Planet IGS-10020 User Manual Download Page 256

Page: 256 / 409

User’s Manual

256

The page includes the following fields:

Object

Description

•

Client

The management client for which the configuration below applies.

•

Authentication Method

Authentication Method can be set to one of the following values:

■

None

: authentication is disabled and login is not possible.

■

Local

: use the local user database on the switch stack for authentication.

■

RADIUS

: use a remote RADIUS server for authentication.

■

: use a remote server for authentication.

Methods that involves remote servers are timed out if the remote servers are

offline. In this case the next method is tried. Each method is tried from left to right

and continues until a method either approves or rejects a user. If a remote server

is used for primary authentication it is recommended to configure secondary

authentication as 'local'. This will enable the management client to login via the

local user database if none of the configured authentication servers are alive.

Buttons

: Click to apply changes

: Click to undo any changes made locally and revert to previously saved values.

4.11.3 Network Access Server Configuration

This page allows you to configure the IEEE 802.1X and MAC-based authentication system and port settings.

The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by

requiring users to first submit credentials for authentication. One or more central servers, the backend servers, determine

whether the user is allowed access to the network. These backend (RADIUS) servers are configured on the

"Configuration→Security→AAA" page. The IEEE802.1X standard defines port-based operation, but non-standard variants

overcome security limitations as shall be explored below.

MAC-based authentication allows for authentication of more than one user on the same port, and doesn't require the user to

have special 802.1X supplicant software installed on his system. The switch uses the user's MAC address to authenticate

against the backend server. Intruders can create counterfeit MAC addresses, which makes MAC-based authentication less

secure than 802.1X authentication. The NAS configuration consists of two sections, a system- and a port-wide. The Network

Access Server Configuration screen in

Figure 4-11-4

appears.

Summary of Contents for IGS-10020

Page 1: ...User s Manual...

Page 2: ...ide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not instal...

Page 3: ...2 1 6 Wiring the Digital Input Output 49 2 2 Installing the Industrial Managed Switch 51 2 2 1 Installation Steps 51 2 2 2 DIN rail Mounting 53 2 2 3 Wall Mount Plate Mounting 55 2 3 Cabling 56 2 3 1...

Page 4: ...put 96 4 2 17 Fault Alarm 98 4 2 18 Web Firmware Upgrade 99 4 2 19 TFTP Firmware Upgrade 100 4 2 20 Save Startup Config 101 4 2 21 Configuration Download 101 4 2 22 Configuration Upload 102 4 2 23 Con...

Page 5: ...Port Configuration 139 4 6 4 VLAN Membership Status 145 4 6 5 VLAN Port Status 146 4 6 6 Private VLAN 147 4 6 7 Port Isolation 149 4 6 8 VLAN setting example 151 4 6 8 1 Two Separate 802 1Q VLANs 151...

Page 6: ...00 4 8 16 MVR Multicast VLAN Registration 201 4 8 17 MVR Status 204 4 8 18 MVR Groups Information 205 4 8 19 MVR SFM Information 206 4 9 Quality of Service 207 4 9 1 Understanding QoS 207 4 9 2 Port P...

Page 7: ...w 278 4 11 9 RADIUS Details 280 4 11 10 Windows Platform RADIUS Server Configuration 286 4 11 11 802 1X Client Configuration 291 4 12 Security 294 4 12 1 Port Limit Control 294 4 12 2 Access Managemen...

Page 8: ...r Ethernet Configuration 343 4 16 4 Port Sequential 345 4 16 5 Port Configuration 346 4 16 6 PoE Status 348 4 16 7 PoE Schedule 350 4 16 8 LLDP PoE Neighbours 352 4 17 Loop Protection 354 4 17 1 Confi...

Page 9: ...Wizard 383 4 20 6 Ring Wizard Example 384 5 SWITCH OPERATION 387 5 1 Address Table 387 5 2 Learning 387 5 3 Forwarding Filtering 387 5 4 Store and Forward 387 5 5 Auto Negotiation 388 6 TROUBLESHOOTIN...

Page 10: ...aged Switch IGS 20160HPT Industrial 16 Port 10 100 1000T 802 3at PoE 2 Port 10 100 100T 2 Port 100 1000X SFP Managed Switch Industrial Managed Switch is used as an alternative name for the above model...

Page 11: ...tem into customer s industrial automation network to enhance system reliability and uptime in harsh factory environments In a certain simple Ring network the recovery time of data link can be as fast...

Page 12: ...nitor connected PD powered device status in real time via ping action Once the PD stops working and responding the Industrial Managed PoE Switch will recycle the PoE port power and bring the PD back t...

Page 13: ...witching and redundancy QoS traffic control network access control and authentication and Secure Management features to protect customer s industrial and building automation network connectivity with...

Page 14: ...eatures 100BASE FX and 1000BASE SX LX SFP Small Form factor Pluggable fiber optic modules meaning the administrator now can flexibly choose the suitable SFP transceiver according to the transmission d...

Page 15: ...of the Industrial Managed Switch Section 4 WEB CONFIGURATION The section explains how to manage the Industrial Managed Switch by Web interface Section 5 SWITCH OPERATION The chapter explains how to d...

Page 16: ...PoE power budget control Per port PoE function enable disable PoE admin mode control PoE port power feeding priority Per PoE port power limit PD classification detection Intelligent PoE features Temp...

Page 17: ...g of the incoming or outgoing traffic on a particular port Loop protection to avoid broadcast loops Supports E R P S Ethernet Ring Protection Switching IEEE 1588 and synchronous Ethernet network timin...

Page 18: ...tack management Switch Management Interfaces Console Telnet Command Line Interface Web switch management SNMP v1 and v2c switch management SSH SSL and SNMP v3 secure access IPv6 IP address NTP DNS man...

Page 19: ...e 8K entries automatic source address learning and ageing 8K entries automatic source address learning and ageing 8K entries automatic source address learning and ageing Shared Data Buffer 512 kilobyt...

Page 20: ...tem on 17 watts 57BTU Full loading LED Indicator System Power 1 Green Power 2 Green Fault Alarm Green Ring Green R O Green Per 10 100 1000T RJ45 Port 1000 LNK ACT Green 10 100 LNK ACT Orange Per SFP I...

Page 21: ...r 3 Functions IP Interfaces Max 8 VLAN interfaces Routing Table Max 32 routing entries Routing Protocols IPv4 software static routing IPv6 software static routing Standards Conformance Regulatory Comp...

Page 22: ...Bridge MIB RFC 1643 Ethernet MIB RFC 2863 Interface MIB RFC 2665 Ether Like MIB RFC 2819 RMON MIB Group 1 2 3 and 9 RFC 2737 Entity MIB RFC 2618 RADIUS Client MIB RFC 2933 IGMP STD MIB RFC 3411 SNMP F...

Page 23: ...tes 29 7Mpps 64Bytes Address Table 8K entries automatic source address learning and ageing Shared Data Buffer 4Mbits Flow Control IEEE 802 3x pause frame for full duplex Back pressure for half duplex...

Page 24: ...get 130W maximum depending on power input 270W maximum depending on power input 320W maximum depending on power input Max number of Class 2 PDs 8 16 Max number of Class 3 PDs 8 16 Max number of Class...

Page 25: ...ting Table Max 32 routing entries Routing Protocols IPv4 software static routing IPv6 software static routing Standards Conformance Regulatory Compliance FCC Part 15 Class A CE Stability Testing IEC60...

Page 26: ...1493 Bridge MIB RFC 1643 Ethernet MIB RFC 2863 Interface MIB RFC 2665 Ether Like MIB RFC 2819 RMON MIB Group 1 2 3 and 9 RFC 2737 Entity MIB RFC 2618 RADIUS Client MIB RFC 2933 IGMP STD MIB RFC 3411 S...

Page 27: ...and wall mount kit Connector Removable 6 pin terminal block for power input Pin 1 2 for Power 1 Pin 3 4 for fault alarm Pin 5 6 for Power 2 Alarm One relay output for power failure Alarm Relay curren...

Page 28: ...support MLD Snooping MLD v1 v2 Snooping up to 255 multicast Groups MLD Querier mode support Access Control List IP based ACL MAC based ACL Up to 256 entries Bandwidth Control Per port bandwidth contro...

Page 29: ...P version 3 RFC 2710 MLD version 1 FRC 3810 MLD version 2 SNMP MIBs RFC 1213 MIB II IF MIB RFC 1493 Bridge MIB RFC 1643 Ethernet MIB RFC 2863 Interface MIB RFC 2665 Ether Like MIB RFC 2737 Entity MIB...

Page 30: ...es the hardware features of Industrial Managed Switch For easier management and control of the Industrial Managed Switch familiarize yourself with its display indicators and ports Front panel illustra...

Page 31: ...User s Manual 31 IGS 10020PT IGS 10020PT Dimensions W x D x H 72 x 107 x 152mm...

Page 32: ...User s Manual 32 IGS 10020HPT IGS 10020HPT Dimensions W x D x H 72 x 107 x 152mm...

Page 33: ...User s Manual 33 IGS 10080MFT IGS 10080MFT Dimensions W x D x H 72 x 107x 152mm...

Page 34: ...User s Manual 34 IGS 12040MT IGS 12040MT Dimensions W x D x H 72 x 107 x 152mm...

Page 35: ...User s Manual 35 IGS 20040MT IGS 20040MT Dimensions W x D x H 72 x 107 x 152mm...

Page 36: ...User s Manual 36 IGS 20160HPT IGS 20160HPT Dimensions W x D x H 84 x 107 x 152mm...

Page 37: ...User s Manual 37 2 1 2 Front Panel IGS 10020MT IGS 10020PT IGS 10020HPT Figure 2 1 IGS 10020MT Switch Front Panel Figure 2 2 IGS 10020PT Switch Front Panel Figure 2 3 IGS 10020HPT Switch Front Panel...

Page 38: ...User s Manual 38 IGS 100080MFT IGS 12040MT IGS 20040MT Figure 2 4 IGS 10080MFT Switch Front Panel Figure 2 5 IGS 12040MT Switch Front Panel Figure 2 6 IGS 20040MT Switch Front Panel...

Page 39: ...r Console Port The console port is an RJ45 port connector It is an interface for connecting a terminal directly Through the console port it provides rich diagnostic information including IP address se...

Page 40: ...rning off and on the power The following is the summary table of reset button functions IGS 10020MT IGS 10020PT IGS 10020HPT IGS 20160HPT Figure 2 8 IGS 10020MT Reset Button Figure 2 9 IGS 10020PT IGS...

Page 41: ...as power P2 Green Indicates power 2 has power Fault Green Indicates either power 1 or power 2 has no power Ring On Indicates the ERPS Ring has been created successfully Off Indicates the ERPS Ring has...

Page 42: ...essfully R O Green Lights to indicate that the Ring Owner has been enabled Per 10 100 1000Mbps Port with PoE LED Color Function 10 100 1000 LNK ACT Green Lights to indicate the port is running in 10 1...

Page 43: ...ort is successfully established Blinks Indicates that the Switch is actively sending or receiving data over that port 1000 Orange Lights Indicates that the port is successfully connecting to the netwo...

Page 44: ...ablished Blinks Indicates that the switch is actively sending or receiving data over that port 10 100 LNK ACT Orange Lights Indicates the port is running in 10 100Mbps speed and successfully establish...

Page 45: ...naged Switch comes with a DC inlet power socket and one terminal block connector with 6 contacts 1 Insert positive negative DC power wires into contacts 1 and 2 for DC Power 1 or 5 and 6 for DC Power...

Page 46: ...User s Manual 46 Figure 2 16 IGS 10080MFT Upper Panel Figure 2 17 IGS 12040MT Upper Panel...

Page 47: ...User s Manual 47 Figure 2 18 IGS 20040MT Upper Panel Figure 2 19 IGS 20160HPT Upper Panel...

Page 48: ...2 5 DC 48V IGS 10020HPT Pin 1 5 Pin 2 6 DC 48V IGS 10080MFT Pin 1 5 Pin 2 6 DC 12 48V AC 24V IGS 12040MT Pin 1 5 Pin 2 6 DC 12 72V AC 24V IGS 20040MT Pin 1 5 Pin 2 6 DC 9 48V AC 24V IGS 20160HPT Pin 1...

Page 49: ...ontacts 1 The wire gauge for the terminal block should be in the range of 12 24 AWG 2 When performing any of the procedures like inserting the wires or tightening the wire clamp screws make sure the p...

Page 50: ...osening 1 2 3 4 5 6 DI0 DI1 DO0 DO1 GND GND Figure 2 22 6 pin Terminal Block for DI and DO Wiring Input 3 There are two Digital Input groups for you to monitor two different devices The following topo...

Page 51: ...ial Managed Switch and the installation points attended to it 2 2 1 Installation Steps 1 Unpack the Industrial Managed Switch 2 Check if the DIN Rail is screwed on the Industrial Managed Switch or not...

Page 52: ...rver The UTP port RJ45 LED on the Industrial Managed Switch will light up when the cable is connected with the network device Please refer to the LED Indicators section for LED light indication Make s...

Page 53: ...the Industrial Managed Switch DIN rail mounting and wall mount plate mounting Please read the following topics and perform the procedures in the order being presented Follow all the DIN rail installat...

Page 54: ...ual 54 Step 3 Check whether the DIN rail is tightly on the track Please refer to the following procedures to remove the Industrial Managed Switch from the track Step 4 Lightly remove the DIN rail from...

Page 55: ...Industrial Managed Switch Use the screwdriver to loosen the screws to remove the DIN rail Step 2 Place the wall mount plate on the rear panel of the Industrial Managed Switch Step 3 Use the screwdrive...

Page 56: ...f unshielded twisted pair cable UTP The IEEE 802 3 802 3u 802 3ab Fast Gigabit Ethernet standard requires Category 5 UTP for 100Mbps 100BASE TX 10BASE T networks can use Cat 3 4 5 or 1000BASE T use 5...

Page 57: ...mode with both single mode and multi mode SFP transceivers The following list of approved PLANET SFP transceivers is correct at the time of publication Fast Ethernet Transceiver 100BASE X SFP Model Sp...

Page 58: ...ngle Mode 10km 1310nm 40 75 degrees C MGB TL30 1000 LC Single Mode 30km 1310nm 40 75 degrees C MGB TL70 1000 LC Single Mode 70km 1550nm 40 75 degrees C Gigabit Ethernet Transceiver 1000BASE BX Single...

Page 59: ...ation or a media converter 3 Check the LNK ACT LED of the SFP slot on the front of the Industrial Managed Switch Ensure that the SFP transceiver is operating correctly 100BASE FX Before connecting the...

Page 60: ...able to disable the port in advance 2 Remove the fiber optic cable gently 3 Turn the lever of the MGB MFB module to a horizontal position 4 Pull out the module gently through the lever Figure 2 26 Pul...

Page 61: ...verview Remote Telnet Access Web Management Access SNMP Access Standards Protocols and Related Reading 3 1 Requirements Workstation running Windows XP 2003 Vista Windows 7 8 10 MAC OS X Linux Fedora U...

Page 62: ...Must be near the switch or use dial up connection Not convenient for remote users Modem connection may prove to be unreliable or slow Remote Telnet Text based Telnet functionality built into Windows X...

Page 63: ...emote telnet interface from personal computer or workstation in the same Ethernet environment as long as you know the current IP address of the Industrial Managed Switch Direct Access Direct access to...

Page 64: ...ciated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator Remot...

Page 65: ...the Industrial Managed Switch you can access the Industrial Managed Switch s Web interface applications directly in your Web browser by entering the IP address of the Industrial Managed Switch Figure...

Page 66: ...ial Managed Switch and the SNMP Network Management Station to use the same community string This management method in fact uses two community strings the get community string and the set community str...

Page 67: ...rt Discovery Utility 1 Open the Planet Smart Discovery Utility in administrator PC 2 Run this utility and the following screen appears Figure 3 6 Planet Smart Discovery Utility Screen If there are two...

Page 68: ...shown below Update Device Use the current setting on one single device Update Multi Use the current setting on choose multi devices Update All Use the current setting on whole devices in the list The...

Page 69: ...s The Industrial Managed Switch can be configured through an Ethernet connection making sure the manager PC must be set on same the IP subnet address with the Industrial Managed Switch For example the...

Page 70: ...appears Figure 4 1 2 Login Screen Default User name admin Default Password admin After entering the username and password the main screen appears as Figure 4 1 3 Figure 4 1 3 Default Main page Now you...

Page 71: ...naged Switch 2 The changed IP address takes effect immediately after clicking on the Save button From now on you need to use the new IP address to access the Internet 3 For security reason please chan...

Page 72: ...h s Web browser interface to configure and manage it Figure 4 1 4 Main page Panel Display The web agent displays an image of the Industrial Managed Switch s ports The Mode can be set to display differ...

Page 73: ...Industrial Managed Switch and all its ports or monitor network conditions Via the Web Management the administrator can set up the Industrial Managed Switch by selecting the functions those listed in t...

Page 74: ...G graph System Log The Managed Switch system log information is provided here Detailed Log The Managed Switch system detailed log information is provided here Remote Syslog Configure remote syslog on...

Page 75: ...me Location The system location configured in Configuration System Information System Location MAC Address The MAC Address of this Industrial Managed Switch Power Power 1 and Power 2 ON OFF Status dis...

Page 76: ...ive IP configuration Object Description IP Configurations Mode Configure whether the IP stack should act as a Host or a Router In Host mode IP traffic between interfaces will not be routed In Router m...

Page 77: ...tween 0 and 30 bits for an IPv4 address IPv6 Address Provide the IP address of this Industrial Managed Switch An IPv6 address is in 128 bit records represented as eight fields of up to four hexadecima...

Page 78: ...e of the entry This may be LINK or IPv4 Address The current address of the interface of the given type Status The status flags of the interface and or address IP Routes Network The destination IP netw...

Page 79: ...e allowed range is 1 to 15 If the privilege level value is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level...

Page 80: ...rivilege level value is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level User s privilege should be same or...

Page 81: ...e new user entry is shown on the Users Configuration page Figure 4 2 6 User Configuration page Screenshot If you forget the new password after changing the default password please press the Reset butt...

Page 82: ...overview of the privilege levels After setup is completed please press the Apply button to take effect Please login web interface with new user name and password and the screen in Figure 4 2 7 appear...

Page 83: ...PS SSH ARP Inspection and IP source guard IP Everything except ping Port Everything except VeriPHY Diagnostics ping and VeriPHY Maintenance CLI System Reboot System Restore Default System Password Con...

Page 84: ...ration the agent forward and to transfer NTP messages between the clients and the server when they are not on the same subnet domain Disabled Disable NTP mode operation Server Provide the NTP IPv4 or...

Page 85: ...2 9 Time Configuration page Screenshot The page includes the following fields Object Description Time Zone Lists various Time Zones worldwide Select appropriate Time Zone from the drop down menu and...

Page 86: ...s Select the ending hour Minutes Select the ending minute Offset Settings Enter the number of minutes to add during Daylight Saving Time Range 1 to 1440 Buttons Click to apply changes Click to undo an...

Page 87: ...the implementation the switch sends SSDP messages periodically at the interval one half of the advertising duration minus 30 seconds Valid values are in the range 100 to 86400 Buttons Click to apply c...

Page 88: ...ame subnet domain And the DHCP broadcast message won t flood for security considered Disabled Disable DHCP relay mode operation Relay Server Indicates the DHCP relay server IP address A DHCP relay age...

Page 89: ...atistics This page provides statistics for DHCP relay The DHCP Relay Statistics screen in Figure 4 2 12 appears Figure 4 2 12 DHCP Relay Statistics page Screenshot The page includes the following fiel...

Page 90: ...er that is erroneously sent to servers Receive from Client The packets number that is received from server Receive Agent Option The packets number that is received with relay agent information option...

Page 91: ...ort the SVG format Consult the SVG Wiki for more information on browser support Specifically at the time of writing Microsoft Internet Explorer will need to have a plugin installed to support SVG The...

Page 92: ...ystem log Error Error level of the system log All All levels Clear Level To clear the system log entry level The following level types are supported Info Information level of the system log Warning Wa...

Page 93: ...Log screen in Figure 4 2 15 appears Figure 4 2 15 Detailed Log page Screenshot The page includes the following fields Object Description ID The ID 1 of the system log entry Message The message of the...

Page 94: ...er since UDP is a connectionless protocol and it does not provide acknowledgments The syslog packet will always be sent out even if the syslog server does not exist Possible modes are Enabled Enable r...

Page 95: ...rols whether SMTP Authentication is enabled If authentication is required when an e mail is sent Authentication User Name Type the user name for the SMTP server if Authentication is Enable Authenticat...

Page 96: ...re 4 2 18 Windows File Selection Menu Popup The page includes the following fields Object Description Enable Check the Enable checkbox to enable Digital Input output function Uncheck the Enable checkb...

Page 97: ...via them As Digital Output Allows user to monitor an alarm from port failure power failure Digital Input 0 DI 0 and Digital Input 1 DI 1 which means if Digital Output has detected these events then D...

Page 98: ...bject Description Enable Controls whether Fault Alarm is enabled on this switch Record Controls whether Record is sending System log or SNMP Trap or both Action Controls whether Port Fail or Power Fai...

Page 99: ...ould pop up the file selection menu to choose firmware 4 Select on the firmware then click the Software Upload Progress would show the file with upload status 5 Once the software is loaded to the syst...

Page 100: ...appears Figure 4 2 22 TFTP Firmware Update page Screenshot The page includes the following fields Object Description TFTP Server IP Fill in your TFTP server IP address Firmware File Name The name of...

Page 101: ...based or stored in flash on the switch There are three system files running config A virtual file that represents the currently active configuration on the switch This file is volatile startup config...

Page 102: ...nt configuration is fully replaced with the configuration in the uploaded file Merge mode The uploaded file is merged into running config If the file system is full i e contains the three system files...

Page 103: ...e 4 2 28 Configuration Delete page Screenshot 4 2 25 Image Select This page provides information about the active and alternate backup firmware images in the device and allows you to revert to the alt...

Page 104: ...the firmware image Date The date where the firmware was produced Buttons Click to use the alternate image This button may be disabled depending on system state 4 2 26 Factory Default You can reset th...

Page 105: ...Reboot page enables the device to be rebooted from a remote location Once the Reboot button is pressed users have to re login the Web interface for about 60 seconds later as the System Reboot screen...

Page 106: ...plays substantial memory and abundant disk space At least one NMS must be present in each managed environment Agents Agents are software modules that reside in network elements They collect and store...

Page 107: ...anaged Switch s SNMP function This section has the following items System Configuration Configure SNMP on this page Trap Configuration Configure SNMP trap on this page System Information The system in...

Page 108: ...2c community string In addition to community string a particular range of source addresses can be used to restrict source subnet Write Community Indicates the community write access string to permit a...

Page 109: ...nfiguration s name for configuring The allowed string length is 0 to 255 and the allowed content is ASCII characters from 33 to 126 Trap Mode Indicates the SNMP trap mode operation Possible modes are...

Page 110: ...urity Engine ID Indicates the SNMP trap security engine ID SNMPv3 sends traps and informs using USM for authentication and privacy A unique engine ID for these traps and informs is needed When Trap Pr...

Page 111: ...and the allowed content is the ASCII characters from 32 to 126 System Name An administratively assigned name for this managed node By convention this is the node s fully qualified domain name A domai...

Page 112: ...s the community access string to permit access to SNMPv3 agent The allowed string length is 1 to 32 and the allowed content is ASCII characters from 33 to 126 The community string will be treated as s...

Page 113: ...eys In a simple agent usmUserEngineID is always that agent s own snmpEngineID value The value can also take the value of the snmpEngineID of a remote SNMP engine with which this user can communicate I...

Page 114: ...ates the privacy protocol that this entry should belong to Possible privacy protocol are None None privacy protocol DES An optional flag to indicate that this user using DES authentication protocol AE...

Page 115: ...owed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Group Name A string identifying the group name that this entry should belong to The allowed string length i...

Page 116: ...subtree should be excluded In general if a view entry s view type is excluded it should be exist another view entry which view type is included and it s OID subtree overstep the excluded view entry OI...

Page 117: ...security model that this entry should belong to Possible security models are NoAuth NoPriv None authentication and none privacy Auth NoPriv Authentication and none privacy Auth Priv Authentication an...

Page 118: ...irror Sets the source and target ports for mirroring 4 4 1 Port Configuration This page displays current port configurations Ports can also be configured here The Port Configuration screen in Figure 4...

Page 119: ...tes whether pause frames on the port are obeyed and the Current Tx column indicates whether pause frames on the port are transmitted The Rx and Tx settings are determined by the result of the last Aut...

Page 120: ...ted packets per port Bytes The number of received and transmitted bytes per port Errors The number of frames received in error and the number of incomplete transmissions per port Drops The number of f...

Page 121: ...rt Statistics Port 1 page Screenshot The page includes the following fields Receive Total and Transmit Total Object Description Rx and Tx Packets The number of received and transmitted good and bad pa...

Page 122: ...number of long frames received with valid CRC Rx Fragments The number of short frames received with invalid CRC Rx Jabber The number of long frames received with invalid CRC Rx Filtered The number of...

Page 123: ...type of current SFP module the possible types are 1000BASE SX 1000BASE LX 100BASE FX Speed Display the speed of current SFP module the speed value or description is obtained from the SFP module Differ...

Page 124: ...anges made locally and revert to previously saved values Click to refresh the page immediately 4 4 5 Port Mirror Configure port Mirroring on this page This function provides monitoring network traffic...

Page 125: ...All frames received on a given port also known as ingress or source mirroring All frames transmitted on a given port also known as egress or destination mirroring Mirror Port Configuration The Port Mi...

Page 126: ...s transmitted are not mirrored Tx only Frames transmitted from this port are mirrored to the mirroring port Frames received are not mirrored Disabled Neither frames transmitted or frames received are...

Page 127: ...signed manually Port Trunk or automatically by enabling Link Aggregation Control Protocol LACP on the relevant links Aggregated Links are treated by the system as a single logical port Specifically th...

Page 128: ...eted from a VLAN The Spanning Tree Protocol will treat all the ports in a link aggregation as a whole Enable the link aggregation prior to connecting any cable between the switches to avoid creating a...

Page 129: ...r the frame Check to enable the use of the Source MAC address or uncheck to disable By default Source MAC Address is enabled Destination MAC Address The Destination MAC Address can be used to calculat...

Page 130: ...Members Each switch port is listed for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports bel...

Page 131: ...l set the key as appropriate by the physical link speed 10Mb 1 100Mb 2 1Gb 3 Using the Specific setting a user defined value can be entered Ports with the same Key value can participate in the same ag...

Page 132: ...ng fields Object Description Aggr ID The Aggregation ID associated with this aggregation instance For LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner System ID The system ID MAC...

Page 133: ...d or that the port link is down Backup means that the port could not join the aggregation group but will join if other port leaves Meanwhile it s LACP status is disabled Key The key assigned to this p...

Page 134: ...following fields Object Description Port The switch port number LACP Received Shows how many LACP frames have been sent from each port LACP Transmitted Shows how many LACP frames have been received at...

Page 135: ...used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing function between the VLAN 2 The Industrial Managed S...

Page 136: ...witch supports the following VLAN features Up to 255 VLANs based on the IEEE 802 1Q standard Port overlapping allowing a port to participate in multiple VLANs End stations can belong to multiple VLANs...

Page 137: ...ion originally contained in the packet is retained 802 1Q Tag User Priority CFI VLAN ID VID 3 bits 1 bit 12 bits TPID Tag Protocol Identifier TCI Tag Control Information 2 bytes 2 bytes Preamble Desti...

Page 138: ...to a tag aware device the packet should be tagged Default VLANs The Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to the defaul...

Page 139: ...stand nomenclature of the Switch IEEE 802 1Q Tagged and Untagged Every port on an 802 1Q compliant switch can be configured as tagged or untagged Tagged Ports with tagging enabled will put the VID num...

Page 140: ...could easily exceed the maximum VLAN limit of 4096 The Industrial Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge aggregating traffic fro...

Page 141: ...enabled More VLANs may be created by using a list syntax where the individual elements are separated by commas Ranges are specified with a dash separating the lower and upper bound The following examp...

Page 142: ...N that the port is not a member of are discarded By default all frames but frames classified to the Port VLAN a k a Native VLAN get tagged on egress Frames classified to the Port VLAN do not get C tag...

Page 143: ...ts classified to the Port VLAN If frames must be tagged on egress they will be tagged with an S tag S Custom Port On ingress frames with a VLAN tag with a TPID 0x8100 or equal to the Ethertype configu...

Page 144: ...is identical to the syntax used in the Enabled VLANs field By default a Trunk or Hybrid port will become member of all VLANs and is therefore set to 1 4095 The field may be left empty which means that...

Page 145: ...from IP phones MVR MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN Multicast traffic for all channels is sent only on a single multicast VLAN Port Member...

Page 146: ...n in Figure 4 6 5 appears Figure 4 6 5 VLAN Port Status for Static User page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in th...

Page 147: ...due to hardware limitation Direct conflict between user modules Buttons Select VLAN Users from this drop down list Auto refresh Check this box to refresh the page automatically Automatic refresh occur...

Page 148: ...ed Adding a New Private VLAN Click Add New Private VLAN to add a new private VLAN ID An empty row is added to the table and the private VLAN can be configured as needed The allowed range for a private...

Page 149: ...m of web servers in a Demilitarized Zone DMZ are allowed to communicate with the outside world and with database servers on the inside segment but are not allowed to communicate with each other For pr...

Page 150: ...is page is used for enabling or disabling port isolation on ports in a Private VLAN A port member of a VLAN can be isolated to other isolated ports on the same VLAN and Private VLAN The Port Isolation...

Page 151: ...arated VLAN Each VLAN isolate network traffic so only members of the VLAN receive traffic from the same VLAN members The screen in Figure 4 6 8 appears and Table 4 6 9 describes the port configuration...

Page 152: ...received the packet through Port 1 and Port 2 6 While the packet leaves Port 1 and Port 2 it will be stripped away it tag becoming an untagged packet Untagged packet entering VLAN 3 1 While PC 4 tran...

Page 153: ...of Port 4 6 to be VLAN3 3 Enable VLAN Tag for specific ports Link Type Port 3 VLAN 2 and Port 6 VLAN 3 Change Port 3 Mode as Trunk and select Egress Tagging as Tag All and Type 2 in the Allowed VLANs...

Page 154: ...thin the same VLAN group The screen in Figure 4 6 12 appears Figure 4 6 12 VLAN Trunking Diagram Setup steps 1 Add VLAN Group Add two VLANs VLAN 2 and VLAN 3 For Type 1 3 in Allowed Access VLANs colum...

Page 155: ...erlaps both VLAN 2 and VLAN 3 members 4 Assign the VLAN Trunk Port to be the member of each VLAN to be aggregated For this example add Port 7 to be VLAN 2 and VLAN 3 member port 5 Specify Port 7 to be...

Page 156: ...and promiscuous ports and the each PC is not able to access the isolated port of each other s PCs But they all need to access with the same server AP Printer This section will show you how to configu...

Page 157: ...6 17 Private VLAN Port Setting 4 6 9 MAC based VLAN The MAC based VLAN entries can be configured here This page allows for adding and deleting MAC based VLAN entries and assigning the entries to diff...

Page 158: ...ased VLAN entry can be configured as needed Any unicast MAC address can be configured for the MAC based VLAN entry No broadcast or multicast MAC addresses are allowed Legal values for a VLAN ID are 1...

Page 159: ...one of the following values 1 Ethernet 2 LLC 3 SNAP Note On changing the Frame type field valid value of the following text field will vary depending on the new frame type you selected Value Valid va...

Page 160: ...f PID will be any value from 0x0000 to 0xffff Group Name A valid Group Name is a unique 16 character long string for every entry which consists of a combination of alphabets a z or A Z and integers 0...

Page 161: ...mapping entry on this page VLAN ID Indicates the ID to which Group Name will be mapped A valid VLAN ID ranges from 1 4095 Port Members A row of check boxes for each port is displayed for each Group N...

Page 162: ...links at the time of a primary link failure is also accomplished automatically without operator intervention This automatic network reconfiguration provides maximum uptime to network users However th...

Page 163: ...t be ideal For instance connecting higher speed links to a port that has a higher number than the current root port can cause a root port change STP Port States The BPDUs take some time to pass throug...

Page 164: ...are forwarded from or received by STP enabled ports until the forwarding state is enabled for that port 2 STP Parameters STP Operation Levels The Switch allows for two levels of operation the switch...

Page 165: ...ures that the BPDU is discarded when its age exceeds the value of the maximum age timer 20 seconds Forward Delay Timer The amount time spent by a port in the learning and listening states waiting for...

Page 166: ...g the above parameters Max Age _ 2 x Forward Delay 1 second Max Age _ 2 x Hello Time 1 second Port Priority A Port Priority can be from 0 to 240 The lower the number the greater the probability the po...

Page 167: ...User s Manual 167 Figure 4 7 2 Before Applying the STA Rules In this example only the default STP values are used Figure 4 7 3 After Applying the STA Rules...

Page 168: ...ings The settings are used by all STP Bridge instances in the Switch or Switch Stack The Industrial Managed Switch support the following Spanning Tree protocols Compatibility Spanning Tree Protocol ST...

Page 169: ...mum 30 Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge Valid values are in the range 6 to 40 seconds Default 20 Minimum The higher of 6 or 2 x Hello Tim...

Page 170: ...trol packet Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 7 3 Bridge Status This page provides a status overview for all STP bridge inst...

Page 171: ...allows the user to inspect the current STP CIST port configurations and possibly change them as well The CIST Port Configuration screen in Figure 4 7 6 appears Figure 4 7 6 STP CIST Port Configuratio...

Page 172: ...re region of the network influence the spanning tree active topology possibly because those bridges are not under the full control of the administrator This feature is also known as Root Guard Restric...

Page 173: ...802 1w 2001 Ethernet 50 600 200 000 20 000 000 Fast Ethernet 10 60 20 000 2 000 000 Gigabit Ethernet 3 10 2 000 200 000 Table 4 7 1 Recommended STP Path Cost Range Port Type Link Type IEEE 802 1D 199...

Page 174: ...t The page includes the following fields Object Description MSTI The bridge instance The CIST is the default instance which is always active Priority Controls the bridge priority Lower numerical value...

Page 175: ...enshot The page includes the following fields Configuration Identification Object Description Configuration Name The name identifying the VLAN to MSTI mapping Bridges must share the name and revision...

Page 176: ...ows the user to inspect the current STP MSTI port configurations and possibly change them as well A MSTI port is a virtual port which is instantiated separately for each active CIST physical port for...

Page 177: ...k speed using the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost po...

Page 178: ...ds Object Description Port The switch port number of the logical STP port CIST Role The current STP port role of the ICST port The port role can be one of the following values AlternatePort BackupPort...

Page 179: ...ived transmitted on the port RSTP The number of RSTP Configuration BPDU s received transmitted on the port STP The number of legacy STP Configuration BPDU s received transmitted on the port TCN The nu...

Page 180: ...they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group for membe...

Page 181: ...User s Manual 181 Figure 4 8 2 Multicast Flooding Figure 4 8 3 IGMP Snooping Multicast Stream Control...

Page 182: ...p track of the membership of multicast groups on their respective sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A host sen...

Page 183: ...If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propagates the...

Page 184: ...during the next save Profile Name The name used for indexing the profile table Each entry has the unique name which is composed of at maximum 16 alphabetic and numeric characters At least one alphabet...

Page 185: ...6 appears Figure 4 8 6 IPMC Profile Address Configuration page The page includes the following fields Object Description Delete Check to delete the entry The designated entry will be deleted during t...

Page 186: ...y after the last entry currently displayed 4 8 4 IGMP Snooping Configuration This page provides IGMP Snooping related configuration The IGMP Snooping Configuration screen in Figure 4 8 7 appears Figur...

Page 187: ...ave the Industrial Managed Switch automatically uses the port as IGMP Router port if the port receives IGMP query packets Fix The Industrial Managed Switch always uses the specified port as an IGMP Ro...

Page 188: ...ave VLAN ID The VLAN ID of the entry IGMP Snooping Enable Enable the per VLAN IGMP Snooping Only up to 32 VLANs can be selected Querier Election Enable the IGMP Querier election in the VLAN Disable to...

Page 189: ...ds LLQI LMQI for IGMP Last Member Query Interval The Last Member Query Time is the time value represented by the Last Member Query Interval multiplied by the Last Member Query Count The allowed range...

Page 190: ...the IGMP join report is forwarded as normal If a requested multicast group is denied the IGMP join report is dropped IGMP throttling sets a maximum number of multicast groups that a port can join at...

Page 191: ...ived The number of Received Querier V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Reports V3 Reports Received The number of Received V3 Reports V2...

Page 192: ...ng of the IGMP Group Table The Start from VLAN and group input fields allow the user to select the starting point in the IGMP Group Table The IGMP Groups Information screen in Figure 4 8 11 appears Fi...

Page 193: ...2 IGMP SSM Information page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed Port Switch port number Mode In...

Page 194: ...en MLD Snooping is disabled unregistered IPMCv6 traffic flooding is always active in spite of this setting MLD SSM Range SSM Source Specific Multicast Range allows the SSM aware hosts and routers run...

Page 195: ...put field When first visited the web page will show the first 20 entries from the beginning of the VLAN Table The first displayed will be the one with the lowest VLAN ID found in the VLAN Table The VL...

Page 196: ...eneral Queries The allowed range is 0 to 31744 in tenths of seconds default query response interval is 100 in tenths of seconds 10 seconds LLQI LMQI for IGMP Last Member Query Interval The Last Member...

Page 197: ...d the MLD join report is forwarded as normal If a requested multicast group is denied the MLD join report is dropped MLD throttling sets a maximum number of multicast groups that a port can join at th...

Page 198: ...terface is administratively disabled Querier Transmitted The number of Transmitted Querier Querier Received The number of Received Querier V1 Reports Received The number of Received V1 Reports V2 Repo...

Page 199: ...20 selected through the entries per page input field When first visited the web page will show the first 20 entries from the beginning of the MLD Group Table The Start from VLAN and group input fields...

Page 200: ...Figure 4 8 18 appears Figure 4 8 18 MLD SSM Information page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group display...

Page 201: ...riber port which is a switch port configured as an MVR receiver port When a subscriber selects a channel the set top box or PC sends an IGMP MLD report message to Switch A to join the appropriate mult...

Page 202: ...ing It is suggested to enable Unregistered Flooding control when the MVR group table is full Delete Check to delete the entry The designated entry will be deleted during the next save MVR VID Specify...

Page 203: ...mberships on a receiver port before removing the port from multicast group membership The value is in units of tenths of a seconds The range is from 0 to 31744 The default LLQI is 5 tenths or one half...

Page 204: ...lds Object Description VLAN ID The Multicast VLAN ID IGMP MLD Queries Received The number of Received Queries for IGMP and MLD respectively IGMP MLD Queries Transmitted The number of Transmitted Queri...

Page 205: ...VLAN and group input fields allow the user to select the starting point in the MVR Group Table The MVR Groups Information screen in Figure 4 8 21 appears Figure 4 8 21 MVR Groups Information page Scr...

Page 206: ...ure 4 8 22 appears Figure 4 8 22 MVR SFM Information page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed P...

Page 207: ...classifies the traffic on the network Traffic classifications are determined by protocol application source destination and so on You can create and modify classifications The Switch then groups clas...

Page 208: ...r is enabled on this switch port Rate Controls the rate for the policer This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 3300 when the Unit is Mbps or kfp...

Page 209: ...ity A CoS of 0 zero has the lowest priority If the port is VLAN aware and the frame is tagged then the frame is classified to a CoS that is based on the PCP value in the tag as shown below Otherwise t...

Page 210: ...s classified to the default DEI value All means all ports will have one specific setting Tag Class Shows the classification mode for tagged frames on this port Disabled Use default CoS and DPL for tag...

Page 211: ...re 4 9 3 QoS Egress Port Schedule page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port number in...

Page 212: ...ess Port Shapers page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port number in order to configu...

Page 213: ...ields Object Description Schedule Mode Controls whether the scheduler mode is Strict Priority or Weighted on this switch port Queue Shaper Enable Controls whether the queue shaper is enabled for this...

Page 214: ...Scheduler Mode is set to Weighted Port Shaper Enable Controls whether the port shaper is enabled for this switch port Port Shaper Rate Controls the rate for the port shaper This value is restricted t...

Page 215: ...page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port number in order to configure tag remarking...

Page 216: ...ontrols the tag remarking mode for this port Classified Use classified PCP DEI values Default Use default PCP DEI values Mapped Use mapped versions of QoS class and DP level PCP DEI Configuration Cont...

Page 217: ...gress and egress settings Ingress In Ingress settings you can change ingress translation and classification settings for individual ports There are two configuration parameters available in Ingress Tr...

Page 218: ...d and frame is remarked with remapped DSCP value The remapped DSCP value is always taken from the DSCP Translation Egress Remap DP0 table Remap DP Aware DSCP from analyzer is remapped and frame is rem...

Page 219: ...s Classification page Screenshot The page includes the following fields Object Description DSCP Maximum number of supported DSCP values are 64 Trust Controls whether a specific DSCP value is trusted O...

Page 220: ...DSCP Translation page Screenshot The page includes the following fields Object Description DSCP Maximum number of supported DSCP values are 64 and valid DSCP value ranges from 0 to 63 Ingress Ingress...

Page 221: ...ue from select menu to which you want to remap DSCP value ranges form 0 to 63 Remap DP1 Select the DSCP value from select menu to which you want to remap DSCP value ranges form 0 to 63 Buttons Click t...

Page 222: ...QCEs Each row describes a QCE that is defined The maximum number of QCEs is 256 on each switch Click on the lowest plus sign to add a new QCE to the list The QoS Control List screen in Figure 4 9 12 a...

Page 223: ...incoming frames Possible frame types are Any The QCE will match all frame type Ethernet Only Ethernet frames with Ether Type 0x600 0xFFFF are allowed LLC Only LLC frames are allowed SNAP Only SNAP fr...

Page 224: ...below DMAC Type Destination MAC type possible values are unicast UC multicast MC broadcast BC or Any SMAC Source MAC address 24 MS bits OUI or Any Tag Value of Tag field can be Any Untag or Tag VID V...

Page 225: ...urce IP Specific Source IP address in value mask format or Any IP and Mask are in the format x y z w where x y z and w are decimal numbers between 0 and 255 When Mask is converted to a 32 bit binary s...

Page 226: ...t means that the default classified value is not modified by this QCE Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values Return to the previous...

Page 227: ...if a frame matches the QCE it will be put in the queue DPL Drop Precedence Level if a frame matches the QCE then DP level will set to value displayed under DPL column DSCP If a frame matches the QCE...

Page 228: ...across the switch The Storm Control Configuration screen in Figure 4 9 15 appears Figure 4 9 15 Storm Control Configuration page Screenshot The page includes the following fields Object Description Po...

Page 229: ...Figure 4 9 16 Queuing Counters page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Q0 Q7 There are 8 QoS queues p...

Page 230: ...Voice VLAN Configuration screen in Figure 4 9 18 appears Figure 4 9 17 Voice VLAN Configuration page Screenshot The page includes the following fields Object Description Mode Indicates the Voice VLAN...

Page 231: ...the specific port and configures the Voice VLAN members automatically Forced Force join to Voice VLAN Port Security Indicates the Voice VLAN port security mode When the function is enabled all non tel...

Page 232: ...elete Check to delete the entry It will be deleted during the next save Telephony OUI An telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 characters long...

Page 233: ...mission associated with a particular ACE ID There are three ACE frame types Ethernet Type ARP and IPv4 and two ACE actions permit and deny The ACE also contains many detailed different parameter optio...

Page 234: ...allowed range is 1 to 16 When Disabled is displayed the rate limiter operation is disabled Port Redirect Indicates the port redirect operation of the ACE Frames matching the ACE are redirected to the...

Page 235: ...gress port Policy Bitmask Indicates the policy number and bitmask of the ACE Frame Type Indicates the frame type of the ACE Possible values are Any The ACE will match any frame type EType The ACE will...

Page 236: ...d on the port are not mirrored The default value is Disabled Counter The counter indicates the number of times the ACE was hit by a frame Modification Buttons You can modify each ACE Access Control En...

Page 237: ...ngress port for which this ACE applies Any The ACE applies to any port Port n The ACE applies to this port number where n is the number of the switch port Policy Filter Specify the policy number filte...

Page 238: ...icer ID Select which EVC policer ID to apply on this ACE The allowed values are Disabled or the values 1 through 256 Port Redirect Frames that hit the ACE are redirected to the port number specified h...

Page 239: ...ecific destination MAC address with this ACE choose this value A field for entering a DMAC value appears DMAC Value When Specific is selected for the DMAC filter you can enter a specific destination M...

Page 240: ...filter is set to Host Specify the sender IP address in the SIP Address field that appears Network Sender IP filter is set to Network Specify the sender IP address and sender IP mask in the SIP Address...

Page 241: ...s allowed don t care IP Specify whether frames can hit the action according to their ARP RARP hardware address space HRD settings 0 ARP RARP frames where the HLD is equal to Ethernet 1 1 ARP RARP fram...

Page 242: ...G OFFSET field is greater than zero must not be able to match this entry Yes IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry Any Any...

Page 243: ...Extra fields for defining ICMP parameters will appear These fields are explained later in this help file UDP Select UDP to filter IPv6 UDP protocol frames Extra fields for defining UDP parameters will...

Page 244: ...status is don t care Specific If you want to filter a specific ICMP filter with this ACE you can enter a specific ICMP value A field for entering an ICMP value appears ICMP Type Value When Specific is...

Page 245: ...ion filter with this ACE you can enter a specific TCP UDP destination value A field for entering a TCP UDP destination value appears Range If you want to filter a specific range TCP UDP destination fi...

Page 246: ...cant URG value for this ACE 0 TCP frames where the URG field is set must not be able to match this entry 1 TCP frames where the URG field is set must be able to match this entry Any Any value is allow...

Page 247: ...mit Rate Limiter ID Select which rate limiter to apply on this port The allowed values are Disabled or the values 1 through 16 The default value is Disabled EVC Policer Select whether EVC policer is e...

Page 248: ...re Enabled If a frame is received on the port the port will be disabled Disabled Port shut down is disabled The default value is Disabled State Specify the port state of this port The allowed values a...

Page 249: ...the following fields Object Description Rate Limiter ID The rate limiter ID for the settings contained in the same row Rate pps The allowed values are 0 3276700 in pps or 0 100 200 300 1000000 in kbps...

Page 250: ...d The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards it When authentication is completed the RADIUS server sends a special packet containing a...

Page 251: ...TACACS Local user name and Privilege Level control RADIUS and TACACS are logon authentication protocols that use software running on a central server to control access to RADIUS aware or TACACS aware...

Page 252: ...ctual authentication of the client The authentication server validates the identity of the client and notifies the switch whether or not the client is authorized to access the LAN and switch services...

Page 253: ...enable authentication on a port by using the dot1x port control auto interface configuration command the switch must initiate authentication when it determines that the port link state transitions fro...

Page 254: ...twork In contrast when an 802 1X enabled client connects to a port that is not running the 802 1X protocol the client initiates the authentication process by sending the EAPOL start frame When no resp...

Page 255: ...allows you to configure how a user is authenticated when he logs into the switch via one of the management client interfaces The Authentication Method Configuration screen in Figure 4 11 3 appears Fi...

Page 256: ...evert to previously saved values 4 11 3 Network Access Server Configuration This page allows you to configure the IEEE 802 1X and MAC based authentication system and port settings The IEEE 802 1X stan...

Page 257: ...checked successfully authenticated supplicants clients are reauthenticated after the interval specified by the Reauthentication Period Reauthentication for 802 1X enabled ports can be used to detect...

Page 258: ...the port is in a 802 1X based mode this is not so critical since supplicants that are no longer attached to the port will get removed upon the next reauthentication which will fail But if reauthentic...

Page 259: ...disable RADIUS server assigned VLAN functionality When checked the individual ports ditto setting determines whether RADIUS assigned VLAN is enabled for that port When unchecked RADIUS server assigned...

Page 260: ...mode The following modes are available Force Authorized In this mode the switch will send one EAPOL Success frame when the port link comes up and any client on the port will be allowed network access...

Page 261: ...server will be contacted upon the next backend authentication server request from the switch This scenario will loop forever Therefore the server timeout should be smaller than the supplicant s EAPOL...

Page 262: ...limited using the Port Security Limit Control functionality MAC based Auth Unlike port based 802 1X MAC based authentication is not a standard but merely a best practices method adopted by the industr...

Page 263: ...cess Accept packet no longer carries a QoS Class or it s invalid or the supplicant is otherwise no longer present on the port the port s QoS Class is immediately reverted to the original QoS Class whi...

Page 264: ...t packet The following criteria are used The Tunnel Medium Type Tunnel Type and Tunnel Private Group ID attributes must all be present at least once in the Access Accept packet The switch looks for th...

Page 265: ...n the port are allowed access on this VLAN The switch will not transmit an EAPOL Success frame when entering the Guest VLAN While in the Guest VLAN the switch monitors the link for EAPOL frames and if...

Page 266: ...successfully authenticated clients on the port and will not cause the clients to get temporarily unauthorized Reinitialize Forces a reinitialization of the clients on the port and thereby a reauthenti...

Page 267: ...address carried in the most recently received EAPOL frame for EAPOL based authentication and the most recently received frame from a new client for MAC based authentication Last ID The user name suppl...

Page 268: ...Statistics page Screenshot The page includes the following fields Port State Object Description Admin State The port s current administrative state Refer to NAS Admin State for a description of possib...

Page 269: ...ave been received by the switch Rx Responses dot1xAuthEapolRespFr amesRx The number of valid EAPOL response frames other than Response Identity frames that have been received by the switch Rx Start do...

Page 270: ...mitted by the switch Backend Server Counters These backend RADIUS frame counters are available for the following administrative states Port based 802 1X Single 802 1X Multi 802 1X MAC based Auth Direc...

Page 271: ...ent has successfully authenticated to the backend server Rx Auth Failures dot1xAuthBackendAuth Fails 802 1X and MAC based Counts the number of times that the switch receives a failure message This ind...

Page 272: ...pplicant client was received Version dot1xAuthLastEapolF rameVersion 802 1X based The protocol version number carried in the most recently received EAPOL frame MAC based Not applicable Identity 802 1X...

Page 273: ...he VLAN ID that the corresponding client is currently secured through the Port Security module State The client can either be authenticated or unauthenticated In the authenticated state it is allowed...

Page 274: ...MAC based Auth X Click to clear both the port counters and all of the attached client s counters The Last Client will not be cleared however This button is available in the following modes Multi 802 1...

Page 275: ...Retransmit Retransmit is the number of times in the range from 1 to 1000 a RADIUS request is retransmitted to a server that is not responding If the server has not responded after the last retransmit...

Page 276: ...ject Description Delete To delete a RADIUS server entry check this box The entry will be deleted during the next Save Hostname The IP address or hostname of the RADIUS server Auth Port The UDP port to...

Page 277: ...for a reply from a TACACS server before it is considered to be dead Dead Time The Dead Time which can be set to a number between 0 to 1440 minutes is the period during which the switch will not send...

Page 278: ...ional setting overrides the global key Leaving it blank will use the global key Buttons Click to add a new TACACS server An empty row is added to the table and the TACACS server can be configured as n...

Page 279: ...only reachable when more than one server is enabled RADIUS Accounting Server Status Overview Object Description The RADIUS server number Click to navigate to detailed statistics for this server IP Add...

Page 280: ...r Server Overview page Screenshot The page includes the following fields RADIUS Authentication Statistics The statistics map closely to those specified in RFC4668 RADIUS Authentication Client MIB Use...

Page 281: ...ed RADIUS Access Response packets received from the server Malformed packets include packets with an invalid length Bad authenticators or Message Authenticator attributes or unknown types are not incl...

Page 282: ...med out or received a response This variable is incremented when an Access Request is sent and decremented due to receipt of an Access Accept Access Reject Access Challenge timeout or retransmission T...

Page 283: ...one server is enabled Round Trip Time radiusAuthClient ExtRoundTripTim e The time interval measured in milliseconds between the most recent Access Reply Access Challenge and the Access Request that m...

Page 284: ...eived from the server on the accounting port Rx Packets Dropped radiusAccClientExt PacketsDropped The number of RADIUS packets that were received from the server on the accounting port and dropped for...

Page 285: ...kes one of the following values Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is...

Page 286: ...ts counter will not be cleared by this operation 4 11 10 Windows Platform RADIUS Server Configuration Setup the RADIUS server and assign the client IP address to the Industrial Managed Switch In this...

Page 287: ...d New RADIUS Client on the Windows 2003 server Figure 4 11 12 Windows Server Add New RADIUS Client Setting 3 Assign the client IP address to the Industrial Managed Switch Figure 4 11 13 Windows Server...

Page 288: ...should be the same as the key configured on the Industrial Managed Switch Figure 4 11 14 Windows Server RADIUS Server Setting 5 Configure ports attribute of 802 1X the same as 802 1X Port Configuratio...

Page 289: ...6 Create user data The establishment of the user data needs to be created on the Radius Server PC For example the Radius Server is founded on Win2003 Server and then Figure 4 11 16 Windows 2003 AD Se...

Page 290: ...ctive Directory Users and Computers create legal user data next right click a user what you created to enter properties and what to be noticed Figure 4 11 17 Add User Properties Screen Figure 4 11 18...

Page 291: ...procedures show how to configure 802 1X Authentication in Windows XP Please note that if you want to change the 802 1x authentication type of a wireless client i e switch to EAP TLS from EAP MD5 you...

Page 292: ...D 5 Challenge from the drop down list box for EAP type Figure 4 11 20 7 Click OK 8 When client has associated with the Industrial Managed Switch a user authentication notice appears in system tray Cli...

Page 293: ...anual 293 Figure 4 11 21 Windows Client Popup Login Request Message 9 Enter the user name password and the logon domain that your account belongs 10 Click OK to complete the validation process Figure...

Page 294: ...ng the number of users on a given port A user is identified by a MAC address and VLAN ID If Limit Control is enabled on a port the limit specifies the maximum number of users on the port If this numbe...

Page 295: ...ch or hub which in turn is connected to a port on this switch on which Limit Control is enabled The end host will be allowed to forward if the limit is not exceeded Now suppose that the end host logs...

Page 296: ...port shut down the port This implies that all secured MAC addresses will be removed from the port and no new will be learned Even if the link is physically disconnected and reconnected on the port by...

Page 297: ...Access Management Configure access management table on this page The maximum entry number is 16 If the application s type matches any one of the access management entries it will allow access to the...

Page 298: ...ent entry Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 12 3 Access Management Statistics This page provides statistics for access management Th...

Page 299: ...hen the current connection is HTTPS to apply HTTPS disabled mode operation will automatically redirect web browser to an HTTP connection Possible modes are Enabled Enable HTTPS mode operation Disabled...

Page 300: ...AC address to forward or block it For a MAC address to be set in the forwarding state all enabled user modules must unanimously agree on allowing the MAC address to forward If only one chooses to bloc...

Page 301: ...ll enabled user modules must unanimously agree on allowing the MAC address to forward If only one chooses to block it it will be blocked until that user module decides otherwise The status page is div...

Page 302: ...arrive Limit Reached The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limit is reached and no more MAC addresses should be taken in...

Page 303: ...age includes the following fields Object Description MAC Address VLAN ID The MAC address and VLAN ID that is seen on this port If no MAC addresses are learned a single row stating No MAC addresses att...

Page 304: ...intruder on the untrusted ports of DUT when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server Configure DHCP Snooping on this...

Page 305: ...ration the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports Disabled Disable DHCP snooping mode operation Port Mode Configuration Indicates th...

Page 306: ...resh the page automatically Automatic refresh occurs every 3 seconds It will use the last entry of the currently displayed table as a basis for the next lookup When the end is reached the text No more...

Page 307: ...ly when both Global Mode and Port Mode on a given port are enabled IP Source Guard is enabled on this given port Max Dynamic Clients Specify the maximum number of dynamic clients can be learned on giv...

Page 308: ...includes the following fields Object Description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The VLAN ID for the settings I...

Page 309: ...the Refresh button will update the displayed table starting from that or the closest next Dynamic IP Source Guard Table match In addition the two input fields will upon a Refresh button click assume...

Page 310: ...eenshot The page includes the following fields Object Description Mode of ARP Inspection Configuration Enable the Global ARP Inspection or disable the Global ARP Inspection Port Mode Configuration Spe...

Page 311: ...of ARP Inspection will refer to the port setting There are four log types and possible types are None Log nothing Deny Log denied entries Permit Log permitted entries ALL Log all entries Buttons Clic...

Page 312: ...N ID then by MAC address and then by IP address The Dynamic ARP Inspection Table screen in Figure 4 12 15 appears Figure 4 12 15 Dynamic ARP Inspection Table Screenshot Navigating the ARP Inspection T...

Page 313: ...his particular port VLAN ID The VLAN ID of the entry MAC Address The MAC address of the entry IP Address The IP address of the entry Buttons Auto refresh Check this box to refresh the page automatical...

Page 314: ...and switch ports The frames also contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MA...

Page 315: ...ved Disable No learning is done Secure Only static MAC entries are learned all other frames are dropped Note Make sure that the link used for managing the switch is added to the Static Mac Table befor...

Page 316: ...page will show the first 20 entries from the beginning of the MAC Table The first displayed will be the one with the lowest VLAN ID and the lowest MAC address found in the MAC Table The Start from MAC...

Page 317: ...he ports that are members of the entry Buttons Auto refresh Automatic refresh occurs every 3 seconds Refreshes the displayed table starting from the Start from MAC address and VLAN input fields Flushe...

Page 318: ...d maintain information gathered about the neighboring network nodes it discovers Link Layer Discovery Protocol Media Endpoint Discovery LLDP MED is an extension of LLDP intended for managing endpoint...

Page 319: ...the default TTL is 4 30 120 seconds Tx Delay If some configuration is changed e g the IP address a new LLDP frame is transmitted but the time between the LLDP frames will always be at least the value...

Page 320: ...e LLDP neighbors table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version and Platform is mapped to the LLDP System Description field Both the CDP and LLDP support system capabilities...

Page 321: ...Object Description Fast start repeat count Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general In addit...

Page 322: ...sion would be repeated The recommended value is 4 times given that 4 LLDP frames with a 1 second interval will be transmitted when an LLDP frame with new information is received It should be noted tha...

Page 323: ...um 1983 CRS Code 4269 Prime Meridian Name Greenwich The associated vertical datum is Mean Lower Low Water MLLW This datum pair is to be used when referencing locations on water sea ocean Civic Address...

Page 324: ...ject Description Emergency Call Service Emergency Call Service ELIN identifier data format is defined to carry the ELIN identifier as used during emergency call setup to a traditional CAMA or ISDN tru...

Page 325: ...r than between Network Connectivity Devices and Endpoints and therefore does not need to advertise the multitude of network policies that frequently run on an aggregated link interior to the LAN Objec...

Page 326: ...network policy treatment Video applications relying on TCP with buffering would not be an intended use of this application type Video Signaling conditional for use in network topologies that require...

Page 327: ...new policy Specify the Application type Tag VLAN ID L2 Priority and DSCP for the new policy Click Save The number of policies supported is 32 Port Policies Configuration Every port may advertise a uni...

Page 328: ...vice Definition LLDP MED Network Connectivity Devices as defined in TIA 1057 provide access to the IEEE 802 based LAN infrastructure for LLDP MED Endpoint Devices An LLDP MED Network Connectivity Devi...

Page 329: ...bilities include all of the capabilities defined for the previous Generic Endpoint Class Class I and are extended to include aspects related to media streaming Example product categories expected to a...

Page 330: ...than for the guest voice media Softphone Voice for use by softphone applications on typical data centric devices such as PCs or laptops Video Conferencing for use by dedicated Video Conferencing equi...

Page 331: ...be used to provide Diffserv node behavior for the specified application type as defined in IETF RFC 2474 Contain one of 64 code point values 0 through 63 Auto negotiation Auto negotiation identifies i...

Page 332: ...the neighbor port Port Description Port Description is the port description advertised by the neighbor unit System Name System Name is the name advertised by the neighbor unit System Capabilities Syst...

Page 333: ...Statistics screen in Figure 4 14 5 appears Figure 4 14 5 LLDP Statistics page Screenshot The page includes the following fields Global Counters Object Description Neighbor entries were last changed It...

Page 334: ...hassis ID or Remote Port ID is not already contained within the table Entries are removed from the table when a given port links down an LLDP shutdown frame is received or when the entry ages out TLVs...

Page 335: ...he Industrial Managed Switch transmit ICMP packets and the sequence number and roundtrip time are displayed upon reception of a reply Cable Diagnostics The Cable Diagnostics performing tests on copper...

Page 336: ...ed or until a timeout occurs The ICMP Ping screen in Figure 4 15 1 appears Figure 4 15 1 ICMP Ping page Screenshot The page includes the following fields Object Description IP Address The destination...

Page 337: ...ply The page refreshes automatically until responses to all packets are received or until a timeout occurs The ICMPv6 Ping screen in Figure 4 15 2 appears Figure 4 15 2 ICMPv6 Ping page Screenshot The...

Page 338: ...received or until a timeout occurs The ICMP Ping screen in Figure 4 15 3 appears Figure 4 15 3 Remote IP Ping Test page Screenshot The page includes the following fields Object Description Port The l...

Page 339: ...ic on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete The ports belong to the currently selected stack unit as reflected by the page header The Veri...

Page 340: ...ir A Cross B Abnormal cross pair coupling with pair B Cross C Abnormal cross pair coupling with pair C Cross D Abnormal cross pair coupling with pair D Length The length in meters of the cable pair Th...

Page 341: ...10020HPT 20160HPT PoE Switch makes the installation of cameras or WLAN AP easier and more efficient Figure 4 16 1 Power over Ethernet Status 4 16 1 Power over Ethernet Powered Device 3 5 watts Voice...

Page 342: ...total output power required by PDs can exceed the maximum available power provided by the PSU The system may come with a PSU capable of supplying less power than the total potential power consumption...

Page 343: ...hat each port may reserve The allocated reserved power for each port PD is specified in the Maximum Power fields The ports are shut down when total reserved powered exceeds the amount of power that th...

Page 344: ...ystem will reserve PoE power to PD LLDP Consumption mode System offers PoE power according to PD real power consumption LLDP Reserved Power mode System reserves PoE power to PD according to LLDP confi...

Page 345: ...0 to 4 in accordance with the maximum power draw as specified by Table 4 16 1 Class Usage Range of maximum power used by the PD Class Description 0 Default 12 95 watts or to 15 4 watts for AF mode 25...

Page 346: ...PoE Port will start up by following Port number By Priority The PoE Port will start up by following the PoE Priority Buttons Click to apply changes Click to undo any changes made locally and revert t...

Page 347: ...ill be reserved the same as that in 802 3af mode Priority The Priority represents PoE ports priority There are three levels of power priority named Low High and Critical The priority is used in case t...

Page 348: ...power reserved and current status for all PoE ports The screen in Figure 4 16 5 appears Figure 4 16 5 PoE Status Screenshot The page includes the following fields Object Description Sequential Power...

Page 349: ...rating temperature of the second PoE chip unit Local Port This is the logical port number for this row PD Class Displays the class of the PD attached to the port as established by the classification p...

Page 350: ...protection on the Earth the Managed PoE switch can effectively control the power supply besides its capability of giving high watts power The PoE schedule function helps you to enable or disable PoE p...

Page 351: ...ile could be applied to the PoE port The page includes the following fields Object Description Profile Set the schedule profile mode Possible profiles are Profile1 Profile2 Profile3 Profile4 Week Day...

Page 352: ...le this function PoE schedule will not to set time to profile This function is just for PoE port reset at an indicated time Reboot Hour Allows user to set what hour PoE reboots This function only for...

Page 353: ...se refer to the following example The screen in Figure 4 16 98 appears To enable LLDP function from port1 to port3 administrator has to plug a PD that supports PoE LLDP function and then administrator...

Page 354: ...n Figure 4 17 1 appears Figure 4 17 1 Loop Protection Configuration page Screenshot The page includes the following fields General Settings Object Description Enable Loop Protection Controls whether l...

Page 355: ...PDU s Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 17 2 Loop Protection Status This page displays the loop protection port status of th...

Page 356: ...User s Manual 356 Buttons Click to refresh the page immediately Auto refresh Check this box to enable an automatic refresh of the page at regular intervals...

Page 357: ...entation of Event Statistics and History display some current or history subnet statistics Alarm and Event provide a method to monitor any integer data change in the network and provide some alerts up...

Page 358: ...put packet queue in packets Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds possible sample types are Absolute Get the sample d...

Page 359: ...comparing the rising and falling threshold Variable Indicates the particular variable to be sampled Sample Type The method of sampling the selected variable and calculating the value to be compared ag...

Page 360: ...he event the possible types are none The total number of octets received on the interface including framing characters log The number of uni cast packets delivered to a higher layer protocol snmptrap...

Page 361: ...ent Overview page Screenshot The page includes the following fields Object Description Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry LogTime Indicat...

Page 362: ...which wants to be monitored If in stacking switch the value must add 1000 switch ID 1 for example if the port is switch 3 port 5 the value is 2005 Interval Indicates the interval in seconds for sampl...

Page 363: ...kets and multicast packets received Broadcast The total number of good packets received that were directed to the broadcast address Multicast The total number of good packets received that were direct...

Page 364: ...displayed 4 18 7 RMON Statistics Configuration Configure RMON Statistics table on this page The entry index key is ID screen in Figure 4 18 7 appears Figure 4 18 7 RMON Statistics Configuration page S...

Page 365: ...kets were dropped by the probe due to lack of resources Octets The total number of octets of data including those in bad packets received on the network Pkts The total number of packets including bad...

Page 366: ...packets including bad packets received that were between 256 to 511 octets in length 512 1023 The total number of packets including bad packets received that were between 512 to 1023 octets in length...

Page 367: ...P and GPS IEEE 1588 is designed for local systems requiring accuracies beyond those attainable using NTP It is also designed for applications that cannot bear the cost of a GPS receiver at each node o...

Page 368: ...ice Type In a unicast Slave only clock you also need configure which master clocks to request Announce and Sync messages from See Unicast Slave configuration VLAN Tag Enable Enables the VLAN tagging f...

Page 369: ...ntifier Dom Clock domain 0 127 Clock Quality The clock quality is determined by the system and holds 3 parts Clock Class Clock Accuracy and OffsetScaledLog Variance as defined in IEEE1588 The Clock Ac...

Page 370: ...r It is observed parent offset scaled log variance Change Rate Observed Parent Clock Phase Change Rate i e the slave clocks rate offset compared to the master unit ns per s Grand Master Identity Clock...

Page 371: ...or the sync message Comm State The state of the communication with the master possible values are IDLE The entry is not in use INIT Announce is sent to the master Waiting for a response CONN The maste...

Page 372: ...pes Ord Bound clock s Device Type is Ordinary Boundary Clock P2p Transp clock s Device Type is Peer to Peer Transparent Clock E2e Transp clock s Device Type is End to End Transparent Clock Master Only...

Page 373: ...nction and two ports should be assigned as the member ports in the ERPS Only one switch in the Ring group would be set as the RPL owner switch that one port would be blocked called owner port and PRL...

Page 374: ...Domain Flow Instance is a EVC Mpls Future use Mode MEP This is a Maintenance Entity End Point MIP This is a Maintenance Entity Intermediate Point Direction Ingress This is a Ingress down MEP monitorin...

Page 375: ...llows the user to inspect and configure the current MEP Instance screen in Figure 4 20 2 appears Figure 4 20 2 Detail MEP configuration page screenshot The page includes the following fields Instance...

Page 376: ...t a CCM is received with a lower level than the configured for this MEP cMEG Fault Cause indicating that a CCM is received with a MEG ID different from configured for this MEP cMEP Fault Cause indicat...

Page 377: ...cast Class 1 Priority The priority to be inserted as PCP bits in TAG if any In case of enable of Continuity Check and Loss Measurement both implemented on SW based CCM Priority has to be the same Fra...

Page 378: ...8032 Type R APS APS PDU is transmitted as R APS this is for ERPS L APS APS PDU is transmitted as L APS this is for ELPS Last Octet This is the last octet of the transmitted and expected RAPS multi ca...

Page 379: ...n this field indicates that no Port 1 SF MEP is associated with this instance Port 0 APS MEP The Port 0 APS PDU handling MEP Port 1 APS MEP The Port 1 APS PDU handling MEP As only one APS MEP is assoc...

Page 380: ...ge screenshot The page includes the following fields Instance Data Object Description ERPS ID The ID of the Protection group Port 0 See help on ERPS create WEB Port 1 See help on ERPS create WEB Port...

Page 381: ...ke persistent check on Signal Fail before switching The range of the hold off timer is 0 to 10 seconds in steps of 100 ms Version ERPS Protocol Version v1 or v2 Revertive In Revertive mode after the c...

Page 382: ...rt 1 Receive APS The received APS on Port 1 according to State Transition Tables in G 8032 WTR Remaining Remaining WTR timeout in milliseconds RPL Un blocked APS is received on the working flow No APS...

Page 383: ...page includes the following fields Object Description All Switch Numbers Set all the switch numbers for the ring group The default number is 3 and maximum number is 30 Number ID The switch where you...

Page 384: ...ID Port MEP ID RPL Type VLAN Group Switch 1 Port 1 1 None 3001 Port 2 2 Owner 3001 Switch 2 Port 1 4 None 3001 Port 2 3 Neighbor 3001 Switch 3 Port 1 6 None 3001 Port 2 5 None 3001 Table 4 2 ERPS Con...

Page 385: ...S Configuration on Switch 2 Connect PC to switch 2 directly don t connect to port 1 2 Logging on the Switch 2 and click Ring Ring Wizard Set All Switch Number 3 and Number ID 2 click Next button to se...

Page 386: ...loop please don t connect switch 1 2 3 together in the ring topology before configuring the end of ERPS Follow the configuration or ERPS wizard to connect the Switch 1 2 and 3 together to establish E...

Page 387: ...hen this packet will be filtered Thereby increasing the network throughput and availability 5 4 Store and Forward Store and Forward is one type of packet forwarding techniques A Store and Forward Indu...

Page 388: ...bandwidth when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both device is connected and capable of...

Page 389: ...also check the in out rate of the port Why the Switch doesn t connect to the network Solution 1 Check the LNK ACT LED on the switch 2 Try another port on the Switch 3 Make sure the cable is installed...

Page 390: ...10 100BASE TX When connecting your Switch to another Fast Ethernet switch a bridge or a hub a straight or crossover cable is necessary Each port of the Switch supports auto MDI MDI X detection That m...

Page 391: ...Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE 2 Crossover Cable SIDE 1 SIDE 2 1 2 3 4 5 6 7 8 1...

Page 392: ...manual ACL configuration ACL Access Control List The web page shows the ACEs in a prioritized way highest top to lowest bottom Default the table is empty An ingress frame will only get a hit on one A...

Page 393: ...in the two ends of a protection group as defined in G 8031 Aggregation Using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase the redundancy for higher...

Page 394: ...converts it to an unintelligible form called cipher Decrypting cipher converts the data back to its original form called plaintext The algorithm described in this standard specifies both enciphering a...

Page 395: ...nt the VLAN ID The parameter of module_id is the third byte for the module ID in standalone switch it always equal 0 in stackable switch it means switch ID The parameter of port_no is the fourth byte...

Page 396: ...d from the multicast tree for the multicast group specified in the original leave message Fast leave processing ensures optimal bandwidth management for all hosts on a switched network even when multi...

Page 397: ...ages generally contain information about routing difficulties or simple exchanges such as time stamp or echo transactions For example the PING command uses ICMP to test an Internet connection IEEE 802...

Page 398: ...estination in the same condition it was sent Each device connected to a Local Area Network LAN or Wide Area Network WAN is given an Internet Protocol address and this IP address is used to identify th...

Page 399: ...MED LLDP MED is an extension of IEEE 802 1ab and is defined by the telecommunication industry association TIA 1057 LOC LOC is an acronym for Loss Of Connectivity and is detected by a MEP and is indica...

Page 400: ...c from a source VLAN to be shared with subscriber VLANs The main reason for using MVR is to save bandwidth by preventing duplicate multicast streams being sent in the core network instead the stream s...

Page 401: ...tion and Maintenance It is a protocol described in ITU T Y 1731 used to implement carrier ethernet functionality MEP functionality like CC and RDI is based on this Optional TLVs A LLDP frame contains...

Page 402: ...s to retrieve email messages from a mail server POP3 is designed to delete mail on the server as soon as the user has downloaded it However some implementations allow users or an administrator to spec...

Page 403: ...identifier to its QCL The privileges determine specific traffic object to specific QoS class QL QL In SyncE this is the Quality Level of a given clock source This is received on a port in a SSM indic...

Page 404: ...yer 3 multicast device RSTP In 1998 the IEEE with document 802 1w introduced an evolution of STP the Rapid Spanning Tree Protocol which provides for faster spanning tree convergence after a topology c...

Page 405: ...NMP allow diverse network objects to participate in a network management architecture It enables network management systems to learn network problems by receiving traps or change notices from network...

Page 406: ...cronym for Transmission Control Protocol It is a communications protocol that uses the Internet Protocol IP to exchange the messages between computers The TCP protocol guarantees reliable and in order...

Page 407: ...an acronym for Temporal Key Integrity Protocol It used in WPA to replace WEP with a new encryption algorithm TKIP comprises the same encryption engine and RC4 algorithm defined for WEP The key used f...

Page 408: ...and transmit untagged frames Provider switching This is also known as Q in Q switching Ports connected to subscribers are VLAN unaware members of one VLAN and set up with this unique Port VLAN ID Por...

Page 409: ...h and secrecy of the passphrase The design of WPA is based on a Draft 3 of the IEEE 802 11i standard Wikipedia WPA Radius WPA Radius is an acronym for Wi Fi Protected Access Radius 802 1X authenticati...

Search results

Summary of Contents for IGS-10020

Reviews:

Related manuals for IGS-10020

Brands by name

Popular brands

Planet IGS-10020, User Manual

Search results

Summary of Contents for IGS-10020

Reviews:

Related manuals for IGS-10020

Brands by name

Popular brands