manualshive.com logo in svg

Allworx PowerFlex P810, User Manual

The Allworx PowerFlex P810 user manual is a comprehensive guide to help you set up and maximize the performance of your device. You can download the manual for free at manualshive.com to get step-by-step instructions on how to use all the great features of this product.

Share
Download
background image

 PowerFlex 

8/24/48 Port GbE PoE Managed Switch User’s Guide 

5.9

 

SSH 

This section enables configuring SSH (Secure SHell) on the switch to securely access it. SSH is a 

secure communication protocol that combines authentication and data encryption to provide secure 

encrypted communication. 

To configure SSH via the web interface: 

1.  Navigate to 

Security

 > 

SSH

2.  Select Enabled in the mode to enable SSH. 
3.  Click 

Apply

 or click 

Reset

 to cancel changes and revert to previously saved values. 

0.

 

 
Figure 137: 

SSH Configuration 

 

 

Parameter 

Description 

Mode 

Indicates the SSH mode operation. Possible modes are:  
Enabled: Enable SSH mode operation.  
Disabled: Disable SSH mode operation. 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Toll Free 1-866-

ALLWORX • 585

-421-

3850 • 

www.allworx.com 

Revised: October 30, 2013 

Page 200 

Summary of Contents for PowerFlex P810

Page 1: ...PowerFlex 8 24 48 Port GbE PoE Managed Switch User s Guide Updated October 30 2013...

Page 2: ......

Page 3: ...PowerFlex 8 24 48 Port GbE PoE Managed Switch User s Guide...

Page 4: ...d use the management functions of the switch Audience Intended use For use by network administrators who are responsible for operating and maintaining network equipment consequently it assumes a basic...

Page 5: ...ved by the party responsible for compliance could void the authority to operate the equipment It is possible to use unshielded twisted pair UTP for RJ 45 connections Category 3 or better for 10 Mbps c...

Page 6: ...ide Revision History This section summarizes the changes in each revision of this guide Release Date Revision V2 29 09 09 2013 A3 V1 52 05 22 2013 A2 V1 07 10 17 2011 A1 Toll Free 1 866 ALLWORX 585 42...

Page 7: ...3 8 Views 25 3 9 Access 26 3 10 Trap 27 4 Configuration 29 4 1 Port 29 4 2 ACL 38 4 3 Aggregation 46 4 4 LACP 48 4 5 Spanning Tree 51 4 6 IGMP Snooping 62 4 7 MLD Snooping 70 4 8 MVR 77 4 9 LLDP 81 4...

Page 8: ...71 5 6 AAA 183 5 7 Port Security 192 5 8 Access Management 198 5 9 SSH 200 5 10 HTTPS 201 5 11 Auth Method 202 6 Maintenance 203 6 1 Restart Device 203 6 2 Firmware 204 6 3 Save Restore 206 6 4 Export...

Page 9: ...es for entry level networking including small business or enterprise applications and helps create a more efficient better connected workforce PowerFlex 8 24 48 L2 Managed Switches provide 8 24 or 48...

Page 10: ...og into the switches using the default IP IP Address 192 168 2 200 Subnet Mask 255 255 255 0 Default Gateway 192 168 2 254 Username admin Password blank Once the switch has obtained its IP address use...

Page 11: ...imum of only three users can log in to the switch at once Figure 1 Login Page NOTE To optimize the display effect use Microsoft IE 6 0 or above Netscape V7 1 or above or FireFox V1 00 or above and hav...

Page 12: ...ystem Up Time BIOS Version Firmware Version etc 3 1 1 Information The switch system information is provided here To view the System Information from the web interface Navigate to System System Informa...

Page 13: ...hardware the one after the hyphen is the version of mechanical Series number The serial number is assigned by the Manufacturer Host IP address Subnet Mask and Gateway IP Address The IP address subnet...

Page 14: ...on The string length is 0 to 255 and the content is ASCII characters from 32 to 126 System Name An assigned name for this managed switch By convention this is the node s fully qualified domain name A...

Page 15: ...720 to 720 minutes Daylight Saving Daylight saving is adopted in some countries If set it adjusts the time lag or advance in unit of hours according to the starting date and the ending date For exampl...

Page 16: ...GMT The valid range is from 1 to 1440 minutes Default is 60 mins Daylight Saving type Select By Dates or Recurring From Configure Daylight saving start date and time The format is YYYY MM DD HH MM To...

Page 17: ...he time is incorrect The switch supports configurable time zone from 12 to 13 step 1 hour Default Time zone 8 Hrs To configure Time in the web interface 1 Navigate to System Time NTP 2 Specify the NTP...

Page 18: ...e User Name and password for the user along with the Privilege Level 4 Click Apply 0 Figure 6 User Account Configuration Parameter Description User Name The name identifying the user This is also a li...

Page 19: ...vels Each group can have the Privilege Levels set from 1 to 15 To configure Privilege Level in the web interface 1 Navigate to System Account Privilege Level 2 Specify the Privilege parameter 3 Click...

Page 20: ...Everything except ping Port Everything except VeriPHY Diagnostics ping and VeriPHY Maintenance CLI System Reboot System Restore Default System Password Configuration Save Configuration Load and Firmw...

Page 21: ...ere is a rather substantial movement to adopt a new version of the Internet Protocol IPv6 which would have 128 bit IP addresses A three with thirty nine zeroes after it can represent this number rough...

Page 22: ...rovide the IP address for the switch in the dotted decimal notation IP Mask Provide the IP mask for the switch in the dotted decimal notation IP Gateway Provide the IP address of the gateway in the do...

Page 23: ...v6 address for the switch IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The sym...

Page 24: ...ck Apply 0 Figure 10 Syslog Configuration Parameter Description Server Mode Indicates the server mode operation When the mode operation is enabled syslog messages will be sent to the syslog server The...

Page 25: ...cription Auto refresh Evokes automatic periodic refresh of the log messages Level Level of the system log entry ID ID 1 of the system log entry Time The time of the system log entry based on the syste...

Page 26: ...nterface Navigate to System Syslog Detailed Log Figure 12 Detailed Syslog Information Parameter Description ID ID 1 of the system log entry Message Display a detailed log detail message Upper right ic...

Page 27: ...ing the field SNMP to Enable starts the SNMP agent Access all supported MIB OIDs including RMON MIB via SNMP manager If the field SNMP is set to Disable the SNMP agent de activates and ignores the rel...

Page 28: ...Apply 0 Figure 14 SNMP Configuration Parameter Description Get Community The Get or read community string Set Community The Set or write community string The set community can be enabled or disabled...

Page 29: ...during the next Apply Community The community access string to permit access to SNMPv3 agent The string length is 1 to 32 and the content is ASCII characters from 33 to 126 The community string will...

Page 30: ...ity model that this entry should belong to Possible security models are NoAuth NoPriv No authentication and no privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy Th...

Page 31: ...CII characters from 33 to 126 Privacy Protocol Indicates the privacy protocol that this entry should belong to Possible privacy protocols are None No privacy protocol DES An optional flag to indicate...

Page 32: ...ll be deleted during the next save Security Model Indicates the security model for this entry Possible security models are v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model...

Page 33: ...tent is ASCII characters from 33 to 126 View Type Indicates the view type that this entry should belong to Possible view types are included An optional flag to indicate that this view subtree should b...

Page 34: ...odels are any Any security model accepted v1 v2c usm v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Level Indicates the security model that this entry shoul...

Page 35: ...ap number to modify 3 Modify the parameters of the trap entry 4 Click Apply To revert to the original settings click Reset 0 Figure 20 SNMP Trap Host Configuration Parameter Description Delete Check t...

Page 36: ...no privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy Authentication Protocol Select MD5 or SHA for authentication Authentication Password The length of MD5 Authent...

Page 37: ...ction describes how to view the current port configuration and how to configure ports to non default settings including Linkup Linkdown Speed Current and configured Flow Control Current Rx Current Tx...

Page 38: ...e frames on the port are obeyed and the Current Tx column indicates whether pause frames on the port are transmitted The Rx and Tx settings are determined by the result of the last Auto Negotiation Ch...

Page 39: ...re port description via the web interface 1 Navigate to Configuration Port Port Description 2 Specify the port alias or description an alphanumeric string 3 Click Apply 0 Figure 22 Port Description Pa...

Page 40: ...ck Clear to clear all information on the ports 0 Figure 23 Port Statistics Overview Parameter Description Port This is the port number Packets The number of received and transmitted packets per port B...

Page 41: ...tatistics on the ports 0 Figure 24 Port Detail Statistics Overview Parameter Description Auto refresh To refresh the Port Statistics information automatically Receive Total and Transmit Total Rx and T...

Page 42: ...er of frames received with CRC or alignment errors Rx Undersize The number of short1 frames received with valid CRC Rx Oversize The number of long1 frames received with valid CRC Rx Fragments The numb...

Page 43: ...refresh check box for periodic page refresh 3 Click Refresh to refresh the port statistics or click Clear to clear all statistics on the ports 0 Figure 25 Queuing Counters Overview Parameter Descript...

Page 44: ...m 1310nm 1550nm and so on Baud Rate Display the maximum baud rate of the fiber module supported for instance 10M 100M 1G and so on Vendor OUI Display the Manufacturer s OUI code which is assigned by I...

Page 45: ...cing a large delay in case that data less then 3000 bytes transmits data always transmits after 48 us giving a maximum latency of 48 us the wakeup time If desired it is possible to minimize the latenc...

Page 46: ...applied to any port This makes it very easy to determine the type of ACL policy 4 2 1 Ports The section describes how to configure the ACL parameters ACE of each switch port These parameters affect f...

Page 47: ...on the port are not mirrored The default value is Disabled Logging Specify the logging operation of this port The values are Enabled Frames received on the port are stored in the System Log Disabled...

Page 48: ...e Limiter 2 Specify the rate ranging from 0 to 3276700 3 Scroll to set the Unit to pps or kbps 4 Click Apply or click Reset to revert to previously saved values 0 Figure 29 ACL Rate Limiter Configurat...

Page 49: ...r of ACEs is 256 on each switch Click on the lowest plus sign to add a new ACE to the list The reserved ACEs used for internal protocols cannot be edited or deleted the order sequence cannot be change...

Page 50: ...Only IPv6 frames can match this ACE Notice the IPv6 frames won t match the ACE with ehternet type Action Specify the action to take with a frame that hits this ACE Permit The frame that hits this ACE...

Page 51: ...ecific To filter a specific VLAN ID with this ACE select this value A field for entering a VLAN ID number appears VLAN ID When Specific is selected for the VLAN ID filter enter a specific VLAN ID numb...

Page 52: ...pecific ingress port Frame Type Indicates the frame type of the ACE Possible values are Any The ACE will match any frame type EType The ACE will match Ethernet Type frames Note that an Ethernet Type b...

Page 53: ...he values are Enabled Frames received on the port are mirrored Disabled Frames received on the port are not mirrored The default value is Disabled CPU Forward packet that matched the specific ACE to C...

Page 54: ...immediately become a member of a trunk group without any handshaking with its peer port This is also a disadvantage because the peer ports of the static trunk group may not know to aggregate together...

Page 55: ...e Check to enable the use of the TCP UDP Port Number or uncheck to disable By default TCP UDP Port Number is enabled Aggregation Group Configuration Locality Indicates the aggregation group type This...

Page 56: ...o inspect and change the current LACP port configurations An LACP trunk group with more than one ready member port is a real trunked group An LACP trunk group with only one or less than one ready memb...

Page 57: ...ait for a LACP packets from a partner speak if spoken to 4 4 2 System Status This section provides a status overview for all LACP instances To display the LACP System status in the web interface 1 Nav...

Page 58: ...eckbox for automatic page refresh periodically 3 Click Refresh to refresh the LACP Statistics 0 Figure 35 LACP Statistics Parameter Description Port The switch port number LACP Received Indicates the...

Page 59: ...est cost spanning tree it enables all root ports and designated ports and disables all other ports Network packets are therefore only forwarded between root ports and designated ports eliminating any...

Page 60: ...d values are in the range 4 to 30 seconds Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge Valid values are in the range 6 to 40 seconds and MaxAge must...

Page 61: ...Control whether a port in the error disabled state automatically will be enabled after a certain time If recovery is not enabled ports have to be disabled and re enabled for normal STP operation The...

Page 62: ...ANs Mapped field 4 Click Apply or click Reset to cancel the changes and revert to previously saved values 0 Figure 37 MSTI Configuration Parameter Description Configuration Identification Configuratio...

Page 63: ...igurations To configure the Spanning Tree MSTI Priorities parameters via the web interface 1 Navigate to Configuration Spanning Tree MSTI Priorities 2 Set the priority for the MSTI Instances Default i...

Page 64: ...ST normal Port configuration 4 Click Apply and click Reset to cancel the changes and revert to previously saved values 0 Figure 39 STP CIST Port Configuration Parameter Description Port The switch por...

Page 65: ...core region of the network influence the spanning tree active topology possibly because those bridges are not under the full control of the administrator This feature is also known as Root Guard Restr...

Page 66: ...ns MSTI port settings for physical and aggregated ports To configure the Spanning Tree MSTI Port Configuration parameters via the web interface 1 Navigate to Configuration Spanning Tree MSTI Ports 2 U...

Page 67: ...STP Bridge status in the web interface 1 Navigate to Configuration Spanning Tree Bridge Status 2 Checking the Auto refresh button automatically refreshes the page at periodic intervals 3 Click Refres...

Page 68: ...rrent STP port role of the CIST port The port role can be one of the following values AlternatePort BackupPort RootPort DesignatedPort Disabled Non STP Cist State The current STP port state of the CIS...

Page 69: ...t MSTP The number of MSTP Configuration BPDUs received transmitted on the port RSTP The number of RSTP Configuration BPDUs received transmitted on the port STP The number of legacy STP Configuration B...

Page 70: ...have already joined the specified IP multicast group The IGMP Snooping discards the packets if the user transmits multicast packets to the multicast group not built up in advance IGMP proxy or snoopin...

Page 71: ...roxy This feature can be used to avoid forwarding unnecessary join and leave messages to the router side Router Port Specify which ports act as router ports A router port is a port on the Ethernet swi...

Page 72: ...field enables the user to select the starting point in the VLAN Table To configure the IGMP Snooping VLAN Configuration via the web interface 1 Navigate to Configuration IGMP Snooping VLAN Configurat...

Page 73: ...ticast traffic is dropped and the port is not allowed to receive IP multicast traffic from that group If the filtering action permits access to the multicast group the port forwards the IGMP report fo...

Page 74: ...nooping Status Parameter Description VLAN ID The VLAN ID of the entry Querier Version Current working Querier Version Host Version Current working Host Version Querier Status Displays the Querier stat...

Page 75: ...at periodic intervals 3 Click Refresh to refresh an entry of the IGMP Snooping Groups Information 4 Click or to move to previous or next entry 0 Figure 48 IGMP Snooping Groups Information Parameter De...

Page 76: ...display the IGMPv3 IPv4 SSM Information in the web interface 1 Navigate to Configuration IGMP Snooping IPv4 SSM Information 2 Check Auto refresh to refresh the page at periodic intervals 3 Click Refre...

Page 77: ...ID port number Group Address basis It can be either Include or Exclude Source Address IP Address of the source Currently system limits the total number of IP source addresses for filtering to 128 Typ...

Page 78: ...Note that this is a function of the application software not of MLD When MLD snooping is enabled on a VLAN the switch acts to minimize unnecessary multicast traffic If the switch receives multicast t...

Page 79: ...ilure of Neighbor Discovery Router Port Specify which ports act as router ports A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or MLD querier If an aggr...

Page 80: ...ve no MLD hosts To configure the MLD Snooping VLAN Configuration via the web interface 1 Navigate to Configuration MLD Snooping VLAN Configuration 2 Check the Snooping Enabled checkbox for VLANs to en...

Page 81: ...Filtering 2 Click Add new Filtering Group 3 Specify the Filtering Groups for each port 4 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 52 MLD Snooping Por...

Page 82: ...mation 0 Figure 53 MLD Snooping Status Parameter Description VLAN ID The VLAN ID of the entry Querier Version Current working Querier Version Host Version Current working Host Version Querier Status D...

Page 83: ...displays the first 20 entries from the beginning of the MLD Group Table The Start from VLAN and group input fields enable the user to select the starting point in the MLD Group Table The Start from V...

Page 84: ...LDv2 IPv6 SSM Information in the web interface 1 Navigate to Configuration MLD Snooping IPv6 SSM Information 2 Check Auto refresh to refresh the page automatically at periodic intervals 3 Click Refres...

Page 85: ...ulticast data to and from the multicast VLAN 4 8 1 Configuration The section describes the MVR basic configuration To configure MVR via the web interface 1 Navigate to Configuration MVR Configuration...

Page 86: ...ration MVR Port Group Allow 2 Click Add new Allow Group 3 Click Apply or Click Reset to revert to previously saved values Click Apply and Save Start to save the change 0 Figure 57 MVR Port Group Allow...

Page 87: ...iguration MVR Groups Information 2 Check Auto refresh to refresh the page automatically at periodic intervals 3 Click Refresh to refresh the MVR Groups Information 4 Click or to move to previous or ne...

Page 88: ...riodic intervals 3 Click Refresh to refresh the MVR Statistics 4 Click or to move to previous or next entry 0 Figure 59 MVR Statistics Information Parameter Description VLAN ID The Multicast VLAN ID V...

Page 89: ...ernet The protocol is formally referred to by the IEEE as Station and Media Access Control Connectivity Discovery specified in standards document IEEE 802 1AB 4 9 1 LLDP Configuration This page enable...

Page 90: ...ion Valid values are restricted to 1 10 seconds LLDP Port Configuration The LLDP port settings relate to the currently selected stack unit as reflected by the page header Port The switch port number o...

Page 91: ...led all CDP frames are terminated by the switch NOTE When CDP awareness on a port is disabled the CDP information is not removed immediately but gets removed when the hold time is exceeded Port Descr...

Page 92: ...e Port ID The Remote Port ID is the identification of the neighbor port System Name System Name is the name advertised by the neighbor unit Port Description Port Description is the port description ad...

Page 93: ...tomated power management of Power over Ethernet PoE end points Inventory management enabling network administrators to track network devices and determine the characteristics manufacturer software har...

Page 94: ...epeat count it is possible to specify the number of times the fast start transmission would be repeated The recommended value is 4 times given that 4 LLDP frames with a 1 second interval will be trans...

Page 95: ...K DE or US State National subdivisions state canton region province prefecture County County parish gun Japan district City City township shi Japan Example Copenhagen City district City division borou...

Page 96: ...ements such as interactive voice and or video services The network policy attributes advertised are 1 Layer 2 VLAN ID IEEE 802 1Q 2003 2 Layer 2 priority value IEEE 802 1D 2004 3 Layer 3 Diffserv code...

Page 97: ...c VLAN When a network policy is defined for use with an untagged VLAN see Tagged flag below then the L2 priority field is ignored and only the DSCP value has relevance 6 Video Conferencing for use by...

Page 98: ...A value of 0 represents use of the default DSCP value as defined in RFC 2475 Adding a new policy Click to add a new policy Specify the Application type Tag VLAN ID L2 Priority and DSCP for the new po...

Page 99: ...as defined in TIA 1057 provide access to the IEEE 802 based LAN infrastructure for LLDP MED Endpoint Devices An LLDP MED Network Connectivity Device is a LAN access device based on any of the followin...

Page 100: ...Conference Bridges Media Servers and similar Discovery services defined in this class include media type specific network layer policy discovery LLDP MED Communication Endpoint Class III The LLDP MED...

Page 101: ...n network topologies that require a separate policy for the video signalling than for the video media Policy Policy indicates that an Endpoint Device wants to explicitly advertise that the policy is r...

Page 102: ...LLDP frames Tx Tw The link parther s maximum time that transmit path can holdoff sending data after deassertion of LPI Rx Tw The link parther s time that receiver would like the transmitter to holdof...

Page 103: ...link parther The resolved value that is the actual tx wakeup time used for this link based on EEE information exchanged via LLDP Resolved Rx Tw The resolved Rx Tw for this link Note NOT the link part...

Page 104: ...Description Global Counters Neighbor entries were last changed It displays the time when the last entry was deleted or added and the time elapsed since the last change was detected Total Neighbor Entr...

Page 105: ...n the Chassis ID or Remote Port ID is not already contained within the table Entries are removed from the table when a given port s link is down an LLDP shutdown frame is received or when the entry ag...

Page 106: ...k Reset to cancel changes and revert to previously saved values 0 Figure 66 Power over Ethernet Configuration Parameter Description Power Supply Configuration Primary Power Supply W The switch can hav...

Page 107: ...manually refreshes the page 0 Figure 67 Power over Ethernet Status Parameter Description Local Port This is the logical port number for this row PD Class The PD class that the device attached port bel...

Page 108: ...2 Enable the Delay Mode and set the delay time 3 Click Apply 0 Figure 68 Power Delay Parameter Description Port Indicates the port number Delay Mode To turn on off the power delay function Enabled En...

Page 109: ...ription Ping Check When enabled the function detectes the connection between the PoE port and the PD connected Port Indicates the switch port number Ping IP Address The PD s IP address to ping Interva...

Page 110: ...o Configuration PoE Scheduling 2 Enable PoE scheduling for desired ports 3 Specify the days of the week and hours of the day to enable PoE 4 Click Apply 0 Figure 70 PoE Scheduling Parameter Descriptio...

Page 111: ...switch to automatically update the MAC table with these dynamic MAC addresses The MAC table removes dynamic entries after not seeing the frame with the corresponding SMAC address after a configurable...

Page 112: ...ecking Disable Automatic Aging MAC Table Learning If the learning mode for a given port is greyed out another module is in control of the mode so that it cannot be changed by the user An example of su...

Page 113: ...mum of 64 entries is for the whole stack and not per switch The MAC table is sorted first by VLAN ID and then by MAC address Delete Check to delete the entry It will be deleted during the next apply V...

Page 114: ...ress Table in the web interface Navigate to Configuration Filtering Database Dynamic MAC Table Figure 72 Dynamic MAC Address Table Information Parameter Description Type Indicates whether the entry is...

Page 115: ...members 3 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 73 VLAN Membership Configuration Parameter Description Delete To delete a VLAN entry check this b...

Page 116: ...ect the Role of each port as Access Trunk or Hybrid To configure VLAN Port configuration via the web interface 1 Navigate to Configuration VLAN Ports 2 Specify the port parameters 3 Click Apply or cli...

Page 117: ...VLAN of the frame the frame is discarded By default ingress filtering is disabled Frame Type Determines whether the port accepts all frames or only tagged untagged frames This parameter affects VLAN i...

Page 118: ...l MVRP allows dynamic registration and deregistration of VLANs on ports on a VLAN bridged network GVRP GARP VLAN Registration Protocol GVRP allows dynamic registration and deregistration of VLANs on p...

Page 119: ...ress Filtering Displays the ingress filtering on a port This parameter affects VLAN ingress processing If ingress filtering is enabled and the ingress port is not a member of the classified VLAN the f...

Page 120: ...multiple Private VLANs To configure Private VLANs via the web interface 1 Navigate to VLANs Private VLANs Private VLAN Membership 2 Click Add new Private VLAN 3 Specify the Private VLAN ID and Port M...

Page 121: ...data packet based upon the destination address on the data packet and sends The data packet is then sent to the plurality of ports pursuant to the forwarding map generated based upon whether the ingre...

Page 122: ...hand if Port A and Port B belong to the same VLAN after terminal devices access the network through Port B each has access to the same resources as those accessing the network through Port A do which...

Page 123: ...roadcast or multicast MAC addresses Legal values for a VLAN ID are 1 through 4095 The MAC based VLAN entry is enabled on the selected stack switch unit when clicking Apply A MAC based VLAN without any...

Page 124: ...nguished by the 8 bit 802 2 Service Access Point SAP fields SNAP supports identifying protocols by Ethernet type field values it also supports vendor private protocol identifier spaces It is used with...

Page 125: ...case also is comprised of two different sub values a OUI OUI Organizationally Unique Identifier is value in format of xx xx xx where each pair xx in string is a hexadecimal value ranging from 0x00 0xf...

Page 126: ...acters which consists of a combination of alphabets a z or A Z and integers 0 9 Do not use special characters The Group name to map to a VLAN must be present in Protocol to Group mapping table and mus...

Page 127: ...hat the switch can classify and schedule network traffic Allworx recommends that there are two VLANs on a port one for voice one for data To configure Voice VLAN via the web interface 1 Navigate to Co...

Page 128: ...d Disjoin from Voice VLAN Auto Enable auto detect mode It detects whether there is a VoIP phone attached to the specific port and configures the Voice VLAN members automatically Forced Force join to V...

Page 129: ...n Reboot the phone The phone will now boot successfully and load new firmware Select YES to load firmware to flash Once the phone boots up select CONFIG and navigate down to Set Factory Defaults Selec...

Page 130: ...ion Delete Check to delete the entry It will be deleted during the next apply Telephony OUI A telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 characters...

Page 131: ...omponent associated with each port on the switch The GARP Information Propagation GIP component carries out the propagation of information between GARP participants for the same application in a bridg...

Page 132: ...1000ms The default value for Leave Timer is 600ms Leave All Timer The default value for Leave All Timer is 10000ms Application Currently only supported application is GVRP Attribute Type Currently on...

Page 133: ...hich per port GARP statistics are shown Peer MAC Peer MAC is MAC address of the neighbor Switch from which the GARP frame is received Failed Count Number of GARP Join packets received by the switch th...

Page 134: ...ate machine maintains the contents of Dynamic VLAN Registration Entries for each VLAN and propagate the information to other GVRP aware devices to setup and update the knowledge database the set of VL...

Page 135: ...2 configuration settings to configure on per port bases GVRP Mode GVRP role GVRP Mode This configuration is to enable disable GVRP Mode on a particular port locally Disable Select to Disable GVRP mode...

Page 136: ...efresh to refresh the page automatically at periodic intervals 3 Click Refresh to refresh the page manually 0 Figure 88 GVRP Port Statistics Parameter Description Port The Port coulmn displays the lis...

Page 137: ...ntrol guarantees to the frame according to what was configured for that specific QoS class The switch also supports advanced memory control mechanisms providing excellent performance of all QoS classe...

Page 138: ...ecedence level i e the DP level for frames not classified in any other way PCP Controls the default PCP for untagged frames DEI Controls the default DEI for untagged frames Tag Class Displays the clas...

Page 139: ...licing 2 Check the Mode checkbox to enable policing on a port Set the rate in kbps Mbps fps or kfps 3 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 90 QoS...

Page 140: ...chedulers via the web interface 1 Navigate to Configuration QoS Port Schedulers 2 Click on the port number to set the parameters for the port 0 Figure 91 QoS Egress Port Schedules Click the Port index...

Page 141: ...easure for the queue shaper rate as kbps or Mbps The default value is kbps Queue Shaper Excess Controls allowing the queue to use excess bandwidth Queue Scheduler Weight Controls the weight for this q...

Page 142: ...Shapers via the web interface 1 Navigate to Configuration QoS Port Shaping 2 Click on the port number to set the parameters for that port 0 Figure 92 QoS Egress Port Shapers Click the Port index to s...

Page 143: ...Controls the unit of measure for the queue shaper rate as kbps or Mbps The default value is kbps Queue Shaper Excess Controls allowing the queue to use excess bandwidth Queue Scheduler Weight Controls...

Page 144: ...that port 0 Figure 93 Port Tab Remarking Parameter Description Port The logical port for the settings contained in the same row Click on the port number in order to configure the schedulers Tag Remar...

Page 145: ...ss and egress settings Ingress Change the ingress translation and classification settings for individual ports There are two configuration parameters available in Ingress Translate To Enable the Ingre...

Page 146: ...Trust 3 Use the drop down menu to select the QoS Class and DPL parameters 4 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 95 DSCP Based QoS Ingress Classi...

Page 147: ...escription DSCP Maximum number of supported DSCP values are 64 and valid DSCP value ranges is 0 to 63 Ingress Ingress side DSCP can be first translated to new DSCP before using the DSCP for QoS class...

Page 148: ...n menu to select the DSCP classification values 3 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 97 DSCP Classification Configuration Parameter Description...

Page 149: ...s for the QCE and apply it to a port by checking the box es for the ports s 4 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 98 QoS Control List Configurat...

Page 150: ...CE and pressing Refresh button PCP and DEI Action Indicates the action that is taken on ingress frame if parameters configured are matched with the frame s content There are three action fields Class...

Page 151: ...tination Service Access Point can vary from 0x00 to 0xFF or Any the default value is Any Control Address Valid Control Address can vary from 0x00 to 0xFF or Any the default value is Any SNAP PID Valid...

Page 152: ...ource TCP UDP port 0 65535 or Any specific or port range applicable for IP protocol UDP TCP Dport Destination TCP UDP port 0 65535 or Any specific or port range applicable for IP protocol UDP TCP Acti...

Page 153: ...hernet frames with Ether Type 0x600 0xFFFF LLC Only LLC frames LLC Only SNAP frames IPv4 The QCE matches only IPV4 frames IPv6 The QCE matches only IPV6 frames Port Indicates the list of ports configu...

Page 154: ...guration QoS Storm Control 2 Enable Storm Control for the port and set the rate limits for the frame types 3 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure...

Page 155: ...e ID of this particular sFlow Collector Currently one ID is supported as one collector is supported ID Type A drop down list to select the type of IP of Collector is displayed By default it is IPv4 IP...

Page 156: ...er parameters 4 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 102 sFlow Sampler Configuration Parameter Description sFlow Ports List of the port numbers o...

Page 157: ...n Parameter Description Enable Loop Protection Enable disable loop protection globally on the switch Transmission Time The interval between each loop protection PDU sent on each port Valid values are...

Page 158: ...port number Action The currently configured port action Transmit The currently configured port transmit mode Loops The number of loops detected on this port Status The current status of the port Loop...

Page 159: ...tion To configure Single IP via the web interface 1 Navigate to Configuration Single IP Configuration 2 Specify the Single IP mode and Group name 3 Click Apply or Click Reset to revert to previously s...

Page 160: ...ion via the web interface Navigate to Configuration Single IP Information Figure 106 Single IP Information Parameter Description Index The ID of the active Slave switch Model Name Displays the model n...

Page 161: ...ription Port Members To select which Port to enable the Easy Port function for Role Select the type of device to connect and implement the Easy Port settings for Access VLAN To set the Access VLAN ID...

Page 162: ...limit the default is 1 Spanning Tree Admin Edge Enable or disable the Spanning Tree Admin Edge function on the Easy Port Spanning Tree BPDU Guard Enable or disable the Spanning Tree BPDU Guard functio...

Page 163: ...tored ports and the modes RX only TX only or enabled both RX and TX By default the ports disable mirroring 3 Click Save to save the setting or click Reset to cancel changes and revert to previously sa...

Page 164: ...r frames received are mirrored Enabled Frames received and frames transmitted are mirrored on the mirror port NOTE For a given port a frame is only transmitted once It is therefore not possible to mir...

Page 165: ...web interface 1 Navigate to Configuration Trap Event Severity Configuration 2 Select the Group name and Severity Level 3 Click Apply or click Reset to cancel changes and revert to previously saved va...

Page 166: ...the parameters 3 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 110 SMTP Configuration Parameter Description Mail Server Specify the IP Address of the Emai...

Page 167: ...anges and revert to previously saved values 0 Figure 111 UPnP Configuration Parameter Description Mode Indicates the UPnP operation mode Possible modes are Enabled Enable UPnP operation mode Disabled...

Page 168: ...y or click Reset to cancel changes and revert to previously saved values 0 Figure 112 UPnP Configuration Parameter Description Mode Enable or disable IP Source Guard globally on the switch All configu...

Page 169: ...address field 4 Click Apply 0 Figure 113 Static IP Source Guard Table Parameter Description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the setti...

Page 170: ...ess and entries per page 3 Check Auto refresh to refresh the page automatically at periodic intervals 4 Click Refresh to refresh the page manually 5 Click or to go to the previous or next page 0 Figur...

Page 171: ...enable ARP Inspection and set the mode for each port 3 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 115 ARP Inspection Configuration Parameter Descripti...

Page 172: ...and MAC address for the entry 4 Click Apply 0 Figure 116 Static ARP Inspection Table Parameter Description Delete Check to delete the entry It will be deleted during the next save Port The logical por...

Page 173: ...pecify the Start from port VLAN ID MAC Address IP Address and entries per page 2 Check Auto refresh to refresh the page automatically at periodic intervals 3 Click Refresh to refresh the page manually...

Page 174: ...ooping Configuration Parameter Description Snooping Mode Indicates the DHCP snooping mode operation Possible modes are Enabled Enable DHCP snooping mode operation When DHCP snooping mode operation is...

Page 175: ...equest Number of request option 53 with value 3 packets received and transmitted Rx and Tx Decline Number of decline option 53 with value 4 packets received and transmitted Rx and Tx ACK Number of ACK...

Page 176: ...Parameter Description Relay Mode Indicates the DHCP relay mode operation Possible modes are Enabled Enable DHCP relay mode operation When DHCP relay mode operation is enabled the agent forwards and tr...

Page 177: ...he policy It only works when the DHCP relay information operation mode is enabled Possible policies are Replace Replace the original relay information when a DHCP message that already contains it is r...

Page 178: ...on options Receive Missing Circuit ID Number of packets received with the Circuit ID option missing Receive Missing Remote ID Number of packets received with the Remote ID option missing Receive Bad C...

Page 179: ...ettings via the web interface 1 Navigate to Security NAS Configuration 2 Select Enabled to enable NAS globally on the switch 3 Check Reauthentication Enabled 4 Set Reauthentication Period Default is 3...

Page 180: ...s setting applies to the following modes i e modes using the Port Security functionality to secure MAC addresses Single 802 1X Multi 802 1X MAC Based Auth When the NAS module uses the Port Security mo...

Page 181: ...he RADIUS server must be configured to transmit special RADIUS attributes to take advantage of this feature see RADIUS Assigned VLAN Enabled below for a detailed description The RADIUS Assigned VLAN E...

Page 182: ...een the supplicant and the switch are special 802 1X frames known as EAPOL EAP Over LANs frames EAPOL frames encapsulate EAP PDUs RFC3748 Frames sent between the switch and the RADIUS server are RADIU...

Page 183: ...ated To overcome this security breach use the Multi 802 1X variant Multi 802 1X is not an IEEE standard but features many of the same characteristics as port based 802 1X Multi 802 1X is like Single 8...

Page 184: ...If present and valid traffic received on the supplicant s port will be classified to the given QoS Class If re authentication fails or the RADIUS Access Accept packet no longer carries a QoS Class or...

Page 185: ...ing requirements if Tag 0 is used the Tunnel Private Group ID does not need to include a Tag Value of Tunnel Medium Type must be set to IEEE 802 ordinal 6 Value of Tunnel Type must be set to VLAN ordi...

Page 186: ...urrent state of the port It can undertake one of the following values Globally Disabled NAS is globally disabled Link Down NAS is globally enabled but there is no link on the port Authorized The port...

Page 187: ...o NAS Port State for a description of the individual states Last Source The source MAC address carried in the most recently received EAPOL frame for EAPOL based authentication and the most recently re...

Page 188: ...Refer to NAS Admin State for a description of possible values Port State The current state of the port Refer to NAS Port State for a description of the individual states QoS Class The QoS class assig...

Page 189: ...ve states Multi 802 1X MAC based Auth The table is identical to and is placed next to the Port Counters table and will be empty if no MAC address is currently selected To populate the table select one...

Page 190: ...the port and in the unauthenticated state it is blocked As long as the backend server has not successfully authenticated the client it is unauthenticated If an authentication fails for one or the oth...

Page 191: ...in the Failback to Local Authorization 3 Select Enabled in the Account 0 To configure RADIUS Authentication Server parameters via the web interface 1 Check Enabled to enable the server 2 Specify IP ad...

Page 192: ...ure 126 TACACS Accounting Configuration Figure 127 RADIUS Authentication Configuration Figure 128 RADIUS Accounting Configuration Figure 129 TACACS Authentication Configuration Toll Free 1 866 ALLWORX...

Page 193: ...IUS Authentication Server Configuration The RADIUS Authentication Server number for which the configuration below applies Upto 5 servers can be configured Enabled Enable the RADIUS Authentication Serv...

Page 194: ...e The IP address or hostname of the TACACS Authentication Server IP address is expressed in dotted decimal notation Port The TCP port to use on the TACACS Authentication Server If the port is set to 0...

Page 195: ...led The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready...

Page 196: ...s were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left bef...

Page 197: ...pt packets valid or invalid received from the server Rx Access Rejects The number of RADIUS Access Reject packets valid or invalid received from the server Rx Access Challenges The number of RADIUS Ac...

Page 198: ...ed but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept access attempts Dead X seconds left Access att...

Page 199: ...ent server is counted as a Request as well as a timeout Other Info State Shows the state of the server It takes one of the following values Disabled The selected server is disabled Not Ready The serve...

Page 200: ...3 Check Aging Enabled 4 Set Aging Period Default is 3600 seconds 0 To configure Limit Control for each port via the web interface 1 Select Enabled to enable Port Security for desired ports 2 Specify...

Page 201: ...es the switch starts looking for frames from the end host and if such frames are not seen within the next Aging Period the end host is assumed to be disconnected and the corresponding resources are fr...

Page 202: ...s point of view The state takes one of four values Disabled Limit Control is either globally disabled or disabled on the port Ready The limit is not yet reached This can be shown for all actions Limi...

Page 203: ...therwise The status page is divided into two sections one with a legend of user modules and one with the actual port status To view the Port Security Switch Status in the web interface 1 Navigate to S...

Page 204: ...the Limit Control user module and that module has indicated that the limit is reached and no more MAC addresses should be taken in Shutdown The Port Security service is enabled by at least the Limit C...

Page 205: ...eriodic intervals 4 Click Refresh to refresh the page manually 0 Figure 134 Port Security Port Status Parameter Description MAC Address VLAN ID The MAC address and VLAN ID that is seen on this port If...

Page 206: ...cel changes and revert to previously saved values 0 Figure 135 Access Management Configuration Parameter Description Mode Indicates the access management mode operation Possible modes are Enabled Enab...

Page 207: ...rvals 3 Click Refresh to refresh the page manually 0 Figure 136 Access Management Statistics Parameter Description Interface The interface type through which the remote host can access the switch Rece...

Page 208: ...mmunication To configure SSH via the web interface 1 Navigate to Security SSH 2 Select Enabled in the mode to enable SSH 3 Click Apply or click Reset to cancel changes and revert to previously saved v...

Page 209: ...e Automatic Redirect 4 Click Apply or click Reset to cancel changes and revert to previously saved values 0 Figure 138 HTTPS Configuration Parameter Description Mode Indicates the HTTPS mode operation...

Page 210: ...rameter Description Client The management client for which the configuration applies Automatic Method Authentication Method can be set to one of the following values none authentication is disabled an...

Page 211: ...how to restart switch for any maintenance needs Any configuration files or scripts saved in the switch should still be available afterwards To restart the switch via the web interface 1 Navigate to M...

Page 212: ...lick the Upload button The switch will start to upload the firmware NOTE This page facilitates an update of the firmware controlling the switch After the software image is uploaded a page announces th...

Page 213: ...ckup firmware images and enables reverting to alternate image if required To activate alternate firmware image via the web interface 1 Navigate to Maintenance Firmware Firmware Selection 2 Click Activ...

Page 214: ...es 3 Check the Restore Default Configuration without changing current IP address checkbox to restore all other settings except the current IP settings to factory defaults This prevents losing connecti...

Page 215: ...ate to Maintenance Save Restore Save User 2 Click Save 0 Figure 145 Save as Backup Configuration 6 3 4 Restore User This section describes how to restore backup configuration to the switch Any current...

Page 216: ...export the Switch Configuration for maintenance needs Any current configuration files will be exported as an XML file To export config file via the web interface 1 Navigate to Maintenance Export Impo...

Page 217: ...iguration To import config file to the switch via the web interface 1 Navigate to Maintenance Export Import Import Config 2 Click Choose File to select the config file from the local device 3 Click Up...

Page 218: ...Click Start 0 Figure 149 ICMP Ping Update figure After clicking Start 5 ICMP packets transmit and display the sequence number and roundtrip time upon reception of a reply The page refreshes automatic...

Page 219: ...CMPv6 packets transmit and then display the sequence number and roundtrip time upon reception of a reply The page refreshes automatically until responses to all packets are received or until a timeout...

Page 220: ...down while running VeriPHY Therefore running VeriPHY on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete To run a VeriPHY Cable Diagnostics via the w...

Page 221: ...frame and an associated counter increments An ACE associations include Policy 1 ingress port or any ingress port the whole switch If creating an ACE Policy then associate that Policy with a group of p...

Page 222: ...m a MEP to it s peer MEP and used to implement CC functionality CDP An acronym for Cisco Discovery Protocol D DEI An acronym for Drop Eligible Indicator It is a 1 bit field in the VLAN tag DES An acro...

Page 223: ...s the fourth byte and it means the port number The Remote ID is 6 bytes in length and the value is equal the DHCP relay agents MAC address DHCP Snooping Blocks intruders on the untrusted ports of the...

Page 224: ...ous commands For example when entering a URL in the browser this actually sends an HTTP command to the Web server directing it to fetch and transmit the requested Web page The other main standard that...

Page 225: ...IMAP clients use to communicate with the servers and SMTP is the protocol used to transport mail to an IMAP server The current version of the Internet Message Access Protocol is IMAP4 It is similar t...

Page 226: ...f those capabilities and the identification of the stations point of attachment to the IEEE 802 LAN required by those management entity or entities The information distributed via this protocol is sto...

Page 227: ...nt in the core network instead the stream s are received on the MVR VLAN and forwarded to the VLANs where hosts have requested the multicast streams Wikipedia N NAS An acronym for Network Access Serve...

Page 228: ...power sourcing equipment to a remote device The remote device is called a PD PHY An abbreviation for Physical Interface Transceiver and is the device that implement the Ethernet physical layer IEEE 8...

Page 229: ...ID There are six QCE frame types Ethernet Type VLAN UDP TCP Port DSCP TOS and Tag Priority Frames can be classified by one of 4 different QoS classes Low Normal Medium and High for individual applicat...

Page 230: ...mail messages between systems and notifications regarding incoming mail SNAP An acronum for SubNetwork Access Protocol SNAP is a mechanism for multiplexing on networks using IEEE 802 2 LLC more protoc...

Page 231: ...chronized IEEE 1588 T TACACS An acronym for Terminal Acess Controller Access Control System Plus It is a networking protocol which provides access control for routers network access servers and other...

Page 232: ...hat want to save processing time because of very small data units to exchange may prefer UDP to TCP UDP provides two services not provided by the IP layer It provides port numbers to help distinguish...

Page 233: ...provider port with a double VLAN tag VLAN ID A 12 bit field specifying the VLAN to which the frame belongs Voice VLAN VLAN configured specially for voice traffic By adding the ports with voice devices...

Page 234: ...PowerFlex 8 24 48 Port GbE PoE Managed Switch User s Guide Toll Free 1 866 ALLWORX 585 421 3850 www allworx com Revised October 30 2013 Page 226...

Page 235: ......

Page 236: ...Toll Free 1 866 ALLWORX 585 421 3850 www allworx com Version 1 Revised October 7 2013...

Reviews:

No comments

Related manuals for PowerFlex P810

IBM RackSwitch G8264 Product Manual preview
RackSwitch G8264
Brand: IBM Pages: 20
IBM Flex System FC3171 Installation And User Manual preview
Flex System FC3171
Brand: IBM Pages: 64
Bridgetek PANL PH44 Quick Start Manual preview
PANL PH44
Brand: Bridgetek Pages: 2
Alloy AMS-10T2SFP Quick Install Manual preview
AMS-10T2SFP
Brand: Alloy Pages: 33
Raritan PC-Share Installation And Operation preview
PC-Share
Brand: Raritan Pages: 4
Black Box LGB5028A Installation Manual preview
LGB5028A
Brand: Black Box Pages: 44
Versa Technology VX-IGP-1204F User Manual preview
VX-IGP-1204F
Brand: Versa Technology Pages: 96
MiLAN MIL-S500 User Manual preview
MIL-S500
Brand: MiLAN Pages: 12
Ocean Matrix OMX-07HMHM0004 Operation Manual preview
OMX-07HMHM0004
Brand: Ocean Matrix Pages: 6
Kramer VM-42 User Manual preview
VM-42
Brand: Kramer Pages: 8
3onedata IES6100 Series Quick Installation Manual preview
IES6100 Series
Brand: 3onedata Pages: 4
Tekmar tekmarNet 4 User Switch 481 Data Brochure preview
tekmarNet 4 User Switch 481
Brand: Tekmar Pages: 12
Versa Technology VX-GPH1610 Quick Installation Manual preview
VX-GPH1610
Brand: Versa Technology Pages: 12
CAI Networks 690PG Installation Manual preview
690PG
Brand: CAI Networks Pages: 12
ZIEHL-ABEGG S-ET Series Operating Instructions Manual preview
S-ET Series
Brand: ZIEHL-ABEGG Pages: 12
ATEN CS-128A User Manual preview
CS-128A
Brand: ATEN Pages: 30
Burg Wächter SANSWITCH-10430 Quick Installation Manual preview
SANSWITCH-10430
Brand: Burg Wächter Pages: 11
Leviton vizia+ decora VPS15-1L Installation Instructions preview
vizia+ decora VPS15-1L
Brand: Leviton Pages: 3

Brands by name

Popular brands

Load more brands