WAGO 852-1328 Product Manual Download Page 1

Page: 1 / 92

Product manual | Version 1.2.0

Industrial Managed Switch

6 Ports 1000BASE-T; 2 Slots 1000BASE-SX/LX; MAC Security

852-1328

Summary of Contents for 852-1328

Page 1: ...Product manual Version 1 2 0 Industrial Managed Switch 6 Ports 1000BASE T 2 Slots 1000BASE SX LX MAC Security 852 1328...

Page 2: ...been taken to ensure the accuracy and completeness of this documentation However as errors can never be fully excluded we always appreci ate any information or suggestions for improving the documenta...

Page 3: ...Connections 16 4 3 1 Grounding screw 16 4 3 2 Power Supply 16 4 3 3 Network Connections 17 4 3 3 1 10 100 1000BASE T X ports 18 4 3 3 2 100 1000BASE SX LX ZX MACsec ports 18 4 4 Display Elements 18 4...

Page 4: ...Information 35 10 3 2 Legal Information 36 10 4 Configuration 36 10 4 1 System Settings 36 10 4 2 Device Discovery LLDP 37 10 4 3 System Management SNTP 38 10 4 3 1 General Information 38 10 4 3 2 SN...

Page 5: ...lation 68 10 6 5 2 VLAN Setup 69 10 6 5 3 Management VLAN 71 10 7 Redundancy 73 10 7 1 RSTP 73 10 7 1 1 General Information 73 10 7 1 2 RSTP Setup 76 10 7 1 3 RSTP Port Setup 77 10 7 1 4 RSTP Failover...

Page 6: ...rity Obligations of Installers Operators The installers and operators bear responsibility for the safety of an installation or a sys tem assembled with the products The installer operator is responsib...

Page 7: ...ys Cross References Links Cross references links to a topic in a document Cross references links to a separate document Cross references links to a website Cross references links to an email address A...

Page 8: ...s document as well as the use and communication of its content are strictly prohibited un less expressly authorized by prior agreement Third party products are always mentioned without any reference t...

Page 9: ...ims for change or improvement of products that have already been delivered excepting change or improvement performed under guarantee agreement are excluded Licenses The products may contain open sourc...

Page 10: ...med by qualified employees with sufficient knowledge in the administration of the PC system used in addition to file creation or modification Steps that change the PC system s behavior within a networ...

Page 11: ...ped with ETHERNET or RJ 45 connectors in LANs Never con nect these devices with telecommunication networks Components Replace defective or damaged device module e g in the event of deformed contacts L...

Page 12: ...i tional housing that is also resistant to these substances Before installation and operation please read the product documentation thoroughly and carefully In addition note the information on the pro...

Page 13: ...switches In other words it can secure a network from a whole host of security threats including intrusion man in the middle masquerading passive wiretapping and playback attacks And because MACsec en...

Page 14: ...852 1328 Properties 14 Product manual Version 1 2 0 Industrial Managed Switch 4 Properties 4 1 Views 4 1 1 Front View Figure 1 Front View of the Industrial Managed Switch...

Page 15: ...18 3 ALM Status LED alarm 8 Display Elements 18 4 RJ 45 ports 10 100 1000BASE T X 6 8 Port LEDs 18 6 SFP slots 2 x MACsec SFP slots with 100 1000 Mbit s 8 Port LEDs 18 4 1 2 Top View Figure 2 Top View...

Page 16: ...on right digit sequence 02 QR code Connect to product information by scanning this QR code 4 3 Connections 4 3 1 Grounding screw The switch must be grounded Connect the grounding screw to the ground p...

Page 17: ...c Discharge ESD DC Powered Switch Power is supplied through an external DC power source Since the switch does not include a power switch plugging its power adapter into a power outlet will immediately...

Page 18: ...g cable for the RJ 45 ports Cat 5e or better with a max cable length 100 m 4 3 3 2 100 1000BASE SX LX ZX MACsec ports The connections make encrypted data traffic using the MAC Security security standa...

Page 19: ...Degree of protection IP30 4 5 2 System Data Table 9 Technical Data System Data Property Value MAC table 16384 entries Jumbo Frame Size 10 kB Wavelength optical fibers Depends on SFP module Maximum le...

Page 20: ...for the product Conformity Marking Ordinary Locations UL62368 E482462 Note More information on approvals You can find detailed information on the approvals online at www wago com item number 4 6 2 Reg...

Page 21: ...ty measures against electrostatic discharge according to EN 61340 5 1 3 When handling the modules ensure that environmental factors persons workplace and packing are well grounded The relevant valid a...

Page 22: ...n the supplicant and the authentication server It passes around information verifies information with the server and relays responses to the supplicant The authenticator acts like a security guard to...

Page 23: ...ed secure channel and connectivity association when set ting up a secure communication between two switches A secure channel in MACsec is unidirectional and used for transmitting outbound traffic or r...

Page 24: ...all the may greatly affect its performance When selecting a site we recommend considering the following rules Install the at an appropriate place See Section 8 Environment requirements 20 for the acce...

Page 25: ...during transport and storage Store the product in suitable packaging preferably the original packaging Only transport the product in suitable containers packaging Make sure the product contacts are n...

Page 26: ...integrated into the system and the shielding of the internal data bus connections Place the onto the DIN rail from the top and snap it into position 8 2 Removal 8 2 1 Removal from Carrier Rail To remo...

Page 27: ...bserve the corresponding standards for EMC compatible installations as well 2 Plug the female connector into the male connector of the switch if it has not already been plugged in Check the tight fit...

Page 28: ...ds to re duced performance at the port 3 Connect one end of the fiber optic cable to the LC port of the industrial managed switch and the other end to the fiber optic port of the other device Note Pro...

Page 29: ...tion The system must always be restarted for the changed configuration settings to take ef fect 10 1 Login 1 To open the WBM launch a Web browser e g Microsoft Edge Mozilla Firefox or Google Chrome 2...

Page 30: ...s the device you may see a secu rity warning page Please click on the red box Advanced button and click on Accept the Risk and Continue button Figure 11 Security Warning Page 6 After pressing the Ente...

Page 31: ...e if you logged in with the default password successfully the device will remind the user to change the password with a warning pop up dialog and redirect the user to the change password page as shown...

Page 32: ...again buttons If you click the Try again button you will be re directed to the Login page with some waiting time which is determined by the number of times that the user failed to login The first and...

Page 33: ...rity card You will need to look up the characters in the security card and use them to enter them in the Secure code textbox as shown in Figure Example of Dialog after Clicking Forget it But ton The s...

Page 34: ...hange password tab page to immediately update the password as shown in Figure Re direction to Change Password Tab Page When you finished changing the new password click on the Submit button The system...

Page 35: ...WAGO 852 1322 switch Table WBM Information Page System Information Tab summarizes the description of each field of system information Figure 21 WBM Information Page System Information Tab Table 14 WB...

Page 36: ...urce Licenses Figure 23 WBM Information Page Legal Information Open Source License Tab 10 4 Configuration 10 4 1 System Settings Users can assign device s details to WAGO s industrial managed switch o...

Page 37: ...to other stations connected to the same LAN The information includes essential system functions including the management address or addresses of an entity or entities that provide management of these...

Page 38: ...abled devices that has been received on this port will then be shown 10 4 3 System Management SNTP 10 4 3 1 General Information The SNTP Simple Network Time Protocol is a protocol for synchronizing cl...

Page 39: ...e pull down list Manual mode disables SNTP The time must then be set manually The Network Time Protocol mode enables SNTP Both of these modes are described below Mode Manual Select Manual mode to disa...

Page 40: ...ngs or Disable to disable Daylight Saving Settings Start Day Enter the date and time for the start of daylight saving time if you have activated this op tion The time is displayed in 24 hour format En...

Page 41: ...ion The time is displayed in 24 hour format End Day Enter the date and time for the end of daylight saving time if you have activated this op tion The time is displayed in 24 hour format 10 4 4 Networ...

Page 42: ...anually Static IP Address 192 168 1 254 This field displays current IP address The user can also set a new static IP address for the device Subnet Mask 255 255 255 0 This field displays current subnet...

Page 43: ...page are summarized in Table WBM Configuration Page Port Settings Tab Table 20 WBM Configuration Page Port Settings Tab Parameters Factory Default Description Port n Enable Port number on the industri...

Page 44: ...select either Port 7 or Port 8 Speed 1000 The user can change the port speed as either 1000 Mbit s 1 Gbit s or 100 Mbit s from the drop down list Click the Submit button to apply the speed change 10 4...

Page 45: ...Description Enable State Select Enable State to enable port mirroring Deselect Enable State to disable port mir roring Port mirroring must be enabled before the selected Source Port or Destination Por...

Page 46: ...P Simple Network Management Protocol is used in network management systems to monitor the state of attached devices that require the attention of an adminis trator SNMP is a component of the internet...

Page 47: ...ared WAGO s industrial managed switch support SNMP and can be configured in this tab page as shown in Figure WBM Diagnostics Page SNMP Tab The SNMP setting has four parts which are SNMP Agent SNMPv1 v...

Page 48: ...852 1328 Configuration in the WBM 48 Product manual Version 1 2 0 Industrial Managed Switch Figure 33 WBM Diagnostics Page SNMP Setting Part 1 Tab...

Page 49: ...852 1328 Configuration in the WBM Product manual Version 1 2 0 49 Industrial Managed Switch Figure 34 WBM Diagnostics Page SNMP Setting Part 2 Tab...

Page 50: ...he SNMP version 1 V1 version 2c V2c and version 3 are supported by WAGO s managed switches as summarized in WBM Page Diagnostics SNMP Tab SNMP Agent Setting Fehler Verweisquelle konnte nicht gefunden...

Page 51: ...le There are two levels of authentications or permission type in WAGO 852 1328 which are read all only or read write all For exam ple in our default setting as shown in Figure SNMP V1 V2c Community Se...

Page 52: ...list read all only and read write all See notes below for a briefed explanation Choose a type from the dropdown list read all only and read write all See notes below for a briefed explanation Read wr...

Page 53: ...iagnostics Page SNMP Tab SNMP Trap shows an Empty list The user can enter an IP address in the Trap server IP field port number of Trap server in the Port field and a string used as Community String f...

Page 54: ...tion and encryption parameters MD5 Message Digest algorithm 5 is used for authentication password and DES Data Encryption Standard is used for data encryption algorithm Figure WBM Di agnostics Page SN...

Page 55: ...d is left blank there will be no authentication Note that the authentication password is based on MD5 and the maxi mum length of the password is 31 characters Confirmed Password wago0852 Re entering t...

Page 56: ...ons of the Modbus TCP s parameters Please refer to Appendix for the Modbus Memory mapping see chapter 8 Modbus Reg ister 86 Table 28 WBM Diagnostics Page Modbus TCP Tab Parameters Factory Default Desc...

Page 57: ...Uncheck Checked Saving log event into flash memory The flash memory can keep the log event files even if the switch is rebooted Unchecked Saving log event into RAM memory The RAM mem ory cannot keep t...

Page 58: ...This Re fresh button is only visible if the Automatic refresh cycle option is not enabled or stopped To enable cyclic refresh click the Start button The Start button is only visi ble if Automatic ref...

Page 59: ...nly the last n 20 Activate the display of only the last n messages The user can also specify the number of messages to be displayed Automatic refresh cy cle sec Disable 20 Select the check box to enab...

Page 60: ...tual connecting status for all available ports of the WAGO industrial man aged switch in this page The user can see that status whether a port is connected Link Up Green color or disconnected Link Dow...

Page 61: ...n the lower part Figure 45 WBM Page Security Static SAK Tab The selected port s will use the given static SAK as the secure key to secure all the traf fic If any two switches have the same SCI and SAK...

Page 62: ...naged switch will have eight secure codes Every code has three characters The security codes of every switch are unique An example of secure code is illustrated in Figure Example of Secure Codes They...

Page 63: ...the user checks the Enabled box the rest of the option fields will become active The user then have to enter all the re quired fields to configure the 802 1X Setting which are the IP address of RADIUS...

Page 64: ...cess Server NAS The maximum length is 30 characters Shared Key NULL A shared key between the managed switch and the RADIUS Server Both devices must be configured to use the same key where the maximum...

Page 65: ...0 Waiting time for the authentication server to respond to the suppli cant s EAP packet The range is from 10 to 300 seconds Maximum Requests 2 The maximum number of the retransmissions that the authen...

Page 66: ...nd click the Update button To check the latest status of the 802 1X port setting user can click on the Refresh button Table 36 WBM Security Page 802 1X 802 1X Port Setting Tab Parameters Factory Defau...

Page 67: ...ort Once enabled the switch stores the MAC addresses of the sender in a table each time a link is established at the port until the permitted number defined by the user is reached When the state of a...

Page 68: ...ed range of ports Maximum MAC Select the maximum number of MAC addresses for the selected range of ports 10 6 5 VLAN 10 6 5 1 Port Isolation Port Isolation is a port based virtual LAN function It part...

Page 69: ...f requirements that com municate as if they were attached to a broadcast domain regardless of their physical lo cation A VLAN has the same attributes as a physical LAN but it allows end stations to be...

Page 70: ...sys tem is duplicated only on ports that are subscribers of the VID except the ingress port it self thus confining the broadcast to a specific domain Port Based 802 1Q VLAN As a subscriber of a port...

Page 71: ...ows Port to VLAN mapping at the hardware level Note Creating VLANs Up to 128 VLANs can be set up It is recommended to configure a trunk port with tag and have all ports join the VLAN Figure 54 WBM Sec...

Page 72: ...gement VLAN configuration three times via LLDP DA when the system is booting up Interval time of 5 seconds Step 3 Use the network monitoring tool to monitor LLDP packets and find the manage ment VLAN...

Page 73: ...e the device causing a topology change first notifies the root bridge which in turn notifies the rest of the network Both RSTP and STP remove unwanted learned addresses from the filter database To cre...

Page 74: ...data RSTP still monitors incoming BPDUs which would indicate that the port should return to the Blocking state to prevent a loop RSTP Bridge Port Roles Root The Root Port is a forwarding port that can...

Page 75: ...riority the switch with the lowest MAC address becomes the root switch Enter a value from 0 61440 The lower the numeric value you assign the higher the priority for this bridge The priority determines...

Page 76: ...Enable State Select Enable State to enable RSTP on the switch Deselect Enable State to disable RSTP on the switch Mode Only one mode RSTP is supported Bridge Parameters Priority Define the priority o...

Page 77: ...led or disabled on the selected port range BDPU Guard Select if the BDPU Guard setting should be enabled or disabled on the selected port range Root Guard Select if the Root Guard setting should be en...

Page 78: ...Bidirectional traffic UDP Number of devices in the ring 852 1322 Average failover time ms Average recovery time ms Average failover time ms Average recovery time ms 10 1064 9 N A 1064 5 N A 20 1233 6...

Page 79: ...ult setting by clicking on the Reset button as shown in Figure WBM Maintenance Page Reset to Default Tab When the switch is restarted the web browser will be re directed to the login web page as depic...

Page 80: ...XX XXX ini by the Web browser Choosing to Save File will back up the switch s current configuration to your local drive on the local PC Figure 62 WBM Maintenance Page Backup Restore Tab To restore a c...

Page 81: ...ed to ensure that the correct user settings will not be changed easily by unauthorized access or user The user can logout of the device by either browsing to the Logout page and click Lo gout button o...

Page 82: ...al Managed Switch 11 Commissioning Note For important and useful information on commissioning see sections System Settings 8 System Settings 36 Network Settings 8 Network Settings 41 Port Settings 8 S...

Page 83: ...s and troubleshooting see sections Diagnostics via LED Indicators Diagnostics using product LEDs 8 Unit LEDs 18 Diagnostics using connection LEDs 8 Port LEDs 18 Diagnostics via WBM Diagnostics using S...

Page 84: ...vice Note The following topics are useful for maintenance for which the sections in the WBM de scription are given Update the firmware 8 Firmware Upgrade 78 Reset to factory settings 8 Reset to Defaul...

Page 85: ...uipment sent to a local collection point The guidelines 2006 66 EG PPWD 2018 852 EU and WEEE 2012 19 EU apply throughout Europe National directives and laws may vary Table 44 WEEE Mark Logo Descriptio...

Page 86: ...yte 0x03 Word 2 Hi byte 0x04 Word 2 Lo byte 0x05 0x0024 36 1 word R Kernel Version Ex Version 1 03 Word 0 Hi byte 0x01 Word 0 Lo byte 0x03 IP Information 0x0050 80 1 word R DHCP Status 0x0000 Disabled...

Page 87: ...Speed Status 10M 0x01 Status 100M 0x02 Status 1000M 0x03 Word 0 Hi byte Port 1 Status Word 0 Lo byte Port 2 Status Word 1 Hi byte Port 3 Status Word 1 Lo byte Port 4 Status Word 2 Hi byte Port 5 Stat...

Page 88: ...ation tab LLDP Settings page 38 Table 17 WBM Configuration page SNTP tab 39 Table 18 WBM Configuration tab SNTP page 41 Table 19 WBM Configuration Page System Settings Tab 42 Table 20 WBM Configuratio...

Page 89: ...ort Security Settings tab 68 Table 38 WBM Security tab Port Isolation Settings page 69 Table 39 WBM Security tab VLAN Setup page 71 Table 40 WBM Security tab Management VLAN Setup page 72 Table 41 Oth...

Page 90: ...8 Example of Security Card 34 Figure 19 Re direction to Change Password Tab Page 34 Figure 20 WAGO Login Dialog after Resetting Password 34 Figure 21 WBM Information Page System Information Tab 35 Fig...

Page 91: ...802 1X Tab 63 Figure 49 WBM Security Page 802 1X Setting Tab 64 Figure 50 WBM Security Page 802 1X 802 1X Parameter Setting Tab 65 Figure 51 WBM Security Page 802 1X 802 1X Port Setting Tab 66 Figure...

Page 92: ...s catalogs videos and other WAGO media are subject to copyright Distribution or modification of the contents of these pages and videos is prohibited Furthermore the content may neither be copied nor m...

Search results

Summary of Contents for 852-1328

Reviews:

Related manuals for 852-1328

Brands by name

Popular brands

WAGO 852-1328, Product Manual

Search results

Summary of Contents for 852-1328

Reviews:

Related manuals for 852-1328

Brands by name

Popular brands