manualshive.com logo in svg

IS5 COMMUNICATIONS iES26GF, User Manual

Get your hands on the user manual for IS5 COMMUNICATIONS iES26GF for free download. This comprehensive manual will guide you through the setup and operation of this advanced communication device. Download it now from manualshive.com and maximize the potential of your iES26GF.

Share
Download
background image

iES26GF 

User’s

  Manual 

 

 

 

UM-iES26GF-1.2.3-EN.docx   

 

 

 

 

 

 

 

Pages 121 of 169 

Since the server has not failed (because the X seconds have not expired), the same server will be 

contacted when the next back-end authentication server requests from the switch. This scenario will 

loop  forever.  Therefore,  the  server  timeout  should  be  smaller  than  the  supplicant's  EAPOL  Start 

frame retransmission rate. 

2)

 

Overview of MAC-Based Authentication 

Unlike  802.1X,  MAC-based  authentication  is  not  a  standard,  but  merely  a  best  -practices  method 

adopted by the industry. In MAC-based authentication, users are called clients, and the switch acts 

as the supplicant on behalf of clients. The initial frame (any kind of frame) sent by a client is snooped 

by the switch, which in turn uses the client's MAC address as both username and password in the 

subsequent EAP exchange with the RADIUS server. The 6-byte MAC address is converted to a string 

in the following form "xx-xx- xx-xx- xx-xx", that is, a dash (-) is used as separator between the lower-

cased hexadecimal digits. The switch only supports the MD5-Challenge authentication method, so 

the RADIUS server must be configured accordingly. 

When authentication is complete, the RADIUS server sends a success or failure indication, which in 

turn causes the switch to open up or block traffic for that particular client, using static entries into the 

MAC Table. Only then will frames from the client be forwarded on the switch. There are no EAPOL 

frames involved in this authentication, and therefore, MAC -based authentication has nothing to do 

with the 802.1X standard. 

The advantage of MAC-based authentication over 802.1X is that several clients can be connected to 

the same port (e.g. through a 3rd party switch or a hub) and still require individual authentication, 

and that the clients do not need special supplicant software to authenticate. The disadvantage is that 

MAC  addresses  can  be  spoofed  by  malicious  users,  equipment  whose  MAC  address  is  a  valid 

RADIUS user can be used by anyone, and only the MD5-Challenge method is supported. 

802.1X and MAC-Based authentication configurations consist of two sections: system- and port-wide. 

Summary of Contents for iES26GF

Page 1: ...iES26GF 1 2 3 EN docx User s Manual iES26GF Intelligent 26 Port Managed Gigabit Ethernet Switch IEC61850 3 and IEEE1613 Compliant Version 1 2 3 Feb 2018 2018 iS5 Communications Inc All rights reserve...

Page 2: ...warranty period including shipping costs This warranty does not cover product modifications or repairs done by persons other than iS5 approved personnel and this warranty does not apply to products th...

Page 3: ...nel 3 2 2 Rear Panel View 4 2 3 Power Panel 4 Hardware Installation 6 3 1 Rack Mount Assembly 6 3 2 Wiring 7 Grounding 7 Power Inputs 8 Fault Relay 9 3 3 Connection 10 Ethernet Cables 10 SFP 13 iRing...

Page 4: ...Trunk 42 Loop Protection 47 5 4 Redundancy 49 iRing Configuration 49 iChain 49 iBridge 50 RSTP 51 MSTP 55 Fast Recovery 63 Dual Port Recovery 64 5 5 VLAN 66 VLAN Membership 66 Port Configurations 67...

Page 5: ...l Security Configurations 104 Device Binding 104 ACL 110 AAA 115 NAS 802 1x 120 5 10 Warning 131 Fault Alarm 131 System Warning 132 5 11 Monitoring and Diagnostic 135 MAC Table 135 Port Statistics 137...

Page 6: ...may be required to take adequate measures Caution LASER This product contains a laser system and is classified as a CLASS 1 LASER PRODUCT Use of controls or adjustments or performance of procedures ot...

Page 7: ...4 VLAN 802 1Q to segregate and secure network traffic 5 5 Supports SNMPv1 v2 v3 5 6 Traffic Prioritization Storm Control and Quality of Service QoS including DSCP Based QoS Ingress Port Classificatio...

Page 8: ...RS 232 to RJ 45 cable assembly to manage the switch Figure 1 Front View 1 Power supply input 2 LED Status P1 LED PWR1 shows status of power supply one 1 P2 LED PWR2 shows status of power supply two 2...

Page 9: ...tes that the switch is operating as the Master iRing LED ON indicates that iRing is activated Status LED ON when the system is ready P1 LED PWR1 it shows status of power supply one 1 P2 LED PWR2 it sh...

Page 10: ...nected to the Neutral terminal of an AC power source 8 RLY NO Failsafe Relay Normally Open contact 9 RLY CM Failsafe Relay Common contact 10 RLY NC Failsafe Relay Normally Closed contact 88 300VDC rat...

Page 11: ...iES26GF User s Manual UM iES26GF 1 2 3 EN docx Pages 6 of 169 Hardware Installation 3 1 Rack Mount Assembly The iES26GF comes with a kit for rack mount assembly Figure 4 iES26GF Dimensions...

Page 12: ...for power and devices If power wiring and device wiring paths must cross make sure the wires are perpendicular at the intersection point 5 Do not run signal or communications wiring and power wiring t...

Page 13: ...GND1 terminal screw 3 Connect the Positive or Live from the first power source to the POWER 1 V L terminal screw 4 Connect the Negative or Neutral from the first power source to the POWER 1 V N termi...

Page 14: ...er configured events The switch provides fail open and fail close options to form relay circuits based on requirements Thecontactsareenergizeduponpower upoftheunitandremainenergizedunlessacriticalerro...

Page 15: ...Type Max Length Connector 10BASE T Cat 3 4 5 100 ohm UTP 100 m 328 ft RJ 45 100BASE TX Cat 5 100 ohm UTP UTP 100 m 328 ft RJ 45 1000BASE T Cat 5 Cat 5e 100 ohm UTP UTP 100 m 328ft RJ 45 100Base T X 1...

Page 16: ...n Assignments Pin Number MDI port MDI X port 1 TD transmit RD receive 2 TD transmit RD receive 3 RD receive TD transmit 4 Not used Not used 5 Not used Not used 6 RD receive TD transmit 7 Not used Not...

Page 17: ...The iES26GF switch can be managed via the console port Using the supplied standard DB 9 to RJ45 cable you can connect to a local PC Console Cable pin Assignments PC pin out male assignment DB9 to RJ...

Page 18: ...ith options for SFP SC and ST connectors The fiber optical ports are in Multimode 0 to 550M 850 nm with 50 125 m 62 5 125 m fiber and Singlemode with LC connector Always connect the TX port of Switch...

Page 19: ...ology Figure 10 Ring Topology Coupling Ring If two iRing topologies exist and you would like to connect the rings a coupling ring can be formed Select two switches from each ring to be connected for e...

Page 20: ...ls Figure 12 Dual Homing iChain By connecting multiple iRings to meet expansion demands an iChain topology can be created following the steps below 1 Select two switches from the chain Switch A B that...

Page 21: ...with recovery times of less than 30 milliseconds in full duplex Gigabit operation or 10 milliseconds in full duplex Fast Ethernet operation with up to 250 nodes The ring protocols identify one switch...

Page 22: ...lex industrial networks enables the network to recover in less than 30 milliseconds in full duplex Gigabit operation or 10 milliseconds in full duplex Fast Ethernet operation for up to 250 switches if...

Page 23: ...applications MSTP supports multiple spanning trees within a network by grouping and mapping multiple VLAN s into different spanning tree instances known as MSTI s forming individual MST regions Each s...

Page 24: ...ption and enhances access speed in a viewing screen Note By default IE5 0 or later versions do not allow Java Applets to open sockets The browser settings need to be explicitly modified to enable Java...

Page 25: ...EN docx Pages 20 of 169 Figure 17 Main Interface 5 1 Basic Settings System Information Configuration Figure 18 System Information Configuration interface The system information will display the confi...

Page 26: ...ASCII characters from 32 to 126 are allowed System Contact The textual identification of the contact person for this managed node together with information on how to contact this person The allowed s...

Page 27: ...are allowed Confirm Password Re type the new password Save Click Save to save the changes Guest Password This page allows you to configure the system guest password required to access the web interfac...

Page 28: ...is used for authentication RADIUS a remote RADIUS server is used for authentication Fallback Add a check mark if you want to activate this option Save Click Save to save changes Reset Click Reset to u...

Page 29: ...he DHCP client function is enabled you do not need to assign an IP Address The network DHCP server will assign the IP Address for the switch and it will be displayed in this column The default IP Addr...

Page 30: ...ol SNTP settings allow you to synchronize switch clocks over the Internet Configure the SNTP on the following page Figure 26 IP Configuration interface The following table describes the labels for the...

Page 31: ...you to configure the Time Zone Figure 27 Time Zone Configuration interface The following table describes the labels for the Time Zone Configuration screen Label Description Time Zone Lists various ti...

Page 32: ...nfiguration will be used once Start Time Settings Week Select the starting week number Recurring Day Select the starting day Recurring Month Select the starting month Date Select the starting date Non...

Page 33: ...laskan Daylight 8 hours 4 am ALA Alaskan Standard 9 hours 3 am HAW Hawaiian Standard 10 hours 2 am Nome Alaska 11 hours 1 am CET Central European FWT French Winter MET Middle European MEWT Middle Euro...

Page 34: ...ick Reset to undo any changes made locally and revert to previous saved values HTTPS Configuration Hyper Text Transfer Protocol Secure HTTPS is the secure version of HTTP Select HTTPS Configuration Mo...

Page 35: ...The modes include Enabled enables SSH Disabled disables SSH Save Click Save to save changes Reset Click Reset to undo any changes made locally and revert to previously saved values Telnet Select Telne...

Page 36: ...e following table describes the labels for the LLDP Configuration screen Label Description Tx Interval Enter value for the Tx Interval The default is 30 seconds Mode Select from the drop down list a m...

Page 37: ...The identification of the neighbour port Port Description The description of the port advertised by the neighbour System Name The name advertised by the neighbour System Capabilities Description of t...

Page 38: ...le describes the labels for the LLDP Global Counters screen Label Description Neighbour entries were last changed at Shows the time when the last entry was deleted or added Total Neighbours Entries Ad...

Page 39: ...formation known as TLVs Type Length Value If a TLV is malformed it will be counted and discarded TLVs Unrecognized The number of well formed TLVs but with an unknown type value Org Discarded The numbe...

Page 40: ...e used instead of a TFTP server Figure 36 Configuration Save Interface Figure 37 Configuration Upload interface Upgrade Firmware This page allows you to update the firmware of the switch Click Browse...

Page 41: ...ed input information in each column Figure 39 DHCP Server Configuration interface The following table describes the labels for the DHCP Server Configuration screen Label Description Enabled Select Ena...

Page 42: ...elect To add to static table Type The Type of client Dynamic or Static MAC Address The MAC Address of client IP Address The IP Address of client Surplus Lease The Surplus Lease time Select Clear All S...

Page 43: ...Static MAC Address The MAC Address of client IP Address The IP Address of client Surplus Lease The Surplus Lease time Delete Click Delete to remove the selected entry Select Clear All Select or Clear...

Page 44: ...nformation When DHCP relay information is enabled the agent inserts specific information option 82 into a DHCP message when forwarding to a DHCP server and it removes it from a DHCP message when trans...

Page 45: ...retained Drop Agent Option The number of packets dropped when received messages contain relay agent information Refresh Click Refresh to refresh the page immediately Auto refresh Check Auto refresh t...

Page 46: ...ent link state is shown by different colors Green indicates the link is up and Red means the link is down Current Link Speed Indicates the current link speed of the port Configured Link Speed The drop...

Page 47: ...address or uncheck to disable By default Source M AC Address is enabled Destination M AC Address Calculates the destination port of the frame You can check this box to enable the destination MAC addre...

Page 48: ...full duplex ports can join an aggregation and the ports must be in the same speed in each group Save Click Save to save changes Reset Click Reset to undo any changes made locally and revert to previou...

Page 49: ...very second Passive will wait for a LACP packet from a partner speak if spoken to Save Click Save to save changes Reset Click Reset to undo any changes made locally and revert to previously saved valu...

Page 50: ...not enabled or the port link is down Backup means the port cannot join in the aggregation group unless other ports are removed and is in disabled LACP status Key The key assigned to this port Only po...

Page 51: ...s screen Label Description Port Switch port number LACP Received The number of LACP frames received at each port LACP Transmitted The number of LACP frames sent from each port Discarded The number of...

Page 52: ...port The value must be between 1 to 10 seconds Shutdown Time The period in seconds for which a port will be kept disabled when a loop is detected shutting down the port The valid value is 0 to 604800...

Page 53: ...port number of the logical port Action The currently configured port action Transmit The currently configured port transmit mode Loops The number of loops detected on this port Status The current loo...

Page 54: ...ckup ring port Coupling Ring Having a check mark to enable Coupling Ring Coupling Ring can divide a big ring into two smaller rings to avoid network topology changes affecting all switches This is a g...

Page 55: ...ust specify the ports according to topology of network State Indicates the state of the Ring Port There three states for uplink port Link Down Blocking and Forwarding Save Click Save to save the chang...

Page 56: ...STP and RSTP Bridge Priority 0 61440 A value used to identify the root bridge The bridge with the lowest value highest priority is selected as the root If the value changes the switch must be reboote...

Page 57: ...User s Manual UM iES26GF 1 2 3 EN docx Pages 52 of 169 Port Setting This page allows the user to configure the current RSTP port configurations and change them as well Figure 59 RSTP Port Setting int...

Page 58: ...on the port or not Admin P2P Controls whether the port connects to a point to point LAN rather than to a shared medium This can be automatically determined when Auto option is selected or Forced True...

Page 59: ...e of 16 Path Cost The cost of the path to the other bridge from this transmitting bridge at the specified port A number 1 through 200000000 Oper Edge When True Oper Edge is enabled the port is configu...

Page 60: ...M iES26GF 1 2 3 EN docx Pages 55 of 169 MSTP Bridge Settings This page allows you to configure STP system settings The settings are used by all STP Bridge instances in the switch Figure 62 STP Bridge...

Page 61: ...an MSTI region It defines how many bridges a root bridge can distribute its BPDU information to The range of valid values is 4 to 30 seconds and MaxAge must be FwdDelay 1 2 Transmit Hold Count The nu...

Page 62: ...cters Configuration Revision Revision of the MSTI configuration named above This must be an integer between 0 and 65535 MSTI This id for the Bridge instance The CIST is not available for explicit mapp...

Page 63: ...ue the higher the priority The bridge priority MSTI instance number and the 6 byte MAC address of the switch forms a bridge identifier Save Click Save to save changes Reset Click Reset to undo any cha...

Page 64: ...s outside a core region of the network from influencing the active spanning tree topology because those bridges are not under the full control of the administrator This feature is also known as Root G...

Page 65: ...eed by using the 802 1D recommended values Specific allows you to enter a user defined value The path cost is used when establishing an active topology for the network Lower path cost ports are chosen...

Page 66: ...ogy Change occurred Refresh Click to refresh the page immediately Auto refresh Check this box to enable an automatic refresh of the page at regular intervals Port Status This page displays the STP por...

Page 67: ...DU s received transmitted on the port RSTP The number of RSTP configuration BPDU s received transmitted on the port STP The number of legacy STP configuration BPDU s received transmitted on the port T...

Page 68: ...escription Enable Enable Fast Recovery function Recovery Priority Ports can be set to 26 priorities Only the port with the highest priority will be the active port The port with the highest recovery p...

Page 69: ...allows Ethernet switches in ring configuration with unmanaged devices to recover from failure rapidly to ensure seamless data transmission A Dual Port Recovery ring can support up to 5 unmanaged devi...

Page 70: ...el Description Enable Activate the Dual Port Recovery mode Active Port Choosing the port which connects to the unmanaged switch ring of switches Note User needs to select one port to be Active Port on...

Page 71: ...th Alpha and numeric characters are valid Port Members Checkmarks indicate which ports are members of the entry Check or uncheck as needed to modify the entry The Status of each port can be To include...

Page 72: ...ts VLAN ingress processing The Values are All Tagged and Untagged If the port only accepts Tagged frames all received by the port Untagged frames will be discarded By default the field is set to All P...

Page 73: ...n untagged frame obtains a tag based on PVID and is forwarded When the port receives tagged frames If the tagged frame contains a TPID of 0x8100 it will be forwarded If the TPID of tagged frame is not...

Page 74: ...iES26GF User s Manual UM iES26GF 1 2 3 EN docx Pages 69 of 169 Figure 74 Unaware and C port Port Types...

Page 75: ...iES26GF User s Manual UM iES26GF 1 2 3 EN docx Pages 70 of 169 Figure 75 S port and S custom Port Types...

Page 76: ...1 2 3 EN docx Pages 71 of 169 Examples of VLAN Settings 1 VLAN Access Mode Figure 76 VLAN Access Mode topology For Switch A Port 7 is VLAN Access mode Untagged 20 Port 8 is VLAN Access mode Untagged 1...

Page 77: ...l UM iES26GF 1 2 3 EN docx Pages 72 of 169 2 VLAN 1Q Trunk Mode Figure 77 VLAN 1Qtrunk Mode topology For Switch B Port 1 VLAN 1Qtrunk mode tagged 10 20 Port 2 VLAN 1Qtrunk mode tagged 10 20 Below are...

Page 78: ...iES26GF User s Manual UM iES26GF 1 2 3 EN docx Pages 73 of 169 3 VLAN Hybrid Mode For VLAN Hybrid Mode Port 1 VLAN Hybrid mode untagged 10 Tagged 10 20 Below are the switch settings...

Page 79: ...26GF 1 2 3 EN docx Pages 74 of 169 4 VLAN QinQ Mode VLAN QinQ mode is usually adopted when there are unknown VLANs as shown in the figure below VLAN X Unknown VLAN Figure 78 VLAN QinQ Mode topology 5...

Page 80: ...added or deleted here Port members of each private VLAN can be added or removed here Private VLANs are based on the source port mask and there are no connections to VLANs This means that VLAN IDs and...

Page 81: ...ick Cancel to return to the editing and make a correction The private VLAN is enabled when you click Save The Delete button can be used to undo the addition of new private VLANs Save Click Save to sav...

Page 82: ...length is 0 to 255 and only ASCII characters from 33 to 126 are allowed The field only suits to SNMPv1 and SNMPv2c SNMPv3 uses USM for authentication and privacy and the community string will be assoc...

Page 83: ...ID Indicates the SNMP trap probe security engine ID mode of operation Possible values are Enabled Enable SNMP trap probe security engine ID mode of operation Disabled Disable SNMP trap probe security...

Page 84: ...he allowed string length is 1 to 32 and only ASCII characters from 33 to 126 are allowed Source IP Indicates the SNMP source address Source Mask Indicates the SNMP source address mask Add New Entry Cl...

Page 85: ...models include NoAuth NoPriv no authentication and none privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy The value of security level cannot be modified if the ent...

Page 86: ...ased Security Model USM Security Name A string identifying the security name that this entry should belong to The allowed string length is 1 to 32 and only ASCII characters from 33 to 126 are allowed...

Page 87: ...es include Included an optional flag to indicate that this view subtree should be included Excluded An optional flag to indicate that this view subtree should be excluded Generally if an entry s view...

Page 88: ...ity model that this entry should belong to Possible security models include any Accepted any security model v1 v2c usm v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM...

Page 89: ...own Enable Check this box to enable the storm control status for the given frame type and port Rate Controls the rate for the storm control The rate unit is packets per second pps Valid values are 1 2...

Page 90: ...ise the frame is classified to the default DP level If the port is VLAN aware the frame is tagged and Tag Class is enabled then the frame is classified to a DP level that is mapped from the PCP and DE...

Page 91: ...ce The following table describes the labels for the QoS Egress Port Tag Remarking screen Label Description Port The switch port number to which the following settings will be applied Click on the port...

Page 92: ...on DSCP 0 choose if incoming or translated if enabled DSCP is 0 Selected chooses only selected DSCP whose classification is enabled as specified in DSCP Translation window for the specific DSCP All ch...

Page 93: ...licer The default value is 500 This value is restricted to 100 to 1000000 when the Unit is kbps or fps and to 1 to 3300 when the Unit is Mbps or kfps Unit Configures the unit of measurement for each p...

Page 94: ...d revert to previously saved values Port Scheduler This page provides an overview of QoS Egress Port Schedulers for all switch ports Figure 94 QoS Egress Port Schedulers interface The following table...

Page 95: ...1000000 when the Unit is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Queues Shaper Unit Configures the rate for each queue shaper The default value is 500 This value is restricted to...

Page 96: ...00 when the Unit is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Queues Shaper Unit Configures the rate of each queue shaper The default value is 500 This value is restricted to 100 to...

Page 97: ...nges made locally and revert to previously saved values Cancel Click Cancel to undo any changes made locally and return to the previous page 3 Port Shaping This page provides an overview of QoS Egress...

Page 98: ...Ingress Classification screen Label Description DSCP Maximum number of supported DSCP values is 64 Trust Check to trust a specific DSCP value Only frames with trusted DSCP values are mapped to a speci...

Page 99: ...QoS class and DPL map There are two configuration parameters for DSCP Translation Translate DSCP can be translated to any of 0 63 DSCP values Choose one of them from the drop down list Classify check...

Page 100: ...another one with DPL 1 DSCP Select the classified DSCP value 0 63 from the drop down list Save Click Save to save changes Reset Click Reset to undo any changes made locally and revert to previously sa...

Page 101: ...iES26GF User s Manual UM iES26GF 1 2 3 EN docx Pages 96 of 169 Figure 102 QCE Configuration interface...

Page 102: ...nation Service Access Point values can range from 0x00 to 0xFF or Any The default value is Any Control Valid Control valid values can range from 0x00 to 0xFF or Any The default value is Any SNAP PID v...

Page 103: ...Label Description Port The logical port number for the statistics displayed Click on the port number to see Detailed Port Statistics Qn There are 8 QoS queues per port Q0 is the lowest priority Rx Tx...

Page 104: ...classification action taken on ingress frame if parameters configured are matched with the frame s content There are three action fields Class DPL and DSCP Class Classified QoS if a frame matches the...

Page 105: ...lowing table describes the labels for the IGMP Snooping Configuration screen Label Description Snooping Enabled Check to enable global IGMP snooping Unregistered IPMCv4 Flooding enabled Check to enabl...

Page 106: ...escribes the labels for the IGMP Snooping VLAN Configuration screen Label Description Delete Check to delete the entry The designated entry will be deleted during the next save VLAN ID The VLAN ID of...

Page 107: ...ier Transmitted The number of transmitted Queries Querier Received The number of transmitted Queries V1 Reports Received The number of received V1 reports V2 Reports Received The number of received V2...

Page 108: ...king Refresh will update the displayed table starting from that or the next closest IGMP Group Table match In addition the two input fields will after clicking Refresh assume the value of the first di...

Page 109: ...figuration screen Label Description Port Port number of the remote client IP IP address of the remote client 0 0 0 0 means any IP Web Enables management via a Web interface Telnet Enables management v...

Page 110: ...ce might have been dead Stream Check Active Check to enable stream check When enabled the switch will detect the stream change getting low from the device Stream Check Status Indicates stream check st...

Page 111: ...Description Mode Enables or disables Alive Check of the port Action Actions to be taken the options are Link Change Only Log it and Shunt Down the Port Link Change Disables or enables the port Only Lo...

Page 112: ...socket number here The socket number can be a range of numbers from low to high or a single number In this case insert the same number in both Low and High fields For Socket Numbers other than UDP or...

Page 113: ...ace The following table describes the labels for the Device Description screen Label Description Device Type Indicates device types Possible types are no specification IP Camera IP Phone Access Point...

Page 114: ...e The following table describes the labels for the Steam Check screen Label Description Mode Enables or disables Stream Monitoring of the port Action Indicates the action to take when the stream gets...

Page 115: ...of this port The allowed values are Enabled Frames received on the port are mirrored Disabled Frames received on the port are not mirrored The default value is Disabled Logging Specifies the logging o...

Page 116: ...the ACL Rate Limiter Configuration screen Label Description Rate Limiter ID The rate limiter ID for the settings contained in the same row Rate The ACL Rate The allowed values are 0 3276700 in pps or...

Page 117: ...ed outline on Figure 118 The reserved ACEs used for internal protocol cannot be edited or deleted the order sequence cannot be changed and the priority is highest Figure 118 Access Control List Config...

Page 118: ...Other The ACE will match IPv4 frames which are not ICMP UDP TCP IPv6 The ACE will match all IPv6 standard frames Action Specifies the action to take when a frame matches the ACE Permit takes action w...

Page 119: ...rate limiter number of the ACE The allowed range is 1 to 16 When Disabled is displayed the rate limiter operation is disabled Port Redirect Frames that match the ACE are copied to the port number spe...

Page 120: ...he request is transmitted again This algorithm causes the RADIUS server to be queried up to 3 times before it is considered to be dead Dead Time The Dead Time which can be set to a number between 0 an...

Page 121: ...otted decimal notation Port The UDP port to use on the RADIUS Accounting Server If the port is set to 0 zero the default port 1813 is used on the RADIUS Accounting Server Secret The UDP port to use on...

Page 122: ...s up and running and the RADIUS module is ready to accept access attempts Dead X seconds left Access attempts were made to this server but it did not reply within the configured timeout The server has...

Page 123: ...ackets received from the server Malformed packets include packets with an invalid length Bad authenticators or Message Authenticator attributes or unknown types are not included as malformed access re...

Page 124: ...ed server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready to ac...

Page 125: ...s known as EAPOL Extensible Authentication Protocol EAP Over LANs frames which encapsulate EAP PDUs Protocol Data Units RFC3748 Frames sent between the switch and the RADIUS server are RADIUS packets...

Page 126: ...sed as separator between the lower cased hexadecimal digits The switch only supports the MD5 Challenge authentication method so the RADIUS server must be configured accordingly When authentication is...

Page 127: ...n Period Re authentication for 802 1X enabled ports can be used to detect if a new device is plugged into a switch port For MAC based ports re authentication is only useful if the RADIUS server config...

Page 128: ...en Label Description Port The port number for which the configuration below applies Admin State If NAS is globally enabled this selection controls the port s authentication mode The following modes ar...

Page 129: ...s between the supplicant and the switch If more than one supplicant is connected to a port the one that comes first when the port s link is connected will be the first one considered If that supplican...

Page 130: ...uthentication is that the clients do not need special supplicant software to authenticate The disadvantage is that MAC addresses can be spoofed by malicious users equipment whose MAC address is a vali...

Page 131: ...dministrative state Refer to NAS Admin State for more details regarding each value Port State The current state of the port Refer to NAS Port State for more details regarding each value Last Source Th...

Page 132: ...t which Port to be displayed Figure 126 NAS Statistics Port 1 interface The following table describes the labels for the NAS Statistics Port 1 screen Label Description Admin State The port s current a...

Page 133: ...rt dot1xAuthEapol StartFramesRx The number of EAPOL Start frames that have been received by the switch Rx Logoff dot1xAuthEapol LogoffFramesRx The number of valid EAPOL Logoff frames that have been re...

Page 134: ...equest packet following the first to the supplicant Indicates that the backend server chose an EAP method MAC based Not applicable Rx Auth Successes dot1xAuthBackend AuthSuccesses 802 1X and MAC based...

Page 135: ...nd is placed next to the Port Counters table and will be empty if no MAC address is currently selected To populate the table select one of the attached MAC Addresses from the table below Label Descrip...

Page 136: ...lectric relay will signal at the same time Select the events to cause the Fault Alarm then click Save at the bottom of the screen to save the changes Figure 127 Fault Alarm interface The following tab...

Page 137: ...ver will not send acknowledgments back to the sender since UDP is a connectionless protocol and it does not provide acknowledgments The syslog packet will always be sent even if the syslog server does...

Page 138: ...cipient E mail Address The recipient s e mail address allows a total number of six recipients Save Click Save to save the settings Event Selection There is one warning way supported by system SYSLOG C...

Page 139: ...r Possible selections are Disable Link Up Link Down Link Up and Link Down SMTP Select a SMTP option for a specific port number Possible selections are Disable Link Up Link Down Link Up and Link Down S...

Page 140: ...isable Automatic Aging 2 MAC Table Learning If the learning mode for a given port is grayed out it means another module is in control of the mode and thus the user cannot change the configurations An...

Page 141: ...AC Address Table contains up to 8192 entries and is sorted first by VLAN ID then by MAC address Each page shows up to 999 entries from the MAC table with a default value of 20 selected by the Entries...

Page 142: ...ails of which switch port to be displayed The displayed counters include the total number for receive and transmit the size for receive and transmit and the errors for receive and transmit Label Descr...

Page 143: ...The number of received and transmitted good and bad packets split into categories based on their respective frame sizes Rx and Tx Queue Counters The number of received and transmitted packets per inpu...

Page 144: ...known as Ingress or Source Mirroring All frames transmitted on a given port also known as Egress or Destination Mirroring Port to mirror is also known as the mirror port Frames from ports that have e...

Page 145: ...utomatic refresh of the page at regular intervals Refresh Updates system log entries starting from the current entry ID Clear Flushes all system log entries Updates system log entries starting from th...

Page 146: ...n will be used SNMP Trap SNMP trap method of notification will be used Auto refresh Check this box to enable an automatic refresh of the page at regular intervals Refresh Updates system log entries st...

Page 147: ...e interval of the ICMP packet Values range from 0 second to 30 seconds Ping6 This page allows you to issue ICMPv6 PING packets to troubleshoot IPv6 connectivity issues After you press Start ICMPv6 pac...

Page 148: ...Ping screen Label Description IP Address The destination IP Address Ping Length The payload size of the ICMP packet Values range from 2 bytes to 1452 bytes Ping Count The count of the ICMP packet Valu...

Page 149: ...Information page without resetting 5 13 System Reboot You can reset the stack switch on this page After reset the system will boot normally as if you have powered on the devices Figure 141 System Rebo...

Page 150: ...e 1 none Before configuring RS 232 serial console connect the RS 232 port of the switch to your PC Com port using a RJ45 to DB9 F cable Follow the steps below to access the console via RS 232 serial c...

Page 151: ...gure 143 Tera Term Serial port setup interface 4 Press Enter for the Console login screen to appear Use the keyboard to enter the Console Username and Password which is same as the Web Browser passwor...

Page 152: ...elnet 1 Connect your PC to one of the Ethernet ports of the switch via an Ethernet cable 2 Telnet to the IP address of the switch from the Windows Run command or from the MS DOS prompt Figure 145 Wind...

Page 153: ...iES26GF User s Manual UM iES26GF 1 2 3 EN docx Pages 148 of 169 1 Command Groups Welcome to iES26GF Command Line Interface...

Page 154: ...rror Log Clear all info warning error Timezone Configuration Timezone Offset offset Timezone Acronym acronym DST Configuration DST Mode disable recurring non recurring DST start week day month date ye...

Page 155: ...NTP Server Delete 4 Port Port Configuration port_list up do wn Mode port_list auto 10hdx 10fdx 100hdx 100fdx 1000fdx 10gfdx State port_list enable disable MaxFrame port_list max_frame Excessive port_l...

Page 156: ...orts_list Forbidden Add vid name port_list Delete vid name Forbidden Delete vid name Forbidden Lookup vid name name Lookup vid name name combined static nas all Name Add name vid Name Delete name Name...

Page 157: ...Security switch S S H Mode enable disable 12 Security Switch HTTPS Security switch HTTPS Configuration Mode enable disable Redirect enable disable 13 Security Switch RMON Security switch RMON Statisti...

Page 158: ...Network Psec Switch port_list Security Network Psec Port port_list 16 Security Network NAS Security Network NAS Configuration port_list Mode enable disable State port_list auto authorized unauthorize...

Page 159: ...ort_list policy policy policy_bitmask tagged vid tag_prio dmac_type etype etype smac dmac arp sip dip smac arp_opcode arp_flags ip sip dip protocol ip_flags icmp sip dip icmp_type icmp_code ip_flags u...

Page 160: ...ar 20 Security AAA Security AAA Configuration Radius server timeout timeout Radius server retransmit retransmit Radius server deadtime deadtime radius server key key radius server nas ip address ipv4_...

Page 161: ...ort_list enable disable Port Edge stp_port_list enable disable Port AutoEdge stp_port_list enable disable Port P2P stp_port_list enable disable auto Port RestrictedRole stp_port_list enable disable Po...

Page 162: ...s_descr sys_capa mgmt_addr enable disable Interval interval Hold hold Delay delay Reinit reinit Statistics port_list clear Info port_list 25 QoS QoS Configuration port_list Port Classification Class p...

Page 163: ...pl dpl Port TagRemarking Map port_list class_list dpl_list pcp dei Port DSCP Translation port_list enable disable Port DSCP Classification port_list none zero selected all Port DSCP EgressRemark port_...

Page 164: ...ode port_list enable disable rx tx 27 Config Config Save ip_server file_name Load ip_server file_name check 28 SNMP SNMP Configuration Mode enable disable Version 1 2c 3 Read Community community Write...

Page 165: ...ipv4v6_addr dport udp_port 1 community comm 2c community comm trap informs retries timeout 3 trap informs retries timeout probe engine engineid security security_name Trap Delete conf_name Trap Event...

Page 166: ...rac ptptimescale timesource PTP PortDataSet clockinst port_list announceintv announceto syncintv delaymech minpdelayreqintv delayasymmetry ingressLatency egressLatency LocalClock clockinst update show...

Page 167: ...t_list Port Mode port_list enable disable Port Action port_list shutdown shut_log log Port Transmit port_list enable disable Status port_list 32 IPMC IPMC Configuration igmp Mode igmp enable disable F...

Page 168: ...e linkup linkdo wn both 35 DHCPServer DHCPServer Mode enable disable Setup ip_start ip_end ip_mask ip_router ip_dns ip_tftp lease bootfile 36 RIP RIP Configuration Mode enable disable 37 Ring Ring Mod...

Page 169: ...0 FastRecovery FastRecovery Mode enable disable Port port_list fr_priority 41 DualPort DualPort Configuration Mode enable disable Interval integer Retry integer TimeoutDelay integer DebugMessage enabl...

Page 170: ...rce destination Port DDOS Action port_list do_nothing block_1_min block_10_mins block shutdown only _log Port DDOS Status port_list Port Alive Mode port_list enable disable Port Alive Action port_list...

Page 171: ...rt rate limiting User Defined Jumbo frame 9 6 K Security Features STP RSTP MSTP Device binding and remote control security Access Control List ACL for every port Authentication Authorization and Accou...

Page 172: ...3 900 g Power Redundant Power Input Dual Power Supplies with dual input of 18 36 VDC or 36 75 VDC or single input of 110 370 VDC or 90 264VAC Overload Current Protection Present Table 2 Compliance Spe...

Page 173: ...2014 Bridged Networks IEEE 802 1 2010 Port Based Network Access Control IEEE 802 1AB 2016 Station and Media Access Connectivity discovery LLDP IEEE 802 1AX Link Aggregation RFC Compliance RFC 768 UDP...

Page 174: ...e 48 ProductName 81 Version 85 MacAddress 256 SysName 512 SysDescription 768 SysLocation 1024 SysContact 4096 PortStatus Port 1 VTSS_PORTS Value 0x0000 Link down 0x0001 Link up 0x0002 Disable 0xffff N...

Reviews:

No comments

Related manuals for iES26GF

D-Link DSS-16+ Reference Manual preview
DSS-16+
Brand: D-Link Pages: 2
Omega Engineering 430 Instruction Sheet preview
430
Brand: Omega Engineering Pages: 3
3Com NBX 100 Release Note preview
NBX 100
Brand: 3Com Pages: 8
Balluff IO-Link BNI LH1-303-S11-K091 Installation Manual preview
IO-Link BNI LH1-303-S11-K091
Brand: Balluff Pages: 12
4B M800 Elite Series Operation Manual preview
M800 Elite Series
Brand: 4B Pages: 12
Hama 00047693 Operating Instructions preview
00047693
Brand: Hama Pages: 2
Datavideo SE-2200 Instruction Manual preview
SE-2200
Brand: Datavideo Pages: 38
Gefen ToolBox GTB-MHDMI1.3-441 User Manual preview
ToolBox GTB-MHDMI1.3-441
Brand: Gefen Pages: 25
PRO SIGNAL PSG3061 Quick Start Manual preview
PSG3061
Brand: PRO SIGNAL Pages: 4
Scion SC03.4101 Operation Manual preview
SC03.4101
Brand: Scion Pages: 8
Maiwe MISCOM7220G-4GF-16GT User Manual preview
MISCOM7220G-4GF-16GT
Brand: Maiwe Pages: 6
CAMBRIONIX U16S User Manual preview
U16S
Brand: CAMBRIONIX Pages: 37
SIIG Hi-Speed USB 4-Port Bay Hub Quick Installation Manual preview
Hi-Speed USB 4-Port Bay Hub
Brand: SIIG Pages: 8
H3C WX3010E Installation Manual preview
WX3010E
Brand: H3C Pages: 70
Guntermann & Drunck UserCenter 2 Operating Instructions Manual preview
UserCenter 2
Brand: Guntermann & Drunck Pages: 20
Eagle E301DA Product Manual preview
E301DA
Brand: Eagle Pages: 2
Edimax ES-3308P Datasheet preview
ES-3308P
Brand: Edimax Pages: 2
Sandberg Mini Hub 5 port Quick Start Manual preview
Mini Hub 5 port
Brand: Sandberg Pages: 12

Brands by name

Popular brands

Load more brands