NETGEAR GS716T - ProSafe Switch Software Administration Manual Download Page 209 | Manualshive

Page: 209 / 303

background image

209

GS716T and GS724T Gigabit Smart Switches

Configuring Access Control Lists

Access Control Lists (ACLs) ensure that only authorized users have access to specific
resources while blocking off any unwarranted attempts to reach network resources. ACLs are
used to provide traffic flow control, restrict contents of routing updates, decide which types of
traffic are forwarded or blocked, and above all provide security for the network. GS716T and
GS724T Smart Switches software supports IPv4, IPv6 and MAC ACLs.

The basic steps for configuring an ACL are as follows:

1.

Create an IPv4-based, IPv6-based, or MAC-based ACL ID.

2.

Use the ACL Wizard or an ACL Rule page to create and define a rule to associate with an

existing ACL. ACL rules define the packet-matching criteria, such as protocols, source, and

destination IP and MAC addresses.

3.

Bind the ACL to a port or to a LAG.

The

Security



ACL

folder contains links to the following features:

•

ACL Wizard

•

Basic

•

MAC ACL

on page

211

•

MAC Rules

on page

212

•

MAC Binding Configuration

on page

214

•

MAC Binding Table

on page

215

•

Advanced

•

IP ACL

on page

216

•

IP Rules

on page

217

•

IP Extended Rules

on page

219

•

IPv6 ACL

on page

222

•

IPv6 Rules

on page

223

•

IP Binding Configuration

on page

226

•

IP Binding Table

on page

227

«
...
207
208
209
210
211
...
»

Summary of Contents for GS716T - ProSafe Switch

Page 1: ...350 East Plumeria Drive San Jose CA 95134 USA October 2012 202 10484 05 v2 0 GS716T and GS724T Gigabit Smart Switches Software Administration Manual...

Page 2: ...osing NETGEAR To register your product get the latest product updates get support online or for more information about the topics covered in this manual visit the Support website at http support netge...

Page 3: ...ork Utilities 17 Configuration Upload and Download 19 Firmware Upgrade 20 Viewing and Managing Tasks 22 User Interfaces 23 Web Interface 23 SNMP Management 28 Interface Naming Convention 29 Chapter 2...

Page 4: ...VLAN ID Configuration 92 Voice VLAN 94 Voice VLAN Properties 94 Voice VLAN Port Setting 95 Voice VLAN OUI 96 Auto VoIP Configuration 98 Spanning Tree Protocol 99 STP Switch Configuration 100 CST Conf...

Page 5: ...v6 Class Configuration 164 Policy Configuration 167 Service Configuration 170 Service Statistics 171 Chapter 5 Device Security Management Security Settings 173 Change Password 174 RADIUS Configuration...

Page 6: ...ics 229 Port Statistics 232 Port Detailed Statistics 233 EAP Statistics 240 System Logs 241 Memory Logs 242 FLASH Log Configuration 244 Server Log Configuration 246 Trap Logs 248 Event Logs 249 Port M...

Page 7: ...ristics 274 Traffic Control 275 Quality Of Service 275 Security 275 System Setup 276 Management 276 Other Features 277 Appendix B Configuration Examples Virtual Local Area Networks VLANs 279 VLAN Exam...

Page 8: ...8 GS716T and GS724T Gigabit Smart Switches...

Page 9: ...features Chapter 4 Quality of Service Features describes how to manage the Access Control Lists ACLs and how to configure Differentiated Services and Class of Service features Chapter 5 Device Securi...

Page 10: ...ch functions The GS716T and GS724T functions as a simple switch without the management software However you can use the management software to configure more advanced features that can improve switch...

Page 11: ...ith a DHCP server the switch obtains its network information automatically You can use the Smart Control Center to discover the automatically assigned network information For more information see Swit...

Page 12: ...ch Use the Smart Control Center to discover the IP address automatically assigned to the switch To install the switch in a network with a DHCP server use the following steps 1 Connect the switch to a...

Page 13: ...eb browser without using the Smart Control Center 7 Select your switch by clicking the line that displays the switch then click the Web Browser Access button The Smart Control Center displays a login...

Page 14: ...Connect the switch to your existing network 2 Power on the switch by connecting its power cord 3 Install the Smart Control Center on your computer 4 Start the Smart Control Center 5 Click Discover fo...

Page 15: ...the Smart Control Center to configure the network information on the switch you can connect directly to the switch from an administrative system such as a PC or laptop computer The IP address of the a...

Page 16: ...nagement interface as described in Web Access on page 16 3 Change the network settings on the switch to match those of your network this procedure is described in IP Configuration on page 33 After you...

Page 17: ...tenance features This section describes the following Smart Control Center utilities Network Utilities on page 17 Configuration Upload and Download on page 19 Firmware Upgrade on page 20 Viewing and M...

Page 18: ...gateway or subnet mask disable the DHCP client and enter the new information You can also specify a system name and location for the switch 4 Type the password in the Current Password field You canno...

Page 19: ...save a copy of the current switch configuration Upload Configuration before you make changes If you do not like the changes you can use the Download Configuration option to restore the switch to the...

Page 20: ...he configuration download Firmware Upgrade The application software for the GS716T and GS724T Smart Switches is upgradable enabling your switch to take advantage of improvements and additional feature...

Page 21: ...ears navigate to and select the firmware image to download to the switch 4 Click Open You can choose to schedule a later time to complete the download and installation by clearing the Run Now option a...

Page 22: ...at a later time You can also delete or reschedule selected tasks Figure 3 shows the Tasks page Figure 3 Tasks Page The following list describes the command buttons that are specific to the Tasks page...

Page 23: ...ministration Manual describes how to use the Web based interface to manage and monitor the system Web Interface To access the switch by using a Web browser the browser must meet the following software...

Page 24: ...regardless of which feature you configure When you select a tab the features for that tab appear as links directly under the tabs The feature links in the blue bar change according to the navigation...

Page 25: ...for the page Each page also contains command buttons The following table shows the command buttons that are used throughout the pages in the Web interface Button Function Add Clicking Add adds the new...

Page 26: ...feature components The Device View is available from the System Device View page Depending upon the status of the port the LED of the port illuminates either red green or yellow A red LED indicates th...

Page 27: ...tistics and configuration options Click the menu option to access the page that contains the configuration or monitoring options If you click the graphic but do not click a specific port the main menu...

Page 28: ...or interface configuration is in SWITCHING MIB which is a private MIB Some interface configurations also involve objects in the public MIB IF MIB SNMP is enabled by default The System Management Syste...

Page 29: ...tified on the front panel You can configure the logical interfaces by using the software The following table describes the naming convention for all interfaces available on the switch Interface Descri...

Page 30: ...30 GS716T and GS724T Gigabit Smart Switches...

Page 31: ...n page 76 Management This section describes how to display the switch status and specify some basic switch information such as the management interface IP address system clock settings and DNS informa...

Page 32: ...ion 1 Open the System Information page 2 Define the following fields System Name Enter the name you want to use to identify this switch You may use up to 31 alphanumeric characters The factory default...

Page 33: ...ame The model name of the switch Boot Version The boot code version of the switch Software Version The software version of the switch IP Configuration Use the IP Configuration page to configure networ...

Page 34: ...ay The default gateway for the IP interface The factory default value is 192 168 0 254 3 Specify the VLAN ID for the management VLAN The management VLAN is used to establish an IP connection to the sw...

Page 35: ...panel ports The configuration parameters associated with the switch s network interface do not affect the configuration of the front panel ports through which traffic is switched or routed To access...

Page 36: ...enabled only when IPv6 Auto config or DHCPv6 are not enabled on any of the management interfaces 4 DHCPv6 Client DUID Identifier used to identify the client s unique DUID value This option only displ...

Page 37: ...table is repopulated as the IPv6 neighbors are discovered on the network Click Refresh to refresh the screen with most recent data The following table describes the information the IPv6 Network Inter...

Page 38: ...P servers is evaluated based on the time level and server type Neighbor State Specifies the state of the neighbor cache entry The following are the states for dynamic entries in the IPv6 neighbor disc...

Page 39: ...P servers that have been configured on the device are the only ones that are polled for synchronization information T1 through T4 are used to determine server time This is the preferred method for syn...

Page 40: ...witch is located expressed as the number of hours 3 Click Apply to send the updated configuration to the switch Configuration changes take effect immediately 4 Use the SNTP Server Configuration page t...

Page 41: ...is indicated via the leap indicator field on the SNTP message Server Kiss Of Death The SNTP server indicated that no further queries were to be sent to this server This is indicated by a stratum field...

Page 42: ...er a port number on the SNTP server to which SNTP requests are sent The valid range is 1 65535 The default is 123 Priority Specifies the priority of this server entry in determining the sequence of se...

Page 43: ...tatus Specifies the status of the last SNTP request to this server If no packet has been received from this server a status of Other is displayed Other None of the following enumeration values Success...

Page 44: ...e lets you automatically enable all the DoS features available on the switch except for TCP and UDP port attacks See DoS Configuration on page 45 for information about the types of DoS attacks the swi...

Page 45: ...System Management Denial of Service DoS Configuration To configure individual DoS settings 1 Select the types of DoS attacks for the switch to monitor and block and configure any associated values as...

Page 46: ...number set to 0 or both TCP flags SYN and FIN set The factory default is disabled Denial of Service L4 Port Enable or disable this option by selecting the corresponding line on the radio button Enabli...

Page 47: ...g DNS queries 2 Enter the DNS default domain name to include in DNS queries When the system is performing a lookup on an unqualified host name this field is provided as the domain name for example if...

Page 48: ...he static host name to add Each substring must be less than 64 characters in length separated by a dot or space and the length of the whole string must not exceed 158 characters 2 Specify the IP addre...

Page 49: ...ost current data from the switch Click Clear to delete Dynamic Host Entries The table will be repopulated with entries as they are learned Green Ethernet The Green Ethernet features allow the switch t...

Page 50: ...hort period of time and then wake up to check link pulses This allows the port to continue to perform auto negotiation while consuming less power when no link partner is present Disable Provide full p...

Page 51: ...Enable When the port link is down the PHY automatically goes down for a short period of time and then wake up to check link pulses This behavior saves power consumption when there is no link partner w...

Page 52: ...bit Smart Switches Green Ethernet Detail Use this page to configure Green Ethernet monitor and manage Green Ethernet features on a specific port To access this page click System Management Green Ether...

Page 53: ...ormation that displays for the port Field Description Cumulative Energy Saved on this port due to Green Mode s Watts Hours Shows the energy savings per port per hour Operational Status Energy Detect S...

Page 54: ...y all ports in the stack in mWatts Estimated Percentage Power Saving per stack Estimated Percentage Power saved on all ports in the stack due to Green mode s enabled Cumulative Energy Saving per Stack...

Page 55: ...ergy Detect Operational Status Shows the current operational status of the Green Mode for the selected port Short Reach Admin Mode Shows the administrative status of Short Reach Mode on the port With...

Page 56: ...vailable and cannot be configured To display the License Key page click System License Show License A screen similar to the following displays The following table describes the non configurable fields...

Page 57: ...cense Features Use the License Features page to view information about the features on the device that require an active license To display the License Features page click System License License Featu...

Page 58: ...p flags Community Configuration To display this page click System SNMP SNMP V1 V2 Community Configuration By default two SNMP Communities exist Private with Read Write privileges and status set to Ena...

Page 59: ...192 168 1 0 255 255 255 0 then any client whose address is 192 168 1 0 through 192 168 1 255 inclusive will be allowed access To allow access from only one station use a Management Station IP Mask val...

Page 60: ...evice Version The trap version to be used by the receiver from the menu SNMP v1 Uses SNMP v1 to send traps to the receiver SNMP v2 Uses SNMP v2 to send traps to the receiver Community String The commu...

Page 61: ...lags 1 From the Authentication field enable or disable activation of authentication failure traps by selecting the corresponding button The factory default is Enable 2 From the Link Up Down field enab...

Page 62: ...be unable to access the SNMP data from an SNMP browser MD5 or SHA The user login password will be used as SNMPv3 authentication password and you must therefore specify a password The password must be...

Page 63: ...h transmit and receive are enabled on all ports The application is responsible for starting each transmit and receive state machine appropriately based on the configured status and operational state o...

Page 64: ...is 1 10 seconds Transmit Delay Specify the interval for the transmission of notifications The default is 5 seconds and the range is 5 3600 seconds 2 To change the LLDP MED properties in the Fast Start...

Page 65: ...n the selected ports Rx Only Enable only receiving LLDP PDUs on the selected ports Tx and Rx Enable both transmitting and receiving LLDP PDUs on the selected ports This is the default value Disabled D...

Page 66: ...screen to the latest value of the switch LLDP MED Network Policy This page displays information about the LLPD MED network policy TLV transmitted in the LLDP frames on the selected local interface To...

Page 67: ...s for a port 1 From the Port field select the port to configure 2 From the LLDP MED Status field enable or disable the LLDP MED mode for the selected interface 3 From the Notification field specify wh...

Page 68: ...via MDI PSE Extended Power via MDI PD Inventory 5 Click Apply to send the updated configuration to the switch These changes occur immediately and the configuration will be saved 6 Click Cancel to canc...

Page 69: ...ports the Device Information table displays information about the device that is transmitted in TLVs as the following table describes The Port Information table provides information about the LLDP an...

Page 70: ...ed port The following table describes the detailed local information that displays for the selected port Field Description Managed Address Address SubType Displays the type of address the management i...

Page 71: ...sical layer functions including digital data conversion from the Ethernet interface collision detection and bit injection into the network MED Details Capabilities Supported Displays the MED capabilit...

Page 72: ...the local system that received LLDP information from a remote system Chassis ID Subtype Identifies the type of data displayed in the Chassis ID field on the remote system Chassis ID Identifies the rem...

Page 73: ...Chassis ID field on the remote system Chassis ID Identifies the remote 802 LAN device s chassis Port ID Subtype Identifies the type of data displayed in the remote system s Port ID field Port ID Iden...

Page 74: ...ies Supported Specifies the supported capabilities that were received in MED TLV from the device Current Capabilities Specifies the advertised capabilities that were received in MED TLV from the devic...

Page 75: ...on Number ELIN the remote device has advertised in the location TLV The field range is 10 25 Unknown Displays unknown location information for the remote device Network Policies Application Type Speci...

Page 76: ...authorized DHCP server should be configured as a trusted port Any DHCP responses received on a trusted port are forwarded All other ports should be configured as untrusted Any DHCP or BootP responses...

Page 77: ...ox next to the port or LAG to configure You can select multiple ports and LAGs to apply the same setting to the selected interfaces Select the check box in the heading row to apply the same settings t...

Page 78: ...78 GS716T and GS724T Gigabit Smart Switches...

Page 79: ...94 Auto VoIP Configuration on page 98 Spanning Tree Protocol on page 99 Multicast on page 112 Address Table on page 128 Multiple Registration Protocol Configuration on page 132 802 1AS on page 145 Po...

Page 80: ...interfaces on the switch To access the Port Configuration page click Switching Ports Port Configuration To configure port settings 1 To configure settings for a physical port click PORTS 2 To configur...

Page 81: ...If you select Auto the duplex mode and speed will be set by the auto negotiation process The port s maximum capability full duplex and 1000 Mbps will be advertised Otherwise your selection will determ...

Page 82: ...obal Flow Control IEEE 802 3x Mode field enable or disable IEEE 802 3x flow control on the system The factory default is Disable Enable The switch sends pause packets if the port buffers become full D...

Page 83: ...reset Link Aggregation Groups Link aggregation groups LAGs which are also known as port channels allow you to combine multiple full duplex Ethernet links into a single logical link Network devices tre...

Page 84: ...ew the following settings LAG Name Specify the name you want assigned to the LAG You may enter any string of up to 15 alphanumeric characters A valid name has to be specified in order to create the LA...

Page 85: ...nnel LAG State Indicates whether the link is Up or Down 3 Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch 4 If you make any ch...

Page 86: ...ange bar to display the ports 4 Click the box below each port to include in the LAG The following figure shows an example of how to configure LAG1 with ports g1 g4 as members 5 Click Cancel to cancel...

Page 87: ...gregation is enabled A higher value indicates a lower priority You can change the value of the parameter globally by specifying a priority from 0 65535 The default value is 32768 2 Click Refresh to re...

Page 88: ...t select ports that are not participating in a LAG 2 Configure the LACP Priority value for the selected port The field range is 0 255 The default value is 128 3 Configure the administrative LACP Timeo...

Page 89: ...al location Each VLAN in a network has an associated VLAN ID which appears in the IEEE 802 1Q tag in the Layer 2 header of packets transmitted on a VLAN An end station may omit the tag or the VLAN por...

Page 90: ...te a VLAN on this page its type will always be Static 2 To delete a VLAN select the check box next to the VLAN ID and click Delete You cannot delete the default VLANs 3 To modify settings for a VLAN s...

Page 91: ...LAG s to add to the VLAN click the square below each port or LAG You can add each interface as a tagged T or untagged U VLAN member A blank square means that the port is not a member of the VLAN Tagg...

Page 92: ...uding all ports from the selected VLAN 6 Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch 7 If you make any changes to this pag...

Page 93: ...AN Only The port will accept only VLAN tagged frames and will discard any untagged or priority tagged frames it receives Admit All Untagged and priority tagged frames received on the port will be acce...

Page 94: ...ge click Switching Voice VLAN Basic Properties To configure Voice VLAN 1 From the Voice VLAN Status field enable or disable Voice VLAN on the switch If the switch does not handle traffic from IP phone...

Page 95: ...AN Port Setting page click Switching Voice VLAN Advanced Port Setting To configure Voice VLAN port settings 1 Select the check box next to the port to configure You can select multiple check boxes to...

Page 96: ...ed with the following OUIs 00 01 E3 SIEMENS 00 03 6B CISCO1 00 12 43 CISCO2 00 0F E2 H3C 00 60 B9 NITSUKO 00 D0 1E PINTEL 00 E0 75 VERILINK 00 E0 BB 3COM 00 04 0D AVAYA1 00 1B 4F AVAYA2 You can select...

Page 97: ...To delete an OUI prefix from the list select the check box next to the OUI prefix and click Delete 3 To modify information for an entry in the OUI list select the check box next to the OUI prefix upda...

Page 98: ...VoIP parameters Interface specifies all the configurable Auto VoIP interfaces Traffic Class displays the Traffic Class on which the received VoIP frames are marked To display the Auto VoIP Configurati...

Page 99: ...he RSTP and the traditional STP IEEE 802 1D is the ability to configure and recognize full duplex connectivity and ports which are connected to end stations resulting in rapid transitioning of the por...

Page 100: ...operation on the switch 2 From the STP Operation Mode field Specifies the Force Protocol Version parameter for the switch Options are STP Spanning Tree Protocol IEEE 802 1D RSTP Rapid Spanning Tree P...

Page 101: ...t The number of times the topology has changed for the CST Topology Change The value of the topology change parameter for the switch indicating if a topology change is in progress on any port assigned...

Page 102: ...96 If you specify a priority that is not a multiple of 4096 the priority is automatically set to the next lowest priority that is a multiple of 4096 For example if the priority is attempted to be set...

Page 103: ...lick Apply to send the updated configuration to the switch Configuration changes take place immediately The following table describes the MSTP status information displayed on the Spanning Tree CST Con...

Page 104: ...f 1 200000000 Priority The priority for a particular port within the CST The port priority is set in multiples of 16 If you specify a value that is not a multiple of 16 the priority is set to the prio...

Page 105: ...d Root Root Bridge for the CST It is made up using the bridge priority and the base MAC address of the bridge Designated Cost Displays cost of the port participating in the STP topology Ports with a l...

Page 106: ...t that is enabled is assigned a Port Role for each spanning tree The port role will be one of the following values Root Port Designated Port Alternate Port Backup Port Master Port or Disabled Port Mod...

Page 107: ...Smart Switches MST Configuration Use the Spanning Tree MST Configuration page to configure Multiple Spanning Tree MST on the switch To display the Spanning Tree MST Configuration page click Switching...

Page 108: ...es and click Apply You can select multiple check boxes to apply the same setting to all selected ports 4 Click Cancel to cancel the configuration on the screen and reset the data on the screen to the...

Page 109: ...to the port or LAG to configure You can select multiple ports and LAGs to apply the same setting to the selected interfaces Select the check box in the heading row to apply the same settings to all in...

Page 110: ...tes are Disabled STP is currently disabled on the port The port forwards traffic while learning MAC addresses Blocking The port is currently blocked and cannot be used to forward traffic or learn MAC...

Page 111: ...ion Interface Select a physical or port channel interface to view its statistics STP BPDUs Received Number of STP BPDUs received at the selected port STP BPDUs Transmitted Number of STP BPDUs transmit...

Page 112: ...ature is being enabled it configures the IGMP Snooping and IGMP Snooping Querier to operate in the Auto Video VLAN by default Auto Video displays the auto configured IGMP snooping VLAN To display the...

Page 113: ...n or processed by all connected nodes In the case of multicast packets however this approach could lead to less efficient use of network bandwidth particularly when the packet is intended for only a s...

Page 114: ...ents should receive packets directed to the group address Disable The switch does not snoop IGMP packets 2 Choose whether to validate the IGMP IP header Enable The switch checks the IP header of all I...

Page 115: ...interfaces for IGMP snooping see IGMP Snooping Interface Configuration on page 115 Data Frames Forwarded by the CPU Displays the number of data frames forwarded by the CPU VLAN Ids Enabled For IGMP Sn...

Page 116: ...e before it deletes that interface from the group Enter a value between 2 and 3600 seconds The default is 260 seconds Max Response Time Specify the amount of time you want the switch to wait after sen...

Page 117: ...xample 01 00 5e 45 67 89 VLAN ID A VLAN ID for which the switch has forwarding and filtering information Type This displays the type of the entry Static entries are those that are configured by the en...

Page 118: ...on MAC address is combined with the VLAN ID and a search is performed in the Layer 2 Multicast Forwarding Database If no match is found then the packet is either flooded to all ports in the VLAN or di...

Page 119: ...lays the type of the entry Static entries are those that are configured by the end user Dynamic entries are added to the table as a result of a learning process or protocol Description The text descri...

Page 120: ...s page Field Description Max MFDB Table Entries Displays the maximum number of entries that the Multicast Forwarding Database table can hold Most MFDB Entries Since Last Reset The largest number of en...

Page 121: ...e message for that multicast group without first sending out MAC based general queries to the interface You should enable fast leave admin mode only on VLANs where only one host is connected to each l...

Page 122: ...VLAN ID and click Delete 4 To modify IGMP snooping settings for a VLAN select the check box next to the VLAN ID update the desired values and click Apply 5 Click Cancel to cancel the configuration on...

Page 123: ...e time since the switch will automatically detect the presence of a multicast router and forward IGMP packets accordingly It is only needed when you want to make sure that the multicast router always...

Page 124: ...to configure and display information on IGMP snooping queriers on the network and separately on VLANs The IGMP Snooping Querier feature contains links to the following pages IGMP Snooping Querier Con...

Page 125: ...t by the snooping querier The Query Interval must be a value in the range of 1 1800 seconds The default value is 60 5 In the Querier Expiry Interval field specify the time interval in seconds after wh...

Page 126: ...uerier of the same version in the VLAN the snooping querier moves to the non querier state Enabled The snooping querier participates in querier election in which the least IP address operates as the q...

Page 127: ...is the querier in the VLAN The snooping switch will send out periodic queries with a time interval equal to the configured querier query interval If the snooping switch sees a better querier numerica...

Page 128: ...Static MAC Address on page 131 MAC Address Table The MAC Address Table contains information about unicast entries for which the switch has forwarding and or filtering information This information is...

Page 129: ...AC Addresses 4 Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch The following table describes the information available for eac...

Page 130: ...c Addresses To configure the Dynamic Address setting 1 Specify the number of seconds the forwarding database should wait before deleting a learned entry that has not been updated IEEE 802 1D 1990 reco...

Page 131: ...AG on which to configure the static MAC address b Specify the MAC address to add c Select the VLAN ID corresponding to the MAC address to add d Click Add 2 To delete a static MAC address select the ch...

Page 132: ...art Switches MSRP reserves necessary resources in the network to facilitate time sensitive traffic to flow end to end In a typical network there are multiple Talkers those who transmit streams and mul...

Page 133: ...for a given AV stream The default mode is Disable 3 If you enable MSRP configure the following MSRP settings a Enable or disable MSRP talker pruning The MSRP talker is the source of an AV stream Defa...

Page 134: ...Settings Use the MRP Port Settings page to configure the per port MRP mode and timer settings The timers control when and how often various messages are transmitted on each interface To access the Por...

Page 135: ...and the default value is 2000 ClassA ClassB Boundary Port fields are not configurable and show whether the interface is a boundary port 3 Click Cancel to cancel the configuration on the screen and res...

Page 136: ...tifies the interface associated with the rest of the MMRP statistics in the row Frames Received Shows number of MMRP frames which were received on particular interface Bad Header Shows number of MMRP...

Page 137: ...on Global MSRP Statistics Message Queue Add Failures Shows the number of messages that failed to be added to the queue Frames Received Shows number of MSRP frames that have been received on the switch...

Page 138: ...ames Received Displays the number of MSRP frames which were received the interface Bad Header Displays the number of MSRP frames with bad header which were received on the interface Bad Format Display...

Page 139: ...the available field 2 To search for stream status by Stream ID select Stream ID from the drop down menu and enter the Stream ID for example 43000 in the available field 3 Click Go The following table...

Page 140: ...th 3 Insufficient bandwidth for the traffic class 5 Stream destination_address is already in use 7 Reported latency has changed 8 Egress port is not Audio Video Bridging AVB capable 9 Use a different...

Page 141: ...Qav Statistics page click the Switching tab then click MRP Advanced Qav Parameters To configure the Qav parameters 1 Select the check box next to the port to configure You can select multiple ports t...

Page 142: ...shows the maximum rate of the class B traffic available on interface in Bps 4 View the following information about the total bandwidth The Total Bandwidth Allocated Sum of the allocated Class A and Cl...

Page 143: ...nent is used to determine the worst case latency that a Stream can suffer in its path from the Talker to a given Listener It starts as a 0 in a Talker Advertise Declaration at the Talker and its value...

Page 144: ...to supply the quality of service requested by an MSRP Talker Declaration It represents the maximum number of frames that the Talker may transmit in one second Stream VLAN Identifies the VLAN ID of the...

Page 145: ...he grandmaster provides a common and precise time reference for one or more directly attached slave devices by periodically exchanging timing information In other words all slave devices synchronize t...

Page 146: ...ain the changes to the system The following table shows the non configurable information on the 802 1AS Configuration page Field Description GrandMaster Present Identifies whether Grand Master Clock i...

Page 147: ...g row to apply the same settings to all interfaces 3 Enable or disable 802 1AS on the interface 4 Set the Pdelay threshold This value specifies the propagation delay threshold on the interface The thr...

Page 148: ...DELAY_REQ messages sent on this interface The default value is 0 The range is 5 to 5 9 Configure the Announce Interval This value is the logarithm to the base 2 of the mean time interval between succe...

Page 149: ...1AS statistics do not fit on the page use the horizontal scroll bar to view additional settings Together the following two figures show all fields on the page The following table describes the inform...

Page 150: ...r of PDELAY_RESP packets received without error Pdelay Resp Followup Tx Displays the total number of PDELAY_RESP_FOLLOWUP packets transmitted without error Pdelay Resp Followup Rx Displays the total n...

Page 151: ...h QoS is a means of providing consistent predictable data delivery by distinguishing between packets that have strict timing requirements from those that are more tolerant of delay Packets with strict...

Page 152: ...egress port s Of course the trusted field must exist in the packet for the mapping table to be of any use so there are default actions performed when this is not the case These actions involve directi...

Page 153: ...ight priority tags that are specified in IEEE 802 1p are p0 to p7 The QoS setting lets you map each of the eight priority levels to one of eight internal hardware priority queues DSCP The six most sig...

Page 154: ...are called the Differentiated Services Code Point DSCP bits 6 From the Interface Shaping Rate field specify the maximum bandwidth allowed on the selected interface s This setting is typically used to...

Page 155: ...onfiguration page click the QoS CoS tab and then click the Advanced Interface Queue Configuration link To configure CoS queue settings for an interface 1 To configure CoS queue settings for a physical...

Page 156: ...rst Queue Management Type Displays the type of packet management used for all packets which is Taildrop All packets on a queue are safe until congestion occurs At this point any additional packets que...

Page 157: ...y row contains traffic class selectors for each of the eight 802 1p priorities to be mapped The priority goes from low 0 to high 7 For example traffic with a priority of 0 is for most data traffic and...

Page 158: ...ach DSCP value select a hardware queue to associate with the value The traffic class is the hardware queue for a port Higher traffic class values indicate a higher queue position Before traffic in a l...

Page 159: ...to define the following categories and their criteria 1 Class Create classes and define class criteria 2 Policy Create policies associate classes with policies and define policy statements 3 Service A...

Page 160: ...ion is retained and can be changed but it is not active 2 Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch 3 If you make change...

Page 161: ...The switch supports only the Class Type value All which means all the various match criteria defined for the class should be satisfied for a packet match All signifies the logical AND of all the matc...

Page 162: ...ine the criteria to associate with a DiffServ class Reference Class Selects a class to start referencing for criteria A specified class can reference at most one other class of the same type Class of...

Page 163: ...t this is not a wildcard mask Source L4 Port Requires a packet s TCP UDP source port to match the port you select Select the desired L4 keyword from the list on which the rule can be based If you sele...

Page 164: ...click QoS DiffServ Advanced IPv6 Class Configuration To configure a DiffServ class 1 To create a new class enter a class name select the class type and click ADD This field also lists all the existin...

Page 165: ...s a non configurable field displaying the configured class type 4 Define the criteria to associate with a DiffServ class Match Every This adds to the specified class definition a match condition where...

Page 166: ...ix Length Prefix can be entered in the range of 0 to FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF and Prefix Length can be entered in the range of 0 to 128 Destination L4 Port This lists the keywords for t...

Page 167: ...ociate with the policy and click Add The available policy type is In which indicates the type is specific to inbound traffic This field is not configurable 2 To rename an existing policy or add a new...

Page 168: ...To configure the policy attributes 1 Click the name of the policy The policy name is a hyperlink The following figure shows the configuration fields for the policy 2 Select the queue to which packets...

Page 169: ...to packets that are considered conforming below the police rate Select one of the following actions Send default These packets are presented unmodified by DiffServ to the system forwarding element Dr...

Page 170: ...e any of the settings on the page click Apply to send the updated configuration to the switch Configuration changes take effect immediately 7 Click Refresh to refresh the page with the most current da...

Page 171: ...Select the check box in the heading row to apply the same settings to all interfaces 5 To activate a policy for the selected interface s select the policy from the Policy In menu and then click Apply...

Page 172: ...licy Name Displays the policy associated with the selected interface Operational Status Displays the operational status of this service interface which is either Up or Down Discarded Packets Displays...

Page 173: ...Access Control Lists on page 209 Management Security Settings From the Management Security Settings page you can configure the login password Remote Authorization Dial In User Service RADIUS settings...

Page 174: ...case sensitive 3 To confirm the password enter it again in the Confirm Password field to make sure you entered it correctly This field will not display but will show asterisks 4 Use the Reset Password...

Page 175: ...onfiguration on page 175 RADIUS Server Configuration on page 177 Accounting Server Configuration on page 179 Global Configuration Use the RADIUS Configuration page to add information about one or more...

Page 176: ...ponse 2 In the Timeout Duration field specify the timeout value in seconds for request retransmissions Consideration to maximum delay time should be given when configuring RADIUS max retransmit and RA...

Page 177: ...ure the RADIUS secret After you add the RADIUS server this field indicates whether the shared secret for this server has been configured In the Secret field type the shared secret text string used for...

Page 178: ...valid packets that were received from this server Malformed Access Responses The number of malformed RADIUS Access Response packets received from this server Malformed packets include packets with an...

Page 179: ...the RADIUS accounting server authentication The valid range is 0 65535 3 From the Secret Configured menu select Yes to add a RADIUS secret in the next field You must select Yes before you can configur...

Page 180: ...ber of malformed RADIUS Accounting Response packets received from this server Malformed packets include packets with an invalid length Bad authenticators and unknown types are not included as malforme...

Page 181: ...ts using the authenticated user name The TACACS server checks the user privileges The TACACS protocol ensures network security through encrypted protocol exchanges between the device and TACACS server...

Page 182: ...data on the screen to the latest value of the switch 4 If you make any changes to the page click Apply to apply the new settings to the system TACACS Server Configuration Use the TACACS Server Config...

Page 183: ...pecify the authentication and encryption key for TACACS communications between the GS716T and GS724T and the TACACS server This key must match the encryption used on the TACACS server The valid range...

Page 184: ...er method will be tried even if you have specified more than one method This parameter will not appear when you first create a new login list User authentication occurs in the order the methods are se...

Page 185: ...uthentication login list This parameter will not appear when you first create a new login list 5 Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest v...

Page 186: ...he management interface A value of zero corresponds to an infinite timeout The default value is 5 minutes The currently configured value is shown when the Web page is displayed 3 In the HTTP Session H...

Page 187: ...the Administrative Mode of Secure HTTP The currently configured value is shown when the Web page is displayed The default value is Disable You can only download SSL certificates when the HTTPS Admin m...

Page 188: ...me time The value must be in the range of 0 2 The default value is 2 The currently configured value is shown when the Web page is displayed 8 Click Cancel to cancel the configuration on the screen and...

Page 189: ...yption Parameter File PEM Encoded 2 In the TFTP Server IP field specify the address of the TFTP server The address can be an IP address in standard x x x x format or a host name The host name must sta...

Page 190: ...add rules to the profile the access profile must be deactivated which is the default setting 2 Use the Access Rule Configuration page to add one or more access rules to the profile 3 Return to the Ac...

Page 191: ...changes to the page click Apply to apply the changes to the system The Profile Summary table shows the rules that are configured for the profile as the following table describes Field Description Rul...

Page 192: ...figure the following settings and click Add Rule Type Specify whether the rule permits or denies access to the GS716T and GS724T management interface Select Permit to allow access to the management in...

Page 193: ...cancel the configuration on the screen and reset the data on the screen to the latest value of the switch Port Authentication In port based authentication mode when 802 1X is enabled globally and on...

Page 194: ...defaultList For more information see Authentication List Configuration on page 184 Disable The switch does not check for 802 1X authentication before allowing traffic on any ports even if the ports a...

Page 195: ...one or more ports To access the Port Authentication page click Security Port Authentication and then click the Advanced Port Authentication link Note Use the horizontal scroll bar at the bottom of the...

Page 196: ...field to enable or disable reauthentication of the supplicant for the specified port Select Enable and Disable If the value is Enable reauthentication will occur Otherwise reauthentication will not b...

Page 197: ...e protocol version associated with the selected port The only possible value is 1 corresponding to the first version of the 802 1X specification This field is not configurable PAE Capabilities This fi...

Page 198: ...tication sequence on the selected port This button is only selectable if the control mode is auto If the button is not selectable it will be grayed out When this button is pressed the action is immedi...

Page 199: ...tate The switch cannot provide authentication services to the client through the interface Operating Control Mode This field indicates the control mode under which the port is actually operating Possi...

Page 200: ...rity Port Security Configuration on page 204 Port Security Interface Configuration on page 205 Security MAC Address on page 207 Protected Ports Membership on page 208 MAC Filter Configuration Use the...

Page 201: ...C2 00 00 20 to 01 80 C2 00 00 21 FF FF FF FF FF FF d Click the orange bar under the Source Port Members heading to display the available ports Select the port s to include in the inbound filter If a...

Page 202: ...cribes the information displayed on the page Field Description MAC Address Identifies the MAC address that is filtered VLAN ID The VLAN ID used with the MAC address to fully identify packets you want...

Page 203: ...Control link To configure storm control settings 1 Select the check box next to the port to configure Select multiple check boxes to apply the same setting to all selected ports Select the check box i...

Page 204: ...pply the changes to the system Port Security Configuration Use the Port Security feature to lock one or more ports on the system When a port is locked only packets with an allowable source MAC address...

Page 205: ...ds are used concurrently when a port is locked Dynamic locking implements a first arrival mechanism for Port Security You specify how many addresses can be learned on the locked port If the limit has...

Page 206: ...e following settings Port Security Enable or Disable the port security feature for the selected port Max Allowed Dynamically Learned MAC Sets the maximum number of dynamically learned MAC addresses on...

Page 207: ...box 2 Click Apply The Dynamic MAC Address entries are converted to Static MAC address entries in a numerically ascending order until the Static limit is reached The Dynamic MAC Address Table shows th...

Page 208: ...l Protected Ports link To configure protected ports 1 Click the orange bar to display the available ports 2 Click the box below each port to configure as a protected port Protected ports are marked wi...

Page 209: ...or configuring an ACL are as follows 1 Create an IPv4 based IPv6 based or MAC based ACL ID 2 Use the ACL Wizard or an ACL Rule page to create and define a rule to associate with an existing ACL ACL ru...

Page 210: ...IPv4 address Select Devices Based on Destination IPv4 Address Permit and Deny options are used to configure devices based on the destination IPv4 address Select Devices Based on Source IPv6 Address Pe...

Page 211: ...click Security ACL The MAC ACL page is under the Basic link The MAC ACL table displays the number of ACLs currently configured in the switch and the maximum number of ACLs that can be configured The c...

Page 212: ...2 To add a new rule enter an ID for the rule configure the following settings and click Add Action Specify what action should be taken if a packet matches the rule s criteria Permit Forwards packets t...

Page 213: ...therType value EtherType User Value This field is configurable if you select User Value from the EtherType drop down menu The value you enter specifies a customized Ethertype to compare against an Eth...

Page 214: ...ltering direction for ACL is Inbound which means the MAC ACL rules are applied to traffic entering the port 2 Specify an optional sequence number to indicate the order of this access list relative to...

Page 215: ...w or delete the MAC ACL bindings To display the MAC Binding Table click Security ACL then click the Basic Binding Table link The following table describes the information displayed in the MAC Binding...

Page 216: ...P ACL page click Security ACL then click the Advanced IP ACL link The IP ACL area shows the current size of the ACL table versus the maximum size of the ACL table The current size is equal to the numb...

Page 217: ...a rule for an existing IP ACL click its ID in the IP ACL Table The IP ACL ID is a hyperlink to the rule configuration page for the ACL type IP Rules Use the IP Rules page to define rules for IP based...

Page 218: ...ld using dotted decimal notation The address you enter is compared to a packet s source IP Address Source IP Mask Specifies the source IP address wildcard mask Wild card masks determines which bits ar...

Page 219: ...ded normally or discarded Note There is an implicit deny all rule at the end of an ACL list This means that if an ACL is applied to a packet and if none of the explicit rules match then the final impl...

Page 220: ...to the other filtering rules so if Match Every is True the other rules on the screen are not available Protocol Type Requires a packet s protocol to match the protocol listed here Select a type from...

Page 221: ...r If the destination L4 keyword is Other enter a user defined Port ID by which packets are matched to the rule Service Type Choose one of the Service Type match conditions for the extended IP ACL rule...

Page 222: ...rules which are matched sequentially against a packet When a packet meets the match criteria of a rule the specified rule action Permit Deny is taken and the additional rules are not checked for a ma...

Page 223: ...e latest value of the switch 4 If you modify the IPv6 ACL name click Apply to submit the changes to the switch IPv6 Rules Use the IPv6 Rules page to configure the rules for the IPv6 Access Control Lis...

Page 224: ...ct Interface Specifies the egress interface where the matching traffic stream is forced bypassing any forwarding decision normally performed by the device This field is visible for a Permit action and...

Page 225: ...ess as a match criteria for the selected IPv6 ACL rule Prefix length can be in the range 0 to 128 Destination L4 Port Specify a packet s destination layer 4 port as a match condition for the selected...

Page 226: ...the IP Binding Configuration page to assign IPv4 and IPv6 ACLs to ports and LAGs From this page you can also assign a sequence number to the ACLs that are bound to interfaces which determines the prio...

Page 227: ...hat is one greater than the highest sequence number currently in use for this interface and direction will be used The valid range is 1 4294967295 3 Click the appropriate orange bar to expose the avai...

Page 228: ...nbound which means the IP ACL rules are applied to traffic entering the port ACL Type Displays the type of ACL assigned to selected interface and direction ACL ID Displays the ACL Number identifying t...

Page 229: ...e pages available from the Ports link contain a variety of information about the number and type of traffic transmitted from and received on the switch From the Ports link you can access the following...

Page 230: ...cessor Unicast Packets Received The number of subnetwork unicast packets delivered to a higher layer protocol Multicast Packets Received The total number of packets received that were directed to a mu...

Page 231: ...ess including those that were discarded or not sent Transmit Packets Discarded The number of outbound packets which were chosen to be discarded even though no errors had been detected in order to prev...

Page 232: ...Aggregation Groups LAGs click LAGS Click the LAG ID to view detailed statistics for the port The following table describes the per port statistics displayed on the screen Field Description Interface L...

Page 233: ...tailed Statistics page displays a variety of per port traffic statistics To access the Port Detailed page click the Monitoring Ports tab and then click Port Detailed Statistics The Port Detailed Stati...

Page 234: ...Indicates that the port has been configured as a member of a port channel which is also known as a link Aggregation Group LAG Port Channel ID If the port is a member of a port channel the port channe...

Page 235: ...ceived or transmitted that were between 128 and 255 octets in length inclusive excluding framing bits but including FCS octets Packets RX and TX 256 511 Octets The total number of packets including ba...

Page 236: ...errors Unicast Packets Received The number of subnetwork unicast packets delivered to a higher layer protocol Multicast Packets Received The total number of good packets received that were directed to...

Page 237: ...a VLAN occurs while that tree is being modified Reserved Address Discards The number of frames discarded that are destined to an IEEE 802 1 reserved address and are not supported by the system Broadc...

Page 238: ...d or not sent Broadcast Packets Transmitted The total number of packets that higher level protocols requested be transmitted to the Broadcast address including those that were discarded or not sent To...

Page 239: ...ed from the selected port MSTP BPDUs Received Number of MSTP BPDUs received at the selected port MSTP BPDUs Transmitted Number of MSTP BPDUs transmitted from the selected port 802 3x Pause Frames Tran...

Page 240: ...ames Transmitted Displays the number of EAPOL frames transmitted through the port Start Frames Received Displays the number of EAPOL Start frames received on the port Logoff Frames Received Displays t...

Page 241: ...be forwarded to one or more centralized points of collection for monitoring purposes or long term archival storage Local and remote configuration of the logging capability includes filtering of messa...

Page 242: ...To configure the Memory Log settings 1 Use the radio buttons in the Admin Status field to determine whether to log messages Enable Enables system logging Disable Prevents the system from logging mess...

Page 243: ...ity facility value 8 severity level The facility value is usually one which means it is a user level message Therefore to determine the severity level of the message subtract eight from the number in...

Page 244: ...system operation log stores a message received by the log subsystem that meets the storage criteria but not both On system startup if the startup log is configured it stores messages up to its limit...

Page 245: ...ional Error 3 A device error has occurred such as if a port is offline Warning 4 The lowest level of a device warning Notice 5 Normal but significant conditions Provides the network administrators wit...

Page 246: ...switch Enable Messages will be sent to all configured hosts syslog collectors or relays using the values configured for each host Disable Stops logging to all syslog hosts Disable means no messages wi...

Page 247: ...lert log is saved if there is a serious device malfunction such as all device features being down Critical 2 The third highest warning level A critical log is saved if a critical device malfunction oc...

Page 248: ...iption Number of Traps Since Last Reset The number of traps that have occurred since the switch last reboot Trap Log Capacity The maximum number of traps stored in the log If the number of traps excee...

Page 249: ...strophic events After the event is logged and the updated log is saved in flash memory the switch will be reset The log can hold at least 2 000 entries and is erased when an attempt is made to add an...

Page 250: ...th received and transmitted can be mirrored to the destination port The packet that is copied to the destination port is in the same format as the original packet on the wire This means that if the mi...

Page 251: ...port but the mirroring information is retained 4 From the Direction menu specify the direction of the Traffic to be mirrored from the configured mirrored port s The default value is Tx and Rx Tx and R...

Page 252: ...252 GS716T and GS724T Gigabit Smart Switches...

Page 253: ...oad File From Switch on page 255 Download File To Switch on page 257 File Management on page 261 Troubleshooting on page 264 Reset The Reset menu contains links to the following options Device Reboot...

Page 254: ...efault page to reset the system configuration to the factory default values Note If you reset the switch to the default configuration the IP address is reset to 192 168 0 239 and the DHCP client is en...

Page 255: ...e Upload page click Maintenance Upload TFTP File Upload To upload a file from the switch to the TFTP server 1 Use the File Type menu to specify the type of file you want to upload Code Uploads a store...

Page 256: ...h A path name with a space is not accepted Leave this field blank to save the file to the root TFTP directory 6 In the Transfer File Name field specify a destination file name for the file to upload Y...

Page 257: ...ar device for example change the device name serial number IP address and download it to that device 2 If you are uploading an GS716T and GS724T image Code select the image on the switch to upload to...

Page 258: ...s a safety feature for faults occurring during the boot upgrade process Text Configuration A text based configuration file enables you to edit a configured text file startup config offline as needed w...

Page 259: ...st be in the format indicated by the TFTP Server Address Type 5 In the Transfer File Path field specify the path on the TFTP server where the file is located You may enter up to 32 characters Include...

Page 260: ...feature for faults occurring during the boot upgrade process Text Configuration A text based configuration file enables you to edit a configured text file startup config offline as needed without hav...

Page 261: ...t The system maintains two versions of the GS716T and GS724T software in permanent storage One image is the active image and the second image is the backup image The active image is loaded during subs...

Page 262: ...set the selected image as the active image select the Active Image check box Note After activating an image you must perform a system reset of the switch in order to run the new code 4 To remove the s...

Page 263: ...s always 1 Image1 Ver Displays the version of the image1 code file Image2 Ver Displays the version of the image2 code file Current active Displays the currently active image on this switch Next active...

Page 264: ...onfigure the settings and ping a host on the network 1 In the Hostname IP Address field specify the IP address or the hostname of the station you want the switch to ping The initial value is blank Thi...

Page 265: ...esults are displayed below the configurable data in the Ping area If successful you will see Reply From IP Host icmp_seq 0 time xx usec Tx x Rx x Min Max Avg RTT x x x msec If a reply to the ping is n...

Page 266: ...ng 2 In the Hostname IP Address field specify the IP address or the hostname of the station you want the switch to ping The initial value is blank This information is not retained across a power cycle...

Page 267: ...raceroute utility to discover the paths that a packet takes to a remote destination To display this page click Maintenance Troubleshooting Traceroute To configure the Traceroute settings and send prob...

Page 268: ...255 Interval Specify the time between probes in seconds The valid range is 1 60 Port Specify the UDP destination port in probe packets The valid range is 1 65535 Size Specify the size of probe packet...

Page 269: ...s Online Help on page 269 Registration on page 271 Online Help The Online Help includes the following pages Support on page 269 User Guide on page 270 Support Use the Support page to connect to the On...

Page 270: ...r Guide page to access the GS716Tv2 and GS724Tv3 Software Administration Manual the guide you are now reading that is available on the NETGEAR Website To access the User Guide page click Help User Gui...

Page 271: ...lp Registration To register the switch click Register The switch attempts to contact the NETGEAR Registration Server For the product registration process to proceed the administrative system running t...

Page 272: ...ow includes the following buttons TURN OFF Use this button to turn off the Product Registration feature and to prevent the registration reminder pop up window from appearing on subsequent successful l...

Page 273: ...P UDP HTTP ICMP TFTP DHCP IEEE 802 1D IEEE 802 1p and IEEE 802 1Q standards GS716T Specifications Feature Value Interfaces 16 10 100 1000 Ethernet ports Flash memory size 16 MB SRAM size and type 64 M...

Page 274: ...wn on port when link is down GS716T and GS724T Switch Features and Defaults Port Characteristics Feature Sets Supported Default Auto negotiation static speed duplex All ports Auto negotiation Auto MDI...

Page 275: ...QoS All ports Disabled Security Feature Sets Supported Default 802 1X All ports Disabled MAC ACL 100 Shared with IPv4 IPv6 ACLs All MAC packets allowed IPv4 access list 100 shared with MAC ACL IPv6 AC...

Page 276: ...panel button N A Dual image support 1 Enabled Factory reset 1 N A Management Feature Sets Supported Default Multi session Web connections 16 Enabled SNMPv1 V2c SNMP v3 Max 5 community entries Enabled...

Page 277: ...eatures Feature Sets Supported Default IGMP snooping v1 v2 All ports Disabled Configurations upload download 1 N A EAPoL flooding All ports Disabled BPDU flooding All ports Disabled Static multicast g...

Page 278: ...278 GS716T and GS724T Gigabit Smart Switches...

Page 279: ...local area network with a definition that maps workstations on some basis other than geographic location for example by department type of user or primary application To enable traffic to flow betwee...

Page 280: ...with the port s default VLAN ID tag number Each port has a default VLAN ID setting that is user configurable the default setting is 1 The default VLAN ID setting for each port can be changed in the Po...

Page 281: ...the Port PVID Configuration screen see Port VLAN ID Configuration on page 92 specify the PVID for ports g1 and g4 so that packets entering these ports are tagged with the port VLAN ID Port g1 PVID 10...

Page 282: ...t the packet matches the specified criteria Traffic filtering requires the following two basic steps 1 Create an access list definition The access list definition includes rules that specify whether t...

Page 283: ...on about MAC ACL rules see MAC Rules on page 212 3 From the MAC Binding Configuration screen assign the Sales_ACL to Ethernet ports 6 7 and 8 and then click Apply See MAC Binding Configuration on page...

Page 284: ...hese interfaces To allow additional traffic to enter these ports you must add a new permit rule with the desired match criteria and bind the rule to interfaces 6 7 and 8 Standard IP ACL Example Config...

Page 285: ...though there is no guarantee that it will During times of congestion packets may be delayed sent sporadically or dropped For typical Internet applications such as e mail and file transfer a slight deg...

Page 286: ...Layer 4 protocol TCP UDP etc Layer 4 source destination ports Source destination IP address From a DiffServ point of view there are two types of classes DiffServ traffic classes DiffServ service leve...

Page 287: ...Serv and ACL cannot co exist on the same interface Marking IP DSCP or IP Precedence marking re marking the DiffServ code point in a packet with the DSCP value representing the service level associated...

Page 288: ...he specified QoS queue This allows a traffic classifier to specify which one of the supported hardware queues are used for handling packets belonging to the class Redirecting forces classified traffic...

Page 289: ...ation screen select the check box next to interfaces g7 and g8 to attach the policy to these interfaces and then click Apply See Service Configuration on page 170 All UDP packet flows destined to the...

Page 290: ...he system that requests authentication as well as between the authenticator and the authentication server The GS716T and GS724T Smart Switches supports a guest VLAN which allows unauthenticated users...

Page 291: ...controls the authorized unauthorized state of the controlled Port depending on the outcome of the RADIUS based authentication process Supplicant Supplicant Authenticator Switch Authentication Server R...

Page 292: ...ngs that you can configure For example the EAPOL Flood Mode field allows you to enable the forwarding of EAPoL frames when 802 1X is disabled on the device 6 From the RADIUS Server Configuration scree...

Page 293: ...dependent Multiple Spanning Tree Instance MSTI within Multiple Spanning Tree MST Regions composed of LANs and or MSTP Bridges These Regions and the other Bridges and LANs are connected into a single C...

Page 294: ...ification To support multiple spanning trees a MSTP bridge has to be configured with an unambiguous assignment of VLAN IDs VIDs to spanning trees This is achieved by 1 Ensuring that the allocation of...

Page 295: ...switch to configure MSTP 1 Use the VLAN Configuration screen to create VLANs 300 and 500 see VLAN Configuration on page 89 2 Use the VLAN Membership screen to include ports g1 g8 as tagged T or untag...

Page 296: ...he following settings MST ID 1 Priority Use the default 32768 VLAN ID 300 For more information see MST Configuration on page 107 11 Click Add 12 Create a second MST instance with the following setting...

Page 297: ...oduct changes or modifications will invalidate all applicable regulatory certifications and approvals This device complies with Part 15 of the FCC Rules Operation is subject to the following two condi...

Page 298: ...ing antenna Increase the separation between the equipment and the receiver Connect the equipment into an electrical outlet on a circuit different from that which the radio receiver is connected Consul...

Page 299: ...ense Agreement GPL may be included in this product to view the GPL license agreement go to ftp downloads netgear com files GPLnotice pdf For GNU General Public License GPL related information visit ht...

Page 300: ...194 Access Control Lists 209 Access Profile 190 Access Rule 192 Authentication List 184 Class 161 164 Community 58 CoS 152 DHCP Filtering 76 Differentiated Services 159 DiffServ 160 DNS 47 Dual Image...

Page 301: ...av 141 IEEE 802 1s 99 IEEE 802 1w 99 IEEE 802 1X 175 IEEE 802 3 flow control 82 IGMP 113 interface LAG 83 logical 29 naming convention 29 physical 29 queue configuration 155 IP address administrative...

Page 302: ...stics 178 VLAN assignment 194 reboot 17 253 registration disabling 271 product 271 serial number 271 reset button 174 configuration to defaults 254 switch 253 RSTP 99 S Security MAC Address 207 server...

Page 303: ...c control 200 trap flags 61 manager 61 TSpec 144 U Unicast 39 upload configuration 255 V VLAN 89 example configuration 279 guest 194 196 290 ID 89 management 34 managing 89 RADIUS based assignment 194...

Reviews:

No comments

Related manuals for GS716T - ProSafe Switch

Verizon DSL-2750B

Brand: D-Link Pages: 2

Brand: D-Link Pages: 4

Brand: H3C Pages: 1057

Brand: F5 Pages: 2

Brand: F5 Pages: 90

Brand: F5 Pages: 47

3C410012A - OfficeConnect Remote 531 Access...

Brand: 3Com Pages: 72

Brand: Teac Pages: 20

cMT-FHDX Series

Brand: Maple Systems Pages: 2

Brand: NETGEAR Pages: 2

StorTrends 1312-P

Brand: American Megatrends Pages: 2

Brand: Lanner Pages: 63

4-Port 10/100Mbps Ethernet Broadband Router

Brand: AOpen Pages: 41

Brand: Variscite Pages: 18

Brand: UfiSpace Pages: 32

EdgeRouter PoE ERPoe-5

Brand: Ubiquiti Pages: 13

Brand: Idis Pages: 16

ACCULINK 3161 CSU

Brand: Paradyne Pages: 19

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands