manualshive.com logo in svg

EXTREME SWITCHING ISW 2-10/100T, Hardware Installation & User Manual

The EXTREME SWITCHING ISW 2-10/100T comes with a Hardware Installation & User Manual to help you set up and configure your switch with ease. The manual is available for free download on our website, providing detailed instructions and tips for maximizing the performance of your network.

Share
Download
background image

7. Select the 

IGMP

 version as 

server

.

802.1x Authentication Application Guide

IEEE 802.1x derives keys which can be used to provide per-packet authentication, integrity and
confidentially. Typically use along with well-known key derivation algorithms (e.g., TLS, SRP, 

MD5

(Message-Digest algorithm 5)

-Challenge, etc.). The ISW-Series supports 802.1x authentication function

per port (port1~port10). You should enable 802.1x function of the system, and choose ports and type
you want to apply. If you enable 802.1x authentication control for an Ethernet port, it should be
authenticated before using any service from the network.

802.1x Configuration Overview

Configuring RADIUS Server

1. Prepare a Linux PC with 

RADIUS (Remote Authentication Dial In User Service)

 server installed.

2. Edit secret key for RADIUS server using the following settings

client 20.20.20.0/24 {
.......secret = a1b2c3d4

}

Note
The secret in the ISW should be the same as this one.

3. Edit user name and password for supplicant to authenticate with server with the following settings:

test123.......Cleartext-Password := “test123”
aaaa.......Cleartext-Password := “aaaa”

802.1x Authentication Application Guide

ISW Application Guides

70

ISW Series Managed Industrial Ethernet Switch Hardware Installation & User Guide

Summary of Contents for ISW 2-10/100T

Page 1: ...ISW Series Managed Industrial Ethernet Switch Hardware Installation User Guide ISW 4 10 100P 2 10 100T 2 SFPISW 4GbP 2GbT 2 SFPISW 8 10 100P 4 SFPISW 8GbP 4 SFP 9034965 02 Rev AA November 2020...

Page 2: ...works and the Extreme Networks logo are trademarks or registered trademarks of Extreme Networks Inc in the United States and or other countries All other names including any product names mentioned in...

Page 3: ...onnection 23 Console Connection 24 System Reset 25 Connecting Logging in to the Switch 26 Web Browser Support 26 Monitoring the Ethernet Interface 27 Upgrading and Downgrading Software 27 Resetting Co...

Page 4: ...ower over Ethernet PoE Application Guide 74 Reserved Power Determination 74 Power Management Mode 75 Other PoE Parameters 76 PoE Power Scheduling Reset 77 Regulatory and Compliance Information 81 Fede...

Page 5: ...n pertains to a specific hardware product the product name is used When features functions and operations are the same across an entire product family such as ExtremeSwitching switches or SLX routers...

Page 6: ...square brackets are optional Default responses to system prompts are enclosed in square brackets x y z A choice of required parameters is enclosed in curly brackets separated by vertical bars You mus...

Page 7: ...failure A description of any actions already taken to resolve the problem A description of your network environment such as layout cable type other relevant environmental information Network load at t...

Page 8: ...n do so in three ways In a web browser select the feedback icon and complete the online feedback form Access the feedback form at https www extremenetworks com documentation feedback Email us at docum...

Page 9: ...roviding a more reliable and better quality services This guide covers installation for the following Industrial Switches ISW 4 10 100P 2 10 100T 2 SFP ISW 8 10 100P 4 SFP ISW 4GBP 2GBT 2 SFP ISW 8GBP...

Page 10: ...Faceplate and Panels Figure 1 4 Port PoE Series Faceplate Faceplate and Panels Industrial Series Switch Overview 10 ISW Series Managed Industrial Ethernet Switch Hardware Installation User Guide...

Page 11: ...and Alarm Gigabit Ethernet Copper Ports RJ45 Gigabit Ethernet SFP ports SFP Slots POE LED POE port status RR RS LED Device info status Industrial Series Switch Overview Faceplate and Panels ISW Serie...

Page 12: ...er line disconnect or does not have supply power Alarm On Red Alarm event occurs Off No alarm Copper ports Link Act On Green Ethernet link up but no traffic is detected Flashing Green Ethernet link up...

Page 13: ...ff No Redundant Master is enabled in the system RS Redundant Status On 1 If any Ring port links are down the RS LED will be ON 2 If the device has any of Redundant Master Ring Master Ring Coupling Bac...

Page 14: ...L2 wire speed non blocking switching engine MAC addresses 8K Jumbo frames 9K Bytes Copper RJ45 Ports Speed 10 100 1000 Mbps Technical Specifications Industrial Series Switch Overview 14 ISW Series Ma...

Page 15: ...EEE 802 1ad Double Tagging Q in Q Multicast protocols IGMP Internet Group Management Protocol v1 v2 IGMP snooping and querying Immediate leave and leave proxy Throttling and filtering LLDP Link Layer...

Page 16: ...ing Option 82 NTP SNTP Simple Network Time Protocol Yes Environmental Compliances Operating temperature range 40 to 75 C cold startup at 40 C Storage temperature range 40 to 85 C Humidity non condensi...

Page 17: ...ode 255 RADIUS Remote Authentication Dial In User Service Server 5 TACACS Server 5 MAC based VLAN Entry 256 IP subnet based VLAN Entry 128 Protocol based VLAN Group 125 Voice VLAN OUI 16 QCE 256 IP In...

Page 18: ...cting Logging in to the Switch on page 26 Monitoring the Ethernet Interface on page 27 Upgrading and Downgrading Software on page 27 Resetting Configuration Defaults via CLI Command on page 27 Resetti...

Page 19: ...ting the ISW Wall Attach the wall mounting plates with the screws provided in the accessory kit Installing Industrial Switches Mounting the ISW Wall ISW Series Managed Industrial Ethernet Switch Hardw...

Page 20: ...er Ethernet cable To connect the ISW copper port to an Ethernet device use UTP Unshielded Twisted Pair or STP Shielded Twisted Pair Ethernet cables The pin assignment of RJ45 connector is shown in Fig...

Page 21: ...ivers have options of multimode single mode long haul or special application transceivers Prepare a proper SFP module and install it into the optical port Then you can connect fiber optics cabling tha...

Page 22: ...gy Do not power up the laser product without connecting the laser to the optical fiber and putting the cover in position as laser outputs will emit infrared laser light at this point Connecting the Et...

Page 23: ...being loosened Note The DC power should be connected to a well fused power supply Figure 8 Power Supplies Power Connector 6P Terminal Block Input DC 12 58V PWR1 Power Input 1 PWR2 Power Input 2 ALM A...

Page 24: ...e switch use the supplied RJ45 male connector to RS232 DB9 female connector Connect the RJ45 connector to the switch s Console port shown in Figure 10 and then connect the DB9 connector to the PC COM...

Page 25: ...igure 11 Figure 11 Console Cable Pin Assignment System Reset The Reset button is provided to reboot the system without the need to remove power Under normal circumstances you will not have to use it H...

Page 26: ...the switch through the web interface see the ISW Series Managed Industrial Ethernet Switch Web Configuration Guide Web Browser Support Internet Explorer IE 7 or newer version with the following defaul...

Page 27: ...ing the upload process do not cold warm start device Instead wait for auto reboot and then the upgrade can complete Resetting Configuration Defaults via CLI Command If you want to reset the configurat...

Page 28: ...tion If you want to reset all configurations to the default 3 Go to Maintenance Configuration Activate 4 Select default config and then click Activate Configuration 5 Change PC s IP address belong to...

Page 29: ...ded within that VLAN and multicast frames and unknown unicast frames are flooded only to ports in the same VLAN VLAN Application Guide Example 1 Default VLAN Settings Each port in the ISW has a config...

Page 30: ...the untagged packet is marked tagged as it leaves the ISW through Port 2 which is configured as a tagged member of VLAN100 The untagged packet remains unchanged as it leaves the ISW through Port 7 whi...

Page 31: ...packets from Port 1 to Port 2 and Port 7 The ISW should tag it with VID 100 The packet has access to Port2 and Port 7 The outgoing packet is stripped of its tag to leave Port 7 as an untagged packet...

Page 32: ...100 switchport mode trunk exit Example 3 IEEE 802 1Q Tagging ISW is able to construct Layer 2 broadcast domain by identifying VLAN ID specified by IEEE 802 1Q It forwards a frame between bridge ports...

Page 33: ...o Port 2 and Port 7 The ISW should tag it with VID 200 The packet only has access to Port7 The outgoing packet on Port 7 is stripped of its tag as an untagged packet c Transmit unicast packets with VL...

Page 34: ...ace GigabitEthernet 1 7 switchport access vlan 100 switchport trunk allowed vlan 1 200 switchport trunk vlan tag native switchport mode trunk exit Security Application Guide ACL Access Control List fu...

Page 35: ...MAC address or both When it filters on both MAC address packets coincident with both rules will take effect In other words it does not do filter if it only coincident with one rule If you want to filt...

Page 36: ...ot pass through all packets but ACL entry of the profile binding Case 1 h Because the default ACL Rule of GE port is Deny Queue Mapping action has no sense We do not do this case Case 1 i Because the...

Page 37: ...bitEthernet 1 4 policy 1 vid 4 frametype etype smac 00 00 00 00 00 11 action deny exit interface GigabitEthernet 1 3 switchport trunk allowed vlan 4 5 switchport trunk vlan tag native interface Gigabi...

Page 38: ...he second to create a new ACL Profile after the first one profile name DenySomeMac 3 Create a new ACL Entry rule under this ACL profile Deny SrcMAC 13 and DesMAC 11 4 Bind this ACL profile to a GE por...

Page 39: ...et 1 4 switchport trunk allowed vlan 4 5 switchport trunk vlan tag nativevlan 4 exit Configuring One directional MAC Address with CoS Marking Action one VLAN and don t care Ether Type Web UI 1 Navigat...

Page 40: ...Commands access list ace 1 next 2 ingress interface GigabitEthernet 1 4 policy 1 vid 4 frametype etype smac 00 00 00 00 00 11 action deny exit interface GigabitEthernet 1 3 switchport trunk allowed v...

Page 41: ...ecurity Network ACL Access Control List 2 Create a new ACL Profile profile name CopyFrameTest 3 Create a new ACL Entry rule under this ACL profile SrcMAC 13 and DesMAC 11 4 Set analyzer port to enable...

Page 42: ...k allowed vlan 4 5 switchport trunk vlan tag native interface GigabitEthernet 1 4 switchport trunk allowed vlan 4 5 switchport trunk vlan tag native exit Configuring One directional MAC Address with O...

Page 43: ...gabitEthernet 1 4 policy 3 tag tagged vid 4 frametype etype smac 00 00 00 00 00 11 exit interface GigabitEthernet 1 3 switchport trunk allowed vlan 4 5 switchport trunk vlan tag native interface Gigab...

Page 44: ...rity Network ACL Access Control List 2 Create a new ACL Profile profile name AllowSomeMac 3 Create a new ACL Entry rule under this ACL profile allow SrcMAC 13 and DesMAC 11 4 Bind this ACL profile to...

Page 45: ...ort trunk allowed vlan 4 5 switchport trunk vlan tag native interface GigabitEthernet 1 4 switchport trunk allowed vlan 4 5 switchport trunk vlan tag native exit Configuring One directional MAC Addres...

Page 46: ...r this ACL profile SrcMAC 13 and DesMAC 11 4 Bind this ACL profile to a GE port PORT3 5 Save the entry Case 1 ACL for MAC Address ISW Application Guides 46 ISW Series Managed Industrial Ethernet Switc...

Page 47: ...directional MAC Address with Copy Frame Action don t care VLAN Ether Type CLI Commands access list ace 5 next 6 ingress interface GigabitEthernet 1 3 policy 5 frametype etype smac 00 00 00 00 00 13 dm...

Page 48: ...4 destination L4 port and 5 UDP or TCP Protocol You can select to filter on 1 4 for all or some specific values but it should select exact one Protocol from UDP or TCP When it filters on both directi...

Page 49: ...ng slave Ring it could be master or slave When role is ring master one ring port is forward port and another is block port The block port is redundant port It is blocked in normal state When role is r...

Page 50: ...cing chain member both ring ports are member port Both ring ports are forwarded in normal state Note 1 Enable group1 before configure group2 as coupling 2 When group1 or group2 is enabled the configur...

Page 51: ...one device supports a three ring index including Ring Chain single ring dual ring coupling dual homing chain and balancing chain Note 1 Enable group1 before configure group2 as coupling 2 When group1...

Page 52: ...on RingV2 2 Enable Index1 and select role as Ring Master 3 Select one port as a Forward Port and another as Block Port Configuring Ringv2 Web UI ISW Application Guides 52 ISW Series Managed Industrial...

Page 53: ...e Coupling Primary 1 Navigate to Configuration RingV2 2 Enable Index1 and select role as Ring Slave 3 Select two ports as Forward Ports 4 Enable Index2 and select role as Coupling Primary 5 Select one...

Page 54: ...3 Select two ports as Forward Ports 4 Enable Index2 and select role as Coupling Backup 5 Select one port as a Backup Port Configuring Dual Homing 1 Navigate to Configuration RingV2 Configuring Ringv2...

Page 55: ...d the other as Backup Port Chain Configuration Configuring Chain Member 1 Navigate to Configuration RingV2 2 Disable Index1 and Index2 and then enable Index3 3 Select role as Chain Member 4 Select two...

Page 56: ...ble Index1 and Index2 and then enable Index3 3 Select role as Chain Head 4 Select a member port and a head port for this chain head switch Chain Configuration ISW Application Guides 56 ISW Series Mana...

Page 57: ...Balance Chain Configuration Configuring Balance Chain Central Block 1 Navigate to Configuration RingV2 2 Disable Index1 and Index2 and then enable Index3 3 Select role as Balancing Chain Central Block...

Page 58: ...Index2 and then enable Index3 3 Select role as Balancing Chain Terminal 1 or 2 4 Select a member port and a terminal port for this balancing chain terminal switch Balance Chain Configuration ISW Appl...

Page 59: ...uling methods on each port Please find the detail reference on ISW user manual Default Priority and Queue mapping is as follows Priority0 Priority1 Priority2 Priority3 Priority4 Priority5 Priority6 Pr...

Page 60: ...Mac 00 00 00 00 20 02 Src Mac 00 00 00 00 10 02 Vlan 100 Vlan prio 7 Send rate 100Mbps Packet length 1518bytes Web Management 1 Navigate to Configuration Ports 2 Set port 2 link speed to 100Mbps full...

Page 61: ...ort trunk vlan tag native switchport mode trunk Example 2 SPQ with Shaping We send two Streams Stream0 Stream1 from port1 to port 2 Both streams each have 100 Mbps Stream0 includes VLAN Priority0 Stre...

Page 62: ...st Mac 00 00 00 00 10 01 Src Mac 00 00 00 00 20 01 Vlan 100 Vlan prio 0 Send rate 10Mbps Packet length 1518bytes Stream4 for Learning Dst Mac 00 00 00 00 10 02 Src Mac 00 00 00 00 20 02 Vlan 100 Vlan...

Page 63: ...schedule mode Strict Priority and set shaping rate for queue 0 and queue 7 as below ISW Application Guides Application Examples ISW Series Managed Industrial Ethernet Switch Hardware Installation User...

Page 64: ...switchport trunk allowed vlan 1 100 switchport trunk vlan tag native switchport mode trunk qos queue shaper queue 0 80000 qos queue shaper queue 7 20000 Application Examples ISW Application Guides 64...

Page 65: ...e IP multicast specification like ICMP Internet Control Message Protocol for unicast connections IGMP can be used for online video and gaming and allows more efficient use of resources when supporting...

Page 66: ...Example 1 ISW Application Guides 66 ISW Series Managed Industrial Ethernet Switch Hardware Installation User Guide...

Page 67: ...Flooding Enabled check box 4 If Multicast stream is from L3 switch then the uplink port must be Router Port Note If an aggregation member port is selected as a router port the whole aggregation will a...

Page 68: ...iguration IPMC VLAN Configuration 6 Select the Snooping Enabled check box 7 Set VLAN ID of port14 Example 2 ISW Application Guides 68 ISW Series Managed Industrial Ethernet Switch Hardware Installatio...

Page 69: ...14 be vlan200 member port 3 Navigate to Configuration IPMC VLAN Configuration 4 Select the Snooping Enable check box 5 Set VLAN ID of port14 6 If there is no querier on the L3 switch you have to selec...

Page 70: ...rol for an Ethernet port it should be authenticated before using any service from the network 802 1x Configuration Overview Configuring RADIUS Server 1 Prepare a Linux PC with RADIUS Remote Authentica...

Page 71: ...2 Select the IEEE802 1x Authentication Enable check box and then set EAP type to MD5 Challenge Authentication Behavior Supplicant should pass authentication process in order to use any service After s...

Page 72: ...curity Network NAS 2 Select Enabled mode to enable authentication 3 Set port1 and port2 as Port based 802 1x 4 Navigate to Configuration Security AAA RADIUS 802 1x Configuration Overview ISW Applicati...

Page 73: ...restart authentication after each Reauth Period when authentication success and ReAuth option is enabled 2 Quiet Period ISW will wait QuietPeriod to restart authentication process again when authenti...

Page 74: ...function on a port at certain time Maximum five time can be created in a week Reserved Power Determination There are three modes for configuring how the ports PDs may reserve power Class Mode In this...

Page 75: ...agement Mode There are two modes for configuring when to shut down the ports Actual Consumption In this mode the ports are shut down when the actual power consumption for all ports exceeds the amount...

Page 76: ...her PoE Parameters PoE Power Supply For being able to determine the amount of power the PD may use it must be defined what amount of power a power source can deliver Valid values are in the range 0 to...

Page 77: ...Power The Maximum Power value contains a numerical value that indicates the maximum power in watts that can be delivered to a remote device PoE Power Scheduling Reset The power scheduling is used to c...

Page 78: ...ontrol the power reset time on PoE port It is allowed to create at maximum five entries for each PoE port PoE Example 1 1 Parameter Setting Reserved Power determined Class Power Management Mode Actual...

Page 79: ...ameter Setting Reserved Power determined Allocation Power Management Mode Reserved Power Primary Power Supply 138 W all port reserved power 2 Port Maximum Power Port 1 30 W Port 2 Port8 15 4 W Total 1...

Page 80: ...Because power has reserved for each port in advance each powered device can use power budget of its corresponding port without exceeding its maximum power PoE Power Scheduling Reset ISW Application Gu...

Page 81: ...the user will be required to correct the interference at his own expense Warning Changes or modifications made to this device which are not expressly approved by the party responsible for compliance c...

Page 82: ...ty EN61000 6 4 Ind Emissions EN 61000 3 2 2014 EN 61000 3 3 2013 RCM Australia MSIP KCC Korea BSMI Taiwan Korea EMC Statement KCC BSMI EMC Statement Taiwan This is a Class A product In a domestic envi...

Page 83: ...f images BSS Basic Service Set is a wireless topology consisting of one access point connected to a wired network and a set of wireless devices Also called an infrastructure network See also IBSS Inde...

Page 84: ...then requests the identity of the user and transmits that identity to an authentication server such as RADIUS The server asks the access point for proof of identity which the access point gets from th...

Page 85: ...so called Michael is part of WPA and TKIP The MIC is an additional 8 byte code inserted before the standard 4 byte ICV appended in by standard WEP to the 802 11 message This greatly increases the diff...

Page 86: ...s used to synchronize the system clocks throughout the network An extension of NTP SNTP can usually operate with a single server and allows for IPv6 addressing SSL Secure Socket Layer is a protocol fo...

Reviews:

No comments

Related manuals for ISW 2-10/100T

JCG Q5 Quick Installation Manual preview
Q5
Brand: JCG Pages: 3
National Instruments NI 9265 Operating Instructions Manual preview
NI 9265
Brand: National Instruments Pages: 26
National Instruments NI 9203 User Manual And Specifications preview
NI 9203
Brand: National Instruments Pages: 85
National Instruments Module SCXI-1503 User Manual preview
Module SCXI-1503
Brand: National Instruments Pages: 79
Genie WONVR216P5 Quick Start Manual preview
WONVR216P5
Brand: Genie Pages: 15
Lucent Technologies Cajun P118LX Installation Manual preview
Cajun P118LX
Brand: Lucent Technologies Pages: 20
TDK InvenSense RoboKit1 Hardware Reference Manual preview
InvenSense RoboKit1
Brand: TDK Pages: 13
AMX NXA-ENET8POE Installation Manual preview
NXA-ENET8POE
Brand: AMX Pages: 2
Korenix JetNet 3508-LVDC User Manual preview
JetNet 3508-LVDC
Brand: Korenix Pages: 16
B&B Electronics EIP308 Product Information preview
EIP308
Brand: B&B Electronics Pages: 2
ANTAIRA LMP-1202M-SFP Series Quick Installation Manual preview
LMP-1202M-SFP Series
Brand: ANTAIRA Pages: 2
PairGain PG-Flex FLC-704 Manual preview
PG-Flex FLC-704
Brand: PairGain Pages: 20
ZyXEL Communications Comet 3356P-LAN User Manual preview
Comet 3356P-LAN
Brand: ZyXEL Communications Pages: 38
netsys NVF-2400S User Manual preview
NVF-2400S
Brand: netsys Pages: 164
Spirent A2-400 Installation Instructions Manual preview
A2-400
Brand: Spirent Pages: 22
EXAGATE SYSGuard 6001 Quick Installation Manual preview
SYSGuard 6001
Brand: EXAGATE Pages: 7
ALIBI ALI-NVR71128R User Manual preview
ALI-NVR71128R
Brand: ALIBI Pages: 232
TRENDnet TEW-WLC100P User Manual preview
TEW-WLC100P
Brand: TRENDnet Pages: 57

Brands by name

Popular brands

Load more brands