manualshive.com logo in svg

Lancom ES-2126+, Manual, Page: 99 / 244

Share
Download
Lancom ES-2126+ Manual Download Page 99

LANCOM ES

-

2126+ und LANCOM ES

-

2126P

쮿

 Chapter 4: Operation of Web- based Management

98

EN

consistent on all devices or for all services. For this reason, user data should
be managed on a central server. 

As a simple example, a user wishes to register at a router and sends the cor-
responding login details (user ID) to it. In this case the router functions as a
Network Access Server (NAS): It does not check the user data itself; rather, the
data is forwarded to the central AAA server, which responds by checking the
data and answering with an accept or a reject. 

4.15.2

Configuring the  parameters

is configured with the following parameters:

쮿

State

Configures the server and sets the password for the encryption
of data communications with the  protocol.

Server 1: Address of the server to which requests for
authentication, authorization and accounting are to be forwarded.
The value 0.0.0.0 deactivates this entry.

Server 2: You can optionally configure a second  server
address here. If the first  server is not available and the
maximum number of failed login attempts is reached, the device
forwards its login requests to the alternative  server. The
maximum number of failed login attempts is set as the "Access retry"
value under the "Access" menu item.
The value 0.0.0.0 deactivates this entry.

Secret key: The password for encrypting the communications between
NAS and  servers.

The password must be entered identically into the LANCOM and the
 server. We recommend that you do not operate 
without encryption.

AAA-SERVER

User ID

Accept

User ID

Accept

NAS

PC

Summary of Contents for ES-2126+

Page 1: ...LANCOM ES 2126 c o n n e c t i n g y o u r b u s i n e s s ...

Page 2: ...LANCOM ES 2126 LANCOM ES 2126P ...

Page 3: ... for technical errors or omissions Products from LANCOM Systems include software developed by the OpenSSL Project for use in the OpenSSL Toolkit http www openssl org Products from LANCOM Systems include cryptographic software written by Eric Young eay cryptsoft com Products from LANCOM Systems include software developed by the NetBSD Foundation Inc and its contributors Products from LANCOM Systems...

Page 4: ...an be managed with the clearly structured Webconfig and is supported by the LANCOM Management Tools LANconfig and LANmonitor Model variants This documentation is intended for LANCOM switch users The following models are available 쮿 The LANCOM ES 2126 without PoE support 쮿 The LANCOM ES 2126P with PoE support Model restrictions Passages applying only to certain models are identified either in the t...

Page 5: ...st drivers firmware utilities and documentation are constantly available for download In addition LANCOM Support is available For telephone numbers and contact addresses for LANCOM Support please refer to the enc losed leaflet or the LANCOM Systems Web site Information symbols Very important instructions Failure to observe these may result in damage Important instruction that should be observed Ad...

Page 6: ...ES 2126P 18 2 4 Mounting and connecting up the LANCOM switch 18 2 5 Software installation 19 2 5 1 Starting the software setup 19 2 5 2 Which software should I install 20 3 Configuring and monitoring the LANCOM switch 21 3 1 Configuration options 21 3 1 1 Starting WEBconfig 21 3 1 2 Starting the Command Line Interface over the network 23 3 1 3 Starting the Command Line Interface over the serial co...

Page 7: ...Log 44 4 3 Port 45 4 3 1 Port Configuration 45 4 3 2 Port Status 47 4 3 3 Simple Counter 50 4 3 4 Detail Counter 51 4 4 PoE 53 4 5 Loop Detection 56 4 6 SNMP Configuration 56 4 7 DHCP Boot 58 4 8 IGMP Snooping 59 4 9 VLAN 62 4 9 1 VLAN Mode 62 4 9 2 Tag based Group 64 4 9 3 PVID 66 4 9 4 Port based Group 67 4 10 MAC Table 68 4 11 GVRP Configuration 72 4 12 STP Configuration 77 4 12 1 STP Status 77...

Page 8: ...gnostics 118 4 20 2 Loopback 119 4 20 3 Ping 120 4 20 4 Watchdog 120 4 21 TFTP Server 121 4 22 Log 122 4 23 Firmware Upgrade 123 4 24 Reboot 124 4 25 Logout 125 5 Operation of CLI Management 126 5 1 CLI Management 126 5 1 1 Login 126 5 2 Commands of CLI 127 5 2 1 Global Commands of CLI 128 5 2 2 Local Commands of CLI 134 6 Appendix 241 6 1 Performance data and specifications 241 6 2 Connector wiri...

Page 9: ...LANCOM ES 2126 und LANCOM ES 2126P 쮿 Contents 8 EN ...

Page 10: ...ing Bandwidth Control Port Secu rity SNMP RMON and IGMP Snooping capability via the intelligent software It is suitable for both metro LAN and office application Additionally the LANCOM ES 2126 supports TACACS a protocol for authentication authorization and accounting AAA It thus provides access to the network for certain authorized users only it regulates the rights of those users and it is a log...

Page 11: ...t Security Support allowed denied forwarding and port security with MAC address 쮿 SNMP RMON SNMP agent and RMON MIB In the device SNMP agent is a client soft ware which is operating over SNMP protocol used to receive the command from SNMP manager server site and echo the corresponded data i e MIB object Besides SNMP agent will actively issue TRAP information when happened RMON is the abbreviation ...

Page 12: ... other AAA protocols such as RADIUS 쮿 IGMP Snooping Support IGMP version 2 RFC 2236 The function IGMP snooping is used to establish the multicast groups to forward the multicast packet to the member ports and in nature avoid wasting the bandwidth while IP mul ticast packets are running over the network ...

Page 13: ...m Power CPURUN ACT FDX SPD LEDSET TP Port 1 24 LINK ACT FDX SPD SFP Ports 25 26 LINK ACT FDX SPD PoE support PoE with 48VDC power through RJ 45 pin 1 2 3 6 Powered Device PD auto detection and classification PoE PSE status and activity LED indicator Management Concisely the status of port and easily port configuration Per port traffic monitoring counters Port mirror function Static trunk function ...

Page 14: ... management The trap event and alarm message can be transferred via e mail and mobile phone short message Diagnostics to let administrator knowing the hardware status External loopback test to check if the link is ok TFTP for firmware upgrade system log upload and config file import export Remote boot the device through user interface and SNMP Network time synchronization and daylight saving TACAC...

Page 15: ...essories Should anything be missing please take up immediate contact to your dealer or to the address on the delivery note supplied with your device 2 2 System requirements Computers that connect to a LANCOM must meet the following minimum requirements 쮿 Operating system with TCP IP support such as Windows Linux BSD Unix Apple Mac OS OS 2 쮿 Access to the LAN via the TCP IP protocol 쮿 Browser for W...

Page 16: ...ows far more information about the status of the LANCOM switch than the LEDs Monitoring the LANCOM switch with LANmonitor 2 3 1 LEDs and buttons on the LANCOM ES 2126 Located on the front of the device are light emitting diodes LEDs that pro vide information on device status and also two buttons 쐃 Reset Button to re start the system 쐇 CPU RUN Blinks green if the CPU is running without problem 쐃 쐇 ...

Page 17: ... for this port blinks yellow in case of collisions 쮿 LED mode Speed Constant yellow when the 100 Mbps mode is active Off when the 10 Mbps mode is active 쐅 Link Port 25 and 26 Constant green when the network connection is established to the connected device Off if no network connection can be established to the connected device 쐈 FB Port 25 and 26 Constant green when the optical port is active Off ...

Page 18: ...ed to the connected device Off if no network connection can be established to the connected device 쐄 ACT FDX SPD Port 1 to 24 This LED displays the following information depending on the selected LED status 쮿 LED mode Active Blinks yellow during data transfer 쮿 LED mode Full Duplex Constant green when full duplex mode is active for this port blinks yellow in case of collisions 쮿 LED mode Speed Con...

Page 19: ...unting and connecting up the LANCOM switch Installating the LANCOM switch involves the following steps 햲 Mounting The device is designed for mounting in an available 19 unit in a server cabinet If necessary fix the rubber pads to the underside of the device to prevent any scratching to other equipment Ensure that the device has sufficient ventilation to prevent damage from excessive heat build up ...

Page 20: ...ace via serial connection in the following chapter 햵 Supply power and switch on Supply power to the device by means of the IEC power cable 햶 Ready for operation After a brief self test the power LED lights up continuously Green LAN LINK LEDs show which LAN connectors are being used for a connection 2 5 Software installation The following section describes the installation of the Windows compatible...

Page 21: ...l LANCOM devices in your network You can use this to start the Web based configuration of a LANCOM switch 쮿 With LANmonitor you can use a Windows computer to monitor all of your LANCOM devices This program displays all important status infor mation for a LANCOM switch such as link status or port PoE state 쮿 With Documentation you copy the documentation files onto your PC Select the appropriate sof...

Page 22: ...evice with WEBconfig are available in the chapter Web based configuration 쮿 Text orientated configuration via a console Command Line Interface CLI This method of configuration which requires a program such as Tel net SSH LANCOM ES 2126 only Hyperterminal or similar can be con ducted over a network connection or with a direct connection via serial interface RS 232 Instructions for configuring the d...

Page 23: ... with DHCP server In its factory settings the LANCOM switch is set for auto DHCP mode meaning that it searches for a DHCP server to assign it an IP address subnet mask and gateway address The assigned IP address can only be determined by using the appropriate tools or via the DHCP server If the DHCP server is a LANCOM device the IP address of the LAN COM switch can be read out from the DHCP table ...

Page 24: ...ess as the target 쐇 Log on with user name and password default admin admin 3 1 3 Starting the Command Line Interface over the serial connection If you do not know the IP address of the device you can use the command line interface via a serial connection 쐃 Use the serial configuration cable to connect the LANCOM switch to the configuration computer Mounting and connecting up the LANCOM Switch 쐇 St...

Page 25: ...hanged at any time All changes to the configuration are saved here Each time you make changes and press Apply the changes are stored to the wor king configuration The changes to the working configuration are not automatically adopted for the start configuration They have to be saved specifically as the start or user configuration If you do not save the changes to your working configuration they wi...

Page 26: ...address You can access the switch at its last IP address 왏 With the serial configuration interface you can reset the switch to the factory default setting without knowing the current administrator s password To do this you have to set up a serial connection to the device as described in Start Command Line Interface via serial connection In the terminal program before you enter the username press C...

Page 27: ...26 or 172 23 56 251 LANCOM ES 2126P 쮿 Restore default configuration excludes current IP address Here you can reset the switch to its factory settings The default configu ration replaces the start configuration However the switch s current IP address as set up by the user is not changed and will NOT be restored to the default value 쮿 Restore user configuration Restore User Configuration function re...

Page 28: ...M switch with LANmonitor The current state of the device and all ports can be monitored using the LEDs on the front panel With LANmonitor the devices can be observed from any workstation without being able to see the LEDs Besides the status informa tion provided by the LEDs the LANmonitor provides further important infor mation on the ports 3 3 1 Ethernet port status LANmonitor displays the curren...

Page 29: ...splays the current PoE status of all of the device s ports This includes the state configured by the admin PoE enabled or disabled and the current power feed to connected devices Each port is displayed with two colored symbols in LANmonitor 쮿 The left icon shows the PoE configuration 왏 Gray PoE feed for the port is deactivated in the configuration 왏 Yellow PoE feed for the port is activated in the...

Page 30: ...COM switch 29 EN Source Equipment PSE measures the power requirement of the device Power requirements of the PDs are classified as follows PoE class Use Power range 0 default 0 44 W 12 95 W 1 optional 0 44 W 3 84 W 2 optional 3 84 W 6 49 W 3 optional 6 49 W 12 95 W 4 reserved 15 4 W ...

Page 31: ...ntication The default username and password are both admin For the first time to use please enter the default username and password then click the Login button The login process now is completed Alternatively you can login to the decive using an secure and encrypted con nection via HTTPS and the Secure Sockets Layer SSL LANCOM ES 2126 only The switch already contains the required certificate In th...

Page 32: ... Version Hardware Mechanical Version Serial Number Host IP Address Host MAC Address Device Port RAM Size and Flash Size With this information you will know the software version used MAC address serial number how many ports good and so on This is helpful while malfunctioning 4 1 1 The Information of Page Layout On the top side it shows the front panel of the switch In the front panel the linked por...

Page 33: ...urity we provide auto logout function to protect you from illegal user as you are leaving If you do not choose any selection in Auto Logout list it means you turn on the Auto Logout function and the system will be logged out automatically when no action on the device 3 minutes later If OFF is cho sen the screen will keep as it is Default is ON On the left side the main menu tree for web is listed ...

Page 34: ...pter 4 Operation of Web based Management 33 EN 4 2 System 4 2 1 System Information 쮿 Function name System Information 쮿 Function Description Shows the basic system information 쮿 Parameter Description 왏 Model name The model name of this device ...

Page 35: ...switch 왏 Firmware version The firmware version in this switch 왏 Hardware Mechanical version The version of Hardware and Mecha nical The figure before the hyphen is the version of electronic hard ware the one after the hyphen is the version of mechanical 왏 Serial number The number is assigned by the manufacturer 왏 Host IP address The IP address of the switch 왏 Host MAC address It is the Ethernet MA...

Page 36: ...erver is up Before getting an IP address from DHCP server the device will not continue booting procedures If set this field Disable you ll have to input IP address manually For more details about IP address and DHCP please see the Section 2 1 5 IP Address Assign ment in this manual Default Disable 왏 IP address Users can configure the IP settings and fill in new values if users set the DHCP functio...

Page 37: ...ault 192 168 1 254 왏 DNS It is Domain Name Server used to serve the translation between IP address and name address The switch supports DNS client function to re route the mnemonic name address to DNS server to get its associated IP address for acces sing Internet User can specify a DNS IP address for the switch With this the switch can translate a mnemonic name address into an IP address There ar...

Page 38: ...tment request There is no time zone setting in Manual mode Default Year 2000 Month 1 Day 1 Hour 0 Minute 0 Second 0 왏 NTP NTP is Network Time Protocol and is used to sync the network time based Greenwich Mean Time GMT If use the NTP mode and select a built in NTP time server or manually specify an user defined NTP server as well as Time Zone the switch will sync the time in a short after pressing ...

Page 39: ... t have to set the starting ending date as well If you set daylight saving to be non zero you have to set the starting ending date as well otherwise the daylight saving function will not be activated Default for Daylight Saving 0 The following parameters are configurable for the function Daylight Saving and described in detail Day Light Saving Start This is used to set when to start performing the...

Page 40: ...ut it is necessary to modify the administrator equivalent identity Guest equivalent identity can modify his password only Please note that you must confirm administrator guest identity in the field of Authorization in advance before configuring the username and password Only one administrator is allowed to exist and unable to be deleted In addi tion up to 4 guest accounts can be created The defaul...

Page 41: ...rol the switch and limit the user to access this switch The following rules are offered for the manager to manage the switch 쐃 When no lists exists then it will accept all connections 쐇 When only accept lists exist then it will deny all connections excluding the connection inside of the accepting range 쐋 When only deny lists exist then it will accept all connections excluding the connection inside...

Page 42: ...t Security Configura tion function With this function the manager can easily control the mode that the user connects to the switch According to the mode users can be classified into two types Those who are able to connect to the switch Accept and those who are unable to connect to the switch Deny Some restrictions also can be placed on the mode that the user connect to the switch for example we ca...

Page 43: ...id range is 0 0 0 0 255 255 255 255 왏 Incoming Port The switch supports two kinds of options for managed valid Port Range including Any and Custom Default is Any You can select the ports that you would like them to be worked and rest ricted in the management security configuration if Custom had been chosen 왏 Access Type The switch supports two kinds of options for managed valid Access Type includi...

Page 44: ...ll devices manager is capable of managing the network with knowing the address of the Master machine Instead of SNMP or Telnet UI VSM is only available in Web UI While one switch become the Master two rows of buttons for group device will appear on the top of its Web UI By pressing these buttons user will be allowed to connect the Web UI of the devices of the group in the same window wit hout the ...

Page 45: ...ding master and slave are offered for option Default is Master 왏 Group ID It is the group identifier GID which signs for VSM Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters 4 2 7 System Log The System Log provides information about system logs including information when the device was booted how the ports are operating when users logged in when sessions timed out...

Page 46: ...ort Four functions including Port Status Port Configuration Simple Counter and Detail Counter are contained in this function folder for port monitor and management Each of them will be described in detail orderly in the following section 4 3 1 Port Configuration Port Configuration is applied to change the setting of each port In this confi guration function you can set reset the following function...

Page 47: ...ailable for Fast Ethernet Gigabit module in port 25 26 If the media is 1Gbps fiber it is always 1000Mbps and the duplex is full only If the media is TP the Speed Duplex is compri sed of the combination of speed mode 10 100 1000Mbps and dup lex mode full duplex and half duplex The following table summarized the function the media supports In Auto negotiation mode no default value In Forced mode def...

Page 48: ...ed the port current status about every 5 seconds 쮿 Parameter Description 왏 Port No Display the port number The number is 1 26 Both port 25 and 26 are optional modules 왏 Media Show the media type adopted in all ports The Port 25 and Port 26 are optional modules which support either fiber or UTP media with either Gigabit Ethernet 1000Mbps or 10 100Mbps Fast Ethernet port They may have different medi...

Page 49: ...ort There are three speeds 10Mbps 100Mbps and 1000Mbps supported for TP media and the duplex supported is half duplex and full duplex If the media is 1Gbps fiber it is 1000Mbps supported only The status of speed duplex mode is determined by 1 the negotiation of both local port and link partner in Auto Speed mode or 2 user setting in Force mode The local port has to be preset its capability In port...

Page 50: ...50nm and so on 왏 Baud Rate Display the maximum baud rate of the fiber module sup ported for instance 10M 100M 1G and so on 왏 Vendor OUI Display the Manufacturer s OUI code which is assigned by IEEE 왏 Vendor Name Display the company name of the module manufactu rer 왏 Vendor P N Display the product name of the naming by module manufacturer 왏 Vendor Rev Revision Display the module revision 왏 Vendor S...

Page 51: ...overflow the counter will be reset and restart counting The data is updated every time interval defined by the user The valid range is 3 to 10 seconds The Refresh Interval is used to set the update frequency Default update time is 3 seconds 쮿 Function name Simple Counter 쮿 Function Description Display the summary counting of each port s traffic including Tx Byte Rx Byte Tx Packet Rx Packet Tx Coll...

Page 52: ...g is overflow the counter will be reset and restart counting The data is updated every time interval defined by the user The valid range is 3 to 10 seconds The Refresh Interval is used to set the update frequency Default update time is 3 seconds 쮿 Function name detail Counter 쮿 Function Description Display the detailed counting number of each port s traffic The window can show all counter informat...

Page 53: ... of a frame 왏 Tx Excessive Collision Number of frames that are not transmitted because the frame experienced 16 transmission attempts 왏 Packets 64 Octets Number of 64 byte frames in good and bad packets received 왏 Packets 65 127 Octets Number of 65 127 byte frames in good and bad packets received 왏 Packets 128 255 Octets Number of 128 255 byte frames in good and bad packets received 왏 Packets 256 ...

Page 54: ...Packets Frames dropped due to the lack of receiving buffer 왏 Rx Undersize Packets Number of short frames 64 Bytes with valid CRC 왏 Rx Oversize Packets Number of long frames according to max_length register with valid CRC 4 4 PoE LANCOM ES 2126P only 쮿 Function name PoE Status 쮿 Function Description Display the information about the PoE status 쮿 Parameter Description 왏 Vmain The volt is supplied by...

Page 55: ...PD linked to the port is short circuit 왏 Over Temp Protection The port of the switch will be disabled due to fast transient rise in temperature to 240o C or slow rise in temperature to 200o C 왏 Power Management Port Off Due to total power required by all PDs linked to the switch excesses the power limit so the switch stops sup plying the power to this port after referring to the information of the...

Page 56: ...ws the power supplied to the PD is legal while the port linked to the PD Disable means the port does not own PoE function 왏 Priority Three options are offered for the user to choose including Normal Low and High Default is Normal The switch will stop supp lying the power to the port based on the order of the priority Low Normal High in case total power required by all PDs linked to the switch exce...

Page 57: ...the port can detect loop happens When Port No is chosen enable port s Loop detection and the port detects loop happen port will be Locked If Loop did not happen port maintains Unlocked The default is Disable 왏 Locked Port Resume When Port No is chosen enable port s Loop detection and the port detects loop happen the port will be Locked When choosing Resume port locked will be opened and turned int...

Page 58: ...ect 쮿 Parameters Description 왏 SNMP The term SNMP here is used for the activation or de activation of SNMP Default is Enable 왏 Get Set Trap Community Community name is used as password for authenticating if the requesting network management unit belongs to the same community group If they both don t have the same commu nity name they don t belong to the same group Hence the reques ting network man...

Page 59: ...ch public trap the switch supports the trap event Cold Start Warm Start Link Down Link Up and Authentication Failure Trap They can be enabled or disabled individually When enabled the corres ponded trap will actively send a trap message to the trap host when a trap happens If all public traps are disabled no public trap message will be sent As to the Enterprise no 6 trap is classified as private t...

Page 60: ...oping The function IGMP Snooping is used to establish the multicast groups to for ward the multicast packet to the member ports and in nature avoids wasting the bandwidth while IP multicast packets are running over the network This is because a switch that does not support IGMP or IGMP Snooping can not tell the multicast packet from the broadcast packet so it can only treat them all as the broadca...

Page 61: ...rt 쮿 Parameter Description 왏 IGMP snooping mode selection The switch supports three kinds of IGMP Snooping status including Passive Active and Disable 왏 Disable Set Disable mode to disable IGMP Snooping function Default Disable 왏 Active In Active mode IGMP snooping switch will periodically issue the Membership Query message to all hosts attached to it and gather the Membership report message to up...

Page 62: ...tions for managed valid IP range including Any and Custom Default is Any In case that Custom had been chosen you can assigned effective IP range The valid range is 224 0 0 0 239 255 255 255 왏 VID The switch supports two kinds of options for managed valid VLAN VID including Any and Custom Default is Any When you choose Custom you can fill in VID number The valid VID range is 1 4094 왏 Port The switc...

Page 63: ...ul ling down list and pressing the Downward arrow key Then click Apply button the settings will take effect immediately 쮿 Parameter Description 왏 VLAN Mode Tag based This is the default setting Tag based VLAN identifies its member by VID This is quite diffe rent from port based VLAN If there are any more rules in ingress filtering list or egress filtering list the packet will be screened with more...

Page 64: ...s dropped Note If Symmetric is enabled and port 1 for example receives an untagged packet the switch will apply the PVID of port 1 to tag this packet the packet then will be forwarded But if the PVID of port 1 is not 100 the packet will be dropped 왏 SVL While SVL is enable all VLANs use the same filtering database storing the membership information of the VLAN to learn or look up the membership in...

Page 65: ...rator is associated with a VLAN group Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters 왏 VID VLAN identifier Each tag based VLAN group has a unique VID It appears only in tag based and Double tag mode 왏 Member This is used to enable or disable if a port is a member of the new added VLAN Enable means it is a member of the VLAN Just tick the check box beside the por...

Page 66: ...inally press the Apply button to have the setting taken effect 왏 Delete Group Just press the Delete button to remove the selected group entry from the Tag based group table 왏 Edit a group ust select a group entry and press the Edit button then you can modify a group s description member and untag set tings ...

Page 67: ...example if port x receives an untagged packet the switch will apply the PVID assume as VID y of port x to tag this packet the packet then will be forwarded as the tagged packet with VID y 왏 Default Priority It bases on 802 1p QoS and affects untagged packets When the packets enter the switch it would get the priority precedence according to your Default Priority setting and map to 802 1p priority ...

Page 68: ...ort based VLAN group by pressing Add Edit and Delete function buttons User can add a new VLAN group by inputting a new VLAN name 쮿 Parameter Description 왏 VLAN Name The name defined by administrator is associated with a VLAN group Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters 왏 Member This is used to enable or disable if a port is a member of the new added VLAN...

Page 69: ...and press the Edit button then you can modify a group s description and member set 4 10 MAC Table MAC Table Configuration gathers many functions including MAC Table Infor mation MAC Table Maintenance Static and MAC Alias which cannot be categorized to some function type They are described below 쮿 Function name MAC Table Information 쮿 Function Description Display the static or dynamic learning MAC ...

Page 70: ... The Alias of the searched entry 왏 MAC Address The MAC address of the searched entry 왏 Port The port that exists in the searched MAC Entry 왏 VID VLAN Group that MAC Entry exists 왏 State Display the method that this MAC Entry is built It may show Dynamic MAC or Static MAC 쮿 Function Name MAC Table Maintenance 쮿 Function Description This function can allow the user to set up the pro cessing mechanis...

Page 71: ...ction Description The function of Static is used to configure MAC s real manners inside of the switch Three kinds of manners including static static with destination drop and static with source drop are contained in this function As static is chosen assign a MAC address to a specific port all of the switch s traffics sent to this MAC address will be forwarded to this port As static with destinatio...

Page 72: ...s will be drop ped Static with Source Drop While the SA of the incoming packets meets the value you set up these packets will be dropped 왏 Port Select the port No you would like to do setup in the switch It is 1 26 쮿 Function name MAC Alias 쮿 Function Description MAC Alias function is used to let you assign MAC address a plain English name This will help you tell which MAC address belongs to which...

Page 73: ...e too many MAC addresses learned in the table we recommend you inputting the MAC address and alias name directly 4 11 GVRP Configuration GVRP is an application based on Generic Attribute Registration Protocol GARP mainly used to automatically and dynamically maintain the group membership information of the VLANs The GVRP offers the function provi ding the VLAN registration service through a GARP a...

Page 74: ...is simply to let you enable or disable GVRP function You can pull down the list and click the Downward arrow key to choose Enable or Disable Then click the Apply button the system will take effect immediately 왏 Join Time 왏 Used to declare the Join Time in unit of centisecond Valid time range 20 100 centisecond Default 20 centisecond 왏 Leave Time 왏 Used to declare the Leave Time in unit of centisec...

Page 75: ...user s choice Normal It is Normal Registration The Registrar responds normally to incoming GARP messages The default setting is Normal Fixed It is Registration Fixed The Registrar ignores all GARP mes sages and all members remain in the registered IN state Forbidden It is Registration Forbidden The Registrar ignores all GARP messages and all members remain in the unregistered EMPTY state 왏 Restric...

Page 76: ...ets Number of invalid GARP BPDU is received by the GARP application LeaveAll Message Packets Number of GARP BPDU with Leave All message is received by the GARP application JoinEmpty Message Packets Number of GARP BPDU with Join Empty message is received by the GARP application JoinIn Message Packets Number of GARP BPDU with Join In mes sage is received by the GARP application LeaveEmpty Message Pa...

Page 77: ... GARP BPDU with Leave Empty message is transmitted by the GARP application Empty Message Packets Number of GARP BPDU with Empty mes sage is transmitted by the GARP application 쮿 Function name GVRP Group Information 쮿 Function Description To show the dynamic group member and their infor mation 쮿 Parameter Description 왏 Current Dynamic Group Number The number of GVRP group that are created currently...

Page 78: ...anning Tree Status user can read 12 para meters to know STP current status The 12 parameters description is listed in the following table 쮿 Parameter Description 왏 STP State Show the current STP Enabled Disabled status Default is Disabled 왏 Bridge ID Show switch s bridge ID which stands for the MAC address of this switch 왏 Bridge Priority Show this switch s current bridge priority setting Default ...

Page 79: ...g state or from Learning state moved to Forwarding state of a port in bridge 왏 Hello Time Show the current hello time of the root bridge Hello time is a time interval specified by root bridge used to request all other bridges periodically sending hello message every hello time seconds to the bridge attached to its designated port 왏 STP Topology Change Count STP Topology Change Count expresses the ...

Page 80: ... The default is 32768 왏 Hello Time Hello Time is used to determine the periodic time to send normal BPDU from designated ports among bridges It decides how long a bridge should send this message to other bridge to tell I am alive When the PSES 2126Cis the root bridge of the LAN for example all other bridges will use the hello time assigned by this switch to communicate with each other The valid va...

Page 81: ...ds default is 15 seconds 왏 Force Version Two options are offered for the user s choosing STP algorithm One is RSTP and the other is STP If STP is chosen RSTP will run as a legacy STP The switch supports RSTP 802 1w which is back ward compatible with STP 802 1d 4 12 3 STP Port Configuration 쮿 Function name STP Port Setting 쮿 Function Description In the STP Port Setting one item selection and five p...

Page 82: ...path to Root Bridge by calculating the sum of path cost contributed by all ports on this path A port with a smaller path cost value would become the Root Port more possibly 왏 Configured Path Cost The range is 0 200 000 000 In the switch if path cost is set to be zero the STP will get the recommended value resulted from auto negotiation of the link accordingly and display this value in the field of...

Page 83: ... point to point links and on edge ports This can expedite the convergence because this will have the port fast transited to forwarding state There are three parameters Auto True and False used to configure the type of the point to point link If configure this parameter to be Auto it means RSTP will use the duplex mode resulted from the auto negotiation In today s switched networks most links are r...

Page 84: ...s means you can apply your cur rent Ethernet equipments to build the bandwidth aggregation For example if there are three Fast Ethernet ports aggregated in a logical port then this logical port has bandwidth three times as high as a single Fast Ethernet port has The switch supports two kinds of port trunking methods 쐃 LACP Ports using Link Aggregation Control Protocol according to IEEE 802 3ad spe...

Page 85: ...ic trunk to aggregate with high speed links As to system restrictions about the port aggregation function on the switch in the management point of view the switch supports maximum 3 trunk groups for LACP and additional 3 trunk groups for Static Trunk But in the system capability view only 3 real trunked groups are supported An LACP trunk group with more than one ready member ports is a real trunke...

Page 86: ...ed when a port s trunking method is LACP Active An Active LACP port begins to send LACPDU to its link partner right after the LACP protocol entity started to take control of this port Passive A Passive LACP port will not actively send LACPDU out before it receives an LACPDU from its link partner 왏 Aggtr Aggtr is an abbreviation of aggregator Every port is also an aggregator and its own aggregator ...

Page 87: ...gator point of view 쮿 Parameter Description 왏 Aggregator It shows the aggregator ID from 1 to 26 of every port In fact every port is also an aggregator and its own aggregator ID is the same as its own Port No 왏 Method Show the method a port uses to aggregate with other ports 왏 Member Ports Show all member ports of an aggregator port 왏 Ready Ports Show only the ready member ports within an aggregat...

Page 88: ...a single member port means not ready Zeigt ihnen den Trunk Status eines einzelnden Portes an Dabei bedeutet das der Port nicht bereit bzw nicht aktiv ist Bild von einem Aggregator fehlt 쮿 Function name LACP System Configuration 쮿 Function Description It is used to set the priority part of the LACP system ID LACP will only aggregate together the ports whose peer link partners are all on a single sy...

Page 89: ...tion request to the authenticator the authenticator pass the request to the authentication server to authenticate and verify and the server tell the authenticator if the request get the grant of authorization for the ports According to IEEE802 1x there are three components implemented They are Authenticator Supplicant and Authentication server Supplicant It is an entity being authenticated by an a...

Page 90: ...ant PAE issues a request to Authenticator PAE Authenticator and Sup plicant exchanges authentication message Then Authenticator passes the request to RADIUS server to verify Finally RADIUS server replies if the request is granted or denied While in the authentication process the message packets encapsulated by Extensible Authentication Protocol over LAN EAPOL are exchanged between an authenticator...

Page 91: ...ic is bi directional The figure shows the procedure of 802 1x authentication There are steps for the login based on 802 1x port access control management The protocol used in the right side is EAPOL and the left side is EAP 쐃 At the initial stage the supplicant A is unauthenticated and a port on switch acting as an authenticator is in unauthorized state So the access is blocked in this stage 쐇 Ini...

Page 92: ...uld be applied to authenticate the credential information EAP MD5 Message Digest 5 or EAP OTP One Time Password or other else algorithm 쐊 If user ID and password is correct the authentication server will send a Radius Access Accept to the authenticator If not correct the authentica tion server will send a Radius Access Reject 쐎 When the authenticator PAE receives a Radius Access Accept it will sen...

Page 93: ...st mode which can dis tinguish the device s MAC address and its VID The following table is the sum mary of the combination of the authentication status and the port status versus the status of port mode set in 802 1x Port mode port control state set in 802 1x port setting Here Entry Authorized means MAC entry is authorized Table 3 3 쮿 Function name 802 1x State Setting Port Mode Port Control Authe...

Page 94: ...vice The valid value ranges 1 65535 Default port number is 1812 왏 Secret Key The secret key between authentication server and authen ticator It is a string with the length 1 31 characters The character string may contain upper case lower case and 0 9 It is character sense It is not allowed for putting a blank between any two charac ters Default Radius 쮿 Function name 802 1x Mode Setting 쮿 Function...

Page 95: ... this port once a supplicant is authorized the devices connected to this port can access the network resource through this port 쮿 Function name Port Security Management 쮿 Function Description Shows each port status In Multihost mode it shows the port number and its status authorized or unauthorized 쮿 Parameter Description 왏 Disable Mode When selecting Disable mode for a port in the function 802 1X...

Page 96: ...ction 802 1X Port Mode Configuration Devices can access the network through this port once the authenti cator is authorized The Port Status will show the following screen If the port is granted to access the network the port status is authori zed otherwise unauthorized 쮿 Function name Param Setting 쮿 Function Description This function is used to configure the parameters for each port in 802 1x por...

Page 97: ...et ween the authentication server and the supplicant Default Auto 왏 reAuthMax 1 10 The number of authentication attempt that is per mitted before the port becomes unauthorized Default 2 왏 txPeriod 1 65535 s A time period to transmitted EAPOL PDU bet ween the authenticator and the supplicant Default 30 왏 Quiet Period 0 65535 s A period of time during which we will not attempt to access the supplica...

Page 98: ...y TACACS Terminal Access Controller Access Control System is a protocol for authentication authorization and accounting AAA It thus provides access to the network for authorized users only it regulates the rights of those users and it is a logging mechanism to keep track of user actions TACACS is an alternative to other AAA protocols such as RADIUS TACACS is required in order to meet with PCI comp...

Page 99: ...he encryption of data communications with the TACACS protocol 왏 Server 1 Address of the TACACS server to which requests for authentication authorization and accounting are to be forwarded The value 0 0 0 0 deactivates this entry 왏 Server 2 You can optionally configure a second TACACS server address here If the first TACACS server is not available and the maximum number of failed login attempts is ...

Page 100: ...g the local user accounts 왏 Login secondary TACACS and Local as above The only value available here is the one not selected under Login primary With the additional option None the secondary login can be deactivated The fallback to local user accounts presents a security risk if no root password is set For this reason TACACS authentication with fall back to local user accounts can only be activated...

Page 101: ...TACACS protocol to the configured TACACS server On the TACACS server authorization can be defined separately for each of the configuration groups The authorization for the following commands can be defined separately in the TACACS server 왏 802 1X 왏 Account 왏 Alarm 왏 Autologout 왏 Bandwidth 왏 Config file 왏 DHCP boot 왏 Diagnostics 왏 Firmware 왏 GVRP 왏 Hostname 왏 IGMP Snooping 왏 IP 왏 Log 왏 Loop detecti...

Page 102: ...e TACACS server configuration TACACS authorization will only activate if the defined TACACS ser ver is available If TACACS authorization is activated the TACACS server will be queried for authorization each time a user enters a command Data traffic during configuration will increase correspondingly Also the user rights must be defined in the TACACS server Here rights are granted at the top menu le...

Page 103: ... With the Web interface the three values are loca ted on a single page and changing these results in just one entry to the accounting 4 16 Alarm Configuration 4 16 1 Events 쮿 Function name Events Configuration 쮿 Function Description The Trap Events Configuration function is used to enable the switch to send out the trap information while pre defined trap events occurred The switch offers 22 differ...

Page 104: ...ption Alarm configuration is used to configure the per sons who should receive the alarm message via email It depends on your settings An email address has to be set in the web page of alarm confi guration Then user can read the trap information from the email This function provides 6 email addresses at most The 22 different trap events will be sent out to SNMP Manager when trap event occurs After...

Page 105: ...ing Port and Monitored Port respectively thus the traffic received by Port B will be copied to Port A for monitoring 쮿 Parameter Description 왏 Mode Used for the activation or de activation of Port Mirror function Default is disable 왏 Monitoring Port Set up the port for monitoring Valid port is Port 1 26 and default is Port 1 왏 Monitored Ingress Port Set up the port for being monitored It only moni...

Page 106: ...ll be helpful to the administrator to immediately find and solve the port that results in the occurrence of looping problems in the network 쮿 Parameter Description 왏 Mode Used for the activation or de activation of Isolated Group func tion Default is disable 왏 Isolated Group User can choose any port to be the member of this group Just tick the check box ž beside the port x and valid port is Port 1...

Page 107: ...ode of Restricted Group 쮿 Parameter Description 왏 Mode Used for the activation or de activation of Restricted Group function Default is disable 왏 Ingress Select the ports that you would like their Restricted Group to set into Ingress mode Just tick the check box beside the port x and valid port is Port 1 26 왏 Egress Select the ports that you would like their Restricted Group to set into Egress mod...

Page 108: ... the port is 1 26 왏 Rate Set up the limit of Ingress bandwidth for the port you choose Incoming traffic will be discarded if the rate exceeds the value you set up in Data Rate field Pause frames are also generated if flow control is enabled The format of the packet limits to unicast broadcast and multicast Valid value of Port 1 24 ranges from 66 102400 and Port 25 26 ranges from 66 1024000 with th...

Page 109: ...n Data Rate field Traffic may be lost if egress buffers run full The format of the packet limits to unicast broadcast and multicast Valid value of Port 1 24 ranges from 66 102400 and Port 25 26 ranges from 66 1024000 with the minimum unit of 1 Default value of Port 1 24 is 102400 and Port 25 26 is 1024000 쮿 Function name Storm Setting 쮿 Function Description With the storm control one can set a com...

Page 110: ...Rate Set up the limit of bandwidth for the storm control With a storm rate of 15 all data packets activated for storm control are discarded if the percentage of broadcast multicast or unicast packets exceeds 15 of the ports maximum bandwidth e g 15 mbps on a 100 mbps port Valid value of the storm rate ranges from 1 100 with the minimum unit of 1 And only integer is acceptable Default is 100 4 19 Q...

Page 111: ... the differentiated services interpre tation the first six bits comprise a codepoint which is sometimes abbreviated DSCP and the last two bits are left unused High Priority Packet streams will experience less delay into the switch For handing different priority packets each egress port has designed up to 4 queues Each QoS is influenced by two scheduling WRR Weighted Round Robin and Strict Priority...

Page 112: ...able QoS Mode in advance Then you can use MAC Priority 802 1p Priority IP TOS Priority DiffServ DSCP Priority or VIP Port functions and take effect In this function you can Enable QoS Mode Choose any of Priority Control such as 802 1p TOS DSCP Moreover you can select Scheduling Method of WRR Weighted Round Robin or Strict Priority Next you can arrange Weight values for queue 0 to queue 3 쮿 Paramet...

Page 113: ...t is set as VIP Port the packets enter this port and will have highest transmitting priority For example as you choose port 2 is VIP Port simultaneously transmit packets from port 2 and port 3 to port 1 at speed of 100MB and let congestion happen The packets for port 3 will be dropped because the packets from port 2 owns highest precedence For the sake of this function taking effect you must choos...

Page 114: ...is mapping to Queue 1 Priority 4 is mapping to Queue 2 Priority 5 is mapping to Queue 2 Priority 6 is mapping to Queue 3 and Priority 0 is mapping to Queue 3 쮿 Function name D Type TOS 쮿 Function Description IP TOS Priority affect TOS fields of IP header you can find it has 8 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as f...

Page 115: ...ueue 3 쮿 Function name T Type TOS 쮿 Function Description IP TOS Priority affect TOS fields of IP header you can find it has 8 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as follows PRECEDENCE 3 bits D Type Delay Priority 1 bit T Type Throughput Priority 1bit R Type Reliability Priority 1bit M Type Monetary Cost Priority 1bi...

Page 116: ...o Queue 3 쮿 Function name R Type TOS 쮿 Function Description IP TOS Priority affect TOS fields of IP header you can find it has 8 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as follows PRECEDENCE 3 bits D Type Delay Priority 1 bit T Type Throughput Priority 1bit R Type Reliability Priority 1bit M Type Monetary Cost Priority ...

Page 117: ... Queue 3 쮿 Function name M Type TOS 쮿 Function Description IP TOS Priority affect TOS fields of IP header you can find it has 8 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as follows PRECEDENCE 3 bits D Type Delay Priority 1 bit T Type Throughput Priority 1bit R Type Reliability Priority 1bit M Type Monetary Cost Priority 1...

Page 118: ...is mapping to Queue 3 and Priority 0 is mapping to Queue 3 쮿 Function name DSCP Setting 쮿 Function Description In the late 1990s the IETF redefined the meaning of the 8 bit SERVICE TYPE field to accommodate a set of differentiated ser vices DS Under the differentiated services interpretation the first six bits comprise a codepoint which is sometimes abbreviated DSCP and the last two bits are left ...

Page 119: ... to Queue 0 Priority 48 63 are mapping to Queue 0 4 20 Diagnostics Three functions including Diagnostics Loopback Test and Ping Test are con tained in this function folder for device self diagnostics Each of them will be described in detail orderly in the following sections 4 20 1 Diagnostics 쮿 Function Description Diagnostics function provides a set of basic system diagnosis It let users know tha...

Page 120: ...est signal outside the switch box The test signal only wraps around in the switch box As to the latter test function it will send the test signal to its link partner If you do not have them connected to active network devices i e the ports are link down the switch will report the port numbers failed If they all are ok it just shows OK Note Whatever you choose Internal Loopback Test or External Loo...

Page 121: ...you the pinged device is alive or dead in the field of Ping Result 쮿 Parameter Description 왏 IP Address An IP address with the version of v4 e g 192 168 1 1 왏 Default Gateway IP address of the default gateway For more details please see the section of IP address in Chapter 2 4 20 4 Watchdog 쮿 Watchdog Watchdog function is a tool for detecting if the target device is alive or not through supports t...

Page 122: ... When ping failure time reach configured value then switch will reset the managed switch s CPU interface Default state is disable Fail Count Default Ping Failed Count 10 Range for Setting 1 20 왏 Reboot the system When ping failure time reach configured value then switch will reboot automatically Default state is disable Fail Count Default Ping Failed Count 100 Range for Setting 1 1000 4 21 TFTP Se...

Page 123: ...rap logs 5 public trap logs The switch supports total 120 log entries For more details on log items please refer to the section of Trap Alarm Configuration and SNMP Configuration 쮿 Function name Log Data 쮿 Function Description The Trap Log Data is displaying the log items inclu ding all SNMP Private Trap events SNMP Public traps and user logs occur red in the system In the report table No Time and...

Page 124: ... assure to upgrade software to a newer version one you must follow two procedures 1 Specifying the IP address where TFTP server locates In this field the IP address of your TFTP server should be filled in 2 Specifying what the filename and where the file is You must specify full path and filename Then press Upgrade button if your download is not successful the switch will also be back to Software ...

Page 125: ...ftware changing IP configuration or changing VLAN mode configuration then you must reboot to have the new configuration taken effect Here we are discussing is software reset for the reboot in the main menu 쮿 Function name Reboot 쮿 Function Description Reboot the switch Reboot takes the same effect as the RESET button on the front panel of the switch It will take around thirty 30 seconds to complet...

Page 126: ...o logout the system to pre vent other users from the system without the permission If you do not logout and exit the browser the switch will automatically have you logout Besides this manually logout and implicit logout you can pull down the Auto Logout list at the left top corner to explicitly ON OFF this logout function 쮿 Parameter Description 왏 Auto Logout Default is ON If it is ON and no actio...

Page 127: ...erTerminal utility At Com Port Properties Menu configure the parameters as below see the next section 5 1 1 Login The command line interface CLI is a text based interface User can access the CLI through either a direct serial connection to the device or a Telnet session The default values of the managed switch are listed below Username admin Password admin After you login successfully the prompt w...

Page 128: ...LANCOM ES 2126 und LANCOM ES 2126P 쮿 Chapter 5 Operation of CLI Management 127 EN Fig 4 1 Fig 4 2 5 2 Commands of CLI Fig 4 3 ...

Page 129: ... mode you are still in the position of the top mode 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C alarm PSES 2126C alarm events PSES 2126C alarm events end PSES 2126C 쮿 exit 왏 Syntax exit 왏 Description Back to the previous mode When you enter this command your current position would move back to the previous mode If you use this command in the top mode you are still in the position of...

Page 130: ...des the command would help you classify the commands between the local commands and the global ones 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C ip PSES 2126C ip help Commands available Local commands set ip Set ip and gateway set dns Set dns enable dhcp Enable DHCP and set dns auto or manual disable dhcp Disable DHCP show Show IP Configuration Global commands exit Back to the previo...

Page 131: ...u had ever run When you enter this command the CLI would show a list of commands which you had typed before The CLI supports up to 256 records If no argument is typed the CLI would list total records up to 256 If optional argument is given the CLI would only show the last numbers of records given by the argument 왏 Argument show last number of history records optional 왏 Possible value 1 2 3 256 왏 E...

Page 132: ...the system and disconnect If you connect the system through direct serial port with RS 232 cable you would logout the system and be back to the initial login prompt when you run this command 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C logout 쮿 restore default 왏 Syntax restore default 왏 Description When you use this function in CLI the system will show you the information Do you want...

Page 133: ...efault 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C restore default Restoring Restore Default Configuration Successfully Press any key to reboot system 쮿 restore user 왏 Syntax restore user 왏 Description To restore the startup configuration as user defined configuration If restoring default successfully the CLI would prompt if reboot immediately or not If you press Y or y the system w...

Page 134: ...volatile FLASH If you want the configuration still works after rebooting save the configuration using the command save start 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C save start Saving start Save Successfully PSES 2126C 쮿 save user 왏 Syntax save user 왏 Description To save the current configuration as the user defined configuration When you enter this command the CLI would save you...

Page 135: ...The maximum number of times that the state machine will retransmit an EAP Request packet to the Supplicant before it times out the authentication session 왏 Argument port range syntax 1 5 7 available from 1 to 26 times max times range 1 10 왏 Possible value port range 1 to 26 times 1 10 default is 2 왏 Example PSES 2126C 802 1x set max request 2 2 쮿 set mode 왏 Syntax set mode port range mode 왏 Descri...

Page 136: ... range syntax 1 5 7 available from 1 to 26 authorized set up the status of each port 0 ForceUnauthorized 1 ForceAuthorized 2 Auto 왏 Possible value port range 1 to 26 authorized 0 1 or 2 왏 Example PSES 2126C 802 1x set port control 2 2 쮿 set quiet period 왏 Syntax set quiet period port range sec 왏 Description A timer used by the Authenticator state machine to define periods of time during when it wi...

Page 137: ... Argument port range syntax 1 5 7 available from 1 to 26 ebl 0 OFF to disable reauthentication 1 ON to enable reauthentication 왏 Possible value port range 1 to 26 ebl 0 or 1 default is 1 왏 Example PSES 2126C 802 1x set reAuthEnabled 2 1 쮿 set reAuthMax 왏 Syntax set reAuthMax port range max 왏 Description The number of reauthentication attempts that are permitted before the port becomes Unauthorized...

Page 138: ...왏 Example PSES 2126C 802 1x set reAuthPeriod 2 3600 쮿 set serverTimeout 왏 Syntax set serverTimeout port range sec 왏 Description A timer used by the Backend Authentication state machine in order to determine timeout conditions in the exchanges between the Authenticator and the Supplicant or Authentication Server The initial value of this timer is either suppTimeout or serverTimeout as determined by...

Page 139: ...mber 1 65535 default 1812 왏 Example PSES 2126C 802 1x set state 192 168 1 115 1812 WinRadius 쮿 set suppTimeout 왏 Syntax set suppTimeout port range sec 왏 Description A timer used by the Backend Authentication state machine in order to determine timeout conditions in the exchanges between the Authenticator and the Supplicant or Authentication Server The initial value of this timer is either suppTime...

Page 140: ...DU is to be transmitted 왏 Argument port range syntax 1 5 7 available from 1 to 26 sec timer range 1 65535 왏 Possible value port range 1 to 26 sec 1 65535 default is 30 왏 Example PSES 2126C 802 1x set txPeriod 2 30 쮿 show mode 왏 Syntax show mode 왏 Description To display the mode of each port 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C 802 1x show mode Port Mode 1 Disable 2 Multi host...

Page 141: ...ach port 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C 802 1x show parameter port 1 port control Auto reAuthMax 2 txPeriod 30 Quiet Period 60 reAuthEnabled ON reAuthPeriod 3600 max Request 2 suppTimeout 30 serverTimeout 30 쮿 show security 왏 Syntax show security 왏 Description To display the authentication status of each port 왏 Argument None 왏 Possible value None 왏 Example ...

Page 142: ...sable 쮿 show state 왏 Syntax show state 왏 Description To display the Radius server configuration 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C 802 1x show state Radius Server 192 168 1 115 Port Number 1812 Secret Key WinRadius account 쮿 add 왏 Syntax add name 왏 Description To create a new guest user When you create a new guest user you must type in password and confirm password 왏 Argume...

Page 143: ...count 쮿 del 왏 Syntax del name 왏 Description To delete an existing account 왏 Argument name existing user account 왏 Possible value None 왏 Example PSES 2126C account del aaaaa Account aaaaa deleted 쮿 modify 왏 Syntax modify name 왏 Description To change the username and password of an existing account 왏 Argument name existing user account 왏 Possible value None 왏 Example PSES 2126C account modify aaaaa ...

Page 144: ...ully 쮿 show 왏 Syntax show 왏 Description To show system account including account name and identity 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C account show Account Name Identity admin Administrator guest guest bbbbb guest alarm email 쮿 del mail address 왏 Syntax del mail address 왏 Description To remove the e mail address 왏 Argument email address number range 1 to 6 왏 Possible value ...

Page 145: ...왏 Argument None 왏 Possible value None 왏 Example PSES 2126C alarm email del server user 쮿 set mail address 왏 Syntax set mail address mail address 왏 Description To set up the email address 왏 Argument email address number range 1 to 6 mail address email address 왏 Possible value 1 to 6 왏 Example PSES 2126C alarm email set mail address 1 abc mail abc com 쮿 set server 왏 Syntax set server ip 왏 Descriptio...

Page 146: ...tax set user username 왏 Description To set up the account of the email server 왏 Argument username email server account 왏 Possible value None 왏 Example PSES 2126C alarm email set user admin 쮿 show 왏 Syntax show 왏 Description To display the configuration of e mail trap event 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C alarm email show Mail Server 192 168 1 6 Username admin Password Em...

Page 147: ...sms and trap of events 왏 Argument range del the range of email sms and trap of events syntax 1 5 7 왏 Possible value range 1 22 왏 Example PSES 2126C alarm events del all 1 3 쮿 del email 왏 Syntax del email range 왏 Description To disable the email of the events 왏 Argument range del the range of email syntax 1 5 7 왏 Possible value range 1 22 왏 Example PSES 2126C alarm events del email 1 3 쮿 del sms 왏 ...

Page 148: ...del trap range 왏 Description To disable the trap of the events 왏 Argument range del the range of trap syntax 1 5 7 왏 Possible value range 1 22 왏 Example PSES 2126C alarm events del trap 1 3 쮿 set all 왏 Syntax set all range 왏 Description To enable email sms and trap of events 왏 Argument range set the range of email sms and trap of events syntax 1 5 7 왏 Possible value range 1 22 왏 Example PSES 2126C...

Page 149: ...s set email 1 3 쮿 set sms 왏 Syntax set sms range 왏 Description To enable the sms of the events 왏 Argument range set the range of sms syntax 1 5 7 왏 Possible value range 1 22 왏 Example PSES 2126C alarm events set sms 1 3 쮿 set trap 왏 Syntax set trap range 왏 Description To enable the trap of the events 왏 Argument range set the range of trap syntax 1 5 7 왏 Possible value range 1 22 왏 Example PSES 212...

Page 150: ...e 왏 Example PSES 2126C alarm events show Events Email SMS Trap 1 Cold Start v 2 Warm Start v 3 Link Down v 4 Link Up v 5 Authentication Failure v 6 User Login 7 User Logout 8 STP Topology Changed 9 STP Disabled 10 STP Enabled 11 LACP Disabled 12 LACP Enabled 13 LACP Member Added 14 LACP Port Failure 15 GVRP Disabled 16 GVRP Enabled 17 Port based Vlan Enabled 18 Tag based Vlan Enabled 19 Module Ins...

Page 151: ...y the configuration of Trap SMS or E mail 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C alarm show email PSES 2126C alarm show events PSES 2126C alarm show sms sms 쮿 del phone number 왏 Syntax del phone number 왏 Description To delete sms phone number 왏 Argument mobile phone number range 1 to 6 왏 Possible value 1 to 6 왏 Example PSES 2126C alarm sms del phone number 3 쮿 del server user 왏...

Page 152: ... 왏 Syntax set phone number phone number 왏 Description To add sms phone number 왏 Argument mobile phone number range 1 to 6 phone number phone number 왏 Possible value 1 to 6 왏 Example PSES 2126C alarm sms set phone number 1 0968777777 쮿 set server 왏 Syntax set server ip 왏 Description To set up the IP address of sms server 왏 Argument ip SMS server ip address or domain name 왏 Possible value None 왏 Exa...

Page 153: ... username SMS server account 왏 Possible value None 왏 Example PSES 2126C alarm sms set user ABC 쮿 show 왏 Syntax show 왏 Description To display the configuration of SMS trap event 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C alarm sms show SMS Server 192 168 1 7 Username ABC Password Mobile Phone 1 0968777777 Mobile Phone 2 Mobile Phone 3 Mobile Phone 4 Mobile Phone 5 Mobile Phone 6 ...

Page 154: ...0 왏 Example PSES 2126C autologout 3600 Set autologout time to 3600 seconds bandwidth 쮿 set egress rate 왏 Syntax set egress rate range data_rate 왏 Description To set up the egress rate of the ports 왏 Argument range syntax 1 5 7 available from 1 to 26 data_rate 66 1024000 Kb port 1 24 66 102400 Kb port 25 26 66 1024000 Kb 왏 Possible value range 1 to 26 data_rate 66 102400 Kb for port 1 24 66 1024000...

Page 155: ...1024000 Kb for port 25 26 왏 Example PSES 2126C bandwidth set ingress rate 1 16 100 쮿 set storm rate 왏 Syntax 왏 Description To set up the storm rate of the ports 왏 Argument 왏 range syntax 1 3 5 available from 1 to 5 1 Disable 2 Broadcast Storm Control 3 Multicast Storm Control 4 Unknown Unicast Storm Control 5 Broadcast Multicast Unknown Unicast Storm Control data_rate 1 100 The value must be the i...

Page 156: ...one 왏 Possible value None 왏 Example PSES 2126C bandwidth show Port Ingress Rate Kb Egress Rate Kb 1 102400 102400 2 102400 102400 3 102400 102400 23 102400 102400 24 102400 102400 25 1024000 1024000 26 1024000 1024000 Broadcast Storm Control Type Disable Rate 100 config file 쮿 export start 왏 Syntax export start 왏 Description To run the export start function ...

Page 157: ...t user conf 왏 Syntax 왏 Description To run the export user conf function 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C config file export user conf Export successful 쮿 import start 왏 Syntax 왏 Description To run the import start function 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C config file import start Import successful 쮿 import user conf 왏 Syntax 왏 Description ...

Page 158: ...r would like to export 왏 Argument filepath filepath and filename 왏 Possible value filepath filepath and filename 왏 Example PSES 2126C config file set export path log 21511 txt 쮿 set import path 왏 Syntax 왏 Description To set up the filepath and filename that user would like to import 왏 Argument filepath filepath and filename 왏 Possible value filepath filepath and filename 왏 Example PSES 2126C confi...

Page 159: ... txt Import Path and Filename log 21511 txt dhcp boot 쮿 set dhcp boot 왏 Syntax 왏 Description To set up the delay time for DHCP Boot 왏 Argument 왏 sec range syntax 0 1 30 The value 0 is to disable dhcp boot delay 왏 Possible value sec 0 30 왏 Example PSES 2126C dhcp boot set 30 쮿 show 왏 Syntax 왏 Description To display the status of DHCP Boot 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C d...

Page 160: ...ed to test whether EEPROM UART DRAM and Flash is normal or not 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C diag diag EEPROM Test OK UART Test OK DRAM Test OK Flash Test OK 쮿 Loopback 왏 Syntax loopback 왏 Description For Internal External Loopback Test 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C diag loopback Internal Loopback Test OK ...

Page 161: ...e 왏 Possible value IP address e g 192 168 2 65 or domain name e g tw yahoo com 왏 Example PSES 2126C diag ping 192 168 1 115 Gateway 192 168 1 253 192 168 1 115 is alive firmware 쮿 set upgrade path 왏 Syntax 왏 Description To set up the image file that will be upgraded 왏 Argument filepath upgrade file path and name 왏 Possible value filepath upgrade file path and name 왏 Example PSES 2126C firmware set...

Page 162: ...ress 192 168 3 111 Path and Filename FEL2SW26_ES2126_v2 05 img 쮿 upgrade 왏 Syntax 왏 Description To run the software upgrade function 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C firmware upgrade Upgrading firmware gvrp 쮿 disable 왏 Syntax disable 왏 Description To disable the gvrp function 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C gvrp disable ...

Page 163: ... enter any of gvrp group for changing gvrp group setting You can change the applicant or registrar mode of existing gvrp group per port 왏 Argument group number enter which gvrp group you had created using value is vid Available range 1 to 4094 왏 Possible value group number 1 4094 왏 Example PSES 2126C gvrp show group GVRP group information Current Dynamic Group Number 1 VID Member Port 2 5 PSES 212...

Page 164: ...al 4 Non Participant Normal 5 Non Participant Normal 6 Non Participant Normal 7 Normal Normal 8 Normal Normal 12 Normal Normal 13 Normal Normal 23 Normal Normal 24 Normal Normal 25 Normal Normal 26 Normal Normal PSES 2126C gvrp group 2 set registrar 1 10 fixed PSES 2126C gvrp group 2 show GVRP group VID 2 Port Applicant Registrar 1 Non Participant Fixed 2 Non Participant Fixed 3 Non Participant Fi...

Page 165: ...ant 왏 Syntax set applicant range normal non participant 왏 Description To set default applicant mode for each port 왏 Argument range port range syntax 1 5 7 available from 1 to 26 normal set applicant as normal mode non participant set applicant as non participant mode 왏 Possible value range 1 to 26 normal non participant normal or non participant 왏 Example PSES 2126C gvrp set applicant 1 10 non par...

Page 166: ...rmal or fixed or forbidden 왏 Example PSES 2126C gvrp set registrar 1 5 fixed 쮿 set restricted 왏 Syntax set restricted range enable disable 왏 Description To set the restricted mode for each port 왏 Argument range port range syntax 1 5 7 available from 1 to 26 enable set restricted as enabled disable set restricted as disabled 왏 Possible value range 1 to 26 enable disable enable or disable 왏 Example ...

Page 167: ...mal Normal Enable 5 20 60 1000 Normal Normal Enable 6 20 60 1000 Normal Normal Enable 7 20 60 1000 Normal Normal Enable 8 20 60 1000 Normal Normal Enable 9 20 60 1000 Normal Normal Enable 10 20 60 1000 Normal Normal Enable 22 20 60 1000 Normal Normal Disable 23 20 60 1000 Normal Normal Disable 24 20 60 1000 Normal Normal Disable 25 20 60 1000 Normal Normal Disable 26 20 60 1000 Normal Normal Disab...

Page 168: ...eave leave timer available from 60 to 300 leaveall leaveall timer available from 1000 to 5000 Leave Time must equal double Join Time at least 왏 Possible value range 1 to 26 join 20 to 100 leave 60 to 300 leaveall 1000 to 5000 왏 Example PSES 2126C gvrp set timer 2 8 25 80 2000 쮿 show config 왏 Syntax show config 왏 Description To display the gvrp configuration 왏 Argument None 왏 Possible value None 왏 ...

Page 169: ...1000 Normal Normal Disable 23 20 60 1000 Normal Normal Disable 24 20 60 1000 Normal Normal Disable 25 20 60 1000 Normal Normal Disable 26 20 60 1000 Normal Normal Disable 쮿 show counter 왏 Syntax show counter port 왏 Description To show counter of the port 왏 Argument port port number available from 1 to 26 왏 Possible value port 1 to 26 왏 Example PSES 2126C gvrp show counter 2 GVRP Counter port 2 ...

Page 170: ...0 0 JoinEmpty message 0 0 JoinIn message 0 0 LeaveEmpty message 0 0 Empty message 0 0 쮿 show group 왏 Syntax show group 왏 Description To show the gvrp group 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C gvrp show group GVRP group information Current Dynamic Group Number 0 VID Member Port hostname 쮿 hostname 왏 Syntax 왏 Description To set up the hostname of the switch ...

Page 171: ...ption To add the entry of allowed IP multicast group 왏 Argument ip multicast the range of IP multicast vid VLAN ID 1 4094 or any port range syntax 1 5 7 available from 1 to 26 왏 Possible value ip multicast ex 224 1 1 1 225 2 3 3 or any vid 1 4094 or any port range 1 to 26 왏 Example PSES 2126C igmp snooping add allowed group 224 1 1 1 225 2 3 3 100 1 10 쮿 del allowed group 왏 Syntax del allowed grou...

Page 172: ...P Snooping 왏 Argument status 0 disable 1 active 2 passive 왏 Possible value status 0 1or 2 왏 Example PSES 2126C igmp snooping set mode 2 쮿 show igmp snooping 왏 Syntax 왏 Description To display IGMP snooping mode and allowed IP multicast entry 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C igmp snooping show igmp snooping Snoop Mode Active IP Multicast 1 IP Address 224 1 1 1 VLAN ID 0 Mem...

Page 173: ...hcp 왏 Syntax disable dhcp 왏 Description To disable the DHCP function of the system 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C ip disable dhcp DHCP is already stopped 쮿 enable dhcp 왏 Syntax enable dhcp manual auto 왏 Description To enable the system DHCP function and set DNS server via manual or auto mode 왏 Argument manual auto set DNS by using manual or auto mode 왏 Possible value ma...

Page 174: ...e ip 168 95 1 1 왏 Example PSES 2126C ip set dns 168 95 1 1 쮿 set ip 왏 Syntax set ip ip mask gateway 왏 Description To set the system IP address subnet mask and gateway 왏 Argument ip ip address mask subnet mask gateway default gateway 왏 Possible value ip 192 168 1 1 or others mask 255 255 255 0 or others gateway 192 168 1 253 or others 왏 Example PSES 2126C ip set ip 192 168 1 2 255 255 255 0 192 168...

Page 175: ...address 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C ip show DHCP Disable IP Address 192 168 1 1 Current IP Address 192 168 1 1 Subnet mask 255 255 255 0 Gateway 192 168 1 253 DNS Setting Manual DNS Server 192 95 1 1 log 쮿 clear 왏 Syntax clear 왏 Description To clear the log data 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C log clear 쮿 disable auto upload 왏 Syntax disabl...

Page 176: ...oad 왏 Syntax enable auto upload 왏 Description To enable the auto upload function 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C log enable auto upload 쮿 show 왏 Syntax show 왏 Description To show a list of trap log events When any of log events happens it will be recorded and using show command in log function to query Up to 120 log records are supported 왏 Argument None 왏 Possible value ...

Page 177: ... Port 1 3 Wed Apr 13 11 58 31 2005 Login admin 4 Wed Apr 13 11 19 45 2005 Login admin 5 Wed Apr 13 11 19 37 2005 Logout admin 쮿 upload 왏 Syntax Upload 왏 Description To upload log data through tftp 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C log upload mac table alias 쮿 del 왏 Syntax del mac 왏 Description To delete the mac alias entry 왏 Argument mac mac address format 00 02 03 04 05 0...

Page 178: ...e mac alias entry 왏 Argument mac mac address format 00 02 03 04 05 06 alias mac alias name max 15 characters 왏 Possible value mac mac address alias max 15 characters 왏 Example PSES 2126C mac table alias set 00 44 33 44 55 44 www 쮿 show 왏 Syntax show 왏 Description To display the mac alias entry 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C mac table alias show MAC Alias List MAC Addres...

Page 179: ...to search for syntax 1 5 7 available form 1 to 26 mac mac address format 01 02 03 04 05 06 can be used vid VLAN id from 1 to 4094 as don t care 0 as untagged 왏 Possible value port 1 to 26 vid 0 1 4094 왏 Example PSES 2126C mac table information search 1 26 MAC Table List Alias MAC Address Port VID State 00 40 c7 88 00 06 1 0 Dynamic PSES 2126C mac table information 쮿 show 왏 Syntax show 왏 Descriptio...

Page 180: ...ut time of dynamic learning mac 왏 Argument time Mac table ageout time between 10 and 1000000 seconds The value 0 means to disable age out time 왏 Possible value time 10 1000000 seconds or 0 왏 Example PSES 2126C mac table maintain set aging 300 쮿 set learning 왏 Syntax set learning port num 왏 Description To set up the maximum amount of MAC that each port can learn 왏 Argument port port range syntax 1 ...

Page 181: ...set learning 5 100 쮿 show 왏 Syntax show 왏 Description To display the settings of MAC table ageout time and the learning limit of each port 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C mac table maintain show Mac table ageout time 300 seconds Port Dynamically learn limit 1 8191 2 8191 3 8191 4 8191 5 8191 21 8191 22 8191 23 8191 24 8191 ...

Page 182: ...to 4094 queue which queue you want to set from 0 to 3 rule forwarding rule from 0 to 2 0 static 1 drop destination address matches 2 drop source address matches port forwarded destination port form 1 to 26 왏 Possible value vid 1 to 4094 queue 0 to 3 rule 0 to 2 port 1 to 26 왏 Example PSES 2126C mac table static mac add 00 22 44 55 66 77 1 0 0 6 쮿 del 왏 Syntax del mac 왏 Description To remove the st...

Page 183: ...e static mac show MAC VID Queue Forwarding Rule Port 1 00 40 C7 D6 00 01 200 2 Static with Destination Drop 2 management 쮿 add 왏 Syntax Usage set name value vid value ip value port value type value action value Synopsis set name Mary vid 20 ip 192 168 1 1 192 168 1 90 port 2 5 8 type h s action a Synopsis set name Mary vid 20 ip 192 168 1 1 192 168 1 90 왏 Description To save the adding management ...

Page 184: ...ault and it must be set vid value The range is 1 4095 and can be set to any ip value For example 192 168 1 90 192 168 1 90 or any port value For example 1 or 1 8 or 1 3 5 or any type value For example h ttp s nmp t elnet or any action value No default and it must be set 왏 Example PSES 2126C management add set name Mary vid 20 ip 192 168 1 1 192 168 1 90 port 2 5 8 type h s action a PSES 2126C mana...

Page 185: ...ES 2126C management delete 1 PSES 2126C management show Security rule list is empty now 쮿 edit the specific management policy entry 왏 Available range 1 to 65536 왏 Syntax Usage set name value vid value ip value port value type value action value Synopsis set name Mary vid 20 ip 192 168 1 1 192 168 1 90 port 2 5 8 type h s action a Synopsis set name Mary vid 20 ip 192 168 1 1 192 168 1 90 왏 Descript...

Page 186: ...92 168 1 90 or any port value For example 1 or 1 8 or 1 3 5 or any type value For example h ttp s nmp t elnet or any action value No default and it must be set 왏 Example PSES 2126C management edit 1 PSES 2126C management edit 1 set name Tom vid 2 ip 192 168 1 30 192 168 1 80 port 1 2 type s action d PSES 2126C management edit 1 show 1 Name Tom VlanID 2 IP 192 168 1 30 192 168 1 80 Type SNMP Action...

Page 187: ...rity 왏 Description To set the PoE priority on ports 왏 Argument port range G priority set priority as 0 Low 1 Normal 2 High 왏 Possible value port range 1 to 24 priority 0 1 or 2 왏 Example PSES 2126C poe set priority 1 12 2 쮿 set state 왏 Syntax set state port range state 왏 Description To set the PoE state on ports 왏 Argument port range G state enable or disable PoE function 0 Disable 1 Enable 왏 Poss...

Page 188: ...one 왏 Example PSES 2126C poe show Vmain 48 3 V Imain 0 0 A Pconsume 0 0 W Power Limit 185 W Temperature 37 C 98 F Port No 1 2 3 4 5 6 7 8 9 10 11 12 Port On X X X X X X X X X X X X AC Disconnect Port Off X X X X X X X X X X X X DC Disconnect Port Off X X X X X X X X X X X X Overload Port Off X X X X X X X X X X X X Short Circuit Port Off X X X X X X X X X X X X Over Temp Protection X X X X X X X X...

Page 189: ...X X X X X Overload Port Off X X X X X X X X X X X X Short Circuit Port Off X X X X X X X X X X X X Over Temp Protection X X X X X X X X X X X X Power Management Port Off X X X X X X X X X X X X Port Status State Priority Power W Current mA Class 1 Normal Enable Normal 0 0 0 0 2 Normal Enable Normal 0 0 0 0 3 Normal Enable Normal 0 0 0 0 4 Normal Enable Normal 0 0 0 0 5 Normal Enable Normal 0 0 0 0...

Page 190: ...Enable Normal 0 0 0 0 17 Normal Enable Normal 0 0 0 0 18 Normal Enable Normal 0 0 0 0 19 Normal Enable Normal 0 0 0 0 20 Normal Enable Normal 0 0 0 0 21 Normal Enable Normal 0 0 0 0 22 Normal Enable Normal 0 0 0 0 23 Normal Enable Normal 0 0 0 0 24 Normal Enable Normal 0 0 0 0 port 쮿 clear counter 왏 Syntax clear counter 왏 Description To clear all ports counter include simple and detail port counte...

Page 191: ...state 왏 Description To enable the communication capability of the port 왏 Argument range port range syntax 1 5 7 available from 1 to 26 왏 Possible value range 1 26 왏 Example PSES 2126C port enable state 3 10 쮿 set flow control 왏 Syntax set flow control range symmetric asymmetric 왏 Description To set up the flow control function of all ports 왏 Argument range port range syntax 1 5 7 available from 1 ...

Page 192: ...x 1 5 7 available from 1 to 26 port speed auto set auto negotiation mode 10 set speed to 10M 100 set speed to 100M 1000 set speed to 1000M port duplex half set to half duplex full set to full duplex 왏 Possible value range 1 to 26 port speed auto 10 100 1000 port duplex full half 왏 Example PSES 2126C port set speed duplex 8 100 full 쮿 show conf 왏 Syntax show conf 왏 Description To display the each p...

Page 193: ...ic 왏 Argument port available from 1 to 26 왏 Possible value 1 26 왏 Example PSES 2126C port show detail counter 6 쮿 show media 왏 Syntax show media port 왏 Description To display the module 25 or 26 information 왏 Argument port available 25 26 왏 Possible value port 25 26 왏 Example PSES 2126C port show media 25 Port 25 Fiber Media Information Connector Type SFP LC Fiber Type Multi mode MM Tx Central Wav...

Page 194: ... none Vcc none Mon1 Bias mA none Mon2 TX PWR none Mon3 RX PWR none 쮿 show simple counter 왏 Syntax show simple counter 왏 Description To display the summary counting of each port s traffic 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C port show simple counter 쮿 show status 왏 Syntax show status 왏 Description To display the port s current status 왏 Argument None 왏 Possible value None ...

Page 195: ...tate Auto Nego Speed Duplex Rx Pause Tx Pause 1 TP Down Enable Enable 2 TP Down Enable Enable 3 TP Down Enable Enable 4 TP Down Enable Enable 5 TP Up Enable Enable 100M Full ON ON 6 TP Down Enable Enable 7 TP Down Enable Enable 24 TP Down Enable Enable 25 TP Down Enable Enable 26 TP Down Enable Enable qos 쮿 disable 1p 왏 Syntax disable 1p ...

Page 196: ... 왏 Example PSES 2126C qos disable 1p 쮿 disable dscp 왏 Syntax disable dscp 왏 Description To disable IP DSCP qos 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C qos disable dscp 쮿 disable qos 왏 Syntax disable qos 왏 Description To disable qos function 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C qos disable qos 쮿 disable tos 왏 Syntax ...

Page 197: ...e 왏 Possible value None 왏 Example PSES 2126C qos disable tos 쮿 enable 1p 왏 Syntax enable 1p 왏 Description To enable 802 1p qos 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C qos enable 1p 쮿 enable dscp 왏 Syntax enable dscp 왏 Description To enable IP DSCP qos 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C qos enable dscp ...

Page 198: ... qos 쮿 enable tos 왏 Syntax enable tos 왏 Description To enable IP TOS qos 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C qos enable tos 쮿 set dscp 왏 Syntax set dscp q0 priority q1 priority q2 priority q3 priority 왏 Description To set IP DSCP qos weighting for 4 queues 왏 Argument q queue level q0 queue 0 q1 queue 1 q2 queue 2 q3 queue 3 priority priority level One queue has been assigned...

Page 199: ... Argument q queue level q0 queue 0 q1 queue 1 q2 queue 2 q3 queue 3 priority priority level One queue has been assigned 2 different priorities You don t need to use all of queues but must assign queues in order 왏 Syntax 1 2 or 2 5 7 available from 0 to 7 왏 Possible value priority 0 to 7 왏 Example PSES 2126C qos set pri tag q0 0 q1 2 q3 4 쮿 set sche 왏 Syntax set sche wrr strict wrr_0 wrr_1 wrr_2 wr...

Page 200: ...ity 0 Throughput Priority 1 Reliability Priority 2 Monetary Cost Priority 3 q queue level q0 queue 0 q1 queue 1 q2 queue 2 q3 queue 3 priority priority level One queue has been assigned 2 different priorities You don t need to use all of queues but must assign queues in order from low queue to high queue 왏 Syntax 1 2 or 2 5 7 available from 0 to 7 왏 Possible value type_value 0 3 priority 0 to 7 왏 ...

Page 201: ... 6 1 쮿 show dscp 왏 Syntax show dscp 왏 Description To show IP DSCP Qos configuration 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C qos show dscp ip diffserv classification Global QoS mode Enable QoS Disable 802 1p Priority Disable ip tos classification Enable ip diffserv classification Scheduling weighted round robin method weight wrr 0 1 wrr 1 1 wrr 2 8 wrr 3 16 weighted range 1 55 P0...

Page 202: ... Queue DiffServ Queue DiffServ Queue 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 16 1 17 1 18 1 19 1 20 1 21 1 22 1 23 1 24 1 25 1 26 1 27 1 28 1 29 1 30 1 31 1 32 2 33 2 34 2 35 2 36 2 37 2 38 2 39 2 40 2 41 2 42 2 43 2 44 2 45 2 46 2 47 2 48 3 49 3 50 3 51 3 52 3 53 3 54 3 55 3 ...

Page 203: ...on To show VIP port configuration 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C qos show port Port Based Priority Global QoS mode Enable QoS Enable 802 1p Priority Disable ip tos classification Disable ip diffserv classification Port No Mode Port No Mode 1 Enable 2 Enable 3 Enable 4 Enable 5 Enable 6 Enable 23 Disable 24 Disable 25 Disable 26 Disable ...

Page 204: ...e None 왏 Example PSES 2126C qos show priority tag 802 1p priority Global QoS mode Enable QoS Enable 802 1p Priority Disable ip tos classification Disable ip diffserv classification Scheduling weighted round robin method weight wrr 0 1 wrr 1 1 wrr 2 8 wrr 3 16 weighted range 1 55 P0 7 Priority 0 7 Default mode Queue0 P0 P1 Queue1 P2 P3 Queue2 P4 P5 Queue3 P6 P7 P0 P1 P2 P3 P4 P5 P6 P7 Queue 0 0 1 1...

Page 205: ...ES 2126C qos show tos ip tos classification Global QoS mode Enable QoS Disable 802 1p Priority Enable ip tos classification Disable ip diffserv classification Scheduling weighted round robin method weight wrr 0 1 wrr 1 1 wrr 2 8 wrr 3 16 weighted range 1 55 P0 7 Priority 0 7 Default mode Queue0 P0 P1 Queue1 P2 P3 Queue2 P4 P5 Queue3 P6 P7 P0 P1 P2 P3 P4 P5 P6 P7 Queue 0 0 1 1 2 2 3 3 TOS type Dela...

Page 206: ...ype Throughput Priority P0 P1 P2 P3 P4 P5 P6 P7 Queue 0 0 1 1 2 2 3 3 TOS type Reliability Priority P0 P1 P2 P3 P4 P5 P6 P7 Queue 0 0 1 1 2 2 3 3 TOS type Monetary Cost Priority reboot 쮿 reboot 왏 Syntax reboot 왏 Description To reboot the system 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C reboot security isolated group ...

Page 207: ...available from 0 to 26 set 0 as disabled 왏 Possible value port 0 to 26 왏 Example PSES 2126C security isolated group set 2 3 4 쮿 show 왏 Syntax show 왏 Description To display the current setting status of isolated group 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C security isolated group show Isolated group 2 3 4 mirror 쮿 disable 왏 Syntax disable 왏 Description To disable the function of...

Page 208: ...ty mirror enable 쮿 set 왏 Syntax set spy ingress egress 왏 Description To set up the monitoring port and monitored ports of the mirror function User can monitor the ports that receive or transmit the packets 왏 Argument spy monitoring port 왏 ingress monitored ingress port range syntax 1 5 7 available from 0 to 26 왏 egress monitored egress port range syntax 1 5 7 available from 0 to 26 set ingress egr...

Page 209: ...왏 Argument None 왏 Possible value None 왏 Example PSES 2126C security mirror show Mirror Monitoring Port 1 Monitored Ingress 4 Monitored Egress 2 3 snmp 쮿 disable 왏 Syntax disable set community disable snmp 왏 Description The Disable here is used for the de activation of snmp or set community 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C snmp disable set community PSES 2126C snmp disable...

Page 210: ...y PSES 2126C snmp enable snmp 쮿 set 왏 Syntax set get community community set set community community set trap ip port community 왏 Description The Set here is used for the setup of get community set community trap host ip host port and trap community 왏 Argument trap number range 1 to 6 ip ip address or domain name port trap port community community name 왏 Possible value trap number 1 to 6 port 1 65...

Page 211: ...S 2126C snmp show SNMP Enable Get Community public Set Community private Enable Trap Host 1 IP Address 192 168 1 1 Port 162 Community public Trap Host 2 IP Address 0 0 0 0 Port 162 Community public Trap Host 3 IP Address 0 0 0 0 Port 162 Community public Trap Host 4 IP Address 0 0 0 0 Port 162 Community public Trap Host 5 IP Address 0 0 0 0 Port 162 Community public Trap Host 6 IP Address 0 0 0 0 ...

Page 212: ... 26 왏 Example PSES 2126C stp Mcheck 1 8 쮿 disable 왏 Syntax disable 왏 Description To disable the function of STP 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C stp disable 쮿 enable 왏 Syntax enable 왏 Description To enable the function of STP 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C stp enable 쮿 set config 왏 Syntax set config Bridge Priority Hello Time Max Age Forward De...

Page 213: ...Priority 0 to 61440 Hello Time 1 to 10 Max Age 6 to 40 Forward Delay 4 to 30 왏 Example PSES 2126C stp set config 61440 2 20 15 쮿 set port 왏 Syntax set port range path cost priority edge_port admin p2p 왏 Description To set up the port information of STP 왏 Argument range syntax 1 5 7 available from 1 to 26 path cost 0 1 200000000 The value zero means auto status priority priority must be a multiple ...

Page 214: ...f STP 왏 Argument stp rstp stp rstp 왏 Possible value stp rstp stp rstp 왏 Example PSES 2126C stp set version rstp 쮿 show config 왏 Syntax show config 왏 Description To display the STP configuration data 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C stp show config STP State Configuration Spanning Tree Protocol Enabled Bridge Priority 0 61440 61440 Hello Time 1 10 sec 2 Max Age 6 40 sec 20...

Page 215: ...ent None 왏 Possible value None 왏 Example PSES 2126C stp show port Port Port Status Path Cost Priority Admin Edge Port Admin Point To Point 1 DISCARDING 2000000 128 Yes Auto 2 DISCARDING 2000000 128 Yes Auto 3 DISCARDING 2000000 128 Yes Auto 4 DISCARDING 2000000 128 Yes Auto 5 DISCARDING 2000000 128 Yes Auto 23 DISCARDING 200000 128 No Auto 24 DISCARDING 200000 128 No Auto ...

Page 216: ...us of STP 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C stp show status STP Status STP State Enabled Bridge ID 00 40 C7 D8 09 1D Bridge Priority 61440 Designated Root 00 40 C7 D8 09 1D Designated Priority 61440 Root Port 0 Root Path Cost 0 Current Max Age sec 20 Current Forward Delay sec 15 Hello Time sec 2 STP Topology Change Count 0 Time Since Last Topology Change sec 848 system 쮿 s...

Page 217: ...name 왏 Syntax set device name device name 왏 Description To set the device name description of the switch 왏 Argument device name string length up to 40 characters 왏 Possible value device name A b c d z and 1 2 3 etc 왏 Example PSES 2126C system set device name CR 2600 쮿 set location 왏 Syntax set location location 왏 Description To set the location description of the switch 왏 Argument location string ...

Page 218: ...126C System Description 24 Port 10 100BaseT TX Managed PoE Switch Location Contact Device Name PSES 2126C System Up Time 0 Days 0 Hours 4 Mins 50 Secs Current Time Wed Feb 08 16 55 29 2006 BIOS Version v1 05 Firmware Version v2 07 Hardware Mechanical Version v1 01 v1 01 Serial Number 031203000004 Host IP Address 192 168 1 1 Host MAC Address 00 00 8c 00 d8 00 Device Port UART 1 TP 24 Fiber 2 RAM Si...

Page 219: ...Access Login Login Primary Secondary Console Local None Telnet TACACS Local Web TACACS Local 쮿 show tac plus 왏 Syntax show tac access 왏 Description Shows the TACACS configuration 왏 Example ES 2126 tac plus show tac plus Authorization Enable Fallback to Local Authorization Enable Accounting Enable Secret Key secret Server IP 1 10 1 1 1 2 0 0 0 0 쮿 enable 왏 Syntax enable argument 왏 Description ...

Page 220: ...authorization 왏 Arguments Accounting disables the TACACS accounting Authorization disables the TACACS authorization Fallback author disables the fallback to local authorization 쮿 set console access 왏 Syntax set console access method1 method2 왏 Description Sets the primary and secondary access mode for the login via console outband 왏 Arguments Method from 0 to 2 0 Authentication via local user acco...

Page 221: ...n Sets the encryption key for the communication with the TACACS server This key must correspond with the encryption key which is configured in the TACACS server 왏 Arguments secret key maximum 31 characters 왏 Example ES 2126 tac plus set key secret Sets the encryption key to secret 쮿 set retry 왏 Syntax set retry retry 왏 Description Sets the access retry value When the login failed for the number of...

Page 222: ...from 0 to 2 0 Authentication via local user accounts of the device 1 Authentication via TACACS Server 2 No authentication required for method 2 only 왏 Example ES 2126 tac plus set telnet access 1 0 Sets the primary access mode for the login via telnet to TACACS and the secondary access mode to local user accounts 쮿 set web access 왏 Syntax set web access method1 method2 왏 Description Sets the prima...

Page 223: ... accounts tftp 쮿 set server 왏 Syntax set server ip 왏 Description To set up the IP address of tftp server 왏 Argument ip the IP address of tftp server 왏 Possible value ip tftp server IP 왏 Example PSES 2126C tftp set server 192 168 3 111 쮿 show 왏 Syntax show 왏 Description To display the information of tftp server 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C tftp show Tftp Server 192 168...

Page 224: ...t saving start Hour 00 23 mm daylight saving end Month 01 12 dd daylight saving end Day 01 31 hh daylight saving end Hour 00 23 왏 Possible value hr 5 to 5 MM 01 12 DD 01 31 HH 00 23 mm 01 12 dd 01 31 hh 00 23 왏 Example PSES 2126C time set daylightsaving 3 10 12 01 11 12 01 쮿 set manual 왏 Syntax set manual YYYY MM DD hh mm ss 왏 Description To set up the current time manually 왏 Argument YYYY Year 20...

Page 225: ...ime via NTP server 왏 Argument ip ntp server ip address or domain name timezone time zone GMT range 12 to 13 왏 Possible value timezone 12 11 0 1 13 왏 Example PSES 2126C time set ntp clock via net 8 Synchronizing 1 Synchronization success 쮿 show 왏 Syntax show 왏 Description To show the time configuration including Current Time NTP Server Timezone Daylight Saving Daylight Saving Start and Daylight Sav...

Page 226: ... 20 Hour 10 trunk 쮿 del trunk 왏 Syntax del trunk port range 왏 Description To remove the trunk port 왏 Argument port range syntax 1 5 7 available from 1 to 26 왏 Possible value port range 1 to 26 왏 Example PSES 2126C trunk del trunk 1 쮿 set hash 왏 Syntax set hash method 왏 Description To set up trunk hash method 왏 Argument method lacp hash method 0 DA and SA 1 SA 2 DA Note This hash method applies to ...

Page 227: ... set trunk 왏 Syntax set trunk port range method group active LACP 왏 Description To set up the status of trunk including the group number and mode of the trunk as well as LACP mode 왏 Argument port range syntax 1 5 7 available from 1 to 26 method static lacp static adopt the static link aggregation lacp adopt the dynamic link aggregation link aggregation control protocol group 1 3 active LACP passiv...

Page 228: ...ive 쮿 show aggtr view 왏 Syntax show aggtr view 왏 Description To display the aggregator list 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C trunk show aggtr view Aggregator 1 Method None Member Ports 1 Ready Ports 1 Aggregator 2 Method LACP Member Ports 2 Ready Ports 쮿 show lacp config 왏 Syntax show lacp config 왏 Description To display the value of LACP Priority ...

Page 229: ...cp detail 왏 Syntax show lacp detail aggtr 왏 Description To display the detailed information of the LACP trunk group 왏 Argument aggtr aggregator available from 1 to 26 왏 Possible value aggtr 1 to 26 왏 Example PSES 2126C trunk show lacp detail 2 Aggregator 2 Information Actor Partner System Priority MAC Address System Priority MAC Address 32768 00 40 c7 e8 00 02 32768 00 00 00 00 00 00 Port Key Trun...

Page 230: ...e settings of each port 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C trunk show status Trunk Port Setting Trunk Port Status port Method Group Active LACP Aggtregator Status 1 None 0 Active 1 Ready 2 LACP 1 Active 2 3 LACP 1 Active 3 4 LACP 1 Active 4 5 LACP 1 Active 5 6 None 0 Active 6 7 None 0 Active 7 8 None 0 Active 8 9 None 0 Active 9 10 None 0 Active 10 11 None 0 Active 11 ...

Page 231: ...ne 0 Active 19 20 None 0 Active 20 21 None 0 Active 21 22 None 0 Active 22 23 None 0 Active 23 24 None 0 Active 24 25 None 0 Active 25 26 None 0 Active 26 VLAN 쮿 del port group 왏 Syntax del port group name 왏 Description To delete the port based VLAN group 왏 Argument name port VLAN name 왏 Possible value name port VLAN name 왏 Example PSES 2126C VLAN del port group VLAN 2 쮿 del tag group 왏 Syntax del...

Page 232: ...Syntax disable double tag 왏 Description To disable double tag 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C VLAN disable double tag 쮿 disable drop untag 왏 Syntax disable drop untag port_range 왏 Description To disable drop untag 왏 Argument 왏 port_range which port s you want not to drop untagged frames Syntax 1 5 7 available from 1 to 26 왏 Possible value port_range 1 to 26 왏 Example PSE...

Page 233: ...Example PSES 2126C VLAN disable svl 쮿 disable symmetric 왏 Syntax disable symmetric 왏 Description To Not drop frames from the non member port 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C VLAN disable symmetric 쮿 enable double tag 왏 Syntax enable double tag 왏 Description To enable double tag 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C VLAN enable double tag ...

Page 234: ... untagged frames Syntax 1 5 7 available from 1 to 26 왏 Possible value port_range 1 to 26 왏 Example PSES 2126C VLAN enable drop untag 2 4 5 7 쮿 enable svl 왏 Syntax enable svl 왏 Description To enable Shared VLAN Learning 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C VLAN enable svl 쮿 enable symmetric 왏 Syntax enable symmetric 왏 Description To drop frames from the non member port 왏 Argum...

Page 235: ... set port based VLAN 왏 Possible value port tag port or tag 왏 Example PSES 2126C VLAN set mode tag 쮿 set port group 왏 Syntax set port group name range 왏 Description To add or edit a port based VLAN group 왏 Argument name port VLAN name 왏 range VLAN group members syntax 1 5 7 available from 1 to 26 왏 Possible value range 1 to 26 왏 Example PSES 2126C VLAN set port group VLAN 1 2 5 6 10 쮿 set pvid 왏 Sy...

Page 236: ...xample PSES 2126C VLAN set pvid 3 5 6 8 5 6 쮿 set tag group 왏 Syntax set tag group vid name member_range untag_range 왏 Description To add or edit the tag based VLAN group 왏 Argument vid VLAN id from 1 to 4094 name tag VLAN group name 왏 member_range member port syntax 1 5 7 available from 1 to 26 왏 untag_range untagged out port syntax 1 5 7 available from 0 to 26 set untag_range to 0 as none of the...

Page 237: ...Argument None 왏 Possible value None 왏 Example PSES 2126C VLAN show config Current VLAN mode Tag based VLAN Global setting Symmetric VLAN Disable Asymmetric SVL Disable IVL Double tag Disable 쮿 show group 왏 Syntax show group 왏 Description To display VLAN mode and VLAN group 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C VLAN show group Vlan mode is tag based 1 Name default ...

Page 238: ...3 14 15 16 17 18 19 20 21 22 23 24 25 26 2 Name VLAN 2 VID 2 Member 2 3 4 5 6 13 14 15 Untag 쮿 show pvid 왏 Syntax show pvid 왏 Description To display pvid priority and drop untag result 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C VLAN show pvid Port PVID Priority Drop Untag 1 1 0 Disable 2 1 0 Disable 3 5 6 Disable 4 1 0 Disable 5 5 6 Disable 6 5 6 Disable 7 5 6 Disable 8 5 6 Disable...

Page 239: ...0 Disable 14 1 0 Disable 15 1 0 Disable 16 1 0 Disable 17 1 0 Disable 18 1 0 Disable 19 1 0 Disable 20 1 0 Disable 21 1 0 Disable 22 1 0 Disable 23 1 0 Disable 24 1 0 Disable 25 1 0 Disable 26 1 0 Disable vs 쮿 disable 왏 Syntax disable 왏 Description To disable the virtual stack 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C vs disable ...

Page 240: ...None 왏 Example PSES 2126C vs enable 쮿 set gid 왏 Syntax set gid gid 왏 Description To set the group id 왏 Argument gid group ID 왏 Possible value gid a z A Z 0 9 왏 Example PSES 2126C vs set gid group1 쮿 set role 왏 Syntax set role master slave 왏 Description To set role 왏 Argument master slave master act as master slave act as slave 왏 Possible value master slave master or slave 왏 Example ...

Page 241: ...I Management 240 EN PSES 2126C vs set role master 쮿 show 왏 Syntax show 왏 Description To display the configuration of the virtual stack 왏 Argument None 왏 Possible value None 왏 Example PSES 2126C vs show Virtual Stack Config State Enable Role Master Group ID group1 ...

Page 242: ... per group supports DA SA and DA SA MAC based trunking with automatic failover Multicasting Supports IGMP snooping inkluding active and passive mode GVRP GARP 802 1q with GVRP GARP Spanning Tree Protokoll STP Rapid STP 802 1d 1w 802 3af Features Ports 24x 802 3af PoE ports Power 185 Watt total power with dynamic load balancing on all ports i e up to 15 4 watt for 12 ports or 7 7 watt für 24 ports ...

Page 243: ... 55022 EN 55024 EN 60950 Environment Temperature range 0 40 C humidity 5 90 non condensing Accessories 쮿 1000Base SX SFP module LANCOM SFP SX LC1 item no 61556 쮿 1000Base LX SFP module LANCOM SFP LX LC1 item no 61557 Service 5 years Support via Hotline and Internet LANCOM ES 2126 LANCOM ES 2126P ...

Page 244: ...M Systems herewith declares that the devices of the type described in this documentation are in agreement with the basic requirements and other relevant regulations of the 1995 5 EC directive The CE declarations of conformity for your device can be found on the relevant product page on the LANCOM Web site www lancom systems com Connector Pin Line 1 T 2 T 3 R 4 PoE G 5 PoE G 6 R 7 PoE 48 V 8 PoE 48...

Reviews:

No comments