manualshive.com logo in svg

Black Box LGB1152A, User Manual

The Black Box LGB1152A is a sleek and powerful user-friendly device. Ensure smooth operation by downloading the free User Manual from our website. This comprehensive manual provides step-by-step instructions on how to optimize the functionality of your device. Download it now for easy access at manualshive.com.

Share
Download
background image

142

1.877.877.2269

BLACKBOX.COM

NEED HELP?

LEAVE THE TECH TO US

LIVE 24/7

TECHNICAL

SUPPORT

1.877.877.2269

CHAPTER 10: SECURITY

PARAMETER DESCRIPTION

Š

Š

Group Name: The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, 

STP or QoS), but a few of them contain more than one. The following description defines these privilege level groups in detail:

System: Contact, Name, Location, Timezone, Daylight Saving Time, Log.

Š

Š

Privilege Levels: Every group has an authorization Privilege level for the following sub groups: configuration read-only, configuration/

execute read-write. User Privilege should be same or greater than the authorization Privilege level to have the access to that group. 

Buttons

Š

Š

Apply: Click to save changes.

Š

Š

Reset: Click to undo any changes made locally and revert to previously saved values.

10.1.3 AUTH METHOD 

 

This page shows how to configure a user with auth method when he logs into the switch via one of the management client 
interfaces.

WEB INTERFACE

To configure an Auth Method Configuration in the web interface:
1. Click Security, Management and Auth Method.
2. Specify the Client (console, telent, ssh, web) that you want to monitor.
3. Specify the Methods (none, local, radius, tacacs), Service port, Cmd Lvl, Cfg Cmd, Fallback, Exec.
4. Click Apply.

FIGURE 10-3. AUTH METHOD CONFIGURATION

Summary of Contents for LGB1152A

Page 1: ...COM GUI USER MANUAL GIGABIT MANAGED ENET SWITCH LGB1152A 1 2 3 2 4 5 6 7 9 8 11 10 13 12 15 14 17 16 21 20 23 22 25 24 27 26 29 28 19 18 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 49 50 51...

Page 2: ...6 2 3 System Time 18 2 4 LLDP 20 2 4 1 LLDP Configuration 20 2 4 2 LLDP MED Configuration 23 2 4 3 LLDP Neighbor 29 2 4 4 LLDP MED Neighbor 30 2 4 5 LLDP Neighbor EEE 33 2 4 6 LLDP Statistics 34 2 5 U...

Page 3: ...4 7 GVRP 68 4 8 Private VLAN 69 4 9 Port Isolation 70 4 10 Voice VLAN 71 4 10 1 Configuration 71 4 10 2 OUI 73 5 QUALITY OF SERVICE 75 5 1 Port Classification 75 5 2 Port Policers 77 5 3 Port Shapers...

Page 4: ...us 119 8 2 4 Groups Information 120 8 2 5 MLD SFM Information 121 8 3 MVR 122 8 3 1 Basic Configuration 122 8 3 2 Statistics 124 8 3 3 MVR Groups Information 125 8 3 4 MVR SFM Information 126 8 4 Mult...

Page 5: ...160 10 5 Port Security 162 10 5 1 Configuration 162 10 5 2 Status 164 10 6 RADIUS 166 10 6 1 Configuration 166 10 6 2 Status 167 10 7 TACACS 171 11 ACCESS CONTROL 173 11 1 Ports Configuration 173 11...

Page 6: ...ing 210 13 5 2 iPush Options 212 14 DIAGNOSTICS 214 14 1 Ping 214 14 2 Traceroute 215 14 3 Cable Diagnostics 216 14 4 Mirroring 217 14 5 sFlow 218 14 5 1 Configuration 218 14 5 2 Statistics 220 15 MAI...

Page 7: ...Protocol IP and Hypertext Transfer Protocol HTTP REVISION HISTORY Release Number Initial release Date 9 1 2017 Revision A1 ADDITIONAL DOCUMENTATION This GUI User Manual and related documents availabl...

Page 8: ...bination of affordability and capabilities for entry level networking including small business or enterprise applications and helps you create a more efficient better connected workforce LGB1152A Giga...

Page 9: ...BLACKBOX COM NEED HELP LEAVE THE TECH TO US LIVE 24 7 TECHNICAL SUPPORT 1 877 877 2269 INTRODUCTION Chapter 11 Access Control Chapter 12 SNMP Chapter 13 Event Notification Chapter 14 Diagnostics Chapt...

Page 10: ...n and password is empty The first time you use the switch enter the default username and password and then click the Login button The login process now is completed In this login menu you have to inpu...

Page 11: ...page 3 Click Apply FIGURE 2 1 SYSTEM INFORMATION PARAMETER DESCRIPTION Model Name Displays the factory defined model name to identify the switch System Description Displays the system description Loc...

Page 12: ...1 s 10 s of the system Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 2 2 IP ADDRESS 2 2 1 SETTINGS The IPv4 address for the swi...

Page 13: ...four servers available for configuration and the index of the server presents the preference less index has higher priority in doing DNS name resolution The following modes are supported No DNS serve...

Page 14: ...igure whether the IP stack should act as a Host or a Router In Host mode IP traffic between interfaces will not be routed In Router mode traffic is routed between all interfaces DNS Server This settin...

Page 15: ...he interface is not desired IPv4 Mask Length The IPv4 network mask in number of bits prefix length Valid values are between 0 and 30 bits for a IPv4 address If DHCP is enabled this field is not used T...

Page 16: ...next hop VLAN for the gateway If the IPv6 gateway address is not link local system ignores the next hop VLAN for the gateway Buttons Add Interface Click to add a new IP interface A maximum of 8 interf...

Page 17: ...lags of the interface and or address IP Routes Network Show the destination IP network or host address of this route Gateway Show the gateway address of this route Status Show the status flags of the...

Page 18: ...URE 2 6 TIME CONFIGURATION Parameter description Time Configuration Clock Source There are two modes for configuring where the Clock Source is from Select Local Settings to obtain the Clock Source fro...

Page 19: ...ngs Week Select the starting week number Day Select the starting day Month Select the starting month Hours Select the starting hour Minutes Select the starting minute End time settings Week Select the...

Page 20: ...ng each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can only appear o...

Page 21: ...5 32768 seconds Tx Hold Each LLDP frame contains information about how long the information in the LLDP frame will be considered valid The LLDP information valid period is set to Tx Hold multiplied by...

Page 22: ...nt Address field The CDP address TLV can contain multiple addresses but only the first address is shown in the LLDP neighbors table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version...

Page 23: ...nagement allowing network administrators to track their network devices and determine their characteristics manufacturer software and hardware versions and serial or asset number This page allows you...

Page 24: ...24 1 877 877 2269 BLACKBOX COM NEED HELP LEAVE THE TECH TO US LIVE 24 7 TECHNICAL SUPPORT 1 877 877 2269 CHAPTER 2 SYSTEM FIGURE 2 11 LLDP MED CONFIGURATION PART 2...

Page 25: ...transmitted when an LLDP frame with new information is received NOTE The LLDP MED and the LLDP MED Fast Start mechanism is only intended to run on links between LLDP MED Network Connectivity Devices a...

Page 26: ...he North American Vertical Datum of 1988 NAVD88 This datum pair is to be used when referencing locations on land not near tidal water which would use Datum NAD83 MLLW NAD83 MLLW North American Datum 1...

Page 27: ...lication types supported on a given port The application types specifically addressed are 1 Voice 2 Guest Voice 3 Softphone Voice 4 Video Conferencing 5 Streaming Video 6 Control Signalling conditiona...

Page 28: ...cing application policy Tag Tag indicating whether the specified application type is using a tagged or an untagged VLAN Untagged indicates that the device is using an untagged frame format and does no...

Page 29: ...as received Chassis ID The Chassis ID is the identification of the neighbor s LLDP frames Port ID The Remote Port ID is the identification of the neighbor port Port Description Port Description is the...

Page 30: ...D neighbor 1 Click System LLDP and LLDP MED Neighbor 2 Click Refresh for manual update web screen 3 Click Auto refresh for auto update web screen FIGURE 2 14 LLDP MED NEIGHBOR INFORMATION NOTE If ther...

Page 31: ...services defined in this class include LAN configuration device location network policy power management and inventory management LLDP MED Media Endpoint Class II The LLDP MED Media Endpoint Class II...

Page 32: ...the video signaling than for the video media Policy Policy indicates that an Endpoint Device wants to explicitly advertise that the policy is required by the device Can be either Defined or Unknown Un...

Page 33: ...Tw The link partner s time that receiver would like the transmitter to hold off to allow time for the receiver to wake from sleep Fallback Receive Tw The link partner s fallback receive Tw A receivin...

Page 34: ...ink partner have agreed on wakeup times Buttons Auto refresh Refresh off FIGURE 2 17 AUTO REFRESH REFRESH BUTTONS Auto refresh Check this box to refresh the page automatically Automatic refresh occurs...

Page 35: ...information Local Port The port on which LLDP frames are received or transmitted Tx Frames The number of LLDP frames transmitted on the port Rx Frames The number of LLDP frames received on the port R...

Page 36: ...nds Refresh Click to refresh the page Clear Clears the counters for the selected port 2 5 UPNP UPnP is an acronym for Universal Plug and Play The goals of UPnP are to allow devices to connect seamless...

Page 37: ...in the duration it will think that the switch no longer exists Due to the unreliable nature of UDP in the standard we recommend that you refresh advertisements at less than one half of the advertising...

Page 38: ...via an alphanumeric string describing the full name and version identification for the system s hardware type software version and networking application 3 Specify the Speed Configured Flow Control Ma...

Page 39: ...a port this section indicates the flow control capability that is advertised to the link partner When a fixed speed setting is selected that is what is used The Current Rx column indicates whether pau...

Page 40: ...lick Refresh to refresh the port statistics or clear all information when you click Clear 4 To see detailed port statistics then you need to click that port FIGURE 3 2 PORT STATISTICS OVERVIEW Paramet...

Page 41: ...s box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page Clear Clears the counters for all ports If you want to see the detailed statistics fo...

Page 42: ...f received and transmitted good and bad multicast packets Rx and Tx Broadcast The number of received and transmitted good and bad broadcast packets Rx and Tx Pause A count of the MAC Control frames re...

Page 43: ...efresh Refresh Clear off FIGURE 3 6 AUTO REFRESH REFRESH CLEAR BUTTONS Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh t...

Page 44: ...of the SFP module Mon1 Bias mA Show the Bias current of the SFP module Mon2 TX PWR Show the transmit power of the SFP module Mon3 RX PWR Show the receiver power of SFP module Buttons Auto refresh Ref...

Page 45: ...h port number of the logical EEE port Configure Controls whether EEE is enabled for this switch port Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to prev...

Page 46: ...nable the use of the IP Address or uncheck to disable By default IP Address is enabled TCP UDP Port Number Use the TCP UDP port number to calculate the destination port for the frame Check to enable t...

Page 47: ...s switch port LACP will form an aggregation when 2 or more ports are connected to the same partner Key The Key value incurred by the port range 1 65535 The Auto setting will set the key as appropriate...

Page 48: ...ics FIGURE 3 12 LACP SYSTEM STATUS Parameter description Aggr ID The Aggregation ID associated with this aggregation instance For LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner...

Page 49: ...that LACP is enabled and the port link is up No means that LACP is not enabled or that the port link is down Backup means that the port could not join the aggregation group but will join if another p...

Page 50: ...he locked ports WEB INTERFACE To configure the Loop Protection parameters in the web interface 1 Click Port Management Loop Protection and Configuration 2 Select enable or disable the port loop Protec...

Page 51: ...locally and revert to previously saved values 3 6 2 STATUS This section displays the loop protection port status the ports of the currently selected switch WEB INTERFACE To display the Loop Protectio...

Page 52: ...lick to refresh the page immediately 3 7 UDLD 3 7 1 CONFIGURATION This page allows the user to inspect the current UDLD configurations and possibly change them as well WEB INTERFACE To configure the U...

Page 53: ...n that port Message Interval Configures the period of time between UDLD probe messages on ports that are in the advertisement phase and are determined to be bidirectional The range is from 7 to 90 sec...

Page 54: ...Bidirectional State The current state of the port Neighbor Status Port The current port of the neighbor device Device ID The current ID of the neighbor device Link Status The current link status of th...

Page 55: ...nly one management VLAN can be active at a time When you specify a new management VLAN your HTTP connection to the old management VLAN is lost Make sure you have a connection between your management s...

Page 56: ...discards all frames that are not classified to the Access VLAN on egress all frames are transmitted untagged Trunk Trunk ports can carry traffic on multiple VLANs simultaneously and are normally used...

Page 57: ...e switch engine However the port will never transmit frames classified to VLANs that it is not a member of Ingress Acceptance Hybrid ports allow for changing the type of frames that are accepted on in...

Page 58: ...figured in hardware VLAN User module uses services of the VLAN management functionality to configure VLAN memberships and VLAN port configurations such as PVID and UVID Currently we support the follow...

Page 59: ...lt VLAN membership allows the frames classified to the VLAN ID to be forwarded on the respective VLAN member ports Show entries You can choose how many items you want to show up Admin You can choose t...

Page 60: ...proves network resource use while maintaining a loop free environment DMS Shows DMS VLAN membership status VCL shows MAC based VLAN entries configured by various MAC based VLAN users Port The logical...

Page 61: ...ill be displayed as Yes for the Combined user and the offending software module The Combined user reflects what is actually configured in hardware Admin You can choose the Vlan User Buttons Auto refre...

Page 62: ...mbers and all boxes are unchecked Buttons Adding New Entry Click to add a new MAC based VLAN entry An empty row is added to the table and the MAC based VLAN entry can be configured as needed Any unica...

Page 63: ...NTERFACE To Display MAC based address VLAN configuration in the web interface 1 Click VLAN Management MAC based VLAN and Status 2 To auto refresh the information select Auto refresh 3 Click Refresh to...

Page 64: ...rk Access Protocol SNAP is a mechanism for multiplexing on networks using IEEE 802 2 LLC more protocols than can be distinguished by the 8 bit 802 2 Service Access Point SAP fields SNAP supports ident...

Page 65: ...in string is a hexadecimal value ranges from 0x00 0xff b PID If the OUI is hexadecimal 000000 the protocol ID is the Ethernet type EtherType field value for the protocol running on top of SNAP if the...

Page 66: ...default no ports are members and all boxes are unchecked Buttons Delete To delete a Group Name to VLAN map entry check this box The entry will be deleted on the switch during the next Save Add New Ent...

Page 67: ...the network mask length VLAN ID Indicates the VLAN ID VLAN ID can be changed for the existing entries Port Members A row of check boxes for each port is displayed for each IP subnet to VLAN ID mappin...

Page 68: ...is a subset of an active topology GARP defines the architecture rules of operation state machines and variables for the registration and de registration of attribute values A GARP participation in a s...

Page 69: ...n particular port locally Disable Select to Disable GVRP mode on this port GVRP Enable Select to Enable GVRP mode on this port Buttons Apply Click to save changes Reset Click to undo any changes made...

Page 70: ...VLANs Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 4 9 PORT ISOLATION Port Isolation provides for an apparatus and method to...

Page 71: ...ly saved values 4 10 VOICE VLAN Voice VLAN is VLAN configured specially for voice traffic By adding the ports with voice devices attached to voice VLAN we can perform QoS related configuration for voi...

Page 72: ...the value equals the management VID MVR VID PVID etc The allowed range is 1 to 4095 Aging Time Indicates the Voice VLAN secure learning aging time The allowed range is 10 to 10000000 seconds It is us...

Page 73: ...covery protocol to LLDP or Both Changing the discovery protocol to OUI or LLDP will restart the auto detect process Possible discovery protocols are OUI Detect telephony device by OUI address LLDP Det...

Page 74: ...o a vendor by IEEE It must be 6 characters long and the input format is xx xx xx x is a hexadecimal digit Description The description of the OUI address Normally it describes which vendor telephony de...

Page 75: ...rding to what was configured for that specific QoS class The switch supports advanced memory control mechanisms providing excellent performance of all QoS classes under any traffic scenario including...

Page 76: ...value in the tag Otherwise the frame is classified to the default DPL The classified DPL can be overruled by a QCL entry PCP Controls the default PCP value All frames are classified to a PCP value If...

Page 77: ...y and revert to previously saved values Cancel Click to undo any changes made locally and return to the previous page 5 2 PORT POLICERS This section provides an overview of QoS Ingress Port Policers f...

Page 78: ...ort is in flow control mode then pause frames are sent instead of discarding frames Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved valu...

Page 79: ...ed for this queue on this switch port Queue Shaper Rate Controls the rate for the queue shaper This value is restricted to 100 13107100 when Unit is kbps and 1 13107 when Unit is Mbps The rate is inte...

Page 80: ...changes Reset Click to undo any changes made locally and revert to previously saved values 5 4 STORM CONTROL This section explains how to configure the Storm control for the switch There is a destina...

Page 81: ...lobal storm policer Supported rates are divisible by 10 fps or 25 kbps Unit Controls the unit of measure for the global storm policer rate as fps kfps kbps or Mbps Port Storm Policer Configuration Hel...

Page 82: ...the QoS Port Schedulers in the web interface 1 Click Quality of Service and Port Scheduler 2 Click the Port and display the QoS Egress Port Schedulers 3 Scroll Port and Scheduler Mode specify the Que...

Page 83: ...that this shaper operates on data rate Queue Scheduler Weight Controls the weight for this queue This value is restricted to 1 100 This parameter is only shown if Scheduler Mode is set to Weighted Que...

Page 84: ...stack unit as reflected by the page header WEB INTERFACE To configure the QoS Port PCP Remarking in the web interface 1 Click Quality of Service and Port PCP Remarking 2 Click the Port and display th...

Page 85: ...de Shows the PCP remarking mode for this port Keep Use classified PCP DEI values Specific Use default PCP DEI values Mapped Use mapped versions of CoS and DPL PCP DEI Configuration Controls the defaul...

Page 86: ...5 To cancel the setting click the Reset button It will revert to previously saved values FIGURE 5 9 QOS PORT DSCP CONFIGURATION Parameter description Port The Port column shows the list of ports for w...

Page 87: ...configure the basic QoS DSCP Translation settings for all switches DSCP translation can be done in Ingress or Egress WEB INTERFACE To configure the DSCP Translation parameters in the web interface 1...

Page 88: ...s how to configure and allows you to map a DSCP value to a QoS Class and DPL value The settings relate to the currently selected stack unit as reflected by the page header WEB INTERFACE To configure t...

Page 89: ...e DSCP Based QoS Ingress Classification parameters in the web interface 1 Click Quality of Service DSCP and DSCP Based QoS 2 Enable or disable the DSCP for Trust 3 Scroll to select Queue Priority and...

Page 90: ...256 on each switch Click on the lowest plus sign to add a new QCE to the list WEB INTERFACE To configure the QoS Control List parameters in the web interface 1 Click Quality of Service QoS Contol List...

Page 91: ...IP this field indicates the DMAC Tag Type Indicates tag type Possible values are Any Match tagged and untagged frames Untagged Match untagged frames Tagged Match tagged frames C Tagged Match C tagged...

Page 92: ...lude the port in the QCL entry By default all ports are included Key Parameters Key configuration is described below DMAC Destination MAC address Possible values are Unicast Multicast Broadcast Specif...

Page 93: ...are in the range 0 63 including BE CS1 CS7 EF or AF11 AF43 Sport Source TCP UDP port 0 65535 or Any specific or port range applicable for IP protocol UDP TCP Dport Destination TCP UDP port 0 65535 or...

Page 94: ...elect the combined static Voice VLAN and conflict 4 Click Refresh to refresh an entry of the MVR Statistics Information FIGURE 5 15 QOS CONTROL LIST STATUS Parameter description User Indicates the QCL...

Page 95: ...SH RESOLVE CONFLICT BUTTONS Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately Combined Select the QCL...

Page 96: ...s the Queue number There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received and transmitted packets per queue Buttons Auto refresh Refresh Clear off First Page Next...

Page 97: ...cost spanning tree it enables all root ports and designated ports and disables all other ports Network packets are therefore only forwarded between root ports and designated ports eliminating any poss...

Page 98: ...seconds Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge Valid values are in the range 6 to 40 seconds and MaxAge must be FwdDelay 1 2 Maximum Hop Count...

Page 99: ...citly mapped You need to set the list of VLANs mapped to the MSTI The VLANs must be separated with a comma and or space A VLAN can only be mapped to one MSTI An unused MSTI should just be left empty i...

Page 100: ...mapped to it Example 2 5 20 40 MSTI Priority Controls the bridge priority Lower numeric values have better priority The bridge priority plus the MSTI instance number concatenated with the 6 byte MAC...

Page 101: ...nning tree s active topology as a result of persistently incorrect learned station location information It is set by a network administrator to prevent bridges external to a core region of the network...

Page 102: ...Bridge Topology Flag The current state of the Topology Change Flag of this Bridge instance Topology Change Last The time since the last Topology Change occurred STP Port Status Port The switch port nu...

Page 103: ...ince the Topology Flag was last set CIST Ports Aggregations State Port The switch port number of the logical STP port Port ID The port id as used by the STP protocol This is the priority part and the...

Page 104: ...ort The switch port number of the logical STP port MSTP The number of MSTP Configuration BPDU s received transmitted on the port RSTP The number of RSTP Configuration BPDU s received transmitted on th...

Page 105: ...s and switch ports The frames also contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the...

Page 106: ...ther frames are dropped NOTE Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can...

Page 107: ...ss Table and Information 2 If you want to auto refresh the information select Auto refresh 3 Click Refresh to refresh the MAC Address Table FIGURE 7 3 MAC ADDRESS TABLE PARAMETER DESCRIPTION Navigatin...

Page 108: ...ries turn to the next page NOTES 00 40 C7 73 01 29 your switch MAC address for IPv4 33 33 00 00 00 01 Destination MAC for IPv6 Router Advertisement reference IPv6 RA JPG 33 33 00 00 00 02 Destination...

Page 109: ...ward the packet to the members who previously joined in a specified IP multicast group The packets will be discarded by the IGMP Snooping if the user transmits multicast packets to the multicast group...

Page 110: ...ave Proxy This feature can be used to avoid forwarding unnecessary leave messages to the router side Proxy Enabled Enable IGMP Proxy This feature can be used to avoid forwarding unnecessary join and l...

Page 111: ...the Reset button It will revert to previously saved values FIGURE 8 2 IGMP SNOOPING VLAN CONFIGURATION PARAMETER DESCRIPTION Start from Vlan Click to Refresh the displayed table starting from the VLA...

Page 112: ...val is 10 in tenths of seconds 1 second URI sec Unsolicited Report Interval The Unsolicited Report Interval is the time between repetitions of a host s initial report of membership in a group The allo...

Page 113: ...t is learnt to be a router port Both denote the specific port is configured or learnt to be a router port Port Switch port number Status Indicate whether a specific port is a router port or not Button...

Page 114: ...dress The Next Page will use the last entry of the currently displayed table as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the Fir...

Page 115: ...FM Information Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address T...

Page 116: ...address will receive the traffic sent to that address Application software running on the source and destination systems cooperates to determine what multicast address to use NOTE This is a function...

Page 117: ...e SSM aware hosts and routers to run the SSM service model for the groups in the address Using IPv6 Address range Leave Proxy Enabled Enable MLD Leave Proxy This feature can be used to avoid forwardin...

Page 118: ...CRIPTION Delete Check to delete the entry The designated entry will be deleted during the next save VLAN ID This displays the VLAN ID of the entry Snooping Enabled Enable the per VLAN IGMP Snooping Up...

Page 119: ...nterval is 1 second Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 8 2 3 STATUS This section describes how to display the MLD Sn...

Page 120: ...ted first by VLAN ID and then by group WEB INTERFACE To display the MLD Snooping Group information in the web interface 1 Click Multicast MLD Snooping and Group Information 2 To auto refresh the infor...

Page 121: ...rmation 2 To auto refresh the information select Auto refresh 3 Click Refresh to refresh an entry of the MLD SFM Information 4 Click First Next Page to change the page FIGURE 8 10 MLD SFM CONFIGURATIO...

Page 122: ...the group information entries turn to the next page 8 3 MVR The MVR feature enables multicast traffic forwarding on the Multicast VLAN In a multicast television application a PC or a television with...

Page 123: ...nagement address is not set system uses the first available IPv4 management address Otherwise the system uses a pre defined value By default this value will be 192 0 2 1 Mode Specify the MVR mode of o...

Page 124: ...MVR VID MVR Name IGMP Address Mode Tagging Priority LLQI Interface Channel Profile Click Apply Delete Check to delete the entry The designated entry will be deleted during the next save Apply Click t...

Page 125: ...he information select Auto refresh 3 Click Refresh to refresh an entry of the MVR Groups Information 4 Click First Next Page to change the page FIGURE 8 13 MVR GROUP INFORMATION PARAMETER DESCRIPTION...

Page 126: ...ulticast MVR and MVR SFM Information 2 To auto refresh the information select Auto refresh 3 Click Refresh to refresh an entry of the MVR Groups Information 4 Click First Next Page to change the page...

Page 127: ...ould be handled by a chip or not Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately First Page...

Page 128: ...which is composed of up to 16 alphabetic and numeric characters Profile Description Additional description which is composed of up to 64 alphabetic and numeric characters about the profile No blank or...

Page 129: ...be logged Rule Management Buttons You can manage rules and the corresponding precedence order by using the following buttons Insert a new rule before the current entry of rule X Delete the current en...

Page 130: ...ress that will be used as an address range End Address The ending IPv4 IPv6 Multicast Group Address that will be used as an address range Buttons Add New Address Range Entry Click to add new address r...

Page 131: ...bes how to configure the DHCP Snooping parameters of the switch DHCP Snooping can prevent attackers from adding their own DHCP servers to the network WEB INTERFACE To configure DHCP snooping in the we...

Page 132: ...enabled All DHCP clients obtained the dynamic IP address from the DHCP server will be listed in this table except for local VLAN interface IP addresses Entries in the Dynamic DHCP snooping Table are...

Page 133: ...INTERFACE To display a DHCP Relay statistics in the web interface 1 Click DHCP Snooping and Detailed Statistics 2 Select that port for which you want to display the DHCP Detailed Statistics 3 To auto...

Page 134: ...that have IP UDP checksum errors Rx Discarded from Untrusted The number of discarded packets that are coming from untrusted ports Buttons Auto refresh Check this box to refresh the page automatically...

Page 135: ...m VLAN ID 3 switch ID 1 port No 8 And the option 82 remote ID value equals the switch MAC address Possible modes are Enabled Enable DHCP relay information mode operation When DHCP relay information mo...

Page 136: ...eived from a server Receive Missing Agent Option The number of packets received without agent information options Receive Missing Circuit ID The number of packets received with the Circuit ID option m...

Page 137: ...fresh Click to refresh the page immediately Clear Clear all statistics 9 3 SERVER 9 3 1 CONFIGURATION This page configures the mode to enable disable DHCP server per system and per VLAN It also config...

Page 138: ...address of this route DNS Server Specify the DNS server Buttons Delete Check to delete the entry It will be deleted during the next save Add Interface Click to add a new DHCP server Apply Click to sa...

Page 139: ...net Mask Display the subnet mask of the DHCP address Default router Display the destination IP network or host address of this route DNS Server Display the DNS server Buttons Auto refresh Check this b...

Page 140: ...rict input to an interface by limiting and identifying MAC addresses 10 1 MANAGEMENT 10 1 1 ACCOUNT This page provides an overview of the current users Currently the only way to login as another user...

Page 141: ...read write access The system maintenance options software upload factory defaults and etc need user privilege level 15 Generally the privilege level 15 can be used for an administrator account privil...

Page 142: ...uration read only configuration execute read write User Privilege should be same or greater than the authorization Privilege level to have the access to that group Buttons Apply Click to save changes...

Page 143: ...ization Method Configuration Client The management client for which the configuration below applies Method Authorization Method can be set to one of the following values none authorization is disabled...

Page 144: ...PTION Mode Indicates the access management mode operation Possible modes are On Enable access management mode operation Off Disable access management mode operation VLAN ID Indicates the VLAN ID for t...

Page 145: ...imply logging on to the Internet WEB INTERFACE To configure IEEE 802 1X in the web interface 1 Click Security 802 1X and Configuration 2 Select on in the Mode of IEEE 802 1X Configuration 3 Check Reau...

Page 146: ...s no longer attached For MAC based ports reauthentication is only useful if the RADIUS server configuration has changed It does not involve communication between the switch and the client and therefor...

Page 147: ...ature see RADIUS Assigned QoS Enabled below for a detailed description The RADIUS Assigned QoS Enabled checkbox provides a quick way to globally enable disable RADIUS server assigned QoS Class functio...

Page 148: ...how many information exchange frames are needed for a particular method The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards it When authentica...

Page 149: ...C address is converted to a string on the following form xx xx xx xx xx xx that is a dash is used as separator between the lower cased hexadecimal digits The switch only supports the MD5 Challenge aut...

Page 150: ...nel Type and Tunnel Private Group ID attributes must all be present at least once in the Access Accept packet The switch looks for the first set of these attributes that have the same Tag value and fu...

Page 151: ...licant mode Currently X clients are authorized and Y are unauthorized Restart Two buttons are available for each row The buttons are only enabled when authentication is globally enabled and the port s...

Page 152: ...or EAPOL based authentication and the source MAC address from the most recently received frame from a new client for MAC based authentication QoS Class QoS Class assigned to the port by the RADIUS ser...

Page 153: ...the IP Source Guard 10 3 1 CONFIGURATION This section describes how to configure the IP Source Guard setting including Mode Enabled and Disabled Maximum Dynamic Clients 0 1 2 Unlimited WEB INTERFACE...

Page 154: ...mode is enabled and the value of max dynamic client is equal to 0 the switch only allows the IP packets to be forwarded that match static entries on the specific port Buttons Apply Click to save chan...

Page 155: ...deleted during the next save Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 10 3 3 DYNAMIC TABLE Entries in the Dynamic IP Source Guard...

Page 156: ...ached the text No more entries is shown in the displayed table Use the First Page button to start over Port Switch Port Number for which the entries are displayed VLAN ID VLAN ID in which the IP traff...

Page 157: ...settings of Check VLAN are Enabled Enable check VLAN operation Disabled Disable check VLAN operation Only when the Global Mode and Port Mode on a given port are enabled and the setting of Check VLAN...

Page 158: ...to previously saved values Translate dynamic to static Click to translate all dynamic entries to static entries 10 4 2 VLAN CONFIGURATION Specify which VLANs have ARP Inspection enabled WEB INTERFACE...

Page 159: ...Port Mode on a given port are enabled ARP Inspection is enabled on this given port Second you can specify which VLAN will be inspected on VLAN mode configuration web page The log type also can be conf...

Page 160: ...ddress and then by IP address All dynamic entries are learning from DHCP Snooping Navigating the ARP Inspection Table Each page shows up to 99 entries from the Dynamic ARP Inspection table default is...

Page 161: ...per page FIGURE 10 14 DYNAMIC ARP INSPECTION TABLE PARAMETER DESCRIPTION ARP Inspection Table Columns Port Switch Port Number for which the entries are displayed VLAN ID VLAN ID in which the ARP traf...

Page 162: ...ode Violation Limit for each port 4 Click Apply to save the setting 5 To cancel the setting click the Reset button It will revert to previously saved values FIGURE 10 15 PORT SECURITY CONFIGURATION PA...

Page 163: ...exceed 1024 If the limit is exceeded the corresponding action is taken The switch is born with a total number of MAC addresses from which all ports draw whenever a new MAC address is seen on a Port Se...

Page 164: ...interface 1 Click Security Port Security and status 2 Check Auto refresh 3 Click Refresh to refresh the port detailed statistics 4 Click the port number to see the status for this particular port FIG...

Page 165: ...dress VLAN ID The MAC address and VLAN ID that is seen on this port If no MAC addresses are learned a single row stating No MAC addresses attached is displayed State Indicates whether the correspondin...

Page 166: ...Click Apply to save the setting 6 To cancel the setting click the Reset button It will revert to previously saved values FIGURE 10 18 RADIUS SERVER CONFIGURATION PARAMETER DESCRIPTION Global Configur...

Page 167: ...rver Configuration The table has one row for each RADIUS server and a number of columns which are Hostname The IP address or hostname of the RADIUS server Auth Port The UDP port to use on the RADIUS s...

Page 168: ...arily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server...

Page 169: ...alid or invalid received from the server Malformed Access Responses The number of malformed RADIUS Access Response packets received from the server Malformed packets include packets with an invalid le...

Page 170: ...US Accounting Statistics for Server 1 The statistics map closely to those specified in RFC4670 RADIUS Accounting Client MIB Use the server select box to switch between the backend servers to show deta...

Page 171: ...matched it from the RADIUS accounting server The unit of this measurement is 100 ms A value of 0 ms indicates that there hasn t been round trip communication with the server yet Buttons Auto refresh...

Page 172: ...en configured Key The secret key up to 63 characters long shared between the TACACS server and the switch Server Configuration The table has one row for each TACACS server and a number of columns whic...

Page 173: ...to update the counter or Clear the information FIGURE 11 1 ACL PORTS CONFIGURATION PARAMETER DESCRIPTION Port The logical port for the settings contained in the same row Policy ID Select the policy to...

Page 174: ...ports by changing the volatile port configuration of the ACL user module Disabled Close ports by changing the volatile port configuration of the ACL user module The default value is Enabled Counter Co...

Page 175: ...page shows the Access Control List ACL which is made up of the ACEs defined on this switch Each row describes the ACE that is defined The maximum number of ACEs is 512 on each switch Click on the low...

Page 176: ...with a specific policy Port The ACE will match a specific ingress port Policy Bitmask Indicates the policy number and bitmask of the ACE Frame Type Indicates the frame type of the ACE Possible values...

Page 177: ...rame type selected A frame that hits this ACE matches the configuration that is defined here Ingress Port Select the ingress port for which this ACE applies All The ACE applies to all ports Port n The...

Page 178: ...matching the ACE are stored in the System Log Disabled Frames matching the ACE are not logged NOTE The logging feature only works when the packet length is less than 1518 without VLAN tags and the Sys...

Page 179: ...y is don t care ARP Parameters The ARP parameters can be configured when Frame Type ARP is selected ARP RARP Specify the available ARP RARP opcode OP flag for this ACE Any No ARP RARP OP flag is speci...

Page 180: ...v4 0x04 Any Any value is allowed don t care Ethernet Specify whether frames can hit the action according to their ARP RARP hardware address space HRD settings 0 ARP RARP frames where the HLD is not eq...

Page 181: ...imal notation DIP Filter Specify the destination IP filter for this ACE Any No destination IP filter is specified Destination IP filter is don t care Host Destination IP filter is set to Host Specify...

Page 182: ...specified ICMP code filter status is don t care Specific If you want to filter a specific ICMP code filter with this ACE you can enter a specific ICMP code value A field for entering an ICMP code val...

Page 183: ...t care TCP PSH Specify the TCP Push Function PSH value for this ACE 0 TCP frames where the PSH field is set must not be able to match this entry 1 TCP frames where the PSH field is set must be able t...

Page 184: ...e web interface 1 Click Access Control and ACL status 2 To auto refresh the information select Auto refresh 3 Click Refresh to refresh the ACL Status FIGURE 11 4 ACL STATUS SCREEN PARAMETER DESCRIPTIO...

Page 185: ...e rate limiter number of the ACE The allowed range is 1 to 16 When Disabled is displayed the rate limiter operation is disabled CPU Forward packets that match the specific ACE to CPU Counter The count...

Page 186: ...he SNMP agent will be de activated and the related Community Name Trap Host IP Address Trap and all MIB counters will be ignored 12 1 CONFIGURATION This section describes how to configure an SNMP Syst...

Page 187: ...26 The field is applicable only when SNMP version is SNMPv1 or SNMPv2c If SNMP version is SNMPv3 the community string will be associated with SNMPv3 communities table It provides more flexibility to c...

Page 188: ...s source address prefix Buttons Add New Entry Click to add a new entry Specify the name and configure the new entry Click Apply Delete Check to delete the entry It will be deleted during the next save...

Page 189: ...not be modified if entry already exists That means it must first be ensured that the value is set correctly Authentication Protocol Indicates the authentication protocol that this entry should belong...

Page 190: ...Add new entry 3 Specify the SNMP group parameter 4 Click Apply FIGURE 12 4 SNMP GROUPS CONFIGURATION PARAMETER DESCRIPTION Security Model Indicates the security model that this entry should belong to...

Page 191: ...ously saved values 12 2 4 VIEWS This function is used to configure SNMPv3 view The Entry index keys are OID Subtree and View Name To create a new view account check the Add new view button and enter t...

Page 192: ...OID Subtree The OID defining the root of the subtree to add to the named view The allowed OID length is 1 to 128 The allowed string content is a digital number or asterisk Buttons Add New Entry Click...

Page 193: ...ible security models are NoAuth NoPriv No authentication and no privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy Read View Name The name of the MIB view defining...

Page 194: ...Entry 3 Specify the ID parameters 4 Click Apply FIGURE 12 7 RMON STATISTICS CONFIGURATION PARAMETER DESCRIPTION ID Indicates the index of the entry The range is from 1 to 65535 Data Source Indicates t...

Page 195: ...you want to check 3 Check Auto refresh 4 Click Refresh to refresh the port detailed statistics FIGURE 12 8 RMON STATISTICS STATUS PARAMETER DESCRIPTION ID Indicates the index of Statistics entry Data...

Page 196: ...512 1023 The total number of packets including bad packets received that were between 512 to 1023 octets in length 1024 1588 The total number of packets including bad packets received that were betwee...

Page 197: ...ed during the next save Add New Entry Click to add a new entry Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 12 4 2 STATUS This page pr...

Page 198: ...cted to a multicast address CRC Errors The total number of packets received that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets inclusive but had either a b...

Page 199: ...ariable Indicates the particular variable to be sampled the possible variables are InOctets The total number of octets received on the interface including framing characters InUcastPkts The number of...

Page 200: ...vent index 1 65535 Falling Threshold Falling threshold value 2147483648 2147483647 Falling Index Falling event index 1 65535 Buttons Delete Check to delete the entry It will be deleted during the next...

Page 201: ...Rising Threshold Rising threshold value Rising Index Rising event index Falling Threshold Falling threshold value Falling Index Falling event index Show entries You can choose how many items you want...

Page 202: ...the entry It will be deleted during the next save Add New Entry Click to add a new entry Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values...

Page 203: ...ION Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry LogTIme Indicates the Event log time LogDescription Indicates the Event description Show entries Y...

Page 204: ...cify the SNMP Trap parameter 4 Click Apply FIGURE 13 1 SNMP TRAP CONFIGURATION PARAMETER DESCRIPTION Trap Destination Configurations Name Indicates the trap Configuration s name Indicates the trap des...

Page 205: ...length is 0 to 63 and the allowed content is ASCII characters from 33 to 126 Trap Destination Address Indicates the SNMP trap destination address It allows a valid IP address in dotted decimal notatio...

Page 206: ...eMail 2 Specify the SMTP Configuration parameter 3 Click Apply FIGURE 13 2 SMTP CONFIGURATION PARAMETER DESCRIPTION Mail Server The IP address or hostname of the mail server IP address is expressed i...

Page 207: ...s and Server Port 4 Click Apply FIGURE 13 3 SYSTEM LOG CONFIGURATION PARAMETER DESCRIPTION Server Mode Indicates the server mode operation When the mode operation is enabled the syslog message will se...

Page 208: ...MATION PARAMETER DESCRIPTION ID ID 1 of the system log entry Level level of the system log entry The following level types are supported Debug debug level message Info informational message Notice nor...

Page 209: ...urations Trap event severity can also be configured here WEB INTERFACE To display the configure Trap Event Severity in the web interface 1 Click Event Notification and Event Configuration 2 Scroll to...

Page 210: ...oup Name in Push Notification Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 13 5 SWITCH2GO 13 5 1 SWITCH2GO SETTING Configure S...

Page 211: ...he Switch2go server for the connection back to this switch from a mobile device Possible modes are Enabled Enable Switch2go mode Disabled Disable Switch2go mode Server Address Indicates the IPv4 host...

Page 212: ...ent Severity Configuration The name and role of each port also can be defined here WEB INTERFACE To configure the iPush Option in the web interface 1 Click Event Notification Switch2go and iPush Optio...

Page 213: ...KBOX COM NEED HELP LEAVE THE TECH TO US LIVE 24 7 TECHNICAL SUPPORT 1 877 877 2269 CHAPTER 13 EVENT NOTIFICATION Apply Click to save changes Reset Click to undo any changes made locally and revert to...

Page 214: ...nectivity issues WEB INTERFACE To configure a PING in the web interface 1 Click Diagnostics and Ping 2 Specify IP Address Ping Length Ping Count Ping Interval and Egress Interface 3 Click Start FIGURE...

Page 215: ...iven PING6 finds the best matched interface for destination Do not specify egress interface for loopback address Do specify egress interface for link local or multicast address Buttons Start Click the...

Page 216: ...kets per hop Values range from 1 to 10 The default is 3 Buttons Start Click the Start button to start to traceroute the target IP Address New Ping Back to Traceroute page 14 3 CABLE DIAGNOSTICS This s...

Page 217: ...IRRORING You can mirror traffic from any source port to a target port for real time analysis You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the so...

Page 218: ...ther frames transmitted nor frames received are mirrored Enabled Frames received and frames transmitted are mirrored on the mirror port Buttons Apply Click to save changes Reset Click to undo any chan...

Page 219: ...eceiver If sFlow is configured through SNMP all controls except for the Release button are disabled to avoid inadvertent reconfiguration The Release button allows for releasing the current owner and d...

Page 220: ...of bytes that should be copied from a sampled packet to the sFlow datagram Valid range is 14 to 200 bytes with a default of 128 bytes If the maximum datagram size does not take into account the maximu...

Page 221: ...sfully sent to the sFlow receiver Tx Errors The number of UDP datagrams that have failed transmission The most common source of errors is invalid sFlow receiver IP hostname configuration To diagnose p...

Page 222: ...RT 1 877 877 2269 CHAPTER 14 DIAGNOSTICS Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately Cl...

Page 223: ...This file is volatile startup config The startup configuration for the switch read at boot time default config A read only file with vendor specific configuration This file is read when the system is...

Page 224: ...A virtual file that represents the currently active configuration on the switch This file is volatile startup config The startup configuration for the switch read at boot time default config A read on...

Page 225: ...nto running config startup config The startup configuration for the switch read at boot time Create new file To create new files Buttons Browse Click the button to search the configuration text file a...

Page 226: ...elected file will be activated to be the switch s running configuration 15 1 5 DELETE You can delete any of the writable files stored in flash including startup config If this is done and the switch i...

Page 227: ...ble afterwards WEB INTERFACE To Restart Device in the web interface 1 Click Maintenance and Restart Device 2 Click Yes FIGURE 15 6 RESTART DEVICE PARAMETER DESCRIPTION Restart Device You can restart t...

Page 228: ...irmware and Firmware Upgrade 2 Click Upload FIGURE 15 8 FIRMWARE UPGRADE PARAMETER DESCRIPTION Browse Click the Browse button to search the Firmware URL and filename 15 4 2 FIRMWARE SELECTION This pag...

Page 229: ...n Image The file name of the firmware image from when the image was last updated Version The version of the firmware image Date The date where the firmware was produced Buttons Activate Alternate Imag...

Page 230: ...consequential or cost of cover damages resulting from any errors in the product information or specifications set forth in this document and Black Box Corporation may revise this document at any time...

Page 231: ..._______ _ _________________________________________________________________________________________________ ____________________________________________________________________________________________...

Page 232: ...NEED HELP LEAVE THE TECH TO US LIVE 24 7 TECHNICAL SUPPORT 1 877 877 2269 COPYRIGHT 2018 BLACK BOX CORPORATION ALL RIGHTS RESERVED LGB1152A_GUI_USER_REV1 PDF...

Reviews:

No comments

Related manuals for LGB1152A

N-Tron 100 Series User Manual & Installation Manual preview
100 Series
Brand: N-Tron Pages: 20
Cisco Catalyst 3110G Getting Started Manual preview
Catalyst 3110G
Brand: Cisco Pages: 30
Cabletron Systems SEHI100TX-22 User Manual preview
SEHI100TX-22
Brand: Cabletron Systems Pages: 88
E-T-A 921 Series Instructions For Installation Manual preview
921 Series
Brand: E-T-A Pages: 6
jablotron UC-230 Quick Start Manual preview
UC-230
Brand: jablotron Pages: 2
Hisselektronik Safeline 2000 Light Manual For Programmering preview
Safeline 2000 Light
Brand: Hisselektronik Pages: 9
Manhattan 100984 Instruction Manual preview
100984
Brand: Manhattan Pages: 2
Barksdale 9671 Series Operating Instructions Manual preview
9671 Series
Brand: Barksdale Pages: 6
Hailink MX44NN00RK User Manual preview
MX44NN00RK
Brand: Hailink Pages: 6
ATEN CS-102U User Manual preview
CS-102U
Brand: ATEN Pages: 15
Tripp Lite B004-008 Owner'S Manual preview
B004-008
Brand: Tripp Lite Pages: 9
Evidence Cross-8/HPoE-10G User Manual preview
Cross-8/HPoE-10G
Brand: Evidence Pages: 321
Dwyer Instruments CFS2 Series Installation And Operating Instructions preview
CFS2 Series
Brand: Dwyer Instruments Pages: 4
Kramer VP-4x1 CS User Manual preview
VP-4x1 CS
Brand: Kramer Pages: 39
Unilamp Luzense RADIM RF Instruction Manual preview
Luzense RADIM RF
Brand: Unilamp Pages: 2
Longshine LCS-883R-SW8GD User Manual preview
LCS-883R-SW8GD
Brand: Longshine Pages: 26
UltraPro 51424 Manual preview
51424
Brand: UltraPro Pages: 2
ADTRAN 1200766L1 Quick Start Manual preview
1200766L1
Brand: ADTRAN Pages: 2

Brands by name

Popular brands

Load more brands