manualshive.com logo in svg

HP 1820, Management And Configuration Manual

Share
Download
HP 1820 Management And Configuration Manual Download Page 84

9-2

Security

Advanced Security Configuration

Figure 9-1. Advanced Security Configuration Page 

Table 9-1. Advanced Security Configuration Fields 

Field

Description

Storm Control Features

Storm Control

Storm control enables the rate-limiting of incoming unicast (with unknown destination), multicast, 

and broadcast traffic to prevent unnecessary congestion in the network. When enabled, the storm 
control threshold is automatically set to 5% of port speed. If the incoming rate of unicast (with 
unknown destination), multicast, or broadcast packets exceeds this value, the port discards the excess 

traffic until the rate for that particular packet type falls below the threshold.

Note

: The threshold percentage is translated to a packets-per-second value that is used by the switch 

hardware to rate-limit the incoming traffic. This translation assumes a nominal 512 byte packet size 
to determine the packets-per-second threshold based on the port speed. For example, the 5% threshold 

applied to a 1 Gbps port equates to approximately 11748 packets-per-second, regardless of the actual 
packet sizes being received by the port. Each of the three storm control packet types is rate-limited 
independently.

Auto Dos Features

Auto DoS

Enable this option to enable all the DoS prevention mechanisms with default values. Enabling this 

feature makes all the fields in the remainder of the table inaccessible (grayed-out). When disabled, 
you can individually turn on and off the DoS features and change their default values. This feature 
and all the individual DoS protections are disabled by default.

Prevent Land 

Attack

Enable this option to drop packets for which the source IP address equals the destination IP address.

Prevent TCP 
Blat Attack

Enable this option to drop packets for which the TCP source port equals the TCP destination port.

Prevent UDP 
Blat Attack

Enable this option to drop packets that have a UDP source port equal to the UDP destination port.

Prevent Invalid 

TCP Flags 
Attack

Enable this option to drop packets that have TCP Flags SYN and FIN set.

Summary of Contents for 1820

Page 1: ...HP 1820 Switches Management and Configuration Guide ...

Page 2: ......

Page 3: ...HP 1820 Switches Management and Configuration Guide October 2016 ...

Page 4: ...o HP and on no other or additional terms The Open Source Software modules and make files contained in the Software are available for HP in the form of a compact disk CD The CD includes the original package original source files plus the make files as well as a patch file that accounts for the modification made from the original source code To receive the CD HP charges a small fee in order to cover...

Page 5: ...pporting a network using HP 1820 series switch software An understanding of the software specifications for the networking device platform and a basic knowledge of Ethernet and networking concepts are presumed About Your Switch Manual Set The switch manual set includes the following Quick Setup Guide a printed guide shipped with your switch Provides illustrations for basic installation and setup g...

Page 6: ...es 16000 entries for 48 port switches SNTP server configuration 1 Time zones count 91 Jumbo frame size 9216 bytes Soft session web session timeout 1 min 60 min Hard session web session timeout 1 Hr 168 Hrs Trunk configuration 1820 8G 1820 8G PoE 4 Trunk configuration 1820 24G 1820 24G PoE 8 Trunk configuration 1820 48G 16 Trunk membership ports 1820 8G 1820 8G PoE 1820 24G 1820 24G PoE 4 Trunk mem...

Page 7: ...1 5 Graphical Switch 1 5 2 Dashboard 3 Setup Network Get Connected 3 1 System Time Pages 3 4 Time Zone Summary 3 4 Time Configuration 3 6 Time Zone Configuration 3 8 Daylight Saving Time Configuration 3 9 4 Switching Features Port Configuration 4 1 Port Status 4 1 Port Summary Statistics 4 3 Port Mirroring 4 5 Jumbo Frames 4 7 Flow Control 4 8 Spanning Tree 4 9 Global STP Settings and Port Status ...

Page 8: ...mary 7 6 LLDP Global Statistics 7 7 LLDP MED Global Configuration 7 9 LLDP MED Local Device Summary 7 11 LLDP MED Remote Device Summary 7 12 Displaying Remote Device Details 7 12 8 Power Over Ethernet PoE Capabilities 8 1 PoE Configuration 8 2 PoE Port Configuration 8 3 Modifying Port PoE Settings 8 4 Viewing PoE Port Details 8 5 PoE Port Schedule 8 6 Configuring an Absolute Time Period 8 7 Adding...

Page 9: ...n 11 3 Ping Test 11 5 Reboot Switch 11 6 Factory Defaults 11 6 Support File 11 7 Locator 11 8 MAC Table 11 9 12 Maintenance Pages Password Manager 12 1 Backup and Update Manager 12 2 Backing Up Files 12 2 Updating Files 12 3 Dual Image Configuration 12 5 ...

Page 10: ...viii ...

Page 11: ...tor to be in the same subnet as the switch Example Set it to IP address 192 168 1 2 mask 255 255 255 0 4 Enter the IP address shown above in the web browser See page 1 3 for web browser requirements Thereafter use the web interface to configure a different IP address or configure the switch as a DHCP client so that it receives a dynamically assigned IP address from the network Note If you enable D...

Page 12: ...nd Browser Support The following operating systems and browsers with JavaScript enabled are supported Operating System Browser Windows 7 Internet Explorer 9 10 Firefox 25 Chrome 30 Windows 8 Internet Explorer 10 Firefox 25 Chrome 30 MacOS X 10 9 Firefox 25 Chrome 30 Safari 7 ...

Page 13: ...g on through the web interface 1 Open a web browser and enter the IP address of the switch in the web browser address field 2 On the Login page enter the username and password if one has been set and then click Log In By default the username is admin and there is no password After the initial log on the administrator may configure a password Note To set the password or change the username see Pass...

Page 14: ... and when you click Dashboard in the navigation pane See Dashboard on page 2 1 for more information You can click the Setup Network link beneath Dashboard to display the Get Connected page which you use to set up a management connection to the switch See Get Connected on page 3 1 for more information The graphical switch displays summary information for the switch LEDs and port status For informat...

Page 15: ...nently click on the upper right side of the page Note that when there are unsaved changes the button displays a file image A page displays to confirm that you want to save followed by a page that confirms that the operation was completed successfully Graphical Switch The graphical switch shown in Figure 1 3 displays at the top of the page as a representation of the physical switch to provide statu...

Page 16: ...0 100 1000 Mbps RJ45 port has two single color LEDs that reflect the status of the actual LEDs on the switch The upper LED indicates the link activity status and the lower LED indicates the mode speed The Link Act LED status can be one of the following On A self test is being performed on the port Blinking The port has network activity Off The port has no active network cable connected is not rece...

Page 17: ...n the IP address for management access and the software and operating system versions This page also shows resource usage statistics This page is displayed when you first log on or when you click Dashboard in the navigation pane Figure 2 1 Dashboard Page If you update the name location or contact information click Apply to save any changes for the current boot session The changes take effect immed...

Page 18: ...field is blank by default System Object ID The base object ID for the switch s enterprise MIB System Up Time The time in days hours and minutes since the last switch reboot Current Time The current time in hours minutes and seconds as configured 24 or 12 hr AM PM format by the user Date The current date in month day and year format Device Information Software Version The version of the code runnin...

Page 19: ... management port for the network interface The configuration parameters associated with the switch s network interface do not affect the configuration of the front panel ports through which traffic is switched or forwarded except that for the management port the port VLAN ID PVID will be the management VLAN To display the Get Connected page click Setup Network Get Connected In the example configur...

Page 20: ...Address The burned in universally administered MAC address of this switch Web Parameters Session Timeout Specify the amount of time in minutes that a connection to the web interface remains active assuming no user activity The range is 1 to 60 and the default is 5 minutes To keep the connection active regardless of user activity set this value to 0 CAUTION When a session window is closed without l...

Page 21: ...ntconnectivity in case of an accidental change in VLAN membership If no management port is specified then all ports that are members of the management VLAN provide access to the switch management interface If a management port is configured access to the switch is restricted to that port For example if VLAN 1 is the management VLAN and port 10 is the management port other ports that are members of...

Page 22: ...Time Zone Summary Fields Field Description Current Time Time The current time This value is determined by an SNTP server When SNTP is disabled the system time increments from 00 00 00 1 Jan 1970 which is set at bootup Date The current date Time Source The source from which the time and date is obtained SNTP The time has been acquired from an SNTP server No Time Source The time has been either manu...

Page 23: ...DST is enabled and the mode of operation No Daylight Saving Time No clock adjustment will be made for DST default Recurring Every Year The settings will be in effect for the upcoming period and subsequent years Non Recurring The settings will be in effect only for a specified period during the year i e they will not carry forward to subsequent years If DSTis enabled and thecurrent timeis withinthe...

Page 24: ...g SNTP ensures accurate network device clock time synchronization up to the millisecond Time synchronization is performed by a network SNTP server The software operates only as an SNTP client and cannot provide time services to other systems To display the Time Configuration page click Setup Network System Time in the navigation pane and click the Time tab Figure 3 3 Time Configuration Page ...

Page 25: ...at the switch last attempted to obtain the time from this server Last Update Status The status of the last update request to the SNTP server which can be one of the following values Other None of the following values apply or no message has been received Success The SNTP operation was successful and the system time was updated Request Timed Out A SNTP request timed out without receiving a response...

Page 26: ...me Zone Configuration Page Table 3 4 Time Zone Configuration Fields Click Apply to save any the changes for the current boot session The changes take effect immediately Field Description Time Zone Select the time zone for your location The default is GMT Greenwich Mean Time Dublin Edinburgh Lisbon London Acronym Specify an acronym for the time zone The acronym can have up to four alphanumeric char...

Page 27: ...ng Time DST occurs within your time zone When configured the system time adjusts automatically one hour forward at the start of the DST period and one hour backward at the end To display the Daylight Saving Time page click Setup Network System Time in the navigation panel and click the Daylight Saving Time tab Figure 3 5 Daylight Saving Time Configuration Page ...

Page 28: ...nt years When a DST mode is enabled the clock will be adjusted one hour forward at the start of the DST period and one hour backward at the end Date Range Set the following to indicate when the change to DST occurs and when it ends These fields are editable when Non Recurring is selected as the DST mode Start End Date Use the calendar to set the day month and year when the change to from DST occur...

Page 29: ...guration pages to display port status configure port settings and view statistics on packets transmitted on the port Port Status The Port Status page displays the operational and administrative status of each port and enables port configu ration To view this page click Switching Port Configuration in the navigation pane Figure 4 1 Port Status Page ...

Page 30: ...roring All ports are normal ports by default Trunk Member The port is a member of a trunk Mirrored The port is configured to mirror its traffic ingress egress or both to another port the probe port Probe The port is configured to receive mirrored traffic from one or more source ports Port Status The physical status Link Up or Link Down of the link at the port Physical Mode Displays whether Auto ne...

Page 31: ...e Port Summary Statistics page click Switching Port Configuration in the navigation pane and select the Statistics tab Figure 4 3 Port Summary Statistics Page Field Description Interface The interface or interfaces to be configured Admin Mode Select Enabled to make the port accessible on the network or Disabled to prevent the port from receiving or forwarding packets Physical Mode Select the duple...

Page 32: ...ved Packets The count of Broadcast packets received on the port Transmitted Packets w o Error The number of packets transmitted out of that port with out any packet errors Transmitted Packets with Error The number of packets transmitted out of the port with packet errors Collisions The number of packet collisions Transmitted Pause Frames The number of Ethernet pause frames transmitted This informa...

Page 33: ...data While a port is used as the destination port for mirrored data the port cannot be used for any other purpose the port will not receive and forward traffic To display the Port Mirroring page click Switching Port Mirroring in the navigation pane Figure 4 4 Port Mirroring Page Table 4 4 Port Mirroring Fields If you change these settings click Apply to save any changes for the current boot sessio...

Page 34: ... or vice versa Ports that are included as part of a trunk cannot be selected individually as source ports but trunks can be selected as source ports The port selected as the Destination Port is greyed out and unavailable for selection Direction Select the type of traffic to mirror to the port Tx Rx All packets transmitted and received on the source port are mirrored Rx Only packets received on the...

Page 35: ...AN header to 9216 bytes If it is enabled any device connecting to the same broadcast domain should also support jumbo frames To display the Jumbo Frames page click Switching Jumbo Frames in the navigation pane Figure 4 6 Jumbo Frames Page Select Enabled to configure the switch to forward jumbo frames up to 9216 bytes If you change this setting click Apply to save the new value The change takes eff...

Page 36: ...peed switch refrain from sending packets Transmissions are temporarily halted to prevent buffer overflows Note Flow control works well when the Link Speed is auto negotiated Use the Flow Control page to enable or disable this functionality It is disabled by default and can be enabled globally on all switch ports To display the Flow Control page click Switching Flow Control in the navigation pane F...

Page 37: ...PDUs to communicate changes in the network topology and to provide information that helps determine the optimal paths between network segments HP 1820 series switches support STP versions IEEE 802 1D STP and 802 1w Rapid STP or RSTP RSTP reduces the convergence time for network topology changes to about 3 to 5 seconds from the 30 seconds or more for the IEEE 802 1D STP standard RSTP is intended as...

Page 38: ...ree Bridge Configuration Spanning Tree Click Enabled to enable the Spanning Tree protocol mode on all ports This feature is disabled on all ports by default Protocol Version Select the protocol version to use STP 802 1D This is the default selection RSTP 802 1w Max Age The maximum number of seconds after which BPDU information is considered to be aged out or invalid An expired Max Age parameter is...

Page 39: ...h of those interfaces This feature is disabled by default Spanning Tree Interface Status The following fields list the interfaces on which the feature is enabled See Table 4 7 on page 4 14 for descriptions of these features Root Bridge Identifier The bridge ID of the root bridge for the spanning tree The identifier is made up of the bridge priority and the base MAC address When electing the root b...

Page 40: ...The port is blocked to prevent network loops Listening The port sends and receives BPDUs and evaluates information to provide a loop free topology This state occurs during network convergence and is the first state in transitioning to the forwarding state Learning The port learns the MAC addresses of frames it receives and begins to populate the MAC address table This state occurs during network c...

Page 41: ...e or more interfaces select the interfaces on the Spanning Tree Configuration page and click Edit Figure 4 9 Edit Spanning Tree Port Configuration Page The Edit Spanning Tree Port Configuration page enables you to configure settings and view status and statistics for the selected interfaces ...

Page 42: ... ensure that the desired interfaces are operating as edge ports by enabling the Admin Edge Port mode for each of those interfaces This feature is disabled by default BPDU Flood When enabled on a port if the port receives a BPDU packet and STP is disabled on the port the BPDU is flooded to all switch ports that are also disabled for spanning tree This feature is enabled by default Root Guard When e...

Page 43: ... number of times the topology of the spanning tree has changed Time Since Last Change The time that has passed since the last spanning tree topology change This value is reset to zero when the switch is reset Loop Inconsistent State Identifies whether the interface is currently in a loop inconsistent state An interface transitions to a loop inconsistent state if loop guard is enabled and the port ...

Page 44: ...A6 When an interface receives a loop protection PDU it compares the source MAC address with its own If the MAC addresses match a loop is detected and a configured action is taken which may include shutting down the port for a specified period An interface can be configured to receive and take action in response to loop protection PDUs but not to send out the PDUs itself Ports on which loop protect...

Page 45: ...n for the configured period Shutdown Port and Log The event will be logged and the port it shut down for the configured period Log Only The event will be logged and the port remains operational Tx Mode Indicates whether the interface is configured Enabled to send out loop protection protocol data units PDUs to actively detect loops When Disabled the interface does not send out loop protection PDUs...

Page 46: ...op Protection Port Configuration Page Field Description Loop Protection Select Enabled or Disabled to administratively enable or disable this feature globally on the switch This feature is disabled by default Transmission Time The interval at which the switch sends loop protection PDUs on interfaces that are enabled to send them The range is 1 to 10 seconds and the default is 5 seconds Shutdown Ti...

Page 47: ...abled on trunks that are dynamically formed through LACP Action Select the action to occur when a loop is detected on a port with loop protection enabled Shutdown Port The port will be shut down for the configured period This is the default selection Shutdown Port and Log The event will be logged and the port it shut down for the configured period Log Only The event will be logged and the port rem...

Page 48: ...ting the traffic to all ports which could affect network performance When enabled the switch supports IGMPv1 and IGMPv2 To enable IGMP snooping and view global status information click Switching IGMP Snooping in the navigation pane Figure 4 13 IGMP Snooping Page Table 4 11 IGMP Snooping Fields If you change the Admin Mode click Apply to save the changes for the current boot session The changes tak...

Page 49: ...ortion of the tag in which case the first switch port to receive the packet may either reject it or insert a tag using its default VLAN ID A given port may handle traffic for more than one VLAN but it can only support one default VLAN ID HP 1820 series switches support up to 64 VLANs Viewing VLAN Status and Adding VLANs Use the VLAN Status page to view information on VLANs currently defined on the...

Page 50: ...r with preceding zeroes as needed To change the VLAN name select it on the VLAN Status page and click Edit On the Edit VLAN Configuration page specify the new name consisting of 0 to 32 alphanumeric characters and click Apply Field Description VLAN ID The numerical VLAN identifier VID assigned to the VLAN from 1 to 4093 Note VLAN 0 VID 0x000 in a frame is reserved and is used to indicate that the ...

Page 51: ...ship page configure the Participation Tagging setting to specify whether the ports are excluded from the VLAN or are included as a tagged or untagged member Consider the following guidelines when editing VLAN port memberships and settings Field Description VLAN ID Select the VLAN ID for which you want to view interface memberships Interface The port or trunk ID Participation Tagging The current me...

Page 52: ...ort will be unable to access the switch management interface Ports belonging to a trunk cannot be assigned membership in a VLAN although the trunk itself can be a member of one or more VLANs When a member port is added to a trunk it loses any previous VLAN memberships and acquires those of the trunk When deleted from a trunk a port loses the VLAN memberships of the trunk and acquires untagged memb...

Page 53: ...all ports which is the VLAN ID of the default VLAN VLAN 1 Port Priority The default 802 1p priority assigned to Layer 2 untagged packets arriving at the port A value of 0 the default indicates the lowest priority commonly used for routine traffic and 7 indicates the highest priority often reserved for application such as voice and video The eight port priorities are internally mapped to four class...

Page 54: ...5 6 Virtual LAN VLAN Port Configuration ...

Page 55: ...e 8 and 24 port switches each trunk can support up to four trunk members and on the 48 port switches each trunk can support up to eight members Note Trunks are sometimes referred to as link aggregation groups LAGs Trunk Configuration You can use the Trunk Configuration page to view and edit trunks The number of trunks on the system is fixed and all trunks are disabled by default You can enable dis...

Page 56: ...ta Units LACPDUs with links in the trunk The PDUs contain information about each link and enable the trunk to maintain them Static Static trunks are assigned to a bundle by the administrator Members do not exchange LACPDUs A static trunk does not require a partner system to be able to aggregate its member ports This is the default port type Note that the loop protection feature is not supported on...

Page 57: ...the currently selected trunk The changes take effect immediately Field Description STP Mode The spanning tree protocol STP mode of the trunk When enabled the trunk participates in the STP operation to help prevent network loops This feature is enabled on all trunks by default Load Balance The hashing algorithm used to distribute traffic load among the physical ports of the trunk while preserving t...

Page 58: ... user created name for the trunk Type The interface type which is either Port Channel a trunk or Member Port a physical port Flap Count The number of times the interface has gone down The counter for a member port is incremented when the physical port is either manually shut down by the administrator or when its link state is down When a trunk is administratively shut down the flap counter for the...

Page 59: ...d by stations implementing the receive function The transmit and receive functions can be enabled and disabled separately per port By default both functions are enabled on all ports LLDP MED is an extension of the LLDP standard LLDP MED uses LLDP s organizationally specific Type Length Value TLV extensions and defines additional TLVs that make it easier for a VoIP deployment in a wired or wireless...

Page 60: ...h is used to compute the time to live TTL value associated with LLDPDUs The range is from 2 to 10 and the default is 4 Re Initialization Delay Specify the number of seconds to wait before attempting to re initialize LLDP on a port after the LLDP operating mode on the port changes The range is from 1 to 10 seconds and the default is 2 seconds Notification Interval Specify the minimum number of seco...

Page 61: ...ettings on all interfaces Receive The LLDP receive mode on the interface If the receive mode is enabled the device can receive LLDPDUs from other devices Notify Enable to have LLDP generate a log file entry Transmit Management Information The status of the LLDP remote data change notification on the interface When enabled the interface sends notifications when a link partner device is added or rem...

Page 62: ...ld Description Local Device Summary Chassis ID The hardware platform identifier for the device Chassis ID Subtype The type of information used to identify the chassis Capabilities Supported The primary function s the device supports Capabilities Enabled The primary function s the device supports that are enabled Interface Description Interface The interface ID Port ID The port identifier which is ...

Page 63: ...able 7 4 LLDP Local Device Information Fields Field Description System Name The user configured system name for the device The system name is configured on the Dashboard page System Description The device description which includes information about the product model and platform Management Address The address suchas an IP address associatedwiththe management interface of the device Management Add...

Page 64: ...ifier assigned to the remote system that sent the LLDPDU Chassis ID The hardware platform ID for the remote system Port ID The physical address of the port on the remote device that sent the LLDP data Port Description The port description configured on the remote device If the port description is not configured the field is blank System Name The system description configured on the remote device I...

Page 65: ...tistics The Link Layer Discovery Protocol LLDP Statistics page displays summary and per port information for LLDP and LLDP MED frames transmitted and received on the switch To display the LLDP Global Statistics page click LLDP Statistics in the navigation pane Figure 7 5 LLDP Statistics Page ...

Page 66: ... not be entered into tables associated with the remote systems because of insufficient resources Age Outs The number of times the complete set of information advertised by a particular MSAP has been deleted from tables associated with the remote systems because the information timeliness interval has expired Time Since Last Update Time when an entry was created modified or deleted in the tables as...

Page 67: ... serial asset number ToviewandconfigureglobalLinkLayerDiscoveryProtocol MediaEndpointDiscovery LLDP MED settings click LLDP MED Configuration in the navigation pane Figure 7 6 LLDP MED Global Configuration Page The following global settings display Table 7 7 LLDP MED Global Configuration Fields If you change the Fast Start Repeat Count click Apply to save any changes for the current boot session T...

Page 68: ... LLDP MED transmit and receive functions are effectively enabled on the interface This feature is enabled by default Notification Status Indicates whether LLDP MED topology change notifications are enabled or disabled on the interface This feature is disabled by default Operational Status Indicates whether the interface is configured to transmit TLVs To transmit TLVs the interface must be enabled ...

Page 69: ...formation that is advertised by the switch interfaces when they are enabled for LLDP MED To display this page click LLDP MED Local Devices in the navigation pane Figure 7 7 LLDP MED Local Device Summary Page Table 7 9 LLDP MED Local Device Summary Fields Field Description Interface The trunk or port ID Port ID The interface identifier which is its physical address ...

Page 70: ...mation about a remote device select the interface that received the LLDP MED data and click Details Field Description Interface The local interface that has received LLDP MED data units from remote devices Remote ID The client identifier assigned to the remote system that sent the LLDP MED data unit Device Class The MED Classification advertised by the TLV from the remote device The following thre...

Page 71: ...onal fields appear on the LLDP MED Remote Device Information page Field Description Supported Capabilities The supported capabilities that were received in the MED TLV on this interface Enabled Capabilities The supported capabilities on the remote device that are also enabled Device Class The MED Classification advertised by the TLV from the remote device ...

Page 72: ...s the information in the inventory TLVs received in the LLDP MED frames on this interface Hardware Revision The hardware version advertised by the remote device Firmware Revision The firmware version advertised by the remote device Software Revision The software version advertised by the remote device Serial Number The serial number advertised by the remote device Manufacturer Name The name of the...

Page 73: ...mote PoE powered device Required If the remote device is a PoE device this field details the remote ports PD power requirement in Watts Source If the remote device is a PoE device this field details the remote ports PoE PD power source Priority If the remote device is a PoE device this field details the remote ports PD power priority Field Description ...

Page 74: ...7 16 Link Layer Discovery Protocol LLDP and LLDP MED LLDP MED Remote Device Summary ...

Page 75: ...ity ports before lower priority ports Power allocation can be scheduled so that power is supplied only during periods when the PD is actually in use PoE Capabilities The HP 1820 PoE enabled switches support the original PoE specification IEEE 802 3af and the PoE Plus specification IEEE 802 1at IEEE 802 3af enables providing up to 15 4W of power over a PoE port whereas PoE Plus enables providing up...

Page 76: ... power Faulty The PoE functionality is not operational Total Power Watts The total power in watts that can be provided by the switch Power Consumption Watts The amount of power in watts currently being consumed by connected PoE devices Power Management Mode Select the method by which the PoE controller determines supplied power Possible values are Static The power allocated to each port is reserve...

Page 77: ...is available on this port Options are None Source power is available at all times subject to the port priority This is the default selection Schedule 1 Source power is available during the configured first schedule Schedule 2 Source power is available during the configured second schedule You can configure schedules on the PoE Port Schedule page High Power Mode When enabled the port supports the o...

Page 78: ...power limit also displays next to this value When High Power Mode is enabled the maximum value is 30W When High Power Mode is disabled the maximum value is 15 4W The Power Limit field is available on the Edit PoE Port Configuration page Status The status of the port as a provider of power over Ethernet Such devices are referred to as power sourcing equipment PSE Possible values are Disabled The PS...

Page 79: ...providing up to 15 4W of power Max Configurable Power If the Power Limit Type for the port is User user defined this field displays the configured power limit If the Power Limit type is set to Class then Class displays Class If the Power Limit Type is set to Class this field displays the class of the connected device as learned in LLDP messages Possible values are Unknown and Class 0 through Class...

Page 80: ...ady exists for the selected schedule Field Description Schedule Select Schedule 1 or Schedule 2 to display information on time periods configured for the schedule if any Entry Type The type of time period entry which is one of the following Absolute A single time period that occurs once or has an undefined start or end period The duration of an absolute entry can be hours days or even years Each t...

Page 81: ...only when the Start Time option is selected Starting Time of Day Specify the time of day that the entry becomes active by entering the information in the field or by using the scroll bar in the Choose Time window which displays when you click the field You can click Now to use the current time of day Click Done to close the window End Time Select this option to configure values for the End Date an...

Page 82: ...are autoselected to correspond to your choice in the Applicable Days field If you selected Days of Week you can hold down the Ctrl key to select multiple days Starting Time of Day Specify the time of day that the entry becomes active by entering the information in the field or by using the scroll bar in the Choose Time window which displays when you click the field You can click Now to use the cur...

Page 83: ...egradation The software includes Storm Control protection for unicast traffic with an unknown destination and for broadcast and multicast traffic Auto Denial of Service DoS protections A DoS attack is an attempt to saturate the switch with external communication requests to prevent the switch from performing efficiently or at all You can enable Auto DoS protection that prevents common types of DoS...

Page 84: ...edontheportspeed Forexample the5 threshold applied to a 1 Gbps port equates to approximately 11748 packets per second regardless of the actual packet sizes being received by the port Each of the three storm control packet types is rate limited independently Auto Dos Features Auto DoS Enable this option to enable all the DoS prevention mechanisms with default values Enabling this feature makes all ...

Page 85: ...ternet Explorer and Mozilla Firefox maintain data on trusted CAs After validating the CA the browser and switch negotiate the highest level of security available to both The browser uses the public key to encrypt a random number and send it to the switch The switch uses a private key stored in memory not advertised on the certificate to decrypt it From this process thebrowserandswitchdetermineanal...

Page 86: ... field is Present you can click to delete the existing certificate If you enable or disable HTTPS Admin Mode or change the timeout settings click Apply to save the changes for the current boot session The changes take effect immediately Field Description HTTP Admin Mode Enable the Administrative mode of HTTP This feature is enabled by default and can only be disabled when the HTTPS Admin mode is e...

Page 87: ...The Upload Certificates page displays Figure 9 3 Upload Certificates 3 Select one of the following from the File Type field SSL Trusted Root Certificate PEM File A PEM encoded SSL certificate that has been digitally signed by a certificate authority SSL Server Certificate PEM File A PEM encoded SSL certificate that has been signed by another server SSL DH Weak Strong Encryption Parameter PEM File ...

Page 88: ...9 6 Security Secure Connection ...

Page 89: ...EE 802 3az task force These features are designed to reduce per port power usage by shutting down ports when no link is present or when activity is low Green Features Configuration To display the Green Features configuration page click Green Features EEE Configuration in the navigation pane Figure 10 1 Green Features ...

Page 90: ...is down the PHY automatically goes down The port wakes up when it senses activity on the link This features enables saving power consumption when no link partner is present This feature is disabled by default Low Power Idle EEE EEE Energy Efficient Ethernet is designed to save power by turning off network ports that are not passing traffic EEE works for ports in auto negotiation mode where the por...

Page 91: ...an use the EEE status page to view estimated power savings and power consumption information This page also displays status information for each interface To display the EEE status page click Green Features EEE Status in the navigation pane Figure 10 2 EEE Status Page ...

Page 92: ...rts Per Port Status Interface The interface ID If EEE is not enabled then no interfaces display Link Partner Supports EEE Displays Yes if the interface has received EEE messages called Type Length Values or TLVs from a link partner or No if it has not Auto Port Power Down Status The current operational state of Auto Port Power Down mode Wakeup Time Negotiated by LLDP Indicates whether the EEE wake...

Page 93: ...essage is deleted from the RAM when a new message is added If the system restarts all messages are cleared The Log page displays the 100 most recent system messages such as configuration failures and user sessions The newest log entry by default is displayed at the bottom of the list Note If more than 100 messages accumulate their Log Index numbers continue to increment beyond 100 and the oldest e...

Page 94: ...essed archive The following information displays in the Buffered Log table Table 11 1 Buffered Log Fields Field Description Log Index The log number Log Time Time at which the log was entered in the table Severity The severity level associated with the log message The severity can be one of the following Emergency 0 The device is unusable Alert 1 Action must be taken immediately Critical 2 The dev...

Page 95: ...stem messages to the buffered log file or forwarding messages over the network using the Syslog protocol Syslog messages can be captured by a designated host on the network that is running a Syslog daemon You can use the Log Configuration page to configure buffered log and Syslog settings To display the Log Configuration page click Diagnostics Log Configuration in the navigation pane Figure 11 2 L...

Page 96: ...Notifies the user of a system error Info Provides the user with system information This is the default filter level Debug An internal note to reconcile programming code SysLog Configuration SysLog Host Enables and disables logging to configured syslog hosts When the syslog admin mode is disabled the device does not relay logs to syslog hosts and no messages are sent to any collector relay When ena...

Page 97: ...efault is 3 seconds Size Specify the size of the ping packet to be sent Changing the size allows you to troubleshoot connectivity issues with a variety of packet sizes such as large or very large packets The range is from 0 to 13000 bytes and the default is 0 bytes Status The current status of the ping test which can be one of the following Not Started The ping test has not been initiated since vi...

Page 98: ...lts You can use the Reset Configuration page to restore all settings to their factory default values All configuration changes including those that were previously saved are reset in the running system by this action If the switch is configured to use DHCP to acquire its IP address the address may change upon restart you will need to determine the address before logging back in to the management u...

Page 99: ... along with date and time information Device Information Software and OS versions System Resource Usage CPU and memory usage data Image Status and Image Description The active and backup image status and versions Buffered Log and Configuration Messages and logging configuration details Syslog Configuration Syslog status and remote port and address information Time Configuration and Time Zone SNTP ...

Page 100: ...ion Global settings and per port LLDP configuration and activity Loop Protection Status Per interface configuration and statistics Spanning Tree Bridge and Interface Status Global and per port configuration and status Green Features EEE Configuration Global and per port enable disable status and power consumption data PoE Configuration On switches that support PoE global and per port configuration...

Page 101: ...MAC Table Page Table 11 4 MAC Table Fields Field Description Maximum Entries Supported The maximum number of MAC address entries that can be learned on the switch The 8 and 24 port switches support a maximum of 8 000 entries and the 48 port switches support a maximum of 16 000 entries VLAN ID The VLAN or VLANs with which the MAC address is associated MAC Address A unicast MAC address for which the...

Page 102: ...age out when it is not in use Dynamic addresses are learned by examining information in incoming Ethernet frames Management The burned in MAC address of the switch Self The MAC address belongs to one of the physical interfaces on the switch Other The address was added dynamically through an unidentified protocol or method Unknown The switch is unable to determine the status of the entry Field Desc...

Page 103: ... click Apply to save your changes At the next log on use the new password Field Description Username A unique ID or name used to identify the administrative user account A change in the username is effective the next time you attempt to log into the switch Current Password There is no password by default Passwords must be at least 8 characters but no more than 64 characters long Passwords are case...

Page 104: ...ng newer files from a remote system Files can be backed and updated up using either HTTP or TFTP To display this page click Maintenance Backup and Update Manager in the navigation pane Figure 12 2 File Transfer Page Backing Up Files To back up a file click in the Backup column in either the HTTP or TFTP row The HTTP Backup File or TFTP Backup File page displays Figure 12 3 HTTP Backup File Page Fi...

Page 105: ...path on the server where you want to put the file followed by the name to be applied to the file as it is saved This can differ from the actual file name on the switch The path can be 0 to 160 characters and the file name can be 1 to 32 characters The file name can have ASCII printable characters excluding the following Status Status information on the backup process Field Description File Type Se...

Page 106: ...configuration files Status Status information on the update process Field Description Field Description File Type See the options in Table 12 3 on page 12 3 Server Address Enter the IP address or host name of the TFTP server File Name Enter the path on the server where file is located followed by the filename The path can be 0 to 160 characters and the file name can be 1 to 32 characters The path ...

Page 107: ...ce Dual Image Configuration Figure 12 7 Dual Image Configuration Page Table 12 5 Dual Image Configuration Fields Click Apply to save your changes to the switch Field Description Image Status This section lists the current image status information Image The type of image which can be either Active or Backup Version The software version of the image Description Specify an optional description of the...

Page 108: ...12 6 Maintenance Pages Dual Image Configuration ...

Page 109: ......

Page 110: ... is subject to change without notice The only warranties for HPE products and services are set forth in the express warranty statements accompanying such products and services Nothing herein should be construed as constituting an additional warranty HPE will not be liable for technical or editorial errors or omissions contained herein October 2016 Manual Part Number 5998 7651a ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands