manualshive.com logo in svg

Niveo NGSME48T4H, User Manual

The Niveo NGSME48T4H is a high-performance 48-port network switch designed for seamless data transmission. Ensure optimal use of this product by downloading the free user manual from manualshive.com. The manual provides detailed instructions on setup, configuration, and troubleshooting, empowering you to maximize the switch's capabilities.

Share
Download
background image

Chapter

 

3: Web Management 

Security - Network - NAS (Network Access Server) 

 

  PoE Switch User Manual | 74 

3.1.5.10. Security - Network - NAS (Network Access Server)

 

 

This page allows you to configure the IEEE 802.1X and MAC-based authentication system 

and port settings. 

The IEEE 802.1X standard defines a port-based access control procedure that prevents 

unauthorized access to a network by requiring users to first submit credentials for 

authentication. One or more central servers, the backend servers, determine whether the 

user is allowed access to the network. These backend (RADIUS) servers are configured on 

the "Configuration

Security

AAA" page. The IEEE802.1X standard defines port-based 

operation, but non-standard variants overcome security limitations as shall be explored 

below.   

MAC-based authentication allows for authentication of more than one user on the same port, 

and doesn't require the user to have special 802.1X supplicant software installed on his 

system. The switch uses the user's MAC address to authenticate against the backend server. 

Intruders can create counterfeit MAC addresses, which makes MAC-based authentication 

less secure than 802.1X authentication. 

The NAS configuration consists of two sections, a system- and a port-wide. 

System Configuration 

Mode 

Indicates if NAS is globally enabled or disabled on the stack. If globally disabled, all ports are 

allowed forwarding of frames. 

Re-authentication Enabled 

If checked, successfully authenticated supplicants/clients are re-authenticated after the 

interval specified by the Re-authentication Period. Re-authentication for 802.1X-enabled 

ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no 

longer attached. 

Summary of Contents for NGSME48T4H

Page 1: ...Version 2 1 NGSME48T4H 48 Port 10 100 1000Base T 4 10 Gigabit SFP Ports Layer 2 3 Full Management High Power PoE Switch User Manual...

Page 2: ...that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off an...

Page 3: ...uration System 25 3 1 1 1 System Information 25 3 1 1 2 System IP 26 3 1 1 3 System NTP 30 3 1 1 4 System Time 31 3 1 1 5 System Log 33 3 1 2 Configuration Green Ethernet 34 3 1 2 1 Green Ethernet LED...

Page 4: ...1 Security Network ACL 85 3 1 5 11 1 Security Network ACL Ports 85 3 1 5 11 2 Security Network ACL Rate Limiter 87 3 1 5 11 3 Security Network ACL Access Control List 88 3 1 5 12 Security Network IP S...

Page 5: ...2 Configuration LLDP 145 3 1 12 1 LLDP LLDP 145 3 1 12 2 LLDP LLDP MED 148 3 1 13 Configuration PoE 155 3 1 14 Configuration MAC Table 158 3 1 15 Configuration VLANs 160 3 1 16 Configuration Private V...

Page 6: ...Status 211 3 2 1 4 System Log 213 3 2 1 5 System Detailed Log 214 3 2 2 Monitor Green Ethernet 215 3 2 2 1 Green Ethernet Port Power Savings Status 215 3 2 3 Monitor Ports 216 3 2 3 1 Ports State 216...

Page 7: ...stem Status 264 3 2 6 2 LACP Port Status 265 3 2 6 3 LACP Port Statistics 266 3 2 7 Monitor Loop Protection 267 3 2 8 Monitor Spanning Tree 268 3 2 8 1 Spanning Tree Bridge Status 268 3 2 8 2 Spanning...

Page 8: ...5 Monitor sFlow 305 3 3 Web Management Diagnostics 307 3 3 1 Diagnostics Ping 307 3 3 2 Diagnostics Ping6 309 3 3 3 Diagnostics VeriPHY 310 3 4 Web Management Maintenance 312 3 4 1 Maintenance Restart...

Page 9: ...ME48T4H Switch User Manual 9 Before Starting In Before Starting This section contains introductory information which includes Intended Readers Icons for Note Caution and Warning Product Package Conten...

Page 10: ...king management and terminologies Icons for Note Caution and Warning To install configure use and maintain this product properly please pay attention when you see these icons in this manual A Note ico...

Page 11: ...check and verify the contents of the product package which should include the following items One Network Switch One Power Cord One User Manual CD One pair Rack mount kit 8 Screws Note If any item li...

Page 12: ...uct Overview In Product Overview This section will give you an overview of this product including its feature functions and hardware software specifications Product Brief Description Product Specifica...

Page 13: ...roduct provides high flexibility and high bandwidth connectivity to another 10G switch or the Servers Workstations and other attached devices which support 10G interfaces The user can also aggregate t...

Page 14: ...uthorization and Accounting with RADIUS TACAS server Layer 2 Access Control List allows user to define the access privilege based on IP MAC Port number etc PD Alive Check When this function is enabled...

Page 15: ...ed Voice VLAN Voice VLAN with OUI Link Aggregation IEEE 802 3ad with LACP Static Trunk Max No Static Trunk Group 26 Max Port per Aggregation Group 8 IGMP Snooping IGMP Snooping v1 v2 v3 Supports 1024...

Page 16: ...440 400 mm LED Power PoE Link Act SFP Operating Temperature 0 45 C Storage Temperature 20 80 C Operating Humidity 5 90 non condensing Weight 5 37 KG Certification VCCI FCC Class A Standard IEEE 802 3...

Page 17: ...on the front panel LED Indicators The LED Indicators present real time information of systematic operation status Each of the switch s RJ45 port has two LEDs the green LED indicates RJ45 connection s...

Page 18: ...EIA TIA 568 100 ohm Max 100m 100 Base TX 2 pair UTP STP CAT 5 cable EIA TIA 568 100 ohm Max 100m 1000 Base T 4 pair UTP STP CAT 5 cable EIA TIA 568 100 ohm Max 100m PoE To delivery power properly it...

Page 19: ...ME48T4H Switch User Manual 19 Chapter 2 Preparing for Management In Preparing for Management This section will guide your how to manage this product via management web page Preparation for Web Interfa...

Page 20: ...your PC properly 1 Verify that the network interface card NIC of your PC is operational and properly installed and that your operating system supports TCP IP protocol 2 Connect your PC with the switc...

Page 21: ...on for Web Interface PoE Switch User Manual 21 6 The web browser will prompt you to sign in The default username password for the configuration web page is admin admin For more information please refe...

Page 22: ...management interface You can make all settings and monitor system status with this management web page Configuration Monitor options included in the management web page can be divided into the followi...

Page 23: ...tection function here to prevent network loop Spanning Tree Spanning Tree Protocol is a network designed to ensure a loop free network and provide redundant links that serve as automatic backup paths...

Page 24: ...s you to control the network priority which packet gets top priority to transmit and which gets low priority via IEEE 802 1p or DSCP Mirroring For purposes such as network diagnostics you can direct p...

Page 25: ...me for this switch By convention this is the switch s fully qualified domain name A domain name is a text string drawn from the alphabet A Z a z digits 0 9 minus sign No space characters are permitted...

Page 26: ...aces DNS Server This setting controls the DNS name resolution done by the switch The following modes are supported From any DHCP interfaces The first DNS server offered from a DHCP lease to a DHCP ena...

Page 27: ...re 0 to 4294967295 seconds IPv4 DHCP Current Lease For DHCP interfaces with an active lease this column show the current interface address as provided by the DHCP server IPv4 Address The IPv4 address...

Page 28: ...bits prefix length It defines how much of a network address that must match in order to qualify for this route Valid values are between 0 and 32 bits respectively 128 for IPv6 routes Only a default r...

Page 29: ...Chapter 3 Web Management Web Management Configure PoE Switch User Manual 29 Save Click to save changes Reset Click to undo any changes made locally and revert to previously saved values...

Page 30: ...server IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special sy...

Page 31: ...igurable acronym to identify the time zone You can use up to 16 alphanumeric characters and punctuations such as _ and Daylight Saving Time Configuration When enabled the switch will set the clock for...

Page 32: ...Select the starting minute End time settings Week Select the ending week number Day Select the ending day Month Select the ending month Hours Select the ending hour Minutes Select the ending minute O...

Page 33: ...acknowledgments The system log packet will always send out even if the system log server does not exist Possible modes are Enabled Enable server mode operation Disabled Disable server mode operation...

Page 34: ...t of the ports A pushbutton and a 4 high tower of LEDs is placed next to the front Ethernet port LEDs The pushbutton selects between four different port LED modes indicated by the 4 high LED mode towe...

Page 35: ...tensity If no intensity is specified for the next hour the intensity is set to default intensity Intensity The LEDs intensity 100 Full power 0 LED off Maintenance Maintenance Time When a network admin...

Page 36: ...to make sure that both the receiving and transmitting device has all circuits powered up when traffic is transmitted The devices can exchange wakeup time information using the LLDP protocol EEE works...

Page 37: ...en there is no link The port is power up for short moment in order to determine if cable is inserted PerfectReach Cable length power savings enabled PerfectReach works by determining the cable length...

Page 38: ...sables the switch port operation Auto Cu port auto negotiating speed with the link partner and selects the highest speed that is compatible with the link partner 10Mbps HDX Forces the cu port in 10Mbp...

Page 39: ...e Enter the maximum frame size allowed for the switch port including FCS Excessive Collision Mode Configure port transmit collision behavior Discard Discard frame after 16 collisions default Restart R...

Page 40: ...igure operation mode to enable disable DHCP server per VLAN VLAN Range Indicate the VLAN range in which DHCP server is enabled or disabled The first VLAN ID must be smaller than or equal to the second...

Page 41: ...the operation mode per VLAN Possible modes are Enabled Enable DHCP server per VLAN Disabled Disable DHCP server pre VLAN Buttons Add VLAN Range Click to add a new VLAN range Save Click to save change...

Page 42: ...e excluded IP addresses IP Range Define the IP range to be excluded IP addresses The first excluded IP must be smaller than or equal to the second excluded IP BUT if the IP range contains only 1 exclu...

Page 43: ...to go into the configuration page Name Configure the pool name that accepts all printable characters except white space If you want to configure the detail settings you can click the pool name to go...

Page 44: ...r Pool PoE Switch User Manual 44 Lease Time Display lease time of the pool Buttons Add New Pool Click to add a new DHCP pool Save Click to save changes Reset Click to undo any changes made locally and...

Page 45: ...DHCP request messages will be forwarded to trusted ports and only allow reply packets from trusted ports Disabled Disable DHCP snooping mode operation Port Mode Configuration Indicates the DHCP snoopi...

Page 46: ...ssage won t be flooded for security considerations Disabled Disable DHCP relay mode operation Relay Server Indicates the DHCP relay server IP address Relay Information Mode Indicates the DHCP relay in...

Page 47: ...t will enforce the policy The Replace policy is invalid when relay information mode is disabled Possible policies are Replace Replace the original relay information when a DHCP message that already co...

Page 48: ...user You can also click on the link to configure user account Privilege Level The privilege level of the user The allowed range is 1 to 15 If the privilege level value is 15 it can access all groups...

Page 49: ...up privilege level User s privilege should be same or greater than the group privilege level to have the access of that group By default setting most groups privilege level 5 has the read only access...

Page 50: ...ne The following description defines these privilege level groups in details System Contact Name Location Timezone Daylight Saving Time Log Security Authentication System Access Management Port contai...

Page 51: ...ng sub groups configuration read only configuration execute read write status statistics read only status statistics read write e g for clearing of statistics User Privilege should be same or greater...

Page 52: ...alues None authentication is disabled and login is not possible Local use the local user database on the stack for authentication RADIUS use a remote RADIUS server for authentication TACACS use a remo...

Page 53: ...urity Switch SSH Configure SSH on this page Mode Indicates the SSH mode operation Possible modes are Enabled Enable SSH mode operation Disabled Disable SSH mode operation Buttons Save Click to save ch...

Page 54: ...nnection Possible modes are Enabled Enable HTTPS mode operation Disabled Disable HTTPS mode operation Automatic Redirect Indicates the HTTPS redirect mode operation Automatically redirects web browser...

Page 55: ...dress Indicates the start IP address for the access management entry End IP address Indicates the end IP address for the access management entry HTTP HTTPS Indicates that the host can access the switc...

Page 56: ...ly when SNMP version is SNMPv1 or SNMPv2c If SNMP version is SNMPv3 the community string will be associated with SNMPv3 communities table It provides more flexibility to configure security name than a...

Page 57: ...cates the SNMP trap supported version Possible versions are SNMP v1 Set SNMP trap supported version 1 SNMP v2c Set SNMP trap supported version 2c SNMP v3 Set SNMP trap supported version 3 Trap Communi...

Page 58: ...led Disable SNMP trap link up and link down mode operation Trap Inform Mode Indicates the SNMP trap inform mode operation Possible modes are Enabled Enable SNMP trap inform mode operation Disabled Dis...

Page 59: ...ame Indicates the SNMP trap security name SNMPv3 traps and informs using USM for authentication and privacy A unique security name is needed when traps and informs are enabled Buttons Save Click to sa...

Page 60: ...wed string length is 1 to 32 and the allowed content is ASCII characters from 33 to 126 The community string will be treated as security name and map a SNMPv1 or SNMPv2c community string Source IP Ind...

Page 61: ...ngineID and usmUserName are the entry s keys In a simple agent usmUserEngineID is always that agent s own snmpEngineID value The value can also take the value of the snmpEngineID of a remote SNMP engi...

Page 62: ...ng the authentication password phrase For MD5 authentication protocol the allowed string length is 8 to 32 For SHA authentication protocol the allowed string length is 8 to 40 The allowed content is A...

Page 63: ...rved for SNMPv2c usm User based Security Model USM Security Name A string identifying the security name that this entry should belong to The allowed string length is 1 to 32 and the allowed content is...

Page 64: ...d belong to Possible view types are included An optional flag to indicate that this view subtree should be included excluded An optional flag to indicate that this view subtree should be excluded In g...

Page 65: ...odel USM Security Level Indicates the security model that this entry should belong to Possible security models are NoAuth NoPriv No authentication and no privacy Auth NoPriv Authentication and no priv...

Page 66: ...ry It will be deleted during the next save ID Indicates the index of the entry The range is from 1 to 65535 Data Source Indicates the port ID which wants to be monitored If in stacking switch the valu...

Page 67: ...h the value must add 1000 switch ID 1 for example if the port is switch 3 port 5 the value is 2005 Interval Indicates the interval in seconds for sampling the history statistics data The range is from...

Page 68: ...NUcastPkts The number of broad cast and multi cast packets delivered to a higher layer protocol InDiscards The number of inbound packets that are discarded even the packets are normal InErrors The num...

Page 69: ...resholds possible sample types are RisingTrigger alarm when the first value is larger than the rising threshold FallingTrigger alarm when the first value is less than the falling threshold RisingOrFal...

Page 70: ...umber of octets received on the interface including framing characters Log The number of uni cast packets delivered to a higher layer protocol snmptrap The number of broad cast and multi cast packets...

Page 71: ...s the maximum number of users on the port If this number is exceeded an action is taken The action can be one of the four different actions as described below The Limit Control module utilizes a lower...

Page 72: ...situation enable aging With aging enabled a timer is started once the end host gets secured When the timer expires the switch starts looking for frames from the end host and if such frames are not se...

Page 73: ...wn If Limit 1 MAC addresses is seen on the port both the Trap and the Shutdown actions described above will be taken State This column shows the current state of the port as seen from the Limit Contro...

Page 74: ...xplored below MAC based authentication allows for authentication of more than one user on the same port and doesn t require the user to have special 802 1X supplicant software installed on his system...

Page 75: ...C addresses the Port Security module needs to check for activity on the MAC address in question at regular intervals and free resources if no activity is seen within a given period of time This parame...

Page 76: ...ll ports RADIUS Assigned VLAN Enabled RADIUS assigned VLAN provides a means to centrally control the VLAN on which a successfully authenticated supplicant is placed on the switch Incoming traffic will...

Page 77: ...nged if the Guest VLAN option is globally enabled Valid values are in the range 1 255 Allow Guest VLAN if EAPOL Seen The switch remembers if an EAPOL frame has been received on the port for the life t...

Page 78: ...d In this mode the switch will send one EAPOL Success frame when the port link comes up and any client on the port will be allowed network access without authentication Force Unauthorized In this mode...

Page 79: ...uppose that the first server in the list is currently down but not considered dead Now if the supplicant retransmits EAPOL Start frames at a rate faster than X seconds then it will never get authentic...

Page 80: ...ched In this case the switch sends EAPOL Request Identity frames using the BPDU multicast MAC address as destination to wake up any supplicants that might be on the port The maximum number of supplica...

Page 81: ...ent on the port the port s QoS Class is immediately reverted to the original QoS Class which may be changed by the administrator in the meanwhile without affecting the RADIUS assigned This option is o...

Page 82: ...nel Type and Tunnel Private Group ID attributes must all be present at least once in the Access Accept packet The switch looks for the first set of these attributes that have the same Tag value and fu...

Page 83: ...cess on this VLAN The switch will not transmit an EAPOL Success frame when entering the Guest VLAN While in the Guest VLAN the switch monitors the link for EAPOL frames and if one such frame is receiv...

Page 84: ...only has effect for successfully authenticated clients on the port and will not cause the clients to get temporarily unauthorized Reinitialize Forces a reinitialization of the clients on the port and...

Page 85: ...l port for the settings contained in the same row Policy ID Select the policy to apply to this port The allowed values are 0 through 255 The default value is 0 Action Select whether forwarding is perm...

Page 86: ...s received on the port the port will be disabled Disabled Port shut down is disabled The default value is Disabled State Specify the port state of this port The allowed values are Enabled To reopen po...

Page 87: ...ACL Rate Limiter Configure the rate limiter for the ACL of the switch Rate Limiter ID The rate limiter ID for the settings contained in the same row Rate The allowed values are 0 131071 in pps Button...

Page 88: ...ndicates the policy number and bitmask of the ACE Frame Type Indicates the frame type of the ACE Possible values are Any The ACE will match any frame type EType The ACE will match Ethernet Type frames...

Page 89: ...was hit by a frame Modification Buttons You can modify each ACE Access Control Entry in the table using the following buttons Inserts a new ACE before the current row Edits the ACE row Moves the ACE...

Page 90: ...applies to this port number where n is the number of the switch port Policy Filter Specify the policy number filter for this ACE Any No policy filter is specified policy filter status is don t care S...

Page 91: ...ACE operation Deny The frame that hits this ACE is dropped Rate Limiter Specify the rate limiter in number of base units The allowed range is 1 to 16 Disabled indicates that the rate limiter operation...

Page 92: ...x xx xx xx xx xx or xx xx xx xx xx xx or xxxxxxxxxxxx x is a hexadecimal digit A frame that hits this ACE matches this SMAC value DMAC Filter Specify the destination MAC filter for this ACE Any No DMA...

Page 93: ...this ACE choose this value A field for entering a VLAN ID number appears VLAN ID When Specific is selected for the VLAN ID filter you can enter a specific VLAN ID number The allowed range is 1 to 409...

Page 94: ...Frame must have ARP Request or RARP Request OP flag set Reply Frame must have ARP Reply or RARP Reply OP flag Sender IP Filter Specify the sender IP filter for this ACE Any No sender IP filter is spec...

Page 95: ...l notation ARP Sender MAC Match Specify whether frames can hit the action according to their sender hardware address field SHA settings 0 ARP frames where SHA is not equal to the SMAC address 1 ARP fr...

Page 96: ...frames where the HLD is not equal to Ethernet 1 1 ARP RARP frames where the HLD is equal to Ethernet 1 Any Any value is allowed don t care Ethernet Specify whether frames can hit the action according...

Page 97: ...in this help file TCP Select TCP to filter IPv4 TCP protocol frames Extra fields for defining TCP parameters will appear These fields are explained later in this help file IP Protocol Value When Spec...

Page 98: ...e IP address and source IP mask in the SIP Address and SIP Mask fields that appear SIP Address When Host or Network is selected for the source IP filter you can enter a specific SIP address in dotted...

Page 99: ...filter you can enter a specific ICMP value The allowed range is 0 to 255 A frame that hits this ACE matches this ICMP value ICMP Code Filter Specify the ICMP code filter for this ACE Any No ICMP code...

Page 100: ...you can enter a specific TCP UDP source range value A field for entering a TCP UDP source value appears TCP UDP Source No When Specific is selected for the TCP UDP source filter you can enter a specif...

Page 101: ...rame that hits this ACE matches this TCP UDP destination value TCP FIN Specify the TCP No more data from sender FIN value for this ACE 0 TCP frames where the FIN field is set must not be able to match...

Page 102: ...ot be able to match this entry 1 TCP frames where the ACK field is set must be able to match this entry Any Any value is allowed don t care TCP URG Specify the TCP Urgent Pointer field significant URG...

Page 103: ...t to filter a specific EtherType filter with this ACE you can enter a specific EtherType value A field for entering a EtherType value appears Ethernet Type Value When Specific is selected for the Ethe...

Page 104: ...Guard is enabled on which ports Only when both Global Mode and Port Mode on a given port are enabled IP Source Guard is enabled on this given port Max Dynamic Clients Specify the maximum number of dyn...

Page 105: ...ed during the next save Port The logical port for the settings VLAN ID The vlan id for the settings IP Address Allowed Source IP address IP Mask It can be used for calculating the allowed network with...

Page 106: ...Configuration Enable the Global ARP Inspection or disable the Global ARP Inspection Port Mode Configuration Specify ARP Inspection is enabled on which ports Only when both Global Mode and Port Mode o...

Page 107: ...ing the next save Port The logical port for the settings VLAN ID The vlan id for the settings MAC Address Allowed Source MAC address in ARP request packets IP Address Allowed Source IP address in ARP...

Page 108: ...cope with lost frames the timeout interval is divided into 3 subintervals of equal length If a reply is not received within the subinterval the request is transmitted again This algorithm causes the...

Page 109: ...w applies Enabled Enable the RADIUS Authentication Server by checking this box IP Address Hostname The IP address or hostname of the RADIUS Authentication Server IP address is expressed in dotted deci...

Page 110: ...below applies Enabled Enable the RADIUS Accounting Server by checking this box IP Address Hostname The IP address or hostname of the RADIUS Accounting Server IP address is expressed in dotted decimal...

Page 111: ...by checking this box IP Address Hostname The IP address or hostname of the TACACS Authentication Server IP address is expressed in dotted decimal notation Port The TCP port to use on the TACACS Authen...

Page 112: ...nabled Destination MAC Address The Destination MAC Address can be used to calculate the destination port for the frame Check to enable the use of the Destination MAC Address or uncheck to disable By d...

Page 113: ...embers Group ID Indicates the group ID for the settings contained in the same row Group ID Normal indicates there is no aggregation Only one group ID is valid per port Port Members Each switch port is...

Page 114: ...tion when 2 or more ports are connected to the same partner LACP can form max 12 LLAGs per switch and 2 GLAGs per stack Key The Key value incurred by the port range 1 65535 The Auto setting will set t...

Page 115: ...before sending a LACP packet Prio The Prio controls the priority of the port If the LACP partner wants to form a larger group than is supported by this device then this parameter will control which p...

Page 116: ...Protection Controls whether loop protections is enabled as a whole Transmission Time The interval between each loop protection PDU sent on each port valid values are 1 to 10 seconds Shutdown Time The...

Page 117: ...rt Action Configures the action performed when a loop is detected on a port Valid values are Shutdown Port Shutdown Port and Log or Log Only Tx Mode Controls whether the port is actively generating lo...

Page 118: ...ority Lower numeric values have better priority The bridge priority plus the MSTI instance number concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier For MSTP operation th...

Page 119: ...tly configured as Edge will transmit and receive BPDUs Edge Port BPDU Guard Control whether a port explicitly configured as Edge will disable itself upon reception of a BPDU The port will enter the er...

Page 120: ...The name identifying the VLAN to MSTI mapping Bridges must share the name and revision see below as well as the VLAN to MSTI mapping configuration in order to share spanning trees for MSTI s Intra re...

Page 121: ...xx xx being between 1 and 4094 VLAN or a range xx yy each of which must be separated with comma and or space A VLAN can only be mapped to one MSTI An unused MSTI should just be left empty I e not hav...

Page 122: ...change them as well MSTI The bridge instance The CIST is the default instance which is always active Priority Controls the bridge priority Lower numeric values have better priority The bridge priorit...

Page 123: ...ort configurations and possibly change them as well This page contains settings for physical and aggregated ports The aggregation settings are stack global The STP port settings relate to the currentl...

Page 124: ...utoEdge Controls whether the bridge should enable automatic edge detection on the bridge port This allows operEdge to be derived from whether BPDU s are received on the port or not Restricted Role If...

Page 125: ...abled state due to this setting is subject to the bridge Port Error Recovery setting as well Point to Point Controls whether the port connects to a point to point LAN rather than to a shared medium Th...

Page 126: ...inspect the current STP MSTI port configurations and possibly change them as well An MSTI port is a virtual port which is instantiated separately for each active CIST physical port for each MSTI inst...

Page 127: ...ting will set the path cost as appropriate by the physical link speed using the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when esta...

Page 128: ...le System starts to do filtering based on profile settings only when the global profile mode is enabled Delete Check to delete the entry The designated entry will be deleted during the next save Profi...

Page 129: ...e view button You can manage or inspect the rules of the designated profile by using the following buttons Navigate List the rules associated with the designated profile Edit Adjust the rules associat...

Page 130: ...maximum 16 alphabetic and numeric characters At least one alphabet must be present Start Address The starting IPv4 IPv6 Multicast Group Address that will be used as an address range End Address The en...

Page 131: ...channel the set top box or PC sends an IGMP MLD report message to Switch A to join the appropriate multicast group address Uplink ports that send and receive multicast data to and from the multicast V...

Page 132: ...for IGMP MLD report memberships on a receiver port before removing the port from multicast group membership The value is in units of tenths of a seconds The range is from 0 to 31744 The default LLQI i...

Page 133: ...ts Select the port role by clicking the Role symbol to switch the setting Immediate Leave Enable the fast leave on the port Buttons Add New NVR VLAN Click to add new MVR VLAN Specify the VID and confi...

Page 134: ...ame of the Channel of the specific Multicast VLAN Maximum length of the Channel Name string is 32 Channel Name can only contain alphabets or numbers Channel name should contain at least one alphabet C...

Page 135: ...to the currently selected stack unit as reflected by the page header Snooping Enabled Enable the Global IGMP Snooping Unregistered IPMCv4 Flooding Enabled Enable unregistered IPMCv4 traffic flooding...

Page 136: ...the router side Router Port Specify which ports act as router ports A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier If an aggregation me...

Page 137: ...st VLAN Table match The will use the last entry of the currently displayed entry as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the...

Page 138: ...by the Last Member Query Interval multiplied by the Last Member Query Count The allowed range is 0 to 31744 in tenths of seconds default last member query interval is 10 in tenths of seconds 1 second...

Page 139: ...he settings Filtering Groups The IP Multicast Group that will be filtered Add New Filtering Group Click Add New Filtering Group button to add a new entry to the Group Filtering table Specify the Port...

Page 140: ...Enabled Enable unregistered IPMCv6 traffic flooding The flooding control takes effect only when MLD Snooping is enabled When MLD Snooping is disabled unregistered IPMCv6 traffic flooding is always ac...

Page 141: ...the Layer 3 multicast device or MLD querier If an aggregation member port is selected as a router port the whole aggregation will act as a router port Fast Leave Enable the fast leave on the port Thr...

Page 142: ...d entry as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the button to start over MLD Snooping VLAN Table Columns Delete Check to del...

Page 143: ...ate the Maximum Response Code inserted into Multicast Address and Source Specific Query messages The allowed range is 0 to 31744 in tenths of seconds default last listener query interval is 10 in tent...

Page 144: ...e settings Filtering Groups The IP Multicast Group that will be filtered Add New Filtering Group Click Add New Filtering Group button to add a new entry to the Group Filtering table Specify the Port a...

Page 145: ...nterval value Valid values are restricted to 5 32768 seconds Tx Hold Each LLDP frame contains information about how long the information in the LLDP frame shall be considered valid The LLDP informatio...

Page 146: ...neighbors but will send out LLDP information Disabled The switch will not send out LLDP information and will drop LLDP information received from neighbors Enabled The switch will send out LLDP inform...

Page 147: ...switch Note When CDP awareness on a port is disabled the CDP information isn t removed immediately but gets removed when the hold time is exceeded Port Descr Optional TLV When checked the port descrip...

Page 148: ...t can come with inappropriate knowledge of the network policy With this in mind LLDP MED defines an LLDP MED Fast Start interaction between the protocol and the application layers on top of the protoc...

Page 149: ...degrees with a maximum of 4 digits It is possible to specify the direction to either East of the prime meridian or West of the prime meridian Altitude Altitude SHOULD be normalized to within 32767 to...

Page 150: ...E or US State National subdivisions state canton region province prefecture County County parish gun Japan district City City township shi Japan Example Copenhagen City district City division borough...

Page 151: ...1 and others such as defined by TIA or NENA Emergency Call Service Emergency Call Service ELIN identifier data format is defined to carry the ELIN identifier as used during emergency call setup to a t...

Page 152: ...ion type LLDP MED allows multiple policies to be advertised per port each corresponding to a different application type Different ports on the same Network Connectivity Device may advertise different...

Page 153: ...ty field is ignored and only the DSCP value has relevance 6 Video Conferencing for use by dedicated Video Conferencing equipment and other similar appliances supporting real time interactive video aud...

Page 154: ...e point values 0 through 63 A value of 0 represents use of the default DSCP value as defined in RFC 2475 Adding a new policy Click Add New Policy to add a new policy Specify the Application type Tag V...

Page 155: ...port automatically determines how much power to reserve according to the class the connected PD belongs to and reserves the power accordingly Four different port classes exist and one for 4 7 15 4 or...

Page 156: ...available from the power supply Power Supply Configuration Primary and Backup Power Source Some switches support having two PoE power supplies One is used as primary power source and one as backup pow...

Page 157: ...er than the power supply can deliver In this case the port with the lowest priority will be turn off starting from the port with the highest port number Maximum Power The Maximum Power value contains...

Page 158: ...time by entering a value here in seconds The allowed range is 10 to 1000000 seconds Disable the automatic aging of dynamic entries by checking the Disable automatic aging checkbox MAC Table Learning I...

Page 159: ...AC table can contain 64 entries The maximum of 64 entries is for the whole stack and not per switch The MAC table is sorted first by VLAN ID and then by MAC address Delete Check to delete the entry It...

Page 160: ...vidual elements are separated by commas Ranges are specified with a dash separating the lower and upper bound The following example will create VLANs 1 10 11 12 13 200 and 300 1 10 13 200 300 Spaces a...

Page 161: ...ly used to connect to other switches Trunk ports have the following characteristics By default a trunk port is member of all VLANs 1 4095 The VLANs that a trunk port is member of may be limited by the...

Page 162: ...TPID of the tag if a tag is required Unaware On ingress all frames whether carrying a VLAN tag or not get classified to the Port VLAN and possible tags are not removed on egress C Port On ingress fra...

Page 163: ...are accepted Tagged Only Only tagged frames are accepted on ingress Untagged frames are discarded Untagged Only Only untagged frames are accepted on ingress Tagged frames are discarded Egress Tagging...

Page 164: ...more VLANs This is particularly useful when dynamic VLAN protocols like MVRP and GVRP must be prevented from dynamically adding ports to VLANs The trick is to mark such VLANs as forbidden on the port...

Page 165: ...k unit as reflected by the page header This feature works across the stack Configuration Port Members A check box is provided for each port of a private VLAN When checked port isolation is enabled on...

Page 166: ...sed VLAN check the box To remove or exclude the port from the MAC based VLAN make sure the box is unchecked By default no ports are members and all boxes are unchecked Adding a New MAC based VLAN Clic...

Page 167: ...ly and revert to previously saved values Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately Updates th...

Page 168: ...e you selected Value Valid value that can be entered in this text field depends on the option selected from the the preceding Frame Type selection menu Below is the criteria for three different Frame...

Page 169: ...sists of a combination of alphabets a z or A Z and integers 0 9 Note special character and underscore _ are not allowed Adding a New Group to VLAN mapping entry Click Add New Entry to add a new entry...

Page 170: ...ed A valid VLAN ID ranges from 1 4095 Port Members A row of check boxes for each port is displayed for each Group Name to VLAN ID mapping To include a port in a mapping check the box To remove or excl...

Page 171: ...twork mask length VLAN ID Indicates the VLAN ID VLAN ID can be changed for the existing entries Port Members A row of check boxes for each port is displayed for each IP subnet based VLAN entry To incl...

Page 172: ...nual 172 Buttons Save Click to save changes Reset Click to undo any changes made locally and revert to previously saved values Auto refresh Check this box to refresh the page automatically Automatic r...

Page 173: ...ice VLAN It can avoid the conflict of ingress filtering Possible modes are Enabled Enable Voice VLAN mode operation Disabled Disable Voice VLAN mode operation VLAN ID Indicates the Voice VLAN ID It sh...

Page 174: ...will be blocked for 10 seconds Possible port modes are Enabled Enable Voice VLAN security mode operation Disabled Disable Voice VLAN security mode operation Port Discovery Protocol Indicates the Voice...

Page 175: ...e Telephony OUI A telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 characters long and the input format is xx xx xx x is a hexadecimal digit Description...

Page 176: ...All frames are classified to a QoS class There is a one to one mapping between QoS class queue and priority A QoS class of 0 zero has the lowest priority If the port is VLAN aware and the frame is tag...

Page 177: ...frame is tagged then the frame is classified to a DP level that is equal to the DEI value in the tag Otherwise the frame is classified to the default DP level The classified DP level can be overruled...

Page 178: ...on this switch port Rate Controls the rate for the policer The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 13200 when the Unit...

Page 179: ...ss Port Schedulers for all switch ports The ports belong to the currently selected stack unit as reflected by the page header Port The logical port for the settings contained in the same row Click on...

Page 180: ...r this queue on this switch port Queue Shaper Rate Controls the rate for the queue shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to...

Page 181: ...per Rate Controls the rate for the port shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to 1 13200 when the Unit is Mbps Port Shaper...

Page 182: ...r this queue on this switch port Queue Shaper Rate Controls the rate for the queue shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to...

Page 183: ...per Rate Controls the rate for the port shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to 1 13200 when the Unit is Mbps Port Shaper...

Page 184: ...s for all switch ports The ports belong to the currently selected stack unit as reflected by the page header Port The logical port for the settings contained in the same row Click on the port number i...

Page 185: ...this queue on this switch port Queue Shaper Rate Controls the rate for the queue shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to...

Page 186: ...er Rate Controls the rate for the port shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to 1 13200 when the Unit is Mbps Port Shaper U...

Page 187: ...this queue on this switch port Queue Shaper Rate Controls the rate for the queue shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to...

Page 188: ...er Rate Controls the rate for the port shaper The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps and it is restricted to 1 13200 when the Unit is Mbps Port Shaper U...

Page 189: ...s The ports belong to the currently selected stack unit as reflected by the page header Port The logical port for the settings contained in the same row Click on the port number in order to configure...

Page 190: ...cific port are configured on this page Mode Controls the tag remarking mode for this port Classified Use classified PCP DEI values Default Use default PCP DEI values Mapped Use mapped versions of QoS...

Page 191: ...sified DP level to a 1 bit DP level used in the QoS class DP level to PCP DEI mapping process QoS class DP level to PCP DEI Mapping Controls the mapping of the classified QoS class DP level to PCP DEI...

Page 192: ...gs Ingress In Ingress settings you can change ingress translation and classification settings for individual ports There are two configuration parameters available in Ingress 1 Translate 2 Classify 1...

Page 193: ...iting can be one of Disable No Egress rewrite Enable Rewrite enabled without remapping Remap DSCP from analyzer is remapped and frame is remarked with remapped DSCP value Buttons Save Click to save ch...

Page 194: ...pported DSCP values are 64 Trust Controls whether a specific DSCP value is trusted Only frames with trusted DSCP values are mapped to a specific QoS class and Drop Precedence Level Frames with untrust...

Page 195: ...lated to new DSCP before using the DSCP for QoS class and DPL map There are two configuration parameters for DSCP Translation 1 Translate 2 Classify 1 Translate DSCP at Ingress side can be translated...

Page 196: ...to configure the mapping of QoS class to DSCP value The settings relate to the currently selected stack unit as reflected by the page header QoS Class Actual QoS class DSCP Select the classified DSCP...

Page 197: ...t The port number for which the configuration below applies Enabled Controls whether the storm control is enabled on this switch port Rate Controls the rate for the storm control The default value is...

Page 198: ...s whether RED is enabled for this queue Min Threshold Controls the lower RED threshold If the average queue filling level is below this threshold the drop probability is zero This value is restricted...

Page 199: ...level is 100 Frames marked with Drop Precedence Level 0 are never dropped Min Threshold is the average queue filling level where the queues randomly start dropping frames The drop probability for fram...

Page 200: ...t also known as ingress or source mirroring All frames transmitted on a given port also known as egress or destination mirroring Port to mirror to Port to mirror also known as the mirror port Frames f...

Page 201: ...ived are not mirrored Disabled Neither frames transmitted nor frames received are mirrored Enabled Frames received and frames transmitted are mirrored on the mirror port Note For a given port a frame...

Page 202: ...ation carried in SSDP packets is used to inform a control point or control points how often it or they should receive an SSDP advertisement message from this switch If a control point does not receive...

Page 203: ...20 in the units of centi seconds i e in units of one hundredth of a second The default is 20 Leave time is a value in the range 60 300 in the units of centi seconds i e in units of one hundredth of a...

Page 204: ...Port Config PoE Switch User Manual 204 3 1 22 2 GVRP Port Config This page allows you to enable a port for GVRP Button Save Click to save changes Reset Click to undo any changes made locally and reve...

Page 205: ...using the Web or CLI interface or through SNMP This read only field shows the owner of the current sFlow configuration and assumes values as follows If sFlow is currently unconfigured unclaimed Owner...

Page 206: ...lue that avoids fragmentation of the sFlow datagrams Valid range is 200 to 1468 bytes with default being 1400 bytes Port Configuration Port The port number for which the configuration below applies Fl...

Page 207: ...terval in seconds between counter poller samples Buttons Release See description under Owner Refresh Click to refresh the page Note that unsaved changes will be lost Save Click to save changes Note th...

Page 208: ...nfigured in Configuration System Information System Contact Name The system name configured in Configuration System Information System Name Location The system location configured in Configuration Sys...

Page 209: ...ation PoE Switch User Manual 209 Software Date The date when the switch software was produced Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 sec...

Page 210: ...20 samples are graphed and the last numbers are displayed as text as well In order to display the SVG graph your browser must support the SVG format Consult the SVG Wiki for more information on browse...

Page 211: ...he interface Type The address type of the entry This may be LINK or IPv4 Address The current address of the interface of the given type Status The status flags of the interface and or address IP Route...

Page 212: ...Management System IP Status PoE Switch User Manual 212 Buttons Refresh Click to refresh the page immediately Auto refresh Check this box to refresh the page automatically Automatic refresh occurs eve...

Page 213: ...e of the system log entry Message The message of the system log entry Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Updates the...

Page 214: ...stem log entry Message The detailed message of the system log entry Buttons Refresh Updates the system log entry to the current entry ID Updates the system log entry to the first available entry ID Up...

Page 215: ...r the port reflects the settings at the Port Power Savings configuration page LP EEE cap Shows if the link partner is EEE capable EEE In power save Shows if the system is currently saving power due to...

Page 216: ...is page provides an overview of the current switch port states The port states are illustrated as follows Status Disabled Down Link RJ45 ports SFP ports X2 ports Buttons Auto refresh Check this box to...

Page 217: ...umber of received and transmitted packets per port Bytes The number of received and transmitted bytes per port Errors The number of frames received in error and the number of incomplete transmissions...

Page 218: ...nit as reflected by the page header Port The logical port for the settings contained in the same row Qn There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received and...

Page 219: ...ive and transmit the size counters for receive and transmit and the error counters for receive and transmit Receive Total and Transmit Total Rx and Tx Packets The number of received and transmitted go...

Page 220: ...egress congestion Rx CRC Alignment The number of frames received with CRC or alignment errors Rx Undersize The number of short 1 frames received with valid CRC Rx Oversize The number of long 2 frames...

Page 221: ...ns Refresh Click to refresh the page immediately Clear Clears the counters for the selected port Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds...

Page 222: ...databases Pool Number of pools Excluded IP Address Number of excluded IP address ranges Declined IP Address Number of seclined IP addresses Binding Counters Display counters of various databases Auto...

Page 223: ...mber of DHCP RELEASE messages received INFORM Number of DHCP INFORM messages received DHCP Message Sent Counters Display counters of DHCP messages sent by DHCP server OFFER Number of DHCP OFFER messag...

Page 224: ...er ID Server IP address to service the binding Buttons Refresh Click to refresh the page immediately Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seco...

Page 225: ...This page displays declined IP addresses Declined IP Addresses Display IP addresses declined by DHCP clients Declined IP List of IP addresses declined Buttons Auto refresh Check this box to refresh t...

Page 226: ...lds allows the user to select the starting point in the Dynamic DHCP snooping Table Clicking the Refresh button will update the displayed table starting from that or the closest next Dynamic DHCP snoo...

Page 227: ...e automatically Automatic refresh occurs every 3 seconds Refresh Refreshes the displayed table starting from the input fields Clear Flushes all dynamic entries Updates the table starting from the firs...

Page 228: ...d without agent information options Receive Missing Circuit ID The number of packets received with the Circuit ID option missing Receive Missing Remote ID The number of packets received with the Remot...

Page 229: ...eplaced with relay agent information option Keep Agent Option The number of packets whose relay agent information was retained Drop Agent Option The number of packets that were dropped which were rece...

Page 230: ...ckets received and transmitted Rx and Tx Request The number of request option 53 with value 3 packets received and transmitted Rx and Tx Decline The number of decline option 53 with value 4 packets re...

Page 231: ...on 53 with value 13 packets received and transmitted Rx Discarded checksum error The number of discard packet that IP UDP checksum is error Rx Discarded from Untrusted The number of discarded packet t...

Page 232: ...Received Packets Number of received packets from the interface when access management mode is enabled Allowed Packets Number of allowed packets from the interface when access management mode is enabl...

Page 233: ...resses are passed on to the port security module which in turn asks all user modules whether to allow this new MAC address to forward or block it For a MAC address to be set in the forwarding state al...

Page 234: ...sing the Port Security service Ready The Port Security service is in use by at least one user module and is awaiting frames from unknown MAC addresses to arrive Limit Reached The Port Security service...

Page 235: ...t Security Network Port Security Switch PoE Switch User Manual 235 Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refre...

Page 236: ...port If no MAC addresses are learned a single row stating No MAC addresses attached is displayed State Indicates whether the corresponding MAC address is blocked or forwarding In the blocked state it...

Page 237: ...on of possible values Port State The current state of the port Refer to NAS Port State for a description of the individual states Last Source The source MAC address carried in the most recently receiv...

Page 238: ...Port VLAN ID is not overridden by NAS If the VLAN ID is assigned by the RADIUS server RADIUS assigned is appended to the VLAN ID Read more about RADIUS assigned VLANs here If the port is moved to the...

Page 239: ...r Port State Admin State The port s current administrative state Refer to NAS Admin State for a description of possible values Port State The current state of the port Refer to NAS Port State for a de...

Page 240: ...work NAS Port PoE Switch User Manual 240 Port Counters EAPOL Counters These supplicant frame counters are available for the following administrative states Force Authorized Force Unauthorized Port bas...

Page 241: ...ecurity Network NAS Port PoE Switch User Manual 241 Backend Server Counters These backend RADIUS frame counters are available for the following administrative states Port based 802 1X Single 802 1X Mu...

Page 242: ...llowing administrative states Multi 802 1X MAC based Auth The table is identical to and is placed next to the Port Counters table and will be empty if no MAC address is currently selected To populate...

Page 243: ...successfully authenticated the client it is unauthenticated If an authentication fails for one or the other reason the client will remain in the unauthenticated state for Hold Time seconds Last Authe...

Page 244: ...ll match any frame type EType The ACE will match Ethernet Type frames Note that an Ethernet Type based ACE will not get matched by IP and ARP frames ARP The ACE will match ARP RARP frames IPv4 The ACE...

Page 245: ...nter indicates the number of times the ACE was hit by a frame Conflict Indicates the hardware status of the specific ACE The specific ACE is not applied to the hardware due to hardware limitations But...

Page 246: ...AN MAC address and IP address input fields allow the user to select the starting point in the Dynamic ARP Inspection Table Clicking the Refresh button will update the displayed table starting from tha...

Page 247: ...he page automatically Automatic refresh occurs every 3 seconds Refresh Refreshes the displayed table starting from the input fields Clear Flushes all dynamic entries Updates the table starting from th...

Page 248: ...c IP Source Guard Table Clicking the Refresh button will update the displayed table starting from that or the closest next Dynamic IP Source Guard Table match In addition the two input fields will upo...

Page 249: ...P Source Guard PoE Switch User Manual 249 Clear Flushes all dynamic entries Updates the table starting from the first entry in the Dynamic IP Source Guard Table Updates the table starting with the ent...

Page 250: ...ld takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up a...

Page 251: ...P communication is up and running and the RADIUS module is ready to accept accounting attempts Dead X seconds left Accounting attempts were made to this server but it did not reply within the configur...

Page 252: ...ics for a particular RADIUS server RADIUS Authentication Statistics The statistics map closely to those specified in RFC4668 RADIUS Authentication Client MIB Use the server select box to switch betwee...

Page 253: ...Chapter 3 Web Management Security AAA RADIUS Details PoE Switch User Manual 253...

Page 254: ...he server and the latest round trip time RADIUS Accounting Statistics The statistics map closely to those specified in RFC4670 RADIUS Accounting Client MIB Use the server select box to switch between...

Page 255: ...ound trip time Buttons The server select box determines which server is affected by clicking the buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3...

Page 256: ...ayed table starting from that or the next closest Statistics table match The button will use the last entry of the currently displayed entry as a basis for the next lookup When the end is reached the...

Page 257: ...CRC Jabb The number of frames which size is larger than 64 octets received with invalid CRC Coll The best estimate of the total number of collisions on this Ethernet segment 64 The total number of pac...

Page 258: ...s box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately Updates the table starting from the first entry in the Statistics table i...

Page 259: ...h The will use the last entry of the currently displayed entry as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the button to start o...

Page 260: ...of frames which size is less than 64 octets received with invalid CRC Jabb The number of frames which size is larger than 64 octets received with invalid CRC Coll The best estimate of the total numbe...

Page 261: ...ayed table starting from that or the next closest Alarm table match The will use the last entry of the currently displayed entry as a basis for the next lookup When the end is reached the text No more...

Page 262: ...t index Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately Updates the table starting from the...

Page 263: ...tton will update the displayed table starting from that or the next closest Event table match The will use the last entry of the currently displayed entry as a basis for the next lookup When the end i...

Page 264: ...id and for GLAGs as aggr id Partner System ID The system ID MAC address of the aggregation partner Partner Key The Key that the partner has assigned to this aggregation ID Last changed The time since...

Page 265: ...up but will join if other port leaves Meanwhile it s LACP status is disabled Key The key assigned to this port Only ports with the same key can aggregate together Aggr ID The Aggregation ID assigned t...

Page 266: ...umber LACP Received Shows how many LACP frames have been received at each port LACP Transmitted Shows how many LACP frames have been sent from each port Discarded Shows how many unknown or illegal LAC...

Page 267: ...n The currently configured port action Transmit The currently configured port transmit mode Loops The number of loops detected on this port Status The current loop protection status of the port Loop W...

Page 268: ...The Bridge ID of this Bridge instance Root ID The Bridge ID of the currently elected root bridge Root Port The switch port currently assigned the root port role Root Cost Root Path Cost For the Root B...

Page 269: ...ansmitted on the port STP The number of legacy STP Configuration BPDU s received transmitted on the port TCN The number of legacy Topology Change Notification BPDU s received transmitted on the port D...

Page 270: ...d transmitted on the port STP The number of legacy STP Configuration BPDU s received transmitted on the port TCN The number of legacy Topology Change Notification BPDU s received transmitted on the po...

Page 271: ...number of Transmitted Queries for IGMP and MLD respectively IGMPv1 Joins Received The number of Received IGMPv1 Join s IGMPv2 MLDv1 Report s Received The number of Received IGMPv2 Join s and MLDv1 Rep...

Page 272: ...ll update the displayed table starting from that or the closest next MVR Channels Groups Information Table match In addition the two input fields will upon a Refresh button click assume the value of t...

Page 273: ...ess input fields allow the user to select the starting point in the MVR SFM Information Table Clicking the Refresh button will update the displayed table starting from that or the closest next MVR SFM...

Page 274: ...rdware Filter Switch Indicates whether data plane destined to the specific group address from the source IPv4 IPv6 address could be handled by chip or not Buttons Auto refresh Automatic refresh occurs...

Page 275: ...r Version Working Querier Version currently Host Version Working Host Version currently Querier Status Shows the Querier status is ACTIVE or IDLE DISABLE denotes the specific interface is administrati...

Page 276: ...er Static denotes the specific port is configured to be a router port Dynamic denotes the specific port is learnt to be a router port Both denote the specific port is configured or learnt to be a rout...

Page 277: ...the displayed table starting from that or the closest next IGMP Group Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowi...

Page 278: ...nd group input fields allow the user to select the starting point in the IGMP SFM Information Table Clicking the Refresh button will update the displayed table starting from that or the closest next I...

Page 279: ...e destined to the specific group address from the source IPv4 address could be handled by chip or not Buttons Auto refresh Automatic refresh occurs every 3 seconds Refresh Refreshes the displayed tabl...

Page 280: ...ost Version currently Querier Status Shows the Querier status is ACTIVE or IDLE DISABLE denotes the specific interface is administratively disabled Queries Transmitted The number of Transmitted Querie...

Page 281: ...tes the specific port is learnt to be a router port Both denote the specific port is configured or learnt to be a router port Port Switch port number Status Indicate whether specific port is a router...

Page 282: ...displayed table starting from that or the closest next MLD Group Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing f...

Page 283: ...beginning of the MLD SFM Information Table The Start from VLAN and group input fields allow the user to select the starting point in the MLD SFM Information Table Clicking the Refresh button will upda...

Page 284: ...Allow or Deny Hardware Filter Switch Indicates whether data plane destined to the specific group address from the source IPv6 address could be handled by chip or not Buttons Auto refresh Automatic re...

Page 285: ...on of the neighbour s LLDP frames Port ID The Port ID is the identification of the neighbour port Port Description Port Description is the port description advertised by the neighbour unit System Name...

Page 286: ...neighbour unit s address that is used for higher layer entities to assist discovery by the network management This could for instance hold the neighbour s IP address Buttons Auto refresh Check this b...

Page 287: ...1 Bridge 3 IEEE 802 3 Repeater included for historical reasons 4 IEEE 802 11 Wireless Access Point 5 Any device that supports the IEEE 802 1AB and MED extensions defined by TIA 1057 and can relay IEEE...

Page 288: ...ategories expected to adhere to this class include but are not limited to Voice Media Gateways Conference Bridges Media Servers and similar Discovery services defined in this class include media type...

Page 289: ...ice services 4 Guest Voice Signaling for use in network topologies that require a different policy for the guest voice Signaling than for the guest voice media 5 Softphone Voice for use by softphone a...

Page 290: ...ority Priority is the Layer 2 priority to be used for the specified application type One of the eight priority levels 0 through 7 DSCP DSCP is the DSCP value to be used to provide Diffserv node behavi...

Page 291: ...r Source or its Backup Power Source it is indicated as Unknown If the device is a PD device it can either run on its local power supply or it can use the PSE as power source It can also use both its l...

Page 292: ...nagement LLDP PoE PoE Switch User Manual 292 is represented as reserved Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to...

Page 293: ...ike the transmitter to hold off to allow time for the receiver to wake from sleep Fallback Receive Tw The link partner s fallback receive Tw A receiving link partner may inform the transmitter of an a...

Page 294: ...resolved Rx Tw for this link Note NOT the link partner The resolved value that is the actual tx wakeup time used for this link based on EEE information exchanged via LLDP EEE in Sync Shows whether the...

Page 295: ...Added Shows the number of new entries added since switch reboot Total Neighbours Entries Deleted Shows the number of new entries deleted since switch reboot Total Neighbours Entries Dropped Shows the...

Page 296: ...rame can contain multiple pieces of information known as TLVs TLV is short for Type Length Value If a TLV is malformed it is counted and discarded TLVs Unrecognized The number of well formed TLVs but...

Page 297: ...lass shows the PDs class Five Classes are defined Class 0 Max power 15 4 W Class 1 Max power 4 0 W Class 2 Max power 7 0 W Class 3 Max power 15 4 W Class 4 Max power 30 0 W Power Requested The Power R...

Page 298: ...d OFF Power budget exceeded The total requested or used power by the PDs exceeds the maximum power the Power Supply can deliver and port s with the lowest priority is are powered down No PD detected N...

Page 299: ...address and VLAN input fields allow the user to select the starting point in the MAC Table Clicking the Refresh button will update the displayed table starting from that or the closest next MAC Table...

Page 300: ...occurs every 3 seconds Refresh Refreshes the displayed table starting from the Start from MAC address and VLAN input fields Clear Flushes all dynamic entries Updates the table starting from the first...

Page 301: ...VLAN ID If a port is included in a VLAN the following image will be displayed If a port is in the forbidden port list the following image will be displayed If a port is in the forbidden port list and...

Page 302: ...eached the text No data exists for the selected user is shown in the table Use the button to start over Buttons Select VLAN Users from this drop down list Auto refresh Check this box to refresh the pa...

Page 303: ...es port based authentication which involves communications between a Supplicant Authenticator and an Authentication Server Voice VLAN Voice VLAN is a VLAN configured specially for voice traffic typica...

Page 304: ...all frames or only tagged frames This parameter affects VLAN ingress processing If the port only accepts tagged frames untagged frames received on that port are discarded Tx Tag Shows egress filtering...

Page 305: ...local management If sFlow is currently configured through SNMP Owner contains a string identifying the sFlow receiver IP Address Hostname The IP address or hostname of the sFlow receiver Timeout The...

Page 306: ...divided into Rx and Tx flow samples where Rx flow samples contains the number of packets that were sampled upon reception ingress on the port and Tx flow samples contains the number of packets that we...

Page 307: ...P header The page refreshes automatically until responses to all packets are received or until a timeout occurs PING server 10 10 132 20 56 bytes of data 64 bytes from 10 10 132 20 icmp_seq 0 time 0ms...

Page 308: ...Chapter 3 Web Management Diagnostics Ping PoE Switch User Manual 308 Buttons Start Click to start transmitting ICMP packets New Ping Click to re start diagnostics with PING...

Page 309: ...icmp_seq 0 time 0ms 64 bytes from 10 10 132 20 icmp_seq 1 time 0ms 64 bytes from 10 10 132 20 icmp_seq 2 time 0ms 64 bytes from 10 10 132 20 icmp_seq 3 time 0ms 64 bytes from 10 10 132 20 icmp_seq 4 t...

Page 310: ...wn while running VeriPHY Therefore running VeriPHY on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete The ports belong to the currently selected sta...

Page 311: ...Chapter 3 Web Management Diagnostics VeriPHY PoE Switch User Manual 311 Length The length in meters of the cable pair The resolution is 3 meters...

Page 312: ...g the PoE switch reset all settings except Switch s IP address back to default value updating switch firmware or upload download all system settings 3 4 1 Maintenance Restart Device You can restart th...

Page 313: ...restart is necessary Buttons Yes Click to reset the configuration to Factory Defaults No Click to return to the Port State page without resetting the configuration Note Restoring factory default can...

Page 314: ...button to choose the firmware file Update Click this button to start upload the firmware The system will inform you when the new firmware is uploaded to the switch After updating the firmware the swit...

Page 315: ...uration Save PoE Switch User Manual 315 3 4 3 Maintenance Configuration 3 4 3 1 Configuration Save You can save all the current setting values as a file in XML format Buttons Save Configuration Click...

Page 316: ...nagement Configuration Load PoE Switch User Manual 316 3 4 3 2 Configuration Load Buttons Choose File Click this button to choose the configuration file that you ve saved Upload Click to upload the co...

Page 317: ...ature changes even within the product s operating temperature range may cause malfunctions DO NOT install this product in a location near any sources of water or liquid DO NOT stack this product with...

Page 318: ...owing section will guide you to set the IP address properly in a Microsoft Windows 8 environment Setting IP address in other Microsoft operating system such as Windows Vista or Windows 7 is quite the...

Page 319: ...Switch User Manual 319 3 An Ethernet Status window will pop up Please click on the Properties button as shown in the figure down below 4 An Ethernet Properties window will pop up Please double click...

Page 320: ...hown in the figure down below By default your product s IP address should be 192 168 2 1 You can set any IP address as long as it s not the same with your product s IP address and is in the same netwo...

Page 321: ...e prioritized for the various situation In networking the ACL refers to a list of service ports or network services that are available on a host or server each with a list of hosts or servers permitte...

Page 322: ...ion Using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase the redundancy for higher availability ARP ARP is an acronym for Address Resolution Protocol...

Page 323: ...CP server ensures that all IP addresses are unique for example no IP address is assigned to a second client while the first client s assignment is valid its lease has not expired Therefore IP address...

Page 324: ...legitimate conversation between the DHCP client and server DNS DNS is an acronym for Domain Name System It stores and associates many types of information with domain names Most importantly DNS transl...

Page 325: ...sing applies to IGMP and MLD H HTTP HTTP is an acronym for Hypertext Transfer Protocol It is a protocol that used to transfer or convey information on the World Wide Web WWW HTTP defines how messages...

Page 326: ...or simple exchanges such as time stamp or echo transactions For example the PING command uses ICMP to test an Internet connection IEEE 802 1X IEEE 802 1X is an IEEE standard for port based Network Acc...

Page 327: ...et network IP is a best effort system which means that no packet of information sent over is assured to reach its destination in the same condition it was sent Each device connected to a Local Area Ne...

Page 328: ...standard protocol The Link Layer Discovery Protocol LLDP specified in this standard allows stations attached to an IEEE 802 LAN to advertise to other stations attached to the same IEEE 802 LAN the ma...

Page 329: ...C table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no frame with the corresponding SMAC address has been seen after a configurable age time Mirroring For debugg...

Page 330: ...le if the switch shall include the TLV in the LLDP frame These TLVs are known as optional TLVs If an optional TLVs is disabled the corresponding information is not included in the LLDP frame OUI OUI i...

Page 331: ...used for powering IP telephones wireless LAN access points and other equipment where it would be difficult or expensive to connect the equipment to main power supply Policer A policer can limit the ba...

Page 332: ...vide secure predictable measurable and sometimes guaranteed services Achieving the required QoS becomes the secret to a successful end to end business solution Therefore QoS is the set of techniques t...

Page 333: ...rotocol It is a text based protocol that uses the Transmission Control Protocol TCP and provides a mail service modeled on the FTP file transfer service SMTP transfers mail messages between systems an...

Page 334: ...r Terminal Acess Controller Access Control System Plus It is a networking protocol which provides access control for routers network access servers and other networked computing devices via one or mor...

Page 335: ...otocol UDP and provides file writing and reading but it does not provide directory service and security features ToS ToS is an acronym for Type of Service It is implemented as the IPv4 ToS priority co...

Page 336: ...it field storing the priority level for the 802 1Q frame It is also known as PCP V VLAN Virtual LAN A method to restrict communication between switch ports VLANs can be used for the following applicat...

Page 337: ...a 12 bit field specifying the VLAN to which the frame belongs Voice VLAN Voice VLAN is VLAN configured specially for voice traffic By adding the ports with voice devices attached to voice VLAN we can...

Page 338: ...Manual 338 Revision History Version Firmware Ver Date Remark Ver 2 1 2016 04 27 2016 04 28 1 Page 161 remove two chapters regarding to VLAN and add new descriptions regarding to the new VLAN setting w...

Reviews:

No comments

Related manuals for NGSME48T4H

D-Link DAP-1650 Quick Install Manual preview
DAP-1650
Brand: D-Link Pages: 16
D-Link DCH-G020 How-To preview
DCH-G020
Brand: D-Link Pages: 2
Cabletron Systems MMAC-Plus 9H423-26 Supplementary Manual preview
MMAC-Plus 9H423-26
Brand: Cabletron Systems Pages: 14
3Com Gigabit Switch 8 Specifications preview
Gigabit Switch 8
Brand: 3Com Pages: 2
3Com 3CR17251-91 - Switch 5500G-EI Stackable Gigabit... Getting Started Manual preview
3CR17251-91 - Switch 5500G-EI Stackable Gigabit...
Brand: 3Com Pages: 148
Cabletron Systems FN100 Reference Manual preview
FN100
Brand: Cabletron Systems Pages: 110
Kramer XL 1208V2 Specifications preview
XL 1208V2
Brand: Kramer Pages: 2
Gilat SkyEdge II-c Capricorn Pro 4 AC Series Installation Notes preview
SkyEdge II-c Capricorn Pro 4 AC Series
Brand: Gilat Pages: 2
Gefen EXT-DVI-441DL User Manual preview
EXT-DVI-441DL
Brand: Gefen Pages: 31
ORiNG IGS-1082GP Quick Installation Manual preview
IGS-1082GP
Brand: ORiNG Pages: 2
Theben TIMEGUARD WF10COM Installation & Operating Instructions Manual preview
TIMEGUARD WF10COM
Brand: Theben Pages: 35
hager TS 204 User Instruction preview
TS 204
Brand: hager Pages: 2
GE Digital Energy STS-400-25-3 Installation And Operating Manual preview
Digital Energy STS-400-25-3
Brand: GE Pages: 49
Ruby Tech GS-2108C User Manual preview
GS-2108C
Brand: Ruby Tech Pages: 254
Lancom GS-2326+ Installation Manual preview
GS-2326+
Brand: Lancom Pages: 21
Racal Instruments 1260-100 Manual preview
1260-100
Brand: Racal Instruments Pages: 53
Booma-RC Hidden Ignition Switch Manual preview
Hidden Ignition Switch
Brand: Booma-RC Pages: 16
Vertiv XTE PTS Series Description And Installation Manual preview
XTE PTS Series
Brand: Vertiv Pages: 24

Brands by name

Popular brands

Load more brands