manualshive.com logo in svg

Draytek VigorSwitch G2080, User Manual, Page: 95 / 120

Share
Download
Draytek VigorSwitch G2080 User Manual Download Page 95

 

VigorSwitch G2080 User’s Guide 

89

 

Supplicant: 

It is an entity being authenticated by an authenticator. It is used to communicate with the 
Authenticator PAE (Port Access Entity) by exchanging the authentication message when 
the Authenticator PAE request to it. 

Authenticator:  

An entity facilitates the authentication of the supplicant entity. It controls the state of the 
port, authorized or unauthorized, according to the result of authentication message 
exchanged between it and a supplicant PAE. The authenticator may request the supplicant 
to re-authenticate itself at a configured time period. Once start re-authenticating the 
supplicant, the controlled port keeps in the authorized state until re-authentication fails. 

A port acting as an authenticator is thought to be two logical ports, a controlled port and an 
uncontrolled port. A controlled port can only pass the packets when the authenticator PAE 
is authorized, and otherwise, an uncontrolled port will unconditionally pass the packets 
with PAE group MAC address, which has the value of 01-80-c2-00-00-03 and will not be 
forwarded by MAC bridge, at any time. 

Authentication server: 

A device provides authentication service, through EAP, to an authenticator by using 
authentication credentials supplied by the supplicant to determine if the supplicant is 
authorized to access the network resource. 

The overview of operation flow for the Fig. 3-52 is quite simple. When Supplicant PAE 
issues a request to Authenticator PAE, Authenticator and Supplicant exchanges 
authentication message. Then, Authenticator passes the request to RADIUS server to verify. 
Finally, RADIUS server replies if the request is granted or denied. 

While in the authentication process, the message packets, encapsulated by Extensible 
Authentication Protocol over LAN (EAPOL), are exchanged between an authenticator PAE 
and a supplicant PAE. The Authenticator exchanges the message to authentication server 
using EAP encapsulation. Before successfully authenticating, the supplicant can only touch 
the authenticator to perform authentication message exchange or access the network from 
the uncontrolled port. 

Summary of Contents for VigorSwitch G2080

Page 1: ...VigorSwitch G2080 User s Guide Version 1 0 Date 2008 03 06 Copyright 2008 All rights reserved ...

Page 2: ...wo 2 years from the date of purchase from the dealer Please keep your purchase receipt in a safe place as it serves as proof of date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials we will at our discretion repair or replace the defective products or components without charge for either part...

Page 3: ...on This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turni...

Page 4: ... Management 21 2 1 Web Management Home Overview 22 2 1 1 The Information of Page Layout 22 2 1 2 System Information 24 2 1 3 IP Configuration 25 2 1 4 Time Configuration 28 2 1 5 Account Configuration 30 2 1 6 Management Policy 30 2 1 7 Virtual Stack 33 2 2 Port Configuration 34 2 2 1 Port Status 35 2 2 2 Port Configuration 38 2 2 3 Simple Counter 39 2 2 4 Detail Counter 40 2 3 Mirror 42 2 4 Bandw...

Page 5: ... STP Configuration 77 2 14 1 STP Status 78 2 14 2 STP Configuration 79 2 14 3 STP Port Configuration 81 2 15 Trunking Configuration 83 2 15 1 Port Setting Status 84 2 15 2 Aggregator View 86 2 15 3 LACP System Priority 88 2 16 802 1X Configuration 88 2 16 1 802 1X State Setting 93 2 16 2 802 1X Mode Setting 94 2 16 3 Port Security Management 95 2 17 Alarm Configuration 98 3 17 1 Events Configurati...

Page 6: ...VigorSwitch G2080 User s Guide vi 3 Trouble Shooting 113 5 1 Resolving No Link Condition 113 5 2 Q A 113 ...

Page 7: ...useful function such as QoS Quality of Service Spanning Tree VLAN Port Trunking Bandwidth Control Port Security SNMP RMON IGMP Snooping capability via the intelligent software It is suitable for both metro LAN and office application In this switch Port 7 and Port 8 include two types of media TP and SFP Fiber LC BiDi LC this port supports 10 100 1000Mbps TP or 1000Mbps SFP Fiber with auto detected ...

Page 8: ...manager server site and echo the corresponded data i e MIB object Besides SNMP agent will actively issue TRAP information when happened RMON is the abbreviation of Remote Network Monitoring and is a branch of the SNMP MIB The device supports MIB 2 RFC 1213 Bridge MIB RFC 1493 RMON MIB RFC 1757 statistics Group 1 2 3 9 Ethernet like MIB RFC 1643 Ethernet MIB RFC 1643 and so on I IG GM MP P S Sn no ...

Page 9: ...event while monitored events happened z Supports default configuration which can be restored to overwrite the current configuration which is working on via web browser and CLI z Supports on line plug unplug SFP modules z Supports Quality of Service QoS for real time applications based on the information taken from Layer 2 to Layer 4 such as VoIP z Built in web based management and CLI management p...

Page 10: ...d for high speed connection expansion the following are optional SFP types provided for the switch z 1000Mbps LC MM SFP Fiber transceiver SFP 0LC 202 z 1000Mbps LC SM 10km SFP Fiber transceiver SFP 0LC 212 10 z 1000Mbps LC SM 30km SFP Fiber transceiver SFP 0LC 212 30 z 1000Mbps LC SM 50km SFP Fiber transceiver SFP 0LC 212 50 z 1000Mbps BiDi LC type 1 SM 20km SFP Fiber WDM transceiver SFP 0BL 621 2...

Page 11: ...and good Green Lit when connection with remote device is good Blinks when any traffic is present Off when cable connection is not good 1 to 8 Ethernet TP Port 10 100 1000Mbps Green Amber Lit green when 1000Mbps speed is active Lit ember when 100Mbps speed is active Off when 10Mbps speed is active C Co on nn ne ec ct to or r E Ex xp pl la an na at ti io on n Interface Description LAN P1 P8 Gigabit ...

Page 12: ...ght through Cable pin outs for RJ 45 jack 1 2 3 6 to 1 2 3 6 in 10 100M TP 1 2 3 4 5 6 7 8 to 1 2 3 4 5 6 7 8 in Gigabit TP and crossed over Cable pin outs for RJ 45 jack 1 2 3 6 to 3 6 1 2 can be used It means you do not have to tell from them just plug it 1 Use Cat 5 grade RJ 45 TP cable to connect to a TP port of the switch and the other end is connected to a network aware device such as a work...

Page 13: ...the front side of the switch See Fig 2 2 3 Place the Chassis into the 19 inch wiring closet rail and locate it at the proper position Then fix the Chassis by screwing it 1 1 5 5 4 4 C Ca ab bl li in ng g R Re eq qu ui ir re em me en nt ts s To help ensure a successful installation and keep the network performance good please take a care on the cabling requirement Cables with worse specification wi...

Page 14: ...le mode Fiber 9 125µm Single mode transceiver 1310nm 10Km 1000Base LX LH X XD ZX Single mode transceiver 1550nm 30 50Km TX Transmit 1310nm Single Mode 20Km RX Receive 1550nm TX Transmit 1550nm 1000Base LX Single Fiber BIDI LC Single Mode 20Km RX Receive 1310nm S Sw wi it tc ch h C Ca as sc ca ad di in ng g i in n T To op po ol lo og gy y Takes the Delay Time into Account Theoretically the switch p...

Page 15: ...ity of network loop and will improve network efficiency If more than two switches are connected in the same network select one switch as Level 1 switch and connect all other switches to it at Level 2 Server Host is recommended to connect to the Level 1 switch This is general if no VLAN or other special requirements are applied Case 1 All switch ports are in the same local area network Every port c...

Page 16: ...roups at one switch Case 3 Port based VLAN 2 VLAN1 members could not access VLAN2 VLAN3 and VLAN4 members VLAN2 members could not access VLAN1 and VLAN3 members but they could access VLAN4 members VLAN3 members could not access VLAN1 VLAN2 and VLAN4 VLAN4 members could not access VLAN1 and VLAN3 members but they could access VLAN2 members Case 4 The same VLAN members can be at different switches w...

Page 17: ...y connected to a DCE device for example a PC through RS 232 cable with DB 9 connector Next run a terminal emulator with the default setting of the switch s serial port With this you can communicate with the switch In the switch RS 232 interface only supports baud rate 57 6k bps with 8 data bits 1 stop bit no parity check and no flow control RS 232 cable with female DB 9 connector at both ends Vigo...

Page 18: ...d Default Gateway IP Address You can first either configure your PC IP address or change IP address of the switch next to change the IP address of default gateway and subnet mask For example your network address is 10 1 1 0 and subnet mask is 255 255 255 0 You can change the switch s default IP address 192 168 1 1 to 10 1 1 1 and set the subnet mask to be 255 255 255 0 Then choose your default gat...

Page 19: ...troduce the first two types of management interface Managing VigorSwitch G2080 through Ethernet Port Before you communicate with the switch you have to finish the configuration of the IP address or to know the IP address of the switch Then follow the procedures listed below 1 Set up a physical path between the configured the switch and a PC by a qualified UTP Cat 5 cable with RJ 45 connector Note ...

Page 20: ...VigorSwitch G2080 User s Guide 14 the remote site Please refer to Fig 2 9 about the switch s default IP address information 2 Run web browser and follow the menu Please refer to Chapter 2 ...

Page 21: ...ddress we used is version 4 known as IPv4 Network identifier Host identifier With the classful addressing it divides IP address into three classes class A class B and class C The rest of IP addresses are for multicast and broadcast The bit length of the network prefix is the same as that of the subnet mask and is denoted as IP address X for example 192 168 1 0 24 Each class has its address range d...

Page 22: ...s more efficiently and ease to manage IP network For a class B network 128 1 2 3 it may have a subnet mask 255 255 0 0 in default in which the first two bytes is with all 1s This means more than 60 thousands of nodes in flat IP address will be at the same network It s too large to manage practically Now if we divide it into smaller network by extending network prefix from 16 bits to say 24 bits th...

Page 23: ...is considered a physical network in an autonomous network So it owns a network IP address which may looks like 168 1 2 0 With the subnet mask a bigger network can be cut into small pieces of network If we want to have more than two independent networks in a worknet a partition to the network must be performed In this case subnet mask must be applied For different network applications the subnet ma...

Page 24: ...c IP address To connect to a server the client needs to know the IP of the server However user generally uses the name to connect to the server Thus the switch DNS client program such as a browser will ask the DNS to resolve the IP address of the named server 1 1 6 6 T Ty yp pi ic ca al l A Ap pp pl li ic ca at ti io on ns s The VigorSwitch G2080 implements 8 Gigabit Ethernet TP ports with auto MD...

Page 25: ...080 User s Guide 19 It is a system wide basic reference connection diagram This diagram demonstrates how the switch connects with other network devices and hosts Peer to peer application is used in two remote offices ...

Page 26: ...VigorSwitch G2080 User s Guide 20 Office network ...

Page 27: ...word in WebUI or input Ctrl Z in CLI s login screen in case the user forgets the manager s password Then the system will display a serial No for the user Write down this serial No and contact your vendor the vendor will give you a temporary password Use this new password as ID and Password and it will allow the user to login the system with manager authority temporarily Due to the limit of this ne...

Page 28: ...rial number how many ports good and so on This is helpful while malfunctioning 2 2 1 1 1 1 T Th he e I In nf fo or rm ma at ti io on n o of f P Pa ag ge e L La ay yo ou ut t On the top side it shows the front panel of the switch In the front panel the linked ports will display green as to the ports which are link off they will be dark For the optional modules the slot will show only a cover plate ...

Page 29: ...tect you from illegal user as you are leaving If you do not choose any selection in Auto Logout list it means you turn on the Auto Logout function and the system will be logged out automatically when no action on the device 3 minutes later If OFF is chosen the screen will keep as it is Default is ON On the left side the main menu tree for web is listed in the page They are hierarchical menu Open t...

Page 30: ...n Model name The model name of this device System description As it is this tells what this device is Here it is L2 Managed Switch Location Basically it is the location where this switch is put User defined Contact For easily managing and maintaining device you may write down the contact person and phone here for getting help soon You can configure this parameter through the device s user interfac...

Page 31: ...echanical Serial number The serial number is assigned by the manufacturer Host IP address The IP address of the switch Host MAC address It is the Ethernet MAC address of the management agent in this switch Device Port Show all types and numbers of the port in the switch RAM size The size of the DRAM in this switch Flash size The size of the flash memory in this switch 2 2 1 1 3 3 I IP P C Co on nf...

Page 32: ...ss If DHCP server is down or does not exist the switch will issue the request and show IP address is under requesting until the DHCP server is up Before getting an IP address from DHCP server the device will not continue booting procedures If set this field Disable you ll have to input IP address manually For more details about IP address and DHCP please see the Section 2 1 5 IP Address Assignment...

Page 33: ... 2 bit number of subnet number Subnet mask is used to set the subnet mask value which should be the same value as that of the other devices resided in the same network it attaches For more information please also see the Section 2 1 5 IP Address Assignment in this manual Default 255 255 255 0 Default gateway Set an IP address for a gateway to handle those packets that do not meet the routing rules...

Page 34: ... and Second respectively and press Apply button time is adjusted The valid figures for the parameter Year Month Day Hour Minute and Second are 2000 1 12 1 31 0 23 0 59 and 0 59 respectively Input the wrong figure and press Apply button the device will reject the time adjustment request There is no time zone setting in Manual mode Default Year 2000 Month 1 Day 1 Hour 0 Minute 0 Second 0 NTP NTP is ...

Page 35: ... don t have to set the starting ending date as well If you set daylight saving to be non zero you have to set the starting ending date as well otherwise the daylight saving function will not be activated Default for Daylight Saving 0 The following parameters are configurable for the function Daylight Saving and described in detail Day Light Saving Start This is used to set when to start performing...

Page 36: ...me and password Only one administrator is allowed to exist and unable to be deleted In addition up to 4 guest accounts can be created The default setting for user account is Username admin Password admin The default setting for guest user account is Username guest Password guest 2 2 1 1 6 6 M Ma an na ag ge em me en nt t P Po ol li ic cy y Through the management security configuration the manager ...

Page 37: ... description The switch offers Management Security Configuration function With this function the manager can easily control the mode that the user connects to the switch According to the mode users can be classified into two types Those who are able to connect to the switch Accept and those who are unable to connect to the switch Deny Some restrictions also can be placed on the mode that the user ...

Page 38: ...Any and Custom Default is Any You can select the ports that you would like them to be worked and restricted in the management security configuration if Custom had been chosen Access Type The switch supports two kinds of options for managed valid Access Type including Any and Custom Default is Any Http Telnet and SNMP are three ways for the access and managing the switch in case that Custom had bee...

Page 39: ...r group device will appear on the top of its Web UI By pressing these buttons user will be allowed to connect the Web UI of the devices of the group in the same window without the login of these devices The most top left button is only for Master device The background color of the button you press will be changed to represent that the device is under your management Note It will remove the groupin...

Page 40: ... option Default is Master Group ID It is the group identifier GID which signs for VSM Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters 2 2 2 2 P Po or rt t C Co on nf fi ig gu ur ra at ti io on n Four functions including Port Status Port Configuration Simple Counter and Detail Counter are contained in this function folder for port monitor and management Each of th...

Page 41: ...Port No Display the port number The number is 1 8 Both port 7 and 8 are optional modules Media Show the media type adopted in all ports The Port 7 and Port 8 are optional modules which support either fiber or UTP media with either Gigabit Ethernet 1000Mbps or 10 100Mbps Fast Ethernet port They may have different media types and speed Especially fiber port has comprehensive types of connector dista...

Page 42: ...x supported is half duplex and full duplex If the media is 1Gbps fiber it is 1000Mbps supported only The status of speed duplex mode is determined by 1 the negotiation of both local port and link partner in Auto Speed mode or 2 user setting in Force mode The local port has to be preset its capability Default None depends on the result of the negotiation Flow Control Show each port s flow control s...

Page 43: ... and so on Vendor OUI Display the Manufacturer s OUI code which is assigned by IEEE Vendor Name Display the company name of the module manufacturer Vendor P N Display the product name of the naming by module manufacturer Vendor Rev Revision Display the module revision Vendor SN Serial Number Show the serial number assigned by the manufacturer Date Code Show the date this SFP module was made Temper...

Page 44: ...nsmitted and received via this port When disabled the port is blocked and no traffic can be transferred through this port Port State is configurable by the user There are only two states Enable and Disable able to choose If you set a port s state Disable then that port is prohibited to pass any traffic even it looks Link up Default Enable Mode Set the speed and duplex of the port In speed if the m...

Page 45: ...on of Simple Counter collects any information and provides the counting about the traffic of the port no matter the packet is good or bad In the following figure the window can show all ports counter information at the same time Each data field has 20 digit long If the counting is overflow the counter will be reset and restart counting The data is updated every time interval defined by the user Th...

Page 46: ... s counter you have to pull down the list of Select then you will see the figures displayed about the port you had chosen Each data field has 20 digit long If the counting is overflow the counter will be reset and restart counting The data is updated every time interval defined by the user The valid range is 3 to 10 seconds The Refresh Interval is used to set the update frequency Default update ti...

Page 47: ...er of 127 255 byte frames in good and bad packets received Rx 256 511 Bytes Number of 256 511 byte frames in good and bad packets received Rx 512 1023 Bytes Number of 512 1023 byte frames in good and bad packets received Rx 1024 Bytes Number of 1024 max_length byte frames in good and bad packets received Tx 64 Bytes Number of 64 byte frames in good and bad packets transmitted Tx 65 127 Bytes Numbe...

Page 48: ...escription Mirror Configuration is to monitor the traffic of the network For example we assume that Port A and Port B are Monitoring Port and Monitored Port respectively thus the traffic received by Port B will be copied to Port A for monitoring Note When configuring the mirror function you should avoid setting a port to be a sniffer port and aggregated port at the same time It will cause somethin...

Page 49: ...Rate Limiting Policing Set up the limit of Ingress bandwidth for the port you choose Incoming traffic will be discarded if the rate exceeds the value you set up in Data Rate field Pause frames are also generated if flow control is enabled The format of the packet limits to unicast broadcast and multicast Valid range is 0 1000 Broadcast Multicasat for Ingress Rate Limiting Policing Set up the limit...

Page 50: ...ke precedence of 8 priorities IP TOS Classification IP TCP UDP Port Classification and IP DiffServe Classification In Quality of Service QoS Configuration there is one option named Default Class As you had selected one of the five QoS functions then some packets that did not belong to this QoS setting would be viewed as Default Class For instance if you set QoS function as VLAN Tag Priority mode a...

Page 51: ...ets from Port 2 and Port 3 at the speed of 1Gbps to Port 1 and set the Class of Port 2 as High and Port 3 as Low then the packets of Port 3 will be dropped when the congestion happens because Port 2 owns higher precedence of transmitting packets Parameter description Port No User can choose the port 1 8 respectively with Priority Class on Per Port Priority function Class User can set up High Prior...

Page 52: ...he two kinds of packets be transmitted for port 1 until the port results in congestion The result is that the packets will be dropped partially from the port 3 because the packets that belong to Low Priority For the use of VLAN Tag Priority function please press Configure button at the right section for setting in advance Parameter description VLAN Tag Configuration Used for setting up the QoS bel...

Page 53: ... Field appears 0 0 0 from the port 2 and the packets that have bit 5 7 of TOS Field appears 0 0 1 from the port 3 We let the two kinds of packets be transmitted for port 1 until the port results in congestion The result is that the packets will be dropped partially from the port 3 because the packets that belong to Low Priority Parameter description Quality of Service QoS ToS Configuration Used fo...

Page 54: ...nction taken affect Then click Advance button to set up Special TCP UDP port for QoS Down prioritize web browsing e mail FTP and news Belong to the QoS in L4 Just tick the option button and press Apply button to have this function taken affect Then click Advance button to set up Special TCP UDP port for QoS Prioritize IP Telephony VoIP Belong to the QoS in L4 Just tick the option button and press ...

Page 55: ...ports There are two modes for selection including Low and High Port User can set up the port 1 8 respectively to let Special TDP UDP class function work on them If you would like to set up all ports at a time user is allowed to choose All selection to simplify the procedure of configuration Special UDP TCP Port Selection The following are port numbers defined by six specific networks in L4 Down pr...

Page 56: ...rst six bits comprise a codepoint which is sometimes abbreviated DSCP and the last two bits are left unused IP Diffserve Classification function it can form total 64 0 63 kinds of Traffic Class based on the arrangement of 6 bit field in DSCP of the IP packet In the switch user is allowed to set up these 64 kinds of Class that belong to High or Low Priority Parameter description IP Differentiated S...

Page 57: ...y to set loop detection State Set the port loop detection to Enable or Disable When it is enabled the port will sent out looping detection frame and detect if looping happens When it is disabled the port only can detect if looping happens Default Disable Current Status Show this port current status Unlocked means this port there is no looping happened Locked means there is looping happen in this p...

Page 58: ...ding RMON MIB can be accessed via SNMP manager If the field SNMP is set Disable SNMP agent will be de activated the related Community Name Trap Host IP Address Trap and all MIB counters will be ignored Function name SNMP Configuration Function description This function is used to configure SNMP settings community name trap host and public traps as well as the throttle of SNMP A SNMP manager must p...

Page 59: ...efault port number 162 Trap In the switch there are 6 trap hosts supported Each of them has its own community name and IP address is user definable To set up a trap host means to create a trap manager by assigning an IP address to host the trap message In other words the trap host is a network management unit with SNMP manager receiving the trap message from the managed switch with SNMP agent issu...

Page 60: ...VigorSwitch G2080 User s Guide 54 ...

Page 61: ... when a member port joins or leaves an IP Multicast Destination Address With this function once a switch receives an IP multicast packet it will forward the packet to the members who joined in a specified IP multicast group before The packets will be discarded by the IGMP Snooping if the user transmits multicast packets to the multicast group that had not been built up in advance 2 2 8 8 1 1 I IG ...

Page 62: ...ed to all other ports on the switch Discard If you set to discard the port received unknown multicast traffic will be discarded IP Address Show all multicast groups IP addresses that are registered on this device VLAN ID Show VLAN ID for each multicast group Member Port Show member ports that join each multicast group Member port may be only or more than one 2 2 8 8 2 2 A Al ll lo ow we ed d G Gr ...

Page 63: ...the specific VID then it can do IGMP registration successfully If the IP multicast address did not belong to the specific VID it will be limited to do IGMP registration Port Any Any means all ports are included in the allowed IP multicast group port members Any ports on the switch can do the IGMP registration to join the allowed IP multicast group Custom Use Custom to select the ports on the switc...

Page 64: ...tion due to broadcast packets from many network devices which may seek its NMS boot server DHCP server and many connections predefined when the whole building or block lose the power and then reboot and recover At this moment a bunch of switch or other network device on the LAN will try its best to find the server to get the services or try to set up the predefined links they will issue many broad...

Page 65: ...ag based Metro Mode Double tag and Disable you can choose one of them by pulling down list and selecting an item Then click Apply button the settings will take effect immediately Parameter description VLAN Mode Disable Stop VLAN function on the switch In this mode no VLAN is applied to the switch This is the default setting Port based Port based VLAN is defined by port Any packet coming in or outg...

Page 66: ...create 6 or 7 Port based VLAN groups Double tag Double tag mode belongs to the tag based mode however it would treat all frames as the untagged ones which means that tag with PVID will be added into all packets Then these packets will be forwarded as Tag based VLAN So the incoming packets with tag will become the double tag ones Up link Port This function is enabled only when metro mode is chosen ...

Page 67: ...ame The name defined by administrator is associated with a VLAN group Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters VID VLAN identifier Each tag based VLAN group has a unique VID It appears only in tag based and Double tag mode SYM VLAN While the SYM VLAN function of the group is enabled all packets with this group VID will be dropped in case they are transmitt...

Page 68: ... name as well as VID configure the SYM VLAN function and choose the member by ticking the check box beside the port No then press the Apply button to have the setting taken effect Delete Group Just press the Delete button to remove the selected group entry from the Tag based group table ...

Page 69: ... VLAN Groups You can easily create edit and delete a Port based VLAN group by pressing Add Edit and Delete function buttons User can add a new VLAN group by inputting a new VLAN name Parameter description VLAN Name The name defined by administrator is associated with a VLAN group Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters Member This is used to enable or dis...

Page 70: ...ased VLAN Input the VLAN name and choose the member by ticking the check box beside the port No then press the Apply button to have the setting taken effect Delete Group Just press the Delete button to remove the selected group entry from the Port based group table ...

Page 71: ...agged frame You can also select the Role of each port as Access Trunk or Hybrid Parameter description Port 1 8 Port number PVID This PVID range will be 1 4094 Before you set a number x as PVID you have to create a Tag based VLAN with VID x For example if port x receives an untagged packet the switch will apply the PVID assume as VID y of port x to tag this packet the packet then will be forwarded ...

Page 72: ...et the packet then will be forwarded But if the PVID of port 1 is 100 and port 1 is not member of VLAN 100 the packet will be dropped Role This is an egress rule of the port Here you can choose Access Trunk or Hybrid Trunk means the outgoing packets must carry VLAN tag header Access means the outgoing packets carry no VLAN tag header If packets have double VLAN tags one will be dropped and the oth...

Page 73: ...etting is disabled The management traffic can belong to any VLAN groups VID Valid range 1 4094 2 2 1 12 2 M MA AC C T Ta ab bl le e MAC Table Configuration gathers many functions including MAC Table Information MAC Table Maintenance Static Forward Static Filter and MAC Alias which cannot be categorized to some function type They are described below 2 2 1 12 2 1 1 M MA AC C T Ta ab bl le e I In nf ...

Page 74: ...AC entry you set up Search Find the entry that meets your setup Previous Page Move to the previous page Next Page Move to the next page Alias The Alias of the searched entry MAC Address The MAC address of the searched entry Port The port that exists in the searched MAC Entry VID VLAN Group that MAC Entry exists State Display the method that this MAC Entry is built It may show Dynamic MAC or Static...

Page 75: ...ess Age out Time will be removed from the MAC Table The range of Age out Time is 10 65535 seconds and the setup of this time will have no effect on static MAC addresses Parameter description Aging Time Delete a MAC address idling for a period of time from the MAC Table which will not affect static MAC address Range of MAC Address Aging Time is 10 65535 seconds The default Aging Time is 300 seconds...

Page 76: ... of the switch s traffics sent to this MAC address will be forwarded to this port For adding a MAC address entry in the allowed table you just need to fill in four parameters MAC address associated port VID and Alias Just select the existed MAC address entry you want and click Delete button you also can remove it Parameter description MAC It is a six byte long Ethernet hardware address and usually...

Page 77: ...er table User can very easily maintain the table by filling in MAC Address VID VLAN ID and Alias fields individually User also can delete the existed entry by clicking Delete button Parameter description MAC It is a six byte long Ethernet hardware address and usually expressed by hex and separated by hyphens For example 00 40 C7 D6 00 02 VID VLAN identifier This will be filled only when tagged VLA...

Page 78: ...cified MAC address or mark an existed entry to delete it Alias name must be composed of A Z a z and 0 9 only and has a maximal length of 15 characters In the MAC Alias function MAC Alias Add Edit function is used to let you add or modify an association between MAC address and a plain English name User can click Create Edit button to add a new record with name As to MAC Alias Delete function is use...

Page 79: ...in which there are seven parameters needed to be configured described below Parameter description GVRP State Setting This function is simply to let you enable or disable GVRP function You can pull down the list and click the Downward arrow key to choose Enable or Disable Then click the Apply button the system will take effect immediately Join Time Used to declare the Join Time in unit of centiseco...

Page 80: ...all GARP messages and all members remain in the unregistered EMPTY state Restricted Mode This function is used to restrict dynamic VLAN be created when this port received GVRP PDU There are two modes disable and enable provided for the user s choice Disabled In this mode the switch dynamic VLAN will be created when this port received GVRP PDU The default setting is Normal Enabled In this mode the ...

Page 81: ...is received by the GARP application LeaveEmpty Message Packets Number of GARP BPDU with Leave Empty message is received by the GARP application Empty Message Packets Number of GARP BPDU with Empty message is received by the GARP application Transmitted Total GVRP Packets Total GARP BPDU is transmitted by the GVRP application Invalid GVRP Packets Number of invalid GARP BPDU is transmitted by the GV...

Page 82: ...VigorSwitch G2080 User s Guide 76 ...

Page 83: ...ate GVRP group you can use Administrative Control function to change Applicant Mode and Registrar Mode of GVRP group member Refresh Refresh function can help you to see current GVRP group status 2 2 1 14 4 S ST TP P C Co on nf fi ig gu ur ra at ti io on n The Spanning Tree Protocol STP is a standardized method IEEE 802 1D for avoiding loops in switched networks When STP is enabled ensure that only...

Page 84: ...nge When a bridge does not receive a hello message from root bridge until the maximum age time is counted down to 0 the bridge will treat the root bridge malfunctioned and issue a Topology Change Notification TCN BPDU to all other bridges All bridges in the LAN will re learn and determine which the root bridge is Maximum Age time is assigned by root bridge in unit of seconds Default is 20 seconds ...

Page 85: ...figuration Function description User can set the following Spanning Tree parameters to control STP function enable disable select mode RSTP STP and affect STP state machine behavior to send BPDU in this switch The default setting of Spanning Tree Protocol is Disable Parameter description Spanning Tree Protocol Set 802 1W Rapid STP function Enable Disable Default is Disable Bridge Priority The lowe...

Page 86: ...e is 6 40 seconds Default is 20 seconds Forward Delay You can set the root bridge forward delay time This figure is set by root bridge only The forward delay time is defined as the time spent from Listening state moved to Learning state and also from Learning state moved to Forwarding state of a port in bridge The forward delay time contains two states Listening state to Learning state and Learnin...

Page 87: ...this port can now contribute its learning knowledge but cannot forward packets still FORWARDING state indicates this port can both contribute its learning knowledge and forward packets normally Path Cost Status It is the contribution value of the path through this port to Root Bridge STP algorithm determines a best path to Root Bridge by calculating the sum of path cost contributed by all ports on...

Page 88: ...n on point to point links and on edge ports This can expedite the convergence because this will have the port fast transited to forwarding state There are three parameters Auto True and False used to configure the type of the point to point link If configure this parameter to be Auto it means RSTP will use the duplex mode resulted from the auto negotiation In today s switched networks most links a...

Page 89: ...e their unique LACP GroupID 1 8 to form a logic trunked port The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a trunk group also called aggregator LACP is safer than the other trunking method static trunk The switch LACP does not support the followings Link Aggregation across switches Aggregation with non IEEE 802 3 MAC link Operati...

Page 90: ...is means the port won t aggregate with other ports b 14 ports all use LACP Trunk Group ID 1 at most 12 ports can aggregate together and transit into the ready state c A port using the None trunking method or Group ID 0 will be automatically set to use the None trunking method with Group ID 0 2 2 1 15 5 1 1 P Po or rt t S Se et tt ti in ng g S St ta at tu us s Function name Port Setting Status Func...

Page 91: ...egard an aggregator as a representative of a trunking group Ports with same Group ID and using same trunking method will have the opportunity to aggregate to a particular aggregator port This aggregator port is usually the port with the smallest Port No within the trunking group Status This field represents the trunking status of a port which uses a trunking method other than None It also represen...

Page 92: ... aggregator point of view Parameter description Aggregator It shows the aggregator ID from 1 to 8 of every port In fact every port is also an aggregator and its own aggregator ID is the same as its own Port No Method Show the method a port uses to aggregate with other ports Member Ports Show all member ports of an aggregator port Ready Ports Show only the ready member ports within an aggregator po...

Page 93: ...h you are watching on Partner The peer system from this aggregator s view System Priority Show the System Priority part of a system ID MAC Address Show the MAC Address part of a system ID Port Show the port number part of an LACP port ID Key Show the key value of the aggregator The key value is determined by the LACP protocol entity and can t be set through management Trunk Status Show the trunk s...

Page 94: ...ces via authenticating user s information This restricts users from gaining access to the network resources through a 802 1X enabled port without authentication If a user wishes to touch the network through a port under 802 1X control he she must firstly input his her account name for authentication and waits for gaining authorization before sending or receiving any packets from a 802 1X enabled p...

Page 95: ...nconditionally pass the packets with PAE group MAC address which has the value of 01 80 c2 00 00 03 and will not be forwarded by MAC bridge at any time Authentication server A device provides authentication service through EAP to an authenticator by using authentication credentials supplied by the supplicant to determine if the supplicant is authorized to access the network resource The overview o...

Page 96: ...services on device B and C first it must exchange the authentication message with the authenticator on the port it connected via EAPOL packet The authenticator transfers the supplicant s credentials to Authentication server for verification If success the authentication server will notice the authenticator the grant PC A then is allowed to access B and C via the switch If there are two switches di...

Page 97: ... to the authenticator The authenticator will embed the user ID into Radius Access Request command and send it to the authentication server for confirming its identity 6 After receiving the Radius Access Request the authentication server sends Radius Access Challenge to the supplicant for asking for inputting user password via the authenticator PAE 7 The supplicant will convert user password into t...

Page 98: ...de for the devices connected to this port once a supplicant is authorized the devices connected to this port can access the network resource through this port 802 1X Port based Network Access Control function supported by the switch is little bit complex for it just support basic Multihost mode which can distinguish the device s MAC address and its VID The following table is the summary of the com...

Page 99: ... Server RADIUS server IP address for authentication Default 192 168 1 1 Port Number The port number to communicate with RADIUS server for the authentication service The valid value ranges 1 65535 Default port number is 1812 Secret Key The secret key between authentication server and authenticator It is a string with the length 1 31 characters The character string may contain upper case lower case ...

Page 100: ...Indicate which port is selected to configure the 802 1X operation mode 802 1X Mode 802 1X operation mode There are two options including Disable and Multi host mode Default is Disable Disable It will have the chosen port acting as a plain port that is no 802 1X port access control works on the port 802 1X with Multi host In Multi host mode for the devices connected to this port once a supplicant i...

Page 101: ...an access the network without the admittance of 802 1X authenticator The Port Status will show the following screen Port Number The port number to be chosen to show its 802 1X Port Status The valid number is Port 1 8 Port Status The current 802 1X status of the port In Disable mode this field is disabled 802 1X with Multi host mode When selecting 802 1X with Multi host mode for a port in the funct...

Page 102: ...een the authentication server and the supplicant Default Auto reAuthMax 1 10 The number of authentication attempt that is permitted before the port becomes unauthorized Default 2 txPeriod 1 65535 s A time period to transmitted EAPOL PDU between the authenticator and the supplicant Default 30 Quiet Period 0 65535 s A period of time during which we will not attempt to access the supplicant Deafult 6...

Page 103: ...VigorSwitch G2080 User s Guide 97 ...

Page 104: ... trap information can be sent out in three ways including email mobile phone SMS short message system and trap The message will be sent while users tick the trap event individually on the web page shown as below Parameter description Trap Cold Start Warm Start Link Down Link Up Authentication Failure User login User logout STP STP Topology Changed STP Disabled STP Enabled LACP LACP Disabled LACP E...

Page 105: ...s will be sent out to SNMP Manager when trap event occurs After ticking trap events you can fill in your desired email addresses and mobile phone numbers Then please click Apply button to complete the alarm configuration It will take effect in a few seconds Note SMS may not work in your mobile phone system It is customized for different systems Parameter description Email Mail Server the IP addres...

Page 106: ...ion included default IP address the IP address will restore to default 192 168 1 1 as you use it The other is the function of Restore Default Configuration without changing current IP address the IP address will keep the same one that you had saved before by performing this function W Wo or rk ki in ng g C Co on nf fi ig gu ur ra at ti io on n It is the configuration you are using currently and ca...

Page 107: ... S Sa av ve e R Re es st to or re e S Sa av ve e A As s S St ta ar rt t C Co on nf fi ig gu ur ra at ti io on n Function name Save As Start Configuration Function description Save the current configuration as a start configuration file in flash memory ...

Page 108: ... memory R Re es st to or re e D De ef fa au ul lt t C Co on nf fi ig gu ur ra at ti io on n i in nc cl lu ud de es s d de ef fa au ul lt t I IP P a ad dd dr re es ss s Function name Restore Default Configuration includes default IP address Function description Restore Default Configuration function can retrieve the ex factory setting to replace the start configuration And the IP address of the swi...

Page 109: ...configuration However the switch s current IP address that the user set up will not be changed and will NOT be restored to 192 168 1 1 as well R Re es st to or re e U Us se er r C Co on nf fi ig gu ur ra at ti io on n Function name Restore User Configuration Function description Restore User Configuration function can retrieve the previous confirmed working configuration stored in the flash memory...

Page 110: ...ig files of Save As Start or Save As User via TFTP Parameter description Export File Path Export Start Export Save As Start s config file stored in the flash Export User Conf Export Save As User s config file stored in the flash Import File Path Import Start Import Save As Start s config file stored in the flash Import User Conf Import Save As User s config file stored in the flash ...

Page 111: ...in this function folder for device self diagnostics 2 2 1 19 9 1 1 D Di ia ag gn no os st ti ic cs s Function name Diagnostics Function description Diagnostics function provides a set of basic system diagnosis It let users know that whether the system is health or needs to be fixed The basic system check includes EEPROM test UART test DRAM test and Flash test ...

Page 112: ...ill report the port numbers failed If they all are ok it just shows OK Note Whatever you choose Internal Loopback Test or External Loopback Test these two functions will interfere with the normal system working and all packets in sending and receiving also will stop temporarily 2 2 1 19 9 3 3 P Pi in ng g T Te es st t Function name Ping Test Function description Ping Test function is a tool for de...

Page 113: ...way IP address of the default gateway 2 2 2 20 0 T TF FT TP P S Se er rv ve er r Function name TFTP Server Function description Set up IP address of TFTP server Parameter description Specify the IP address where the TFTP server locates Fill in the IP address of your TFTP server then press Apply button to have the setting taken effect ...

Page 114: ... Data Function description The Trap Log Data is displaying the log items including all SNMP Private Trap events SNMP Public traps and user logs occurred in the system In the report table No Time and Events are three fields contained in each trap record Parameter description No Display the order number that the trap happened Time Display the time that the trap happened Events Display the trap event...

Page 115: ...eld the IP address of your TFTP server should be filled in 2 Specifying what the filename and where the file is You must specify full path and filename Then press Upgrade button if your download is not successful the switch will also be back to Software Upgrade and it will not upgrade the software as well When download is completed the switch starts upgrading software A reboot message will be prom...

Page 116: ...t will take around thirty 30 seconds to complete the system boot Parameter description Save and Reboot Save the current settings as start configuration before rebooting the switch Reboot Reboot the system directly 2 2 2 24 4 L Lo og go ou ut t You can manually logout by performing Logout function In the switch it provides another way to logout You can configure it to logout automatically Function ...

Page 117: ...igorSwitch G2080 User s Guide 111 Auto Logout Default is ON If it is ON and no action and no key is stroke as well in any function screen more than 3 minutes the switch will have you logout automatically ...

Page 118: ...VigorSwitch G2080 User s Guide 112 ...

Page 119: ...a an n c co on nn ne ec ct t t to o C Co om mp pu ut te er r B B b bu ut t c ca an nn no ot t c co on nn ne ec ct t t to o C Co om mp pu ut te er r C C t th hr ro ou ug gh h t th he e M Ma an na ag ge ed d S Sw wi it tc ch h The network device of Computer C may fail to work Please check the link act status of Computer C on the LED indicator Try another network device on this connection The network...

Page 120: ...g gu ur re e t th he e M Ma an na ag ge ed d S Sw wi it tc ch h The Hyperterm is the terminal program in Win95 98 NT Users can also use any other terminal programs in Linux Unix to configure the Managed Switch Please refer to the user guide of that terminal program But the COM port parameters baud rate data bits parity bits flow control must be the same as the setting of the console port of the Ma...

Reviews:

No comments