manualshive.com logo in svg

Allied Telesis AT-S95, User Manual

The Allied Telesis AT-S95 is a high-performance switch designed for businesses. For easy setup and configuration, make sure to download the user manual for free from our website. This comprehensive manual will guide you through the features and functions of the AT-S95, ensuring smooth operation for your network.

Share
Download
background image

Configuring Device Security

Configuring Network Security

Page 69

6.

Click 

Apply

. The port security settings are saved and the device is updated.

7.

Click 

Save Config

 on the menu to save the changes permanently.

Defining 802.1x Port Access

The 

802.1x Port Access Page

 allows enabling port access globally, defining the authentication method, and 

configuration of port roles and settings.

To configure 802.1x port access parameters:

1.

Click 

Network Security > 802.1x Port Access

.

 

The 

802.1x Port Access Page

 opens:

Figure 39: 802.1x Port Access Page

The 

802.1x Port Access Page

 contains the following fields:

Enable Port Access

 — Enables the 802.1x port access globally. The possible values are:

Checked

 — Enables the 802.1x port access on the device.

Unchecked

 — Disables the 802.1x port access on the device. This is the default value.

Authentication Method

 — Displays the method by which the last session was authenticated. The possible 

field values are:

None —

 Indicates that no authentication method is used to authenticate the port.

RADIUS —

 Provides port authentication using the RADIUS server.

RADIUS, None —

 Provides port authentication, first using the RADIUS server. If the port is not 

authenticated, then no authentication method is used, and the session is permitted.

Enable Guest VLAN

 — Provides limited network access to unauthorized ports. If a port is denied network 

access via port-based authorization, but the Guest VLAN field is enabled, the port receives limited network 
access. 
For example, a network administrator can use Guest VLANs to deny network access via port-based 
authentication, but grant Internet access to unauthorized users. The possible field values are:

Summary of Contents for AT-S95

Page 1: ...613 001188 Rev A Management Software AT S95 Web Browser Interface User s Guide AT 8000GS Series Stackable Gigabit Ethernet Switches Version 2 0 0 19...

Page 2: ...ntioned herein are trademarks or registered trademarks of their respective owners Allied Telesis Inc reserves the right to make changes in specifications and other information contained in this docume...

Page 3: ...Configurable Login Banner 20 Defining System Information 21 Configuring Internet Protocol Version 6 23 Defining IPv6 Interfaces 23 Defining the IPv6 Default Gateway 27 Configuring Tunnels 29 Defining...

Page 4: ...Configuring Port Mirroring 103 Aggregating Ports 106 Defining Trunk Settings 107 Defining Port Trunking 110 Configuring LACP 112 Configuring Interfaces 114 Defining MAC Addresses 114 Configuring VLAN...

Page 5: ...Viewing the LLDP Neighbors Information 188 Configuring Power Over Ethernet 191 Defining Power Over Ethernet Configuration 193 Configuring Services 195 Enabling Class of Service CoS 196 Configuring CoS...

Page 6: ...g a Terminal 232 Initial Configuration 233 Configuration 233 Static IP Address and Subnet Mask 233 User Name 234 Downloading Software 234 Standalone Device Software Download 234 Stacking Member Softwa...

Page 7: ...agement System EWS The Embedded Management System enables configuring monitoring and troubleshooting of network devices remotely via a web browser The web pages are easy to use and easy to navigate Th...

Page 8: ...Configuring System Logs Provides information for setting up and viewing system logs and configuring switch log servers Section 10 Configuring Spanning Tree Provides information for configuring Classic...

Page 9: ...nt Conventions This document uses the following conventions Note Provides related information or information of special importance Caution Indicates potential damage to hardware or software or loss of...

Page 10: ...eturning Products Products for return or repair must first be assigned a Return Materials Authorization RMA number A product sent to Allied Telesis without a RMA number will be returned to the sender...

Page 11: ...information for starting the application The login information is configured with a default user name and password The default password is friend the default user name is manager Passwords are both c...

Page 12: ...Getting Started Starting the Application Page 12 5 Click Sign In The System General Page opens Figure 2 System General Page...

Page 13: ...m Views provide a graphical representation of the device ports The Port Settings Page displays an example of the Zoom View with a detailed graphical representation of the device ports To open a zoom v...

Page 14: ...components with their corresponding numbers Table 1 Interface Components Component Description 1 Menu The Menu provides easy navigation through the main management software features In addition the Me...

Page 15: ...s maintained until reset or power up Apply Saves configuration changes to the device The configuration change is saved to the Running Configuration file and is maintained until reset or power up Confi...

Page 16: ...the user into the WBI starts the management session Logout Signs the user out of the WBI ending the management session Help Opens the online help page Exit Help Closes the online help page Save Confi...

Page 17: ...s To add information to tables or WBI pages 1 Open a WBI page 2 Click Add An Add page opens for example the Add Community Page Figure 5 Add Community Page 3 Define the fields 4 Click Apply The configu...

Page 18: ...I pages 1 Open the WBI page 2 Select a table row 3 Click Delete The information is deleted and the device is updated Saving Configurations User defined information can be saved for permanent use or un...

Page 19: ...g Out The Logout option enables the user to log out of the device thereby terminating the running session To log out In any page click Logout on the menu The current management session is ended and th...

Page 20: ...device After the device is reset a prompt for a user name and password displays 3 Enter a user name and password to reconnect to the Web Interface To reset the device to the predefined default configu...

Page 21: ...System General Page comprises two sections Administration and DHCP Configuration The Administration section of the System General Page contains the following fields System Name Indicates the user def...

Page 22: ...ase the device following reset checks if the IP address is already defined in the Startup Configuration If not the device tries to receive an IP address from a BootIP server until either an IP address...

Page 23: ...d therefore are not required to be expressed Any prefix that is less than 64 bits is a route or address range that is summarizing a portion of the IPv6 address space For every assignment of an IP addr...

Page 24: ...set per device To define IPv6 Interfaces 1 Click System IPv6 Interface The IPv6 Interface Page opens Figure 9 IPv6 Interface Page The IPv6 Interface Page contains the following fields Interface Indic...

Page 25: ...address is 2031 0 130F 0 0 9C0 876A 130D and the compressed version is represented as 2031 0 130F 9C0 876A 130D Up to five IP addresses can be set per interface with the limitation of up to 128 addres...

Page 26: ...s the interface ID low order 64 bits of the IPv6 address is built from the system base MAC address The following fields options are Checked Enables the EUI 64 option This option is relevant only to Gl...

Page 27: ...hat configuring a new static default gateway without deleting the previously configured one overwrites the previous configuration A configured default gateway has a higher precedence over automaticall...

Page 28: ...Gateway Page opens Figure 12 Add Static Default Gateway Page 4 Define the Default Gateway IPv6 Address field for the IP Interface The address must be a valid IPv6 address specified in hexadecimal usi...

Page 29: ...e following fields Tunnel Type Indicates the is the tunnel type The possible field values are ISATAP Indicates ISATAP is the selected tunnel type None IPv6 transition mechanism is not used This is the...

Page 30: ...ce sends The range is 1 20 seconds The default is 3 2 Click Apply The Tunnel is defined and the device is updated Defining IPv6 Neighbors The IPv6 Neighbors Page contains information for defining IPv6...

Page 31: ...from the IPv6 Neighbor Table Dynamic Only Deletes the dynamic IPv6 address entries from the IPv6 Neighbor Table All Dynamic and Static Deletes the IPv6 Neighbor Table static and dynamic address entrie...

Page 32: ...System IPv6 Neighbors The IPv6 Neighbors Page opens 2 Select the IPv6 Address field to be edited 3 Click Modify The IPv6 Neighbor Configuration Page opens Notes Static IPv6 addresses require a MAC add...

Page 33: ...e information entry The possible field values are Static Shows static neighbor discovery cache entries Dynamic Shows dynamic neighbor discovery cache entries State Displays the IPv6 Neighbor status Th...

Page 34: ...em time reverts to the local hardware clock Daylight Savings Time can be enabled on the device To configure the system clock time 1 Click System System Time The System Time Page opens Figure 17 System...

Page 35: ...he time source Stratum 1 A server that is directly linked to a Stratum 0 time source is used Stratum 1 time servers provide primary network time standards Stratum 2 The time source is distanced from t...

Page 36: ...orted 2 Select the SNTP Status Supported IP Format and when applicable the IPv6 Address Type and Link Local Interface 3 Define the Server IP Address and the Poll Interval fields 4 Click Apply The SNTP...

Page 37: ...The day of the week from which DST begins every year The possible field range is Sunday Saturday Week The week within the month from which DST begins every year The possible field range is 1 5 Month...

Page 38: ...t weekend of March until the last weekend of October India India does not use Daylight Saving Time Iran From Farvardin 1 until Mehr 1 Iraq From April 1 until October 1 Ireland From the last weekend of...

Page 39: ...kend of March until the last weekend of October Switzerland From the last weekend of March until the last weekend of October Syria From March 31 until October 30 Taiwan Taiwan does not use Daylight Sa...

Page 40: ...This section describes setting security parameters for ports device management methods users and servers This section contains the following topics Configuring Management Security Configuring Server...

Page 41: ...efined for interfaces according to IP addresses or IP subnets Access profiles contain management methods for accessing and managing the device The device management methods include All Telnet Secure T...

Page 42: ...ains a table listing the currently defined profiles and their active status Access Profile Name The name of the profile The access profile name can contain up to 32 characters Current Active Access Pr...

Page 43: ...If selected users accessing the device using Telnet meeting access profile criteria are permitted or denied access to the device Secure Telnet SSH Assigns SSH access to the rule If selected users acc...

Page 44: ...This option is only available the first time you configure the access profile Tunnel 1 Specifies that ISATAP tunneling Tunnel 1 mechanism is supported Note You must initially select the VLAN 1 option...

Page 45: ...ty Profile Rules The Profile Rules Page opens Figure 20 Profile Rules Page Access Profile Name Displays the access profile to which the rule is attached Priority Defines the rule priority When the pac...

Page 46: ...HTTPS Assigns HTTPS access to the rule If selected users accessing the device using HTTPS meeting access profile criteria are permitted or denied access to the device SNMP Assigns SNMP access to the r...

Page 47: ...rface Global Specifies that global Unicast addressing is supported by the interface Link Local Interface If Link Local is selected as the supported IPv6 Address Type defines the supported interface Th...

Page 48: ...dify an access rule 1 Click Mgmt Security Profile Rules The Profile Rules Page opens 2 Click Modify The Profiles Rules Configuration Page opens Figure 22 Profiles Rules Configuration Page 3 Define the...

Page 49: ...Authentication Profiles Page contains two tables which display the currently defined profiles Login Authentication Profiles Provides the method by which system users logon to the device Enable Authent...

Page 50: ...thentication first occurs at the RADIUS server If authentication cannot be verified at the RADIUS server the session is authenticated locally If the session cannot be authenticated locally the session...

Page 51: ...Using the arrows move the method s from the Optional Method list to the Selected Method list 6 Click Apply The authentication profile is defined The profile is added to the profiles table and the devi...

Page 52: ...e 52 Figure 25 Authentication Profile Configuration Page 3 Select the Profile Name from the list 4 Using the arrows move the method s from the Optional Method list to the Selected Method list 5 Click...

Page 53: ...ods are used To map authentication methods 1 Click Mgmt Security Authentication Mapping The Authentication Mapping Page opens Figure 26 Authentication Mapping Page The Authentication Mapping Page comp...

Page 54: ...for access HTTP Indicates that authentication methods are used for HTTP access Possible methods are Local Authentication occurs locally RADIUS Authenticates the user at the RADIUS server TACACS Authen...

Page 55: ...ing TACACS Terminal Access Controller Access Control System TACACS provides centralized security user access validation The system supports up to 8 TACACS servers TACACS provides a centralized user ma...

Page 56: ...ies the authentication port The device communicates with the TACACS server through the authentication port The default is 49 Timeout for Reply Defines the time interval in seconds that passes before t...

Page 57: ...Configuring Device Security Configuring Server Based Authentication Page 57 Figure 28 Add TACACS Page 3 Define the fields 4 Click Apply The TACACS profile is saved and the device is updated...

Page 58: ...To modify TACACS server settings 1 Click Mgmt Protocols TACACS The TACACS Page opens 2 Click Modify The TACACS Configuration Page opens Figure 29 TACACS Configuration Page 3 Define the relevant field...

Page 59: ...Page opens Figure 30 RADIUS Page The RADIUS Page contains the following fields Radius Accounting Usage Specifies the RADIUS recording session type The default value is None The possible field values...

Page 60: ...rver authentication The authenticated port default is 1812 Accounting Port Identifies the accounting port The accounting port is used to verify the RADIUS server recording session The accounting port...

Page 61: ...vice Security Configuring Server Based Authentication Page 61 2 Click Add The Add RADIUS Page opens Figure 31 Add RADIUS Page 3 Define the fields 4 Click Apply The RADIUS profile is saved and the devi...

Page 62: ...modify RADIUS server settings 1 Click Mgmt Protocols RADIUS The RADIUS Page opens 2 Click Modify The RADIUS Configuration Page opens Figure 32 RADIUS Configuration Page 3 Define the relevant fields 4...

Page 63: ...3 Local Users Page The Local Users Page displays the list of currently defined local users and contains the following fields User Name Displays the user s name Access Level Displays the user access le...

Page 64: ...swords can contain up to 159 characters Confirm Password Verifies the password 3 Define the fields 4 Click Apply The user is added to the Local Users table and the device is updated To modify local us...

Page 65: ...Password The Line Password Page opens Figure 36 Line Password Page The Line Password Page contains the following fields Console Line Password Defines the line password for accessing the device via a...

Page 66: ...rned or statically configured Locked port security monitors both received and learned packets that are received on specific ports Access to the locked port is limited to users with specific MAC addres...

Page 67: ...Port Security The Port Security Page opens Figure 37 Port Security Page The Port Security Page displays the Zoom View of the selected stacking member s defined in the Unit No field ports 2 In the Uni...

Page 68: ...values are Classic Lock Locks the port using the classic lock mechanism The port is immediately locked regardless of the number of addresses that have already been learned Limited Dynamic Lock Locks...

Page 69: ...the device Unchecked Disables the 802 1x port access on the device This is the default value Authentication Method Displays the method by which the last session was authenticated The possible field va...

Page 70: ...for reauthentication Immediate Reauthenticates the port immediately The 802 1x Port Access Page also displays the Zoom View of the selected stacking member s defined in the Unit No field ports 2 Selec...

Page 71: ...that are not the supplicant s address while not learning the source addresses Discard Enables the discarding of frames with source addresses that are not the supplicant s address This is the default...

Page 72: ...e is 0 65535 The field default is 60 seconds Resending EAP Defines the amount of time in seconds that lapses before EAP requests are resent The field default is 30 seconds Max EAP Requests Displays th...

Page 73: ...eously transmitted across a network by a single port Forwarded message responses are heaped onto the network straining network resources or causing the network to time out Storm control is enabled for...

Page 74: ...es are Enabled Enables storm control on the selected port Disabled Disables storm control on the selected port Broadcast Mode Specifies the Broadcast mode currently enabled on the device The possible...

Page 75: ...ntrol entries ACEs that are made of the filters that determine traffic classifications The total number of ACEs that can be defined in all ACLs together is 256 This section contains the following topi...

Page 76: ...packets are addressed to the ACE Destination MAC Mask Indicates the destination MAC Address wild card mask Wildcards are used to mask all or part of a destination MAC Address Wild card masks specify...

Page 77: ...ACL Page opens Figure 44 Add MAC Based ACL Page 3 In the ACL Name field type a name for the ACL 4 Enable Rule Priority and define the ACL s relevant fields 5 Click Apply The MAC Based ACL configurati...

Page 78: ...ity MAC Based ACL The MAC Based ACL Page opens 2 Click the Add ACE button The Add MAC Based ACE Page opens Figure 45 Add MAC Based ACE Page 3 Define the fields 4 Click Apply The MAC Based ACE rule is...

Page 79: ...Figure 46 MAC Based ACE Configuration Page 3 Define the fields 4 Click Apply The MAC Based ACL configuration is defined and the device is updated 5 Click Save Config on the menu to save the changes p...

Page 80: ...net Group Management Protocol IGMP Allows hosts to notify their local switch or router that they want to receive transmissions assigned to a specific Multicast group IP Internet Protocol IP Specifies...

Page 81: ...nnels between two routers This ensures that IPIP tunnel appears as a single interface rather than several separate interfaces IPIP enables tunnel intranets to access the internet and provides an alter...

Page 82: ...packets ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code IGMP Type Filters packets by IGMP message or message types DSCP Matches the packets DSCP valu...

Page 83: ...classification to identify flows based on QoS values such as DSCP or IP Precedence The possible field values are Checked Enables identification of flows based on QoS values Selecting this option make...

Page 84: ...Apply The IPv4 based ACE rule is defined and the device is updated 5 Click Save Config on the menu to save the changes permanently To modify the IPv4 based ACL configuration 1 Click Network Security I...

Page 85: ...le is matched to a packet on a first match basis Protocol Creates an ACE based on a specific protocol The available protocols are ICMP Internet Control Message Protocol ICMP The ICMP allows the gatewa...

Page 86: ...abled x Don t care ICMP Type Filters packets by ICMP message type The field values are 0 255 ICMP Code Indicates and ICMP message code for filtering ICMP packets ICMP packets that are filtered by ICMP...

Page 87: ...classification to identify flows based on QoS values such as DSCP or IP Precedence The possible field values are Checked Enables identification of flows based on QoS values Selecting this option make...

Page 88: ...sed ACE rule is defined and the device is updated 5 Click Save Config on the menu to save the changes permanently To modify the IPv6 based ACL configuration 1 Click Network Security IPv6 Based ACL The...

Page 89: ...s 1 Click Network Security ACL Binding The ACL Binding Page opens Figure 52 ACL Binding Page The ACL Binding Page contains the following fields Interface Indicates the interface to which the ACL is bo...

Page 90: ...ng fields Interface Choose the interface to which the ACL is bound The possible values are Port Port associated with the ACL Trunk Trunk associated with the ACL Select IPv4 Based ACL IPv6 Based ACL or...

Page 91: ...n interface from outside the network or from a interface beyond the network firewall Trusted interfaces receive packets only from within the network or the network firewall DHCP with Option 82 attache...

Page 92: ...value Pass Through Option 82 Indicates if DHCP Option 82 with data insertion is enabled on the device The possible field values are Enable If DHCP Option 82 with data insertion is enabled the DHCP rel...

Page 93: ...e packets sent to DHCP Server via TCP IP network The option permits network administrators to limit address allocation to authorized hosts only This permits network administrators to limit address all...

Page 94: ...ANs list 3 Click Save Config on the menu to save the changes permanently Defining Trusted Interfaces The Trusted Interfaces Page allows network manager to define Trusted interfaces Trusted interfaces...

Page 95: ...Ports of Unit Displays the stacking member whose trusted interface configuration is displayed Trunk Displays the trunks whose trusted interface configuration is displayed Interface Contains a list of...

Page 96: ...es whether the interface is a Trusted Interface Enable Interface is a trusted interface Disable Interface is an untrusted interface 5 Click Apply The Trusted Interfaces configuration is defined and th...

Page 97: ...MAC address IPv4 Address Indicates the IPv4 addresses recorded in the DHCP Database The Database can be queried by IPv4 address VLAN Indicates the VLANs recorded in the DHCP Database The Database can...

Page 98: ...rver Lease Time Displays the lease time The Lease Time defines the amount of time the DHCP Snooping entry is active Addresses whose lease times are expired are ignored by the switch The possible value...

Page 99: ...e Setting Ports Configurations Aggregating Ports Setting Ports Configurations This section contains the following topics Defining Port Settings Configuring Port Mirroring Defining Port Settings The Po...

Page 100: ...possible settings 3 Click Modify The Port Setting Configuration Page opens Figure 61 Port Setting Configuration Page The Port Setting Configuration Page contains the following fields Port Lists the n...

Page 101: ...Indicates the port is currently disabled and is not receiving or transmitting traffic Unknown Indicates the port status is currently unknown Admin Speed Indicates the configured rate for the port The...

Page 102: ...de Enable Indicates that flow control is currently enabled for the selected port Disable Indicates that flow control is currently disabled for the selected port This is the default value Current Flow...

Page 103: ...yer 1 Port Mirroring The Port Mirroring Page opens Figure 62 Port Mirroring Page The Port Mirroring Page contains information about all port mirrors currently defined on the device The following infor...

Page 104: ...s the port from which traffic is to be analyzed Type Indicates the port mode configuration for port mirroring The possible field values are Rx Only Defines the port mirroring on receiving ports Tx Onl...

Page 105: ...ring Ports Setting Ports Configurations Page 105 3 Define the Type field 4 Click Apply The Port mirroring is modified and the device is updated 5 Click Save Config on the menu to permanently save the...

Page 106: ...The port is not assigned to a different trunk Auto negotiation mode is not configured on the port The port is in full duplex mode All ports in the trunk have the same ingress filtering and tagged mod...

Page 107: ...d The possible field values are Up Indicates the trunk is currently linked and is forwarding or receiving traffic Down Indicates the trunk is not currently linked and is not forwarding or receiving tr...

Page 108: ...uplink is distributed to all interfaces 2 Click Modify The Trunk Setting Configuration Page opens Figure 66 Trunk Setting Configuration Page The Trunk Setting Configuration Page contains the following...

Page 109: ...runk Current Advertisement Indicates the trunk advertises its speed to its neighbor trunk to start the negotiation process The possible field values are those specified in the Admin Advertisement fiel...

Page 110: ...formation about all port trunks currently defined on the device The following information is displayed Trunk Displays the ID number of the trunk Name Displays the name of the trunk The name can be up...

Page 111: ...trunking parameters are defined LACP Indicates if LACP is enabled on the trunk The possible field values are Checked Enables LACP on the trunk Unchecked Disables LACP on the trunk This is the default...

Page 112: ...fields for configuring LACP trunks To configure LACP for trunks 1 Click Layer 1 LACP The LACP Page opens Figure 69 LACP Page The LACP Page contains the following fields LACP System Priority Specifies...

Page 113: ...ing Ports Aggregating Ports Page 113 2 Click Modify the LACP Configuration Page opens Figure 70 LACP Configuration Page 3 Define the fields 4 Click Apply The LACP settings are saved and the device is...

Page 114: ...C Addresses The MAC Address Page contains parameters for querying information in the Static MAC Address Table and the Dynamic MAC Address Table in addition to viewing and configuring Unicast addresses...

Page 115: ...fy the MAC address The system automatically locates the port that is connected to the device Delete All Dynamic MAC Addresses Clicking Delete removes all dynamic addresses from the MAC Address Table 2...

Page 116: ...kets arrive on the ports To view or remove static MAC addresses 1 Click Layer 2 MAC Address The MAC Address Page opens 2 Click View Depending on whether View Static or View Dynamic is chosen the View...

Page 117: ...and Multicast domains Broadcast and Multicast traffic is transmitted only in the VLAN in which the traffic is generated VLAN tagging provides a method of transferring VLAN information between VLAN awa...

Page 118: ...4095 is reserved as the discard VLAN VLAN Name Displays the user defined VLAN name VLAN Type Displays the VLAN type The possible field values are Dynamic Indicates the VLAN was dynamically created thr...

Page 119: ...is a tagged member of a VLAN All packets forwarded by the interface are tagged The packets contain VLAN information Untagged Indicates the interface is an untagged VLAN member Packets forwarded by the...

Page 120: ...3 Click Modify The VLAN Configuration opens Figure 76 VLAN Configuration 4 Change the Interface Status setting 5 Click Apply The VLAN configuration is modified and the device is updated 6 Click Save...

Page 121: ...lays the port or trunk number Interface VLAN Mode Indicates the port or trunk mode in the VLAN The possible values are General Indicates the port belongs to VLANs and each VLAN s interface is user def...

Page 122: ...cific port is not a member Disable Disables ingress filtering on the device Reserved VLAN Indicates the VLAN that is currently reserved for internal use by the system 2 Select an interface from the ta...

Page 123: ...on a Port The settings for the three GVRP timers must be the same on all GVRP active devices in your network This is configurable only in the CLI using the config if garp timer command Configuring GV...

Page 124: ...registration through GVRP is enabled on the interface The possible field values are Enable Enables GVRP registration on the device Disable Disables GVRP registration on the device 2 Select Enable GVR...

Page 125: ...the following fields MAC Based Group In the MAC Based Group table network managers group VLANs based on the VLAN MAC address MAC Address Displays the MAC address associated with the VLAN group Prefix...

Page 126: ...Page the Add MAC Address Group Page contains the following additional fields Host Defines the specified MAC address as the only address associated with the VLAN group 3 Define the fields 4 Click Appl...

Page 127: ...l fields Group Type Indicates the VLAN Group to which interfaces are mapped The possible field value is MAC based Indicates that interfaces are mapped to MAC based VLAN groups 3 Select a VLAN to map w...

Page 128: ...or example Syslog and local device reporting messages are assigned a severity code and include a message mnemonic which identifies the source application generating the message This allows messages to...

Page 129: ...s of a Flash memory log IP Address Displays the defined IP address of the syslog server Minimum Severity Indicates the defined minimum severity level Description Provides additional information about...

Page 130: ...any additional information about the syslog server for example its location UDP Port Defines the UDP port to which the server logs are sent The possible range is 1 65535 The default value is 514 Mini...

Page 131: ...severity for logging to file is Error Console Temporary and or Flash Enables or disables device event logging to the severity indicated 2 Define the relevant fields 3 Click Apply The Server Log confi...

Page 132: ...ry Log Page list the following information Log Index The log index number Log Time The date and time that the log was entered Severity The severity of the event for which the log entry was created Des...

Page 133: ...n on configuring Classic STP see Configuring Classic Spanning Tree Rapid STP Detects and uses network topologies that provide faster convergence of the spanning tree without creating forwarding loops...

Page 134: ...are Enable Enables STP on the device Disable Disables STP on the device STP Operation Mode Specifies the STP mode that is enabled on the device The possible field values are Classic STP Enables Class...

Page 135: ...is 6 40 seconds the default value is 20 seconds Forward Delay Specifies the device Forward Delay Time in seconds The Forward Delay Time is the time interval during which a bridge remains in the liste...

Page 136: ...erface Configuration Page The STP Interface Configuration Page contains the following sections STP Port Parameters table Global System Trunk table The parameters listed in both tables are identical Th...

Page 137: ...earning mode The interface cannot forward traffic however it can learn new MAC addresses Forwarding Indicates the port is currently in the forwarding mode The port can forward traffic and learn new MA...

Page 138: ...n Page for ports or for trunks opens Figure 92 Spanning Tree Configuration Page In addition to the STP Interface Configuration Page the port level Spanning Tree Configuration Page contains the followi...

Page 139: ...port and stacking member for which the RSTP settings are displayed Trunks Specifies the trunk for which the RSTP settings are displayed Interface Displays the port or trunk on which Rapid STP is enabl...

Page 140: ...determines the state Point to Point Operational Status Displays the point to point operating state Activate Protocol Migration Test Select to run a Protocol Migration Test The test identifies the STP...

Page 141: ...learn new MAC addresses Disabled Indicates that STP is currently disabled on the port The port forwards traffic while learning MAC addresses 3 Define the Interface Point to Point Admin Status and Act...

Page 142: ...TP Page contains information for defining global MSTP settings including region names MSTP revisions and maximum hops To define MSTP 1 Click Layer 2 MSTP The MSTP Page opens Figure 95 MSTP Page The MS...

Page 143: ...Instance Settings Click Configure to define MSTP Instances settings 2 Define the Region Name Revision and Max Hops fields 3 Click Apply The MSTP properties are defined and the device is updated Defin...

Page 144: ...the root device Designated Indicates the port or trunk through which the designated device is attached to the LAN Alternate Provides an alternate path to the root device from the root interface Backu...

Page 145: ...elected interface 5 Click Save Config on the menu to save changes permanently 6 To view the MSTP configurations of all interfaces click Interface Table The MSTP Interface Table is displayed In the MST...

Page 146: ...ayer 2 MSTP The MSTP Page opens 2 Click Configure next to the Configure Instance Mapping option The MSTP Instance Mapping Page opens Figure 98 MSTP Instance Mapping Page The MSTP Instance Mapping Page...

Page 147: ...Layer 2 MSTP The MSTP Page opens 2 Click Configure next to the Configure Instance Settings option The MSTP Instance Settings Page opens Figure 99 MSTP Instance Settings Page The MSTP Instance Setting...

Page 148: ...figuring Multiple Spanning Tree Page 148 3 Define the fields 4 Click Apply MSTP is defined for the selected instance and the device is updated The MSTP Page is displayed 5 Click Save Config on the men...

Page 149: ...he relevant ports The Internet Group Management Protocol IGMP allows hosts to notify their local switch or router that they want to receive transmissions assigned to a specific Multicast group Multica...

Page 150: ...embers This results in the creation of the Multicast filtering database To configure IGMP Snooping 1 Click Multicast IGMP The IGMP Page opens Figure 100 IGMP Page The IGMP Page contains the following...

Page 151: ...Auto Learn is enabled on the device If Auto Learn is enabled the devices automatically learns where other Multicast groups are located Enables or disables Auto Learn on the Ethernet device The possibl...

Page 152: ...st times out as specified in the Leave Timeout field 3 Define the fields Select Reset as Default to use the default value 4 Click Apply The IGMP Snooping global parameters are modified and the device...

Page 153: ...ticast frames are flooded to all ports in the relevant VLAN Disabled is the default value VLAN ID Displays the VLAN for which Multicast parameters are displayed Bridge Multicast Address Identifies the...

Page 154: ...idge Multicast MAC Address and the Bridge Multicast IPv4 Address 6 Click Apply The new Multicast group is saved and the device is updated To modify a Multicast group 1 Click Modify The Multicast Group...

Page 155: ...e 105 Multicast Forward All Page The Multicast Forward All Page contains the following fields VLAN ID Displays the VLAN for which Multicast parameters are displayed Select the interfaces displayed in...

Page 156: ...6 3 Click Modify The Multicast Forward All Configuration Page opens Figure 106 Multicast Forward All Configuration Page 4 Define the Interface Status field 5 Click Apply The Multicast Forward All sett...

Page 157: ...g Filtering then this port s configuration is valid for any VLAN it is a member of or will be a member of To define unregistered Multicast settings 1 Click Multicast Unregistered Multicast The Unregis...

Page 158: ...Click Modify The Unregistered Multicast Configuration Page opens Figure 108 Unregistered Multicast Configuration Page 3 Define the Unregistered Multicast field 4 Click Apply The Multicast Forward All...

Page 159: ...e MIB tree The SNMPv3 security structure consists of security models with each model having its own security levels There are three security models defined SNMPv1 SNMPv2c and SNMPv3 Users are assigned...

Page 160: ...se Default Restores default SNMP settings using the Local Engine ID Enable SNMP Notifications Indicates if SNMP traps are enabled for the device The possible values are Checked Traps are enabled Unche...

Page 161: ...s 1 Click SNMP Community The SNMP Global Page opens The SNMP Community Page opens Figure 110 SNMP Community Page The SNMP Community Page contains the Basic and the Advanced Table SNMP Communities Basi...

Page 162: ...Name Contains a list of user defined SNMP views in addition to the Default and DefaultSuper views SNMP Communities Advanced Table The SNMP Communities Advanced Table contains the following fields Mana...

Page 163: ...nced SNMP community is defined A value of 0 0 0 0 indicates all management station IP addresses Community String Defines the community name used to authenticate the management station to the device Ba...

Page 164: ...entry in the Basic table or in the Advanced Table 2 Click Modify The Community Configuration Page opens Figure 112 Community Configuration Page 3 Define the Basic or Advanced configuration of the comm...

Page 165: ...define an SNMP group 1 Click SNMP Groups The SNMP Group Page opens Figure 113 SNMP Group Page The SNMP Group Page contains the following fields Group Name Displays the user defined group to which acce...

Page 166: ...ge s origin is authenticated Privacy Encrypts SNMP messages Operation Defines the group access rights The possible field values are Read Management access is restricted to read only and changes cannot...

Page 167: ...Click SNMP Groups The SNMP Group Page opens 2 Click Modify The Group Configuration Page opens Figure 115 Group Configuration Page 3 Define the Group Name Security Level Security Model and Operation f...

Page 168: ...defined user names The field range is up to 30 alphanumeric characters Group Name Contains a list of user defined SNMP groups SNMP groups are defined in the SNMP Group Profile Page Engine ID Displays...

Page 169: ...Page opens Figure 117 Add SNMP User Page In addition to the SNMP Users Page the Add SNMP User Page contains the following fields Authentication Method Defines the SNMP Authentication method The possi...

Page 170: ...on Privacy Key Defines the Privacy Key LSB If only authentication is required 20 bytes are defined If both privacy and authentication are required 36 bytes are defined Each byte in hexadecimal charact...

Page 171: ...s The SNMP Views Page opens Figure 119 SNMP Views Page The SNMP Views Page contains the following fields View Name Displays the user defined views The view name can contain a maximum of 30 alphanumeri...

Page 172: ...using one of the following options Select from List Select the Subtree from the list provided Pressing the Up and Down buttons allows you to change the priority by moving the selected subtree up or do...

Page 173: ...sers and the trap type sent SNMP notification filters provide the following services Identifying Management Trap Targets Trap Filtering Selecting Trap Generation Parameters Providing Access Control Ch...

Page 174: ...ates the number of times the device resends an inform request The field range is 1 255 The default is 3 SNMPv3 Notification Recipient The SNMPv3 Notification Recipient table contains the following fie...

Page 175: ...IPv6 Address Type Defines the type of configurable static IPv6 IP address for an interface The possible values are Link Local Defines a Link Local address non routable and can be used for communicati...

Page 176: ...y notification settings 1 Click SNMP Notify The SNMP Notify Page opens 2 Select an entry from one of the tables and click Modify The SNMP Notify Configuration Page opens Figure 123 SNMP Notify Configu...

Page 177: ...ter notifications To configure SNMP notification filters 1 Click SNMP Notify The SNMP Notify Page opens 2 Click Configure next to Configure Notification Filters The SNMP Notification Filter Configurat...

Page 178: ...ed from either the Select from List or the Object ID field There are two configuration options Select from List Select the OID from the list provided Pressing the Up and Down buttons allows you to cha...

Page 179: ...er systems and to store discovered information Device discovery information includes Device Identification Device Capabilities Device Configuration The advertising device transmits multiple advertisem...

Page 180: ...ible field range is 5 32768 seconds The default value is 30 seconds Use Default Selecting the check box returns settings to default Hold Multiplier 2 10 Indicates the amount of time that LLDP packets...

Page 181: ...waits before reinitializing LLDP transmissions in the Reinitializing Delay field 6 Define how long the system waits between LLDP packet transmissions if a change has occurred in the MIB in the Transmi...

Page 182: ...le static and dynamic IP addresses The possible field values are Stop Advertising Indicates the IP address is not advertised Auto Advertise Indicates that the software automatically selects a manageme...

Page 183: ...networks for QoS Policies Voice VLANs Provides Emergency Call Service E 911 via IP Phone location information Provides troubleshooting information LLDP MED sends network managers alerts for Port spee...

Page 184: ...y is defined for tagged VLANs Untagged Indicates the network policy is defined for untagged VLANs User Priority Defines the user priority assigned to the network application DSCP Value Defines the Dif...

Page 185: ...P Profile Rules The LLDP MED Network Policy Page opens 2 Click Modify The Network Policy Settings Configuration Page opens Figure 131 Network Policy Settings Configuration Page 3 Define the fields 4 C...

Page 186: ...No Indicates the stacking member s ports for which the LLDP MED port settings are displayed Port Specifies the list of ports to which LLDP MED network policy can be attached LLDP MED Status Indicates...

Page 187: ...ttached to the port Location Advertises the port s location PoE PSE Advertises the port PoE information Available Network Policies Network Policy Contains a list of network policies that can be assign...

Page 188: ...P advertisements To view LLDP Neighbor information 1 Click LLDP Neighbors Information The LLDP Neighbors Information Page opens Figure 134 LLDP Neighbors Information Page The LLDP Neighbors Informatio...

Page 189: ...The MAU performs physical layer functions including digital data conversion from the Ethernet interfaces collision detection and bit injection into the network System Name Displays the advertised syst...

Page 190: ...N Guest VLAN Signaling Softphone Voice Video Conferencing Streaming Video Video Signaling Flags Displays the VLAN tagging status for the application type The possible field values are Tagged The packe...

Page 191: ...remote monitoring Powered Devices are devices which receive power from the device power supplies for example IP phones Powered Devices are connected to the device via Ethernet ports The PoE threshold...

Page 192: ...rcent If maximum power available is 375 W and the power threshold is 95 the threshold is exceeded when the PoE devices require more than 356 25 W Maximum Power Available Indicates the maximum power al...

Page 193: ...s is the default setting Disable Disables PoE on the port Priority Level Indicates the PoE ports priority The possible values are Critical High and Low The default is Low Class Indicates the power cla...

Page 194: ...nnot be used to deliver power to the powered device The device has detected a fault on the powered device For example the powered device memory could not be read Test Indicates the powered device is b...

Page 195: ...ority Ensures that time sensitive applications are always forwarded Strict Priority SP allows the prioritization of mission critical time sensitive traffic over less time sensitive applications For ex...

Page 196: ...he device Unchecked Disables QoS on the device Trust Mode Defines which packet fields to use for classifying packets entering the device When no rules are defined the traffic containing the predefined...

Page 197: ...Check the Restore Defaults option where needed 4 Click Modify The CoS Configuration Page opens Figure 139 CoS Configuration Page The CoS Configuration Page contains the following fields Interface Sets...

Page 198: ...tains scheduling and Priority Queue settings for the defined CoS and DSCP and contains the following fields Select Schedule Defines the priority method in queuing Strict Priority Indicates that traffi...

Page 199: ...oS Page The Configure CoS Page contains the following fields Restore Defaults Restores the device factory defaults for mapping CoS tags to a forwarding queue Class of Service Specifies the CoS priorit...

Page 200: ...n select Configure DSCP 3 Click Configure The Configure DSCP Page opens Figure 142 Configure DSCP Page The Configure DSCP Page contains the following fields Restore Defaults Restores the device factor...

Page 201: ...network managers to define the bandwidth settings for a specified egress interface The Bandwidth Page is not used with the Service mode as bandwidth settings are based on services To configure bandwi...

Page 202: ...ss ports Defines the amount of bandwidth assigned to the interface The available values are 3 5 Mbps 1 Gbps for FE ports the maximum value equals the maximum port speed Egress Shaping Rates Indicates...

Page 203: ...a backup copy of the device configuration Up to five backup configuration files can be saved on the device with user configured names These files are generated when the user copies the Running Config...

Page 204: ...the Configuration File is restored to the factory defaults Unchecked After the Configuration File is restored to the factory defaults the system remains in session Unit No Indicates the unit number A...

Page 205: ...d IP Format Defines the supported Internet Protocol for TFTP operations The possible field values are IPv4 Indicates that IPv4 is supported IPv6 Indicates that IPv6 is supported IPv6 Address Type If I...

Page 206: ...below Firmware Device downloads or uploads a firmware file depending on the selection above Configuration Device downloads or uploads a configuration file depending on the selection above Source File...

Page 207: ...Firmware Copies the Firmware or the Boot file from the Stacking Master Software Image Downloads the Image file Destination Unit Downloads firmware or the Boot file to the designated unit The values ar...

Page 208: ...e Test Page opens Figure 147 Cable Test Page The Cable Test Page displays the following information Unit Number Indicates the stacking member for which the Ethernet ports information is displayed Port...

Page 209: ...Utilities Page 209 3 Click Test The cable test is performed 4 Click Advanced The Cable Test Configuration Page opens and the copper cable test results are displayed Figure 148 Cable Test Configuratio...

Page 210: ...ace configuration information is displayed Port Displays the IP address of the port on which the cable is tested Temperature Celsius Displays the temperature oC at which the cable is operating Voltage...

Page 211: ...current device configuration from being lost To reset the device 1 Click Utilities Reset The Reset Page opens Figure 150 Reset Page 2 Select the Reset Unit No Select a specific unit number in the dro...

Page 212: ...evice Statistics Managing RMON Statistics Viewing Device Statistics This section contains the following topics Viewing Interface Statistics Viewing Etherlike Statistics Viewing Interface Statistics Th...

Page 213: ...statistics are not refreshed Receive Statistics Total Bytes Octets Displays the number of octets received on the selected interface Multicast Packets Displays the number of Multicast packets received...

Page 214: ...nit No Specifies the unit for which the Etherlike statistics are displayed Port Specifies the port within the unit for which the Etherlike statistics are displayed Trunk Defines the specific trunk for...

Page 215: ...ber of oversized packet errors on the selected interface Internal MAC Receive Errors Displays the number of internal MAC received errors on the selected interface Received Pause Frames Displays the nu...

Page 216: ...t device utilization and errors that occurred on the device The RMON Statistics Page contains statistics for both received and transmitted packets To view RMON statistics 1 Click Statistics RMON Stati...

Page 217: ...umber of CRC and Align errors that have occurred on the interface since the device was last refreshed Undersize Packets Displays the number of undersized packets less than 64 octets received on the in...

Page 218: ...nk Specifies the trunk from which the RMON information was taken Sampling Interval Indicates in seconds the time period that samplings are taken from the ports The field range is 1 3600 The default is...

Page 219: ...4 Click Apply The new entry is added to the history table and the device is updated To edit an RMON history entry 1 Click Statistics RMON History The RMON History Page opens 2 Click Modify The RMON Hi...

Page 220: ...ed during a single sample To view the RMON History Table 1 Click Statistics RMON History The RMON History Page opens 2 Click View The RMON History Table Page opens Figure 157 RMON History Table Page T...

Page 221: ...s last refreshed Undersize Packets Displays the number of undersized packets less than 64 octets received on the interface since the device was last refreshed Oversize Packets Displays the number of o...

Page 222: ...ent Entry Displays the event Community Displays the community to which the event belongs Description Displays the user defined event description Type Describes the event type Possible values are Log I...

Page 223: ...k Modify The RMON Events Configuration Page opens 3 Select an event entry and define the fields for the entry 4 Click Apply The event control settings are saved and the device is updated Viewing the R...

Page 224: ...ents Logs Page contains the following event log information Event Displays the RMON Events Log entry number Log No Displays the log number Log Time Displays the time when the log entry was entered Des...

Page 225: ...ry Indicates a specific alarm Counter Name Displays the selected MIB variable Interface Displays interface for which RMON statistics are displayed The possible field values are Port Displays the RMON...

Page 226: ...e field values are user defined RMON events Startup Alarm Displays the trigger that activates the alarm generation Rising is defined by crossing the threshold from a low value threshold to a higher va...

Page 227: ...Viewing Statistics Managing RMON Statistics Page 227 Figure 163 Alarm Configuration Page 3 Define the fields 4 Click Apply The RMON alarm is saved and the device is updated...

Page 228: ...the same software version Switch stacking and configuration is maintained by the Stacking Master The Stacking Master detects and reconfigures the ports with minimal operational impact in the event of...

Page 229: ...e stack continues to function however only the unit with the older join time joins the stack A message is sent to the user notifying that a unit failed to join the stack For first time Unit ID assignm...

Page 230: ...Stacking mode and Stand alone mode Each time the system reboots the Startup configuration file in the Master unit is used to configure the stack If a stack member is removed from the stack and then r...

Page 231: ...ter The unit is forced to be master of the stack Note that only Unit 1 or Unit 2 can be the stack master Select None for the system to decide which of the two master enabled units is the master in the...

Page 232: ...minal or a desktop or portable system with a serial port and running VT100 terminal emulation software The CLI can be accessed through the connected Terminal To connect a terminal to the device Consol...

Page 233: ...onfigurations are required Static IP Address and Subnet Mask User Name Static IP Address and Subnet Mask IP interfaces can be configured on each port of the device After entering the configuration com...

Page 234: ...configured user name is entered as a login name for remote management sessions To configure user name and privilege level enter the command at the system prompt as shown in the configuration example D...

Page 235: ...Copy 3329361 bytes copied in 00 03 00 hh mm ss console show bootvar Unit Image Filename Version Date Status 1 1 image 1 v1 1 0 29 25 Nov 2007 12 46 12 Not active 1 2 image 2 v1 1 0 29 25 Nov 2007 12 4...

Page 236: ...t the device The device boots up with the updated boot and system files Console copy tftp 172 16 101 101 file1 ros image Accessing file file1 on 172 16 101 101 Loading file1 from 172 16 101 101 09 Jul...

Page 237: ...g Member To download software an Stacking Member number 3 perform the following 1 Power up the stack as described in the Allied Telesis AT S95 Installation Guide The CLI command prompt is displayed 2...

Page 238: ...umber 1 instead of number 3 as per the previous example 2 Enter the copy command to copy the software from the Stacking Master to the Stacking Member To copy the software from the Stacking Master to a...

Page 239: ...ing time 36 Daylight Saving Time DST 36 Daylight Saving Time configuration broadcast time 35 DST per country 37 parameters 36 Default gateway 22 Delta 225 device management methods 41 43 DHCP 22 DHCP...

Page 240: ...addresses 22 MAC Based ACL 75 Management methods 43 46 Management Station 161 162 MDI 102 MDIX 102 MED LLDP port settings 186 MED network policy 183 MSTP interface 143 MSTP mapping 146 MSTP properties...

Page 241: ...dcast time 35 unicast time 35 SSH 53 Stacking 228 configuration 231 management interfaces 228 members 229 stacking chain topology 229 ring topology 228 Stacking Master 229 STP 134 136 140 STP configur...

Page 242: ...system defaults and includes the following topics RS 232 Port Settings Port Defaults Configuration Defaults Security Defaults Jumbo Frame Defaults System Time Defaults Spanning Tree Defaults Address T...

Page 243: ...t defaults Data Bits 8 Stop Bits 1 Parity None Flow Control None Baud Rate 115 200 bps Auto Negotiation Enabled Auto Negotiation advertised capabilities Enabled Auto MDI MDIX Enabled Head of Line Bloc...

Page 244: ...lts Jumbo Frame Defaults The following is the Jumbo Frame default System Time Defaults The following is the system time default Default User Name manager Default Password friend System Name None Comme...

Page 245: ...wing are the VLAN defaults STP Enabled STP Port Enabled Rapid STP Enabled Multiple STP Disabled Fast Link Disabled Path Cost Long Number of MAC Entries 8 000 MAC Address Aging Time 300 seconds VLAN Aw...

Page 246: ...The following are the Multicast defaults QoS Defaults The following are the QoS defaults Possible Trunks 8 Possible Ports per Trunk 8 LACP Ports Trunk 16 IGMP Snooping Disable Maximum Multicast Groups...

Reviews:

No comments

Related manuals for AT-S95

Canon PowerShot SX1 IS Software Manual preview
PowerShot SX1 IS
Brand: Canon Pages: 48
Canon VB-M40 Viewer Operation Manual preview
VB-M40
Brand: Canon Pages: 2
Autodesk AUTOCAR CIVIL 2010 Brochure preview
AUTOCAR CIVIL 2010
Brand: Autodesk Pages: 6
Alcatel-Lucent Wireless Network Guardian 9900 Brochure preview
Wireless Network Guardian 9900
Brand: Alcatel-Lucent Pages: 2
Juniper JUNOSE 11.2 Configuration Manual preview
JUNOSE 11.2
Brand: Juniper Pages: 772
URC Total Control Mobile Installation & Programming preview
Total Control Mobile
Brand: URC Pages: 14
YASKAWA XTRAWARE - V3.0 Manual preview
XTRAWARE - V3.0
Brand: YASKAWA Pages: 263
I.R.I.S. IPS9-FL Datasheet preview
IPS9-FL
Brand: I.R.I.S. Pages: 2
Intel Rapid Storage Technology User Manual preview
Rapid Storage Technology
Brand: Intel Pages: 19
GRASS VALLEY NetConfig Instruction Manual preview
NetConfig
Brand: GRASS VALLEY Pages: 44
MACROMEDIA FLEX BUILDER-USING FLEX BUILDER Use Manual preview
FLEX BUILDER-USING FLEX BUILDER
Brand: MACROMEDIA Pages: 158
Garmin 010-10844-00 - Mobile XT - GPS Software Quick Start Manual preview
010-10844-00 - Mobile XT - GPS Software
Brand: Garmin Pages: 8
AudioRealism Bass Line User Manual preview
Bass Line
Brand: AudioRealism Pages: 18
Axium Keypad Manager 3.0 User Manual preview
Keypad Manager 3.0
Brand: Axium Pages: 38
Brother VM-100 Brochure preview
VM-100
Brand: Brother Pages: 8
Brother BES Monogramming Suite Installation Manual preview
BES Monogramming Suite
Brand: Brother Pages: 10
Brother PEDESIGN PLUS Operation Manual preview
PEDESIGN PLUS
Brand: Brother Pages: 80
Xerox CSX 2000 Release Notes preview
CSX 2000
Brand: Xerox Pages: 12

Brands by name

Popular brands

Load more brands