manualshive.com logo in svg

Lantech LGS-2624C, User Manual, Page: 220 / 279

Share
Download
Lantech LGS-2624C User Manual Download Page 220

 
 

Multi 802.1X 

In port-based 802.1X authentication, once a supplicant is successfully 
authenticated on a port, the whole port is opened for network traffic. This 
allows other clients connected to the port (for instance through a hub) to 
piggy-back on the successfully authenticated client and get network access 
even though they really aren't authenticated. To overcome this security 
breach, use the Multi 802.1X variant. 
Multi 802.1X is really not an IEEE standard, but features many of the same 
characteristics as does port-based 802.1X. Multi 802.1X is - like Single 
802.1X - not an IEEE standard, but a variant that features many of the 
same characteristics. In Multi 802.1X, one or more supplicants can get 
authenticated on the same port at the same time. Each supplicant is 
authenticated individually and secured in the MAC table using the Port 
Security module. 
In Multi 802.1X it is not possible to use the multicast BPDU MAC address 
as destination MAC address for EAPOL frames sent from the switch 
towards the supplicant, since that would cause all supplicants attached to 
the port to reply to requests sent from the switch. Instead, the switch uses 
the supplicant's MAC address, which is obtained from the first EAPOL Start 
or EAPOL Response Identity frame sent by the supplicant. An exception to 
this is when no supplicants are attached. In this case, the switch sends 
EAPOL Request Identity frames using the BPDU multicast MAC address as 
destination - to wake up any supplicants that might be on the port. 
The maximum number of supplicants that can be attached to a port can be 
limited using the Port Security Limit Control functionality.  
 

MAC-based Auth. 

Unlike port-based 802.1X, MAC-based authentication is not a standard, but 
merely a best-practices method adopted by the industry. In MAC-based 
authentication, users are called clients, and the switch acts as the 
supplicant on behalf of clients. The initial frame (any kind of frame) sent by 
a client is snooped by the switch, which in turn uses the client's MAC 
address as both username and password in the subsequent EAP exchange 
with the RADIUS server. The 6-byte MAC address is converted to a string 
on the following form "xx-xx-xx-xx-xx-xx", that is, a dash (-) is used as 
separator between the lower-cased hexadecimal digits. The switch only 
supports the MD5-Challenge authentication method, so the RADIUS server 
must be configured accordingly. 
When authentication is complete, the RADIUS server sends a success or 
failure indication, which in turn causes the switch to open up or block traffic 
for that particular client, using the Port Security module. Only then will 
frames from the client be forwarded on the switch. There are no EAPOL 
frames involved in this authentication, and therefore, MAC-based 
Authentication has nothing to do with the 802.1X standard. 
The advantage of MAC-based authentication over port-based 802.1X is that 
several clients can be connected to the same port (e.g. through a 3rd party 
switch or a hub) and still require individual authentication, and that the 
clients don't need special supplicant software to authenticate. The 
advantage of MAC-based authentication over 802.1X-based authentication 
is that the clients don't need special supplicant software to authenticate. 
The disadvantage is that MAC addresses can be spoofed by malicious 
users - equipment whose MAC address is a valid RADIUS user can be 
used by anyone. Also, only the MD5-Challenge method is supported. The 
maximum number of clients that can be attached to a port can be limited 

Summary of Contents for LGS-2624C

Page 1: ...LGS 2624C 20 10 100 1000T 4 100 1000M SFP Combo 2 100 1000M SFP L2 Plus Managed Switch User Manual v1 00 Sept 2011...

Page 2: ...mware each of which is referred to as Software in this Agreement BY COPYING OR USING THE SOFTWARE YOU ACCEPT ALL OF THE PROVISIONS AND CONDITIONS OF THIS AGREEMENT THE PROVISIONS EXPRESSED IN THIS AGR...

Page 3: ...yright in the Software and related documentation will cease being effective at the date of expiration Notwithstanding the termination or expiration of the term of this agreement it is acknowledged and...

Page 4: ...1 6 SNMP 19 1 6 1 System 19 1 6 2 Communities 21 1 6 3 Users 22 1 6 4 Groups 24 1 6 5 Views 25 1 6 6 Access 27 1 6 7 Tarp 29 2 CONFIGURATION 31 2 1 PORT 31 2 1 1 Configuration 31 2 1 2 Port Descriptio...

Page 5: ...6 6 IPv6 SSM Information 92 2 7 MVR 95 2 7 1 Configuration 95 2 7 2 Groups Information 96 2 7 3 Statistics 97 2 8 LLDP 97 2 8 1 LLDP Configuration 98 2 8 2 LLDP Neighbours 102 2 8 3 LLDP MED Configur...

Page 6: ...ATION 183 3 SECURITY 185 3 1 IP SOURCE GUARD 185 3 1 1 Configuration 185 3 1 2 Static Table 187 3 1 3 Dynamic Table 188 3 2 ARP INSPRCTION 189 3 2 1 Configuration 189 3 2 2 Static Table 190 3 2 3 Dyna...

Page 7: ...4 3 3 Save User 237 4 3 4 Restore User 238 4 4 EXPORT IMPORT 239 4 4 1 Export Config 239 4 4 2 Import Config 240 4 5 DIAGMOSTICS 241 4 5 1 Ping 241 4 5 2 Ping6 243 4 5 3 VeriPHY 244 B GLOSSARY OF WEB...

Page 8: ...Revision History Release Date Revision V0 91 08 12 2011 A1...

Page 9: ...monitor the LGS 2624C through the built in CLI and web by RJ 45 serial interface and Ethernet ports step by step Many explanation in detail of hardware and software functions are shown as well as the...

Page 10: ...sword then click the Login button The login process now is completed In this login menu you have to input the complete username and password respectively the switch will not give you a shortcut to use...

Page 11: ...t IE 6 0 above Netscape V7 1 above or FireFox V1 00 above and have the resolution 1024x768 The switch supported neutral web browser interface for example left section is the whole function tree with w...

Page 12: ...ion Firmware Version Hardware Mechanical Version Serial Number Host IP Address Host Mac Address Device Port RAM Size Flash Size and With this information you will know the software version used MAC ad...

Page 13: ...d in Configuration System Information System Location Chip ID The Chip ID of this switch MAC Address The MAC Address of this switch System Date The current GMT system time and date The system time is...

Page 14: ......

Page 15: ...this person The allowed string length is 0 to 255 and the allowed content is the ASCII characters from 32 to 126 System Name An administratively assigned name for this managed node By convention this...

Page 16: ......

Page 17: ...r the last 100ms 1sec and 10 seconds intervals The last 120 samples are graphed and the last numbers are displayed as text as well In order to display the SVG graph your browser must support the SVG f...

Page 18: ...t Year Month Day Hour Minute and Second within the valid value range indicated in each item Web Interface To configure Time in the web interface 1 Click Time Manual 2 Specify the Time parameter in man...

Page 19: ...e it passed over And when the time passes over the ending time the system time will be decreased one hour after one minute at the time since it passed over The switch supports valid configurable day l...

Page 20: ...erform time sync via NTP because the switch will combine this time zone offset and updated NTP time to come out the local time otherwise you will not able to get the correct time The switch supports c...

Page 21: ...0 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can only appear once It can also represent a l...

Page 22: ...d of Authorization in advance before configuring the username and password Only one administrator is allowed to exist and unable to be deleted In addition up to 4 guest accounts can be created 1 3 1 U...

Page 23: ...uld be same or greater than the group privilege level to have the access of that group By default setting most groups privilege level 5 has the read only access and privilege level 10 has the read wri...

Page 24: ...ue is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level User s privilege should be same or greater than the g...

Page 25: ...IPMC Snooping LACP LLDP LLDP MED MAC Table MRP MVR MVRP Maintenance Mirroring POE Ports Private VLANs QoS SMTP SNMP Security Spanning Tree System Trap Event VCL VLANs Voice VLAN Privilege Levels form...

Page 26: ...P source guard IP Everything except ping Port Everything except VeriPHY Diagnostics ping and VeriPHY Maintenance CLI System Reboot System Restore Default System Password Configuration Save Configurati...

Page 27: ...er substantial movement to adopt a new version of the Internet Protocol IPv6 which would have 128 bits Internet Protocol addresses This number can be represented roughly by a three with thirty nine ze...

Page 28: ...s of this switch in dotted decimal notation IP Mask Provide the IP mask of this switch dotted decimal notation IP Router Provide the IP address of the router in dotted decimal notation SNTP Server Pro...

Page 29: ...Save Parameter description Auto Configuration Enable IPv6 auto configuration by checking this box If fails the configured IPv6 address is zero The router may delay responding to a router solicitation...

Page 30: ...o four hexadecimal digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit grou...

Page 31: ...gure Syslog configuration in the web interface 1 Click SYSTEM Syslog 2 Specify the syslog parameters includes IP Address of Syslog server and Port number 3 Evoke the Sylog to enable it 4 Click Save Pa...

Page 32: ...el Indicates what kind of message will send to syslog server Possible modes are Emerg send Emerg Alert send Emerg Alert Crit send Emerg Alert Crit Error send Emerg Alert Crit Error Warning Send warnin...

Page 33: ...og 2 Display the log information Parameter description ID ID 1 of the system log entry Level level of the system log entry The following level types are supported Information level of the system log W...

Page 34: ...information of the switch Web Interface To display the detailed log configuration in the web interface 1 Click Syslog Detailed Log 2 Display the log information Parameter description ID The ID 1 of th...

Page 35: ...agent will be started up All supported MIB OIDs including RMON MIB can be accessed via SNMP manager If the field SNMP is set Disable SNMP agent will be de activated the related Community Name Trap Ho...

Page 36: ...ere The term SNMP here is used for the activation or de activation of SNMP Enable Enable SNMP state operation Disable Disable SNMP state operation Default Enable Engine ID SNMPv3 engine ID syntax 0 9...

Page 37: ...want to modify or clear the setting then click Reset Parameter description Delete Check to delete the entry It will be deleted during the next save Community Indicates the community access string to p...

Page 38: ...al format with number of digits between 10 and 64 but all zeros and all F s are not allowed The SNMPv3 architecture uses the User based Security Model USM for message security and the View based Acces...

Page 39: ...indicate that this user uses SHA authentication protocol The value of security level cannot be modified if entry already exists That means must first ensure that the value is set correctly Authenticat...

Page 40: ...n Delete Check to delete the entry It will be deleted during the next save Security Model Indicates the security model that this entry should belong to Possible security models are v1 Reserved for SNM...

Page 41: ...eter description Delete Check to delete the entry It will be deleted during the next save View Name A string identifying the view name that this entry should belong to The allowed string length is 1 t...

Page 42: ...OID Subtree The OID defining the root of the subtree to add to the named view The allowed OID length is 1 to 128 The allowed string content is digital number or asterisk...

Page 43: ...on Delete Check to delete the entry It will be deleted during the next save Group Name A string identifying the group name that this entry should belong to The allowed string length is 1 to 32 and the...

Page 44: ...ues The allowed string length is 1 to 32 and the allowed content is ASCII characters from 33 to 126 Write View Name The name of the MIB view defining the MIB objects for which this request may potenti...

Page 45: ...ber button and enter the trap information then check Apply Max Group Number 6 Web Interface To configure SNMP Trap setting 1 Click SNMP Trap 2 Display the SNMP Trap Hosts information table 3 Choice a...

Page 46: ...formations warnings and errors Warning Send warnings and errors Error Send errors Security Level There are three kinds of choices NoAuth NoPriv No authentication and no privacy Auth NoPriv Authenticat...

Page 47: ...ts content or status in the function 2 1 1 Configuration This chapter describes how to view the current port configuration and how to configure ports to non default settings including Linkup Linkdown...

Page 48: ...obeyed and the Current Tx column indicates whether pause frames on the port are transmitted The Rx and Tx settings are determined by the result of the last Auto Negotiation Check the configured column...

Page 49: ...tification for the system s hardware type software version and networking application Web Interface To configure an Port Description in the web interface 1 Click Configuration Port then Port Descripti...

Page 50: ...fresh then you need to evoke the Auto refresh 3 Click Refresh to refresh the port statistics or clear all information when you click Clear Parameter description Port The logical port for the settings...

Page 51: ...lay the per Port detailed Statistics Overview in the web interface 1 Click Configuration Port then Detailed Port Statistics 2 Scroll the Port Index to select which port you want to show the detailed P...

Page 52: ...nsmit Queue Counters The number of received and transmitted packets per input and output queue Receive Error Counters Rx Drops The number of frames dropped due to lack of receive buffers or egress con...

Page 53: ...Transmit Error Counters Tx Drops The number of frames dropped due to output buffer congestion Tx Late Exc Coll The number of frames dropped due to excessive or late collisions...

Page 54: ...3 Click Refresh to refresh the Queueing Counters or clear all information when you click Clear Parameter description Port The logical port for the settings contained in the same row Low Queue There ar...

Page 55: ...Port The logical port for the settings contained in the same row Qn There are QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received and transmitted packets per queue...

Page 56: ...ce To Display the SFP information in the web interface 1 Click Configuration Port then SFP Information 2 To display the SFP Information Parameter description Connector Type Display the connector type...

Page 57: ...ame of the naming by module manufacturer Vendor Rev Revision Display the module revision Vendor SN Serial Number Show the serial number assigned by the manufacturer Date Code Show the date this SFP mo...

Page 58: ...dy for a port but is instead queued until 3000 bytes of data are ready to be transmitted For not introducing a large delay in case that data less then 3000 bytes shall be transmitted data are always t...

Page 59: ...the page header Port The switch port number of the logical EEE port EEE Enabled Controls whether EEE is enabled for this switch port EEE Urgent Queues Queues set will activate transmition of frames a...

Page 60: ...sy to determine what type of ACL policy you will be working with 2 2 1 Ports The section describes how to configure the ACL parameters ACE of the each switch port These parameters will affect frames r...

Page 61: ...bled Mirror Specify the mirror operation of this port The allowed values are Enabled Frames received on the port are mirrored Disabled Frames received on the port are not mirrored The default value is...

Page 62: ...l the Unit with pps or kbps 4 Click the save to save the setting 5 If you want to cancel the setting then you need to click the reset button It will revert to previously saved values Parameter descrip...

Page 63: ...56 on each switch Click on the lowest plus sign to add a new ACE to the list The reserved ACEs used for internal protocol cannot be edited or deleted the order sequence cannot be changed an the priori...

Page 64: ...P The ACE will match IPv4 frames with TCP protocol IPv4 Other The ACE will match IPv4 frames which are not ICMP UDP TCP IPv6 The ACE will match all IPv6 standard frames Action Indicates the forwarding...

Page 65: ...f the ACE Possible values are Enabled If a frame matches the ACE the ingress port will be disabled Disabled Port shut down is disabled for the ACE Counter The counter indicates the number of times the...

Page 66: ...port of the ACE Possible values are Any The ACE will match any ingress port Policy The ACE will match ingress ports with a specific policy Port The ACE will match a specific ingress port Frame Type I...

Page 67: ...isabled or a specific port number When Disabled is displayed the port copy operation is disabled Mirror Specify the mirror operation of this port The allowed values are Enabled Frames received on the...

Page 68: ...unk group without any handshaking with its peer port This is also a disadvantage because the peer ports of your static trunk group may not know that they should be aggregate together to form a logic t...

Page 69: ...for the frame Check to enable the use of the TCP UDP Port Number or uncheck to disable By default TCP UDP Port Number is enabled Aggregation Group Configuration Locality Indicates the aggregation grou...

Page 70: ...ations and possibly change them as well An LACP trunk group with more than one ready member ports is a real trunked group An LACP trunk group with only one or less than one ready member ports is not a...

Page 71: ...ncurred by the port range 1 65535 The Auto setting will set the key as appropriate by the physical link speed 10Mb 1 100Mb 2 1Gb 3 Using the Specific setting a user defined value can be entered Ports...

Page 72: ...oke the Auto refresh 3 Click Refresh to refresh the LACP System Status Parameter description Aggr ID The Aggregation ID associated with this aggregation instance For LLAG the id is shown as isid aggr...

Page 73: ...he information then you need to evoke the Auto refresh 3 Click Refresh to refresh the LACP Port Status Parameter description Port The switch port number LACP Yes means that LACP is enabled and the por...

Page 74: ...Aggregation ID assigned to this aggregation group IDs 1 and 2 are GLAGs while IDs 3 14 are LLAGs Partner System ID The partner s System ID MAC address Partner Port The partner s port number connected...

Page 75: ...figuration LACP Port Statistics 2 If you want to auto refresh the information then you need to evoke the Auto refresh 3 Click Refresh to refresh the LACP Statistics Parameter description Port The swit...

Page 76: ...s the lowest path cost when forwarding a packet from that LAN to the root device All ports connected to designated bridging devices are assigned as designated ports After determining the lowest cost s...

Page 77: ...c Settings Protocol Version The STP protocol version setting Valid values are STP RSTP and MSTP Bridge Priority Controls the bridge priority Lower numeric values have better priority The bridge priori...

Page 78: ...t BPDU Guard Control whether a port explicitly configured as Edge will disable itself upon reception of a BPDU The port will enter the error disabled state and will be removed from the active topology...

Page 79: ...k Configuration Spanning Tree MSTI Mapping 2 Specify the configuration identification parameters in the field Specify the VLANs Mapped blank field 3 Click the save to save the setting 4 If you want to...

Page 80: ...licit mapping as it will receive the VLANs not explicitly mapped VLANs Mapped The list of VLANs mapped to the MSTI The VLANs must be separated with comma and or space A VLAN can only be mapped to one...

Page 81: ...ibly change them as well Web Interface To configure the Spanning Tree MSTI Priorities parameters in the web interface 1 Click Configuration Spanning Tree MSTI Priorities 2 Scroll the Priority maximum...

Page 82: ...ve the setting 5 If you want to cancel the setting then you need to click the Reset button It will revert to previously saved values Parameter description Port The switch port number of the logical ST...

Page 83: ...nning tree active topology possibly because those bridges are not under the full control of the administrator This feature is also known as Root Guard Restricted TCN If enabled causes the port not to...

Page 84: ...n options It contains MSTI port settings for physical and aggregated ports The aggregation settings are stack global Web Interface To configure the Spanning Tree MSTI Port Configuration parameters in...

Page 85: ...d using the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost ports ar...

Page 86: ...tion then you need to evoke the Auto refresh 3 Click Refresh to refresh the STP Bridges Parameter description MSTI The Bridge Instance This is also a link to the STP Detailed Bridge Status Bridge ID T...

Page 87: ...tus 2 If you want to auto refresh the information then you need to evoke the Auto refresh 3 Click Refresh to refresh the STP Bridges Parameter description Port The switch port number of the logical ST...

Page 88: ...o refresh 3 Click Refresh to refresh the STP Bridges Parameter description Port The switch port number of the logical STP port MSTP The number of MSTP Configuration BPDU s received transmitted on the...

Page 89: ...before The packets will be discarded by the IGMP Snooping if the user transmits multicast packets to the multicast group that had not been built up in advance IGMP mode enables the switch to issue IGM...

Page 90: ...oxy This feature can be used to avoid forwarding unnecessary join and leave messages to the router side Router Port Specify which ports act as router ports A router port is a port on the Ethernet swit...

Page 91: ...e next closest VLAN Table match Web Interface To configure the IGMP Snooping VLAN Configuration in the web interface 1 Click Configuration IGMP Snooping VLAN Configuration 2 Evoke to select enable or...

Page 92: ...s router ports A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier If an aggregation member port is selected as a router port the whole aggre...

Page 93: ...ted or denied If an IGMP profile denying access to a multicast group is applied to a switch port the IGMP join report requesting the stream of IP multicast traffic is dropped and the port is not allow...

Page 94: ...escription Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings Filtering Groups The IP Multicast Group that will be filtered Adding New Filt...

Page 95: ...iguration IGMP Snooping Status 2 If you want to auto refresh the information then you need to evoke the Auto refresh 3 Click Refresh to refresh the IGMP Snooping Status 4 Click Clear to clear the IGMP...

Page 96: ...Queries V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Reports V3 Reports Received The number of Received V3 Reports V2 Leaves Received The number...

Page 97: ...web interface 1 Click Configuration IGMP Snooping Group Information 2 If you want to auto refresh the information then you need to evoke the Auto refresh 3 Click Refresh to refresh a entry of the IGMP...

Page 98: ...any excess traffic on the network Addresses in the range 232 0 0 0 8 232 0 0 0 to 232 255 255 255 are reserved for SSM by IANA In the switch you can configure SSM for arbitrary IP multicast addresses...

Page 99: ...yed table Use the button to start over IGMPv3 Information Table Columns VLAN ID VLAN ID of the group Group Group address of the group displayed Port Switch port number Mode Indicates the filtering mod...

Page 100: ...ress are multicast addresses and any node that listens to such an address will receive the traffic sent to that address Application software running on the source and destination systems cooperates to...

Page 101: ...Snooping Unregistered IPMC Flooding enabled Enable unregistered IPMCv6 traffic flooding Please note that disabling unregistered IPMCv6 traffic flooding may lead to failure of Neighbor Discovery Leave...

Page 102: ...Fast Leave Enable the fast leave on the port Throttling Enable to limit the number of multicast groups to which a switch port can belong...

Page 103: ...played table Use the button to start over Web Interface To configure the MLD Snooping VLAN Configuration in the web interface 1 Click Configuration MLD Snooping VLAN Configuration 2 Specify the VLAN I...

Page 104: ...terval is the Maximum Response Delay used to calculate the Maximum Response Code inserted into Multicast Address Specific Queries sent in response to Version 1 Multicast Listener Done messages It is a...

Page 105: ...ooping Port Group Filtering Configuration 2 Click the Add new Filtering Group 3 Specify the Filtering Groups with entries per page 4 Click the save to save the setting 5 If you want to cancel the sett...

Page 106: ...eb interface 1 Click Configuration MLD Snooping Status 2 If you want to auto refresh the information then you need to evoke the Auto refresh 3 Click Refresh to refresh a entry of the MLD Snooping Stat...

Page 107: ...of Transmitted Queries Queries Received The number of Received Queries V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Reports V1 Leaves Received Th...

Page 108: ...s information Parameter description Navigating the MLD Group Table Each page shows up to 99 entries from the MLD Group table default being 20 selected through the entries per page input field When fir...

Page 109: ...ect the starting point in the MLDv2 Information Table Web Interface To display the MLDv2 IPv6 SSM Information in the web interface 1 Click Configuration MLD Snooping IPv6 SSM Information 2 If you want...

Page 110: ...source addresses for filtering to be 128 Type Indicates the Type It can be either Allow or Deny...

Page 111: ...ppropriate multicast Uplink ports that send and receive multicast data to and from the multicast VLAN are called MVR source ports 2 7 1 Configuration The section describes user could set the MVR basic...

Page 112: ...oup Table are shown on this page The MVR Group Table is sorted first by VLAN ID and then by group Web Interface To display the MVR Groups Information in the web interface 1 Click Configuration MVR Gro...

Page 113: ...you want to auto refresh the information then you need to evoke the Auto refresh 3 To Click the Refresh to refresh a entry of the MVR Statistics Information 4 Click or to move to previous or next entr...

Page 114: ...d Ethernet The protocol is formally referred to by the IEEE as Station and Media Access Control Connectivity Discovery specified in standards document IEEE 802 1AB 2 8 1 LLDP Configuration You can per...

Page 115: ...erval seconds Valid values are restricted to 2 10 times Tx Delay If some configuration is changed e g the IP address a new LLDP frame is transmitted but the time between the LLDP frames will always be...

Page 116: ...LDP neighbours table are decoded All other TLVs are discarded Unrecognized CDP TLVs and discarded CDP frames are not shown in the LLDP statistics CDP TLVs are mapped onto LLDP neighbours table as show...

Page 117: ...is included in LLDP information transmitted Sys Descr Optional TLV When checked the system description is included in LLDP information transmitted Sys Capa Optional TLV When checked the system capabi...

Page 118: ...k Refresh for manual update web screen 3 Click Auto refresh for auto update web screen Parameter description Local Port The port on which the LLDP frame was received Chassis ID The Chassis ID is the i...

Page 119: ...ne 7 DOCSIS cable device 8 Station only 9 Reserved When a capability is enabled the capability is followed by If the capability is disabled the capability is followed by Management Address Management...

Page 120: ...of Power over Ethernet PoE end points Inventory management allowing network administrators to track their network devices and determine their characteristics manufacturer software and hardware version...

Page 121: ...neral In addition it is best to advertise only those pieces of information which are specifically relevant to particular endpoint types for example only advertise the voice network policy to permitted...

Page 122: ...he possibility of the neighbours receiving the LLDP frame With Fast start repeat count it is possible to specify the number of times the fast start transmission would be repeated The recommended value...

Page 123: ...NAD83 NAVD88 North American Datum 1983 CRS Code 4269 Prime Meridian Name Greenwich The associated vertical datum is the North American Vertical Datum of 1988 NAVD88 This datum pair is to be used when...

Page 124: ...ndmark or vanity address Example Columbia University Additional location info Additional location info Example South Wing Name Name residence and office occupant Example Flemming Jahn Zip code Postal...

Page 125: ...which apply for a set of specific protocol applications on that port Improper network policy configurations are a very significant issue in VoIP environments that frequently result in voice quality d...

Page 126: ...s and other similar appliances supporting interactive voice services These devices are typically deployed on a separate VLAN for ease of deployment and enhanced security by isolation from data applica...

Page 127: ...for the video media This application type should not be advertised if all the same network policies apply as those advertised in the Video Conferencing application policy Tag Tag indicating whether th...

Page 128: ...through 63 A value of 0 represents use of the default DSCP value as defined in RFC 2475 Adding a new policy Click to add a new policy Specify the Application type Tag VLAN ID L2 Priority and DSCP for...

Page 129: ...frame was received Device Type LLDP MED Devices are comprised of two primary Device Types Network Connectivity Devices and Endpoint Devices LLDP MED Network Connectivity Device Definition LLDP MED Net...

Page 130: ...applicable to all endpoint products that require the base LLDP discovery services defined in TIA 1057 however do not support IP media or act as an end user communication appliance Such devices may inc...

Page 131: ...mation embedded L2 switch support inventory management LLDP MED Capabilities LLDP MED Capabilities describes the neighbour unit s LLDP MED capabilities The possible capabilities are 1 LLDP MED capabil...

Page 132: ...ations supporting streaming video services that require specific network policy treatment Video applications relying on TCP with buffering would not be an intended use of this application type 8 Video...

Page 133: ...Q 2003 meaning that only the IEEE 802 1D priority level is significant and the default PVID of the ingress port is used instead Priority Priority is the Layer 2 priority to be used for the specified a...

Page 134: ...reen 3 Click Auto refresh for auto update web screen Parameter description Local Port The port on which LLDP frames are received or transmitted Tx Tw The link parther s maximum time that transmit path...

Page 135: ...receives echoed parameters that do not match the values in its local MIB then the local link partner infers that the remote link partners request was based on stale information Echo Rx Tw The link pa...

Page 136: ...ounters Parameter description Global Counters Neighbour entries were last changed on It also shows the time when the last entry was last deleted or added It also shows the time elapsed since the last...

Page 137: ...new entry in the table when the Chassis ID or Remote Port ID is not already contained within the table Entries are removed from the table when a given port s link is down an LLDP shutdown frame is re...

Page 138: ...h shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed fro...

Page 139: ...trol of the mode so that it cannot be changed by the user An example of such a module is the MAC Based Authentication under 802 1X Each port can do learning based upon the following settings Auto Lear...

Page 140: ...D and then by MAC address Delete Check to delete the entry It will be deleted during the next save VLAN ID The VLAN ID of the entry MAC Address The MAC address of the entry Port Members Checkmarks ind...

Page 141: ...in the web interface 1 Click Dynamic MAC Table 2 Specify the VLAN and MAC Address 3 Display MAC Address Table Parameter description MAC Table Columns Switch stack only The stack unit where the entry i...

Page 142: ...or connect to the new management VLAN through a multi VLAN route 2 10 1 VLAN Membership The VLAN membership configuration for the selected stack switch unit switch can be monitored and modified here...

Page 143: ...orts are members and all boxes are unchecked Adding a New VLAN Click to add a new VLAN ID An empty row is added to the table and the VLAN can be configured as needed Legal values for a VLAN ID are 1 t...

Page 144: ...rt as Access Trunk or Hybrid Web Interface To configure VLAN Port configuration in the web interface 1 Click VLAN Port Configuration 2 Specify the VLAN Port Configuration parameters 3 Click Save Param...

Page 145: ...his parameter affects VLAN ingress and egress processing If None is selected a VLAN tag with the classified VLAN ID is inserted in frames transmitted on the port This mode is normally used for ports c...

Page 146: ...he following VLAN user types CLI Web SNMP These are referred to as static NAS NAS provides port based authentication which involves communications between a Supplicant Authenticator and an Authenticat...

Page 147: ...ment VLAN Membership The VLAN Membership Status Page shall show the current VLAN port members for all VLANs configured by a selected VLAN User selection shall be allowed by a Combo Box When ALL VLAN U...

Page 148: ...ined in the same row PVID Shows the VLAN identifier for that port The allowed values are 1 through 4095 The default value is 1 Port Type Shows the Port Type Port type can be any of Unaware C port S po...

Page 149: ...ltering frame status whether tagged or untagged UVID Shows UVID untagged VLAN ID Port s UVID determines the packet s behaviour at the egress side Conflicts Shows status of Conflicts whether exists or...

Page 150: ...VLAN IDs and Private VLAN IDs can be identical A port must be a member of both a VLAN and a Private VLAN to be able to forward packets By default all ports are VLAN unaware and members of VLAN 1 and...

Page 151: ...VLAN Click to add a new private VLAN ID An empty row is added to the table and the private VLAN can be configured as needed The allowed range for a private VLAN ID is the same as the switch port numbe...

Page 152: ...address on said layer 2 switch and a forwarding map is generated for the data packet based upon the destination address on the data packet The data packet is then sent to the plurality of ports pursu...

Page 153: ...se the resources in the old VLAN On the other hand if Port A and Port B belong to the same VLAN after terminal devices access the network through Port B they will have access to the same resources as...

Page 154: ...ed By default no ports are members and all boxes are unchecked Adding a New MAC based VLAN Click to add a new MAC based VLAN entry An empty row is added to the table and the MAC based VLAN entry can b...

Page 155: ...involves communications between a Supplicant Authenticator and an Authentication Server Web Interface To Display MAC based VLAN configured in the web interface 1 Click MAC based VLAN Status 2 Specify...

Page 156: ...ing on networks using IEEE 802 2 LLC more protocols than can be distinguished by the 8 bit 802 2 Service Access Point SAP fields SNAP supports identifying protocols by Ethernet type field values it al...

Page 157: ...b values a OUI OUI Organizationally Unique Identifier is value in format of xx xx xx where each pair xx in string is a hexadecimal value ranges from 0x00 0xff b PID If the OUI is hexadecimal 000000 th...

Page 158: ...on Delete To delete a Group Name to VLAN map entry check this box The entry will be deleted on the switch during the next Save Group Name A valid Group Name is a string of atmost 16 characters which c...

Page 159: ...pping make sure the box is unchecked By default no ports are members and all boxes are unchecked Adding a New Group to VLAN mapping entry Click to add a new entry in mapping table An empty row is adde...

Page 160: ...n the Voice VLAN then the switch can classify and schedule network traffic It is recommended that there be two VLANs on a port one for voice one for data Before connecting the IP device to the switch...

Page 161: ...allowed range is 10 to 10000000 seconds It is used when security mode or auto detect mode is enabled In other cases it will be based on hardware aging time The actual aging time will be situated betw...

Page 162: ...Voice VLAN security mode operation Port Discovery Protocol Indicates the Voice VLAN port discovery protocol It will only work when auto detect mode is enabled We should enable LLDP feature before con...

Page 163: ...I table 2 Specify Telephony OUI Description 3 Click Save Parameter description Delete Check to delete the entry It will be deleted during the next save Telephony OUI A telephony OUI address is a globa...

Page 164: ...RP application component and a GARP Information Declaration GID component associated with each port or the switch The propagation of information between GARP participants for the same application in a...

Page 165: ...rted application is GVRP Attribute Type Currently only supported Attribute Type is VLAN GARP Applicant This configuration is used to configure the Applicant state machine behaviour for GARP on a perti...

Page 166: ...oin Timer 2 Leave Timer 3 Leave All Timer 1 Join Timer The default value for Join timer is 200ms 2 Leave Timer The range of values for Leave Time is 600 1000ms The default value for Leave Timer is 600...

Page 167: ...istics in the web interface 1 Click GARP statistics 2 Scroll which port you want to display the GARP Counter information 3 Click Refresh to modify the GARP statistics information Parameter description...

Page 168: ...GID information and GIP GVRP state machine maintain the contents of Dynamic VLAN Registration Entries for each VLAN and propagate these information to other GVRP aware devices to setup and update the...

Page 169: ...ort GVRP settings There are three configuration settings which can be configured on per port bases GVRP Mode GVRP rrole 1 GVRP Mode This configuration is to enable disable GVRP Mode on perticular port...

Page 170: ...To display GVRP Port statistics in the web interface 1 Click GVRP statistics 2 Scroll which port you want to display the GVRP Counter information 3 Click Refresh to modify the GVRP statistics informat...

Page 171: ...ated with values when registered are specific to each MRP application Two Applications are defined to register VLANs MVRP and Group MAC addresses MMRP 2 14 1 Configuration This page allows you to conf...

Page 172: ...cant state machine will operate normally in MRP protocol exchanges non participant In this mode the Applicant state machine will not participate in the protocol operation The default configuration is...

Page 173: ...in the web interface 1 Click MRP statistics 2 Scroll which port you want to display the MRP Counter information 3 Click Refresh to modify the MRP statistics information Parameter description Port The...

Page 174: ...re device to dynamically establish and update their knowledge of the set of VLANs that currently have active members and through which Ports those members can be reached 2 15 1 Configuration This page...

Page 175: ...ttings There are three configuration settings which can be configured on per port bases MVRP Mode MVRP rrole 1 MVRP Mode This configuration is to enable disable MVRP Mode on perticular port locally Di...

Page 176: ...lay MVRP Port statistics in the web interface 1 Click MVRP statistics 2 Scroll which port you want to display the MVRP Counter information 3 Click Refresh to modify the MVRP statistics information Par...

Page 177: ...t advanced memory control mechanisms providing excellent performance of all QoS classes under any traffic scenario including jumbo frame A super priority queue with dedicated memory and strict highest...

Page 178: ...trols the default DP level i e the DP level for frames not classified in any other way PCP Controls the default PCP for untagged frames DEI Controls the default DEI for untagged frames Tag Class Shows...

Page 179: ...cted by the page header Web Interface To display the QoS Port Schedulers in the web interface 1 Click Configuration QoS Port Schedulers Parameter description Port The logical port for the settings con...

Page 180: ...it as reflected by the page header Web Interface To display the QoS Port Shapers in the web interface 1 Click Configuration QoS Port Shapers Parameter description Port The logical port for the setting...

Page 181: ...e To display the QoS Port Tag Remarking in the web interface 1 Click Configuration QoS Port Tag Remarking Parameter description Port The logical port for the settings contained in the same row Click o...

Page 182: ...able or disable the Ingress Translate and Scroll the Classify Parameter configuration 3 Scroll to select Egress Rewrite parameters 4 Click the save to save the setting 5 If you want to cancel the sett...

Page 183: ...ming or translated if enabled DSCP is 0 Selected Classify only selected DSCP for which classification is enabled as specified in DSCP Translation window for the specific DSCP All Classify all DSCP Egr...

Page 184: ...erface 1 Click Configuration QoS DSCP Based QoS 2 Evoke to enable or disable the DSCP for Trust 3 Scroll to select QoS Class and DPL parameters 4 Click the save to save the setting 5 If you want to ca...

Page 185: ...gress Remap DP0 and Remap DP1 Parameters 3 Evoke to enable or disable Classify 4 Click the save to save the setting 5 If you want to cancel the setting then you need to click the Reset button It will...

Page 186: ...P0 2 Remap DP1 There is following configurable parameter for Egress side Remap 1 Remap DP0 Select the DSCP value from select menu to which you want to remap DSCP value ranges form 0 to 63 2 Remap DP1...

Page 187: ...onfiguration QoS DSCP Translation 2 Scroll to set the DSCP Parameters 3 Click the save to save the setting 4 If you want to cancel the setting then you need to click the Reset button It will revert to...

Page 188: ...sign to add a new QCE to the list Web Interface To configure the QoS Control List parameters in the web interface 1 Click Configuration QoS QoS Contol List 2 Click the to add a new QoS Control List 3...

Page 189: ...types of Destination MAC addresses are allowed Unicast Only Unicast MAC addresses are allowed Multicast Only Multicast MAC addresses are allowed Broadcast Only Broadcast MAC addresses are allowedd The...

Page 190: ...l be checked Key Parameters Key configuration are discribed as below Tag Value of Tag field can be Any Untag or Tag VID Valid value of VLAN ID can be any value in the range 1 4095 or Any user can ente...

Page 191: ...is converted to a 32 bit binary string and read from left to right all bits following the first zero must also be zero DSCP Diffserv Code Point value DSCP It can be specific value range of value or A...

Page 192: ...interface 1 Click Configuration QoS QCL Status 2 If you want to auto refresh the information then you need to evoke the Auto refresh 3 Scroll to select the combined static Voice VLAN and conflict 4 To...

Page 193: ...evel if a frame matches the QCE then DP level will set to value displayed under DPL column DSCP If a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column Confl...

Page 194: ...rm Control Configuration 2 Evoke to select the frame type to enable storm control 3 Scroll to set the Rate Parameters 4 Click the save to save the setting 5 If you want to cancel the setting then you...

Page 195: ...k Configuration Thermal Protection Configuration 2 Specify the temperature in the priority 0 to 3 3 Scroll to set the Priority 4 Click the save to save the setting 5 If you want to cancel the setting...

Page 196: ...thermal protection when user configure the Thermal protection function already Web Interface To display the Thermal Protection Status in the web interface 1 Click Configuration Thermal Protection Stat...

Page 197: ...ssume that Port A and Port B are Monitoring Port and Monitored Port respectively thus the traffic received by Port B will be copied to Port A for monitoring Web Interface To configure the Mirror in th...

Page 198: ...al port for the settings contained in the same row Mode Select mirror mode Rx only Frames received on this port are mirrored on the mirror port Frames transmitted are not mirrored Tx only Frames trans...

Page 199: ...face To configure the Trap Event Severity Configuration in the web interface 1 Click Configuration Trap Event Severity Configuration 2 Scroll to select the Group name and Severity Level 3 Click the sa...

Page 200: ...ng then you need to click the Reset button It will revert to previously saved values Parameter description These parameters are displayed on the IGMP Group Membership page Mail Server Specify the IP A...

Page 201: ...able or disable with the Port of the switch 3 1 1 Configuration This section describes how to configure IP Source Guard setting including Mode Enabled and Disabled Maximum Dynamic Clients 0 1 2 Unlimi...

Page 202: ...on which ports Only when both Global Mode and Port Mode on a given port are enabled IP Source Guard is enabled on this given port Max Dynamic Clients Specify the maximum number of dynamic clients tha...

Page 203: ...D IP Address and MAC address in the entry 3 Click Save Parameter description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The...

Page 204: ...Web Interface To configure a Dynamic IP Source Guard Table Configuration in the web interface 1 Specify the Start from port VLAN ID IP Address and entrie per page 2 Checked Auto reflash Parameter des...

Page 205: ...onfigure an ARP Inspection Configuration in the web interface 1 Select Enabled in the Mode of ARP Inspection Configuration 2 Select Enabled of the specific port in the Mode of Port Mode Configuration...

Page 206: ...e Port VLAN ID IP Address and MAC address in the entry 3 Click Save Parameter description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the setting...

Page 207: ...and then by IP address Web Interface To configure a Dynamic ARP Inspection Table Configuration in the web interface 1 Specify the Start from port VLAN ID MAC Address IP Address and entrie per page 2 C...

Page 208: ...ping Configuration 2 Select Trusted of the specific port in the Mode of Port Mode Configuration 3 Click Save Parameter description Snooping Mode Indicates the DHCP snooping mode operation Possible mod...

Page 209: ...reflash Parameter description Rx and Tx Discover The number of discover option 53 with value 1 packets received and transmitted Rx and Tx Offer The number of offer option 53 with value 2 packets rece...

Page 210: ...of lease query option 53 with value 10 packets received and transmitted Rx and Tx Lease Unassigned The number of lease unassigned option 53 with value 11 packets received and transmitted Rx and Tx Le...

Page 211: ...he Relay Mode of DHCP Relay Configuration 2 Specify Relay Server IP address 3 Select Enabled in the Relay Information Mode of DHCP Relay Configuration 4 Specify Relay Replace Keep and Drop in the Rela...

Page 212: ...ing to DHCP client It only works when DHCP relay operation mode is enabled Disabled Disable DHCP relay information mode operation Relay Information Policy Indicates the DHCP relay information option p...

Page 213: ...rror The number of packets that resulted in errors while being sent to clients Receive from Server The number of packets received from server Receive Missing Agent Option The number of packets receive...

Page 214: ...of received packets from server Receive Agent Option The number of received packets with relay agent information option Replace Agent Option The number of packets which were replaced with relay agent...

Page 215: ...sts of two sections a system and a port wide Web Interface To configure a System Configuration of Netwrok Access Server in the web interface 1 Select Enabled in the Mode of Netwrok Access Server Confi...

Page 216: ...s Valid values are in the range 1 to 255 seconds This has no effect for MAC based ports Aging Period This setting applies to the following modes i e modes using the Port Security functionality to secu...

Page 217: ...ned QoS Enabled below for a detailed description The RADIUS Assigned QoS Enabled checkbox provides a quick way to globally enable disable RADIUS server assigned QoS Class functionality When checked th...

Page 218: ...is globally enabled Valid values are in the range 1 255 Allow Guest VLAN if EAPOL Seen The switch remembers if an EAPOL frame has been received on the port for the life time of the port Once the swit...

Page 219: ...at the first server in the list is currently down but not considered dead Now if the supplicant retransmits EAPOL Start frames at a rate faster than X seconds then it will never get authenticated beca...

Page 220: ...e port based 802 1X MAC based authentication is not a standard but merely a best practices method adopted by the industry In MAC based authentication users are called clients and the switch acts as th...

Page 221: ...range 0 3 which translates into the desired QoS Class in the range 0 3 RADIUS Assigned VLAN Enabled When RADIUS Assigned VLAN is both globally enabled and enabled checked for a given port the switch...

Page 222: ...entering the Guest VLAN The interval between transmission of EAPOL Request Identity frames is configured with EAPOL Timeout If Allow Guest VLAN if EAPOL Seen is enabled the port will now be placed in...

Page 223: ...based mode Clicking these buttons will not cause settings changed on the page to take effect Reauthenticate Schedules a reauthentication whenever the quiet period of the port runs out EAPOL based auth...

Page 224: ...tion Port The switch port number Click to navigate to detailed NAS statistics for this port Admin State The port s current administrative state Refer to NAS Admin State for a description of possible v...

Page 225: ...hentication QoS Class QoS Class assigned to the port by the RADIUS server if enabled Port VLAN ID The VLAN ID that NAS has put the port in The field is blank if the Port VLAN ID is not overridden by N...

Page 226: ...cription of possible values Port State The current state of the port Refer to NAS Port State for a description of the individual states QoS Class The QoS class assigned by the RADIUS server The field...

Page 227: ...ti 802 1X MAC based Auth Selected Counters Selected Counters The Selected Counters table is visible when the port is in one of the following administrative states Multi 802 1X MAC based Auth The table...

Page 228: ...is currently secured through the Port Security module State The client can either be authenticated or unauthenticated In the authenticated state it is allowed to forward frames on the port and in the...

Page 229: ...ure a TACACS Authorization and Accounting Configuration of AAA in the web interface 1 Select Enabled in the Authorization 2 Select Enabled in the Failback to Local Authorization 3 Select Enabled in th...

Page 230: ...rotocol which is unreliable by design In order to cope with lost frames the timeout interval is divided into 3 subintervals of equal length If a reply is not received within the subinterval the reques...

Page 231: ...ver Secret The secret up to 29 characters long shared between the RADIUS Authentication Server and the switch stack RADIUS Accounting Server Configuration The table has one row for each RADIUS Account...

Page 232: ...Authentication Server by checking this box IP Address Hostname The IP address or hostname of the TACACS Authentication Server IP address is expressed in dotted decimal notation Port The TCP port to u...

Page 233: ...te The current state of the server This field takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The...

Page 234: ...ver is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept accounting attempts Dead X seconds...

Page 235: ...RADIUS Authentication and Accounting servers The statistics map closely to those specified in RFC4668 RADIUS Authentication Client MIB Web Interface To configure a RADIUS Details Configuration in the...

Page 236: ...ture to restrict input to an interface by limiting and identifying MAC addresses Web Interface To configure a System Configuration of Limit Control in the web interface 1 Select Enabled in the Mode of...

Page 237: ...turn is connected to a port on this switch on which Limit Control is enabled The end host will be allowed to forward if the limit is not exceeded Now suppose that the end host logs off or powers down...

Page 238: ...sconnected and reconnected on the port by disconnecting the cable the port will remain shut down There are three ways to re open the port 1 Boot the stack or elect a new masterthe switch 2 Disable and...

Page 239: ...ty module which in turn asks all user modules whether to allow this new MAC address to forward or block it For a MAC address to be set in the forwarding state all enabled user modules must unanimously...

Page 240: ...service Ready The Port Security service is in use by at least one user module and is awaiting frames from unknown MAC addresses to arrive Limit Reached The Port Security service is enabled by at leas...

Page 241: ...ed user modules must unanimously agree on allowing the MAC address to forward If only one chooses to block it it will be blocked until that user module decides otherwise Web Interface To configure a P...

Page 242: ...address to forward and aging is enabled the Port Security module will periodically check that this MAC address still forwards traffic If the age period measured in seconds expires and no frames have...

Page 243: ...Interface To configure a Access Management Configuration in the web interface 1 Select Enabled in the Mode of Access Management Configuration 2 Click Add new entry 3 Specify the Start IP Address End I...

Page 244: ...ost IP address matches the IP address range provided in the entry SNMP Indicates that the host can access the switch from SNMP interface if the host IP address matches the IP address range provided in...

Page 245: ...Auto reflash Parameter description Interface The interface type through which the remote host can access the switch Received Packets Number of received packets from the interface when access manageme...

Page 246: ...ation and data encryption to provide secure encrypted communication Web Interface To configure a SSH Configuration in the web interface 1 Select Enabled in the Mode of SSH Configuration 2 Click Save P...

Page 247: ...in the Mode of HTTPS Configuration 2 Select Enabled in the Automatic Redirect of HTTPS Configuration 3 Click Save Parameter description Mode Indicates the HTTPS mode operation Possible modes are Enab...

Page 248: ...ient for which the configuration below applies Authentication Method Authentication Method can be set to one of the following values none authentication is disabled and login is not possible local use...

Page 249: ...Device This section describes how to restart switch for any maintenance needs Any configuration files or scripts that you saved in the switch should still be available afterwards Web Interface To con...

Page 250: ...k switch after the software upload Check Force Cool Restart if you want to simulate a power on cold restart of the stack switch after the software upload Warning Forcing a cool restart will affect the...

Page 251: ...es or scripts will recover to factory default values Web Interface To configure a Factory Defaults Configuration in the web interface 1 Chick Factory Defaults 2 Click Yes Parameter description You can...

Page 252: ...t configuration files will be saved as XML format Web Interface To configure a Save Start Configuration in the web interface 1 Chick Save Start 2 Click Yes Parameter description You can save view or l...

Page 253: ...iguration files will be saved as XML format Web Interface To configure a Save User Configuration in the web interface 1 Chick Save User 2 Click Yes Parameter description You can save view or load the...

Page 254: ...nt configuration files will be restored via XML format Web Interface To configure a Restore User Configuration in the web interface 1 Chick Restore User 2 Click Yes Parameter description You can save...

Page 255: ...s to export the Swith Configuration for maintenance needs Any current configuration files will be exported as XML format Web Interface To configure a Export Config Configuration in the web interface 1...

Page 256: ...files will be exported as XML format Web Interface To configure an Import Config Configuration in the web interface 1 Chick Browser to select the config file in you device 2 Click Upload Parameter des...

Page 257: ...ICMP PING IP Address 2 Specify ICMP PING Size 3 Click Start Parameter description After you press 5 ICMP packets are transmitted and the sequence number and roundtrip time are displayed upon reception...

Page 258: ...llows you to retrieve the Local or Remote OAM MIB variable data on a particular port Select the appropriate Radio button to retrieve the content of interest Enter the Port number for the switch Click...

Page 259: ...f a reply The page refreshes automatically until responses to all packets are received or until a timeout occurs PING server 10 10 132 20 64 bytes from 10 10 132 20 icmp_seq 0 time 0ms 64 bytes from 1...

Page 260: ...e for cables of length 7 140 meters 10 and 100 Mbps ports will be linked down while running VeriPHY Therefore running VeriPHY on a 10 or 100 Mbps management port will cause the switch to stop respondi...

Page 261: ...lly be configured to control inbound traffic and in this context they are similar to firewalls There are 3 web pages associated with the manual ACL configuration ACL Access Control List The web page s...

Page 262: ...ion group as defined in G 8031 Aggregation Using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase the redundancy for higher availability Also Port Aggr...

Page 263: ...in this standard specifies both enciphering and deciphering operations which are based on a binary number called a key DHCP DHCP is an acronym for Dynamic Host Configuration Protocol It is a protocol...

Page 264: ...it means switch ID The parameter of port_no is the fourth byte and it means the port number The Remote ID is 6 bytes in length and the value is equal the DHCP relay agents MAC address DHCP Snooping D...

Page 265: ...ernet frame F FTP FTP is an acronym for File Transfer Protocol It is a transfer protocol that uses the Transmission Control Protocol TCP and provides file writing and reading It also provides director...

Page 266: ...on a remote host port 80 by default An HTTP server listening on that port waits for the client to send a request message HTTPS HTTPS is an acronym for Hypertext Transfer Protocol over Secure Socket L...

Page 267: ...h the servers and SMTP is the protocol used to transport mail to an IMAP server The current version of the Internet Message Access Protocol is IMAP4 It is similar to Post Office Protocol version 3 POP...

Page 268: ...rovides multiplexing mechanisms that make it possible for several network protocols IP IPX to coexist within a multipoint network LLC header consists of 1 byte DSAP Destination Service Access Point 1...

Page 269: ...hows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed from t...

Page 270: ...AS then allows or disallows access to the protected resource An example of a NAS implementation is IEEE 802 1X NetBIOS NetBIOS is an acronym for Network Basic Input Output System It is a program that...

Page 271: ...to the OUI address which forms the first 24 bits of a MAC address P PCP PCP is an acronym for Priority Code Point It is a 3 bit field storing the priority level for the 802 1Q frame It is also known...

Page 272: ...capabilities for retaining e mail on the server and for organizing it in folders on the server IMAP can be thought of as a remote file server POP and IMAP deal with the receiving of e mail and are no...

Page 273: ...S is an acronym for Quality of Service It is a method to guarantee a bandwidth relationship between individual applications or protocols A communications network transports a multitude of applications...

Page 274: ...Protocol It is a text based protocol that uses the Transmission Control Protocol TCP and provides a mail service modeled on the FTP file transfer service SMTP transfers mail messages between systems...

Page 275: ...range advertising their SSIDs and can choose one to connect to based on pre configuration or by displaying a list of SSIDs in range and asking the user to select one wikipedia SSH SSH is an acronym fo...

Page 276: ...ounting services Tag Priority Tag Priority is a 3 bit field storing the priority level for the 802 1Q frame TCP TCP is an acronym for Transmission Control Protocol It is a communications protocol that...

Page 277: ...rnet Protocol IP to exchange the messages between computers UDP is an alternative to the Transmission Control Protocol TCP that uses the Internet Protocol IP Unlike TCP UDP does not provide the servic...

Page 278: ...rames Provider switching This is also known as Q in Q switching Ports connected to subscribers are VLAN unaware members of one VLAN and set up with this unique Port VLAN ID Ports connected to the serv...

Page 279: ......

Reviews:

No comments