Asus GIGAX2024B User Manual Download Page 57

Page: 57 / 102

GigaX2024B L2 Managed Switch User Manual

request from the switch, the switch waits upon this time period before

sending another authentication request to the port user.

Max Reauthent Attempt:

Retry count if the port user failed to respond to

authentication requests from the switch.

Guest Vlan:

Specify a guest VLAN to clients that are not 802.1x-capable.

Click

to make the settings permanent. Click

Reload

to refresh the settings to

current value.

Figure 47. Port Access Control

Summary of Contents for GIGAX2024B

Page 1: ...GigaX2024B User Manual Layer 2 Managed Switch ...

Page 2: ...bility or fitness for a particular purpose In no event shall ASUS its directors ofﬁcers employees or agents be liable for any indirect special incidental or consequential damages including damages for loss of profits loss of business loss of use or data interruption of business and the like even if ASUS has been advised of the possibility of such damages arising from any defect or error in this ma...

Page 3: ...pment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment to an outlet on a circuit different from that ...

Page 4: ...l tmd1 asus com Web Site usa asus com Technical Support Support Fax 1 502 933 8713 General Support 1 502 995 0883 Notebook Support 1 510 739 3777 x5110 Support Email tsd asus com ASUS COMPUTER GmbH Germany and Austria Address Harkort Str 25 D 40880 Ratingen BRD Germany General Fax 49 2102 9599 31 General Email sales asuscom de for marketing requests only Technical Support Support Hotlines Componen...

Page 5: ...1 Installing the hardware 6 3 1 1 Installing the switch on a ﬂat surface 6 3 1 2 Mounting the switch on a rack 6 3 2 Part 2 Setting up the switch 6 3 2 1 Connect the console port 6 3 2 2 Connect to the computers or a LAN 7 3 2 3 Attach the RPS module 7 3 2 4 Attach the power adapter 7 3 3 Part 3 Basic switch setting for management 8 3 3 1 Setting up through the console port 8 3 3 2 Setting up thro...

Page 6: ...dge parameters 21 4 5 1 4 Port parameters 22 4 5 1 5 Runtime status 23 4 5 2 Link aggregation static 23 4 5 3 LACP 25 4 5 4 Mirroring 26 4 5 5 Static multicast 27 4 5 6 IGMP snooping 28 4 5 7 Trafﬁc control 29 4 5 8 Dynamic addresses 29 4 5 9 Static addresses 30 4 5 10 VLAN conﬁguration 31 4 5 11 GVRP 32 4 5 12 QoS and CoS 33 4 5 12 1 802 1p priority 33 4 5 12 2 CoS queue mapping 34 4 5 12 3 QoS b...

Page 7: ...4 4 8 2 Dial in user 46 4 8 3 RADIUS 47 4 8 4 Port security 48 4 8 4 1 Port conﬁguration 48 4 8 4 2 Port status 49 4 8 4 3 Secure MAC address 50 4 9 Trafﬁc chart 51 4 9 1 Trafﬁc comparison 51 4 9 2 Error group chart 52 4 10 Cable diagnosis 53 4 11 Save conﬁguration 53 5 Console interface 54 5 1 Power on self test 54 5 1 1 Boot ROM command mode 54 5 1 2 Boot ROM commands 55 5 2 Login and logout 56 ...

Page 8: ...8 5 3 3 6 exit 58 5 3 3 7 help 58 5 3 3 8 host name 58 5 3 3 9 System contact 58 5 3 3 10 System Location 59 5 3 3 11 IP address and network mask 59 5 3 3 12 Default gateway 59 5 3 3 13 reboot 59 5 3 3 14 reload default conﬁg ﬁle 60 5 3 3 15 show running conﬁg 60 5 3 3 16 write 60 5 3 3 17 Assign a new user account 60 5 3 3 18 Delete a new user account 60 5 3 4 Physical interface commands 60 5 3 4...

Page 9: ...gation group 63 5 3 7 2 trunk load balancing 64 5 3 7 3 show aggregation link trunk 64 5 3 8 LACP 64 5 3 8 1 lacp aggregation link trunk 64 5 3 8 2 disable lacp aggregation link trunk 64 5 3 8 3 lacp system priority 64 5 3 9 Mirroring 65 5 3 9 1 Mirror setting 65 5 3 9 2 Show mirror 65 5 3 9 3 No mirror 65 5 3 9 4 No mirror 65 5 3 10 Static Multicast 65 5 3 10 1 mac address table multicast 65 5 3 ...

Page 10: ...atic addresses 68 5 3 14 1 add static mac address 68 5 3 14 2 show mac address table 68 5 3 15 VLAN 68 5 3 15 1 show vlan name string 68 5 3 15 2 vlan vid 68 5 3 15 3 name string 69 5 3 15 4 access vlan 69 5 3 15 5 allowed VLANs 69 5 3 16 GVRP 69 5 3 16 1 clear gvrp statistics 69 5 3 16 2 gvrp mode 69 5 3 16 3 show gvrp conﬁguration 70 5 3 16 4 show gvrp statistics 70 5 3 17 CoS QoS 70 5 3 17 1 qu...

Page 11: ...5 3 20 2 dot1x max req 73 5 3 20 3 dot1x port control 73 5 3 21 Dial in user 73 5 3 21 1 dot1x username password 73 5 3 21 2 show dot1x user 73 5 3 22 RADIUS 74 5 3 22 1 RADIUS settings 74 5 3 22 2 show dot1x radius 74 5 3 23 Port security 74 5 3 23 1 show port security 74 5 3 23 2 clear port security 74 5 3 23 3 switchport port security 75 5 3 23 4 switchport port security aging 75 5 4 Miscellane...

Page 12: ...2 Managed Switch User Manual x 6 2 Subnet masks 77 7 Troubleshooting 79 7 1 Diagnosing problems using IP utilities 79 7 1 1 ping 79 7 1 2 nslookup 80 7 2 Replacing defective fans 81 7 3 Simple ﬁxes 83 8 Glossary 85 ...

Page 13: ...d 2 x 10 100 1000BASE T auto sensing gigabit Ethernet switching ports Two small form factor SFP gigabit interface converter GBIC slots Automatic MDI MDIX support for All ports Compliant with 802 3z and 802 3ab speciﬁcations 802 1D transparent bridge STP RSTP MSTP 16K MAC address cache with hardware assisted aging 802 3x ﬂow control 802 1Q based tagged VLAN up to 255 VLANs 802 1p class of service 4...

Page 14: ...N and network are used interchangeably to refer to a group of Ethernet connected computers at one site 1 2 2 Typography Boldface type text is used for items you select from menus and drop down lists and text strings you type when prompted by the program 1 2 3 Symbols This document uses the following icons to call your attention to specific instructions or explanations Provides clarification or add...

Page 15: ...witch package comes with the following items GigaX 2024B L2 managed switch AC power cord Null modem cable for console interface DB9 Rack installation kit two brackets with six 6 32 screws USB cable for console interface Installation CD ROM Quick installation guide Figure 1 GigaX L2 managed switch package contents ...

Page 16: ...ndant power supply Amber ON ThePSUisabnormalandtheswitchispoweredbyRPS OFF No power system LED is also off RPS does not work properly or not installed system LED is on FAN Green ON Both fans are working properly Amber ON Both or either one of the fans stopped 10 100 ports Green ON Ethernet link is established Flashing Data is being transmitted received OFF No Ethernet link 10 100 1000 port status ...

Page 17: ...pply connector 2 4 Technical speciﬁcations Table 3 Technical speciﬁcations Physical Dimensions 43 5mm H x 444 mm W x 322mm D Power Input Consumption 100 240V AC 2 5A 50 60Hz 50 watts Redundant Power Supply RPS Input Output 100 240V AC 1 8A 50 60Hz 12V DC 12 5A Environmental Ranges Operating Storage Temperature 0 to 40 C 32 to 122 F 25 to 70 C 40 to 158 F Humidity 15 to 90 0 to 95 Altitude up to 10...

Page 18: ...urface The switch must be installed on a level surface that can support the weight of the switch and its accessories Attach four rubber pads on the marked location on the bottom of the switch 3 1 2 Mounting the switch on a rack 1 Position the bracket posts with the holes on both sides of the switch 2 Use three screws to secure the bracket to the switch 3 Repeat the above steps for the other side o...

Page 19: ...S module Connect your Redundant Power Supply RPS module optional to the RPS jack on the rear panel of the switch and make sure the other end of the RPS is connected to the power cord Connect to the power cord to a grounded power outlet 3 2 4 Attach the power adapter 1 Connect the AC power cord to the POWER receptacle on the back of the switch and plug the other end of the power cord into a wall ou...

Page 20: ...d IE5 0 or higher version Command Line Interface using console port to conﬁgure the switch 3 3 1 Setting up through the console port 1 Use the supplied crossover RS 232 cable to connect to the console port on the back of the switch This port is a male DB 9 connector implemented as a data terminal equipment DTE connection Tighten the retaining screws on the cable to secure it on the connector Conne...

Page 21: ... switch IP is 192 168 1 1 and the network mask is 255 255 255 0 Then you should type ip address 192 168 1 1 24 e Type end it will return to previous level with prompt ASUS f Type write the changes will be applied and written to conﬁguration ﬁle g Type reboot If the switch has to be managed across networks then a default gateway or a static route entry is required Follow these steps to assign a def...

Page 22: ...atically download and installs it It means that your PC should be able to reach the web site If the Internet is not available you should prepare it on diskette and install it Java Runtime Environment is necessary to install on you PC to access Web configuration manager You can install it from support CD packed with the main device 2 At any PC connected to the network that the switch can access ope...

Page 23: ...ction 6 3 1 System Commands The browser will download java applet from the switch and this will take several seconds 3 To setup a new IP address click System then IP Setup Fill in the IP address network mask and default gateway then click OK 4 When the new address is applied to the switch the browser can no longer update the switch status window or retrieve any page You need to retype the new IP a...

Page 24: ...ollowing in the web address or location box and press Enter http 192 168 1 1 This is the factory default IP address for the switch A login screen displays as shown in Figure 8 Figure 8 Conﬁguration manager login screen 2 Enter your user name and password then click OK Use the following defaults the first time you log into the system You can change the password at any time through CLI interface see...

Page 25: ...er window all the times and updates the LED status periodically See Table 4 for the LED deﬁnitions See Table 5 for the color status description Figure 11 Port selection panel Table 5 Port color description Port Color Description Green Ethernet link is established Amber Link is present but port is disabled manually or by spanning tree OFF No Ethernet link Clicking on the port icon of the switch dis...

Page 26: ...ation Table 6 Commonly used buttons and icons Button Icon Description Stores any changes you have made on the current page Re displays the current page with updated statistics or settings Modiﬁes the existing conﬁguration in the system e g a static route or a ﬁlter ACL rule and etc Adds the existing conﬁguration to the system e g a static MAC address or a ﬁrewallACLrule and etc Adds the existing c...

Page 27: ...ystem editable System Contact editable System Location editable Click on OK to make the setting effective immediately Click on Reload to refresh the setting to current value as shown in Figure 13 Figure 13 Management 4 3 2 IP setup The IP Setup page contains the following editable information DHCP Client Enables or disables DHCP IP Address Assigns a static IP address to the switch Network Mask Def...

Page 28: ...hows the hardware revision number Boot ROM Version shows the version of the boot code Firmware Version shows the current running firmware version This number renews automatically after ﬁrmware update is complete Enter the TFTP server IP address and ﬁrmware name Click Upgrade to update the switch ﬁrmware See Figure 15 for reference For example TFTP Server 192 168 1 155 File name gx2024b 3 2 02 0a i...

Page 29: ... disable DHCP snooping function DHCP Snooping assign the selected port to be untrusted or trusted port Select the corresponding port number and configure the port setting then click on the Modify button The ﬁeld you change will update the content of the display window However the new settings do not take effect until the Save Conﬁguration is executed Runtime Status Window displays the following in...

Page 30: ...18 GigaX2024B L2 Managed Switch User Manual Figure 17 Physical interface runtime status ...

Page 31: ...le or enable STP There are three modes STP RSTP and MSTP can be enabled If MSTP is enabled the following four attributes are enabled at the same time Region Name An alphanumeric conﬁguration name Revision A conﬁguration revision number Instance ID A STP instance you can configure MSTP on your switch to map multiple VLANs into a single STP instance VLAN Group A group associates each of the potentia...

Page 32: ...t bridge which include Instance ID The VLAN group belong to which instance ID MAC Address of root bridge Priority of root bridge Maximum age of root bridge Hello timer of root bridge Forwarding delay timer of root bridge Path cost of root bridge Root port of the bridge Figure 19 Spanning tree current roots ...

Page 33: ...tion of conﬁguration BPDU Max Age a timeout value to be used by all Bridges in the LAN Forward Delay a timeout value to be used by all bridges in the LAN Bridge Priority the switch priority in the LAN Transmission Limit The root switch of the instance always sends a BPDU or M record with a cost of 0 and the transmission limit set to the maximum value Figure 20 Spanning tree bridge parameters ...

Page 34: ...rity is more likely to be blocked by STP if a network loop is detected The valid value is from 0 to 240 Path Cost the valid value is from 1 to 65535 RSTP 200000000 The higher cost is more likely to be blocked by STP if a network loop is detected Link Type By default the link type is determined from the duplex mode of the interface a full duplex port is considered to have a point to point connectio...

Page 35: ...e Port these port icons are listed the same way as on the front panel You have to click on the icon to select the group members The port can be removed from the group by clicking the selected port again Click OK to make the setting send to the connected switch Click Reload to refresh the settings to current value To make the conﬁguration effective go to Save Conﬁguration page and click Save You ha...

Page 36: ... the ports in full duplex force mode then the link partner MUST have the same setting Otherwise the link aggregation could operate abnormally All the ports in the link aggregation group MUST have the same VLAN setting All the ports in the link aggregation group are treated as a single logical link That is if any member changes an attribute the others will change also For example a trunk group cons...

Page 37: ...eriﬁcation Port Selection Criterion the algorithm to distribute packets among the ports of the link aggregation group according to source MAC address destination MAC address source and destination MAC address source IP address destination IP address or source and destination IP address Trunk ID a number to identify the trunk group besides the group name Port these port icons are listed the same wa...

Page 38: ...24B only Mirror Mode Enables or disables the mirror function for the selected group Monitor Port Receives the copies of all the trafﬁcs in the selected mirrored ports The monitor port can not belong to any link aggregation group The monitor port can not belong to any Private VLAN The monitor port can not operate as a normal switch port It does not switch packets or do address learning Click OK to ...

Page 39: ... speciﬁed multicast packets to other ports in the group Port selects the port from selection panel Or select an existing group address from list panel to display VLAN selects the VLAN group it is VLAN based feature MAC Address assigns the multicast address CoS assigns the priority for Class of Service Click OK to make the setting effective Click Reload to refresh the settings to current value Figu...

Page 40: ...s an IGMP leave message from a subscriber on a receiver port it sends out an IGMP query on that port and waits for IGMP group membership reports If no reports are received in a conﬁgured time period the receiver port is removed from multicast group membership The second part provides the following settings Status If global snooping is enabled you can enable or disable VLAN snooping Immediate leave...

Page 41: ... the conﬁguration effective go to Save Conﬁguration page then click Reload Figure 28 Trafﬁc Control 4 5 8 Dynamic addresses This page displays the result of dynamic MAC address lookup by port VLAN ID or speciﬁed MAC address The dynamic address is the MAC address learned by switch it will age out from the address table if the address is not learned again during the age time User can set the age tim...

Page 42: ... the Add when you create a new static MAC address by the above information Then you will see the new added entry shows in the address window You can remove the existed address by selecting the entry with the mouse then clicking on Remove The Modify button updates the existed MAC address entries You can look up a static address entry by MAC address and VLAN ID then click on the Query Click OK to ma...

Page 43: ...ll be tagged blank type This port is not a member of the VLAN group If one untagged port belongs to two or more VLAN groups at the same time it will confuse the switch and cause ﬂooding trafﬁcs To prevent it the switch only allows one untagged port belongs to one VLAN at the same time If you want to assign an untagged port from one VLAN to another you have to remove it from the original VLAN or ch...

Page 44: ...ort Mode enables disables GVRP on the individual 802 1Q trunk port GVRP must be conﬁgured on both sides of the trunk to work correctly Registration By default GVRP ports are in normal registration mode These ports use GVRP join messages from neighboring switches to prune the VLANs running across the 802 1Q trunk link If the device on the other side is not capable of sending GVRP messages or if you...

Page 45: ...before the other queues are serviced You can use the strict priority queue for mission critical and time sensitive trafﬁc There are three options First Come First Service the ﬁrst come frame has the highest priority High Priority First Packetʼs priority depends on its CoS value Weighted Round Robin WRR If WRR scheduling algorithm is enabled the ratio of the weights is the ratio of frequency in whi...

Page 46: ...iority scheduler That is each CoS value can map into one of the four queues For strict priority the queue four has the highest priority to transmit the packets Click OK to save the conﬁguration To make the conﬁguration effective go to Save Conﬁguration page and click Save The CoS values range from 0 for low priority to 4 for high priority Figure 35 CoS Queue Mapping ...

Page 47: ...w to conﬁgure Ingress Bandwidth Maximum ingress bandwidth for selected port Default CoS every untagged packet received from this port will be assigned to this CoS value in the VLAN tagged Click on Modify to change the content in the port list window Click on OK to save the configuration To make the configuration effective go to Save Conﬁguration page and click Save Figure 36 QoS Bandwidth ...

Page 48: ... configuration including Community Table Host Table and Trap Setting 4 6 1 Community table You can type different community names and specify whether the community has the privilege to do set action write access by checking the box Click OK to save the conﬁguration permanently or Reload to refresh the page ...

Page 49: ...ommunity name from the drop down list Click OK to save the configuration permanently or Reload to refresh the page Figure 38 Host table 4 6 3 Trap setting By setting trap destination IP addresses and community names you can enable SNMP trap function to send trap packets in different versions v1 or v2c Click to save the conﬁguration permanently or to refresh the page Figure 34 Trap setting ...

Page 50: ... View belongs Included or Excluded when View Subtree matches the Oid in the SNMPv3 message View Subtree enter the View Subtree that the View belongs The Subtree is the Oid to match the Oid in the SNMPv3 message The match is good when the subtree is shorter than the Oid in the SNMPv3 message Click on the Add when you create a new VACM View entry by the above information Then you will see the new ad...

Page 51: ...r the Security Model Name that the Group belongs Any is suitable for v1 v2 v3 USM is SNMPv3 related Security level enter the Security level Name that the Group belongs Only NoAuth AuthNopriv AuthPriv can be chosen Click on the Add when you create a new VACM group entry by the above information Then you will see the new added entry shows in the group window You can remove the existed group by selec...

Page 52: ...an be chosen If the NoPriv is chosen there is no need to enter password Priv Password enter the password that the Priv Protocol belongs The password needs at least 8 characters or digits Security level enter the Security level Name that the Group belongs Only NoAuth AuthNopriv AuthPriv can be chosen Click on the Add when you create a new VACM group entry by the above information Then you will see ...

Page 53: ... can check the IP Filter and give an ID Name then clicking on Add Click OK to save the conﬁguration permanently or Reload to refresh the page Please click OK before editing Click on a ﬁlter set to select the set you want to edit or remove Second click on Edit to enter the rule page or click on Remove to remove the ﬁlter set You have to follow the rules to make a valid ﬁlter set One set consists of...

Page 54: ...e application port and destination application port The Action ﬁeld determines if the packet should be dropped or forwarding when it matches the rule If a packet matches two rules with different action the packet will follow the rule showed ﬁrst in the rule list Figure 44 Filter rule in MAC mode Figure 45 Filter rule in IP mode Two examples tell us about the how of IP provisioning 1 Assign a dedic...

Page 55: ...s of the system Attach to certain ports you can specify the ingress ports to be applied Detach from all ports remove all the ﬁlters from the attached ports You may not detach certain ports after issuing an Attach All command If you wish to detach ports use the Detach All command Once the filter set is attached to the ingress ports it will filter the packets according to the ingress port and the pa...

Page 56: ...ʼre done with the modiﬁcations Port Specify which port to conﬁgure from port list window Multi host If enabled ALL hosts connected to the selected port are allowed to use the port if ONE of the hosts passed the authentication If disabled only ONE host is allowed to use the port Authentication Control If ForceAuthorized is selected the selected port is forced authorized Thus traffic from all hosts ...

Page 57: ...ication request to the port user Max Reauthent Attempt Retry count if the port user failed to respond to authentication requests from the switch Guest Vlan Specify a guest VLAN to clients that are not 802 1x capable Click OK to make the settings permanent Click Reload to refresh the settings to current value Figure 47 Port Access Control ...

Page 58: ...e new user Conﬁrm Password Enter the password again Vlan ID Specify the VLAN ID assigned to the 802 1x authenticated clients Please click Add to add the new user Click Modify when youʼre done with the modiﬁcations Click Remove when you want to remove the selected user Click OK to make the settings permanent Click Reload to refresh the settings to current value Figure 48 Dial In user ...

Page 59: ...he port number for the RADIUS server is listening to Authentication Server Key The key is used for communications between GigaX and the RADIUS server Conﬁrm Authentication Key Re type the key entered above The VLAN of the RADIUS server connected to the switch must be the same as the VLAN of the system management interface Please click OK to make the settings permanent Click Reload to refresh the s...

Page 60: ...ns If Shutdown is selected the port becomes blocking state and system logs a syslog message and increments the violation counter If Restrict is selected a syslog message is logged and the violation counter increments If Protect is selected you are not notified that a security violation has occurred c Max MAC Address The maximum numbers of secure MAC addresses on this port It is between 1 and 132 a...

Page 61: ...curity is conﬁgured to be enabled but could not be enabled due to certain reasons such as conﬂict with other features d Restrict This indicates that the port occurs port security violation when the violation mode is ʻrestrictʼ e Shutdown This indicates that the port is shutdown due to port security violation when the violation mode is ʻshutdownʼ When some port status is Shutdown you can click it a...

Page 62: ...ll show all MAC addresses on this port b Add User can select some port by Port Selection ﬁeld and input a MAC address to add on MAC Address ﬁeld After push Add button the MAC address will add on the selected port and the type of the MAC is static c Remove You can use Query function to display all the MAC addresses on some port Selecting a MAC from list and pushing Remove button it will be removed ...

Page 63: ...ck Refresh Rate to set the period for retrieving new data from the switch You can differentiate the statistics or ports by selecting Color Finally click on Draw to let the browser to draw the graphic chart Each new Draw will reset the statistics display 4 9 1 Trafﬁc comparison This page shows the one statistics item for all the ports in one graphic chart Specify the statistics item to display and ...

Page 64: ...ll the discards or error counts for the speciﬁed port The data is updated periodically Figure 54 Error group chart 4 9 3 Historical status You can display information for different ports and statistics items in this chart Since this shows the history of the statistics information the line chart keeps the old data even it is refreshed Figure 55 Historical status ...

Page 65: ...o save configuration permanently you have to click Save The setting also takes effective after a successful save Sometimes you may want to reset the switch configuration you can click on Restore to reset the configuration file to factory default Of course a system reboot will follow this restoration process You will lose all the conﬁgurations when you choose to restore the factory default conﬁgura...

Page 66: ...ery useful when you are not familiar with the CLI commands All the CLI commands are case sensitive 5 1 Power on self test POST is executing during the system booting time It tests system memory LED and hardware chips on the switchboard It displays system information as the result of system test and initialization You can ignore the information until the prompt ASUS appears Note Figure 58 CLI inter...

Page 67: ...ate ethaddr none none get MAC address gatewayip IP address xxx xxx xxx xxx set gateway IP address go none none boot ﬁrmware image or help none none print online help ipaddr IP address xxx xxx xxx xxx set TFTP client IP address xload none none load binary file over serial line X modem netmask mask xxx xxx xxx xxx set network mask ping host xxx xxx xxx xxx send ICMP echo_request to host pwd none non...

Page 68: ... has to do login again with authorized user name and password 5 3 CLI commands The switch provides CLI commands for all managed functions This way you can follow the instructions and set up the switch correctly as easily as using WEB interface to conﬁgure the switch Always use or list to get the available commands list and help Always use end to get back to the root directory enable mode 5 3 1 Use...

Page 69: ...ement conﬁguration 5 3 3 1 Firmware upgrade Upgrading new ﬁrmware into switch CLI Syntax archive download sw overwrite tftp ImageFile Example ASUS archive download sw overwrite tftp 192 168 1 3 GX2024B 3 2 02 00 release img 5 3 3 2 conﬁgure terminal Use the write conﬁguration command on the switch to conﬁguration CLI Syntax conﬁgure terminal Example ASUS conﬁgure terminal 5 3 3 3 enable Entering e...

Page 70: ...is an RFC 1213 deﬁned MIB object in System Group and provides administrative information on the managed node CLI Syntax hostname WORD Example conﬁg hostname Switch If you put a name in the name description ﬁeld the switch system name changes to the new one 5 3 3 9 System contact Displays the detail information of contact about the switch This is an RFC 1213 deﬁned MIB object in System Group and pr...

Page 71: ...plays the IP address for the switch This IP address is used for manageable purpose i e network applications such as http server SNMP server tftp server ssh and telnet server of the switch are all using this IP address in interface vlan1 CLI Syntax ip address A B C D M Example conﬁg interface vlan 1 conﬁg if ip address 192 168 20 121 24 5 3 3 12 Default gateway Displays the IP address of the defaul...

Page 72: ...le ASUS show running conﬁg 5 3 3 16 write Use the write file configuration command on the switch stack or standalone switch to write conﬁguration to the ﬁle CLI Syntax write Example ASUS write 5 3 3 17 Assign a new user account Add a user which is named tony and its password is tony123456 CLI Syntax user add WORD WORD Example user add tony tony123456 5 3 3 18 Delete a new user account Delete a use...

Page 73: ... CLI Syntax duplex full half Example conﬁg interface fa1 0 2 conﬁg if duplex full This example shows how to use the duplex configuration command on the switch to set full duplex on the interface 5 3 4 3 Interface ﬂow control Use the flow control configuration command on the switch to set flow control status of the port CLI Syntax ﬂowcontrol rx tx both Example conﬁg interface fa1 0 2 conﬁg if ﬂowco...

Page 74: ... a vlan entry Use the vlan vid command to create vlan entry on the switch Use the name string command to create vlan entry with string on the switch CLI Syntax vlan id Example conﬁg vlan 3 conﬁg vlan name vlan3 5 3 5 3 interface vlan VLAN ID This command changes the operation to vlan interface command mode CLI Syntax interface vlan VLAN ID Example interface vlan 1 5 3 5 4 ip address This command s...

Page 75: ...5 3 6 Spanning Tree 5 3 6 1 show spanning tree summary To show spanning tree active CLI Syntax show spanning tree summary Example ASUS show spanning tree summary 5 3 6 2 spanning tree enable and disable Enable Disable the spanning tree CLI Syntax spanning tree enable disable Example ASUS spanning tree disable 5 3 7 Link aggregation 5 3 7 1 trunk aggregation group Use the aggregation link trunk gro...

Page 76: ...group 1 5 3 8 LACP 5 3 8 1 lacp aggregation link trunk This command sets the Link Aggregation Control Protocol LACP operation add set for the trunk group ports on the switch CLI Syntax lacp aggregation link group 1 6 add set IFLIST Example ASUS lacp aggregation link group1 add fa1 0 1 3 5 3 8 2 disable lacp aggregation link trunk This command sets the Link Aggregation Control Protocol LACP operati...

Page 77: ...n Example ASUS show mirror session 5 3 9 3 No mirror This command disable the mirror function CLI Syntax no mirror session 1 Example conﬁg no mirror session 1 5 3 9 4 No mirror This command resets the source interfacesʼ received or transmitted traffic or both the destination interface CLI Syntax no mirror session 1 source IFLIST Example conﬁg no mirror session 1 source fa1 01 2 5 3 10 Static Multi...

Page 78: ...t entries CLI Syntax show mac address table multicast Example ASUS show mac address table multicast 5 3 11 IGMP snooping 5 3 11 1 ip igmp snooping This command sets the IGMP snooping function enabled globally CLI Syntax ip igmp snooping Example conﬁg ip igmp snooping 5 3 11 2 interval time This command sets the interval time for the IGMP queries sent by switch CLI Syntax ip igmp snooping last memb...

Page 79: ...te conﬁguration command on the switch to clear dynamic L2 MAC addresses in the database CLI Syntax clear mac address table dynamic mac MAC_ADDR Example conﬁg clear mac address table dynamic mac 0000 1111 2222 5 3 13 2 aging time Use the mac address table aging time configuration command on the switch stack or on a standalone switch to set the length of time that a dynamic entry remains in the MAC ...

Page 80: ...ble static MAC_ADDR VLANID IFNAME Example conﬁg mac address table static 0000 1111 2222 1 fa1 0 2 5 3 14 2 show mac address table It shows static and dynamic mac address CLI Syntax show mac address table Example ASUS show mac address table 5 3 15 VLAN 5 3 15 1 show vlan name string Use the show vlan user EXEC command to display the parameters for all configured VLANs or one VLAN if the VLAN ID or ...

Page 81: ...witch to add or remove the allowed VLANs that can receive and send trafﬁc on this interface in tagged format when in trunking mode CLI Syntax switchport trunk allowed vlan add remove VLANLIST Example conﬁg interface fa1 0 2 conﬁg if switchport trunk allowed vlan add 1 10 5 3 16 GVRP 5 3 16 1 clear gvrp statistics Use the clear gvrp statistics conﬁguration command on the switch to clear all the GVR...

Page 82: ... cos map Use the queue cos map conﬁguration command on the switch to set which Cos queue a given priority should map into CLI Syntax cos cos map PRIORITY QUEUE Example ASUS cos cos map 3 3 5 3 17 2 show queue cos map This command sets the GVRP conﬁguration to default CLI Syntax show cos cos map Example conﬁg show cos cos map 5 3 17 3 qos mode This command sets qos mode to highﬁrst mode CLI Syntax ...

Page 83: ...3 18 2 show snmp server community To show snmp server community CLI Syntax show snmp server community Example ASUS show snmp server community 5 3 18 3 snmp server host This command sets the SNMP host information CLI Syntax snmp server host A B C D Example conﬁg snmp server host 192 168 8 31 5 3 19 Filter 5 3 19 1 deny any host Use the deny MAC access list conﬁguration command on the switch to prev...

Page 84: ...yntax permit deny any any Example conﬁg acl permit any any 5 3 19 4 ﬁlter attach This command deﬁne an extended MAC access list using a name and enter access list conﬁguration mode CLI Syntax mac access group WORD in Example conﬁg if mac access group mac_acl_1 in 5 3 20 Port access control 5 3 20 1 dot1x guest vlan Use the dot1x guest vlan interface configuration command on the switch to specify a...

Page 85: ...0 1 conﬁg if dot1x max req 2 5 3 20 3 dot1x port control Use the dot1x port control interface configuration command on the switch to enable manual control of the authorization state of the port Use the no form of this command to return to the default setting CLI Syntax dot1x port control auto force authorized force unauthorized Example conﬁg interface fa1 0 1 conﬁg if dot1x port control force auth...

Page 86: ...ius 5 3 23 Port security 5 3 23 1 show port security This command used to show the port security configuration status and MAC addresses information CLI Syntax show port security address interface IFNAME Example ASUS show port security ASUS show port security interface gi1 0 25 ASUS show port security address ASUS show port security address gi1 0 25 5 3 23 2 clear port security This command used to...

Page 87: ...port port security reup 5 3 23 4 switchport port security aging This command used to set the port security aging conﬁguration CLI Syntax switchport port security aging time TIME type absolute inactivity Example conﬁg interface gi1 0 1 conﬁg if switchport port security aging time 20 conﬁg if switchport port security aging type absolute 5 4 Miscellaneous commands show private health shows the enviro...

Page 88: ...ion The IP address 20 56 0 211 reads twenty dot ﬁfty six dot zero dot two eleven 6 1 1 Structure of an IP address IP addresses have a hierarchical design similar to that of telephone numbers For example a 7 digit telephone number starts with a 3 digit preﬁx that identiﬁes a group of thousands of telephone lines and ends with four digits that identify one speciﬁc line in that group Similarly IP add...

Page 89: ...o hold over 65 000 hosts There can be up to 16 384 class B networks in existence A class B network might be appropriate for a large organization such as a business or government agency Class C networks are the smallest only able to hold 254 hosts at most but the total possible number of class C networks exceeds 2 million 2 097 152 to be exact LANs connected to the Internet are usually class C netw...

Page 90: ...d 4 is also included Since this extra bit has only two values 0 and 1 this means there are two subnets Each subnet uses the remaining 7 bits in ﬁeld4 for its host IDs which range from 0 to 127 instead of the usual 0 to 255 for a class C address Similarly to split a class C network into four subnets the mask is 255 255 255 192 or 11111111 11111111 11111111 11000000 The two extra bits in Field 4 can...

Page 91: ...other computers on your network and the Internet A ping command sends a message to the computer you specify If the computer receives the message it sends messages in reply To use it you must know the IP address of the computer with which you are trying to communicate On Windows based computers you can execute a ping command from the Start menu Click the Start button and then click Run In the Open ...

Page 92: ...em administration utility 7 1 2 nslookup You can use the nslookup command to determine the IP address associated with an Internet site name You specify the common name and the nslookup command looks up the name on your DNS server usually located with your ISP If that name is not an entry in your ISPʼs DNS table the request is then referred to another higher level server and so on until the entry i...

Page 93: ... and press Enter at the command prompt 7 2 Replacing defective fans Turn off the power of the switch when you remove the fan module on the rear side of the switch When any one of the switch fans located on the rear panel becomes defective you can easily replace it following these steps 1 Unlock the fan module by loosening the thumbscrew that secures it to the rear panel Figure 63 Loosening the thu...

Page 94: ...eft side when you are facing the rear panel 7 Insert the fan module to the switch chassis until it ﬁts in place Make sure that the fan power cables are not caught between the fan module and chassis 8 Secure the fan module to the chassis with the thumbscrew Check around the fan module to make sure no cable is caught between the chassis and the fan module Fan speciﬁcations Dimensions 40 x 40 x 20 mm...

Page 95: ... in the RPS section FAN LED is amber blinking Check the fans on the back of the switch If any of the fans is defective refer to section 7 2 to replace the fan Ethernet Link LED does not illuminate after an Ethernet cable is attached 1 Verify if the Ethernet cable is securely connected to your LAN switch hub PC and to the switch Make sure the PC and or hub switch is turned on 2 Verify if your cable...

Page 96: ...nged the password from the default try using admin as the user ID and bypassing password 2 Login to console mode through RS232 or USB use sys user show to display the lost information Some pages do not display completely 1 Verify that you are using Internet Explorer v6 0 or later Netscape is not supported Support for Javascript must be enabled in your browser Support for Java may also be required ...

Page 97: ...1111 00000100 11110000 in binary See also bit IP address network mask bit Short for binary digit a bit is a number that can have two values 0 or 1 See also binary bps bits per second CoS Class of Service Deﬁned in 802 1Q the value range is from 0 to 7 DSCP Differentiated Services Code Point The six most signiﬁcant bits of the DiffServ ﬁeld in IP header is called as the DSCP The available DSCP valu...

Page 98: ...tocol An Internet protocol that enables a computer to share information about its membership in multicast groups with adjacent routers A multicast group of computers is one whose members have designated as interested in receiving specific content from the others Multicasting to an IGMP group can be used to simultaneously update the address books of a group of mobile computer users or to send compa...

Page 99: ...urer MAC addresses are expressed as six pairs of characters mask See network mask Multicast To send data to a group of network devices Mbps Abbreviation for Megabits per second or one million bits per second Network data rates are often expressed in Mbps Monitor Also called Roving Analysis allow you to attach a network analyzer to one port and use it to monitor the trafﬁcs of other ports on the sw...

Page 100: ...into and out of the device protocol A set of rules governing the transmission of data In order for a data transmission to work both ends of the connection have to follow the rules of the protocol PVLAN Private Virtual Local Area Network QoS Quality of Service Defined in 802 1Q For datacommunication network performance QoS characteristics are bandwidth delay and reliability remote In a physically s...

Page 101: ...kets for delivery and reassembling them at the destination while IP is responsible for delivering the packets from source to destination When TCP and IP are bundled with higher level applications such as HTTP FTP Telnet etc TCP IP refers to this whole suite of protocols Telnet SSH An interactive character based program used to access a remote computer While HTTP the web protocol and FTP only allow...

Page 102: ...oftware program that uses Hyper Text Transfer Protocol HTTP to download information from and upload to web sites and displays the information which may consist of text graphic images audio or video to the user Web browsers use Hyper Text Transfer Protocol HTTP Popular web browsers include Netscape Navigator and Microsoft Internet Explorer See also HTTP web site WWW Web page A web site file typical...

Search results

Summary of Contents for GIGAX2024B

Reviews:

Related manuals for GIGAX2024B

Brands by name

Popular brands

Asus GIGAX2024B, User Manual

Search results

Summary of Contents for GIGAX2024B

Reviews:

Related manuals for GIGAX2024B

Brands by name

Popular brands