Comnet CNGE11FX3TX8MS Installation And Operation Manual Download Page 38 | Manualshive

Page: 38 / 314

background image

INS_CNGE11FX3TX8MS[POE][HO] Rev. 11.6.17 PAGE 38

INSTRUCTION MANUAL

CNGE11FX3TX8MS[POE][HO]

TECH SUPPORT: 1.888.678.9427

Privilege Levels

This page provides an overview of the privilege levels.

Group Name

The name identifying the privilege group. In most cases, a privilege level group consists of a
single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one. The following
description defines these privilege level groups in details:
System: Contact, Name, Location, Timezone, Daylight Saving Time, Log.
Security: Authentication, System Access Management, Port (contains Dot1x port, MAC based and
the MAC Address Limit), ACL, HTTPS, SSH, ARP Inspection, IP source guard.
IP: Everything except ‘ping’.
Port: Everything except ‘VeriPHY’.
Diagnostics: ‘ping’ and ‘VeriPHY’.
Maintenance: CLI- System Reboot, System Restore Default, System Password, Configuration
Save, Configuration Load and Firmware Load. Web- Users, Privilege Levels and everything in
Maintenance.
Debug: Only present in CLI.

Privilege Levels Every group has an authorization Privilege level for the following sub groups:

configuration read-only, configuration/execute read-write, status/statistics read-only, status/
statistics read-write (e.g. for clearing of statistics). User Privilege should be same or greater than the
authorization Privilege level to have the access to that group.

Apply

Click to apply changes.

Reset

Click to revert to previous values.

«
...
36
37
38
39
40
...
»

Summary of Contents for CNGE11FX3TX8MS

Page 1: ...MSTP RSTP STP ERPS G 8032 which protect your applications from network interruptions or temporary malfunctions by redirecting transmission within the network The switch provides advanced IP based man...

Page 2: ...e Switch on DIN Rail 8 Wall Mounting Installation 10 Hardware Overview 11 Power Supply 12 Front Panel LEDs 12 POEHO 60 W PoE Model 12 WEB Management 13 Login 13 Configuration 17 Green Ethernet 24 Ther...

Page 3: ...141 Protocol based VLAN 142 Voice VLAN 146 Mirroring Remote Mirroring Configuration 167 UPnP 170 GVRP 171 Monitor Menu 173 System 173 CUP Load 174 Input Power Status 175 System IP Status 176 System Lo...

Page 4: ...oups 248 Quick Start 249 Log In and Reset Configuration to Factory Default 249 Set Device Hostname and Admin User Password 250 Set VLAN 1 IP Address 250 Display and Save Configuration to Flash 252 ICL...

Page 5: ...d Deletion Users 282 Using Show Commands 283 Listing All Show Commands 284 Show running config 287 Default vs Non default vs All Defaults 287 Show running config all defaults 289 Show running config f...

Page 6: ...warranty period with shipment expenses apportioned by ComNet and the distributor This warranty does not cover product modifications or repairs done by persons other than ComNet approved personnel and...

Page 7: ...tion in restricted access location is required for this case For POE models requiring a power supply not labeled LPS the unit should be installed in a restricted access location using a 60950 1 2nd Ed...

Page 8: ...17 PAGE 8 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Hardware Installation Installing the Switch on DIN Rail Each switch has a Din Rail kit on the rear panel The DIN Rail kit...

Page 9: ...E11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 It is easy to install the switch on the Din Rail Mount Series on DIN Rail Step 1 Tilt the switch and mount the metal spring to DIN Rail Step 2 Push the s...

Page 10: ...into wood surface recommended Step 1 Remove DIN Rail kit if it is installed Step 2 Remove the two screws at the top of the unit s back panel Remove only one pair of back panel screws at time these hol...

Page 11: ...TX8MS POE HO Call out Description 1 1 100 1000Base FX SFP Port 2 2 100 1000 2500Base FX SFP Ports 3 Link Activity LED Indicators for SFP Ports 4 8 10 100 1000Base TX RJ45 Ports 5 PoE LED Indicators Po...

Page 12: ...unt of air flow required for safe operation of the equipment is not compromised Front Panel LEDs LED Color Status Description Alarm Red On Alarm Fault Status has been triggered Power 1 Alarm Green On...

Page 13: ...168 10 1 This is the main login page Default user name is admin with maximum length 32 Default password is admin with maximum length 32 Warning Any changes made to the settings will apply only to the...

Page 14: ...CTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Menu Trees The following tree views show the available menus within the switch web GUI It offers the user quick access to all the configu...

Page 15: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 15 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Monitor Menu Diagnostics Menu...

Page 16: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 16 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Maintenance Menu...

Page 17: ...gned name for this managed node By convention this is the node s fully qualified domain name A domain name is a text string drawn from the alphabet A Za z digits 0 9 minus sign No space characters are...

Page 18: ...Proxy When DNS proxy is enabled system will relay DNS requests to the currently configured DNS server and reply as a DNS resolver to the client devices on the network IP Interfaces Delete Select this...

Page 19: ...iguous zeros but it can appear only once It can also represent a legally valid IPv4 address For example 192 1 2 34 The field may be left blank if IPv6 operation on the interface is not desired IPv6 Ma...

Page 20: ...er Provide the IPv4 or IPv6 address of a NTP server IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80...

Page 21: ...me Configuration Daylight Saving Time This is used to set the clock forward or backward according to the configurations set below for a defined Daylight Saving Time duration Select Disable to disable...

Page 22: ...ber of minutes to add during Daylight Saving Time Range 1 to 1440 Non Recurring Configurations Start time settings Month Select the starting month Date Select the starting date Year Select the startin...

Page 23: ...if the syslog server does not exist Possible modes are Enabled Enable server mode operation Disabled Disable server mode operation Server Address Indicates the IPv4 host address of syslog server If t...

Page 24: ...intensity Intensity The LEDs intensity 100 Full power 0 LED off Maintenance On time at link change When a network administrator does maintenance of the switch e g adding or moving users he might want...

Page 25: ...nabled PerfectReach works by determining the cable length and lowering the power for ports with short cables EEE Controls whether EEE is enabled for this switch port For maximizing power savings the c...

Page 26: ...When the temperature exceeds the configured thermal protection temperature ports will be turned off in order to decrease the power consumption It is possible to arrange the ports with different groups...

Page 27: ...2 5Gbps FDX Forces the port in 2 5Gbps full duplex mode Advertise Duplex When duplex is set as auto i e auto negotiation the port will only advertise the specified duplex as either Fdx or Hdx to the...

Page 28: ...f 1535 and below If the EtherType Length field is above 1535 it indicates that the field is used as an EtherType indicating which protocol is encapsulated in the payload of the frame If frame length c...

Page 29: ...T if the VLAN range contains only 1 VLAN ID then you can just input it into either one of the first and second VLAN ID or both On the other hand if you want to disable existed VLAN range then you can...

Page 30: ...HCP client IP Range Define the IP range to be excluded IP addresses The first excluded IP must be smaller than or equal to the second excluded IP BUT if the IP range contains only 1 excluded IP then y...

Page 31: ...l printable characters except white space If you want to configure the detail settings you can click the pool name to go into the configuration page Type Display which type of the pool is Network the...

Page 32: ...OE HO Rev 11 6 17 PAGE 32 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 DHCP Pool Configuration DHCP Pool Configuration Help DHCP Pool Configuration This page configures all set...

Page 33: ...n 3 Specify a list of IP addresses for routers on the client s subnet DNS Server DHCP option 6 Specify a list of Domain Name System name servers available to the client NTP Server DHCP option 42 Speci...

Page 34: ...ify the vendor type and configuration of a DHCP client DHCP server will deliver the corresponding option 43 specific information to the client that sends option 60 vendor class identifier Vendor i Spe...

Page 35: ...tion When DHCP snooping mode operation is enabled the DHCP requests messages will be forwarded to trusted ports and only allow reply packets from trusted ports Disabled Disable DHCP snooping mode oper...

Page 36: ...circuit ID format as vlan_id module_id port_no The first four characters represent the VLAN ID the fifth and sixth characters are the module ID in standalone device it always equal 0 in stackable devi...

Page 37: ...l value is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level User s privilege should be same or greater than...

Page 38: ...and the MAC Address Limit ACL HTTPS SSH ARP Inspection IP source guard IP Everything except ping Port Everything except VeriPHY Diagnostics ping and VeriPHY Maintenance CLI System Reboot System Restor...

Page 39: ...r database on the switch for authentication radius Use remote RADIUS server s for authentication tacacs Use remote TACACS server s for authentication Methods that involve remote servers are timed out...

Page 40: ...OE HO TECH SUPPORT 1 888 678 9427 SSH Configure SSH on this page Object Description Mode Indicates the SSH mode operation Possible modes are Enabled Enable SSH mode operation Disabled Disable SSH mode...

Page 41: ...upload method can be selected Web Browser or URL Generate To generate certification Certificate Algorithm HTTPS can generate two types of certification Possible types are RSA RSA certification DSA DS...

Page 42: ...Indicates the VLAN ID for the access management entry Start IP address Indicates the start IP address for the access management entry End IP address Indicates the end IP address for the access managem...

Page 43: ...ility to configure security name than a SNMPv1 or SNMPv2c community string In addition to community string a particular range of source addresses can be used to restrict source subnet Write Community...

Page 44: ...ap supported version 3 Destination Address Indicates the SNMP trap destination address It allows a valid IP address in dotted decimal notation x y z w And it also allows a valid hostname A valid hostn...

Page 45: ...cket The allowed string length is 0 to 255 and the allowed content is ASCII characters from 33 to 126 Trap Destination Address Indicates the SNMP trap destination address It allows a valid IP address...

Page 46: ...between 10 and 64 but all zeros and all F s are not allowed Trap Security Name Indicates the SNMP trap security name SNMPv3 traps and informs using USM for authentication and privacy A unique security...

Page 47: ...permit access to SNMPv3 agent The allowed string length is 1 to 32 and the allowed content is ASCII characters from 33 to 126 The community string will be treated as security name and map a SNMPv1 or...

Page 48: ...thentication and no privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy The value of security level cannot be modified if entry already exists That means it must fir...

Page 49: ...elong to Possible security models are v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Name A string identifying the security name that this entry should belo...

Page 50: ...he view type that this entry should belong to Possible view types are included An optional flag to indicate that this view subtree should be included excluded An optional flag to indicate that this vi...

Page 51: ...served for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Level Indicates the security model that this entry should belong to Possible security models are NoAuth NoPriv No...

Page 52: ...Configure RMON History table on this page The entry index key is ID Object Description Delete Check to delete the entry It will be deleted during the next save ID Indicates the index of the entry The...

Page 53: ...castPkts The number of uni cast packets that request to transmit OutNUcastPkts The number of broad cast and multi cast packets that request to transmit OutDiscards The number of outbound packets that...

Page 54: ...pe Indicates the notification of the event the possible types are none No SNMP log is created no SNMP trap is sent log Create SNMP log entry when the event is triggered snmptrap Send SNMP trap when th...

Page 55: ...a given port A user is identified by a MAC address and VLAN ID If Limit Control is enabled on a port the limit specifies the maximum number of users on the port If this number is exceeded an action i...

Page 56: ...ter requested aging period of all modules that use the functionality The Aging Period can be set to a number between 10 and 10 000 000 seconds To understand why aging may be desired consider the follo...

Page 57: ...he port shut down the port This implies that all secured MAC addresses will be removed from the port and no new address will be learned Even if the link is physically disconnected and reconnected on t...

Page 58: ...cess to the network These backend RADIUS servers are configured on the Configuration Security AAA page The IEEE802 1X standard defines port based operation but non standard variants overcome security...

Page 59: ...plugged into a switch port or if a supplicant is no longer attached For MAC based ports reauthentication is only useful if the RADIUS server configuration has changed It does not involve communication...

Page 60: ...the Configuration Security AAA page the client is put on hold in the Unauthorized state The hold timer does not count during an on going authentication In MAC based Auth mode the switch will ignore ne...

Page 61: ...oballyenabled Valid values are in the range 1 4095 Max Reauth Count The number of times the switch transmits an EAPOL Request Identity frame without response before considering entering the Guest VLAN...

Page 62: ...ny of the same characteristics as does port based 802 1X In Single 802 1X at most one supplicant can get authenticated on the port at a time Normal EAPOL frames are used in the communication between t...

Page 63: ...he RADIUS server when a supplicant is successfully authenticated If present and valid the port s Port VLAN ID will be changed to this VLAN ID the port will be set to be a member of that VLAN ID and th...

Page 64: ...ss frame when entering the Guest VLAN While in the Guest VLAN the switch monitors the link for EAPOL frames and if one such frame is received the switch immediately takes the port out of the Guest VLA...

Page 65: ...CL rate limiter and EVC policer can not both be enabled EVC Policer ID Select which EVC policer ID to apply on this port The allowed values are Disabled or the values 1 through 256 Port Redirect Selec...

Page 66: ...e shutdown feature only works when the packet length is less than 1518 without VLAN tags State Specify the port state of this port The allowed values are Enabled To reopen ports by changing the volati...

Page 67: ...ACL of the switch Object Description Rate Limiter ID The rate limiter ID for the settings contained in the same row Rate The rate range is located 0 3276700 in pps Or 0 100 200 300 1000000 in kbps Un...

Page 68: ...s which are not ICMP UDP TCP IPv6 The ACE will match all IPv6 standard frames Action Indicates the forwarding action of the ACE Permit Frames matching the ACE may be forwarded and learned Deny Frames...

Page 69: ...3 and the policy bitmask is 0x10 bit 0 is don t care bit then policy 2 and 3 are applied to this rule Frame Type Select the frame type for this ACE These frame types are mutually exclusive Any Any fra...

Page 70: ...ort will be disabled Disabled Port shut down is disabled for the ACE Note The shutdown feature only works when the packet length is less than 1518 without VLAN tags Counter The counter indicates the n...

Page 71: ...ify the sender IP address in the SIP Address field that appears Network Sender IP filter is set to Network Specify the sender IP address and sender IP mask in the SIP Address and SIP Mask fields that...

Page 72: ...appear These fields are explained later in this help file TCP Select TCP to filter IPv4 TCP protocol frames Extra fields for defining TCP parameters will appear These fields are explained later in thi...

Page 73: ...for defining TCP parameters will appear These fields are explained later in this help file Next Header Value When Specific is selected for the IPv6 next header value you can enter a specific value The...

Page 74: ...r a specific TCP UDP destination value A field for entering a TCP UDP destination value appears Range If you want to filter a specific range TCP UDP destination filter with this ACE you can enter a sp...

Page 75: ...ter Specify the Ethernet type filter for this ACE Any No EtherType filter is specified EtherType filter status is don t care Specific If you want to filter a specific EtherType filter with this ACE yo...

Page 76: ...Source Guard is enabled on which ports Only when both Global Mode and Port Mode on a given port are enabled IP Source Guard is enabled on this given port Max Dynamic Clients Specify the maximum number...

Page 77: ...to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The vlan id for the settings IP Address Allowed Source IP address MAC address Allowed Source...

Page 78: ...ou have to enable the setting of Check VLAN The default setting of Check VLAN is disabled When the setting of Check VLAN is disabled the log type of ARP Inspection will refer to the port setting And t...

Page 79: ...he button will use the next entry of the currently displayed VLAN entry as a basis for the next lookup When the end is reached the warning message is shown in the displayed table Use the button to sta...

Page 80: ...t will be deleted during the next save Port The logical port for the settings VLAN ID The vlan id for the settings MAC Address Allowed Source MAC address in ARP request packets IP Address Allowed Sour...

Page 81: ...next Dynamic ARP Inspection Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same st...

Page 82: ...he Deadtime to a value greater than 0 zero will enable this feature but only if more than one server has been configured Key The secret key up to 63 characters long shared between the RADIUS server an...

Page 83: ...obal timeout value Retransmit This optional setting overrides the global retransmit value Leaving it blank will use the global retransmit value Key This optional setting overrides the global key Leavi...

Page 84: ...ting the Deadtime to a value greater than 0 zero will enable this feature but only if more than one server has been configured Key The secret key up to 63 characters long shared between the TACACS ser...

Page 85: ...ss The IP address can be used to calculate the destination port for the frame Check to enable the use of the IP Address or uncheck to disable By default IP Address is enabled TCP UDP Port Number The T...

Page 86: ...e Specific setting a user defined value can be entered Ports with the same Key value can participate in the same aggregation group while ports with different keys cannot Role The Role shows the LACP a...

Page 87: ...each port valid values are 1 to 10 seconds Shutdown Time The period in seconds for which a port will be kept disabled in the event of a loop is detected and the port action shuts down the port Valid...

Page 88: ...address of the switch forms a Bridge Identifier For MSTP operation this is the priority of the CIST Otherwise this is the priority of the STP RSTP bridge Forward Delay The delay used by STP Bridges to...

Page 89: ...The port will enter the error disabled state and will be removed from the active topology Port Error Recovery Control whether a port in the error disabled state automatically will be enabled after a c...

Page 90: ...r MSTI s Intra region The name is at most 32 characters Configuration Revision The revision of the MSTI configuration named above This must be an integer between 0 and 65535 MSTI Mapping MSTI The brid...

Page 91: ...ations and possibly change them as well Object Description MSTI The bridge instance The CIST is the default instance which is always active Priorities Controls the bridge priority Lower numeric values...

Page 92: ...nal flag describing whether the port is connecting directly to edge devices No Bridges attached Transition to the forwarding state is faster for edge ports having operEdge true than for other ports Th...

Page 93: ...idge setting the port Edge status does not effect this setting A port entering error disabled state due to this setting is subject to the bridge Port Error Recovery setting as well Point to Point Cont...

Page 94: ...ing the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost ports are ch...

Page 95: ...which is composed of at maximum 16 alphabetic and numeric characters At least one alphabet must be present Profile Description Additional description which is composed of at maximum 64 alphabetic and...

Page 96: ...s the group address matches the address range of the rule Permit Group address matches the range specified in the rule will be learned Deny Group address matches the range specified in the rule will b...

Page 97: ...que name which is composed of at maximum 16 alphabetic and numeric characters At least one alphabet must be present Start Address The starting IPv4 IPv6 Multicast Group Address that will be used as an...

Page 98: ...VLANs with corresponding channel profile for each Multicast VLAN The channel profile is defined by the IPMC Profile which provides the filtering conditions Object Description MVR Mode Enable Disable t...

Page 99: ...Profile When the MVR VLAN is created select the IPMC Profile as the channel filtering condition for the specific MVR VLAN Summary about the Interface Channel Profiling of the MVR VLAN will be shown b...

Page 100: ...nd routers run the SSM service model for the groups in the address range Leave Proxy Enabled Enable IGMP Leave Proxy This feature can be used to avoid forwarding unnecessary leave messages to the rout...

Page 101: ...ent address is not set system uses the first available IPv4 management address Otherwise system uses a pre defined value By default this value will be 192 0 2 1 Compatibility Compatibility is maintain...

Page 102: ...port Interval is the time between repetitions of a host s initial report of membership in a group The allowed range is 0 to 31744 seconds default unsolicited report interval is 1 second Add New IGMP V...

Page 103: ...ering Profile Select the IPMC Profile as the filtering condition for the specific port Summary about the designated profile will be shown by clicking the view button Profile Management Button You can...

Page 104: ...outers run the SSM service model for the groups in the address range Leave Proxy Enable Enable MLD Leave Proxy This feature can be used to avoid forwarding unnecessary leave messages to the router sid...

Page 105: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 105 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427...

Page 106: ...It indicates the MLD control frame priority level generated by the system These values can be used to prioritize different classes of traffic The allowed range is 0 best effort to 7 highest default in...

Page 107: ...pply changes Reset Click to revert to previous values Refresh Click to refresh the table starting from VLAN input fields Click to update the table starting from the first entry in the VLAN Table lowes...

Page 108: ...information valid period is set to Tx Hold multiplied by Tx Interval seconds Valid values are restricted to 2 10 times Tx Delay If some configuration is changed e g the IP address a new LLDP frame is...

Page 109: ...Address field The CDP address TLV can contain multiple addresses but only the first address is shown in the LLDP neighbors table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version an...

Page 110: ...ach port determine the amount power it reserves by exchanging PoE information using the LLDP protocol and reserves power accordingly If no LLDP information is available for a port the port will reserv...

Page 111: ...port HO models only Forced Enables 60W PoE Force mode per port HO models only Priority The priority is used in the case where the remote devices require more power than the power supply can deliver In...

Page 112: ...ate a EPS in the Port Domain W P Flow is a Port Architecture 1 1 This will create a 1 1 EPS 1 1 This will create a 1 1 EPS W Flow The working flow for the EPS See Domain P Flow The protecting flow for...

Page 113: ...e APS PDU handling MEP Instance Configuration Configured Red This EPS is only created and has not yet been configured is not active Green This EPS is configured is active Protection Type Unidirectiona...

Page 114: ...ng local SF detected on working Instance State Protection State EPS state according to State Transition Tables in G 8031 W Flow OK State of working flow is ok SF State of working flow is Signal Fail S...

Page 115: ...tity Intermediate Point Direction Down This is a Down MEP monitoring ingress OAM and traffic on Residence Port Up This is a Up MEP monitoring egress OAM and traffic on Residence Port Residence Port Th...

Page 116: ...ed MPLS Link This is a MEP in the MPLS Link Domain MPLS Tunnel This is a MEP in the MPLS Tunnel Domain MPLS PW This is a MEP in the MPLS Pseudo Wires Domain MPLS LSP This is a MEP in the MPLS LSP Doma...

Page 117: ...ICC This is defined by ITU Y1731 Fig A5 Domain Name is not used MEG id must be max 15 char Domain Name This is the IEEE Maintenance Domain Name and is only used in case of IEEE String format This stri...

Page 118: ...ed if no CCM PDU has been received within 3 5 periods see cLOC Fault Cause cPeriod is declared if a CCM PDU has been received with different period see cPeriod Selecting 300f sec or 100f sec will conf...

Page 119: ...UI field CC Organization Specific Sub Type The last received value in the OS TLV Sub Type field CC Organization Specific Value The last received value in the OS TLV Value field CC Organization Specifi...

Page 120: ...1 888 678 9427 MEP Fault Management Configuration This page allows the user to inspect and configure the Fault Management of the current MEP Instance Note that the sub tables of Link Trace Link Trace...

Page 121: ...size DMAC 6 SMAC 6 TYPE 2 LBM PDU LENGTH 46 CRC 4 64 bytes The transmitted frame will be four bytes longer for each tag added 8 bytes in case of a tunnel EVC There are two frame MAX sizes to consider...

Page 122: ...ay action can be one of the following MAC The was a hit on the LT Target MAC FDB LTM is forwarded based on hit in the Filtering DB MFDB LTM is forwarded based on hit in the MIP CCM DB Last MAC The MAC...

Page 123: ...ll be 10101010 Test Signal State TX frame count The number of transmitted TST frames since last Clear RX frame count The number of received TST frames since last Clear RX rate The current received TST...

Page 124: ...ansmitted as fast as possible in case of using this for protection in the end point LOCK Enable Insertion of LOCK signal LCK PDU transmission in client layer flows can be enable disabled Frame Rate Se...

Page 125: ...ts in TAG if any In case of enable of Continuity Check and Loss Measurement both implemented on SW based CCM Priority has to be the same Frame rate Selecting the frame rate of CCM LMM PDU This is the...

Page 126: ...ny Cast Selection of 1DM DMM PDU transmitted unicast or multicast The unicast MAC will be configured through Peer MEP Peer MEP This is only used if the Cast is configured to Uni The 1DM DMR unicast MA...

Page 127: ...n is a counter that stores the number of delay measurements falling within a specified range during a Measurement Interval Measurement Bins for FD Configurable number of Frame Delay Measurement Bins p...

Page 128: ...eshold is 5000 us and the total number of Measurement Bins is four we can give an example as follows Bin Threshold Range bin0 0 us 0 us measurement 5 000 us bin1 5 000 us 5 000 us measurement 10 000 u...

Page 129: ...nces 0 in this field indicates that no Port 1 SF MEP is associated with this instance Port 0 APS MEP The Port 0 APS PDU handling MEP Port 1 APS MEP The Port 1 APS PDU handling MEP As only one APS MEP...

Page 130: ...F MEP is associated with this instance Port 0 APS MEP The Port 0 APS PDU handling MEP Port 1 APS MEP The Port 1 APS PDU handling MEP As only one APS MEP is associated with interconnected sub ring with...

Page 131: ...ely configured to be in either manual switch or forced switch state Forced Switch Forced Switch command forces a block on the ring port where the command is issued Manual Switch In the absence of a fa...

Page 132: ...ct Description Delete To delete a VLAN entry check this box The entry will be deleted on all stack switch units during the next Save VLAN ID Indicates the ID of this particular VLAN Adding a New VLAN...

Page 133: ...ther frames are dropped Note Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can...

Page 134: ...tion mappings are organized into Groups identified by the Group ID This way a port is configured to use a number of VLAN Translation mappings easily by simply configuring it to use a given group Then...

Page 135: ...igured to use any of the groups but only one at any given time Multiple ports can be configured to use the same group A valid Group ID is an integer value from 1 to 1111 Note By default each port is s...

Page 136: ...ers of all VLANs specified in the Allowed VLANs field By default only VLAN 1 is enabled More VLANs may be created by using a list syntax where the individual elements are separated by commas Ranges ar...

Page 137: ...ilities Can be configured to be VLAN tag unaware C tag aware S tag aware or S custom tag aware Ingress filtering can be controlled Ingress acceptance of frames and configuration of egress tagging can...

Page 138: ...the Port VLAN are transmitted untagged Other frames are transmitted with the relevant tag Tag All All frames whether classified to the Port VLAN or not are transmitted with a tag Untag All All frames...

Page 139: ...LAN ID Indicates the ID of this particular private VLAN Port Members A row of check boxes for each port is displayed for each private VLAN ID To include a port in a Private VLAN check the box To remov...

Page 140: ...olated ports on the same VLAN and Private VLAN Port Members A check box is provided for each port of a private VLAN When checked port isolation is enabled on that port When unchecked port isolation is...

Page 141: ...xclude the port from the mapping make sure the box is unchecked By default no ports are members and all boxes are unchecked Adding a New MAC to VLAN ID mapping entry Click Add New Entry to add a new M...

Page 142: ...ame Type is called etype Valid values for etype range between 0x0600 and 0xffff 2 LLC Valid value in this case is comprised of two different sub values a DSAP 1 byte long string 0x00 0xff b SSAP 1 byt...

Page 143: ...ble An empty row is added to the table where Frame Type Value and the Group Name can be configured as needed The Delete button can be used to undo the addition of new entry The maximum possible Protoc...

Page 144: ...he port lists of these mappings are mutually exclusive e g Group1 can be mapped to VID 1 on port 1 and to VID 2 on port 2 VLAN ID Indicates the VLAN ID to which the Group Name will be mapped A valid V...

Page 145: ...heck boxes for each port is displayed for each IP subnet to VLAN ID mapping entry To include a port in a mapping simply check the box To remove or exclude the port from the mapping make sure the box i...

Page 146: ...nable Voice VLAN It can avoid the conflict of ingress filtering Possible modes are Enabled Enable Voice VLAN mode operation Disabled Disable Voice VLAN mode operation VLAN ID Indicates the Voice VLAN...

Page 147: ...d all non telephonic MAC addresses in the Voice VLAN will be blocked for 10 seconds Possible port modes are Enabled Enable Voice VLAN security mode operation Disabled Disable Voice VLAN security mode...

Page 148: ...to delete the entry It will be deleted during the next save Telephony OUI A telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 characters long and the inpu...

Page 149: ...es after the configured default CoS DPL Controls the default drop precedence level All frames are classified to a drop precedence level If the port is VLAN aware and the frame is tagged then the frame...

Page 150: ...ode and or mapping Note This setting has no effect if the port is VLAN unaware Tagged frames received on VLAN unaware ports are always classified to the default CoS and DPL DSCP Based Click to Enable...

Page 151: ...agged frames on this port Disabled Use default QoS class and Drop Precedence Level for tagged frames Enabled Use mapped versions of PCP and DEI for tagged frames PCP DEI to QoS class DP level Mapping...

Page 152: ...nabled on this switch port Rate Controls the rate for the policer The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 3300 when the...

Page 153: ...E Enable or disable the queue policer for this switch port Rate Controls the rate for the queue policer This value is restricted to 100 3276700 when Unit is kbps and 1 3276 when Unit is Mbps The rate...

Page 154: ...eduler This page provides an overview of QoS Egress Port Schedulers for all switch ports Object Description Port The logical port for the settings contained in the same row Click on the port number in...

Page 155: ...Unit is kbps and 1 3281 when Unit is Mbps Ports in Basic or Hierarchical Scheduling Mode HQoS setting only have queue shapers on queue 6 and 7 The rate is internally rounded up to the nearest value su...

Page 156: ...kbps and 1 3281 when Unit is Mbps Only shown when configuring HQoS entries The rate is internally rounded up to the nearest value supported by the HQoS shaper HQoS Shaper Unit Controls the unit of mea...

Page 157: ...rs Qn Shows disabled or actual queue shaper rate e g 800 Mbps Port Shows disabled or actual port shaper rate e g 800 Mbps Port Tag Remarking This page provides an overview of QoS Egress Port Tag Remar...

Page 158: ...PCP DEI values Default Use default PCP DEI values Mapped Use mapped versions of QoS class and DP level PCP DEI Configuration Controls the default PCP and DEI values used when the mode is set to Defau...

Page 159: ...ess DSCP Classification DSCP 0 Classify if incoming or translated if enabled DSCP is 0 Selected Classify only selected DSCP for which classification is enabled as specified in DSCP Translation window...

Page 160: ...tches Object Description DSCP Maximum number of supported DSCP values is 64 Trust Controls whether a specific DSCP value is trusted Only frames with trusted DSCP values are mapped to a specific QoS cl...

Page 161: ...map There are two configuration parameters for DSCP Translation Translate Classify Translation DSCP at Ingress side can be translated to any of 0 63 DSCP values Classify Click to enable Classification...

Page 162: ...ws you to configure the mapping of QoS class and Drop Precedence Level to DSCP value Object Description QoS Class Actual QoS class DSCP DP0 Select the classified DSCP value 0 63 for Drop Precedence Le...

Page 163: ...s Tagged Match tagged frames The default value is Any VID Indicates VLAN ID either a specific VID or range of VIDs VID can be in the range 1 4095 or Any PCP Priority Code Point Valid values of PCP are...

Page 164: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 164 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427...

Page 165: ...lue mask format or Any IP and Mask are in the format x y z w where x y z and w are decimal numbers between 0 and 255 When Mask is converted to a 32 bit binary string and read from left to right all bi...

Page 166: ...present on the MAC Address table The configuration indicates the permitted packet rate for unicast multicast or broadcast traffic across the switch Object Description Frame Type The settings in a part...

Page 167: ...to get the tagged mirrored traffic you have to set VLAN egress tagging as Tag All on the reflector port On the other hand if you want to get untagged mirrored traffic you have to set VLAN egress tagg...

Page 168: ...sed Mirroring If you want to monitor some VLANs on the switch you can set the selected VLANs on this field Note1 The Mirroring session shall have either ports or VLANs as sources but not both Remote M...

Page 169: ...nooping High disabled disabled ip_source_guard Critical disabled disabled disabled ipmc igmpsnp Critical un conflict ipmc mldsnp Critical un conflict lacp Low o disabled lldp Low o disabled mac learni...

Page 170: ...he range 1 to 255 Advertising Duration The duration carried in SSDP packets is used to inform a control point or control points how often it or they should receive an SSDP advertisement message from t...

Page 171: ...i e in units of one hundredth of a second The default is 20 Leave time is a value in the range 60 300 in the units of centi seconds i e in units of one hundredth of a second The default is 60 Leave Al...

Page 172: ...ation This page allows you to enable disable a port for GVRP Object Description Port The logical port that is to be configured Mode Mode can be either Disabled or GVRP enabled These values turn the GV...

Page 173: ...system name configured in Configuration System Information System Name Location The system location configured in Configuration System Information System Location MAC Address The MAC Address of this...

Page 174: ...9427 CUP Load This page displays the CPU load using line chart The load is measured as averaged over the last 100ms 1 s and 10 seconds intervals The last 1 256 samples maximum 256 are graphed and the...

Page 175: ...ECH SUPPORT 1 888 678 9427 Input Power Status This page shows the status of the 2 power inputs along with power LED s and the fault relay status Auto_refresh Check to refresh the page automatically ev...

Page 176: ...ype of the entry This may be LINK or IPv4 Address The current address of the interface of the given type Status The status flags of the interface and or address IP Routes Network The destination IP ne...

Page 177: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 177 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427...

Page 178: ...y allowing for continuous refresh with the same start input field The will use the last entry of the currently displayed table as a basis for the next lookup When the end is reached the text No more e...

Page 179: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 179 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Click to update the table entries ending at the last available entry...

Page 180: ...1 of the system log entry Message The detailed message of the system log entry Refresh Click to update the system log entry to the current entry ID Click to update the system log entry to the first av...

Page 181: ...rt State This page provides an overview of the current switch port states The port states are illustrated as follows RJ45 ports SFP ports State Disabled Down Link Object Description Auto refresh Check...

Page 182: ...reflects the settings at the Port Power Savings configuration page LP EEE cap Shows if the link partner is EEE capable EEE Savings Shows if the system is currently saving power due to EEE When EEE is...

Page 183: ...affic statistics for all switch ports Object Description Port The logical port for the settings contained in the same row Packet The number of received and transmitted packets per port Bytes The numbe...

Page 184: ...for all switch ports Object Description Port The logical port for the settings contained in the same row Qn There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received...

Page 185: ...n taken on ingress frame if parameters configured are matched with the frame s content Possible actions are CoS Classify Class of Service DPL Classify Drop Precedence Level DSCP Classify DSCP value PC...

Page 186: ...e number of received and transmitted good and bad bytes Includes FCS but excludes framing bits Rx and Tx Unicast The number of received and transmitted good and bad unicast packets Rx and Tx Multicast...

Page 187: ...ed with invalid CRC Rx Jabber The number of long 2 frames received with invalid CRC Rx Filtered The number of received frames filtered by the forwarding process 1 Short frames are frames that are smal...

Page 188: ...nters Automatic Binding Number of bindings with network type pools Manual Binding Number of bindings that administrator assigns an IP address to a client That is the pool is of host type Expired Bindi...

Page 189: ...inding Possible types are Automatic Manual Expired State State of binding Possible states are Committed Allocated Expired Pool Name The pool that generates the binding Server ID Server IP address to s...

Page 190: ...AL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Declined IP This page displays declined IP addresses Declined IP List of IP addresses declined Auto_refresh Check to refresh the page automatically...

Page 191: ...owing for continuous refresh with the same start address The will use the last entry of the currently displayed table as a basis for the next lookup When the end is reached the text No more entries is...

Page 192: ...rcuit ID The number of packets whose Circuit ID option did not match known circuit ID Receive Bad Remote ID The number of packets whose Remote ID option did not match known Remote ID Client Statistics...

Page 193: ...ed Rx and Tx NAK The number of NAK option 53 with value 6 packets received and transmitted Rx and Tx Release The number of release option 53 with value 7 packets received and transmitted Rx and Tx Inf...

Page 194: ...Click to refresh the page Clear Click to clear all statistics Network Port Security Switch This page shows the Port Security status Port Security is a module with no direct configuration Configuratio...

Page 195: ...vice Ready The Port Security service is in use by at least one user module and is awaiting frames from unknown MAC addresses to arrive Limit Reached The Port Security service is enabled by at least th...

Page 196: ...is seen on this port If no MAC addresses are learned a single row stating No MAC addresses attached is displayed State Indicates whether the corresponding MAC address is blocked or forwarding In the b...

Page 197: ...ased authentication and the most recently received frame from a new client for MAC based authentication Last ID The user name supplicant identity carried in the most recently received Response Identit...

Page 198: ...to NAS Admin State for a description of possible values Port State The current state of the port Refer to NAS Port State for a description of the individual states QoS Class The QoS class assigned by...

Page 199: ...mes with TCP protocol IPv4 Other The ACE will match IPv4 frames which are not ICMP UDP TCP IPv6 The ACE will match all IPv6 standard frames Action Indicates the forwarding action of the ACE Permit Fra...

Page 200: ...nput fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently disp...

Page 201: ...input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently di...

Page 202: ...n the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled RADIUS Accounting Servers The RADIUS...

Page 203: ...ns information about the state of the server and the latest round trip time RADIUS Accounting Statistics Packet Counters RADIUS accounting server packet counter There are five receive and four transmi...

Page 204: ...cted to a multicast address CRC Errors The total number of packets received that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets inclusive but had either a b...

Page 205: ...le was measured Drop The total number of events in which packets were dropped by the probe due to lack of resources Octets The total number of octets of data including those in bad packets received on...

Page 206: ...arm table Object Description ID Indicates the index of Alarm control entry Interval Indicates the interval in seconds for sampling and comparing the rising and falling threshold Variable Indicates the...

Page 207: ...one with the lowest Event Index and Log Index found in the Event table Object Description Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry Log Time Ind...

Page 208: ...n Aggr ID The Aggregation ID associated with this aggregation instance Name Name of the Aggregation group ID Type Type of the Aggregation group Static or LACP Speed Speed of the Aggregation group Conf...

Page 209: ...or LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner System ID The system ID MAC address of the aggregation partner Partner Key The Key that the partner has assigned to this aggreg...

Page 210: ...ns that the port could not join the aggregation group but will join if other port leaves Meanwhile its LACP status is disabled Key The key assigned to this port Only ports with the same key can aggreg...

Page 211: ...onds Refresh Click to refresh the displayed table starting from the input fields Clear Click to Clear the counters for all ports Loop Protection This page displays the loop protection port status the...

Page 212: ...e Bridge ID of the currently elected root bridge Root Port The switch port currently assigned the root port role Root Cost Root Path Cost For the Root Bridge it is zero For all other Bridges it is the...

Page 213: ...ernal Root Cost The Regional Root Path Cost For the Regional Root Bridge this is zero For all other CIST instances in the same MSTP region it is the sum of the Internal Port Path Costs on the least co...

Page 214: ...d or explicitly configured Each Edge Port transits directly to the Forwarding Port State since there is no possibility of it participating in a loop Point to Point The current STP port point to point...

Page 215: ...nitialized Auto_refresh Check to refresh the page automatically every 3 seconds Refresh Click to refresh the displayed table starting from the input fields Port Statistics This page displays the STP p...

Page 216: ...ectively IGMP MLD Queries Transmitted The number of Transmitted Queries for IGMP and MLD respectively IGMPv1 Joins Received The number of Received IGMPv1 Join s IGMPv2 MLDv1 Report s Received The numb...

Page 217: ...ation Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will u...

Page 218: ...hen the end is reached the text No more entries is shown in the displayed table Use the button to start over Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed...

Page 219: ...ts V2 Report Received The number of Received V2 Reports V3 Report Received The number of Received V3 Reports V2 Leaves Received The number of Received V2 Leaves Router Port Display which ports act as...

Page 220: ...on the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the cu...

Page 221: ...displayed table as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the button to start over Object Description VLAN ID VLAN ID of the...

Page 222: ...ber of Received V1 Reports V2 Report Received The number of Received V2 Reports V1 Leaves Received The number of Received V1 Leaves Router Port Display which ports act as router ports A router port is...

Page 223: ...wo input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently...

Page 224: ...ly displayed table as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the button to start over Object Description VLAN ID VLAN ID of th...

Page 225: ...hbor unit System Name System Name is the name advertised by the neighbor unit System Capabilities System Capabilities describes the neighbor unit s capabilities The possible capabilities are 1 Other 2...

Page 226: ...Unknown If the device is a PD device it can either run on its local power supply or it can use the PSE as power source It can also use both its local power supply and the PSE If it is unknown what pow...

Page 227: ...eive Tw_sys_tx DISABLE denotes the specific interface is administratively disabled Echo Tx Tw The link partner s Echo Tx Tw value The respective echo values shall be defined as the local link partners...

Page 228: ...g Local Counters Local Port The port on which LLDP frames are received or transmitted Tx Frames The number of LLDP frames transmitted on the port Rx Frames The number of LLDP frames received on the po...

Page 229: ...e the LLDP information is valid age out time If no new LLDP frame is received within the age out time the LLDP information is removed and the Age Out counter is incremented Auto_refresh Check to refre...

Page 230: ...ority shows the port s priority configured by the user The resolved value that is the actual tx wakeup time used for this link based on EEE information exchanged via LLDP Port Status The Port Status s...

Page 231: ...upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently displayed VLAN MAC a...

Page 232: ...er Various internal software modules may use VLAN services to configure VLAN memberships on the fly The drop down list on the right allows for selecting between showing VLAN memberships as configured...

Page 233: ...row Port Type Shows the port type Unaware C Port S Port S Custom Port that a given user wants to configure on the port The field is empty if not overridden by the selected user Ingress Filtering Shows...

Page 234: ...this gives rise to a conflict which is solved in a prioritized way The Administrator has the least priority Other software modules are prioritized according to their position in the drop down list Th...

Page 235: ...troubleshoot IP connectivity issues Object Description IP Address The destination IP Address Ping Length The payload size of the ICMP packet Values range from 2 bytes to 1452 bytes Ping Count The cou...

Page 236: ...Values range from 1 time to 60 times Ping Interval The interval of the ICMP packet Values range from 0 second to 30 seconds Egress Interface only for IPv6 The VLAN ID VID of the specific egress IPv6...

Page 237: ...r 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete Object Description Port The port where you are requesting VeriPHY Cable Diagnostics Cable Status Port Port...

Page 238: ...e page without resetting configurations Factory Defaults You can reset the configuration of the switch on this page Only the IP configuration is retained The new configuration is available immediately...

Page 239: ...ftware image and click Upload button After the software image is uploaded a page announces that the firmware update is initiated After a few minutes the firmware is updated and the switch restarts War...

Page 240: ...corruption of the primary image or by manual intervention uploading a new firmware image to the device will automatically use the primary image slot and activate this 3 The firmware version and date...

Page 241: ...ation Copy running config to startup config thereby ensuring that the currently active configuration will be used at the next reboot Click Save Configuration button to save Download A user can downloa...

Page 242: ...rrent configuration is fully replaced with the configuration in the uploaded file Merge mode The uploaded file is merged into running config If the file system is full i e contains the three system fi...

Page 243: ...he writable files stored in flash including startup config If this is done and the switch is rebooted without a prior Save operation this effectively resets the switch to default configuration Select...

Page 244: ...can use console or telnet to management switch by CLI CLI Management by RS 232 Serial Console 115200 8 none 1 none Before Configuring RS 232 serial console use a USB Male A to USB Male B cable to con...

Page 245: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 245 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Step 2 Input a name for new connection Step 3 Select to use COM port number...

Page 246: ...678 9427 Step 4 The COM port properties setting 115200 for Bits per second 8 for Data bits None for Parity 1 for Stop bits and none for Flow control Step 5 The Console login screen will appear Use th...

Page 247: ...68 10 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 10 254 User Name admin Password admin Follow the steps below to access the console via Telnet Step 1 Telnet to the IP address of the switch fr...

Page 248: ...TION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Commander Groups Typing and Enter at any prompt will list the valid commands with their descriptions in this mode Typing and Enter after a...

Page 249: ...The computer must be running a terminal emulator such as TeraTerm or PuTTY on Windows or Minicom on Linux Log In and Reset Configuration to Factory Default Press Enter one or more times until the User...

Page 250: ...sword unencrypted very secret my device config exit my device The user admin now has the password very secret Other users can be added in similar fashion Set VLAN 1 IP Address The objective is to assi...

Page 251: ...P my device show ip interface brief displays all configured and active IP interfaces The status should be UP If it isn t then the reason could be that there is no link on any port If DHCP negotiation...

Page 252: ...e name startup config as this file is read and executed upon every boot and is therefore responsible for restoring the running configuration of the system to the state it had when the save took place...

Page 253: ...hing is displayed for them As a general rule only non default configuration is displayed otherwise the output would be huge and readability would suffer There are a few exceptions that will be discuss...

Page 254: ...mands instruct the device to use DHCP to obtain an IP address or if DHCP fails to use a static fallback address Inclusion of a fallback IP is optional and may be omitted ICLI Basics The following list...

Page 255: ...n be abbreviated as long as they are unambiguous For example these commands are identical my device show interface GigabitEthernet 1 5 capabilities my device sh in g 1 5 c This works because There are...

Page 256: ...be present indicates a grouping the constructs within belong together indicates a choice between two or more alternatives example a b c which reads as a or b or c Thus the first command syntax is simp...

Page 257: ...o times or one time not repeated There are variations Group of options of which at least one must be present a b c 1 Group of options where one or more has fixed position a b c This says that b is opt...

Page 258: ...or sequences whereas a sequence is of the form from to Some examples GigabitEthernet 1 5 for the single gigabit port number 5 on switch 1 GigabitEthernet 1 2 4 10 12 for gigabit ports 2 4 10 11 12 on...

Page 259: ...of ports but may output an error message if a specific switch ID or port number doesn t exist For example these sets are invalid interface 2 All ports of all types on switch 2 which isn t a member of...

Page 260: ...hile also allowing cursor movement and insertion deletion of characters and words The following table shows the available editing functions and keys Table 1 Basic Line Editing Key Key Operation Left R...

Page 261: ...of lines to keep in the history for the current session is configurable between 0 and 32 where 0 disables the history altogether my device terminal history size 32 The current value is displayed as pa...

Page 262: ...TRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 It is possible to list the history my device show history show running config copy running config startup config dir show history my d...

Page 263: ...cription or expand current word if it is unambiguous The context sensitive help only displays commands that are accessible at the current session privilege level see Understanding Privilege Levels pag...

Page 264: ...show aggregation mode This shows that there is an optional mode word square brackets indicate an option Repeated presses of toggles display between next possible input and syntax my device show aggreg...

Page 265: ...crolled right the third line has been scrolled to the middle of a quite long line Pagination appears each time execution of a command causes output of more lines than what has been configured as the t...

Page 266: ...able filtering is Begin display the first line that matches and all subsequent lines Include display exactly those lines that match Exclude display exactly those lines that do not match The string is...

Page 267: ...29 sec Idle time is 0 day 0 hour 0 min 0 sec Understanding Modes and Sub Modes The ICLI implements a number of modes that control the available command set The modes are further influenced by the pri...

Page 268: ...MC Profile Config Config Sub mode for configuring IP Multicast profiles Command ipmc profile profile_name Prompt hostname config ipmc profile SNMP Server Host Config Config Sub mode for configuring SN...

Page 269: ...ernet interfaces goes through global configuration or another sub mode Thus it is possible to change directly from VLAN sub mode to Ethernet interface sub mode for instance Thus each mode and sub mode...

Page 270: ...f vlan do show ip interface brief Vlan Address Method Status 1 192 168 10 15 24 DHCP UP my device config if vlan end When in Exec no do prefix is needed my device show ip interface brief Vlan Address...

Page 271: ...e This enters the VLAN sub mode as indicated by a new prompt my device config vlan 100 my device config vlan name MyVlan Change directly from VLAN sub mode into Ethernet interface sub mode for interfa...

Page 272: ...sed for example as follows The user account is configured with privilege level 0 Whenever the user needs to perform higher privileged commands the user changes session priority level executes the nece...

Page 273: ...ted Then follows either the level for which a password is being configured or if no level is given the password for level 15 my device config enable secret 0 word32 Password level Set exec level passw...

Page 274: ...ity timer automatically log out after a period of inactivity A value of zero disables automatic logout history Exec Line Length of command history buffer length Exec Line Terminal length in lines used...

Page 275: ...his line now Alive from Console Default privileged level is 2 Command line editing is enabled Display EXEC banner is enabled Display Day banner is enabled Terminal width is 80 length is 24 history siz...

Page 276: ...0 day 0 hour 16 min 31 sec Idle time is 0 day 0 hour 0 min 0 sec Then we do the same but for all future console sessions Note how the commands have no terminal prefix terminal length vs length my dev...

Page 277: ...actual text of the banner then follows and ends at the first appearance of the delimiter character The delimiters are not included in the actual text Configuring Banners First configure the MOTD banne...

Page 278: ...it Log out then log in again my device exit This is the Message Of The Day Banner It spans multiple lines And one more But now it ends Press ENTER to get started ENTER This is my device Username admin...

Page 279: ...ve configuration to flash Configuration Example In this example the hostname and VLAN 1 IP address is configured verified and saved This example assumes the session is initially unprivileged 1 Raise p...

Page 280: ...back 192 168 10 2 255 255 0 0 end More verification Display IP interfaces and assigned IP address and status my device show ip interface brief Vlan Address Method Status 1 192 168 10 15 24 DHCP UP An...

Page 281: ...the tasks accomplished Configure the VLAN 1 interface IP address to use DHCP Configure the DNS name server to be taken from DHCP Inspect the configuration Remove the DNS name server Remove the IP add...

Page 282: ...ope of this document It is possible to create several user accounts on a system Each user account has a set of configurable attributes User name Password Privilege level All attributes are configured...

Page 283: ...Delete the operator user and verify it is removed from the configuration my device config no username operator my device config do show running config include username username admin privilege 15 pass...

Page 284: ...agement access list Access list aggregation Aggregation port configuration clock Configure time of day clock dot1x IEEE Standard for port based Network Access Control eps Ethernet Protection Switching...

Page 285: ...configuration qos Quality of Service radius serverRADIUS configuration rfc2544 RFC2544 perfomance tests rmon RMON statistics running config Show running system information sflow Statistics flow snmp D...

Page 286: ...ansfer Protocol igmp Internet Group Management Protocol interface IP interface status and configuration name server Domain Name System route Display the current ip routing table source source command...

Page 287: ...he system configuration that is stored in binary form in the RAM memory of the device Because the effective device configuration is huge running config in the majority of cases only lists the delta be...

Page 288: ...interface GigabitEthernet 1 4 Building configuration interface GigabitEthernet 1 4 speed 1000 duplex full end Include all default settings for that interface my device show running config interface Gi...

Page 289: ...p inspection auth clock dhcp dhcp snooping dhcp_server dns dot1x eps erps evc green ethernet http icli ip igmp snooping ip igmp snooping port ip igmp snooping vlan ipmc profile ipmc profile range ipv4...

Page 290: ...2 5GigabitEthernet Building configuration interface 2 5GigabitEthernet 1 1 speed 1000 duplex full interface 2 5GigabitEthernet 1 2 end In this example there is only one VLAN on the system 16 40 Show r...

Page 291: ...ed to defaults This file is also used if startup config is missing It contains product specific customizations to the default settings of the device User defined configuration files created by the use...

Page 292: ...ting and resetting the default configuration is accomplished with the reload command reload cold sid switch_id I reload defaults keep ip I The reload cold version reboots the system If the system is s...

Page 293: ...98 bytes total Display the contents of the file backup output is abbreviated my device more flash backup hostname my device end Use file backup for the next boot by overwriting startup config my devic...

Page 294: ...CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 rw 1970 01 01 19 54 01 1237 backup 2 files 1885 bytes total Use the currently running config for next boot my device copy running config startup confi...

Page 295: ...y show ip interface brief Vlan Address Method Status 1 192 168 10 17 24 DHCP UP Contents of flash are unchanged my device dir Directory of flash r 1970 01 01 00 00 00 648 default config rw 1970 01 06...

Page 296: ...swap simply switches the Active and Alternate designation on each image and reboots the system A firmware upgrade performs these steps Download new firmware using TFTP HTTP HTTPS FTP and verify suitab...

Page 297: ...Protection Switching Example Configuration Introduction This section shows how to configure the Ethernet Ring Protection Switching ERPS for ComNet switches using the Web GUI and the CLI commands The...

Page 298: ...avoid creating a loop The web client is connected to switch 1 3 To avoid conflict with ERPS disable spanning tree on all switches if it is enabled 4 Enable VLAN tag aware on all three switches In VLAN...

Page 299: ...can remain empty because it will be learned by receiving the CCM from the peer side On ComNet switches before they are learned the CCM frame rate cannot be changed to above 100 sec If known enter the...

Page 300: ...itch 2 Figure 5 Switch 2 Port 1 and 2 MEP Configuration 2 Edit MEP1 of switch 2 by clicking 1 under Instance of the MEP table Configure the MEP as shown and click Save or Apply Figure 6 Switch 2 MEP 1...

Page 301: ...1 and 2 of switch 3 Figure 8 Switch 3 Port 1 and 2 MEP Configuration 2 Edit MEP1 of switch 3 by clicking 1 under Instance of the MEP table Configure the MEP as shown and click Save or Apply Figure 9 S...

Page 302: ...Protection Group Switch 1 Configuration 2 Edit ERPS1 by clicking 1 Set the configuration as shown and click Save or Apply Figure 12 ERPS 1 Switch 1 Configuration 3 Click VLAN Config to edit the prote...

Page 303: ...h 2 the RPL Neighbor 1 On switch 2 click ERPS followed by Add New Protection Group Figure 15 Add New Protection Group Switch 2 Configuration 2 Edit ERPS1 by clicking 1 Configure the device as shown an...

Page 304: ...RPS on Switch 3 1 On switch 3 click ERPS followed by Add New Protection Group Figure 18 Add New Protection Group Switch3 2 Edit ERPS1 by clicking 1 No action is required on switch 3 Keep the RPL owner...

Page 305: ...88 678 9427 Ethernet Ring Protection Switching Configuration Verifying ERPS 1 Change the CCM rate starting from switch 3 Click on MEP 2 and then use the frame rate pull down to select 300 f sec Figure...

Page 306: ...CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 3 Change the CCM rate on switch 1 Click on MEP 1 and then use the frame rate pull down to select 300 f sec Figure 23 Edit MEP 1 CCM Rate Switch 1 4 Ch...

Page 307: ...CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 5 Change the CCM rate on switch 2 Click on MEP 1 and then use the frame rate pull down to select 300 f sec Figure 25 Edit MEP 1 CCM Rate Switch 2 6 Ch...

Page 308: ...n Switch 1 check ERPS status by clicking ERPS to ensure normal link status Figure 27 Switch 1 ERPS Status 8 Disconnect the normal link for switch 1 and switch 3 Figure 28 Disconnect Normal Link 9 Rest...

Page 309: ...NGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 309 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 10 After WTR timeout and clicking Refresh it should show as Idle Figure 30 Refresh ERPS S...

Page 310: ...LI Initial Switch Configuration The following commands disable STP and LLDP and they enable C Port on Port 1 and 2 on all switches Configure port 1 2 interface GigabitEthernet 1 1 2 set C Port switchp...

Page 311: ...ep mep 1 peer mep id 5 enable ccm default is 1FPS mep 1 cc 0 enable RAPS mep 1 aps 0 raps mep 2 down domain port flow 2 level 0 interface GigabitEthernet 1 2 mep 2 mep id 2 mep 2 vid 3001 mep 2 peer m...

Page 312: ...ernet 1 1 mep 1 mep id 3 mep 1 vid 3001 mep 1 peer mep id 2 mep 1 cc 0 mep 1 aps 0 raps mep 2 down domain port flow 2 level 0 interface GigabitEthernet 1 2 mep 2 mep id 4 mep 2 vid 3001 mep 2 peer mep...

Page 313: ...t 1 2 mep 2 mep id 6 mep 2 vid 3001 mep 2 peer mep id 4 mep 2 cc 0 mep 2 aps 0 raps erps 1 major port0 interface GigabitEthernet 1 1 port1 interface GigabitEthernet 1 2 erps 1 mep port0 sf 1 aps 1 por...

Page 314: ...CH SUPPORT 1 888 678 9427 INFO COMNET NET 8 TURNBERRY PARK ROAD GILDERSOME MORLEY LEEDS UK LS27 7LE T 44 0 113 307 6400 F 44 0 113 253 7462 INFO EUROPE COMNET NET MECHANICAL INSTALLATION INSTRUCTIONS...

Reviews:

No comments

Related manuals for CNGE11FX3TX8MS

Brand: D-Link Pages: 32

Brand: D-Link Pages: 6

Brand: D-Link Pages: 221

ShareCenter Pro DNS-1200-05

Brand: D-Link Pages: 68

Express Ethernetwork DI-707P

Brand: D-Link Pages: 14

Brand: Raritan Pages: 4

Brand: Lanner Pages: 109

Brand: TP-Link Pages: 2

Brand: National Instruments Pages: 130

EdgeRouter ER-8

Brand: Ubiquiti Pages: 20

Brand: Sierra Wireless Pages: 2

Brand: Hawking Pages: 21

TGXPS-1080-M12-MV Series

Brand: ORiNG Pages: 2

Brand: ADTRAN Pages: 2

Brand: BinTec Pages: 2

GigaSpire BLAST u4hm

Brand: Calix Pages: 45

Brand: Lanpro Pages: 6

Brand: Korenix Pages: 3

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands