D-Link DES-3252P - Web Smart Switch Page 60 Install Manual Download

Page: 60 / 301

Managing Device Information

Defining SNTP Authentication

Page 60

To define SNTP authentication parameters:

Click .

The

Add SNTP Authentication

page

opens:

Figure 24:

Add SNTP Authentication

Define

the Encryption Key ID

Authentication Key

, and

Trusted Key

fields.

Click

. The SNTP Authentication Key is added, and the device is updated.

Summary of Contents for DES-3252P - Web Smart Switch

Page 1: ......

Page 2: ...ed 38 Starting the D Link Embedded Web Interface 39 Understanding the D Link Embedded Web Interface 41 Using Screen and Table Options 44 Resetting the Device 46 Logging Off from the Device 47 Managing Device Information 48 Defining the System Description 49 Configuring System Time 50 Configuring Daylight Saving Time 51 Configuring SNTP 55 Defining SNTP Global Settings 57 Defining SNTP Authenticati...

Page 3: ... Tree 98 Defining Multiple Spanning Tree 100 Configuring Device Security 106 Configuring Management Security 107 Configuring Network Security 131 Configuring Network Security 134 Configuring IP Information 157 Defining IP Addresses 158 Defining Default Gateways 161 Configuring DHCP 162 Configuring ARP 164 Configuring Domain Name Servers 166 Defining DNS Host Mapping 168 Configuring Multicast Forwa...

Page 4: ...3 Managing System Logs 231 Enabling System Logs 232 Viewing the Device Memory Logs 234 Viewing the FLASH Logs 235 Defining Servers Log Parameters 236 Managing Device Diagnostics 238 Configuring Port Mirroring 239 Viewing Integrated Cable Tests 241 Viewing Optical Transceivers 242 Viewing the CPU Utilization 243 Viewing Statistics 244 Viewing Interface Statistics 244 Managing RMON Statistics 247 Ap...

Page 5: ...r The D Link Embedded Web Interface web pages are easy to use and easy to navigate In addition The D Link Embedded Web Interface pro vides real time graphs and RMON statistics to help system administrators monitor network performance This preface provides an overview to the D Link Embedded Interface User Guide and includes the following sec tions DES 3252P User Guide Overview Intended Audience ...

Page 6: ...ggregating Ports Provides information about configuring Link Aggregated Groups and LACP Section 8 Configuring VLANs Provides information about configuring and managing VLANs including information about GARP and GVRP and defining VLAN groups Section 9 Defining the Forwarding Database Provides information about configuring and managing both static and dynamic MAC addresses Section 10 Configuring Spa...

Page 7: ...utilization statistics Appendix A Device Specifications Features Provides device Specifications Features Appendix B Troubleshooting Provides basic troubleshooting for installing the device Appendix C Technical Support Provides details for contacting D Link technical support Intended Audience This guide is intended for network administrators familiar with IT concepts and terminology ...

Page 8: ... RS 232 interface This section contains descriptions for the following Front Panel Back Panel Note All Stacking references are relevant only for future releases Front Panel DES 3252P is a high performance Fast Ethernet switch that provides 48 Ports 10 100BASE TX PoE Switch with 4 10 100 1000BASE T ports and 2 combo SFP uplinks The following figure illustrates the DES 3252P front panel Figure 1 DES...

Page 9: ... are an RJ 45 ports which support half and full duplex mode 10 100Mbps Combo Copper SFP Ports 100Base FX 1000Base X Fiber Ports By offering a standard hot swappable electrical interface one gigabit ethernet port can support a wide range of physical media from copper to long wave single mode optical fiber at lengths of hundreds of kilometers is its flexibility Where multiple different optical techn...

Page 10: ...asynchronous serial console port supporting the RS 232 electrical specification The port is used to connect the device to a console managing the device This interface configuration is as follows Eight data bits One stop bit No parity Baud rate is 9600 default The range is from 9600 to 115200 bps Console speeds of 57600 and 115200 ...

Page 11: ...ack to default mode The following figure illustrates the port LEDs Figure 4 DES 3252P Port LEDs Table 1 DES 3252P Cable Specifications Cable Type Description 10 100Base TX UTP CAT 3 4 5 100 meters maximum 1000Base T UTP Cat 5e 100 meters maximum UTP Cat 5 100 meters maximum EIA TIA 568B 150 ohm STP 100 meters maximum 1000Base LX Single mode fiber module 10km 1000Base SX Multi mode fiber module 550...

Page 12: ...d to the port Amber Indicates that power cannot be provided to the device connected to the port Error occurrences Alternating Amber Green Indicates that the power exceeds maximum system s power of 375W Error occurrences Off Indicates that no device is connected to the port Table 3 DES 3252P Copper SFP Port LED Indications Port Description LED Indication Description Link Activity LED Green Indicate...

Page 13: ... LEDs LED Description LED Indication Description MS Stack support Red Indicates a master device future release Green Indicates a slave device future release Off Indicates the device is not a stack member and is currently is stand alone mode PoE Green Indicates a PoE mode Off Indicates an Ethernet mode RPS Red Indicates that the device is being powered from a Redundant Power Supply Green Indicates ...

Page 14: ...RJ 45 Ethernet station mode using straight cables Transmission devices connected to each other use crossed cables The following figure illustrates the pin allocation Figure 6 RJ 45 Pin Allocation The following table describes the pin allocation Table 6 RJ 45 Pin Connections for 10 100 1000 Base TX Pin Use 1 TxRx 1 2 TxRx 1 3 TxRx 2 4 TxRx 2 5 TxRx 3 6 TxRx 3 7 TxRx 4 8 TxRx 4 ...

Page 15: ...re illustrates the pin allocation Figure 7 Console Port Pin Allocation The following table describes the pin allocation Table 7 Pin Allocation for the Console Port Physical Dimensions The device has the following physical dimensions Width 440 mm 17 32 inch Depth 310mm 12 20 inch Height 44 mm 1 732 inch Pin Signal 1 Data Carrier Detect 2 Received Data 3 Transmitted Data 4 Data Terminal Ready 5 Sign...

Page 16: ...nents are to be serviced by trained service technicians only Ensure the power cable extension cable and or plug is not damaged Ensure the product is not exposed to water Ensure the device is not exposed to radiators and or heat sources Do not push foreign objects into the device as it may cause a fire or electric shock Use the device only with approved equipment Allow the product to cool before re...

Page 17: ...casing Unpacking This section contains information for unpacking the device and includes the following topics Package Contents Unpacking Essentials Package Contents While unpacking the device ensure that the following items are included The device Four rubber feet with adhesive backing Rack kit An AC power cable Console RS 232 cable with DB 9 connector Documentation CD Unpacking Essentials Note Be...

Page 18: ... feet on the bottom at each corner of the device Ensure the surface is be able to support the weight of the device and the device cables To install the device on a surface perform the following 1 Attach the rubber feet on the bottom of the device The following figure illustrates the rubber feet installation on the device Figure 8 Installing Rubber Feet 2 Set device down on a flat surface while lea...

Page 19: ...rack perform the following 1 Place the supplied rack mounting bracket on one side of the device ensuring the mounting holes on the device line up to the mounting holes on the rack mounting bracket The following figure illustrates where to mount the brackets Figure 9 Attaching the Mounting Brackets 2 Insert the supplied screws into the rack mounting holes and tighten with a screwdriver 3 Repeat the...

Page 20: ...ted during installation Ensure that the ventilation holes are not obstructed Note To maximize switch performance clean the fan regularly Optional Redundant Power Supply The switch supports an optional Redundant Power Supply RPS that can supply power to the switch in the event of failure of the internal power supply The DES 3252P supports only the DPS 600 device Caution The optional RPS is not hot ...

Page 21: ...ect to the device b Set the data rate to 9600 baud c Set the data format to 8 data bits 1 stop bit and no parity d Set flow control to none e Under Properties select VT100 for Emulation mode f Select Terminal keys for Function Arrow and Ctrl keys Ensure that the setting is for Terminal keys not Windows keys Note When using HyperTerminal with Microsoft Windows 2000 ensure that you have Windows 2000...

Page 22: ...n Auto negotiation allows a device to advertise modes of operation and share information with another device that shares a point to point link segment This automatically configures both devices to take maximum advantage of their abilities Auto negotiation is performed completely within the physical layers during link initiation without any additional overhead to either the MAC or higher protocol l...

Page 23: ...the power is turned on with the local terminal already connected the switch goes through Power On Self Test POST POST runs every time the device is initialized and checks hardware components to determine if the device is fully operational before completely booting If a critical problem is detected the program flow stops If POST passes successfully a valid executable image is loaded into RAM POST m...

Page 24: ... auto boot message is displayed For information on the Startup menu see Startup Menu Functions If the system boot is not interrupted by pressing Esc or Enter the system continues operation by decom pressing and loading the code into RAM The code starts running from RAM and the list of numbered system ports and their states up or down are displayed Performing the Power On Self Test POST UART Channe...

Page 25: ...47104K bytes Dram first PTR is 0x1200000 Flash size is xM Devices on SMI BUS smi dev id 16 dev type 0xd0411ab dev revision 0x1 Device configuration Prestera based Back to back system Slot 1 DB DX240 24G HW Rev xx xx Tapi Version xx x x x Core Version xx x x x 01 Jan 200x 01 01 22 INIT I InitCompleted Initialization task is completed Console 01 Jan 200x 01 01 23 LINK I Up 1 01 Jan 200x 01 01 23 LIN...

Page 26: ...IP address and subnet mask configuration and setting user name and privilege level to allow remote management If the device is to be managed from an SNMP based management station SNMP community strings must also be configured The fol lowing configurations are completed Static IP Address and Subnet Mask Static Route Configuration User Name SNMP Community strings Static IP Address and Subnet Mask IP...

Page 27: ...gent The SNMP agents maintain a list of variables used to manage the device The variables are defined in the Management Information Base MIB The MIB presents the variables controlled by the agent The SNMP agent defines the MIB specification format as well as the format used to access the information over the network Access rights to the SNMP agents are controlled by access strings and SNMP communi...

Page 28: ...s and the other private community with read write access The public string allows authorized management sta tions to retrieve MIB objects while the private string allows authorized management stations to retrieve and mod ify MIB objects During initial configuration it is recommended to configure the device according to the network administrator requirements in accordance with using an SNMP based m...

Page 29: ...d may include subnet mask and default gateway Retrieving an IP Address From a DHCP Server When using the DHCP protocol to retrieve an IP address the device acts as a DHCP client To retrieve an IP address from a DHCP server perform the following steps 1 Select and connect any port to a DHCP server or to a subnet that has a DHCP server on it in order to retrieve the IP address 2 Enter the following ...

Page 30: ...ving an IP Address From a BOOTP Server The standard BOOTP protocol is supported and enables the switch to automatically download its IP host configu ration from any standard BOOTP server in the network In this case the device acts as a BOOTP client To retrieve an IP address from a BOOTP server 1 Select and connect any port to a BOOTP server or subnet containing such a server to retrieve the IP add...

Page 31: ... from the Startup menu The procedure is appli cable for the local terminal only and allows a one time access to the device from the local terminal with no pass word entered Configuring Security Passwords Introduction The security passwords can be configured for the following services Console Telnet SSH HTTP HTTPS Passwords are user defined When creating a user name the default priority is 1 which ...

Page 32: ...jones Configuring an Initial HTTP Password To configure an initial HTTP password enter the following commands Console config aaa authentication login default line Console config aaa authentication enable default line Console config line console Console config line login authentication default Console config line enable authentication default Console config line password george Console config aaa a...

Page 33: ...ocol for updating back up configuration files To download a boot file using XModem 1 Enter the command xmodem boot The switch is ready to receive the file via the XModem protocol and dis plays text similar to the following 2 Specify the path of the source file within 20 seconds If the path is not specified within 20 seconds the com mand times out To download a software image file using XModem 1 En...

Page 34: ...w system image to the device When the new image is downloaded it is saved in the area allocated for the other copy of system image image 2 as given in the example The following is an example of the information that appears Exclamation symbols indicate that a copying process is in progress A period indicates that the copying process is timed out Many periods in a row indicate that the copying proce...

Page 35: ...an example of the information that appears 5 Enter the command reload The following message is displayed 6 Enter Y to reboot the switch Startup Menu Functions Additional configuration functions can be performed from the Startup menu To display the Startup menu 1 During the boot process after the first part of the POST is completed press Esc or Enter within two sec onds after the following message ...

Page 36: ...sfer menu click Send File The Send File window is displayed 4 Enter the file path for the file to be downloaded 5 Ensure the protocol is defined as Xmodem 6 Click Send The software is downloaded Software downloading takes several minutes The terminal emulation applica tion such as HyperTerminal may display the progress of the loading process After software downloads the device reboots automaticall...

Page 37: ...ash block to be erased and press Enter The following message is displayed 5 Confirm by pressing Y The following message is displayed Password Recovery If a password is lost use the Password Recovery option on the Startup menu The procedure enables the user to enter the device once without a password To recover a lost password for the local terminal only 1 From the Startup menu select 4 and press E...

Page 38: ...ection provides an introduction to the user interface and includes the following topics Starting the D Link Embedded Web Interface Understanding the D Link Embedded Web Interface Using Screen and Table Options Resetting the Device Logging Off from the Device ...

Page 39: ... up blockers are disabled If pop up blockers are enable edit add and device information messages may not open 3 Enter the device IP address in the address bar and press Enter The Enter Network Password Page opens Figure 11 Enter Network Password Page 4 Enter your user name and password Notes The device is configured with a user name that is admin and a password that is blank and can be configured ...

Page 40: ...Getting Started Starting the D Link Embedded Web Interface Page 40 Figure 12 D Link Embedded Web Interface Home Page ...

Page 41: ...tion or table area and configuration instructions Figure 13 D Link Embedded Web Interface Components The following table lists the user interface components with their corresponding numbers Table 9 Interface Components View Description 1 Tree View Tree View provides easy navigation through the configurable device features The main branches expand to display the sub features 2 Device View Device Vi...

Page 42: ...nterface Management Buttons Provides instructions for adding modifying and deleting configuration parameters Device Representation The D Link Embedded Web Interface Home Page contains a graphical panel representation of the device Figure 14 Device Representation 4 Zoom View Provides a graphic of the device on which D Link Web Interface runs 5 D Link Web Interface Infor mation Tabs Provide access t...

Page 43: ...he following Table 10 D Link Web Interface Configuration Buttons Button Button Name Description Clear Logs Clears system logs Create Enables creation of configuration entries Edit Modifies configuration settings Submit Saves configuration changes to the device Test Performs cable tests Query Queries the device table Table 11 D Link Web Interface Information Tabs Tab Tab Name Description Help Opens...

Page 44: ...Link Web Interface pages by opening a new Add page To add information to tables or D Link Web Interface pages 1 Open an D Link Web Interface page 2 Click System SNTP Interface Setting The Add SNTP Interface page opens 3 Click An add page opens such as the Add SNTP Interface Page Figure 15 Add SNTP Interface 4 Define the fields 4 Click The configuration information is saved and the device is update...

Page 45: ...age 5 Modify the fields 6 Click The fields are modified and the information is saved to the device Deleting Configuration Information 1 Open The D Link Embedded Web Interface page 2 Select a table row 3 Select the Remove checkbox 4 Click The information is deleted and the device is updated ...

Page 46: ...guration file to the startup configuration file before resetting the device For instructions see Copying Files To reset the device 1 Click System General Reset The Reset page opens Figure 17 Reset Page 2 Click A confirmation message is displayed Figure 18 Reset Confirmation Message 3 Click The device is reset and a prompt for a user name and password is displayed 4 Enter a user name and password t...

Page 47: ...Getting Started Logging Off from the Device Page 47 Logging Off from the Device 1 Click The Logout Page opens Figure 19 Logout Page 2 Click The D Link Embedded Web Interface Home Page closes ...

Page 48: ...formation Page 48 Section 5 Managing Device Information This section contains information for setting general system information and includes the following sections Defining the System Description Configuring System Time ...

Page 49: ...ned device name The field range is 0 160 characters System Location Defines the location where the system is currently running The field range is 0 160 characters System Contact Defines the name of the contact person The field range is 0 160 characters System Object ID Displays the vendor s authoritative identification of the network management sub system contained in the entity System Up Time Dis...

Page 50: ...g Device Information Configuring System Time Page 50 Configuring System Time This section provides information for configuring system time parameters including Configuring Daylight Saving Time Configuring SNTP ...

Page 51: ...e first Sunday in April until the last Sunday of October Daylight Saving Time is usually regulated by provincial and territorial governments Exceptions may exist in certain municipalities Cuba From the last Sunday of March to the last Sunday of October Cyprus From the last weekend of March until the last weekend of October Denmark From the last weekend of March until the last weekend of October Eg...

Page 52: ...March until the last weekend of October Russia From the last weekend of March until the last weekend of October Serbia From the last weekend of March until the last weekend of October Slovak Republic From the last weekend of March until the last weekend of October South Africa South Africa does not use Daylight Saving Time Spain From the last weekend of March until the last weekend of October Swed...

Page 53: ...c setting in a particular year complete the Daylight Savings area and for a recurring setting complete the Recurring area The possible field values are USA The device switches to DST at 2 00 a m on the first Sunday of April and reverts to standard time at 2 00 a m on the last Sunday of October European The device switches to DST at 1 00 am on the last Sunday in March and reverts to standard time a...

Page 54: ...he day of the week from which DST begins every year The possible field range is Sunday Saturday Week The week within the month from which DST begins every year The possible field range is 1 5 Month The month of the year in which DST begins every year The possible field range is Jan Dec Time The time at which DST begins every year The field format is Hour Minute For example 02 10 To The time that D...

Page 55: ...ed by the following time levels T1 The time at which the original request was sent by the client T2 The time at which the original request was received by the server T3 The time at which the server sent the client a reply T4 The time at which the client received the server s reply Polling for Unicast Time Information Polling for Unicast information is used for polling a server for which the IP add...

Page 56: ...ging Device Information Configuring SNTP Page 56 This section contains the following topics Defining SNTP Global Settings Defining SNTP Authentication Defining SNTP Servers Defining SNTP Interface Settings ...

Page 57: ...time information If both the Enable Receive Anycast Servers Update and the Enable Receive Broadcast Servers Update fields are enabled the system time is set according to the Anycast server time information The possible values are Enable Enables the device to receive Anycast server updates Disable Disables the device from receiving Anycast server updates Enable Receive Unicast Servers Updates Defin...

Page 58: ...ll Interval Enable Receive Broadcast Servers Update Enable Receive Anycast Servers Update Enable Receive Unicast Servers Update and Enable Poll Unicast Servers fields and select at least one of the Enable fields 3 Click The SNTP global settings are defined and the device is updated ...

Page 59: ...enticates SNTP sessions between the device and the SNTP server Unchecked Disables authenticating SNTP sessions between the device and the SNTP server Encryption Key ID Indicates if the encryption key identification is used to authenticate the SNTP server and device The field value is up to 4294967295 Authentication Key Indicates the key used for authentication Trusted Key Indicates the encryption ...

Page 60: ... To define SNTP authentication parameters 1 Click The Add SNTP Authentication page opens Figure 24 Add SNTP Authentication 2 Define the Encryption Key ID Authentication Key and Trusted Key fields 3 Click The SNTP Authentication Key is added and the device is updated ...

Page 61: ... Displays the encryption key identification used to communicate between the SNTP server and device The field range is 1 4294967295 Preference Indicates the SNTP server providing SNTP system time information The possible field values are Primary Indicates the primary server provides SNTP information Secondary Indicates the backup server provides SNTP information Status Displays the SNTP server oper...

Page 62: ...ng Device Information Defining SNTP Servers Page 62 Note 0 is displayed in the Encryption Key ID field the range for Servers created with authentication is 1 4294967295 2 Click The Add SNTP Server Page opens ...

Page 63: ...evice Information Defining SNTP Servers Page 63 Figure 26 Add SNTP Server Page 3 Define the SNTP Server Enable Poll Interval and Encryption Key ID fields 4 Click The SNTP Server is added and the device is updated ...

Page 64: ...ings Page contains the following fields Interface Indicates the interface on which SNTP can be enabled The possible field values are Port Indicates the specific port number on which SNTP is enabled LAG Indicates the specific LAG number on which SNTP is enabled VLAN Indicates the specific VLAN number on which SNTP is enabled Receive Servers Updates Enables the server to receive or not receive updat...

Page 65: ...evice Information Defining SNTP Interface Settings Page 65 Figure 28 Add SNTP Interface Page 3 Define the Interface and Receive Server Updates fields 4 Click The SNTP interface is added and the device is updated ...

Page 66: ...tion To prevent the current configuration from being lost save all changes from the running configuration file to the startup configuration file before resetting the device For instructions see Copying Files To reset the device 1 Click System General Reset The Reset page opens Figure 29 Reset Page 2 Click A confirmation message is displayed ...

Page 67: ...ld val ues are Up Indicates the port is currently operating Down Indicates the port is currently not operating Port Speed Displays the configured rate for the port The port type determines what speed setting options are available Port speeds can only be configured when auto negotiation is disabled The possible field values are 10 Indicates the port is currently operating at 10 Mbps 100 Indicates t...

Page 68: ...ht through Ethernet cable can be used and the pairs are matched up properly When two hubs or switches are con nected to each other or two end stations are connected to each other a crossover cable is used to ensure that the correct pairs are connected The possible field values are Auto Use to automatically detect the cable type MDI Media Dependent Interface Use for end stations MDIX Media Dependen...

Page 69: ...activate Suspended Port or Reactivate Suspended LAG fields Select Reactivate Suspended Port or Reac tivate Suspended LAG fields to return a suspended port or LAG to active status Figure 31 Port Configuration Settings Page 3 Modify the Admin Speed Admin Duplex and Admin Advertisement fields 4 Click The parameters are saved and the device is updated ...

Page 70: ...s Page The Interface Properties Page is contains the following fields Interface Displays the port number Port Type Displays the port type The possible field values are Copper Indicates the port has a copper port connection Fiber Indicates the port has a fiber optic port connection Description Provides a user defined port description To edit the port properties 1 Click Basic Setup Interface Interfa...

Page 71: ...Configuring Ports Viewing Port Properties Page 71 Figure 33 Port Properties Page 3 Define the Port and Description fields 4 Click The interface properties are modified and the device is updated ...

Page 72: ...e A VLAN is not configured on the port The port is not assigned to a different LAG Auto negotiation mode is not configured on the port The port is in full duplex mode All ports in the LAG have the same ingress filtering and tagged modes All ports in the LAG have the same back pressure and flow control modes All ports in the LAG have the same priority All ports in the LAG have the same transceiver ...

Page 73: ...the LAG number Name Displays the user defined LAG name on which LACP is enabled Link State Displays the link operational status Members Displays the ports configured to the LAG In addition to the fields appearing on the LAG Membership Page the LAG Membership Settings Page contains the following fields LACP Indicates if LACP is enabled on LAG The possible field values are Checked Enables LACP on th...

Page 74: ...ed Setup Interface LACP Parameters The LACP Parameters Page opens Figure 35 LACP Parameters Page The LACP Parameters Page contains the following fields LACP System Priority Specifies system priority value The field range is 1 65535 The field default is 1 Port Displays the port number to which timeout and priority values are assigned Port Priority Displays the LACP priority value for the port The f...

Page 75: ...Aggregating Ports Configuring LACP Page 75 Figure 36 LACP Parameters Settings Page 3 Edit the Port Priority and LACP Timeout fields 4 Click The LACP settings are saved and the device is updated ...

Page 76: ...VLAN a Layer 3 router working at a protocol level is required to allow traffic flow between VLANs Layer 3 routers identify segments and coordinate with VLANs VLANs are Broadcast and Multicast domains Broadcast and Multicast traffic is transmitted only in the VLAN in which the traffic is generated VLAN tagging provides a method of transferring VLAN information between VLAN groups VLAN tagging attac...

Page 77: ...splay ID Displays the VLAN ID Name Displays the user defined VLAN name Type Displays the VLAN type The possible field values are Dynamic Indicates the VLAN was dynamically created through GARP Static Indicates the VLAN is user defined Default Indicates the VLAN is the default VLAN Authenticated VLAN Indicates whether unauthorized users can access a Guest VLAN The possible field values are Enable E...

Page 78: ...8 Figure 38 Add VLAN Page 3 Define the VLAN ID and VLAN Name fields 4 Click The VLAN ID is defined and the device is updated To edit the VLAN Settings 1 Click System VLAN Membership Properties The Edit VLAN Page opens 2 Click The Edit VLAN Page opens ...

Page 79: ...Configuring VLANs Defining VLAN Properties Page 79 Figure 39 Edit VLAN Page 3 Edit the VLAN Name and Disable Unauthenticated VLAN fields 4 Click The VLAN Settings are saved and the device is updated ...

Page 80: ...field values are Dynamic Indicates the VLAN was dynamically created through GARP Static Indicates the VLAN is user defined Default Indicates the VLAN is the default VLAN Port Indicates the port membership LAG Indicates the LAG membership Untagged Brown Indicates the interface is an untagged VLAN member Packets forwarded by the inter face are untagged Tagged Red Indicates the interface is a tagged ...

Page 81: ...d VLAN When a port is in Access mode the packet types which are accepted on the port cannot be designated Ingress filtering cannot be enabled or disabled on an access port Trunk Indicates the port belongs to VLANs in which all ports are tagged except for one port that can be untagged PVE Promiscuous Indicates the port is part of a PV Promiscuous VLAN PVE Isolated Indicates the port is part of a PV...

Page 82: ...ected as the Reserved VLAN is not being used by the system 2 Select a port 3 Click The VLAN Interface Settings Page opens Figure 42 VLAN Interface Settings Page 4 Define the Interface Port VLAN Mode Dynamic PVID Frame Type Ingress Filtering Current Reserved VLAN and Reserve VLAN for Internal Use fields 5 Click The VLAN interface settings are modified and the device is updated ...

Page 83: ...he leave time Set the same GARP timer values on all Layer 2 connected devices If the GARP timers are set differently on the Layer 2 connected devices the GARP application does not operate successfully To define GARP on the device 1 Click Basic Setup VLAN GARP GARP Parameters The GARP Parameters Page opens Figure 43 GARP Parameters Page The GARP Parameters Page contains the following fields Unit No...

Page 84: ...ntiseconds that all device waits before leaving the GARP state The leave all time must be greater than the leave time The default value is 1000 centisec onds 2 Click The GARP Parameters Settings Page opens Figure 44 GARP Parameters Settings Page 3 Modify the Interface Join Timer centiseconds Leave Timer centiseconds and Leave All Timer centisec onds fields 4 Click The GARP parameters are defined a...

Page 85: ...field definitions are the same The GVRP Parameters Page contains the following fields Unit No Displays the stacking member for which the GVRP parameters are displayed GVRP Global Status Indicates if GVRP is enabled on the device The possible field values are Enable Enables GVRP on the selected device Disable Disables GVRP on the selected device Interface DIsplays the port on which GVRP is enabled ...

Page 86: ...eld values are Enable Enables GVRP registration on the device Disable Disables GVRP registration on the device 2 Click The GVRP Parameters Settings Page opens Figure 46 GVRP Parameters Settings Page 3 Define the GVRP State Dynamic VLAN Creation and GVRP Registration fields 4 Click The GVRP Interface parameters are sent and the device is updated ...

Page 87: ...nfig ured manually An address becomes associated with a port by learning the port from the frame s source address but if a frame that is addressed to a destination MAC address is not associated with a port that frame is flooded to all relevant VLAN ports To prevent the bridging table from overflowing a dynamic MAC address from which no traffic arrives for a set period is erased This section contai...

Page 88: ...ry refers Interface Displays the interface to which the entry refers To prevent static MAC addresses from being deleted when the device is reset ensure that the port to which the MAC address is assigned is locked Port The specific port number to which the forwarding database parameters refer LAG The specific LAG number to which the forwarding database parameters refer Status Displays how the entry...

Page 89: ...tabase Entries Page 89 2 Click The Add Forwarding Database Page opens Figure 48 Add Forwarding Database Page 3 Define the Interface MAC Address VLAN ID or VLAN Name and Status fields 4 Click The forwarding database information is modified and the device is updated ...

Page 90: ...ctly forwarded to the ports The Dynamic Address Table can be sorted by interface VLAN and MAC Address To configure the Dynamic MAC Address table 1 Click Advanced Setup Forwarding Database Dynamic Addresses The Dynamic Addresses Page opens Figure 49 Dynamic Addresses Page The Dynamic Addresses Page contains the following fields Aging Interval Specifies the amount of time the MAC Address remains in ...

Page 91: ...d by address VLAN or interface Define the fields 3 Click The Dynamic Address Aging field is defined and the device is updated To query the Dynamic MAC Address Table 1 Click Advanced Setup Forwarding Database Dynamic Addresses The Dynamic Addresses Page opens 2 Select a port MAC Address and VLAN ID 3 Select an Address Table Sort Key 4 Click The Dynamic MAC Address Table is queried and the results a...

Page 92: ...and eliminating loops For more infor mation on configuring Classic STP see Defining Classic Spanning Tree Rapid STP Detects and uses network topologies that provide faster convergence of the spanning tree without creating forwarding loops For more information on configuring Rapid STP see Defining Rapid Span ning Tree Multiple STP Provides various load balancing scenarios For example if port A is b...

Page 93: ... STP on the device Disable Disables STP on the device STP Operation Mode Specifies the STP mode that is enabled on the device The possible field values are Classic STP Enables Classic STP on the device This is the default value Rapid STP Enables Rapid STP on the device Multiple STP Enables Multiple STP on the device BPDU Handling Determines how BPDU packets are managed when STP is disabled on the ...

Page 94: ...messages The default Maximum Age Time is 20 seconds Forward Delay 4 30 Specifies the device Forward Delay Time The Forward Delay Time is the amount of time in seconds a bridge remains in a listening and learning state before forwarding packets The default is 15 seconds Bridge ID Identifies the Bridge priority and MAC address Root Bridge ID Identifies the Root Bridge priority and MAC address Root P...

Page 95: ...bled for a port the Port State is automatically placed in the Forwarding state when the port link is up Fast Link optimizes the STP protocol convergence STP convergence can take 30 60 seconds in large networks Port State Displays the current STP state of a port If enabled the port state determines what forwarding action is taken on traffic Possible port states are Disabled Indicates that STP is cu...

Page 96: ...outed Priority Priority value of the port The priority value influences the port choice when a bridge has two ports connected in a loop The priority value is between 0 240 The priority value is determined in increments of 16 Designated Bridge ID Indicates the bridge priority and the MAC Address of the designated bridge Designated Port ID Indicates the selected port D Link priority and interface De...

Page 97: ...ee Defining STP on Interfaces Page 97 3 Select Enable in the STP field 4 Define the Fast Link Enable Root Guard Path Cost Default Path Cost and Priority fields 5 Click STP is enabled on the interface and the device is updated ...

Page 98: ...nabled on the interface The possible field values are Enabled Enables RSTP on the device Disabled Disables RSTP on the interface This is the default value Role Displays the port role assigned by the STP algorithm to provide to STP paths The possible field val ues are Root Provides the lowest cost path to forward packets to the root switch Designated The port or LAG through which the designated swi...

Page 99: ...CP the originating P2P sends Network Control Protocol NCP packets to select and configure one or more network layer protocols When each of the chosen network layer protocols has been configured packets from each network layer protocol can be sent over the link The link remains configured for communications until explicit LCP or NCP packets close the link or until some external event occurs This is...

Page 100: ...perties Page The MSTP Properties Page contains the following fields Region Name User defined STP region name Revision An unsigned 16 bit number that identifies the revision of the current MSTP configuration The revision number is required as part of the MSTP configuration The possible field range is 0 65535 Max Hops Specifies the total number of hops that occur in a specific region before the BPDU...

Page 101: ...etup Spanning Tree MSTP Instance Settings The MSTP Instance Settings Page opens Figure 56 MSTP Instance Settings Page The MSTP Instance Settings Page contains the following fields Instance ID Specifies the VLAN group to which the interface is assigned Included VLAN Maps the selected VLANs to the selected instance Each VLAN belongs to one instance Bridge Priority Specifies the selected spanning tre...

Page 102: ...figuring Spanning Tree Defining Multiple Spanning Tree Page 102 Figure 57 VLAN Instance Configuration Table 3 Define the Instance ID field 4 Click The MSTP Instances are assigned and the device is updated ...

Page 103: ...re Port Specifies the port for which the MSTP settings are displayed LAG Specifies the LAG for which the MSTP settings are displayed Port State Indicates whether the port is enabled for the specific instance The possible field values are Enabled Enables the port for the specific instance Disabled Disables the port for the specific instance Type Indicates whether the port is a Boundary or Master po...

Page 104: ...device The possible field values are Classic STP Classic STP is enabled on the device This is the default value Rapid STP Rapid STP is enabled on the device Multiple STP Multiple STP is enabled on the device Interface Priority Defines the interface priority for the specified instance The default value is 128 Path Cost Indicates the port contribution to the Spanning Tree instance The range should a...

Page 105: ... Spanning Tree Defining Multiple Spanning Tree Page 105 Figure 59 MSTP Interface Table 3 Define the Port Priority and the Path Cost fields 4 Click The MSTP interface settings are defined and the device is updated ...

Page 106: ...curity This section provides access to security pages that contain fields for setting security parameters for ports device management methods users and server security This section contains the following topics Configuring Management Security Configuring Network Security ...

Page 107: ...is section includes the following topics Configuring Authentication Methods Configuring Passwords Configuring Authentication Methods This section provides information for configuring device authentication methods This section includes the topics Defining Access Profiles Defining Profile Rules Defining Authentication Profiles Mapping Authentication Methods Defining RADIUS Settings ...

Page 108: ... access the switch module only via an HTTPS session while User Group 2 can access the switch module via both HTTPS and Telnet sessions The Access Profile Page contains the currently configured access profiles and their activity status Assigning an access profile to an interface denies access via other interfaces If an access profile is assigned to any interface the device can be accessed by all in...

Page 109: ...or which the rule is defined Users with this access profile can access the device using the management method selected The possible field values are All Assigns all management methods to the rule Telnet Assigns Telnet access to the rule If selected users accessing the device using Telnet meeting access profile criteria are permitted or denied access to the device Secure Telnet SSH Assigns SSH acce...

Page 110: ...applies The Source IP Address field is valid for a subnetwork Network Mask Specifies the source IP address subnetwork mask Prefix Length Specifies the number of bits in IP address prefix bits of IP address vs bits of Prefix of IP address Action Indicates if management access is permitted or denied to the interface The possible field values are Permit Permits access to the specified interface Deny ...

Page 111: ... Page The Profile Rules Page contains the following fields Access Profile Name Displays the access profile to which the rule is attached Priority Defines the rule priority When the packet is matched to a rule user groups are either granted per mission or denied device management access The rule number is essential to matching packets to rules as packets are matched on a first fit basis Interface I...

Page 112: ...NMP access to the rule If selected users accessing the device using SNMP meeting access profile criteria are permitted or denied access to the device Source IP Address Defines the interface source IP address to which the rule applies Prefix Length Defines the number of bits that comprise the source IP address prefix or the network mask of the source IP address Action Defines the action attached to...

Page 113: ...System Management Security Authentication Profile Rules The Access Profile Page opens 2 Click The Profile Rule settingsProfile Rule settingsProfile Rule settings opens Figure 64 Profile Rule settingsProfile Rule settings 3 Modify the fields 4 Click The profile rule is modified and the device is updated ...

Page 114: ...thentication Profile Page opens Figure 65 Authentication Profile Page The Authentication Profile Page contains the following fields Profile Name Contains a list of user defined authentication profile lists to which user defined authentica tion profiles are added Methods Defines the user authentication methods The possible field values are None Assigns no authentication method to the authentication...

Page 115: ...d Maintains the authentication profiles 2 Click The Add Authentication Profile Page opens Figure 66 Add Authentication Profile Page 3 Define the Profile Method Profile Name and Authentication Methods fields 4 Click The authentication profile is defined and the device is updated ...

Page 116: ...ent Security Authentication Authentication Profiles The Authentication Profile Page opens 2 Click The Authentication Profile Settings Page opens Figure 67 Authentication Profile Settings Page 3 Select an authentication method from the Optional Methods list 4 Click The authentication method is selected and the device is updated ...

Page 117: ...e order by which the authentication methods are used To map authentication methods 1 Click System Management Security Authentication Authentication Mapping The Authentication Mapping Page opens Figure 68 Authentication Mapping Page The Authentication Mapping Page contains the following fields Console Indicates that Authentication profiles are used to authenticate console users Telnet Indicates tha...

Page 118: ...urs at the Local server HTTP Optional Methods Indicates that Authentication methods are used for HTTP access Possible field values are None Indicates that no authentication method is used for access RADIUS Indicates that Authentication occurs at the RADIUS server TACACS Indicates that authentication occurs at the TACACS server Local Indicates that authentication occurs at the Local server 2 Define...

Page 119: ...ansmitted requests sent to the RADIUS server before a failure occurs Possible field values are 1 10 The default value is 3 Timeout for Reply Defines the amount of time in seconds the device waits for an answer from the RADIUS server before retrying the query or switching to the next server Possible field values are 1 30 The default value is 3 Dead Time Defines the default amount of time in minutes...

Page 120: ...is the default value Dead Time Defines the amount of time in minutes that a RADIUS server is bypassed for service requests The range is 0 2000 The default is 0 minutes Key String Defines the authentication and encryption key for communications between the device and the server This key must match the encryption used on the server Source IP Address Defines the source IP address that is used for com...

Page 121: ...uring Management Security Page 121 Figure 70 Add Radius Server Page 3 Define the Host IP Address Priority Authenticated Port Timeout for Reply Dead Time and Usage Type fields 4 Click The RADIUS server is added and the device is updated ...

Page 122: ...cation Radius The RADIUS Page opens 2 Click The RADIUS Server Settings Page opens Figure 71 RADIUS Server Settings Page 3 Define the Host IP Address Priority Source IP Address Key String Number of Retries Authentication Port Timeout for Reply Dead Time and Usage Type fields 4 Click The RADIUS server settings are saved and the device is updated ...

Page 123: ...integrity through encrypted protocol exchanges between the client and TACACS server The TACACS default parameters are user assigned defaults The default settings are applied to newly defined TACACS servers If default values are not defined the system defaults are applied to the new TACACS new servers To define TACACS authentication settings 1 Click System Management Security Authentication TACACS ...

Page 124: ... field range is 1 30 seconds Single Connection Maintains a single open connection between the device and the TACACS server The possible field values are Checked Enables a single connection Unchecked Disables a single connection Status Indicates the connection status between the device and the TACACS server The possible field values are Connected Indicates there is currently a connection between th...

Page 125: ...ice is updated To edit a TACACS server settings 1 Click System Management Security Authentication TACACS The TACACS Page opens 2 Select TACACS server entry 3 Click The Add TACACS Host Page opens Figure 74 TACACS Host Settings Page 4 Define the fields 5 Click The TACACS host settings are saved and the device is updated ...

Page 126: ... Local User Page To define local users 1 Click System Management Security Passwords Local Users The Local User Page opens Figure 75 Local User Page The Local User Page contains the following fields User Name Displays the user name Access Level Displays the user access level The lowest user access level is 1 and the highest is 15 Users with access level 15 are Privileged Users Remove Removes the us...

Page 127: ...e following fields Password Defines the local user password Local user passwords can contain up to 159 characters Confirm Password Verifies the password The password displays in a format To edit the settings for a local user 1 Click System Management Security Passwords Local Users The Local User Page opens 2 Click The Local User Settings Page opens Figure 77 Local User Settings Page ...

Page 128: ...Configuring Device Security Configuring Management Security Page 128 3 Define the User Name Access Level Password and Confirm Password fields ...

Page 129: ...ssing the device via a Console session Pass words can contain a maximum of 159 characters Telnet Line Password Defines the line password for accessing the device via a Telnet session Pass words can contain a maximum of 159 characters Secure Telnet Line Password Defines the line password for accessing the device via a secure Telnet session Passwords can contain a maximum of 159 characters Confirm P...

Page 130: ...assword Page opens Figure 79 Enable Password Page The Enable Password Page contains the following fields Level Defines the access level associated with the enable password Possible field values are 1 15 Password Defines the enable password Confirm Password Confirms the new enable password The password appears in the format 2 Define the Select Enable Access Level Password and Confirm Password field...

Page 131: ...pecifies the server that performs the authentication on behalf of the authentica tor and indicates whether the supplicant is authorized to access system services Port based authentication creates two access states Controlled Access Permits communication between the supplicant and the system if the supplicant is authorized Uncontrolled Access Permits uncontrolled communication regardless of the por...

Page 132: ...fails or an EAPOL logoff message is received all attached clients are denied access to the network Guest VLANs Provides limited network access to authorized ports If a port is denied network access via port based authorization but the Guest VLAN is enabled the port receives limited network access For exam ple a network administrator can use Guest VLANs to deny network access via port based authent...

Page 133: ...ity Configuring Network Security Page 133 Defining Network Authentication Properties 4 Define the Select Enable Access Level Password and Confirm Password fields 5 Click The enable password is defined and the device is updated ...

Page 134: ...Authentication Properties Page allows network managers to configure network authentication parameters In addition Guest VLANs are enabled from the Security Suite Authentication Properties Page To define the network authentication properties 1 Click Advanced Setup Security Suite Authentication Properties The Security Suite Authentication Properties Page opens Figure 80 Security Suite Authentication...

Page 135: ...ion method is used to authenticate the port Guest VLAN Specifies whether the Guest VLAN is enabled on the device The possible field values are Enable Enables using a Guest VLAN for unauthorized ports If a Guest VLAN is enabled the unauthorized port automatically joins the VLAN selected in the VLAN List field Disable Disables port based authentication on the device This is the default Guest VLAN ID...

Page 136: ...ort based authentication on the device The interface moves between an authorized or unauthorized state based on the authentication exchange between the device and the client Authorized Places the interface into an authorized state without being authenticated The interface re sends and receives normal traffic without client port based authentication Unauthorized Denies the selected interface system...

Page 137: ...ult is 30 seconds Max EAP Requests Displays the total amount of EAP requests sent If a response is not received after the defined period the authentication process is restarted The field default is 2 retries Supplicant Timeout Indicates the amount of time that lapses before EAP requests are resent to the sup plicant The field value is in seconds The field default is 30 seconds Server Timeout Defin...

Page 138: ...Configuring Device Security Configuring Network Security Page 138 4 Click The port authentication settings are defined and the device is updated ...

Page 139: ...lock security on the selected port The possible field values are Multiple Multiple hosts are enabled Single Multiple hosts are disabled and single hosts are displayed Action on Violation Defines the action to be applied to packets arriving in single host mode from a host whose MAC address is not the supplicant MAC address The possible field values are Forward Forwards the packet Discard Discards t...

Page 140: ...Authorized and clients have full port access Single host Lock Indicates that the port control is Auto and a single client has been authenticated via the port No Single Host Indicates that Multiple Host is enabled Number of Violations Indicates the number of packets that arrived on the interface in single host mode from a host whose MAC address is not the supplicant MAC address 2 Click The Multiple...

Page 141: ...the following fields User Name Lists the supplicants that were authenticated and are permitted on each port Port Displays the port number Session Time Displays the amount of time in seconds the supplicant was logged on the port Authentication Method Displays the method by which the last session was authenticated The possible field values are Remote 802 1x authentication is not used on this port po...

Page 142: ...he following filters can be defined as ACEs Source Port IP Address and Wildcard Mask Filters the packets by the Source port IP address and wild card mask Destination Port IP Address and Wildcard Mask Filters the packets by the Source port IP address and wildcard mask ACE Priority Filters the packets by the ACE priority Protocol Filters the packets by the IP protocol DSCP Filters the packets by the...

Page 143: ... and Wildcard Mask Filters the packets by the Source port IP address and wild card mask Destination Port IP Address and Wildcard Mask Filters the packets by the Source port IP address and wildcard mask ACE Priority Filters the packets by the ACE priority Protocol Filters the packets by the IP protocol DSCP Filters the packets by the DiffServ Code Point DSCP value IP Precedence Filters the packets ...

Page 144: ... and the wildcard mask is 255 36 184 00 the first eight bits of the IP address are ignored while the last eight bits are used Destination IP Address Matches the destination port IP address to which packets are addressed to the ACE Wildcard Mask Defines the destination IP address wildcard mask Select either Match DSCP or Match IP Precedence Source Port Defines the TCP UDP source port to which the A...

Page 145: ...nd which are ignored A wildcard mask of FF FF FF FF FF FF indicates that no bit is important A wildcard of 00 00 00 00 00 00 00 indicates that all bits are important For example if the source MAC address is 00 AB 22 11 33 00 and the wildcard mask is 00 00 00 00 00 FF the first two bits of the MAC are used while the last two bits are ignored 3 Define the ACL Name New Priority Protocol Source Port D...

Page 146: ...igure 88 IP Based ACL Settings 4 Modify the ACL Name New Priority Protocol Source Port Destination Port Source IP Interface Destination Port WIldcard Mask Match DSCP Match IP Precedence and Action field 5 Click The IP based protocol is defined and the device is updated ...

Page 147: ...e MAC based ACLs Priority Indicates the ACE priority which determines which ACE is matched to a packet on a first match basis The possible field values are 1 2147483647 Source MAC Address Matches the source MAC address to which packets are addressed to the ACE Destination MAC Address Matches the destination MAC address to which packets are addressed to the ACE VLAN ID 1 4063 4095 Matches the packe...

Page 148: ...DD MAC Based ACL Page contains the following additional fields New ACE Priority Defines the new ACE priority which determines which ACE is matched to a packet on a first match basis The possible field values are 1 2147483647 3 Define the ACL Name New Priority Protocol Source MAC Address Destination MAC Address Wildcard Masks VLAN ID CoS CoS Mask Ether Type and Action fields 4 Click The IP based pr...

Page 149: ... is defined and the device is updated Binding Device Security ACLs When an ACL is bound to an interface all the ACE rules that have been defined are applied to the selected inter face Whenever an ACL is assigned on a port LAG or VLAN flows from that ingress interface that do not match the ACL are matched to the default rule which is Drop unmatched packets To bind ACLs to interfaces 1 Click Securit...

Page 150: ...erface To Row Number s Copies the ACL information to the defined interface Interface Indicates the interface to which the ACL is bound ACL Name Indicates the ACL which is bound the interface Remove Unbinds the selected ACL from the interface The possible field values are Checked Unbinds the ACL and interface Unchecked Maintains the ACL and interface binding 2 Select an interface 3 Click The ACL Bi...

Page 151: ...Configuring Device Security Configuring Network Security Page 151 Figure 93 ACL Binding Settings Page 4 Define the Select ACL field 5 Click The ACL is bound the interface and the device is updated ...

Page 152: ...Configuring Network Security Page 152 Configuring Traffic Control This section contains information for managing both port security and storm control and includes the following topics Managing Port Security Enabling Storm Control ...

Page 153: ...oked and can provide various options Unauthorized packets arriving at a locked port are either Forwarded Discarded with no trap Discarded with a trap Shuts down the port Locked port security also enables storing a list of MAC addresses in the configuration file The MAC address list can be restored after the device has been reset Disabled ports are activated from the Port Security Page To define po...

Page 154: ...The Max Entries field is enabled only if Locked is selected in the Set Port field In addition the Limited Dynamic Lock mode is selected The default is 1 Action Indicates the action to be applied to packets arriving on a locked port The possible field values are Forward Forwards packets from an unknown source without learning the MAC address Discard Discards packets from any unlearned source This i...

Page 155: ...e and the rate the packets are transmitted The system measures the incoming Broadcast and Multicast frame rates separately on each port and discards the frames when the rate exceeds a user defined rate The Storm Control Page provides fields for configuring broadcast storm control To enable storm control 1 Click Advanced Setup Security Suite Traffic Control Storm Control The Storm Control Page open...

Page 156: ...cast Only Counts only Broadcast traffic Broadcast Rate Threshold Indicates the maximum rate kilobytes per second at which unknown packets are forwarded The range is 0 1 000 000 The default value is zero All values are rounded to the nearest 64 Kbps If the field value is under 64 Kbps the value is rounded up to 64 Kbps with the exception of the value zero 2 Click The Storm Control Settings Page ope...

Page 157: ...ring IP Information This section contains information for defining IP interfaces and includes the following sections Defining IP Addresses Defining Default Gateways Configuring DHCP Configuring ARP Configuring Domain Name Servers Defining DNS Host Mapping ...

Page 158: ...nterface Page The IP Interface Page contains the following fields IP Address Displays the currently configured IP address Mask Displays the currently configured IP address mask Interface Displays the interface to which the IP address is assigned The interface is displayed according to the user defined interface name or port number Type Indicates if the IP address has been configured statically or ...

Page 159: ...ork Mask or Prefix Length and Interface fields 4 Click The IP configuration fields are saved and the device is updated To modify an IP interface 1 Click Basic Setup IP Configuration IP Addressing IP Interface The IP Interface Page opens 2 Click The IP Interface Settings Page opens Figure 100 IP Interface Settings Page ...

Page 160: ...Configuring IP Information Defining IP Addresses Page 160 3 Modify the IP Address Network Mask or Prefix Length and Interface fields 4 Click The IP Interface is modified and the device is updated ...

Page 161: ...Default Gateway Page opens Figure 101 Default Gateway Page The Default Gateway Page contains the following fields User Defined Default Gateway Defines the default gateway IP address Active Default Gateway Indicates if the default gateway is active The possible field values are Remove User Defined Removes the default gateway The possible field values are Checked Removes the selected default gateway...

Page 162: ...etwork To define a DHCP Interface 1 Click Basic Setup IP Configuration IP Addressing DHCP The DHCP Page opens Figure 102 DHCP Page The DHCP Page contains the following fields Interface Displays the interface that is connected to the DHCP server Host Name Displays the system Host Name Remove Removes DHCP interfaces The possible field values are Checked Removes the selected DHCP interface Unchecked ...

Page 163: ...Configuring IP Information Configuring DHCP Page 163 Figure 103 Add DHCP IP Interface Page 3 Define the Interface and Host Name fields 4 Click The DHCP interface is added and the device is updated ...

Page 164: ...lear ARP Table Entries Specifies the types of ARP entries that are cleared The possible values are None Maintains the ARP entries All Clears all ARP entries Dynamic Clears only dynamic ARP entries Static Clears only static ARP entries Interface Displays the interface type for which ARP parameters are displayed The possible field values are Port Indicates the port for which ARP parameters are defin...

Page 165: ... the ARP Entry Age Out and Clear ARP Table Entries fields 3 Click The ARP parameters are defined and the device is updated To create a new ARP entry 1 Click Basic Setup IP Configuration IP Addressing ARP The ARP Page opens 2 Click The Add ARP Settings Page opens Figure 105 Add ARP Settings Page 3 Define the Interface IP Address and MAC Address fields 4 Click The ARP interface is added and the devi...

Page 166: ...ost Mapping Defining DNS Servers The DNS Server Page contains fields for enabling and activating specific DNS servers To enable a DNS server 1 Click Basic Setup IP Configuration Domain Name System DNS Server The DNS Server Page opens Figure 106 DNS Server Page The DNS Server Page contains the following fields Enable DNS Enables translating the DNS names into IP addresses The possible field values ...

Page 167: ...emoves DNS Servers from the DNS Server list The possible field values are Checked Removes the selected server Unchecked Maintains the current server list 2 Select Enable DNS Status 3 Define the Default Domain Name and Active Server fields 4 Click The DNS server is enabled and the device is updated To add a new DNS Server 1 Click Basic Setup IP Configuration Domain Name System DNS Server The DNS Se...

Page 168: ...S Host Mapping Page opens Figure 108 DNS Host Mapping Page The DNS Host Mapping Page contains the following fields Host Names Displays a user defined default domain name The Host Name field can contain up to 158 characters IP Address Displays the DNS host IP address Remove Removes default domain names The possible field values are Checked Removes the selected DNS host mapping Unchecked Maintains t...

Page 169: ...Configuring IP Information Defining DNS Host Mapping Page 169 Figure 109 Add DNS Host Page 3 Define the Host Name and IP Address fields 4 Click The DNS host is added and the device is updated ...

Page 170: ...Database and forwarded only to the registered ports Unregistered Multicast traffic If traffic addressed to an unregistered multicast group is seen it is handled by a special entry in the Multicast Filtering Database The default setting of this is to flood all such traffic traffic in unregistered multicast groups The device supports Forwarding L2 Multicast Packets Enabled by default and not configu...

Page 171: ...age opens Figure 110 IGMP Snooping Page The IGMP Snooping Page contains the following fields Enable IGMP Snooping Status Indicates if IGMP Snooping is enabled on the device IGMP Snooping can be enabled only if Bridge Multicast Filtering is enabled The possible field values are Checked Enables IGMP Snooping on the device Unchecked Disables IGMP Snooping on the device VLAN ID Specifies the VLAN ID I...

Page 172: ... the IGMP group and not receiving a Join message from another station before timing out If a Leave Timeout occurs the switch notifies the Multicast device to stop sending traffic The Leave Timeout value is either user defined or an immediate leave value The default timeout is 10 seconds 2 Check the Enable IGMP Snooping Status checkbox 3 Click The Multicast Global Parameters Settings Page opens Fig...

Page 173: ...Enables Bridge Multicast Filtering Indicate if bridge Multicast filtering is enabled on the device The pos sible field values are Checked Enables Multicast filtering on the device Unchecked Disables Multicast filtering on the device If Multicast filtering is disabled Multicast frames are flooded to all ports in the relevant VLAN Disabled is the default value VLAN ID Identifies a VLAN and contains ...

Page 174: ...ulticast Group Page opens Figure 113 Add Multicast Group Page 3 Define the VLAN ID Bridge Multicast IP Address and Bridge Multicast MAC Address fields 4 Select ports to join the Multicast group 5 Define the Multicast port settings 6 Click The Multicast group is defined and the device is updated ...

Page 175: ...fine Multicast forward all settings 1 Click Advanced Setup Multicast Support Bridge Multicast Multicast Forward All The Multicast Forward All Page opens Figure 114 Multicast Forward All Page The Multicast Forward All Page contains the following fields VLAN ID DIsplays the VLAN for which Multicast parameters are displayed Ports Ports that can be added to a Multicast service The are the Multicast se...

Page 176: ...cessity of placing network devices next to power sources Power over Ethernet can be used with IP Phones Wireless Access Points IP Gateways PDAs Audio and video remote monitoring Powered Devices are devices which receive power from the device power supplies for example IP phones Pow ered Devices are connected to the device via Ethernet ports This section includes the following topics Defining PoE S...

Page 177: ...hat the power supply unit is functioning but an error has occurred For example a power overload or a short circuit Nominal Power Indicates the actual amount of power the device can supply The field value is displayed in Watts Consumed Power Indicates the amount of the power used by the device The field value is displayed in Watts System Usage Threshold Indicates the percentage of power consumed be...

Page 178: ... the default settings Never Disables the Device Discovery protocol and stops the power supply to the device using the PoE module Operation Status Indicates if the port is enabled to work on PoE The possible field values are On Indicates the device is delivering power to the interface Off Indicates the device is not delivering power to the interface Test Fail Indicates the powered device test has f...

Page 179: ...face Edit Page opens Figure 117 PoE Interface Edit Page In addition to the fields in the PoE Interface Page the PoE Interface Edit Page contains the following additional fields Overload Counter Indicates the total power overload occurrences Short Counter Indicates the total power shortage occurrences Denied Counter Indicates times the powered device was denied power Absent Counter Indicates the ti...

Page 180: ... the Run ning Configuration file are lost During the startup process all commands in the Startup file are copied to the Running Configuration File and applied to the device During the session all new commands entered are added to the commands existing in the Running Configuration file Commands are not overwritten To update the Startup file before powering down the device the Running Configuration ...

Page 181: ...Firmware Download Configuration Download Firmware Download The Firmware Download section contains the following fields Firmware Download Indicates that the download is for firmware If Firmware Download is selected the Configuration Download fields are grayed out TFTP Server IP Address Specifies the TFTP Server IP Address from which files are downloaded Source File Name Specifies the file to be dow...

Page 182: ...ame Specifies the configuration files to be downloaded Destination File Specifies the destination file to which to the configuration file is downloaded The possi ble field values are New File Name Downloads commands to a new Configuration file Running Configuration Downloads commands into the Running Configuration file Startup Configuration Downloads the Startup Configuration file and overwrites t...

Page 183: ...e Upload Type section contains the following fields Firmware Upload Specifies that the software image file is uploaded If Firmware Upload is selected the Configuration Upload fields are grayed out Configuration Upload Specifies that the Configuration file is uploaded If Configuration Upload is selected the Software Image Upload fields are grayed out Software Image Upload The Software Image Upload ...

Page 184: ... tem can store up to five configuration files Transfer file name Specifies the Configuration file name that is uploaded In addition to the Startup and Running Configuration files the Transfer file name field contains the five defined destination files The possi ble field values are Running Configuration Uploads the Running Configuration file Startup Configuration Uploads the Startup Configuration ...

Page 185: ...ure 120 Active Image Page The Active Image Page contains the following fields Active Image The Image file which is currently active on the unit After Reset The Image file which is active on the unit after the device is reset The possible field values are Image 1 Activates Image file 1 after the device is reset Image 2 Activates Image file 2 after the device is reset 2 Define the After Reset field ...

Page 186: ...s the destination configuration file is selected 2 New File Name Indicates the destination configuration file that can be manually defined The system sup ports only 5 backup files Select Copy Configuration 3 Click The file is copied Restoring the Default Configuration File 1 Click System File Management Copy Files The Copy Files Page opens 2 Select Restore Configuration Factory Defaults 3 Click Th...

Page 187: ... Page contains the following fields File Name Displays the user defined system file name Size Displays the system file size Modified Displays the last time the system file was modified Permission Displays the permission assigned to the system file Rename Permits system administrators to rename the system file Total Bytes Displays the total amount of bytes currently used to save system files Free B...

Page 188: ...der SP voice over IP VoIP traffic can be prioritized so that it is forwarded before FTP or e mail SMTP traffic Weighted Round Robin Ensures that a single application does not dominate the device forwarding capacity Weighted Round Robin WRR forwards entire queues in a round robin order All queues can participate in WRR expect SP queues SP queues are serviced before WRR queues If the traffic flow is...

Page 189: ...al and SP queues do not occupy the whole bandwidth allocated to a port the WRR queues can share the bandwidth with the SP queues This ensures that the remaining bandwidth is distributed according to the weight ratio If WRR is selected the following weights are assigned to the queues 1 2 3 4 This section contains information for configuring QoS and includes the following topics Defining General QoS...

Page 190: ...iority Tag Determines the default CoS value for incoming packets for which a VLAN tag is not defined The possible field values are 0 7 The default CoS is 0 Restore Defaults Restores the selected interface to the default configuration 2 Select the CoS Mode field 3 Define the Default CoS for Incoming Traffic field 4 Click CoS is enabled on the device Restoring Factory Default QoS Interface Settings ...

Page 191: ...ameters Bandwidth The Bandwidth Settings Page opens Figure 124 Bandwidth Settings Page The Bandwidth Settings Page contains the following fields Interface Indicates the port that is being displayed Ingress Rate Limit Indicates the Ingress traffic limit for the port Status Indicates the traffic limit status Rate limit Indicates the rate limit 70K 100M Egress Rate Limit Indicates the traffic limit f...

Page 192: ...iguring Quality of Service Defining General QoS Settings Page 192 Figure 125 Bandwidth Settings Edit Page 4 Define the fields 5 Click The bandwidth settings are saved to interface and the device is updated ...

Page 193: ...ity WRR Assigns Shaped Deficit WRR weights to queues This field is enabled only for queues in SDWRR queue mode If a queue is set to 0 weight the queue is not operational and is effectively closed Each queue has a weight range queues 1 4 have the range 0 255 and queue 4 has the range 1 255 Queue Displays the CoS queue for which the queue weights or bandwidth percentage is set Scheduling SDWRR Weigh...

Page 194: ...tup Quality of Service Queue Mapping CoS to Queue The CoS to Queue Page opens Figure 127 CoS to Queue Page The CoS to Queue Page contains the following fields Class of Service Specifies the CoS values where zero is the lowest and 7 is the highest Queue Defines the traffic forwarding queue to which the CoS priority is mapped Four traffic priority queues are supported Restore Defaults Restores the d...

Page 195: ...asic Setup Quality of Service Queue Mapping DSCP to Queue The DSCP to Queue Page opens Figure 128 DSCP to Queue Page The DSCP to Queue Page contains the following fields DSCP In Displays the incoming packet s DSCP value Queue Specifies the traffic forwarding queue to which the DSCP priority is mapped Four traffic priority queues are supported 2 Define the queue number in the Queue field next to th...

Page 196: ...ust The Trust Setup Page opens Figure 129 Trust Setup Page The Trust Setup Page contains the following Trust Mode Defines which packet fields to use for classifying packets entering the device When no rules are defined the traffic containing the predefined packet CoS field is mapped according to the relevant trust modes table Traffic not containing a predefined packet field is mapped to best effor...

Page 197: ...ble DSCP Rewrite 1 Click Basic Setup Quality of Service Basic Mode DSCP Rewrite The DSCP Rewrite Page opens Figure 130 DSCP Rewrite Page The DSCP Rewrite Page contains the following fields DSCP In Displays the incoming packet s DSCP value DSCP Out Displays the outgoing packets s DSCP value 2 Define the DSCP In Queue field 3 Click The DSCP values is reassigned and the device is updated ...

Page 198: ...dvanced QoS features and includes the following topics Defining Policy Properties Defining Policy Profiles Defining Policy Properties This section contains information for configuring advanced policy properties and includes the following topics Mapping DSCP Values Defining Tail Dropping Mapping DSCP to Drop Precedence Creating Class Maps Aggregating Policiers ...

Page 199: ...Service Properties DSCP Mapping The Advanced DSCP Map ping Page opens Figure 131 Advanced DSCP Mapping Page The Advanced DSCP Mapping Page contains the following fields DSCP In Displays the incoming packet s DSCP value DSCP Out Specifies the traffic forwarding queue to which the DSCP priority is mapped Eight traffic priority queues are supported 2 Define the queue number in the Queue field next to...

Page 200: ...rop is configured per queue Click Advance Setup Quality of Service Policy Properties Tail Drop The Tail Drop Page opens Figure 132 Tail Drop Page The Tail Drop Page contains the following field Queue No Indicates the traffic queue for which the tail drop settings are defined Threshold 0 100 Defines the bandwidth amount after which packets are dropped For example if queue 2 is presently using 50 of...

Page 201: ...P value for which the Drop Precedence is defined DP Defines the Drop Precedence for the field 2 Select the DSCP value 3 Select the DP value 4 Click The DP value is mapped to the DSCP value and the device is updated Creating Class Maps One IP ACL and or one MAC ACL comprise a class map Class maps are configured to match packet criteria and are matched to packets on a first fit basis For example Cla...

Page 202: ...fined ACLs Match Indicates the criteria used to match class maps with an ACL s address Possible values are And Matches both ACL 1 and ACL 2 to the packet Or Matches either ACL 1 or ACL 2 to the packet ACL 2 Contains a list of the user defined ACLs Remove Removes Class Maps The possible field values are Checked Removes the selected Class Maps Unchecked Maintains the current Class Maps 2 Click The A...

Page 203: ...Quality of Service Configuring Advanced QoS Settings Page 203 Figure 135 Add Class Map Page 3 Define the Class Map Name Preferred ACL IP ACL Match and MAC 4 Click The Class Map is defined and the device is updated ...

Page 204: ...ing the bandwidth limits and define actions to take on packets that do not meet the requirements To configure Aggregated Policiers 1 Click Advance Setup Quality of Service Policy Properties Aggregated Policier The Aggregated Policier Page opens Figure 136 Aggregated Policier Page The Aggregated Policier Page contains the following fields Aggregate Policer Name Specifies the aggregate policer name ...

Page 205: ...oS Settings Page 205 Figure 137 Add Aggregated Policier Page 3 Define the Aggregate Policer Name Ingress Committed Information rate Ingress Committed Burst size and Exceed Action fields 4 Click The Aggregated Policier is defined and the device is updated ...

Page 206: ...ied Class policies can be configured in a policy map only if the classes have defined match criteria An aggregate policer can be applied to multiple classes in the same policy map but an aggregate policer cannot be used across different policy maps Define an aggregate policer if the policer is shared with multiple classes Policiers in one port cannot be shared with other policers in another device...

Page 207: ... is defined if the policer is shared with multiple classes Traffic from two different ports can be configured for policing purposes An aggregate policer can be applied to multiple classes in the same policy map but cannot be used across different policy maps Single Configures the class to use manually configured information rates and exceed actions Type Selects the Policer type Aggregate Policer U...

Page 208: ...uality of Service Policy Profiles Policy Binding The Policy Binding Page opens Figure 140 Policy Binding Page The Policy Binding Page contains the following fields Interface Selects an interface Policy Name Contains a list of user defined policies that can be attached to the interface Remove Removes policies Checked Removes the selected policies Unchecked Maintains the policies 2 Select an interfa...

Page 209: ...SM parameters are defined for SNMPv3 including Authentication Provides data integrity and data origin authentication Privacy Protects against the disclosure of message content Cipher Block Chaining CBC is used for encryption Either authentication is enabled on a SNMP message or both authentication and privacy are enabled on a SNMP message However privacy cannot be enabled without authentication Ti...

Page 210: ...ers Page The SNMP Security Global Parameters Page contains the following fields Local Engine ID 10 64 Hex characters Displays the local device Engine ID The field value is a hexa decimal string Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be sepa rated by a period or a colon The Engine ID must be defined before SNMPv3 is enabled Select a default Engine ID that...

Page 211: ...Configuring SNMP Configuring SNMP Security Page 211 3 Click The SNMP global security parameters are set and the device is updated ...

Page 212: ...curity Views The SNMP Security Views Page opens Figure 142 SNMP Security Views Page The SNMP Security Views Page contains the following fields View Name Displays the user defined views The view name can contain a maximum of 30 alphanumeric characters Object ID Subtree Displays the device feature OID included in or excluded from the selected SNMP view View Type Indicates whether the defined OID bra...

Page 213: ...g SNMP Configuring SNMP Security Page 213 Figure 143 Add SNMP View Page 3 Define the View Name field 4 Define the view using and 5 Define the View Type field 6 Click The view is defined and the device is updated ...

Page 214: ... The possible field values are SNMPv1 SNMPv1 is defined for the group SNMPv2c SNMPv2c is defined for the group SNMPv3 SNMPv3 is defined for the group Security Level Defines the security level attached to the group Security levels apply to SNMPv3 only The possible field values are No Authentication Indicates that neither the Authentication nor the Privacy security levels are assigned to the group A...

Page 215: ...Profile Page opens Figure 145 Add SNMP Group Profile Page 3 Define the Group Name Security Model Security Level and Operation fields 4 Click The SNMP group profile is added and the device is updated To modify SNMP Group Settings 1 Click System SNMP Security Group Profile The SNMP Group Profile Page opens 2 Click The SNMP Group Profile Settings Page opens ...

Page 216: ...nfiguring SNMP Security Page 216 Figure 146 SNMP Group Profile Settings Page 3 Modify the Group Name Security Model Security Level and Operation fields 4 Click The SNMP group profile is modified and the device is updated ...

Page 217: ...al SNMP Engine ID deletes the SNMPv3 user database Local Indicates that the user is connected to a local SNMP entity Remote Indicates that the user is connected to a remote SNMP entity If the Engine ID is defined remote devices receive inform messages Authentication Displays the method used to authenticate users The possible field values are MD5 Key Authenticates users using the HMAC MD5 algorithm...

Page 218: ...ired 32 bytes are defined Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be separated by a period or a colon Privacy Key Defines the privacy key LSB If only authentication is required 20 bytes are defined If both privacy and authentication are required 36 bytes are defined Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be sepa...

Page 219: ...rity Page 219 Figure 149 SNMP Group Membership Settings Page 3 Modify the Group Name Engine ID Authentication Method Password Authentication Key and Privacy Key fields 4 Click The SNMP group membership is modified and the device is updated ...

Page 220: ...ollowing fields Management Station Displays the management station IP address for which the basic SNMP community is defined Community String Defines the password used to authenticate the management station to the device The field is either user defined or All 0 0 0 0 If all is selected the community string is defined for all management stations Access Mode Defines the access rights of the communit...

Page 221: ...es the password used to authenticate the management station to the device Group Name Defines advanced SNMP community group names Remove Removes a community The possible field values are Checked Removes the selected SNMP communities Unchecked Maintains the SNMP communities 2 Click The Add SNMP Community Page opens Figure 151 Add SNMP Community Page 3 Define the SNMP Management Station Community Str...

Page 222: ...nfiguring SNMP Security Page 222 Figure 152 SNMP Community Settings Page 3 Modify the SNMP Management Station Community String and Basic or Advanced fields 4 Click The SNMP community is modified and the device is updated ...

Page 223: ...223 Configuring SNMP Notifications This section contains information for configuring SNMP Notifications and contains the following topics Defining SNMP Notification Global Parameters Defining SNMP Notification Filters Defining SNMP Notification Recipients ...

Page 224: ...ds Enable SNMP Notifications Specifies whether the device can send SNMP notifications The possible field values are Enable Enables SNMP notifications Disable Disables SNMP notifications Enable Authentication Notifications Specifies whether SNMP authentication failure notification is enabled on the device The possible field values are Enable Enables the device to send authentication failure notific...

Page 225: ...ication Filter Page contains the following fields Filter Name Contains a list of user defined notification filters Object Identifier Subtree Displays the OID for which notifications are sent or blocked If a filter is attached to an OID traps or informs are generated and sent to the trap recipients OIDs are selected from either the Select from field or the Object ID field Filter Type Indicates whet...

Page 226: ...ring SNMP Notifications Page 226 Figure 155 Add SNMP Notification Filter Page 3 Define the Filter Name New Object Identifier Tree and Filter Type fields 4 Click The SNMP notification filter is defined and the device is updated ...

Page 227: ...cation Receiver Page The SNMP Notification Receiver Page is divided into the following tables SNMPv1 2c Notification Recipient SNMPv3 Notification Recipient SNMPv1 2c Notification Recipient The SNMP v1 v2c Recipient table contains the following fields Recipients IP Displays the IP address to which the traps are sent Notification Type Displays the notification sent The possible field values are Tra...

Page 228: ... are Trap Indicates that traps are sent Inform Indicates that informs are sent User Name Displays the user to which SNMP notifications are sent Security Level Displays the means by which the packet is authenticated The possible field values are No Authentication Indicates that the packet is neither authenticated nor encrypted Authentication Indicates that the packet is authenticated UDP Port The U...

Page 229: ...lick The SNMP Notification recipients are defined and the device is updated To modify SNMP notification recipients 1 Click System SNMP Notification Notification Receiver The SNMP Notification Receiver Page opens 2 Click The SNMP Notification Receiver Settings Page opens Figure 158 SNMP Notification Receiver Settings Page 3 Modify the Notification Type SNMPV1 v2c or SNMPv3 UPD Port Filter Name TIme...

Page 230: ...Configuring SNMP Configuring SNMP Notifications Page 230 4 Click The SNMP notification recipients are defined and the device is updated ...

Page 231: ... on their urgency or relevancy Each message severity determines the set of event logging devices that are sent per each event message The following table lists the log severity levels This section includes the following topics Enabling System Logs Viewing the Device Memory Logs Viewing the FLASH Logs Defining Servers Log Parameters Table 12 System Log Severity Levels Severity Level Message Emergen...

Page 232: ...logs Unchecked Disables device logs Severity The following are the available log severity levels Emergency The highest warning level If the device is down or not functioning properly an emergency log message is saved to the specified logging location Alert The second highest warning level An alert log is saved if there is a serious device malfunction for example all device features are down Critic...

Page 233: ...minimum severity level from which logs are sent to the console RAM Logs Defines the minimum severity level from which logs are sent to the RAM Log kept in RAM Cache Log File Defines the minimum severity level from which logs are sent to the log file kept in FLASH memory 2 Define the Enable logging and Severity fields 3 Click The global log parameters are set and the device is updated ...

Page 234: ...g Page opens Figure 160 Device Memory Log Page The Device Memory Log Page contains the following fields Log Index Displays the log number Log Time Displays the time at which the log was generated Severity Displays the log severity Description Displays the log message text Clearing Device Memory Logs Message logs can be cleared from the Device Memory Log Page To clear message logs 1 Click System Sy...

Page 235: ...w the message logs Click System Syslog Flash The Syslog FLASH Page opens Figure 161 Syslog FLASH Page The Syslog Flash Page contains the following fields Log Index Displays the log number Log Time Displays the time at which the log was generated Severity Displays the log severity Description Displays the log message text Clearing FLASH Logs Message logs can be cleared from the Syslog Flash Page To...

Page 236: ...rom which system logs are sent to the remote server Only one facility can be assigned to a single server If a second facility level is assigned the first facility is overridden All applica tions defined for a device utilize the same facility on a server The field default is Local 7 The possible field values are Local 0 Local 7 Description A user defined server description Minimum Severity Indicate...

Page 237: ...fining Servers Log Parameters Page 237 Figure 163 Add Syslog Server Page 3 Define the Log Server IP Address UDP Port Facility Description and Minimum servers fields Click The Syslog Server is defined and the device is updated ...

Page 238: ...Diagnostics Page 238 Section 19 Managing Device Diagnostics This section contains the following topics Configuring Port Mirroring Viewing Integrated Cable Tests Viewing Optical Transceivers Viewing the CPU Utilization ...

Page 239: ...ains the following fields Destination Port Defines the port number to which port traffic is copied Source Port Indicates the port from which the packets are mirrored Type Indicates the port mode configuration for port mirroring The possible field values are RX Monitoring is performed for received packets only TX Monitoring is performed for transmitted packets only Both Monitoring is performed for ...

Page 240: ...e port mirroring session is defined and the device is updated To edit the port mirroring settings 1 Click System Diagnostics Port Mirroring The Port Mirroring Page opens 2 Click The Port Mirroring Settings Page opens Figure 166 Port Mirroring Settings Page 3 Modify the Type field 4 Click The port mirroring settings are modified and the device is updated ...

Page 241: ...o test cables 1 Click System Diagnostics Copper Cable The Copper Cable Tests Page opens Figure 167 Copper Cable Tests Page The Copper Cable Tests Page contains the following fields Port Specifies the port to which the cable is connected Test Result Displays the cable test results Possible values are No Cable Indicates that a cable is not connected to the port Open Cable Indicates that a cable is c...

Page 242: ...ivers Page contains the field Port Displays the port on which the cable is tested Temperature Displays the temperature C at which the cable is operating Voltage Displays the voltage at which the cable is operating Current Displays the current at which the cable is operating Output Power Indicates the rate at which the output power is transmitted Input Power Indicates the rate at which the input po...

Page 243: ...lization Page contains the following fields CPU Utilization Displays CPU resource utilization information The possible field values are Enabled Enables viewing CPU utilization information This is the default value Disabled Disables viewing the CPU utilization information Refresh Rate Amount of time that passes before the statistics are refreshed Usage Percentages Indicates the percentage of the CP...

Page 244: ...tistics for RMON interfaces GVRP EAP and Etherlike statistics This section contains the following topics Viewing Interface Statistics Managing RMON Statistics Viewing Interface Statistics This section contains the following topics Viewing Device Interface Statistics Managing RMON Statistics Viewing Etherlike Statistics ...

Page 245: ...ics are displayed Refresh Rate Defines the amount of time that passes before the interface statistics are refreshed The possible field values are 15 Sec Indicates that the Interface statistics are refreshed every 15 seconds 30 Sec Indicates that the Interface statistics are refreshed every 30 seconds 60 Sec Indicates that the Interface statistics are refreshed every 60 seconds No Refresh Indicates...

Page 246: ...Total Bytes Octets Displays the number of octets transmitted on the selected interface Unicast Packets Displays the number of Unicast packets transmitted on the selected interface Multicast Packets Displays the number of Multicast packets transmitted on the selected interface Broadcast Packets Displays the number of Broadcast packets transmitted on the selected interface ...

Page 247: ...ON Statistics Page opens Figure 171 RMON Statistics Page The RMON Statistics Page RMON Statistics Page contains the following fields Interface Indicates the device for which statistics are displayed The possible field values are Port Defines the specific port for which RMON statistics are displayed LAG Defines the specific LAG for which RMON statistics are displayed Refresh Rate Defines the amount...

Page 248: ...refreshed Undersize Packets Displays the number of undersized packets less than 64 octets received on the interface since the device was last refreshed Oversize Packets Displays the number of oversized packets over 1518 octets received on the interface since the device was last refreshed Fragments Displays the number of fragments packets with less than 64 octets excluding framing bits but includin...

Page 249: ... page Source Interface Displays the interface from which the history samples were taken The possible field values are Port Specifies the port from which the RMON information was taken LAG Specifies the port from which the RMON information was taken Sampling Interval Indicates in seconds the time that samplings are taken from the ports The field range is 1 3600 The default is 1800 seconds equal to ...

Page 250: ...story Control Settings Page opens Figure 173 RMON History Control Settings Page 3 Define the Source Interface Owner Sampling Interval Max No of Samples to Keep and Samples Requested fields 4 Click The entry is added to the RMON History Control Page and the device is updated ...

Page 251: ... Bytes Octets Displays the number of octets received on the interface since the device was last refreshed This number includes bad packets and FCS octets but excludes framing bits Received Packets Displays the number of packets received on the interface since the device was last refreshed including bad packets Multicast and Broadcast packets Broadcast Packets Displays the number of good Broadcast ...

Page 252: ...ctets This number excludes frame bits but includes FCS octets that had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral octet Alignment Error number The field range to detect jabbers is between 20 ms and 150 ms Collisions Displays the number of collisions received on the interface since the device was last refreshed Utilization Disp...

Page 253: ...ontains the following fields Event Entry Displays the event Community Displays the community to which the event belongs Description Displays the user defined event description Type Describes the event type Possible values are Log Indicates that the event is a log entry Trap Indicates that the event is a trap Log and Trap Indicates that the event is both a log entry and a trap None Indicates that n...

Page 254: ...nt logs Click Advanced Setup RMON Events Events Logs The RMON Events Logs Page opens Figure 176 RMON Events Logs Page The RMON Events Logs Page contains the following fields Event Displays the RMON Events Log entry number Log No Displays the log number Log Time Displays the time when the log entry was entered Description Displays the log entry description ...

Page 255: ...s are Delta Subtracts the last sampled value from the current value The difference in the values is compared to the threshold Absolute Compares the values directly with the thresholds at the end of the sampling interval Rising Threshold Displays the rising counter value that triggers the rising threshold alarm The rising threshold is presented on top of the graph bars Each monitored variable is de...

Page 256: ... to a higher value threshold Interval Defines the alarm interval time in seconds Owner Displays the device or user that defined the alarm Remove Removes the RMON Alarms Table entry 2 Click The Add An Alarm Entry Page opens Figure 178 Add An Alarm Entry Page 3 Define the Interface Counter Name Sample Type Rising Threshold Rising Event Falling Threshold Falling Event Startup Alarm Interval and Owner...

Page 257: ...rlike statistics are refreshed every 15 seconds 30 Sec Indicates that the Etherlike statistics are refreshed every 30 seconds 60 Sec Indicates that the Etherlike statistics are refreshed every 60 seconds Frame Check Sequence FCS Errors Displays the number of FCS errors on the selected interface Single Collision Frames Displays the number of single collision frames on the selected interface Late Co...

Page 258: ...Viewing Statistics Managing RMON Statistics Page 258 Resetting Etherlike Statistics Counters 1 Open the Etherlike Statistics Page 2 Click The Etherlike statistics counters are cleared ...

Page 259: ...rface Statistics Port Utilization The Port Utilization Page opens Figure 180 Port Utilization Page The Port Utilization Page contains the following fields Port Displays the port number Refresh Rate Amount of time that passes before the statistics are refreshed Usage Percentages Indicates the percentage of the CPU s resources consumed by the device Time Indicates the time in 15 second intervals the...

Page 260: ...on contains the DES 3252P hardware specifications Ports provides 48 Ports 10 100BASE TX 2 Combo Copper SFP 100BASE FX 1000BASE X Fiber ports 2 1000 Mbps Copper L2 Management Switch CPU DDRAM 256MB Max CPU Flash 32MBb Max PoE Per port power 15 4W PoE Total available power 370W AC Input 110 240V AC Internal universal power supply Operating Temperature 0 50 C Storage Temperature 10 70 C Operating Hum...

Page 261: ...dard for marking and prioritizing network traffic at the data link MAC sub layer 802 1p traffic is classified and sent to the destination No bandwidth reservations or limits are established or enforced 802 1p is a spin off of the 802 1Q VLANs standard 802 1p establishes eight levels of priority similar to the IP Precedence IP Header bit field Command Line Interface Command Line Interface CLI synta...

Page 262: ...dynamic VLAN creation on 802 1Q trunk ports When GVRP is enabled the device registers and propagates VLAN membership on all ports that are part of the active underlying Spanning Tree Protocol Features topology IGMP Snooping IGMP Snooping examines IGMP frame contents when they are forwarded by the device from work stations to an upstream Multi cast router From the frame the device identifies work s...

Page 263: ... Regions are one or more MSTP bridges by which frames can be transmitted The standard lets administrators assign VLAN traffic to unique paths Password Management Password management provides increased network security and improved password control Passwords for SSH Telnet HTTP HTTPS and SNMP access are assigned security features For more information on Password Management see Configuring Passwords...

Page 264: ...ensive network traffic monitoring capabilities as opposed to SNMP which allows network device management and monitoring RMON is a standard MIB that defines current and historical MAC layer statistics and control objects allowing real time information to be captured across the entire network Self Learning MAC Addresses The device enables automatic MAC address learning from incom ing packets The MAC...

Page 265: ...ies are not subject to aging and are preserved across resets and reboots TACACS TACACS provides centralized security for validation of users accessing the device TACACS provides a centralized user management system while still retaining consistency with RADIUS and other authentication processes TCP Transport Control Protocol TCP TCP connections are defined between 2 ports by an initial synchroniza...

Page 266: ... Frames addressed to a destination MAC address that is not associated with any port are flooded to all ports of the relevant VLAN Web Based Management With web based management the system can be managed from any web browser The system contains an Embedded Web Server EWS which serves HTML pages through which the sys tem can be monitored and configured The system internally con verts web based input...

Page 267: ... below are some possible troubleshooting problems and solutions These error messages include Cannot connect to management using RS 232 serial connection Cannot connect to switch management using Telnet HTTP SNMP etc Self test exceeds 15 seconds No connection is established and the port LED is on Device is in a reboot loop No connection and the port LED is off Add and Edit pages do not open Lost pa...

Page 268: ...t Faulty module Incorrect initial configura tion Configure the network address in the workstation Configure the network address in the workstation Configure the workstation with IP protocol Replace the cable Replace the module Replace the module Erase the connection and reconfigure the port Device is in a reboot loop Software fault Download and install a working or previous software version from t...

Page 269: ...re you want to reboot the system y n n 2 Enter Y The device reboots After the POST when the text Autoboot in 2 seconds press RETURN or Esc to abort and enter prom is displayed press Enter The Startup Menu is displayed 1 Download software 2 Erase flash file 3 Erase flash sectors 4 Password Recovery Procedure 5 Enter Diagnostic Mode 6 Back 3 Enter 4 within 15 seconds after the bootup pro cess from t...

Page 270: ... D Link Technical Support Software updates and user documentation can be found on the D Link website D Link provides free technical support for customers within the United States and within Canada for the warranty duration For more information on locating the D Link office in your region see International Offices ...

Page 271: ...Appendix C Technical Support Contacting D Link Technical Support Page 271 ...

Page 272: ...Appendix C Technical Support Contacting D Link Technical Support Page 272 ...

Page 273: ...Appendix C Technical Support Contacting D Link Technical Support Page 273 ...

Page 274: ...Appendix C Technical Support Contacting D Link Technical Support Page 274 ...

Page 275: ...Appendix C Technical Support Contacting D Link Technical Support Page 275 ...

Page 276: ...Appendix C Technical Support Contacting D Link Technical Support Page 276 ...

Page 277: ...Appendix C Technical Support Contacting D Link Technical Support Page 277 ...

Page 278: ...Appendix C Technical Support Contacting D Link Technical Support Page 278 ...

Page 279: ...Appendix C Technical Support Contacting D Link Technical Support Page 279 ...

Page 280: ...Appendix C Technical Support Contacting D Link Technical Support Page 280 ...

Page 281: ...Appendix C Technical Support Contacting D Link Technical Support Page 281 ...

Page 282: ...Appendix C Technical Support Contacting D Link Technical Support Page 282 ...

Page 283: ...Appendix C Technical Support Contacting D Link Technical Support Page 283 ...

Page 284: ...Appendix C Technical Support Contacting D Link Technical Support Page 284 ...

Page 285: ...Appendix C Technical Support Contacting D Link Technical Support Page 285 ...

Page 286: ...Appendix C Technical Support Contacting D Link Technical Support Page 286 ...

Page 287: ...Appendix C Technical Support Contacting D Link Technical Support Page 287 ...

Page 288: ...Appendix C Technical Support Contacting D Link Technical Support Page 288 ...

Page 289: ...Appendix C Technical Support Contacting D Link Technical Support Page 289 ...

Page 290: ...Appendix C Technical Support Contacting D Link Technical Support Page 290 ...

Page 291: ...Appendix C Technical Support Contacting D Link Technical Support Page 291 ...

Page 292: ...Appendix C Technical Support Contacting D Link Technical Support Page 292 ...

Page 293: ...Appendix C Technical Support Contacting D Link Technical Support Page 293 ...

Page 294: ...Appendix C Technical Support Contacting D Link Technical Support Page 294 ...

Page 295: ...Appendix C Technical Support Contacting D Link Technical Support Page 295 ...

Page 296: ...Appendix C Technical Support Contacting D Link Technical Support Page 296 ...

Page 297: ...ctual price paid by the original purchaser for the defective Hardware will be refunded by D Link upon return to D Link of the defective Hardware All Hardware or part thereof that is replaced by D Link or for which the purchase price is refunded shall become the property of D Link upon replacement or refund Limited Software Warranty D Link warrants that the software portion of the product Software ...

Page 298: ...common carrier selected by D Link Return shipping charges shall be prepaid by D Link if you use an address in the United States otherwise we will ship the product to you freight collect Expedited shipping is available upon request and provided shipping charges are prepaid by the customer D Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoin...

Page 299: ... registered trademarks are the property of their respective owners Copyright Statement No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation transformation or adaptation without permission from D Link Corporation D Link Systems Inc as stipulated by the United States Copyright Act of 19...

Page 300: ... 300 Product Registration D Link products can be registered online at http support dlink com register Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights ...

Page 301: ...k Avenue North Ryde NSW 2113 Australia TEL 61 2 8899 1800 FAX 61 2 8899 1868 URL www dlink com au India D Link House Kurla Bandra Complex Road Off CST Road Santacruz East Mumbai 400098 India TEL 91 022 26526696 56902210 FAX 91 022 26528914 URL www dlink co in Middle East Dubai P O Box 500376 Office No 103 Building 3 Dubai Internet City Dubai United Arab Emirates Tel 971 4 3916480 Fax 971 4 3908881...

Search results

Summary of Contents for DES-3252P - Web Smart Switch

Reviews:

Related manuals for DES-3252P - Web Smart Switch

Brands by name

Popular brands

D-Link DES-3252P - Web Smart Switch, Install Manual

Search results

Summary of Contents for DES-3252P - Web Smart Switch

Reviews:

Related manuals for DES-3252P - Web Smart Switch

Brands by name

Popular brands