Asus GIGAX 2024M User Manual Download Page 1

Page: 1 / 137

GigaX Series

Layer 3 Managed Switch

User Guide

Summary of Contents for GIGAX 2024M

Page 1: ...1 GigaX Series Layer 3 Managed Switch User Guide ...

Page 2: ...rchantability or fitness for a particular purpose In no event shall ASUS its directors officers employees or agents be liable for any indirect special incidental or consequential damages including damages for loss of profits loss of business loss of use or data interruption of business and the like even if ASUS has been advised of the possibility of such damages arising from any defect or error in...

Page 3: ...pment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment to an outlet on a circuit different from that ...

Page 4: ...ess 44370 Nobel Drive Fremont CA 94538 USA General Fax 1 502 933 8713 General Email tmd1 asus com Web Site usa asus com Technical Support Support Fax 1 502 933 8713 General Support 1 502 995 0883 Notebook Support 1 510 739 3777 x5110 Support Email tsd asus com ASUS COMPUTER GmbH Germany and Austria Address Harkort Str 25 D 40880 Ratingen BRD Germany General Fax 49 2102 9599 31 General Email sales ...

Page 5: ... Installing the hardware 19 3 1 1 Installing the switch on a flat surface 19 3 1 2 Mounting the switch on a rack 19 3 2 Part 2 Setting up the switch 20 3 2 1 Connect the console port 20 3 2 2 Connect to the computers or a LAN 20 3 2 3 Attach the RPS module 20 3 2 4 Attach the power adapter 20 3 3 Part 3 Basic switch setting for management 22 3 3 1 Setting up through the console port 22 3 3 2 Setti...

Page 6: ...nning Tree Rapid Spanning Tree 43 4 6 2 Link Aggregation 44 4 6 3 Mirroring 46 4 6 4 Static Multicast 48 4 6 5 IGMP Snooping 48 4 6 6 Traffic Control 49 4 6 7 Dynamic Addresses 50 4 6 8 Static Addresses 52 4 6 9 Tagged VLAN 53 4 6 10 Default Port VLAN and CoS 55 4 6 11 CoS Queue Mapping 56 4 6 12 DHCP Snooping 56 4 7 SNMP 58 4 7 1 Community Table 58 4 7 2 Host Table 59 4 7 3 Trap Setting 60 4 7 4 ...

Page 7: ...Test 79 5 1 1 Boot ROM Command Mode 80 5 1 2 Boot ROM Commands 81 5 2 Login and Logout 82 5 3 CLI Commands 82 5 3 1 System Commands 82 5 3 2 Physical Interface Commands 85 5 3 3 Route Commands 86 5 3 4 Bridge Commands 88 5 3 5 SNMP 96 5 3 5 Filters Commands 103 5 3 6 Security Commands 107 6 IP Addresses Network Masks and Subnets 113 6 1 IP Addresses 113 6 1 1 Structure of an IP address 113 6 1 2 N...

Page 8: ...8 7 1 2 nslookup 120 7 2 Replacing defective fans 121 7 3 Simple fixes 123 8 Glossary 125 9 Index 134 ...

Page 9: ...ure 8 Configuration manager login screen 27 Figure 9 Home page 28 Figure 10 Top Frame 29 Figure 11 Expanded Menu List 30 Figure 12 Management 32 Figure 13 IP Setup 33 Figure 14 Administration 34 Figure 15 Firmware Upgrade 35 Figure 16 Physical Interface 37 Figure 17 Interfaces 39 Figure 18 Static Route 41 Figure 19 RIP 42 Figure 20 Spanning Tree 44 Figure 21 Link aggregation 46 Figure 22 Mirroring...

Page 10: ...4 Figure 38 Filter Set 66 Figure 39 Filter Rule in MAC mode 67 Figure 40 Filter Rule in IP mode 67 Figure 41 Filter Attach 69 Figure 42 Port Access Control 71 Figure 43 Dial In user 72 Figure 44 RADIUS 73 Figure 45 Traffic comparison 75 Figure 46 Error group 75 Figure 47 Historical Status 76 Figure 48 Save Configuration 77 Figure 49 CLI interface 79 Figure 50 Boot ROM Command Mode 80 Figure 51 SYS...

Page 11: ...module 122 List of Tables Table 1 Front panel labels and LEDs 17 Table 2 Rear panel labels 18 Table 3 Technical specifications 18 Table 4 LED Indicators 22 Table 5 Port color description 29 Table 6 Commonly used buttons and icons 31 Table 7 Boot ROM commands 81 Table 8 IP address structure 114 Table 9 Troubleshooting 123 ...

Page 12: ...matic MDI MDIX support for 10 100BASE TX and 10 100 1000BASE T ports Layer 3 switching for IP packets 2K IP address cache with hardware accelerated forwarding Static route RIP v1 v2 Compliant with 802 3u 802 3z and 802 3ab specifications 802 1D transparent bridge spanning tree protocol 802 1w RSTP Rapid Spanning Tree Protocol IEEE 802 1x authentication with dynamic VLAN assignment RADIUS Remote Au...

Page 13: ... system temperature voltage Telnet or SSH remote login FTP for firmware update and configuration backup DHCP snooping support Syslog support Command Line Interpreter through console telnet and SSH Web GUI LEDs for port link status LEDs system redundant power supply RPS and fan status ...

Page 14: ...nd line interpreter Boldface type text is used for items you select from menus and drop down lists and text strings you type when prompted by the program 1 2 3 Symbols This document uses the following icons to call your attention to specific instructions or explanations Note Provides clarification or additional information on the current topic Definition Explains terms or acronyms that may be unfa...

Page 15: ...tch package comes with the following items 24 port L3 managed switch AC Power cord Null modem cable for console interface DB9 Rack installation kit two brackets with six 6 32 screws USB cable for console interface Installation CD ROM Quick installation guide Figure 1 GigaX L3 managed switch package contents ...

Page 16: ...16 2 2 Front Panel The front panel includes LED indicators that show the system RPS fan and port status Figure 2 Front panel ...

Page 17: ...r one of the fans stopped On Ethernet link is established Green Flashing Data is being transmitted received Off No Ethernet link On Link is present but port is disabled either manually or by spanning tree 10 100 ports Amber Flashing Port is in one of the STP blocking listening and learning state Green On Link RJ 45 or SFP is present port is enabled Flashing Data is being transmitted received Off N...

Page 18: ...Technical specifications Table 3 Technical specifications Physical Dimensions 43 5mm H X 444 mm W X 265mm D Input Consumption Power 100 240V AC 2 5A 50 60Hz 90 watts Input Output Redundant Power Supply RPS 100 240V AC 1 8A 50 60Hz 12V DC 12 5A Operating Storage Temperature 10 to 50 14 to 122 40 70 40 to 158 Humidity 15 to 90 0 to 95 Environmental Ranges Altitude up to 10 000 ft 3 000m 40 000 ft 12...

Page 19: ...s for the switch Default gateway for the network Network mask for this network 3 1 Part 1 Installing the hardware Connect the device to the power outlet and your computer or network Figure 4 illustrates the hardware connections 3 1 1 Installing the switch on a flat surface The switch should be installed on a level surface that can support the weight of the switches and their accessories Attach fou...

Page 20: ... the crossover or straight through Ethernet cable to connect computers hubs or switches Use a twisted pair Category 5 Ethernet cable to connect the 1000BASE T port Otherwise the link speed can not reach 1Gbps 3 2 3 Attach the RPS module Connect your RPS module to the RPS jack and make sure the other end of the RPS is connected to the power cord Connect to the power cord to a grounded power outlet ...

Page 21: ...GigaX Series L3 Managed Switch User Guide 21 Figure 4 Overview of Hardware Connections Console Management Expansion hub switch LAN computers RPS RS 232 USB Cat 5 Ethernet cables ...

Page 22: ...itch You can manage the switch using the following methods Web interface the switch has a set of pages to allow you to manage it using Java enabled IE5 0 or higher version Command Line Interface use console port to manage the switch 3 3 1 Setting up through the console port 1 Use the supplied crossover RS 232 cable to connect to the console port on the front of the switch This port is a male DB 9 ...

Page 23: ...pressing Enter You can change the password at any time through CLI see section 5 3 1 To protect your switch from unauthorized access you must change the default password as soon as possible 6 Follow these steps to assign an IP address to the switch a Type l3 interface ip sw0 your ip address your network mask For example if your switch IP is 192 168 10 1 and the network mask is 255 255 255 0 Then y...

Page 24: ...24 Figure 5 Login and IP setup Screen ...

Page 25: ...e Web interface 1 It is not necessary to login Web interface at the first time to use Web interface because the default configuration for Web access authentication is disabled To secure the system configuration please enable the authentication function at the Administration page under System category Skip step 2 if the authentication is disabled 2 At any PC connected to the network that the switch...

Page 26: ...Figure 7 Fill in the IP address network mask and default gateway then click 4 If your new address is different from the default the browser can not update the switch status window or retrieve any page This is normal You have to retype the new IP address in the address location box and press Enter The WEB link returns 5 To enable authentication for Web access click Administration on the menu list t...

Page 27: ...wser type the following in the web address or location box and press Enter http 192 168 1 1 This is the factory default IP address for the switch A login screen displays as shown in Figure 8 Figure 8 Configuration manager login screen Log in is not required if you don t enable access authentication 2 Enter your user name and password then click Use the following defaults the first time you log int...

Page 28: ...out Typical web page consists of three separate frames The top frame has a switch logo and front panel as shown in Figures 10 This frame remains on the top of the browser window all the times and updates the LED status periodically See Table 4 for the LED definitions See Table 5 for the color status description ...

Page 29: ... present but port is disabled manually or by spanning tree Clicking on the port icon of the switch displays the port configuration in the lower right frame The left frame a menu frame as shown in Figure 11 contains all the features available for switch configuration These features are grouped into categories e g System Bridge etc You can click on any of these to display a specific configuration pa...

Page 30: ...30 Figure 11 Expanded Menu List ...

Page 31: ...age click on the desired menu item 4 2 2 Commonly used buttons and icons The following table describes the function for each button and icon used in the application Table 6 Commonly used buttons and icons Button Icon Function Stores any changes you have made on the current page Adds the existing configuration to the system e g a static MAC address or a firewall ACL rule and etc Modifies an existin...

Page 32: ...ment page contains the following information Model Name product name MAC Address switch MAC address System Name user assigned name to identify the system editable System Contact editable System Location editable To save any changes and make it effective immediately click Use to refresh the setting as shown in Figure 12 Figure 12 Management ...

Page 33: ...ormation VLAN ID Specify a VLAN ID to system management interface It is necessary to be within the same VLAN for management usages IP Address Assign a static IP address to the switch management interface Network Mask Default Gateway To save any changes and make it effective immediately click Use to refresh the setting as shown in Figure 13 Figure 13 IP Setup ...

Page 34: ...make it effective immediately click Use to refresh the setting as shown in Figure 14 When you enable the password protection you have to login again immediately You can change the password at any time through the CLI interface Figure 14 Administration 4 3 4 Reboot The Reboot page contains a button Clicking the button reboots the system Rebooting the system stops the network traffic and terminates ...

Page 35: ...nning firmware version This number will be updated after the firmware update Enter the firmware location into the firmware space directly or click to choose the file name of the firmware from prompt window Click to update the switch firmware See Figure 15 for reference Clicking the upload button loads the assigned firmware to the switch then reboot system after a successful firmware update You hav...

Page 36: ...r each port a Link status the link speed and duplex for an existing link otherwise link is down b State the STP state c Admin the setting value to disable or enable the port d Mode the setting value for link speed and duplex mode e Flow Control the setting value to enable or disable 802 3x flow control mechanism Select the corresponding port number and configure the port setting then click on the ...

Page 37: ...GigaX Series L3 Managed Switch User Guide 37 Figure 16 Physical Interface ...

Page 38: ...nterface which is VLAN bind where Port type interface is routed port base One of the interface types must be specified VLAN the interface associated VLAN range 1 4000 this VLAN should have been created as well as assigned with port member in Layer 2 One VLAN ID can only be assigned to one interface Routed port where the traffic should be destined to Routed port does not perform Layer 2 functions N...

Page 39: ...y default Layer 3 switching is disabled You have to create and activate Layer 3 interface s before enable Layer 3 switching Up to 32 Layer 3 interfaces can be created in this switch Interface sw0 is the system interface which is default created by the system and cannot be removed Check the Remove checkbox and click if you want to remove an interface from the select list Click to make the setting e...

Page 40: ...ditional planning and management in advanced Meanwhile it does not scale well in large networks If a match is not found in the routing table for the destination IP address then a default route is required A default route is somewhile called the route of last resort It is the last route tried when all other routes fail Since routing has longest prefix match behavior the default route has the fewest...

Page 41: ...ludes the following information RIP process enable disable RIP advertisements are sent and received only when the RIP process is enabled RIP version v1 v2 both To specify what RIP Version packets are to be sent and received RIP interfaces To specify which routing entry should be advertised along the networks Note that only the running up Layer 3 interface s in connected status will be able to adve...

Page 42: ... interfaces Once the RIP process has been enabled the current state of the active process will be displayed You can click to refresh the updated status Click to change the RIP interfaces setting Click to make the setting effective Figure 19 RIP 4 6 Bridge The Bridge page group contains most layer 2 configurations like link aggregation STP etc ...

Page 43: ...in the LAN Bridge Priority the switch priority in the LAN The third part is the port setting It contains a display window to show the current configuration for each port You click to change the port setting for STP RSTP The following fields are available Port select the corresponding port to configure Priority the port priority in the switch Low numeric value indicates a high priority The port wit...

Page 44: ...ded in most cases Click to effect the settings Click to refresh the settings to the current value Figure 20 Spanning Tree 4 6 2 Link Aggregation The page configures the link aggregation group port trunking The switch can have 6 link aggregation groups Show Trunk Select Add a new Trunk for a new created group Or select an existed group to display on the following fields and port icons ...

Page 45: ...gs to current value To make the configuration effective go to Save Configuration page then click You have to check the runtime link speed and duplex mode to make sure the trunk is physically active Go to Physical Interface and check the link mode in the runtime status window for the trunk ports If all the trunk members are in the same speed and full duplex mode then the trunk group is set up succe...

Page 46: ... attribute the others will change too For example a trunk group consists of port 1 and 2 If the VLAN of port 1 changes the VLAN of port 2 also changes with port 1 Figure 21 Link aggregation 4 6 3 Mirroring Mirroring together with a network traffic analyzer helps you monitor network traffics You can monitor the selected ports for egress or ingress packets Mirror Mode Enables or disables the mirror ...

Page 47: ...rt The port can monitor 24 Fast Ethernet ports and two Gigabit ports The monitor port can not belong to any link aggregation group The monitor port can not operate as a normal switch port It does not switch packets or do address learning Click to make the setting send to the switch HTTP server Click to refresh the settings to current value Figure 22 Mirroring page ...

Page 48: ...ddress VLAN selects the vlan group CoS assigns the priority for Class of Service Click to make the setting effective Click to refresh the settings to current value Figure 23 Static Multicast 4 6 5 IGMP Snooping IGMP snooping helps reduce the multicast traffics on the network by allowing the IGMP snooping function to be turned on or off When turned on the switch snoops the IGMP packets and puts the...

Page 49: ...kets and the unicast packets because of destination address lookup failure The limit number is a threshold to limit the total number of the checked type packets For example if broadcast and multicast are enabled the total traffic amount for those two types will not exceed the limit value Click to save the new configuration To make the configuration effective go to Save Configuration page then clic...

Page 50: ...the address table if the address is not learned again during the age time User can set the age time by entering a valid number from 10 to 1 000 000 in seconds Then click on to save the new age value To make the configuration effective please go to Save Configuration page then click on You can look up MAC addresses by checking the port VLAN ID or and MAC address then click on The address window wil...

Page 51: ...GigaX Series L3 Managed Switch User Guide 51 Figure 26 Dynamic Address ...

Page 52: ...tering when the MAC address appears in the packets as destination address source address or either of them Click on the when you create a new static MAC address by the above information Then you will see the new added entry shows in the address window You can remove the existed address by selecting the entry with the mouse then clicking on The button updates the existed MAC address entries Click t...

Page 53: ... VLAN groups at the same time it will confuse the switch and cause flooding traffics To prevent it the switch only allows one untagged port belongs to one VLAN at the same time That is the untagged port belongs to the VLAN group which is called PVID and configured in the Default Port VLAN CoS page If you want to assign an untagged port from one VLAN to another you have to remove it from the origin...

Page 54: ...54 Figure 28 Tagged VLAN ...

Page 55: ... VLAN ID Every untagged packet received from this port will be tagged with this VLAN group ID CoS Class of Service value every untagged packet received from this port will be assigned to this CoS in the VLAN tagged Click on to change the content in the port list window Click on to save the configuration To make the configuration effective go to Save Configuration page then click Figure 29 Default ...

Page 56: ...o Save Configuration page then click Figure 30 CoS Queue Mapping 4 6 12 DHCP Snooping DHCP snooping is a DHCP security feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP binding table You can assign some ports to be trusted ports The selected trusted port forwards the DHCP packets as a normal port but the DHCP ACK packets will be dropped when...

Page 57: ...GigaX Series L3 Managed Switch User Guide 57 Click to make the setting send to the switch Click to refresh the settings to current value Figure 31 DHCP Snooping ...

Page 58: ... more secure management and access control SNMPv3 is supported 4 7 1 Community Table You can type different community names and specify whether the community has the privilege to do set action write access by checking the box Click to save the configuration permanently or to refresh the page Figure 32 Community Table ...

Page 59: ...able This page links host IP address to the community name that is entered in Community Table page Type an IP address and select the community name from the drop down list Click to save the configuration permanently or to refresh the page Figure 33 Host Table ...

Page 60: ... to configure the information of SNMPV3 VACM Group Group Name enter the security group name Read View Name enter the Read View Name that the Group belongs The related SNMP messages are Get GetNext GetBulk Write View Name enter the Write View Name that the Group belongs The related SNMP message is Set Notify View Name enter the Notify View Name that the Group belongs The related SNMP messages are T...

Page 61: ...dded entry shows in the group window You can remove the existed group by selecting the entry with the mouse then clicking on The button updates the existed VACM Group entries Click to save effective Click to refresh the settings to current value To make the configuration effective please go to Save Configuration page then click on Figure 35 VACM Group 4 7 5 VACM View VACM View based Access Control...

Page 62: ...ew Mask that the View belongs Each bit in the mask represents the digit between the dots of View Subtree from left side Bit 0 means don t care Click on the when you create a new VACM View entry by the above information Then you will see the new added entry shows in the view window You can remove the existed views by selecting the entry with the mouse then clicking on The button updates the existed...

Page 63: ...password needs at least 8 characters or digits Priv Protocol enter the Priv Protocol that Engine ID and Name belong Only NoPriv DES can be chosen If the NoPriv is chosen there is no need to enter password Priv Password enter the password that the Priv Protocol belongs The password needs at least 8 characters or digits Click on the when you create a new USM User entry by the above information Then ...

Page 64: ...64 Figure 37 USM User ...

Page 65: ... rule to filter FTP packets When you click on the Filter Set the Filter Set page appears Figure 38 First create a filter set by typing a name and ID then clicking on Second click on the button to select the set you want to edit or remove Third click on to enter the rule page as Figure 40 or click on to remove the filter set You have to follow the rules to make a valid filter set One set consists o...

Page 66: ... means the rule doesn t care the MAC value In IP rule setup you can enter any of the 5 types source IP destination IP protocol source application port and destination application port The Action field determines if the packet should be dropped or forwarding when it matches the rule If a packet matches two rules with different action the packet will follow the rule showed first in the rule list ...

Page 67: ...GigaX Series L3 Managed Switch User Guide 67 Figure 39 Filter Rule in MAC mode Figure 40 Filter Rule in IP mode ...

Page 68: ...ress port to be applied Detach from all ports remove all the filters from the attached ports You may not detach certain ports after issuing an Attach All command If you wish to detach ports use the Detach All command Once the filter set is attached to the ingress ports and egress ports it will filter the packets according to the ingress port egress port and the packet fields in the rules For examp...

Page 69: ...GigaX Series L3 Managed Switch User Guide 69 Figure 41 Filter Attach ...

Page 70: ...switch will try to authenticate the port user again when the re authentication time is up Reauthentication Time If Reauthentication is enabled this is the time period the switch uses to re send authentication request to the port user see above Authentication Method RADIUS or Local database can be used to authenticate the port user Quiet Period If authentication failed either from RADIUS or local d...

Page 71: ... selected the selected port is forced authorized Thus traffic from all hosts is allowed to pass Otherwise if force_unauthorized is selected the selected port is blocked and no traffic can go through If Auto is selected the behavior of the selected port is controlled by 802 1x protocol All ports should be set to Auto under normal conditions Guest VLAN Specify a guest VLAN to clients that are not 80...

Page 72: ...user Confirm Password Enter the password again Dynamic VLAN Specify the VLAN ID assigned to the 802 1x authenticated clients Click to add the new user Click when you re done with the modifications Click when you want to remove the selected user Click to make the settings permanent Click to refresh the settings to current value Figure 43 Dial In user ...

Page 73: ...Port The port number for the RADIUS server is listening to Authentication Server Key The key is used for communications between GigaX and the RADIUS server Confirm Authentication Key Re type the key entered above The VLAN of the RADIUS server connected to the switch must be the same as the VLAN of the system management interface Click to make the settings permanent Click to refresh the settings to...

Page 74: ... Refresh Rate to set the period for retrieving new data from the switch You can differentiate the statistics or ports by selecting Color Finally click on Draw to let the browser to draw the graphic chart Each new Draw will reset the statistics display 4 10 1 Traffic Comparison This page shows the one statistics item for all the ports in one graphic chart Specify the statistics item to display and ...

Page 75: ...tistics window shows you all the discards or error counts for the specified port The data is updated periodically Figure 46 Error group 4 10 3 Historical Status You can display information for different ports and statistics items in this chart Since this shows the history of the statistics information the line chart keeps the old data even it is refreshed ...

Page 76: ...76 Figure 47 Historical Status ...

Page 77: ...fective after a successful save Sometimes you may want to reset the switch configuration you can click on to reset the configuration file to factory default Of course a system reboot will follow this restoration process You will lose all the configurations when you choose to restore the factory default configurations Figure 48 Save Configuration ...

Page 78: ... is very useful when you are not familiar with the CLI commands The CLI mode times out when idle for 10 minutes You have to login again to enter CLI mode after the timeout All the CLI commands are case sensitive In order to make them easier to use you can enter into different category by typing the full command then this category becomes your working category Thereafter you don t have to type sys ...

Page 79: ...cuting during the system booting time It tests system memory LED and hardware chips on the switchboard It displays system information as the result of system test and initialization You can ignore the information until the prompt ASUS appears see Figure 49 Figure 49 CLI interface ...

Page 80: ...he switch One firmware is in Slot 0 and the other firmware is in Slot 1 The later version will be selected to boot the system automatically Enter the key to show the help messages for all available commands Although the commands are helpful in some situation we STRONGLY suggest users not to use them if you don t know the command function Figure 50 Boot ROM Command Mode ...

Page 81: ...ail in firmware update you can use this command to boot up the switch using the old firmware Change it back to auto select mode after successfully updating the firmware s 0 1 2 3 Set the console baud rate 0 9600bps 1 38400bps 2 57600bps 3 115200bps You have to set up the terminal emulator with the same baud rate to make the work x NONE Upload firmware to the switch It is slow to update firmware by...

Page 82: ...gin again with authorized user name and password 5 3 CLI Commands The switch provides CLI commands for all managed functions The command uses are listed in the categories as the WEB management interface This way you can follow the instructions and set up the switch correctly as easily as using WEB interface to configure the switch Always use to get the available commands list and help Always use t...

Page 83: ...t description If you put the contact description in the contact description field the switch contact will change to the new one System Location Displays the physical location of the switch This is an RFC 1213 defined MIB object in System Group and provides the location information on the managed node CLI command sys info location system location description Type in the location description in the ...

Page 84: ... IP address netmask Default Gateway Displays the IP address of the default gateway This field is necessary if the switch network contains one or more routers CLI command l3 route static add destination subnet IP gateway netmask metric Password Protection is Enabled Disabled When the password protection is enabled the web interface will request a user name and password authentication while user acc...

Page 85: ... disable Mode Auto 10M Half 10M Full 100M Half 100M Full 1G Full Displays the current speed and duplex mode of the port The speed and duplex mode can be automatically detected when auto negotiation is enabled on a port CLI command l2 port autoneg port number enable disable CLI command l2 port speed port number 10 100 1000 CLI command l2 port duplex port number full half Flow Control Enable Disable...

Page 86: ...create interface name vlan vlan id port port id Set Display L3 Interfaces IP address netmask Displays the static IP address and subnet mask for an L3 interface This IP address is used for IP routing as well as switch management CLI command l3 interface ip interface name ip mask Start L3 Interfaces Bring up or activate an L3 interface CLI command l3 interface start interface name Stop L3 Interfaces...

Page 87: ... advertise its routing information to its next hop switch router Meanwhile it will be able to receive and deal with RIP message broadcasted multicasted along the network Default RIP process is disabled CLI command l3 rip route enable disable Set RIP version You can specify a RIP version for the RIP process to indicate what type of messages it can deal with There are v1 v2 and both for selection De...

Page 88: ...l2 stp stop Hello Time Forward Delay Max Age Bridge Priority Displays the current STP RSTP bridge parameters setting CLI command l2 stp bridge set Hello Time 1 10 seconds old Hello Time new Hello Time Max Age 6 40 seconds old Max Age new Max Age Forward Delay 4 30 seconds old Forward Delay new Forward Delay Bridge Priority 0 61440 old Bridge Priority new Bridge Priority Priority Path Cost Edge Por...

Page 89: ...trieve Show Trunk Displays a specific trunk group settings User can create a new trunk group by specify a unique trunk ID a trunk name description the port selection criterion rtag LACP mode enabled or disable and its trunk group member ports CLI command l2 trunk show trunk id Create Trunk Creates a new trunk group by giving trunk ID rtag name LACP mode and port numbers The rtag is the packet dist...

Page 90: ...2 trunk lacp action trunk id enable disable LACP System Priority User can assign the system priority for running LACP CLI command l2 trunk lacp syspri priority 1 65535 LACP Port Priority User can assign the port priority for running LACP CLI command l2 port lacppri priority port list for all ports Reload Restores the previous saved settings of trunking from configuration file CLI command l2 trunk ...

Page 91: ...VLAN ID Class of Service VLAN port members and its untagged port members Note that MAC address and VLAN ID combination is formed as a unique entry in multicast group table CLI command l2 mcast set mac address format xx xx xx xx xx xx multicast mac address vlan id 1 by default vlan id cos 0 7 0 by default Class of Service port list format 1 2 3 4 26 for all ports vlan port list untagged port list f...

Page 92: ...t Enabled Disabled Destination Lookup Failure Enabled Disabled User can limit the broadcast multicast and flooding due to destination lookup failed traffic rate by turning the traffic control on CLI command l2 rate set 1 bcast 2 mcast 3 dlf enable disable Limit Displays the current rate limitation value of the switch User can change this value by giving a new limit value This value is applied to a...

Page 93: ...arl vlan vlan id Query by MAC Address ARL entries existed in ARL table can be queried according to MAC address CLI command l2 arl mac mac address MAC Address VLAN ID Port Selection Discard none source destination source destination User can add or modify a static ARL entry by specifying a MAC address VLAN ID port number trunk ID and discard criteria CLI command l2 arl static mac vlan id port no tr...

Page 94: ...mber as untagged port CLI command utportadd can achieve this purpose User may use CLI command add or remove to further add some port members to a VLAN or exclude some existing port members from a VLAN CLI command l2 vlan create vlan id vlan name port list CLI command l2 vlan add vlan id port list CLI command l2 vlan remove vlan id port list CLI command l2 vlan utportadd vlan id untagged port list ...

Page 95: ...ith range of 0 7 criteria value CLI command l2 port priority CoS port list Retrieve Restores the previous saved settings from configuration file CLI command l2 port retrieve Priority CoS Queue Allows user to map the CoS priority with range of 0 7 for a buffer queue total of 4 with queue ID of 1 4 CLI command l2 cos map queue id 1 4 cos 0 7 Retrieve Restores the previous saved settings from configu...

Page 96: ...Set Privilege while create a new entry CLI command snmp community add New community string new community string Get privileges y always turn on by default Set privileges y n n set privilege y for yes n for no CLI command snmp community set User can modify a community entry in the table by reassigning its community string and privileges Community entry table index entry id to config Community strin...

Page 97: ...e Host IP Address Community A host entry contains a host IP address network mask and its dedicated community string CLI command snmp host add Host IP Subnet IP address Netmask netmask Community community string CLI command snmp host set User can modify a host entry in the table by reassigning its allowed IP address network mask and community string Host table entry table index entry id to config H...

Page 98: ...sion Destination IP IP address Community community string CLI command snmp trap set User can modify a trap entry in the table by reassigning its SNMP version destination IP address and community string Trap table entry table index entry id to config SNMP version 1 2c old snmp version new snmp version Destination IP old IP address new IP address Community old community string new community string C...

Page 99: ...odel 0 1 2 3 any v1 v2c usm security model Security Level 1 2 3 noauth authnopriv authpriv security level Context Match 0 1 inexact exact context match Read View Name read view name string Write View Name write view name string Notify View Name notify view name string CLI command snmp snmpv3 access set User can modify a VACM entry in the Group by reassigning its allowed group name read view name w...

Page 100: ... string CLI command snmp snmpv3 access delete Allows user to delete a VACM entry from VACM group Access entry entry id to delete Retrieve Restores the previous saved settings from configuration file CLI command snmp snmpv3 access retrieve View Name View Type View Subtree View Mask VACM View based Access Control Model View is used to view the information of SNMPV3 VACM Group A VACM View entry conta...

Page 101: ...iew mask new view mask View Type 1 2 included excluded old view type new view type CLI command snmp snmpv3 view delete Allows user to delete a VACM View entry View entry entry id to delete Retrieve Restores the previous saved settings from configuration file CLI command snmp snmpv3 view retrieve Engine Id Name Auth Protocol Auth Password Priv Protocol Priv Password USM User based Security Model Us...

Page 102: ...d priv password EngineId old engine id string new engine id string Name old user name string new user name string AuthProtocol oid old auth protocol oid string new auth protocol oid string AuthPassword old auth password string new auth password string Priv Protocol oid old priv protocol oid string new priv protocol oid string Priv Password old priv password string new priv password string CLI comm...

Page 103: ...ermit Deny Source MAC Destination MAC Add User can add a new MAC address rule associated to a filter set These filter rule works with ICMP TCP or UDP protocols with action of permit or deny User can also specify the MAC address source or destination of the filter rule by using CLI command dstmac and srcmac CLI command filter rule new set id rule id protocol ICMP TCP UDP any action permit deny CLI ...

Page 104: ...ination and port number of the filter rule using the CLI command dstip srcip and dstport srcport respectively CLI command filter rule new set id rule id protocol ICMP TCP UDP any action permit deny CLI command filter rule dstip set id rule id type any ip subnet CLI command filter rule srcip set id rule id type any ip subnet CLI command filter rule dstport set id rule id type any port CLI command f...

Page 105: ...urce IP Type IP Mask Destination IP Type IP Mask Source Port Type Port Destination Port Type Port Protocol ICMP TCP UDP ANY Modify Allows user to modify the IP filter rule CLI command filter rule modify set id rule id protocol ICMP TCP UDP any action permit deny CLI command filter rule dstip set id rule id type any ip subnet CLI command filter rule srcip set id rule id type any ip subnet CLI comma...

Page 106: ...ce IP Type IP Mask Destination IP Type IP Mask Source Port Type Port Destination Port Type Port Protocol ICMP TCP UDP ANY Delete Allows user to delete the MAC filter rule CLI command filter rule delete set id rule id Rule List Displays the filter set and filter rule configurations CLI command filter rule show set id rule id Attach Attach a filter set to ingress egress ports to enable the filter fu...

Page 107: ...et id any none port number Retrieve Restores the previous saved settings from configuration file CLI command filter retrieve 5 3 6 Security Commands Reauthentication Allows user to enable or disable periodic reauthentication CLI command security dot1x bridge reauth enable disable Reauthentication Time Allows user to set up the reauthentication time CLI command security dot1x bridge reauthtime reau...

Page 108: ...mand security dot1x bridge reauthmax max reauthentication attemps 1 10 Multi host Allows user to enable or disable Multi host on some specific ports CLI command security dot1x port multihost enable disable port list Authentication Control Allows user to set up the authentication control of some specific ports CLI command security dot1x port authctrl type 1 force_authorized 2 force_unauthorized 3 a...

Page 109: ...ssword confirm password string Dynamic VLAN dynamic VLAN CLI command security dialinuser remove user name Allows user to delete a user entry from the local database CLI command security dialinuser modify user name Allows user to modify a user entry from the local database It contains a user name password and dynamic VLAN User Name new user name string Password new password string Confirm Password ...

Page 110: ...guration file CLI command security radius retrieve Generate SSH key Allows user to generate SSH keys SSH Secure SHell is a protocol for remotely logging into a machine via a shell It is very similar in functionality to telnet however unlike telnet all data between the client and server is encrypted The encryption provides protection against various network security risks Currently our switch suppo...

Page 111: ...eries L3 Managed Switch User Guide 111 Show Generating Status Show the SSH key generating status It will display success or SSH keys generated fail or system is generating keys CLI command security sshkey show ...

Page 112: ... the current date and time sys settime set the current time sys files config backup backup configuration files sys files config default restore factory default configuration files sys baud set console baud rate net ping ping remote host l3 route show display the entries in the routing table ...

Page 113: ...211 These numbers are called from left to right field1 field2 field3 and field4 This style of writing IP addresses as decimal numbers separated by dots is called dotted decimal notation The IP address 20 56 0 211 is read twenty dot fifty six dot zero dot two eleven 6 1 1 Structure of an IP address IP addresses have a hierarchical design similar to that of telephone numbers For example a 7 digit te...

Page 114: ...owing section Table 7 shows the structure of an IP address Table 8 IP address structure Field1 Field2 Field3 Field4 Class A Network ID Host ID Class B Network ID Host ID Class C Network ID Host ID Following are examples of valid IP addresses Class A 10 30 6 125 network 10 host 30 6 125 Class B 129 88 16 49 network 129 88 host 16 49 Class C 192 60 201 11 network 192 60 201 host 11 ...

Page 115: ...e smaller but still quite large each being able to hold over 65 000 hosts There can be up to 16 384 class B networks in existence A class B network might be appropriate for a large organization such as a business or government agency Class C networks are the smallest only able to hold 254 hosts at most but the total possible number of class C networks exceeds 2 million 2 097 152 to be exact LANs c...

Page 116: ...xample consider a class C network 192 168 1 To split this into two subnets you would use the subnet mask 255 255 255 128 It s easier to see what s happening if we write this in binary 11111111 11111111 11111111 10000000 As with any class C address all of the bits in field1 through field 3 are part of the network ID but note how the mask specifies that the first bit in field 4 is also included Sinc...

Page 117: ...in field4 for its host IDs ranging from 0 to 63 Sometimes a subnet mask does not specify any additional network ID bits and thus no subnets Such a mask is called a default subnet mask These masks are Class A 255 0 0 0 Class B 255 255 0 0 Class C 255 255 255 0 These are called default because they are used when a network is initially configured at which time it has no subnets ...

Page 118: ...ther computers on your network and the Internet A ping command sends a message to the computer you specify If the computer receives the message it sends messages in reply To use it you must know the IP address of the computer with which you are trying to communicate On Windows based computers you can execute a ping command from the Start menu Click the Start button and then click Run In the Open t...

Page 119: ...t LAN IP address 192 168 1 1 or another address you assigned You can also test whether access to the Internet is working by typing an external address such as that for www yahoo com 216 115 108 243 If you do not know the IP address of a particular Internet location you can use the nslookup command as explained in the following section From most other IP enabled operating systems you can execute th...

Page 120: ...an execute the nslookup command from the Start menu Click the Start button then click Run In the Open text box type the following nslookup Click A Command Prompt window displays with a bracket prompt At the prompt type the name of the Internet address you are interested in such as www absnews com The window displays the associate IP address if known See Figure 53 Figure 53 Using the nslookup utili...

Page 121: ...e rear side of the switch When any one of the switch fans located on the rear panel becomes defective you can easily replace it following these steps 1 Unlock the fan module by loosening the thumbscrew that secures it to the rear panel Figure 54 Loosening the thumbscrew 2 Carefully pull the module out as shown Figure 55 Removing the fan module ...

Page 122: ...ect the fan cables to the PCB Make sure that the fan cables are connected to the correct fan connector FAN 1 is on the left side when you are facing the rear panel 7 Insert the fan module to the switch chassis until it fits in place Make sure that the fan power cables are not caught between the fan module and chassis 8 Secure the fan module to the chassis with the thumbscrew Check around the fan m...

Page 123: ... switch hub PC and to the switch Make sure the PC and or hub switch is turned on 2 Verify if your cable is sufficient for your network requirements A 100 Mbps network 100BaseTx should use cables labeled Cat 5 10Mbit sec cables may tolerate lower quality cables Network Access PC cannot access another host in the same network 1 Check the Ethernet cabling is good and the LED is green 2 If the port LE...

Page 124: ... Javascript must be enabled in your browser Support for Java may also be required 2 Ping the switch IP address to see if the link is stable If some ping packets fail check your network setup to make sure a valid setting Changes to Configuration are not being retained Be sure to click on button in the Save Configuration page to save any changes Console Interface Cannot show the texts on the termina...

Page 125: ...f wiring used by Ethernet networks with a data rate of 1000 Mbps binary The base two system of numbers that uses only two digits 0 and 1 to represent all numbers In binary the number 1 is written as 1 2 as 10 3 as 11 4 as 100 etc Although expressed as decimal numbers for convenience IP addresses in actual use are binary numbers e g the IP address 209 191 4 240 is 11010001 10111111 00000100 1111000...

Page 126: ...ions filtering rule A rule that specifies what kinds of data the a routing device will accept and or reject Filtering rules are defined to operate on an interface or multiple interfaces and in a particular direction upstream downstream or both FTP File Transfer Protocol A program used to transfer files between computers connected to the Internet Common uses include uploading new or updated files t...

Page 127: ...esignated as interested in receiving specific content from the others Multicasting to an IGMP group can be used to simultaneously update the address books of a group of mobile computer users or to send company newsletters to a distribution list IGMP Snooping Snoop the IGMP packets on each port and associate the port with a layer 2 muticast group Internet The global collection of interconnected net...

Page 128: ...e an associated domain name that can be specified instead See also domain name network mask ISP Internet Service Provider A company that provides Internet access to its customers usually for a fee LAN Local Area Network A network limited to a small geographic area such as a home office or small building LED Light Emitting Diode An electronic light emitting device The indicator lights on the front ...

Page 129: ...its applied to an IP address to select the network ID while ignoring the host ID Bits set to 1 mean select this bit while bits set to 0 mean ignore this bit For example if the network mask 255 255 255 0 is applied to the IP address 100 10 50 1 the network ID is 100 10 50 and the host ID is 1 See also binary IP address subnet IP Addresses Explained section NIC Network Interface Card An adapter card...

Page 130: ...rotocol remote In a physically separate location For example an employee away on travel who logs in to the company s intranet is a remote user RJ 45 Registered Jack Standard 45 The 8 pin plug used in transmitting data over phone lines Ethernet cabling usually uses this type of connector RMON Remote Monitoring Extensions to SNMP provide comprehensive network monitoring capabilities routing Forwardi...

Page 131: ...t defines a subnet See also network mask TCP See TCP IP TCP IP Transmission Control Protocol Internet Protocol The basic protocols used on the Internet TCP is responsible for dividing data up into packets for delivery and reassembling them at the destination while IP is responsible for delivering the packets from source to destination When TCP and IP are bundled with higher level applications such...

Page 132: ...discarded twisted pair The ordinary copper telephone wiring long used by telephone companies It contains one or more wire pairs twisted together to reduce inductance and noise Each telephone line uses one pair In homes it is most often installed with two pairs For Ethernet LANs a higher grade called Category 3 CAT 3 is used for 10BASE T networks and an even higher grade called Category 5 CAT 5 is ...

Page 133: ...b site file typically containing text graphics and hyperlinks cross references to the other pages on that web site as well as to pages on other web sites When a user accesses a web site the first page that is displayed is called the home page See also hyperlink web site Web site A computer on the Internet that distributes information to and gets information from remote users through web browsers A...

Page 134: ...ble page 67 Configuration Manager troubleshooting 135 Console Interface 88 CoS Queue Mapping page 65 Default Port VLAN and CoS page 64 download 137 Dynamic Address Commands 102 Dynamic Address page 59 Error Group page 85 Ethernet defined 137 Filter Attach Commands 117 Filter Set 75 Filter Set Commands 113 Filtering rule 137 Filters Commands 113 117 Filters pages 74 Firmware Upgrade page 40 FTP 137...

Page 135: ...anet 138 IP addresses 139 explained 123 IP Setup page 37 ISP 139 LAN 139 LAN IP Address Configuration 94 LEDs 139 troubleshooting 134 Link Aggregation page 50 Login and Logout 92 MAC addresses 139 Management page 35 Mask See Network mask Mbps 140 99 Mirroring page 53 Multicast Commands 100 Network See LAN Network classes 125 Network ID 123 Network mask 140 Network mask 126 NIC 140 nslookup 130 Pac...

Page 136: ...ion page 87 Set page 74 SNMP 142 SNMP Commands 106 SNMP pages 67 Spanning Tree Commands 96 Spanning Tree page 47 Static Address Commands 102 Static Address page 60 Static Multicast page 56 Statistics Chart pages 84 STP 142 Subnet 142 Subnet mask See Network mask Subnet masks 126 System Commands 92 Tagged VLAN Commands 103 Tagged VLAN page 61 TCP IP 142 Telnet 143 TFTP 143 Traffic Comparison page 8...

Page 137: ... Setting page 69 Troubleshooting 128 Trunk 143 Trunk Commands 97 TTL 143 Twisted pair 143 Upstream 144 Username default 28 31 WAN 144 Web browser 144 Web function layout 33 Web Interface 27 Web page 144 Web site 144 Web top frame 33 World Wide Web 145 ...

Search results

Summary of Contents for GIGAX 2024M

Reviews:

Asus GIGAX 2024M, User Manual, Page: 1 / 137

Search results

Summary of Contents for GIGAX 2024M

Reviews: