 108...

Page 109: ...verview on page 110 System Priority on page 111 Port Priority Value on page 112 General Guidelines on page 113 Group Status on page 115 Port Priority Configuration on page 118 Note For information abo...

Page 110: ...ng ports 1 to 4 as the active ports and 9 as reserve If an active port loses its link the switch automatically activates one of the reserve ports to maintain maximum bandwidth of the trunk The main co...

Page 111: ...lem and deciding whose LACP settings take precedence This is the function of the system LACP priority value This value is used whenever the devices encounter a conflict creating a trunk the lower the...

Page 112: ...matically activated to take its place The selection of the active links in an aggregate trunk is dynamic and changes as links are added removed lost or re established For example if an active port los...

Page 113: ...mple ports 2 4 6 8 A port can belong to only one aggregator at a time A port cannot be a member of an aggregator and a static trunk at the same time The ports of an aggregate trunk must be untagged me...

Page 114: ...n a trunk If the number is less than eight the maximum number for the AT GS950 48 switch you should assign the other vendor s device a higher system LACP priority than your AT GS950 48 switch This can...

Page 115: ...tus The LACP Group Status Page is displayed See Figure 37 for a partial view of this page Figure 37 LACP Group Status Page Note Go to Create a Port Trunk on page 103 to directly change the parameters...

Page 116: ...iguration is shown in Figure 38 before the Ethernet cables are connected Figure 38 LACP Group Status Page with No Cables Connected 2 Physically connect the network cables between the switch and a seco...

Page 117: ...8 Web Interface User Guide 117 Figure 39 LACP Group Status Page with Three Cables Connected You can now see that each port has been grouped under a single aggregator since the ports are now in a Link...

Page 118: ...r a partial view of this page Figure 40 AT GS950 48 Port Priority Page The System Priority is a preassigned value that you cannot alter This value applies to the switch See System Priority on page 111...

Page 119: ...gress and egress traffic on a port by having the traffic copied to another port This chapter contains the following sections Overview on page 120 Port Mirroring Configuration on page 121 Disable Port...

Page 120: ...mirroring port Observe the following guidelines when you create a port mirror You can select more than one source port at a time However the more ports you mirror the less likely the mirroring port i...

Page 121: ...eature and the rest of the configuration parameters become active on the page Disabled This parameter de activates the Port Mirroring feature and the rest of the configuration parameters become inacti...

Page 122: ...ring configuration is implemented immediately on the AT GS950 48 switch You can connect a data analyzer to the mirroring port to monitor the Ethernet traffic on the source port s 7 From the main menu...

Page 123: ...Mirroring The Mirroring page is shown in Figure 41 on page 121 3 Next to the Status field select Disabled and click Apply Port mirroring is immediately disabled on the switch and the parameters on th...

Page 124: ...Chapter 8 Port Mirroring 124...

Page 125: ...the same port are connected then this feature detects this condition and disables the port for a pre configured amount of time This chapter contains the following topics Configuration on page 126 Stat...

Page 126: ...opback Detection Page is displayed See Figure 42 for a partial view of this page Figure 42 AT GS950 48 Loopback Detection Page 3 For the Loopback Detection State field at the top of the page select on...

Page 127: ...arameters become active 6 In the table at the bottom of the page select one of the Loopback Detection State choices from the pull down menu Ignore This parameter indicates that the setting in the All...

Page 128: ...Rx pairs connected Disabled This status indicates that the port does not have the Tx to Rx pairs connected The Disabled state will be reset to Normal after two conditions are both met The loopback con...

Page 129: ...tic Unicast MAC Address Configuration on page 132 Modify Static Unicast Address on page 134 Delete Static Unicast Address on page 135 Static Multicast Address Configuration on page 136 Modify Static M...

Page 130: ...ains in the table indefinitely and is never deleted by the switch even when the end node is inactive You can only delete a static MAC address by manually configuring the switch with the AT S116 Manage...

Page 131: ...edefined within the network design and they will not change over time then they can be manually entered as static entries into the MAC address table This allows the multicast stream to be forwarded im...

Page 132: ...the 802 1Q VLAN parameter Port Based VLAN Configuration on page 174 regarding the Port Based VLAN parameter To add a static MAC address to the switch perform the following procedure 1 From the main m...

Page 133: ...ign the MAC address a Port Member by selecting the radio button beside the port number Note You can assign a maximum limit of 256 static unicast addresses on the switch 6 Click Apply The Static Unicas...

Page 134: ...age 132 3 Select Modify next to the static unicast MAC address that you want to change The Modify Static Unicast Address Page is displayed See Figure 45 Figure 45 Modify Static Unicast Address Page 4...

Page 135: ...able Page is displayed See Figure 43 on page 132 3 Select Delete next to the static unicast address that you want to remove The static unicast address is removed from the Static Unicast Address Table...

Page 136: ...ters see Tagged VLAN Configuration on page 166 regarding the 802 1Q VLAN parameter Port Based VLAN Configuration on page 174 regarding the Port Based VLAN parameter To add a static multicast MAC addre...

Page 137: ...button 4 In the Group MAC Address field enter a multicast MAC address The range is from 01 00 5E 00 01 00 to 01 00 5E 7F FF FF 5 Assign the MAC address a Group Member or members by selecting the chec...

Page 138: ...u enter on the Static Multicast Address Table Page are also displayed on the IGMP Snooping Page For more information see IGMP Snooping Configuration on page 144 7 From the main menu on the left side o...

Page 139: ...t Modify next to the static MAC address that you want to change The Modify Static Multicast Address Page is displayed See Figure 48 Figure 48 Modify Static Multicast Address Page 4 In the Group Member...

Page 140: ...e Page is displayed See Figure 47 on page 137 3 Select Delete next to the static multicast address that you want to remove The static multicast address is removed from the Static Multicast Address Tab...

Page 141: ...Snooping in the web interface The following topics are discussed Overview on page 142 IGMP Snooping Configuration on page 144 IGMP Snooping Router Port Modification on page 147 Note To permanently sav...

Page 142: ...uter ports where host nodes are located There are three versions of IGMP versions 1 2 and 3 One of the differences between the versions is how a host node signals that it no longer wants to be a membe...

Page 143: ...ch flooding of packets can negatively impact network performance The AT GS950 48 switch maintains a list of multicast groups through an adjustable time out value which controls how frequently it expec...

Page 144: ...cedure 1 From the main menu on the left side of the page select the Bridge folder The Bridge folder expands 2 From the Bridge folder select the IGMP Snooping folder 3 From the IGMP Snooping folder sel...

Page 145: ...le from 2 to 255 The robustness variable is an integer used during IGMP snooping calculations for IGMP messages to allow for expected packet loss 10 To set the Last Member Query Interval type the numb...

Page 146: ...Chapter 11 IGMP Snooping 146 Figure 50 IGMP Snooping Page with MAC Address 14 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Page 147: ...page select the Bridge folder The Bridge folder expands 2 From the Bridge folder select the IGMP Snooping folder 3 From the IGMP Snooping folder select IGMP Snooping Router Port The IGMP Snooping Rout...

Page 148: ...in the Static Router Port area Selected ports are indicated with a check mark To select all ports click the All button under Static Router Port Note To restore the original group member ports click Re...

Page 149: ...dth feature The following topics are discussed Overview on page 150 Configuration on page 152 Ingress Rate Limiting on page 154 Egress Rate Limiting on page 156 Note To permanently save your new setti...

Page 150: ...Lookup Failure DLF setting is concerned with comparing the destination MAC address of a packet received by the switch to the forwarding database When the AT GS950 48 switch receives a packet it scans...

Page 151: ...as follows Bandwidth 64Kbps x rate limit The rate limit parameter is an integer ranging from 1 to 15625 Egress Rate Limiting The Egress Rate Limiting feature restricts the traffic to a pre configured...

Page 152: ...folder select Storm Control The AT GS950 48 Storm Control page is displayed See Figure 53 for a partial view of this page Figure 53 AT GS950 48 Storm Control Page 4 To enable or disable the DLF field...

Page 153: ...o change You can select the All row to set all of the ports to the same setting The Ignore parameter indicates that the setting in the All row does not apply to the Multicast menu for individual ports...

Page 154: ...older select Bandwidth Control The Bandwidth Control folder expands 3 From the Bandwidth Control folder select Ingress Rate Limiting The AT GS950 48 Ingress Rate Limiting page is displayed See Figure...

Page 155: ...o the port that you want to change You can select the All row to set all of the ports to the same setting The Ignore parameter indicates that the setting in the All row does not apply to the Status me...

Page 156: ...ial view of this page Figure 55 AT GS950 48 Egress Rate Limiting Page To set the Bandwidth field enter a number in the range of 1 to 15625 You can select the All row to set all of the ports to the sam...

Page 157: ...iew on page 158 Assign Ports to a VLAN Mode on page 164 Tagged VLAN Configuration on page 166 Tagged VLAN Port Settings on page 172 Port Based VLAN Configuration on page 174 Select MAC Address Forward...

Page 158: ...s within the separate logical LAN segment of the VLAN The nodes of a VLAN receive traffic only from nodes of the same VLAN This reduces the need for nodes to handle traffic that is not destined for th...

Page 159: ...As explained in the VLAN Overview on page 158 a VLAN consists of a group of ports on an Ethernet switch that form an independent traffic domain This type of VLAN is independent of the header informati...

Page 160: ...st be assigned the same VLAN index Create up to 52 port based VLANs Tagged VLAN Overview The second type of VLAN supported by the AT S116 Management software is the tagged VLAN In this type of VLAN me...

Page 161: ...mbination of tagged and untagged ports in the same VLAN Note A port can also be dynamically assigned to a tagged VLAN within a voice VLAN configuration which is a special configuration of a tagged VLA...

Page 162: ...he same VLAN ID A tagged port can be a member of multiple VLANs The AT GS950 48 Gigabit Ethernet Switch can support up to 255 tagged VLANs per switch Private VLAN Overview Private VLANs create special...

Page 163: ...rt VLAN at a time The source port cannot be a static port trunk or an LACP trunk The source port is untagged It does not include tagged VLAN information in the packets that it forwards to forwarding p...

Page 164: ...tagged VLAN with a VLAN ID of 1 The default VLAN is permanent and must have at least one untagged port assigned to it at any time To assign ports to an 802 1Q Tagged VLAN or port based VLAN perform t...

Page 165: ...age 174 5 Click Apply 6 If you want to restore the port assignment before saving the configuration click Restore Note Once the VLAN assignment has been saved by clicking first on the Apply button and...

Page 166: ...f a specific tagged VLAN If it is it is eligible to be switched to other member ports of the same VLAN If it is determined that the frame s tag does not conform to the tagged VLAN the frame is discard...

Page 167: ...ed VLAN Page is displayed See Figure 57 for a partial view of this page Figure 57 AT GS950 48 Tagged VLAN Page 4 Assign a VLAN ID by entering a VLAN ID in the VLAN ID field The range for this field is...

Page 168: ...gn ports to the VLAN click on the port numbers labeled either Static Tagged or Static Untagged To assign all ports to the VLAN as Static Tagged click All under Static Tagged To assign all ports to the...

Page 169: ...169 Figure 58 Example of AT GS950 48 Tagged VLAN Page 4 In the VLAN Action column click Modify in the row of the VLAN that you want to change The Modify VLAN Page is displayed See Figure 59 A partial...

Page 170: ...is VLAN select one of the following choices from the pull down menu Enable This parameter enables Management VLAN on this VLAN Caution If you Disable the Management VLAN on a newly assigned VLAN and y...

Page 171: ...o delete a tagged VLAN perform the following procedure 1 From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select VLAN The VLAN folder ex...

Page 172: ...age Figure 60 AT GS950 48 VLAN Port Settings Page 4 For a selected port set the PVID field to an existing VLAN ID For an explanation of the PVID parameter see Port VLAN Identifier PVID on page 162 5 S...

Page 173: ...menu Enabled This enables ingress filtering at the selected port Disabled This disables ingress filtering at the selected port 7 Click Apply The port configuration becomes effective 8 If you need to...

Page 174: ...in the following sections Create a Port Based VLAN Modify a Port Based VLAN on page 175 Delete a Port Based VLAN on page 176 Create a Port Based VLAN To create a port based VLAN perform the following...

Page 175: ...to the VLAN click All under VLAN Member 7 Click Apply 8 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes Modify a Port Based VLAN To modif...

Page 176: ...save your changes Delete a Port Based VLAN To delete a port based VLAN perform the following procedure 1 From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From...

Page 177: ...From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select VLAN The VLAN folder expands 3 From the VLAN folder select Forwarding Table Mode...

Page 178: ...mic Forwarding Table The Dynamic Forwarding Table Page is shown in Figure 65 Figure 65 Dynamic Forwarding Table Page 4 To view all MAC addresses select All from the Port drop down menu To view MAC add...

Page 179: ...rned by the switch or assigned to the port Type Dynamic or Static Dynamic MAC address the switch learns automatically and is not stored indefinitely in the table Static MAC address assigned manually a...

Page 180: ...VLAN on page 182 For more information on Private VLANs refer to Private VLAN Overview on page 162 Enable or Disable Private VLAN To enable or disable private VLAN perform the following procedure 1 Fr...

Page 181: ...te VLANs must be Enabled before a specific Private VLAN can be created See Enable or Disable Private VLAN on page 180 1 From the main menu on the left side of the page select Bridge The Bridge folder...

Page 182: ...ee Figure 66 on page 181 for a partial view of this page 4 Use the Source Port drop down menu to select the source port of the private VLAN to be modified 5 Select the forwarding ports Click the check...

Page 183: ...de 183 6 Click the Apply button under the forwarding ports The modified private VLAN is deleted from the Port List table 7 From the main menu on the left side of the page select Save Settings to Flash...

Page 184: ...he Bridge folder select VLAN The VLAN folder expands 3 From the VLAN folder select VLAN Current Database See Figure 67 for an example of the VLAN Current Database page with VLAN configurations Figure...

Page 185: ...AT GS950 48 Web Interface User Guide 185 Port Based VLAN table VLAN Index VLAN ID numbers VLAN Name VLAN names VLAN Member VLAN untagged member ports...

Page 186: ...Chapter 13 Virtual LANs 186...

Page 187: ...187 Chapter 14 GVRP This chapter contains the following sections Overview and Guidelines on page 188 General Configuration on page 189 Port Settings on page 190 Time Settings on page 192...

Page 188: ...VLANs To be detected by GVRP a VLAN must have at least one active node or have at least one port with a valid link to an end node GVRP cannot detect a VLAN that does not have any active nodes or valid...

Page 189: ...the GVRP folder select GVRP Global Settings The GVRP Global Settings Page is displayed See Figure 68 Figure 68 GVRP Global Settings Page 4 From the GVRP Status field select one of the following choice...

Page 190: ...s are listed for each port Port This parameter displays the ports on the switch Dynamic Vlan Status This parameter defines the GVRP status of the port From the Dynamic Vlan Status field select one of...

Page 191: ...he Restricted VLAN Registration is activated for the port row selected Disabled The Restricted VLAN Registration is de activated for the port row selected 5 Once you have configured the parameters cli...

Page 192: ...yed See Figure 70 for a partial view of this page Figure 70 AT GS950 48 GVRP Time Settings Page Note The GARPLeaveTimer must be greater than GARPJoinTimer x2 10 and the GARPLeaveAllTimer must be great...

Page 193: ...elation to the GVRP Leave Timer according to the following equation GARPLeaveAllTimer GARPLeaveTimer 10 Note To ensure compatibility between network devices you must configure the same values for the...

Page 194: ...Chapter 14 GVRP 194...

Page 195: ...page 202 Associate DSCP Classes to Egress Queues on page 203 Queue Scheduling Algorithm on page 205 IPv6 Traffic Class Mapping on page 206 Note Before mapping the QoS Priorities and the egress queues...

Page 196: ...to manage the flow of traffic through a switch by having the switch ports give higher priority to some packets such as delay sensitive traffic over other packets This is referred to as prioritizing tr...

Page 197: ...r egress queues of a switch port You can change these mappings For example you might decide that packets with a priority of 6 and 7 need to be handled by egress queue Highest and packets with a priori...

Page 198: ...contain a priority level However the AT GS950 48 switch has a priority associated with each individual ingress port By default each port s priority is Low You can redefine this parameter as described...

Page 199: ...in Priority Scheduling The weighted round robin WRR scheduling method functions as its name implies The port transmits a set number of packets from each queue in a round robin fashion so that each has...

Page 200: ...arameter definition in Displaying and Configuring Ports on page 67 Note When Jumbo frames are enabled CoS cannot be enabled To configure CoS mapping perform the following procedure 1 From the main men...

Page 201: ...ck on the Queue Low Medium High Highest radio button that applies to your configuration 5 After you have completed this mapping process select Enable in the QoS Status field 6 Click Apply 7 From the m...

Page 202: ...s perform the following procedure 1 From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select QoS The QoS folder expands 3 From the QoS fo...

Page 203: ...es Low Highest The default queue for all DSCP values is Low To assign the queue mappings to the DSCP values perform the following procedure 1 From the main menu on the left side of the page select Bri...

Page 204: ...value that is relevant to your configuration select a queue Low Medium High Highest in the Queue column To set all queues in a Queue column to the same value use the Queue drop down menu in the first...

Page 205: ...igure 74 Figure 74 Scheduling Algorithm Page 4 In the Scheduling Algorithm list select one of the following algorithms Strict Priority The port transmits all packets out of higher priority queues befo...

Page 206: ...ach port See the Jumbo parameter definition in Displaying and Configuring Ports on page 67 Note When Jumbo frames are enabled IPv6 traffic class mapping cannot be enabled Enable or Disable IPv6 Traffi...

Page 207: ...Click Apply Create IPv6 Traffic Class Entries To create IPv6 traffic class priority entries perform the following procedure 1 Enter a value for the IPv6 packet header s 8 bit priority in the IPv6 Traf...

Page 208: ...select Bridge The Bridge folder expands 2 From the Bridge folder select QoS The QoS folder expands 3 From the QoS folder select IPv6 Traffic Class Priority Settings 4 Under the Action column click th...

Page 209: ...v2c on page 211 Chapter 17 SNMPv3 on page 225 Chapter 18 Access Control Configuration on page 243 Chapter 19 RMON on page 259 Chapter 20 Voice VLAN on page 273 Chapter 21 Security on page 283 Chapter...

Page 210: ...210...

Page 211: ...s SNMPv1 and SNMPv2c Overview on page 212 Trap Receiver Attributes on page 213 Activate SNMP Interface on page 214 SNMPv1 and SNMPv2c User and Group Names on page 215 SNMP Community Strings on page 21...

Page 212: ...nd loading new configurations via the agent in the managed equipment The NMS and agent communicate with each other using variables organized into pre defined hierarchies called Management Information...

Page 213: ...raps to monitor activities on the switch Trap receivers are the typically SNMP management stations that you want to receive the traps sent by the switch You specify a trap receiver by its IP address w...

Page 214: ...Chapter 16 SNMPv1 and v2c 214 Activate SNMP Interface The SNMP interface is activated by default If you want to de activate it or re activate it go to User Interface Configuration on page 45...

Page 215: ...string and what the string allows a network management station to do on the switch The AT S116 Management Software does not provide any default community strings You must first define an SNMP User and...

Page 216: ...ter a name up to 32 characters in length 5 Select either v1 or v2c as the SNMP Version Note The encrypted check box and Auth Protocol Priv Protocol and password fields are intended for SNMPv3 configur...

Page 217: ...s on page 215 Delete User and Group Names This procedure explains how to delete an entry on the SNMP User Group page 1 From the main menu on the left side of the page select the SNMP folder The SNMP f...

Page 218: ...wing sections to create modify and delete SNMP community strings Create SNMP Community Strings next Modify SNMP Community Strings on page 219 Delete SNMP Community Strings on page 219 Create SNMP Comm...

Page 219: ...Community Strings If you need to modify a Community Table entry you must first delete the entry by using the procedure below and then re enter it with the modification by creating a new Community tabl...

Page 220: ...Chapter 16 SNMPv1 and v2c 220 4 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Page 221: ...Table Entry next Modify a Trap Host Table Entry on page 222 Delete a Trap Host Table Entry on page 223 Create Trap Host Table Entry Use the following procedure to create a trap Host table entry 1 Fro...

Page 222: ...correlate with one of the communities displayed on the SNMP Community Table page See SNMP Community Strings on page 218 If you enter a Community Name that has not been pre defined the Trap Host entry...

Page 223: ...ands 2 From the SNMP folder select Trap Management 3 The Trap Management Page is displayed See Figure 81 on page 221 4 To delete an entry in the host table click Delete next to the entry in the table...

Page 224: ...Chapter 16 SNMPv1 and v2c 224...

Page 225: ...wing sections Overview on page 226 SNMPv3 User and Group Names on page 230 SNMPv3 View Names on page 233 SNMPv3 View Table on page 236 SNMPv3 Traps on page 239 SNMP Engine ID on page 240 Note To perma...

Page 226: ...ning which portions of the Management Information Bases MIB that can be viewed by specific users In this way you restrict which MIBs a user can display and modify In addition you can restrict the type...

Page 227: ...requires the authentication protocol to be configured as either MD5 or SHA If you assign a DES privacy protocol to a user then you are also required to assign a privacy password If you choose to not...

Page 228: ...subtree view and enables you to restrict an MIB view to a specific row of the OID MIB table You need a thorough understanding of the OID MIB table to define a subtree mask SNMPv3 Configuration Proces...

Page 229: ...r Guide 229 5 Finally the traps can be defined on the Trap Management page based on the Community or User Name See Figure 84 for an illustration of how the user configuration tables are linked Figure...

Page 230: ...The SNMP folder expands 2 From the SNMP folder select SNMP User Group The SNMP User Group page is displayed See Figure 77 on page 215 Note There are no default User Names or Group Names defined for S...

Page 231: ...set to DES and you must also specify an authentication protocol and password 10 Click Add The new User Name and Group Name are displayed on the SNMP User Group page See Figure 85 Figure 85 SNMP User...

Page 232: ...age select the SNMP folder The SNMP folder expands 2 From the SNMP folder select SNMP User Group The SNMP User Group Page is displayed See Figure 77 on page 215 3 In the Action column of the table cli...

Page 233: ...ting SNMPv3 View Names on page 235 Creating SNMPv3 View Names Before you can create an SNMPv3 View name you must define a Group Name using the SNMP User Group page See Creating SNMPv3 User and Group N...

Page 234: ...aracters in length 7 From the Security Model pull down menu select v3 8 Enter the Security Level from the pull down menu The selection options are NoAuthNoPriv This selection is appropriate when no Au...

Page 235: ...in this table see Creating SNMPv3 View Names on page 233 Deleting SNMPv3 View Names This procedure explains how to delete an entry on the SNMP Group Access Table page 1 From the main menu on the left...

Page 236: ...ections Creating SNMPv3 View Table Entries Modifying SNMPv3 View Table Entries on page 237 Deleting SNMPv3 View Table Entries on page 237 Creating SNMPv3 View Table Entries This procedure explains how...

Page 237: ...changes Modifying SNMPv3 View Table Entries If you need to modify an entry in the View Table page you must first delete the entry and then re enter it For information about how to delete an entry in...

Page 238: ...ote The views corresponding to the ReadOnly and ReadWrite Group Names are default values and cannot be removed 3 From the main menu on the left side of the page select Save Settings to Flash to perman...

Page 239: ...AT GS950 48 Web Interface User Guide 239 SNMPv3 Traps The creation modification and deletion of traps for SNMPv3 is identical to the procedure for SNMPv1 v2 See SNMP Traps on page 221...

Page 240: ...is procedure explains how to modify the engine ID 1 From the main menu on the left side of the page select the SNMP folder The SNMP folder expands 2 From the SNMP folder select Engine ID The SNMP Engi...

Page 241: ...page is displayed See Figure 90 on page 240 3 Reset the engine ID To reset the engine ID to the previous setting click Reset To reset the engine ID to the default setting click Reset to Default 4 Fro...

Page 242: ...Chapter 17 SNMPv3 242...

Page 243: ...GS950 48 switch s Access Control Configuration feature and the procedures to create modify and delete an Access Control configuration This chapter contains the following sections Overview on page 244...

Page 244: ...iority behavior Note Before you specify the Access Control policies be sure to configure the QoS parameters The QoS entries may have a direct effect on each policy s behavior For more information see...

Page 245: ...Policy on page 251 View Specific Classifier Details on page 252 Create a Policy To create a policy perform the following procedure 1 From the main menu on the left side of the page select the Access...

Page 246: ...r 18 Access Control Configuration 246 Figure 92 IPv4 Policy Settings Page To create an IPv6 policy click Add IPv6 The IPv6 Policy Settings page is displayed See Figure 93 Figure 93 IPv6 Policy Setting...

Page 247: ...can be specified as a consecutive list a non consecutive list or a combination of the two At least one or more ports must be specified For example you can specify ports 1 3 5 8 Note You cannot combin...

Page 248: ...IPv6 only IPv6 Destination IP Address Destination IPv6 address Applies to IPv6 only IPv6 Destination IP Prefix Length Prefix length of the destination IPv6 address ranging from 1 128 Applies to IPv6...

Page 249: ...isplayed in at the bottom of the table If you do not see your new entry you may need to navigate to another page of the table with the First Page Previous Page Next Page and Last Page buttons located...

Page 250: ...t to change the status to Disable Click OK to enable or Cancel to cancel the action 4 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes Mod...

Page 251: ...ave Settings to Flash to permanently save your changes Delete a Policy To delete a policy entry perform the following procedure 1 From the main menu on the left side of the page select the Access Cont...

Page 252: ...the main menu on the left side of the page select the Access Control Config folder The Access Control Config folder expands 2 From the Access Control Config folder select Policy Settings The Policy Se...

Page 253: ...rate control entry by following the procedures in the following sections Create a Rate Control Entry next Modify the Committed Rate on page 254 Delete a Rate Control Entry on page 255 Create a Rate Co...

Page 254: ...ed Rate To modify the committed rate for a rate control entry perform the following procedure 1 From the main menu on the left side of the page select the Access Control Config folder The Access Contr...

Page 255: ...e 254 3 From the Rate Control page identify which committed rate entry that you want to delete and click the Delete button in the Action column The committed rate entry is deleted from the Committed R...

Page 256: ...ce To display the policy sequence perform the following procedure 1 From the main menu on the left side of the page select the Access Control Config folder The Access Control Config folder expands 2 F...

Page 257: ...ntrol Config folder select Policy Database The Policy Database page is displayed in Figure 99 on page 256 3 Select the switch port from the Select Port pull down menu that you want to view 4 Click the...

Page 258: ...Chapter 18 Access Control Configuration 258...

Page 259: ...hapter 19 RMON This chapter contains the following sections Overview on page 260 Enable and Disable RMON on page 261 Port Statistics on page 262 Histories on page 264 Events on page 266 Alarms on page...

Page 260: ...s group is used to collect histories of port statistics to identify traffic trends or patterns For information about configuring a History group refer to Histories on page 264 Event group This group i...

Page 261: ...s on how to configure SNMP on your switch refer to Chapter 16 SNMPv1 and v2c on page 211 or Chapter 17 SNMPv3 on page 225 Perform the following procedure to activate RMON 1 From the main menu on the l...

Page 262: ...is displayed See Figure 102 Figure 102 Ethernet Statistics Settings Page 3 The following fields are listed Index This parameter specifies the ID number of the new group The range is 1 to 65535 Port T...

Page 263: ...re 103 Ethernet Statistics Configuration Example 5 If you want to configure RMON statistics for other ports repeat Step 3 and Step 4 6 From the main menu on the left side of the page select Save Setti...

Page 264: ...buckets in a group the more snapshots it can store Perform the following procedure to configure RMON history 1 From the main menu on the left side of the page click the RMON folder The RMON folder ex...

Page 265: ...n interval of 60 seconds Owner This parameter is used to identify the person who created an entry It is primarily intended for switches that are managed by more than one person and is an optional fiel...

Page 266: ...the following procedure to configure RMON events 1 From the main menu on the left side of the page click the RMON folder The RMON folder expands 2 From the RMON folder select Event The RMON Event Sett...

Page 267: ...witches that are managed by more than one person and is an optional field 4 Once you have configured the parameters click Add Your entry appears in the table at the bottom of the page See Figure 107 F...

Page 268: ...s that comprise RMON alarms RMON statistics group A port must have an RMON statistics group configured if it is to have an alarm When you create an alarm you specify the port to which it is to be assi...

Page 269: ...e is 1 to 65535 Interval This parameter specifies the time in seconds over which the data is sampled Its range is 1 to 2147483647 seconds Variable This parameter specifies the RMON MIB object that the...

Page 270: ...x for the rising threshold Its range is 1 to 65535 This field is mandatory and must match an Event Index that you previously entered in Events on page 266 Falling Event Index This parameter specifies...

Page 271: ...AT GS950 48 Web Interface User Guide 271 6 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Page 272: ...Chapter 19 RMON 272...

Page 273: ...nd delete a voice VLAN configuration This chapter contains the following sections Overview on page 274 General Guidelines on page 277 Configuration on page 278 OUI Setting on page 281 Note To permanen...

Page 274: ...nsure that the voice data packets are processed before other types of data so that the voice quality is maintained as the voice data passes through the AT GS950 48 switch Note For more information abo...

Page 275: ...untagged ports that will serve as the voice VLAN uplink downlink By default a tagged or untagged port is a static member of a tagged VLAN Note See Create a Tagged VLAN on page 167 for more information...

Page 276: ...to have the port VLAN ID PVID configured to be the same as the voice VLAN ID This insures that all untagged packets entering the port are switched within the voice VLAN as the voice data passes throug...

Page 277: ...ports of a tagged VLAN are static and cannot have the voice VLAN Auto Detection feature enabled IP phones that are not VLAN aware should be connected to Static tagged ports of the voice VLAN The voice...

Page 278: ...ice VLAN on the AT GS950 48 switch To configure a voice VLAN perform the following procedure 1 From the main menu on the left side of the page select Voice VLAN The Voice VLAN folder expands 2 From th...

Page 279: ...tes the amount of time in hours after the last IP phone s OUI was received on a port after which this port will be removed from the voice VLAN The range is 1 to 120 hours CoS This parameter is the CoS...

Page 280: ...t have the voice VLAN Auto Detection feature enabled The Status column displays Static for the member ports See Dynamic Auto Detection vs Static Ports on page 275 for more information 7 Click Apply in...

Page 281: ...gure 111 Voice VLAN OUI Settings Page 3 Enter a text description that helps you identify the manufacturer s OUI in the User Defined OUI Description field This parameter can be up to 20 characters in l...

Page 282: ...page select Voice VLAN The Voice VLAN folder expands 2 From the Voice VLAN folder select Voice VLAN OUI Settings The Voice VLAN OUI Settings Page is displayed See Figure 111 on page 281 3 To delete a...

Page 283: ...includes the following sections Port Access Control on page 284 RADIUS Client on page 290 TACACS on page 293 Dial in User Local Authentication on page 296 Destination MAC Filter on page 299 Note To p...

Page 284: ...g a user name and password This feature can prevent an unauthorized individual from connecting a computer to a port or using an unattended workstation to access your network resources Only those users...

Page 285: ...rol Settings Page is displayed See Figure 112 Figure 112 Port Access Control Settings Page 3 Configure the following parameters as required NAS ID This parameter assigns an 802 1x identifier to the sw...

Page 286: ...when you are finished configuring the parameters 5 To set the advanced configuration parameters click Settings The Port Access Control Settings page is expanded See Figure 113 Figure 113 Expanded Port...

Page 287: ...ized state without any authentication exchanges required The ports transmit and receive traffic normally without 802 1x based authentication of the clients Re authentication Status This parameter acti...

Page 288: ...ment is enabled Disabled The VLAN Assignment is disabled Secure VLAN This field is inactive Guest VLAN ID This parameter specifies the VLAN ID that is designated as a Guest VLAN The range is 0 to 4093...

Page 289: ...of clients on an authenticator port The range is 1 to 65535 seconds Server Timeout Sets the length of time the switch waits for a response from the authentication server The range is 1 to 65535 second...

Page 290: ...rotocol transfers the task of authenticating network access from a network device to an authentication protocol server The AT S116 Management software comes with RADIUS client software You can use the...

Page 291: ...rt Access Control Configuration on page 285 and RADIUS Client Configuration For more information about the RADIUS authentication protocol refer to the RFC 2865 standard RADIUS Client Configuration To...

Page 292: ...packets contain an Account Status Type attribute that provides information related to a user s network access To enable or disable RADIUS Accounting Status perform the following procedure 1 From the...

Page 293: ...cation protocol for enhancing the security of your network The protocol transfers the task of authenticating network access from a network device to an authentication protocol server TACACS is similar...

Page 294: ...tions when configuring the TACACS server software on the authentication server Note This guide does not explain how to configure TACACS server software Refer to the documentation that comes with the T...

Page 295: ...Server Port field that you want to assign to TCP You may only assign one port number to this parameter 5 Type the timeout interval in seconds for the TACACS server in the Timeout field This parameter...

Page 296: ...h In this case the user name and password combinations are entered with an optional VLAN when they are defined Based on these entries the authentication process of a supplicant is done locally by the...

Page 297: ...Dynamic VLAN field enter the VID of the VLAN which you will allow the user to access If you enter 0 this field will be ignored 6 Click the Add button The Dial in User page is refreshed See Figure 118...

Page 298: ...to access 6 Click Apply 7 To permanently save these settings in the configuration file select Save Settings to Flash from the main menu to permanently save your changes Delete a Dial in User To delete...

Page 299: ...ware prevents the switch from forwarding it and drops the packet You may want to block access to a device within your organization For instance you may not want users on the Sales group switch to have...

Page 300: ...ess the Destination MAC Filter Page is updated with the MAC address 6 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes Delete Destination...

Page 301: ...3 Select the Delete button next to the MAC address that you want to delete The MAC address is removed from the MAC address table 4 From the main menu on the left side of the page select Save Settings...

Page 302: ...Chapter 21 Security 302...

Page 303: ...guration This chapter contains the following sections Overview on page 304 General Guidelines on page 306 General Configuration on page 307 VLAN Setting on page 310 Trusted and Untrusted Port Configur...

Page 304: ...g ways Directly to the legitimate trusted DHCP Server A network device relaying DHCP messages to and from a trusted server Another trusted source such as a switch with DHCP Snooping enabled Untrusted...

Page 305: ...definition untrusted ports do not accept DHCP packets originating form a DHCP server and immediately drop them when they are detected The DHCP packets types that are not accepted are DHCPOFFER and DHC...

Page 306: ...e relaying DHCP messages to and from a trusted server Another trusted source such as a switch with DHCP Snooping enabled Untrusted ports are connected to DHCP clients and to traffic that originates ou...

Page 307: ...of the page select DHCP Snooping The DHCP Snooping folder expands 2 From the DHCP Snooping folder select General Settings The General Settings page is displayed See Figure 121 Figure 121 General Setti...

Page 308: ...0 48 switch 4 From the Verify MAC Address field select one of the following choices from the pull down menu Enable The MAC address of each ingress ARP packet is validated when compared against the Bin...

Page 309: ...into the DHCP packets Disable The AT S116 Management software does not insert the DHCP Option 82 information into the DHCP packets 8 Click Apply The values for the DHCP Snooping General Settings take...

Page 310: ...expands 2 From the DHCP Snooping folder select VLAN Settings The VLAN Settings page is displayed See Figure 122 Figure 122 DHCP Snooping VLAN Settings Page 3 In the VLAN ID field enter a VLAN ID that...

Page 311: ...nu on the left side of the page select DHCP Snooping The DHCP Snooping folder expands 2 From the DHCP Snooping folder select VLAN Settings The VLAN Settings page is displayed See Figure 122 on page 31...

Page 312: ...terfaces The AT GS950 48 Trusted Interfaces page is displayed See Figure 123 for a partial view of this page Figure 123 AT GS950 48 Trusted Interfaces Page 3 From the Trust column select one of the fo...

Page 313: ...124 Trusted Interfaces Page Example 5 If you choose to configure other switch ports as trusted or untrusted repeat Step 3 and Step 4 6 From the main menu on the left side of the page select Save Sett...

Page 314: ...he following procedure describes how to configure the DHCP Snooping Binding Database on the AT GS950 48 switch for static IP addresses and how to view the MAC Address and IP Address information for al...

Page 315: ...cted Type Because the IP Address being entered is static select Static 2 Click Add The static address information is entered into the Binding Database See Figure 126 for an example Figure 126 Binding...

Page 316: ...the following Learned The host IP Address is dynamically assigned by the DHCP server Static The host IP Address is statically assigned See Static IP Addresses on page 314 for more information Lease Ti...

Page 317: ...nected devices on the network and to store data that is learned about other devices This chapter provides the following information Overview on page 318 Global Configuration on page 319 Neighbors Info...

Page 318: ...protocol That is the information transmitted in LLDP advertisements flows in one direction only from one device to its neighbors and the communication ends there Transmitted advertisements do not sol...

Page 319: ...ation The LLDP port settings are on the bottom of the page See Figure 127 for a partial view of the LLDP Global Settings page Figure 127 AT GS950 48 LLDP Global Settings Page Perform the following pro...

Page 320: ...ou have selected is now active 5 Below the Enable or Disable radio buttons you may adjust the following parameters as needed then click the Apply button in the area of these parameters Message TX Hold...

Page 321: ...er to System Management Information on page 30 System Description This parameter lists the product name of the switch You cannot change this parameter Setting Port States Each port on the switch can b...

Page 322: ...Chapter 23 LLDP 322 4 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Page 323: ...the LLDP information is received from them Port This parameter specifies the AT GS950 48 local port number where the LLDP information was received Chassis ID Subtype This parameter describes the Chas...

Page 324: ...Chapter 23 LLDP 324...

Page 325: ...switch and its ports This chapter includes the following sections Overview on page 326 Traffic Comparison Statistics on page 327 Error Group Statistics on page 331 Historical Status Statistics on pag...

Page 326: ...network traffic statistics charts There are three types of statistics charts Traffic Comparison Allows you to display a specified traffic statistic over all of the ports You can select 24 statistic ty...

Page 327: ...rt To display traffic comparison statistics perform the following procedure 1 Select the Statistics Chart folder The Statistics Chart folder expands 2 From the Statistics Chart folder select Traffic C...

Page 328: ...ts per second Outbound Non unicast Packet Rate Pkts s Measures the rate of outbound non unicast packets in packets per second Outbound Discard Rate Pkts s Measures the rate of outbound discarded packe...

Page 329: ...t packets in packets per second Outbound Non unicast Packets Pkts Measures the number of outbound non unicast such as broadcast and multicast packets packets in packets per second Outbound Discards Pk...

Page 330: ...ple Yellow Orange Gray Light Red Light Blue Light Green Light Yellow Light Gray 6 To create the Traffic Comparison chart click Draw See Figure 130 for an example of the Traffic Comparison chart with d...

Page 331: ...display error group statistics for a port perform the following procedure 1 Select the Statistics Chart folder The Statistics Chart folder expands 2 From the Statistics Chart folder select Error Group...

Page 332: ...s 15 seconds 30 seconds 5 To select the color of the Error Group chart select Color Choose one of the following colors Green Blue Red Purple Yellow Orange Gray Light Red Light Blue Light Green Light Y...

Page 333: ...To display historical status statistics for a port perform the following procedure 1 Select the Statistics Chart folder The Statistics Chart folder expands 2 From the Statistics Chart folder select H...

Page 334: ...ond Inbound Errors Pkts Measures the number of inbound errors in packets per second Outbound Octets Bytes Measures the number of outbound octet bits in bytes per second Outbound Unicast Packets Pkts M...

Page 335: ...s 5 To select the color of the Historical Statistics chart select Color Choose one of the following colors Green Blue Red Purple Yellow Orange Gray Light Red Light Blue Light Green Light Yellow Light...

Page 336: ...Chapter 24 Network Statistics 336 Figure 133 Historical Statistics Page Example 8 From the menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Page 337: ...er 25 Software Configuration Updates on page 339 Chapter 26 Cable Diagnostics on page 351 Chapter 27 LED ECO Mode on page 353 Chapter 28 Energy Efficient Ethernet on page 357 Chapter 29 Rebooting the...

Page 338: ...338...

Page 339: ...ge 341 Upgrade Firmware Image via TFTP on page 343 Download or Upload a Configuration File via HTTP on page 345 Download or Upload a Configuration File via TFTP on page 349 Note For information about...

Page 340: ...de the AT S116 Management software or upload or download your configuration file Using a web browser via HTTP Using a TFTP server To perform one of these operations using HTTP you only need to have ac...

Page 341: ...mask assigned either manually or via DHCP For instructions on how to set the IP address and subnet mask on a switch see Configuration of IPv4 Address Subnet Mask and Gateway Address on page 32 To enab...

Page 342: ...meter as necessary Enter the path and the firmware file name or click the Browse button and select the file name 4 To begin the upgrade process on the switch click Apply The software begins to downloa...

Page 343: ...116 image file on the TFTP server Start the TFTP server software before you begin the download procedure Caution Downloading a new version of management software onto the switch causes the device to r...

Page 344: ...IPv6 address click IPv6 then enter the address using xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx hexadecimal format Image File Name The full name of the AT S116 file including the file extension you are...

Page 345: ...ually or via DHCP For instructions on how to manually set the IP address and subnet mask on a switch see Configuration of IPv4 Address Subnet Mask and Gateway Address on page 32 To enable a DHCP clien...

Page 346: ...Save Configuration File Message 2 Save the configuration file to your PC Clicking Save automatically saves the file to your PC without letting you choose the location Clicking Save As lets you choose...

Page 347: ...mented immediately after upload A short interruption in network service will be experienced while the new configuration file is loaded Note If the IP address contained in the new configuration file is...

Page 348: ...Chapter 25 Software Configuration Updates 348 4 If you cannot access the Configuration File Backup Restore via HTTP page refresh the page and log back into the AT S116 web interface...

Page 349: ...ocedure 1 From the menu on the left side of the home page select the Tools folder The Tools folder expands 2 From the Tools folder select the Config File Backup Restore folder The Config File Backup R...

Page 350: ...xxxx xxxx xxxx xxxx hexadecimal format 2 Select the Restore button 3 The software immediately begins to upload the configuration file from the TFTP server to the switch Caution If you are uploading a...

Page 351: ...nfiguration file select Save Settings to Flash from the main menu on the left side of the page To run these cable diagnostics perform the following procedure 1 From the main menu on the left side of t...

Page 352: ...n one pair of wires and another pair within the cable Cable Fault Distance This parameter specifies the distance from the switch port to the cable fault Cable Length This parameter specifies the lengt...

Page 353: ...serve additional power on the port LEDs This eco friendly feature turns off the port LEDs on the switch to save power when they are not necessary The LED ECO Mode can be turned off when you need to se...

Page 354: ...rom the Tools folder select LED ECO Mode The LED ECO Mode page is displayed See Figure 143 Figure 143 LED ECO Mode Page 3 Select Enabled from the LED ECO Mode pull down menu 4 Click Apply The port LED...

Page 355: ...From the Tools folder select LED ECO Mode The LED ECO Mode page is displayed See Figure 145 Figure 145 LED ECO Mode in Enabled State 3 Select Disabled from the LED ECO Mode pull down menu 4 Click App...

Page 356: ...Chapter 27 LED ECO Mode 356...

Page 357: ...l retains full network performance When EEE is enabled the power reduction results from putting the circuitry driving the Ethernet line into Sleep mode when there is no data activity When data activit...

Page 358: ...ls folder The Tools folder expands 2 From the Tools folder select IEEE 802 3az EEE The IEEE 802 3az EEE page is displayed See Figure 147 Figure 147 IEEE 802 3az EEE Page 3 Select Enabled from the IEEE...

Page 359: ...ect the Tools folder The Tools folder expands 2 From the Tools folder select IEEE 802 3az EEE The IEEE 802 3az EEE page is displayed See Figure 147 on page 358 3 Select Disabled from the IEEE 802 3az...

Page 360: ...Chapter 28 Energy Efficient Ethernet 360...

Page 361: ...al factory default settings There are two ways to accomplish this Press the front panel eco friendly button for more than 10 seconds and release it Reboot the switch in the AT S116 management software...

Page 362: ...r changes All configuration parameters that have not been previously saved are lost After the switch is reboots they are reset to the values stored in the flash memory Caution This procedure causes th...

Page 363: ...e Two additional options are available in the Reboot Type field The procedures for these options are described in Configure Factory Default Values 5 Click Apply The switch immediately begins to reload...

Page 364: ...lower part of the page to the Reboot section 4 In the Reboot Type field use the pull down menu to select one of the following options Normal This setting reloads all configuration parameters that are...

Page 365: ...tings are managed by the DHCP server 5 Click Apply The switch begins the reboot process You must wait approximately two minutes for the switch to complete the reboot process before you can re establis...

Page 366: ...disabled However you can still reset the switch via the management software without affecting the switch s configuration The factory default reset can be enabled again by using the password that you i...

Page 367: ...r entering a password See Figure 149 Figure 149 Factory Default Reset Reboot Page with Password Entry 5 In the New Password field enter a password of up to 12 characters in length It is case sensitive...

Page 368: ...oose to Enable it perform the following procedure 1 From the main menu on the left side of the page select the Tools folder The Tools folder expands 2 From the Tools folder select Reboot The Factory D...

Page 369: ...Reset Reboot Page is displayed with the Factory Default Reset field Enabled See Figure 148 on page 362 In the Reboot section the Reboot Type field now includes the options presented in its pull down...

Page 370: ...Chapter 29 Rebooting the AT GS950 48 370...

Page 371: ...the default VLAN and within the same local area network as your switch In other words the port on the switch through which the node is communicating with the switch must be an untagged or tagged memb...

Page 372: ...r a response before assuming that a ping has failed Number of Ping Requests Specifies the number of ping requests you want the switch to perform 4 Click Start 5 To view the ping results click Show Pin...

Page 373: ...STI on page 376 General Guidelines on page 379 VLAN and MSTI Associations on page 380 Ports in Multiple MSTIs on page 381 Multiple Spanning Tree Regions on page 382 Associating VLANs to MSTIs on page...

Page 374: ...using tagged ports which can handle traffic from multiple VLANs simultaneously The drawback to this approach is that the link formed by the tagged ports can create a bottleneck to your Ethernet traffi...

Page 375: ...erface User Guide 375 Note The implementation of MSTP in the management software complies fully with the new IEEE 802 1s standard and should be interoperable with any other vendor s fully compliant 80...

Page 376: ...o VLANs Sales and Production The ports of each VLAN on each switch are connected with a direct link using untagged ports If the switches were running STP or RSTP one of these two links would be blocke...

Page 377: ...Ns Assigned to an MSTI An MSTI can contain more than one VLAN This is illustrated in Figure 156 on page 378 where there are two AT GS950 48 switches with four VLANs There are two MSTIs each containing...

Page 378: ...the VLAN parts are made with tagged not untagged ports so that they can carry traffic from more than one virtual LAN Referring again to Figure 156 the tagged link in MSTI 1 is carrying traffic for bot...

Page 379: ...at a time A switch port can belong to more than one spanning tree instance at a time by being an untagged and tagged member of VLANs belonging to different MSTIs This is possible because a port can be...

Page 380: ...of the task of configuring MSTP involves assigning VLANs to spanning tree instances The mapping of VLANs to MSTIs is called associations A VLAN either port based or tagged can belong to only one insta...

Page 381: ...as generic parameters These are set just once on a port and apply to all the MSTIs in which the port is a member One of these parameters is the external path cost which sets the operating cost of a po...

Page 382: ...used to keep track of the revision level of a region s configuration For example you might use this value to maintain the number of times you revise a particular MSTP region It is important that each...

Page 383: ...port and the bridge connected to the port as belonging to another region The same is true for any ports connected to bridges running the single instance spanning tree STP Those ports are also conside...

Page 384: ...is used to determine the root bridge for an entire bridged network the MSTI priority is used only to determine the regional root for a particular MSTI The range for this parameter is the same as the R...

Page 385: ...en different regions and between regions and single instance spanning tree to form one spanning tree for the entire bridged network MSTP uses CIST to form the spanning tree of an entire bridged networ...

Page 386: ...and the bridge as belonging to a different region An MSTP region can be considered as a virtual bridge The implication is that other MSTP regions and STP and RSTP single instance spanning trees canno...

Page 387: ...and has been assigned to MSTI ID 10 and port 8 is a member of VLAN 3 assigned to MSTI ID 10 The BPDUs transmitted by port 8 to switch B indicate that the port is a member of both CIST 0 and MSTI 15 w...

Page 388: ...etermining whether a loop exists The result would be that the switch detects a loop because the other port is also receiving BPDU packets from CIST 0 Switch B would block port 3 to cancel the loop To...

Page 389: ...th MSTI 4 Port 6 is a tagged and untagged member of two different VLANs both associated to MSTI 12 If both switches were a part of the same region there would be no problem because the ports reside in...

Page 390: ...t group the 3 VLANs in MSTI 12 and in Region 2 you could group them into MSTI 16 After they are grouped you can connect the VLANs across the regions using a link of untagged tagged ports as shown in F...

Page 391: ...the forwarding state for another spanning tree instance A network can contain any number of regions and a region can contain any number of AT GS950 48 switches The AT GS950 48 switch can belong to on...

Page 392: ...Appendix A MSTP Overview 392...

Page 393: ...1 4 167 1 3 6 1 4 207 1 4 166 1 3 6 1 4 207 1 4 165 1 3 6 1 4 207 1 4 167 1 3 6 1 4 1 207 1 4 203 1 3 6 1 4 1 207 1 4 199 1 3 6 1 4 1 207 1 4 204 System Name none 0 15 characters System Location none...

Page 394: ...Web Server Status Enabled Enabled Disabled Web Idle Timeout 10 Minutes 3 60 Minutes System System Time Clock Mode Local Time SNTP Local Time Date Setting YYYY MM DD 2009 1 1 Time Setting HH MM SS 00 1...

Page 395: ...System DHCP Auto Configuration Settings Auto Configuration State Disabled Enabled Disabled System System Log Configuration Syslog Status Disabled Enabled Disabled Time Stamp Enabled Enabled Disabled...

Page 396: ...abled Flow Control Disabled Enabled Disabled EAP Pass Disabled Enabled Disabled BPDU Enabled Enabled Disabled Bridge Spanning Tree RSTP Global RSTP Status Disabled Enabled Disabled Protocol Version RS...

Page 397: ...1 1 31 Bridge Priority 32768 0 61440 Configuration Name MAC Address of AT GS950 48 switch Revision Level 0 0 65535 Bridge Maximum Age 20 Seconds 6 40 Seconds Bridge Forward Delay 15 Seconds 4 30 Secon...

Page 398: ...32768 System ID MAC Address of AT GS950 48 switch Port Priority 0 0 65535 Bridge Mirroring Mirroring Status Disabled Enabled Disabled Mirroring Port 1 All 1 48 Ingress Mirrored Port All 1 48 Egress Mi...

Page 399: ...ing IGMP Snooping Status Disabled Enabled Disabled IGMP Snooping Age Out Timer 260 seconds 130 153025 seconds Querier Status Disabled Enabled Disabled Query Interval 125 seconds 6 600 seconds Max Resp...

Page 400: ...Port Based VLAN on any port Tagged VLAN ID none 2 4093 Tagged VLAN Name none 0 32 characters Tagged Management VLAN Enabled on DefaultVLAN Disabled on all other VLANs Always Enabled on Default VLAN E...

Page 401: ...000 milli seconds 40 2147483640 milli seconds Bridge QoS QoS Status Disabled Enabled Disabled Queue for Traffic Classes Low Low Medium High Highest Port Priority 0 0 7 DSCP Mapping Queue Low Low Mediu...

Page 402: ...munity Table Community Name none 1 32 characters User Name View Policy none 1 32 characters SNMP Trap Management Trap Enabled Enabled Disabled Host IP Address none IPv4 address in xxx xxx xxx xxx form...

Page 403: ...x xxxx xxxx xxxx xxxx hex format Source IP Mask Length none 1 32 Destination IP Address none IPv4 address in xxx xxx xxx xxx hex format IPv6 address in xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx hex form...

Page 404: ...History Interval none 1 3600 seconds History Owner none Alarms Index none 1 65535 Alarms Interval none 1 to 2147483647 seconds Alarms Variable none Alarms Sample Type Absolute value Absolute value Del...

Page 405: ...mat Security Port Access Control NAS ID fsNas1 1 16 characters Port Access Control Disabled Disabled Enabled Port Access Control Authentication Method Local Local Radius TACACS Port Number port 1 port...

Page 406: ...gnore RADIUS Server IP 0 0 0 0 IPv4 address in xxx xxx xxx xxx hex format IPv6 address in xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx hex format RADIUS Server Port 1812 1 65535 RADIUS Accounting Port 1813...

Page 407: ...ed Disabled General Setting Verify MAC Address Enabled Enabled Disabled General Setting Backup Database Disabled Enabled Disabled General Setting Database Update Interval 1200 seconds 600 86400 second...

Page 408: ...elay 2 seconds 1 8192 seconds Global Settings Port State Disabled Disabled RxTx RxOnly TxOnly Statistics Chart Traffic Comparison Statistics Inbound Octet Rate Bytes s 24 statistics Traffic Comparison...

Page 409: ...on OS file name limitation Firmware Upgrade via TFTP Retry Count none 1 20 Configuration File Upload Download via HTTP Select File none Configuration File Upload Download via TFTP TFTP Server IP none...

Page 410: ...lt Except IP Ping Destination IP Address 0 0 0 0 IPv4 address in xxx xxx xxx xxx hex format IPv6 address in xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx hex format Ping Timeout Value 3 seconds 1 5 seconds...

Reviews:

No comments

Related manuals for AT-GS950/48

DHI-NVR5224-24P-4KS2

Brand: Dahua Pages: 24

Brand: Ubiquiti Pages: 40

Brand: H3C Pages: 26

Brand: Macsense Pages: 39

FieldPoint FP-3000

Brand: National Instruments Pages: 118

Brand: Alcatel-Lucent Pages: 60

Brand: Allied Telesis Pages: 2

Brand: Kentrox Pages: 246

Total Access 1500 Dual FXS/DPO

Brand: ADTRAN Pages: 2

Brand: Idis Pages: 28

Brand: Supero Pages: 54

Brand: WIN Enterprises Pages: 25

Brand: Teltonika Pages: 12

Brand: Comtrend Corporation Pages: 69

Brand: Billion Pages: 16

BiPAC 7404V series

Brand: Billion Pages: 165

Brand: Billion Pages: 121

Brand: B&B Electronics Pages: 2

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands