manualshive.com logo in svg

KTI KGS-3120, Operation Manual

The KTI KGS-3120 is a versatile and efficient product that you can easily operate with the help of the included Operation Manual. You can download the manual for free from our website and start using your KGS-3120 with confidence and ease.

Share
Download
background image

-156-

Download Certificate

This window is used to download a certificate file for the SSL function on the switch from a TFTP
server. The certificate file is a data record used for authenticating devices on the network. It contains
information on the owner, keys for authentication and digital signatures. Both the server and the client
must have consistent certificate files for optimal use of the SSL function. The switch only supports
certificate files with .der file extensions.

To view the following window, click Security > Secure Socket Layer (SSL) > Download Certificate:

Download Certificate window

To download certificates, set the following parameters and click Apply.

Server IP

Enter the IP address of the TFTP server where the certificate files are
located.

Certificate File Name

Enter the path and the filename of the certificate file to download. This file
must have a .der extension. (Ex. c:/cert.der)

Key File Name

Enter the path and the filename of the key file you wish to download. This
file must have a .der extension (Ex. c:/pkey.der)

SSL Configuration

This window will allow the user to enable SSL on the Switch and implement any one or combination of
listed ciphersuites on the switch. A ciphersuite is a security string that determines the exact crypto-
graphic parameters, specific encryption algorithms and key sizes to be used for an authentication
session. The switch possesses four possible ciphersuites for the SSL function, which are all enabled by
default. To utilize a particular ciphersuite, disable the unwanted ciphersuites, leaving the desired one for
authentication. When the SSL function has been enabled, the web will become disabled. To manage
the Switch through the web based management while utilizing the SSL function, the web browser must
support SSL encryption and the header of the URL must begin with https://. (Ex. https://10.90.90.90)
Any other method will result in an error and no access can be authorized for the web-based manage-
ment.

Summary of Contents for KGS-3120

Page 1: ...1 DOC 041230 KGS 3120 Operation Manual...

Page 2: ...ves the right to revise this documentation and to make changes in content from time to time without obligation on the part of KTI Networks Inc to provide notification of such revision or change For mo...

Page 3: ...nterface cables and AC power cord if any must be used in order to comply with the emission limits CISPR A COMPLIANCE This device complies with EMC directive of the European Community and meets or exce...

Page 4: ...Management 25 Before You Start 25 General Deployment Strategy 25 VLAN Setup 26 Defining Static Routes 26 Web based User Interface 26 Areas of the User Interface 26 Login to Web Manager 28 Web Pages an...

Page 5: ...ings 129 Static Default Route Settings 130 Static ARP Settings 131 RIP 132 RIP Global Setting 132 RIP Interface Settings 132 OSPF 134 OSPF General Setting 134 OSPF Area ID Settings 135 OSPF Interface...

Page 6: ...189 Transmitted Packets 191 Errors 192 Received Errors 193 Transmitted Errors 195 Size 197 Packet Size 197 MAC Address 199 Switch History 200 IGMP Snooping Table 201 Browser Router Port 201 VLAN Stat...

Page 7: ...7 Save Changes 212 Factory Reset 213 Restart System 214 Logout 214 Appendix A Technical Specifications 215 Appendix B Cables and Connectors 216 Appendix C Cable Lengths 217 Glossary 218...

Page 8: ...name means that optionally you can type copy followed by the name of the file Do not type the brackets Bold font Indicates a button a toolbar icon menu or menu item For example Open the File menu and...

Page 9: ...side these compartments If any of the following conditions occur unplug the product from the electrical outlet and replace the part or contact your trained service provider The power cable extension c...

Page 10: ...lp protect your system from sudden transient increases and decreases in electrical power use a surge suppressor line conditioner or uninterruptible power supply UPS Position system cables and power ca...

Page 11: ...nd practices Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor Contact the appropriate electrical inspection author ity or an electrici...

Page 12: ...1000BASE T or Gigabit SFP 24 Gbps Switching fabric capacity Supports 802 1D STP and 802 1w Rapid Spanning Tree for redundant back up bridge paths Supports 802 1Q VLAN Supports IGMP snooping Supports 8...

Page 13: ...ports TACACS TACACS and XTACACS Front Panel Components The front panel of the Switch consists of LED indicators an RS 232 communication port two slide in module slots and four 1000BASE T SFP combo por...

Page 14: ...rt has a corresponding indicator This will light steady green for a valid link and blink whenever there is reception or transmission i e Activ ity Act of data occurring at a port The ID LED on the Swi...

Page 15: ...00 1000Mbps Expansion Module 4 Port 10 100 1000BASE T Four port module Front panel module Connects to 1000BASE T devices LED indicators for Link Activity KGM 340F 4 Port Gigabit SFP Mini GBIC Expansio...

Page 16: ...nd Line Reference Manual which is included on the documentation CD SNMP Based Management You can manage the Switch with an SNMP compatible console program The Switch is supports SNMP version 1 0 versi...

Page 17: ...ulation program plug in the power cord and then set up a password and IP address Do not connect the Switch to the network until you have established the correct IP settings and user accounts Installin...

Page 18: ...o attach a mounting bracket to each side of the Switch 2 Align the holes in the mounting bracket with the holes in the rack 3 Insert and tighten two screws through each of the mounting brackets Attach...

Page 19: ...19 Mounting the Switch in a Standard 19 Rack Install Switch in equipment rack Unit ID Display The 7 segment LED as shown below on the front panel will always display F 15 in hex KGS 3120 Front Panel...

Page 20: ...data bits 1 stop bit and no parity d Set flow control to none e Under Properties select VT100 for Emulation mode f Select Terminal keys for Function Arrow and Ctrl keys Ensure that you select Terminal...

Page 21: ...thorized access to the Switch and record the passwords for future reference To create an administrator level account for the Switch do the following 1 At the CLI login prompt enter create account admi...

Page 22: ...bjects are defined in a Management Information Base MIB which provides a standard presentation of the information controlled by the on board SNMP agent SNMP defines both the format of the MIB specific...

Page 23: ...st Multicast Storm MIBs Management and counter information are stored by the Switch in the Management Information Base MIB The Switch uses the standard MIB II Management Information Base module Conseq...

Page 24: ...ement station to the Switch s Telnet or Web based management agent KGS 3120 Gigabit Ethernet Switch Command Line Interface Firmware Build 2 00 B17 Copyright C 2000 2003 All right reserved UserName Pas...

Page 25: ...in a network can be thought of as a new generation of router that performs routing functions in hardware rather than software It is in effect a router that also has numerous independent Ethernet colli...

Page 26: ...rces can save valuable time in case of a link or device failure The Spanning Tree function can be used to block the redundant link until it is needed VLAN Setup VLANs setup in Layer 3 Switching is mor...

Page 27: ...itch s ports and expansion modules Click on the ports in the front panel to manage the port s configuration or view data for the port Left Select the window to be displayed The folder icons can be ope...

Page 28: ...mmand line interface CLI command save Web Pages and Folders Below is a list and description of the main folders and windows available in the web interface Configuration This folder includes all the su...

Page 29: ...start the Switch Switch Information The first page displayed upon logging in is the System Information Basic Settings window This window can be accessed at any time by clicking the Switch Information...

Page 30: ...ss is 10 90 90 90 with a subnet mask of 255 0 0 0 and a default gateway of 0 0 0 0 To manually assign the Switch s IP address subnet mask and default gateway address 1 Select Manual from the Get IP Fr...

Page 31: ...The fields which require entries under this option are as follows Subnet Mask A Bitmask that determines the extent of the subnet that the Switch is on Should be of the form xxx xxx xxx xxx where each...

Page 32: ...ssigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation The IP interface named System on the Switch can be assigned an IP address and subnet...

Page 33: ...ing in a User Name and New Password and retype the same password in the Confirm New Password Choose the level of privilege Admin or User from the Access Right drop down menu User Account Modify Table...

Page 34: ...by clicking the Save Changes button located in the Maintenance folder Save Configuration window The Switch has two levels of memory normal RAM and non volatile or NV RAM To save all the changes made i...

Page 35: ...ra tion will be returned to the factory default settings for the current session only When the Switch is rebooted it will return to the last configuration saved to the Switch s NV RAM using the Save C...

Page 36: ...e current configuration to non volatile RAM before restarting the Switch Clicking the No option instructs the Switch not to save the current configuration before restarting the Switch All of the confi...

Page 37: ...defined Choose from the following options 9600 19200 38400 or 115200 MAC Address Aging Time 10 1000000 This field specifies the length of time a learned MAC Address will remain in the forwarding table...

Page 38: ...to disable this by selecting Disabled you will lose the ability to configure the system through the web interface as soon as these settings are applied Web TCP Port Number 1 65535 The TCP port number...

Page 39: ...Settings RADIUS Server IGMP IGMP Snooping Static Router Ports Entry Spanning Tree STP Switch Settings STP Port Settings Forwarding Filtering Unicast Forwarding Multicast Forwarding VLANs Static VLAN E...

Page 40: ...window displays general information about the Switch including its MAC Address Hardware Boot PROM and Firmware versions and installed module information IP Address Switch IP settings may initially be...

Page 41: ...he management station that will access the Switch The Switch will allow management access from stations with the same VID listed here To use the BOOTP or DHCP protocols to assign the Switch an IP addr...

Page 42: ...nagement station that can connect to the Switch can access the Switch until either Management Station IP Addresses are assigned or SNMP settings are configured to control management access Setting the...

Page 43: ...defined Choose from the following options 9600 19200 38400 or 115200 MAC Address Aging Time 10 1000000 This field specifies the length of time a learned MAC Address will remain in the forwarding table...

Page 44: ...his by selecting Disabled you will lose the ability to configure the system through the web interface as soon as these settings are applied Web TCP Port Number 1 65535 The TCP port number currently be...

Page 45: ...100 Mbps devices full or half duplex The Auto setting allows the port to automati cally determine the fastest settings the device the port is connected to can handle and then to use those settings The...

Page 46: ...orts click Port Description on the Configuration folder Port Description Setting window The user may set the following parameters Unit This is the Unit ID of a Switch The number 15 indicates a KGS 312...

Page 47: ...hat will be mirrored Choose Ingress Egress or Both for the mirrored port by clicking the appropriate radio button for the port 3 Select the Target Port using the Unit and Port drop down menus 4 Change...

Page 48: ...d of shutting down a loop when a storm is formed because a MAC address cannot be located in the Switch s forwarding data base and it must send a packet to all ports or all ports on a VLAN To configure...

Page 49: ...e aggregation group This port is called the Master Port of the group and all configuration options including the VLAN configuration that can be applied to the Master Port are applied to the entire lin...

Page 50: ...kly isolate a bandwidth intensive network device or to have an absolute backup aggregation group that is not under automatic control Type This pull down menu allows you to select between Static and LA...

Page 51: ...ending LACP control frames This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require In order to utilize the ability to change an agg...

Page 52: ...tation of the server side of IEEE 802 1X Port Based Network Access Control Through this mechanism users have to be authorized before being able to access the network See the following figure Typical 8...

Page 53: ...53 Once the user is authenticated the Switch unblocks the port that is connected to the user as shown in the next figure Typical 802 1X Configuration with User Authentication...

Page 54: ...US server Typical Configuration with 802 1X Fully Implemented State Machine Name Port Timers state machine Authenticator PAE state machine The Authenticator Key Transmit state machine Reauthentication...

Page 55: ...der and click on the 802 1X Authenticator Settings link 1st 802 1X Authenticator Settings window To configure the 802 1X Authenticator settings for a given port click on the blue port number under the...

Page 56: ...through the interface If Auto is selected it will enable 802 1X and cause the port to begin in the unauthorized state allowing only EAPOL frames to be sent and received through the port The authentic...

Page 57: ...the 802 1X Capability Settings link 802 1X Capability Settings 802 1X Capability Settings window To set up the Switch s 802 1X port based authentication select which ports are to be configured in the...

Page 58: ...US server settings index Radius Server Type in the IP address of the RADIUS server Authentic Port This is the UDP port on the RADIUS server that will be used to authenticate users The default is 1812...

Page 59: ...on IGMP messages sent from the device to the IGMP host or vice versa The Switch monitors IGMP messages and discontinues forwarding multicast packets when there are no longer hosts re questing that th...

Page 60: ...es the maximum amount of time between group specific query messages including those sent in response to leave group messages The default value is 1 Host Timeout This is the maximum amount of time in s...

Page 61: ...do not send IGMP reports or implement IGMP snooping a multicast router connected to the router port of the Layer 3 Switch would not be able to receive UDP data streams unless the UDP multicast packets...

Page 62: ...TP was developed in order to overcome some limitations of STP that impede the function of some recent Switching innovations in particular certain Layer 3 function that are increasingly handled by Ethe...

Page 63: ...example would be a port connected directly to a single worksta tion Ports that are designated as edge ports transition to a forwarding state immediately without going through the listening and learni...

Page 64: ...nning Tree Protocol STP operates on two levels on the Switch level the settings are globally implemented On the port level the settings are implemented on a per user defined group of ports basis Switc...

Page 65: ...itch spends in the listening state while moving from the blocking state to the forwarding state Bridge Priority 0 61440 32768 A Priority for the Switch can be set from 0 to 61440 This number is used i...

Page 66: ...Group spanning tree works in the same way as the Switch level spanning tree but the root bridge concept is replaced with a root port concept A root port is a port of the group that is elected on the...

Page 67: ...an coexist with standard STP however the benefits of RSTP are not realized on a port where an 802 1d network connects to an 802 1w enabled network Migration should be enabled Yes on ports connected to...

Page 68: ...Forwarding Table window as shown below Setup Static Unicast Forwarding Table window To add an entry define the following parameters VLAN ID The VLAN ID number of the VLAN on which the above Unicast MA...

Page 69: ...ng Table window The following parameters can be set VID The VLAN ID of the VLAN the MAC address below belongs to Multicast MAC Address The MAC address of the static source of multicast packets This mu...

Page 70: ...improvement in performance since it bypasses any routing functions packets transferred between subnets are reduced to a hardware decision Even though a Switch inspects a packet s IP address to determ...

Page 71: ...orwarded only to members of the VLAN on which the broadcast was initiated IEEE 802 1Q VLANs Some relevant terms Tagging The act of putting 802 1Q VLAN information into the header of a packet Untagging...

Page 72: ...wo octets and consists of three bits or user priority one bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried across Ethernet backbones and twelve b...

Page 73: ...re inserted after the MAC source address but before the original EtherType Length or Logical Link Control Because the packet is now a bit longer than it was origi nally the Cyclic Redundancy Check CRC...

Page 74: ...g to the VID contained within the tag Tagged packets are also as signed a PVID but the PVID is not used to make packet forwarding decisions the VID is Tag aware Switches must keep a table to relate PV...

Page 75: ...tagged with VLAN information the ingress port will tag the packet with its own PVID as a VID if the port is a tagging port The Switch then determines if the destination port is a member of the same V...

Page 76: ...VLAN ID For a new VLAN entry type in a unique identifier This number is used to configure other settings such as GVRP status for ports in the VLAN VLAN Name For a new VLAN entry type in a unique name...

Page 77: ...h Added VLAN window To change the port settings of any listed VLAN click the Modify button Now click the Modify button in the first 802 1Q Static VLANs window for the newly created VLAN engineering A...

Page 78: ...w Configure the 802 1 Port Settings Unit Select the relevant Switch for configuration From To Use these drop down menus to specify the range of ports that will be included in the VLAN Ingress Check Th...

Page 79: ...into the packet header is used to identify the priority level of data packets The Switch implements 802 1p priority using eight hardware queues Therefore the Switch must have a means of mapping the e...

Page 80: ...port on the Switch Click on the 802 1p Default Priority link in the QoS sub folder Port Default Priority assignment window This page allows you to assign a default 802 1p priority to any given port on...

Page 81: ...e assignment of a User Priority to each of the 802 1p priorities User Priority Configuration window Once you have assigned a priority to the port groups on the Switch you can then assign this Class to...

Page 82: ...uling may result in unacceptable levels of packet loss or significant transmission delay If you choose to customize this setting it is important to monitor network performance especially during peak d...

Page 83: ...to limit traffic but is more restrictive It provides a method of directing traffic that does not increase the overhead of the Master Switch CPU Traffic Segmentation Setting window The Unit drop down...

Page 84: ...ports may be configured starting with the selected port Type This drop down menu allows you to select between RX receive TX transmit and Both This setting will determine whether the bandwidth ceiling...

Page 85: ...ation Global Settings MAC Notification Global Settings window The following parameters can be set State This drop down menu is used to enable or disable MAC notification on the selected Switch Interva...

Page 86: ...ation Port Settings window The following parameters can be set Unit Specify number 15 indicates the Switch From To A consecutive group of ports may be configured starting with the selected port State...

Page 87: ...sages to up to four designated servers System Log Servers window Click the Add button to bring up the window pictured below The parameters configured for adding System Log are described in the table b...

Page 88: ...own in the following Bold font means the facility values that the Switch currently supports Code Facility 0 kernel messages 1 user level messages 2 mail system 3 system daemons 4 security authorizatio...

Page 89: ...orts and gaining access to the network Port Security Settings window The following parameters can be set Unit Specify number 15 indicates the Switch From To A consecutive group of ports may be configu...

Page 90: ...State Use this pull down menu to enable or disable SNTP SNTP Secondary Server This is the primary server the SNTP information will be taken from SNTP Poll Interval in Seconds This is the interval betw...

Page 91: ...DST offset 30 60 90 or 120 minutes Time Zone Offset from GMT in HH MM Use these pull down menus to specify your local time zone s offset from Greenwich Mean Time GMT DST Repeating Settings Repeating U...

Page 92: ...ime DST will end DST Annual Settings Annual Using annual mode will enable DST seasonal time adjustment Annual mode requires that the DST beginning and ending date be specified concisely For example sp...

Page 93: ...y the currently configured Access Profiles on the Switch open the Configuration folder and click on the Access Profile Table link This will open the Access Profile Table window as shown below Access P...

Page 94: ...t header Vlan Selecting this option instructs the Switch to examine the VLAN part of each packet header and use this as the or part of the criterion for forwarding Source Mac Source MAC Mask Enter a M...

Page 95: ...u according to the requirements for the type of profile Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header Select IP to instruct the Switch to examine the IP addr...

Page 96: ...P type value Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion Selecting TCP requires that you specify a source port mask a destination port mask or a f...

Page 97: ...97 The window shown below is the Access Profile Configuration window for Packet Content Mask Access Profile Configuration Packet Content Mask window...

Page 98: ...ket header Select IP to instruct the Switch to examine the IP address in each frame s s header Select Packet Content Mask to specify a mask to hide the content of the packet header Offset This field w...

Page 99: ...rofile Table window and then click the Modify button for that individual entry Access Rule Table window To create a new rule set for the access profile click the Add button A new window is displayed T...

Page 100: ...in the packet header that will be identified by the Switch Replace Priority 0 7 This parameter is specified if you want to change the 802 1p user priority of a packet that meets the specified criteria...

Page 101: ...101 Access Rule Configuration IP window Configure the Access Rule Configuration settings on the window above...

Page 102: ...pecify a mask to hide the content of the packet header Priority 0 7 Specify the priority tag located in the packet header that will be identified by the Switch Replace Dscp with 0 63 Select this optio...

Page 103: ...103 Access Rule Configuration Package Content Mask window Configure the Access Rule Configuration settings on the window above...

Page 104: ...o examine the IP address in each frame s header Select Packet Content Mask to specify a mask to hide the content of the packet header Priority 0 7 Specify the priority tag located in the packet header...

Page 105: ...g OSPF Area ID Settings OSPF Interface Settings OSPF Virtual Interface Settings OSPF Area Aggregation Settings OSPF Host Route Settings DHCP BOOTP Relay DHCP BOOTP Relay Information DHCP BOOTP Relay S...

Page 106: ...n the ARP dynamic entry table To setup permanent entries for ARP use the Static ARP Settings window described later in this chapter PIM RIP OSPF and DVMRP may also be globally enabled or disabled usin...

Page 107: ...address and subnet mask in the corresponding fields Pull the Admin State pull down menu to Enabled and click Apply to enter to make the IP interface effective Use Save Changes in the Maintenance folde...

Page 108: ...he backbone Only routers have connections to the backbone and OSPF is structured such that routing information changes in other areas will be introduced into the backbone and then propagated to the re...

Page 109: ...ociated cost also called metric that is representative of the over head required to send packets over that interface This cost is inversely proportional to the bandwidth of the interface i e a higher...

Page 110: ...ter A can reach 222 211 10 0 through Router C with a cost of 10 10 20 Router A can also reach 222 211 10 0 through Router B and Router D with a cost of 10 5 10 25 but the cost is higher than the route...

Page 111: ...s between areas Areas are specific to the router interface A router that has all of its interfaces in the same area is called an Internal Router A router that has interfaces in multiple areas is calle...

Page 112: ...then uses an algorithm to generate a mathematical message digest that is derived from the OSPF packet the key and the key ID This message digest a number is then appended to the packet The key is not...

Page 113: ...o packets that a router sends on an OSPF interface The dead interval is the number of seconds that a router s Hello packets have not been seen before its neighbors declare the OSPF router down OSPF ro...

Page 114: ...e by sending database description packets Loading The routers are finalizing the information exchange Routers have link state request list and a link state retransmission list Any information that loo...

Page 115: ...eld Authentication Type The type of authentication to be used for the packet Authentication A 64 bit field used by the authentication scheme Hello Packet Hello packets are OSPF packet type 1 They are...

Page 116: ...the DR or the BDR Router Dead Interval The number of seconds that must pass before declaring a silent router as down Designated Router The identity of the DR for this network in the view of the advert...

Page 117: ...The optional capabilities supported by the router I bit The Initial bit When set to 1 this packet is the first in the sequence of Database Description packets M bit The More bit When set to 1 this in...

Page 118: ...an adjacency A router that sends a Link State Request packet has in mind the precise instance of the database pieces it is requesting defined by LS sequence number LS checksum and LS age although the...

Page 119: ...In order to make the flooding procedure reliable flooded advertisements are acknowledged in Link State Acknowledgment packets If retransmission of certain advertisements is necessary the retrans mitte...

Page 120: ...urce of the advertisements being acknowl edged a Link State Acknowledgment packet is sent either to the multicast address AllSPFRouters to the multicast address AllDRouters or as a unicast packet The...

Page 121: ...database each router constructs a shortest path tree with itself as root This yields a routing table There are four types of link state advertisements each using a common link state header These are...

Page 122: ...The contents of this field depend on the advertisement Link State Type Advertising Router The Router ID of the router that originated the Link State Adver tisement For example in network links advert...

Page 123: ...he area must be described in a single router links advertisement The format of the Router Links Advertisement is shown below Routers Links Advertisement In router links advertisements the Link State I...

Page 124: ...nnection to a stub network Virtual link Link ID Identifies the object that this router link connects to Value depends on the link s Type When connecting to an object that also originates a link state...

Page 125: ...cess network that has more than one attached router The network links advertisement is originated by the network s Desig nated router The advertisement describes all routers attached to the network in...

Page 126: ...per area basis Default summary routes are used in stub area instead of flooding a complete set of external routes When describing a default summary route the advertisement s Link State ID is al ways...

Page 127: ...ternal Link Advertisement is shown below AS External Link Advertisements Field Description Network Mask The IP address mask for the advertised destination E bit The type of external metric If the E bi...

Page 128: ...domain MD5 Keys created here are entered in when setting up OSPF interfaces Please read the description in the section below about OSPF Interface Settings To configure an MD5 Key click the MD5 Key Se...

Page 129: ...istributed Route Redistribution Settings window To create a new route redistribution criteria select the Dest Protocol destination protocol and Src Protocol source protocol from the drop down menus ch...

Page 130: ...indow To view the new route and any other static routes configured for the Switch click the Show All Static Default Route Entries link The following fields can be set IP Address 0 0 0 0 Allows the ent...

Page 131: ...ng entry click the X button in the Delete column for the entry you want to eliminate To delete all static ARP entries click the Clear All button Static ARP Settings window Clicking the Add button allo...

Page 132: ...Apply button RIP can be disabled or enabled without changing any of the RIP IP interfaces settings using this window RIP Global Setting window RIP Interface Settings RIP settings are configured for e...

Page 133: ...which version of the RIP protocol will be used to transmit RIP packets Disabled prevents the transmission of RIP packets RX Mode Disabled Toggle among Disabled V1 Only V2 Only and V1 and V2 This entry...

Page 134: ...eneral Setting window The following parameters are used for general OSPF configuration OSPF Route ID A 32 bit number in the same format as an IP address xxx xxx xxx xxx that uniquely identifies the Sw...

Page 135: ...k the Add Modify button to add the Area ID set to the table To remove an Area ID configuration set simply click the X in the Delete column for the configura tion To change an existing set in the list...

Page 136: ...or in IP interface click on the hyperlinked name of the interface to see the configuration menu for that interface OSPF Interface Settings window OSPF Interface Settings Edit window Configure each IP...

Page 137: ...that router down An interval between 5 and 65535 seconds can be specified The Dead Interval must be evenly divisible by the Hello Interval State Allows the OSPF interface to be disabled for the selec...

Page 138: ...l interface appears Up or Down in the Status column OSPF Virtual Interface Settings Add window Configure the following parameters if you are adding or changing an OSPF Virtual Interface Transit Area I...

Page 139: ...area to be aggregated into a summary LSDB advertisement of just the network address and subnet mask This allows for a reduction in the volume of LSDB advertisement traffic as well as a reduction in th...

Page 140: ...Settings OSPF host routes work in a way analogous to RIP only this is used to share OSPF information with other OSPF routers This is used to work around problems that might prevent OSPF information sh...

Page 141: ...interface on which they reside DHCP Bootp Relay Information DHCP Bootp Relay Information window This window is used to enable BOOTP Relay and configure hops and time limit Set the relay configu ratio...

Page 142: ...nformation DNS Relay Information window The DNS Relay Information window is used to enable DNS Relay and configure IP addresses for available DNS servers Set the relay configuration as desired and cli...

Page 143: ...p router by end hosts Utilizing VRRP the administrator can achieve a higher available default path cost without needing to configure every end host for dynamic routing or routing discovery protocols S...

Page 144: ...o view this window click Configuration Layer 3 IP Networking VRRP VRRP Interface Settings VRRP Interface Table window This window displays VRRP entries currently set on the Switch and holds the follow...

Page 145: ...terface to create a VRRP entry for This IP interface must be assigned to a VLAN on the Switch VRID 1 255 Enter a value between 1 and 255 to uniquely identify this VRRP group on the Switch All routers...

Page 146: ...e network If the connection from the virtual router to this IP address fails a new Master will be elected from the backup routers participating in the VRRP group If the connection to the backup fails...

Page 147: ...ived by a virtual router Simple Text Password A Simple password has been selected to com pare VRRP packets received by a virtual router for authentication IP Authentication Header An MD5 message diges...

Page 148: ...y is set higher than the master router False will disable the backup router from becoming the master router Virtual Router Up Time Displays the time in minutes since the virtual router has been initia...

Page 149: ...Query Interval 1 65535 125 Allows the entry of a value between 1 and 65535 seconds with a default of 125 seconds This specifies the length of time between sending IGMP queries Max Response Time 1 25...

Page 150: ...tings that have been configured so it can later be enabled and apply the same settings DVMRP Global Setting window Select Enabled or Disabled and click on the Apply button to make the change DVMRP Int...

Page 151: ...Probe Interval 10 This field allows an entry between 0 and 65 535 seconds and defines the interval between probes The default is 10 Neighbor Timeout Interval 35 This field allows an entry between 1 a...

Page 152: ...ling PIM DM will not affect any PIM DM settings that have been configured so it can later be enabled and apply the same settings PIM DM Global Setting window Select Enabled or Disabled and click on th...

Page 153: ...IP interface named above Hello Interval 30 This field allows an entry of between 0 and 18724 seconds and determines the interval between sending Hello packets to other routers on the net work The def...

Page 154: ...al hosts on the same subnet as the Switch that will be allowed to manage the Switch It is recommended that the IP address of the local host that will be used to manage the Switch be entered here to av...

Page 155: ...d host for optimal use CBC Block Ciphers CBC refers to Cipher Block Chaining which means that a portion of the previously encrypted block of encrypted text is used in the encryption of the current blo...

Page 156: ...extension Ex c cert der Key File Name Enter the path and the filename of the key file you wish to download This file must have a der extension Ex c pkey der SSL Configuration This window will allow th...

Page 157: ...ld is Enabled by default RSA EXPORT with RC4 40 MD5 This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption with 40 bit keys Use the pull down menu to enable or disable...

Page 158: ...s using the User Accounts window in the Manage ment folder This is identical to creating any other admin lever User account on the Switch including specifying a password This password is used to login...

Page 159: ...ion timeout The user may set a time between 120 and 600 seconds The default is 300 seconds Auth Fail 2 20 Allows the administrator to set the maximum number of attempts that a user may try to log on t...

Page 160: ...e Shell SSH SSH Algorithm Encryption Algorithm window The user may set the following parameters Encryption Algorithm 3DES CBC Use the pull down menu to enable or disable the Triple_Data Encryption Sta...

Page 161: ...cryption The default is Enabled HMAC MD5 Use the pull down menu to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing the MD5 Message Digest encryption algorithm The d...

Page 162: ...ter should be chosen if the administrator wishes to use a remote SSH server for authentication purposes Choosing this parameter requires the user to input the following information to identify the SSH...

Page 163: ...one or more centralized servers The TACACS protocol encrypts all traffic between the switch and the TACACS daemon using the TCP protocol to ensure reliable delivery In order for the TACACS XTACACS TA...

Page 164: ...he server must be configured exactly the same using the same protocol For example if the switch is set up for TACACS authentication so must be the host server Policy Parameters This command will enabl...

Page 165: ...erface application the Telnet application the Secure Shell SSH application and the Web HTTP application Login Method List Using the pull down menu configure an application for normal login on the user...

Page 166: ...dow This window displays the Authentication Server Groups on the Switch The Switch has four built in Authentication Server Groups that cannot be removed but can be modified To modify a particular grou...

Page 167: ...n one authentication protocol can be run on the same physical server host but remem ber that RADIUS TACACS TACACS XTACACS are separate entities and are not compatible with each other The maximum suppo...

Page 168: ...command will configure a user defined or default Login Method List of authentication techniques for users logging on to the Switch The sequence of techniques implemented in this command will affect t...

Page 169: ...ame defined by the user of up to 15 characters Method 1 2 3 4 The user may add one or a combination of up to four of the following authenti cation methods to this method list local Adding this paramet...

Page 170: ...oup If no verification is found the Switch will send an authentication request to the second TACACS host in the server group and so on until the list is exhausted At that point the Switch will restart...

Page 171: ...enable password must be set by the user in the next section entitled Local Enable Password none Adding this parameter will require no authentication to access the switch radius Adding this parameter...

Page 172: ...password of up to 15 characters Confirm Local Enable Confirm the new password entered above Entering a different password here from the one set in the New Local Enabled field will result in a fail mes...

Page 173: ...Enable Admin window When this window appears click the Enable Admin button revealing a dialog box for the user to enter authentication password username as seen below A successful entry will promote...

Page 174: ...Management to control user privileges To view existing User Accounts open the Management folder and click on the User Accounts link This will open the User Account Manage ment window as shown below U...

Page 175: ...own menu Admin and User Privileges There are two levels of user privileges Admin and User Some menu selections available to users with Admin privileges may not be available to those with User privileg...

Page 176: ...of the web man ager Workstations on the network that are allowed SNMP privileged access to the Switch can be restricted with the Security IP Management window located in the Security folder under Tru...

Page 177: ...on protocol is in use DES Indicates that DES 56 bit encryption is in use based on the CBC DES DES 56 standard To add a new entry to the SNMP User Table Configuration click on the Add button on the SNM...

Page 178: ...ts can be accessed by a remote SNMP manager SNMP View Table window To delete an existing SNMP View Table entry click the X button listed under Delete on the far left that corresponds to View Name To c...

Page 179: ...cess by an SNMP manager View Type Select Included to include this object in the list of objects that an SNMP manager can access Select Excluded to exclude this object from the list of objects that an...

Page 180: ...y under the Group Name heading SNMP Group Table Display window To add a new entry to the Switch s SNMP Group Table click the Add button in the upper left hand corner of the SNMP Group Table window Thi...

Page 181: ...sed The SNMP v2c supports both centralized and distributed network management strategies It includes improvements in the Structure of Management Information SMI and adds some security features SNMPv3...

Page 182: ...munity Table Configuration window The following parameters can set Community Name Type an alphanumeric string of up to 33 characters that is used to identify members of an SNMP community This string i...

Page 183: ...e SNMP Host Table window This will open the SNMP Host Table Configuration window as shown below SNMP Host Table Configuration SNMP Host Table Configuration window The following parameters can set IP A...

Page 184: ...e on the Switch To display the Switch s SNMP Engine ID open the Management folder and then the SNMPV3 folder Finally click on the SNMP Engine ID link This will open the SNMP Engine ID Configuration wi...

Page 185: ...Multicast Forwarding Table Browse IGMP Group Table OSPF Monitor Browse OSPF LSDB Table Browse OSPF Neighbor Table Browse OSPF Virtual Neighbor Table DVMRP Monitor Browse DVMRP Routing Table Browse DV...

Page 186: ...set Unit Specify number 15 indicates the Switch Port Allows you to specify a port to monitor from the Switch selected above Clear Clicking this button clears all statistics counters on this window Ti...

Page 187: ...Interval 1s Select the desired setting between 1s and 60s where s stands for seconds The default value is one second Record Number 200 Select number of times the Switch will be polled between 20 and 2...

Page 188: ...188 Rx Packets Analysis line graph for Bytes Packets window Rx Packets Analysis table for Bytes Packets window...

Page 189: ...thisbuttoninstructstheSwitchtodisplayatableratherthanalinegraph View Line Chart ClickingthisbuttoninstructstheSwitchtodisplayalinegraphratherthanatable Bytes Counts the number of bytes received on the...

Page 190: ...buttoninstructstheSwitchtodisplayatableratherthanalinegraph View Line Chart ClickingthisbuttoninstructstheSwitchtodisplayalinegraphratherthanatable Unicast Counts the total number of good packets that...

Page 191: ...191 Transmitted Packets Tx Packets Analysis line graph for Bytes Packets window Tx Packets Analysis table for Bytes Packets window...

Page 192: ...uttoninstructstheSwitchtodisplayatableratherthanalinegraph View Line Chart ClickingthisbuttoninstructstheSwitchtodisplayalinegraphratherthanatable Bytes Counts the number of bytes successfully sent fr...

Page 193: ...line graph window Rx Error Analysis table window Select the desired Switch using the Unit drop down menu and the desired port using the Port drop down menu The Time Interval field sets the interval at...

Page 194: ...lly indicate collision fragments a normal network occurrence OverSize Counts packets received that were longer than 1518 octets or if a VLAN frame 1522 octets and less than the MAX_PKT_LEN Internally...

Page 195: ...195 Transmitted Errors Tx Error Analysis line graph window Tx Error Analysis table window...

Page 196: ...mission attempt on a particular interface was delayed because the medium was busy LateColl Late Collision Late Collisions The number of times that a collision is detected later than 512 bit times into...

Page 197: ...197 Size Various statistics can be viewed as either a line graph or a table Packet Size Packet Size Packet Size Analysis line graph window Packet Size Analysis table window...

Page 198: ...h inclusive excluding framing bits but including FCS octets 128 255 The total number of packets including bad packets received that were between 128 and 255 octets in length inclusive excluding framin...

Page 199: ...MAC address and a port number it makes an entry into its forwarding table These entries are then used to forward packets through the Switch MAC Address Table window The following fields can be set VL...

Page 200: ...to the console manager Clicking Next at the bottom of the window will allow you to display all the switch Trap Logs The information is described as follows Sequence A counter incremented whenever an e...

Page 201: ...The following field can be set Multicast Group The IP address of the multicast group MAC Address The MAC address of the multicast group Reports The total number of reports received for this group Bro...

Page 202: ...tatus This window displays the status of VLANs managed by the Switch VLAN Status window Session Table This window displays the management sessions since the Switch was last rebooted Current Session Ta...

Page 203: ...ddressTablewindowmaybefoundintheMonitoringfolderintheLayer3Featuresub folder This window allows the user to view IP addresses discovered by the Switch To search a specific IP address enter it into the...

Page 204: ...an IP address into the Destination Address field along with a proper subnet mask into the Mask field Routing Table window Browse ARP Table The ARP Table window may be found in the Monitoring folder i...

Page 205: ...ast group IP address into the Multicast Group field or a Source IP address and click Find IP Multicast Forwarding Table window Browse IGMP Group Table The IGMP Group Table window may be found in the M...

Page 206: ...is selected as the browse method you must enter the IP address in the Area ID field and then click Find If Advertise Router ID is selected you must enter the IP address in the Advertise Router ID fiel...

Page 207: ...ibed by the advertisement The contents of this field depend on the advertisement s LS type LS Type Link State ID 1 The originating router s Router ID 2 The IP interface address of the network s Design...

Page 208: ...to be monitored for each IP interface defined on the switch This folder found in the Monitoring folder offers three win dows for monitoring DVMRP Routing Table DVMRP Neighbor Address Table and DVMRP...

Page 209: ...e IP Address in the fields at the top of the window and clicking Find DVMRP Routing Next Hop Table window PIM Monitor Multicast routers use Protocol Independent Multicast PIM to determine which other...

Page 210: ...to the TFTP server Download Firmware To update the Switch s firmware click on the Maintenance folder and then the TFTP Services folder and then the Download Firmware link Download Firmware window Use...

Page 211: ...initiate the file transfer Save Settings To upload the Switch settings to a TFTP server click on the Maintenance folder and then the TFTP Service folder and then the Save Settings link Save Settings...

Page 212: ...packets to the specified IP address until the program is stopped Save Changes The KGS 3120 has two levels of memory normal RAM and non volatile or NV RAM Configuration changes are made effective clic...

Page 213: ...t the factory Reset gives the option of retaining the Switch s User Accounts and History Log while resetting all other configuration parameters to their factory defaults If the Switch is reset with th...

Page 214: ...the No click box instructs the Switch not to save the current configuration before restarting the Switch All of the configuration information entered from the last time Save Changes was ex ecuted wil...

Page 215: ...forward RAM Buffer 1 MB per device Filtering Address Table 16 K MAC address per device Packet Filtering Forwarding Rate Full wire speed for all connections 148 800 pps per port for 100Mbps 1 488 000...

Page 216: ...ng diagrams and tables show the standard RJ 45 receptacle connector and their pin assign ments The standard RJ 45 port and connector RJ 45 Pin Assignments Contact MDI X Port MDI II Port 1 RD receive T...

Page 217: ...Mini GBIC 1000BASE LX Single mode fiber module 10km 1000BASE SX Multi mode fiber module 550m 1000BASE LHX Single mode fiber module 40km 1000BASE ZX Single mode fiber module 80km 1000BASE T Category 5e...

Page 218: ...ckbone port A port which does not learn device addresses and which receives all frames with an unknown address Backbone ports are normally used to connect the Switch to the backbone of your network No...

Page 219: ...et toward its destination by an internetworking device full duplex A system that allows packets to be transmitted and received at the same time and in effect doubles the potential throughput of a link...

Page 220: ...e connec tion SNMP Simple Network Management Protocol A protocol originally designed to be used in managing TCP IP internets SNMP is presently implemented on a wide range of computers and net working...

Page 221: ...llows an application program on one device to send a datagram to an application program on another device VLAN Virtual LAN A group of location and topology independent devices that communicate as if t...

Reviews:

No comments

Related manuals for KGS-3120

D-Link TM DES-6500 Command Line Interface Reference Manual preview
TM DES-6500
Brand: D-Link Pages: 267
H3C S3100 Series Command Manual preview
S3100 Series
Brand: H3C Pages: 1089
UNICOM DynaGST/2402G GEP-33224T-1 Specifications preview
DynaGST/2402G GEP-33224T-1
Brand: UNICOM Pages: 1
UNICONTROL Electronic Cleveland Controls RSS-498-013 Manual preview
Cleveland Controls RSS-498-013
Brand: UNICONTROL Electronic Pages: 2
Yamamoto Electric Works Co., Ltd. MS65F Instruction Manual preview
MS65F
Brand: Yamamoto Electric Works Co., Ltd. Pages: 15
ATEN CS1922M User Manual preview
CS1922M
Brand: ATEN Pages: 17
J-Tech Digital JTECH-HD4X48 User Manual preview
JTECH-HD4X48
Brand: J-Tech Digital Pages: 28
Generac Power Systems 004635-3 Owner'S Manual preview
004635-3
Brand: Generac Power Systems Pages: 20
Cabletron Systems SmartSTACK 100 ELS100-16TX Getting Started preview
SmartSTACK 100 ELS100-16TX
Brand: Cabletron Systems Pages: 16
C&C TECHNIC AVlink VAX-8404F User Manual preview
AVlink VAX-8404F
Brand: C&C TECHNIC Pages: 2
AMX AVS-OCT-4832-117 Product View preview
AVS-OCT-4832-117
Brand: AMX Pages: 1
IPGARD SDPN-2D Manual preview
SDPN-2D
Brand: IPGARD Pages: 15
Eaton Moeller IZM Series Quick Start Manual preview
Moeller IZM Series
Brand: Eaton Pages: 4
Lantech LGS-2424C User Manual preview
LGS-2424C
Brand: Lantech Pages: 80
H3C FS5300-EI Series Compliance And Safety Manual preview
FS5300-EI Series
Brand: H3C Pages: 57
Gefen EXT-DVI-444DL User Manual preview
EXT-DVI-444DL
Brand: Gefen Pages: 20
Kramer VS-211H2 User Manual preview
VS-211H2
Brand: Kramer Pages: 12
Omron D4D-1520R Manual preview
D4D-1520R
Brand: Omron Pages: 13

Brands by name

Popular brands

Load more brands