manualshive.com logo in svg

Weidmüller 2682360000, Manual

The Weidmüller 2682360000 is a versatile product designed for various industrial applications. To get the most out of this device, make sure to download the manual for free from our website. This manual provides detailed instructions on how to use the product effectively and efficiently.

Share
Download
background image

User Manual Managed Switches 

148

 

MAC Address 

Source MAC address. 

3.12.3 Access Control List (ACL) 

The switch has an Access Control List (ACL) where the user can create different Access Control 
Entries (ACEs) specifying individual frame types permitted or denied. Accordingly, ACL can be 
configured to control inbound traffic, and in this context, they are similar to firewalls. 

There are four ACE frame types (Ethernet Type, ARP, IPv4 and IPv6) and two ACE actions (permit and deny). 

The ACE also contains many detailed, different parameter options that are available for individual application.

 

In the following sections are described the options of the Web Management associated with the 
ACLs. 

3.12.3.1 ACL Ports Configuration 

This option allows the user to configure the ACL parameters of each switch port. These parameters 
will affect frames received on a port unless the frame matches a specific ACE. 

The parameters that can be configured for each port of the switch are: 

 

Policy ID 

Setting 

Description 

Factory 
Default 

0 to 255 

Indicate the policy ID to apply to this port. 

Action 

Setting 

Description 

Factory 
Default 

Permit / Deny 

Select whether forwarding is permitted ("Permit") or 
denied ("Deny"). 

Permit 

Rate Limiter ID 

Setting 

Description 

Factory 
Default 

Disabled / 1 to 16 

Select which rate limiter to apply on this port (1 to 16). 
The value of the 1 to 16 Rate limiters ID is defined in 

Disabled 

Summary of Contents for 2682360000

Page 1: ...it Advanced Line Switches IE SW AL08M 8GT 2682350000 IE SW AL12M 8GT 4GESFP 2682340000 IE SW AL14M 12GT 2GESFP 2682360000 IE SW AL24M 16GT 8GESFP 2682370000 IE SW AL08M 8GTPoE 2682420000 IE SW AL06M 4...

Page 2: ...r reserves the right to make improvements and or changes to this manual or to the products and or the programs described in this manual at any time Information provided in this manual is intended to b...

Page 3: ...Methods 17 3 3 4 3 Access Security 19 3 3 4 4 Access Statistics 21 3 3 5 Users 21 3 3 5 1 Configuration 21 3 3 5 2 Privilege Levels 22 3 3 6 Time Setting 24 3 3 7 LLDP Function 26 3 3 7 1 Overview 26...

Page 4: ...istics 51 3 5 3 DHCP Snooping 52 3 5 3 1 DHCP Snooping Configuration 52 3 5 3 2 DHCP Snooping Table 53 3 5 3 3 DHCP Snooping Detailed Statistics 54 3 6 Redundancy 55 3 6 1 Introduction to Communicatio...

Page 5: ...MON History Configuration 99 3 9 3 RMON Alarm Configuration 100 3 9 4 RMON Event Configuration 102 3 9 5 RMON Statistics Status 103 3 9 6 RMON History Status 105 3 9 7 RMON Alarm Status 106 3 9 8 RMON...

Page 6: ...ACL Configuration 150 3 12 3 4 ACL Status 162 3 12 4 Authentication Authorization and Accounting AAA 163 3 12 4 1 RADIUS Server Configuration 163 3 12 4 2 TACACS Server Configuration 166 3 12 4 3 RAD...

Page 7: ...9 SFP Type 194 3 14 10 Ping and Ping6 195 3 15 Power over Ethernet PoE 195 3 15 1 PoE Configuration 196 3 15 2 PoE Status 198 3 15 3 PoE Schedule 199 3 15 4 PoE Auto Ping 200 3 16 PTP Synchronization...

Page 8: ...nterface CLI Management using serial console or Telnet console has its own specific manual User Manual Command Line Interface for gigabit Advanced Line Switches that is also available in our online ca...

Page 9: ...ion management o SNTP o PTPv2 only IE SW AL14M 12GT 2GESFP and IE SW AL24M 16GT 8GESFP Monitoring functions o SNMP v1 v2c v3 o Link Layer Discovery Protocol LLDP o Port mirroring o Port statistics o P...

Page 10: ...ost and the Switch are on the same logical subnet NOTE If the Weidm ller switch is configured for other VLAN settings you must make sure your PC host is on the management VLAN NOTE Before accessing th...

Page 11: ...menu tree in the left navigation panel to open the function pages to access each of Ethernet Switch s functions NOTE The pages of the Web interface include a Help button that describes the parameters...

Page 12: ...rn the user that the security certificate was issued by a company they have not chosen to trust Select Continue to this website to enter the Weidm ller switch s web browser interface and access the we...

Page 13: ...y Default Max 255 characters This option is useful for recording a more detailed description of the unit Description of type System Location Setting Description Factory Default Max 255 characters This...

Page 14: ...tem Name as hostname to provide DNS lookup Fallback Timeout Setting Description Factory Default Number between 0 and 4294967295 sec The number of seconds for trying to obtain a DHCP lease After this p...

Page 15: ...enabled this field configures the fallback address network mask The field may be left blank if IPv4 operation on the interface is not desired or no DHCP fallback address is desired 24 Gateway Setting...

Page 16: ...ultiple 16 bit groups of contiguous zeros but it can appear only once System accepts the valid IPv6 unicast address only except IPv4 Compatible address and IPv4 Mapped address This field may be left b...

Page 17: ...he current address of the interface of the given type Status The status flags of the interface and or address IP Routes Network The destination IP network or host address of this route Gateway The gat...

Page 18: ...abled Enable or disable SSH mode operation Enabled Telnet Setting Description Factory Default Enabled or Disabled Enable or disable Telnet access Disabled Web Interface Access Setting Description Fact...

Page 19: ...specific passphrase Generate Generate a new self signed RSA certificate The Certificate Status field displays the current status of certificate on the switch The possible status are Switch secure HTTP...

Page 20: ...sed for primary authentication it is recommended to configure secondary authentication as local This will enable the management client to login via the local user database if none of the configured au...

Page 21: ...tion Factory Default no Accounting is disabled no tacacs Use remote TACACS server s for accounting Cmd Lvl Setting Description Factory Default 0 to 15 Enable accounting for all commands with a privile...

Page 22: ...ess Setting Description Factory Default IP address The end IP address for the access management entry None HTTP HTTPS Setting Description Factory Default Check Uncheck The host can access the switch f...

Page 23: ...umber of allowed packets from the interface Discarded Packets Number of discarded packets from the interface 3 3 5 Users By default the switch default s user name is admin password is Detmold and has...

Page 24: ...15 it can access all groups i e that is granted the fully control of the device But other values need to refer to each group privilege level User s privilege should be the same or greater than the gr...

Page 25: ...groups in details System Contact Name Location Timezone Daylight Saving Time Log Security Authentication System Access Management Port contains Dot1x port MAC based and the MAC Address Limit ACL HTTP...

Page 26: ...on page lets users set the time date and other settings An explanation of each setting is given below the figure NOTE The Weidm ller switch does not have a real time clock The user must update the Cur...

Page 27: ...mezone Setting Description Factory Default User selectable time zone Specifies the time zone which is used to determine the local time offset from GMT Greenwich Mean Time GMT Greenwich Mean Time Serve...

Page 28: ...and configurations As a result all of the devices would have knowledge about each other and through SNMP this knowledge can be transferred to a Network Management Software for auto topology and netwo...

Page 29: ...nterval value 30 sec Tx Hold Setting Description Factory Default 2 to 10 times Each LLDP frame contains information about how long the information in the LLDP frame shall be considered valid The LLDP...

Page 30: ...zed Enabled Tx only The switch will drop LLDP information received from neighbors but will send out LLDP information Disabled The switch will not send out LLDP information and will drop LLDP informati...

Page 31: ...t on which the LLDP frame was received Chassis ID The identification of the neighbor s LLDP frames Port ID The identification of the neighbor port Port Description The port description advertised by t...

Page 32: ...ies deleted since switch reboot Total Neighbors Entries Dropped Shows the number of LLDP frames dropped due to full entry table Total Neighbors Entries Aged Out Shows the number of entries deleted due...

Page 33: ...information is removed and the value of the age out counter is incremented Clear If checked the counters for the specific interface are cleared when the button Clear is pressed 3 3 8 Industrial Protoc...

Page 34: ...t compatible as defined in IEEE standards With PROFINET applications can be implemented for production and process automation safety applications and the entire range of drive technology With its inte...

Page 35: ...or the Startup Configuration file of the switch to the PC The name of the file has to be entered in the field Backup file name and then the button Export Configuration has to be pressed Restore Config...

Page 36: ...Enabled When Enabled the IE EBR MODULE RS232 ALM can be used in the switch to upload a stored configuration file Disabled 3 3 11 Upgrade Firmware This option is used to upgrade the firmware of the swi...

Page 37: ...vides the current link speed of the port Current Speed Configured Link Speed Setting Description Factory Default Disabled Immediately shuts off port access Auto Auto Allows the port to use the IEEE 80...

Page 38: ...ex is set as auto i e auto negotiation the port will only advertise the specified duplex modes Fdx or Hdx to the link partner All checked Advertise Speed Setting Description Factory Default Check Unch...

Page 39: ...d if the EtherType Length field doesn t match the actual payload length If frame length check is disabled frames are not dropped due to frame length mismatch Unchecked 3 4 2 Port Trunking Link Aggrega...

Page 40: ...s a whole when added or deleted from a VLAN The Spanning Tree Protocol will treat all the ports in link aggregation as a whole 3 4 2 1 Aggregation Mode This page is used to configure the static aggreg...

Page 41: ...rts Select ports to be included in an aggregation group Only full duplex ports can join an aggregation group and all the ports must have the same speed in each group No ports belonging to any aggregat...

Page 42: ...Setting Description Factory Default Active Passive Shows the LACP activity status Active Transmits packets every second Passive Waits for an LACP packet from a partner speak if spoken to Active Timeo...

Page 43: ...t Status This page provides an overview of LACP status of all ports The displayed table contains information about the different LACP parameters of each port Port The switch port number LACP Yes means...

Page 44: ...regation Status This page is used to see the status of ports in Aggregation groups The displayed table contains information about the different static and LACP aggregation groups created Aggr ID The a...

Page 45: ...on is enabled as a whole Disable Transmission Time Setting Description Factory Default 1 to 10 sec The interval between each loop protection PDU sent on each port 5 sec Shutdown Time Setting Descripti...

Page 46: ...Port Tx Mode Setting Description Factory Default Enable Disable Controls whether the port is actively generating loop protection PDUs Enable or whether it is just passively looking for looped PDUs Dis...

Page 47: ...sible for DHCP broadcast messages to be sent over routers The DHCP Relay Agent enables DHCP clients to obtain IP addresses from a DHCP server on a remote subnet or those that are not located on the lo...

Page 48: ...a specific DHCP client identified by client identifier or hardware address If is displayed it means not defined IP Setting Description Factory Default IP network address Display the network number of...

Page 49: ...ontains only 1 excluded IP then you can just enter it in any of the fields or in both None 3 5 1 4 DHCP Server Statistics This page displays the database counters and the number of DHCP messages sent...

Page 50: ...r of DHCP OFFER messages sent ACK Number of DHCP ACK messages sent NAK Number of DHCP NAK messages sent 3 5 1 5 DHCP Server Binding IP This page displays bindings generated for DHCP clients The displa...

Page 51: ...addresses declined 3 5 1 7 DHCP Server IP Port Binding If is required to assign a fixed IP address to a client this page allows to statically bind each port of the switch to an IP address in a DHCP ad...

Page 52: ...ntains 2 sub options Circuit ID and Remote ID which define the relationship between end device IP and the DHCP Option 82 server The Circuit ID is a 4 byte number generated by the Ethernet switch whils...

Page 53: ...ay information mode is enabled if the agent receives a DHCP message that already contains relay agent information it will enforce the policy The Replace policy is invalid when relay information mode i...

Page 54: ...esulted in errors while being sent to server Receive from Client The number of packets received from the client Receive Agent Option The number of packets received containing agent information option...

Page 55: ...ort as trusted source of the DHCP messages Untrusted Configures the port as untrusted source of the DHCP messages Trusted 3 5 3 2 DHCP Snooping Table This page displays the dynamic IP assigned informa...

Page 56: ...for DHCP snooping Notice that the normal forward per port TX statistics is not increased if the incoming DHCP packet is done by L3 forwarding mechanism And clear the statistics on specific port may n...

Page 57: ...s you to set up redundant loops in the network to provide a backup data transmission route in the event that a cable is inadvertently disconnected or damaged This is a particularly important feature f...

Page 58: ...o that the part of the network that was disconnected can re establish the contact with the rest of the network 3 6 2 1 Topology Setup for O Ring Initial setup of an O Ring ring 1 Select one of the swi...

Page 59: ...ing Coupling More or less is invalid 3 6 2 3 Dual Homing Configuration The Dual homing option allows the connection of a ring working with O Ring protocol and an Ethernet switch of a different redunda...

Page 60: ...ich shall be used to connect the O Ring with the RSTP switch The Ring Status field indicates the operation of the ring It shows N A if Ring Redundancy is Disabled shows Healthy if the ring is operatin...

Page 61: ...enable the Dual Homing operation in the Switch Homing Port Setting Description Factory Default Homing Port Select any port of the Switch to be the homing port Port 04 Status Description Factory Defau...

Page 62: ...edge switches 3 Configure at all the switches of the daisy Chain the ports that will be part of the chain 4 In the two edge switches additionally configure the edge port There is no need to change an...

Page 63: ...ive you must enable RSTP STP on every Weidm ller switch connected to your network Rapid Spanning Tree Protocol RSTP implements the Spanning Tree Algorithm and Protocol defined by IEEE 802 1D 2004 RSTP...

Page 64: ...ths and prevent or block one of the paths from forwarding traffic In the following example STP determined that traffic from LAN segment 2 to LAN segment 1 should flow through bridges C and A since thi...

Page 65: ...icate with each other The communication is carried out using Bridge Protocol Data Units BPDUs which are transmitted in packets with a known multicast address Each bridge must have a Bridge Identifier...

Page 66: ...n this bridge that connects to the segment is called the Designated Bridge Port STP Configuration After all of the bridges on the network agree on the identity of the Root Bridge and all other relevan...

Page 67: ...the Designated Bridge for LAN segment 3 because it has the lowest Root Path Cost for LAN Segment 3 The route through bridges C and B costs 200 C to B 100 B to A 100 The route through bridges Y and B c...

Page 68: ...an across MST regions Common and Internal Spanning Tree CIST The CIST is the default spanning tree of MSTP i e all VLANs that are not members of particular MSTIs are members of the CIST Also the spann...

Page 69: ...e priority plus the MSTI instance number concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier For MSTP operation this is the priority of the CIST Otherwise this is the prio...

Page 70: ...e its BPDU information 20 Transmit Hold Count Setting Description Factory Default Numerical value input by user 1 to 10 The number of BPDUs a bridge port can send per second When exceeded transmission...

Page 71: ...ogrammed if the redundancy protocol programmed is MSTP It is not applicable to STP RSTP The page allows the user to inspect and change the current MST Configuration Name the Revision level and the map...

Page 72: ...pty ex without any mapped VLANs None 3 6 4 5 MSTI Priorities NOTE This page only has to be programmed if the redundancy protocol programmed is MSTP It is not applicable to STP RSTP The page allows the...

Page 73: ...ows the user to enter a user defined value 1 to 200000000 The path cost is used when establishing an active topology for the network Lower path cost ports are chosen as forwarding ports in favor of hi...

Page 74: ...ions and topology changes to other ports If set it can cause temporary loss of connectivity after changes in spanning tree s active topology as a result of persistently incorrect learned station locat...

Page 75: ...cost incurred by the port Auto will set the path cost according to the physical link speed by using the 802 1D recommended values Specific allows the user to enter a user defined value 1 to 200000000...

Page 76: ...he figure below can be seen the screen shown when CIST is pressed Port The port of the switch Port ID The port identifier used by the STP protocol consisting of the priority and the logical port index...

Page 77: ...fast it can transit to STP states Uptime The time since the bridge port was last initialized 3 6 4 9 Port Status This page displays the STP CIST port status for physical ports of the switch In the tab...

Page 78: ...ceived on the port TCN The number of legacy Topology Change Notifications BPDUs transmitted received on the port Discarded Unknown The number of unknown Spanning Tree BPDUs received and discarded on t...

Page 79: ...dividing the LAN into logical segments as opposed to physical segments In general VLANs are easier to manage 3 7 1 The Virtual LAN VLAN Concept What is a VLAN A VLAN is a group of devices that can be...

Page 80: ...is standard allows traffic from multiple VLANs to be carried across one physical link The IEEE Std 802 1Q 1998 standard allows each port on your Weidm ller switch to be placed in On a single VLAN defi...

Page 81: ...mbership This page allows the user to configure VLANs on the switch The page is divided into a global section and a per port configuration section Global VLAN Configuration Allowed Access VLANs Settin...

Page 82: ...k Trunk ports can carry traffic on multiple VLANs simultaneously and are normally used to connect to other switches Trunk ports have the following characteristics By default a trunk port is member for...

Page 83: ...rid mode 1 Port type Ports in hybrid mode allow for changing the port type that is whether a frame s VLAN tag is used to classify the frame on ingress to a particular VLAN and if so which TPID it reac...

Page 84: ...ingress filtering is disabled unchecked frames classified to a VLAN that the port is not a member of are accepted and forwarded to the switch engine However the port will never transmit frames classi...

Page 85: ...t become member of any VLAN 1 Forbidden VLANs Setting Description Factory Default VID ranges from 1 to 4095 A port may be configured to never become member of one or more VLANs This is particularly us...

Page 86: ...of the VLAN in this case 3 7 2 3 VLAN Port Status This page provides VLAN port status information The following information is shown on the table User Type Various internal software modules may use VL...

Page 87: ...switch can be monitored and modified from this page Private VLANs can be added or deleted and port members of each private VLAN can also be added or removed Private VLANs are based on the source port...

Page 88: ...eck A check box is provided for each port of a private VLAN When checked port isolation is enabled for that port When unchecked port isolation is disabled for that port Unchecked 3 7 2 6 GVRP Configur...

Page 89: ...ctory Default Numerical value between 1 and 4094 The maximum number of VLANs supported by GVRP This number can only be changed when GVRP is disabled 20 3 7 2 7 GVRP Port Configuration This configurati...

Page 90: ...Read Community Community string No Uses a community string match for authentication V1 V2c Write Read Community Community string No Uses a community string match for authentication SNMP V3 No Auth No...

Page 91: ...objects using this community string The field only suits to SNMPv1 and SNMPv2c If SNMPv3 is used this setting has to be made using the option SNMP Community public Write Community SNMPv1 and SNMP v2c...

Page 92: ...ing Description Factory Default Disabled Enabled Enables or disables SNMP traps in the switch Disabled Pressing the button Add New Entry the SNMP Trap configuration page appears SNMP Trap Configuratio...

Page 93: ...Indicates the SNMP trap destination address It allow a valid IP address in dotted decimal notation x y z w None Trap Destination Port Setting Description Factory Default Port number 1 to 65535 Indica...

Page 94: ...p Security Name Setting Description Factory Default Max 255 characters Indicates the SNMP trap security name SNMPv3 traps and informs using USM for authentication and privacy A unique security name is...

Page 95: ...Indicates the community access string to permit access to SNMP agent None Source IP Setting Description Factory Default IP address Indicates the SNMP source address A particular range of source addres...

Page 96: ...ys In a simple agent usmUserEngineID is always that agent s own snmpEngineID value The value can also take the value of the snmpEngineID of a remote SNMP engine with which this user can communicate In...

Page 97: ...vacy Password Setting Description Factory Default String between 8 and 32 characters A string identifying the encryption pass phrase None 3 8 5 SNMP Groups Configuration This page allows the user to c...

Page 98: ...ne Group Table Group Name Setting Description Factory Default Max 32 characters A string identifying the name of the Group None 3 8 6 SNMP View Configuration NOTE This page only has to be configured i...

Page 99: ...n the switch This page allows the user to configure SNMPv3 accesses table The entry index keys are Group Name Security Model and Security Level Two default views are already created but is possible to...

Page 100: ...which this request may get the current values It should be one of the created views in the SNMP Views Configuration option None Write View Name Setting Description Factory Default Max 32 characters T...

Page 101: ...Source Setting Description Factory Default Number OID Indicates the port ID which wants to be monitored The value of the switch must add 1000000 switch ID 1 For example if we want to monitor switch 3...

Page 102: ...tween 1 and 3600 Indicates the maximum data entries associated this History control entry stored in RMON 50 3 9 3 RMON Alarm Configuration The user can configure RMON Alarm table on this page Press th...

Page 103: ...uest to transmit OutNUcastPkts The number of broad cast and multi cast packets that request to transmit OutDiscards The number of outbound packets that are discarded even the packets are normal OutErr...

Page 104: ...n 1 and 65535 Rising event index 0 Falling Threshold Setting Description Factory Default Numeric value between 231 and 231 1 Falling threshold value 0 Falling Index Setting Description Factory Default...

Page 105: ...Default Information only Indicates the value of sysUpTime at the time this event entry last generated an event None 3 9 5 RMON Statistics Status This page provides an overview of RMON Statistics entri...

Page 106: ...S with a non integral number of octets Alignment Error Under Size The total number of packets received that were less than 64 octets Over Size The total number of packets received that were longer tha...

Page 107: ...tets The total number of octets of data including those in bad packets received on the network Pkts The total number of packets including bad packets broadcast packets and multicast packets received B...

Page 108: ...s the particular variable to be sampled Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds Value The value of the statistic during...

Page 109: ...plications What is Traffic Prioritization Traffic prioritization allows you to prioritize data so that time sensitive and system critical data can be transferred smoothly and with minimal delay over a...

Page 110: ...y used prioritization scheme in the LAN environment it still has some restrictions It requires an additional 4 byte tag in the frame which is normally optional for Ethernet networks Without this tag t...

Page 111: ...check a packet received at the ingress port for IEEE 802 1D traffic classification and then prioritize it based upon the IEEE 802 1p value service levels in that tag It is this 802 1p value that dete...

Page 112: ...nearest value supported by the global storm policer 1 Unit Setting Description Factory Default fps kfps Controls the unit of measure for the storm control rate Fps stands for frames per second and kfp...

Page 113: ...assified to a PCP value If the port is VLAN aware and the frame is tagged then the frame is classified to the PCP value in the tag Otherwise the frame is classified to this default PCP value 0 DEI Set...

Page 114: ...ort Accordingly Source Enables SMAC SIP matching Destination Enables DMAC DIP matching Source 3 10 3 Port Tag Remarking This page provides an overview of QoS Egress Port Tag Remarking for all switch p...

Page 115: ...SCP translation window for the specific DSCP All Classify all DSCP Disable Egress Rewrite Setting Description Factory Default Disable Enable Remap DP Unaware Remap DP Aware Port egress rewriting can b...

Page 116: ...h port Unchecked Rate Setting Description Factory Default Numerical value Configures the rate of each policer This value is restricted to 100 to 3276700 when the Unit is kbps or fps and is restricted...

Page 117: ...en Unit is Mbps The rate is internally rounded up to the nearest value supported by the queue policer This field is only shown if the queue policer is enabled 500 Unit Setting Description Factory Defa...

Page 118: ...ecific port of the switch Scheduler Mode Setting Description Factory Default Strict Priority 6 Queues Weighted Configures the scheduler mode on this switch port Strict Priority Queue Shaper Enable Set...

Page 119: ...er the queue is allowed to use excess bandwidth It can only be programmed if queue shaper is enabled Unchecked Queue Scheduler Weight Setting Description Factory Default Numerical value between 1 and...

Page 120: ...per rate e g 800 Mbps When clicking on any port number a new page is loaded to configure the Scheduler and Shapers for that specific port of the switch The page is the same one loaded from the Port Sc...

Page 121: ...g Description Factory Default 0 to 1 Drop precedence level DP A DP level of 0 corresponds to committed frames and a DP level of 1 corresponds to discard eligible frames 0 3 10 10 DSCP Translation This...

Page 122: ...CP to new DSCP values 0 to 63 Ingress Classification Setting Description Factory Default Check Uncheck Check to enable classification at ingress side Unchecked Egress Remap DP0 and DP1 Setting Descrip...

Page 123: ...CP DP0 and DP1 Setting Description Factory Default 0 to 63 Select the classified DSCP value for frames with Drop Precedence Level 0 and Drop Precedence Level 1 0 3 10 12 QoS Control List This page sho...

Page 124: ...allowed Any Key Parameters SMAC Setting Description Factory Default Any Specific Indicates the source MAC address for incoming frames Any All types of SMAC addresses are allowed Specific Type the spe...

Page 125: ...ties Any Key Parameters Frame Type Ethertype Setting Description Factory Default Any Specific Valid Ether Type can be 0x600 0xFFFF excluding 0x800 IPv4 and 0x86DD IPv6 or Any Any Key Parameters Frame...

Page 126: ...ype IPv6 Setting Description Factory Default Protocol TCP UDP Other value from 0 to 255 or Any When selecting TCP or UDP the following additional parameters have to be configured Sport Source TCP UDP...

Page 127: ...to 7 PCP from 0 to 7 or Default Default means that the default classified value is not modified by this QCE Default Action Parameters DEI Setting Description Factory Default Default 0 or 1 DEI 0 1 or...

Page 128: ...frame type Ethernet Only Ethernet frames with Ether Type 0x600 0xFFFF are allowed LLC Only LLC frames are allowed SNAP Only SNAP frames are allowed IPv4 The QCE will match only IPV4 frames IPv6 The QC...

Page 129: ...e for example a server since it will not need to produce several copies of the same data It makes efficient use of network bandwidth and scales well as the number of multicast group members increases...

Page 130: ...onging to the same group The Weidm ller switch supports both automatic multicast filtering with IGMP Internet Group Management Protocol Snooping and manual multicast filtering by adding static multica...

Page 131: ...on the LANs or VLANs that are connected to it For networks with more than one IP router the router with the lowest IP address is the querier A switch with IP address lower than the IP address of any o...

Page 132: ...groups in the address range Assign valid IPv4 multicast address as prefix with a prefix length from 4 to 32 for the range 232 0 0 0 8 Leave Proxy Enabled Setting Description Factory Default Check Unc...

Page 133: ...put field When first visited the web page will show the first 20 entries from the beginning of the VLAN table The first displayed will be the one with the lowest VLAN ID found in the VLAN table The St...

Page 134: ...ing on the versions of IGMP operating on hosts and routers within a network IGMP Auto PRI Setting Description Factory Default 0 to 7 Priority of Interface It indicates the IGMP control frame priority...

Page 135: ...3 11 4 IGMP Snooping Status This page provides IGMP Snooping status The following information can be displayed on the page VLAN ID The VLAN ID of the entry Querier Version Current working Querier vers...

Page 136: ...ort Members Ports under this group 3 11 6 IGMP SFM Information The IGMP SFM Source Filtered Multicast Information Table also contains the SSM Source Specific Multicast information This table is sorted...

Page 137: ...ific ports of the switch IPMC entries are created in the option IPMC Profile Configurations described in the next section of this manual For each port of the switch the user can select the Filtering p...

Page 138: ...on Factory Default Max 64 characters Additional description about the profile No blank or space characters are permitted as part of description Use _ or to separate the description sentence None Rule...

Page 139: ...evels Weidm ller switches provide a wide range of options that allow the user to meet the security requirements of different applications For user name password level security Weidm ller switches prov...

Page 140: ...he end station that requests access to the LAN and switch services and responds to the requests from the switch Authentication server The server that performs the actual authentication of the supplica...

Page 141: ...supplicant The EAP Request Challenge frame is retrieved directly from the RADIUS Access Challenge frame 5 The supplicant responds to the EAP Request Challenge by sending an EAP Response Challenge fra...

Page 142: ...enabled the switch will detect the stream change getting low from device The Status column indicates the alive check status Normal The stream is normal Low The stream is getting low Disabled DDOS Prev...

Page 143: ...s possible to specify alternative IP addresses alias IP addresses Alias IP Address Setting Description Factory Default IP address Specify Alias IP address Keep 0 0 0 0 if the device doesn t have alias...

Page 144: ...ting Description Factory Default Information only Indicates the Alive Check status Disabled Got Reply Receiving ping reply from device Lost Reply Not receiving ping reply from device Disabled 3 12 1 3...

Page 145: ...er If the packed type is TCP or UDP the socket number has to be specified It is possible to specify a range from Low to High If the socket number is one fill the same number in fields Low and High 80...

Page 146: ...ate between different ports Type Setting Description Factory Default Select from a list Indicates device types Possible types are no specification IP Camera IP Phone Access Point PC PLC and Network Vi...

Page 147: ...tion Factory Default Log it Indicates the action when stream getting low The possible actions to be configured are No action Log it Log the event Disabled Status Setting Description Factory Default In...

Page 148: ...es Port Mode Configuration Mode Setting Description Factory Default Enabled Disabled Enable or Disable the IP Source Guard function in each specific port of the switch Disabled Max Dynamic Clients Set...

Page 149: ...Guard Table The page shows up to 99 entries from the Dynamic IP Source Guard table default being 20 selected through the Entries per page input field When first visited the web page will show the firs...

Page 150: ...ollowing sections are described the options of the Web Management associated with the ACLs 3 12 3 1 ACL Ports Configuration This option allows the user to configure the ACL parameters of each switch p...

Page 151: ...port are stored in the System Log Disabled Frames received on the port are not logged Note Consider that the System Log memory size and logging rate is limited Disabled Shutdown Setting Description Fa...

Page 152: ...ry Default pps kbps Packets per second pps or Kilobits per second kbps pps 3 12 3 3 ACL Configuration This page shows the Access Control List ACL made up of the Access Control Entries ACEs defined on...

Page 153: ...es matching the ACE are filtered Rate Limiter Indicates the rate limiter number of the ACE The allowed range is 1 to 16 When Disabled is displayed the rate limiter operation is disabled Port Redirect...

Page 154: ...this this ACE Any Any frame can match this ACE Ethernet type Only Ethernet type frames can match this ACE The IEEE 802 3 describes the value of Length Type Field specifications to be greater than or e...

Page 155: ...fault Any Specific priority Specify the tag priority filter for this ACE Any No tag priority is specified Specific Allowed number range is 0 to 7 or range 0 1 2 3 4 5 6 7 0 3 and 4 7 Any Action Settin...

Page 156: ...Consider that the System Log memory size and logging rate is limited Disabled Shutdown Setting Description Factory Default Enabled Disabled Specify the port shut down operation of the ACE Enabled If...

Page 157: ...00 to 0xFFFF but excluding 0x800 IPv4 0x806 ARP and 0x86DD IPv6 Any ARP parameters If the type of frame selected is ARP several additional parameters can be programmed ARP RARP Setting Description Fac...

Page 158: ...get IP address in the Target IP Address field that appears Network Target IP filter is set to Network Specify the target IP address and target IP mask in the Target IP Address and Target IP Mask field...

Page 159: ...the HLD is not equal to Ethernet 1 1 ARP RARP frames where the HLD is equal to Ethernet 1 Any Ethernet Setting Description Factory Default Any 0 1 Specify whether frames can hit the action according t...

Page 160: ...field is greater than zero must not be able to match this entry Yes IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry Any IP Option Se...

Page 161: ...s specific ACE Any No IPv6 next header filter is specified Other A field for entering a specific IPv6 next header filter appears from 0 to 255 ICMP IPv6 ICMP protocol frames UDP IPv6 UDP protocol fram...

Page 162: ...ame selected is IPv4 TCP IPv4 UDP IPv6 TCP or IPv6 UDP several additional parameters can be programmed TCP UDP Source Port Filter Setting Description Factory Default Any Specific Range Specify the TCP...

Page 163: ...ield is set must not be able to match this entry 1 TCP frames where the SYN field is set must be able to match this entry Any TCP RST Setting Description Factory Default Any 0 1 Specify the TCP Reset...

Page 164: ...ent ACL users Each row describes the main information about each ACE that is defined The maximum number of ACEs is 256 on each switch The table displayed on the page shows the following information Us...

Page 165: ...le disable any possible access to the management of the device and also provide the login option through Remote Access Dial In User Service RADIUS or Terminal Access Controller Access Control System P...

Page 166: ...feature but only if more than one server has been configured 0 Key Setting Description Factory Default Max 63 characters The secret key shared between the RADIUS server and the switch None NAS IP Add...

Page 167: ...ation 1812 Acct Port Setting Description Factory Default Port The UDP port to use on the RADIUS server for accounting Set to 0 to disable accounting 1813 Timeout Setting Description Factory Default 1...

Page 168: ...ctory Default 1 to 1440 minutes Deadtime is the period during which the switch will not send new requests to a server that has failed to respond to a previous request This will stop the switch from co...

Page 169: ...obal timeout value Leaving it blank will use the global timeout value None Key Setting Description Factory Default Max 63 characters This optional setting overrides the global key Leaving it blank wil...

Page 170: ...takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and...

Page 171: ...NAS Configuration This page allows the user to configure the IEEE 802 1X and MAC based authentication system and port settings The NAS configuration consists of two sections a system and a port wide...

Page 172: ...egular intervals and free resources if no activity is seen within a given period of time This parameter controls exactly this If reauthentication is enabled and the port is in an 802 1X based mode thi...

Page 173: ...ssigned VLAN Enabled Setting Description Factory Default Check Uncheck The RADIUS Assigned VLAN Enabled checkbox provides a quick way to globally enable disable RADIUS server assigned VLAN functionali...

Page 174: ...unchecked default the switch will only enter the Guest VLAN if an EAPOL frame has not been received on the port for the life time of the port If enabled checked the switch will consider entering the G...

Page 175: ...one supplicant is connected to a port the one that comes first when the port s link comes up will be the first one considered If that supplicant doesn t provide valid credentials within a certain amo...

Page 176: ...bled and enabled checked on a given port the switch reacts to QoS Class information carried in the RADIUS Access Accept packet transmitted by the RADIUS server when a supplicant is successfully authen...

Page 177: ...continue transmitting EAPOL Request Identity frames at the rate given by EAPOL Timeout Once in the Guest VLAN the port is considered authenticated and all attached clients on the port are allowed acce...

Page 178: ...Port State The current state of the port Possible values already explained in previous section Port State Last Source The source MAC address carried in the most recently received EAPOL frame for EAPO...

Page 179: ...the page 3 12 6 Port Security 3 12 6 1 Port Limit Control Limit Control allows for limiting the number of users on a given port A user is identified by a MAC address and VLAN ID If Limit Control is en...

Page 180: ...corresponding action is taken 4 Action Setting Description Factory Default None Trap Shutdown Trap Shutdown If the limit number is reached the switch will take one of the following actions None Do no...

Page 181: ...s shut down by the Limit Control module This state can only be shown if Action is set to Shutdown or Trap Shutdown Disabled The Reopen button can be used to reopen a specific port that has been shut d...

Page 182: ...e Limit Reached The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limit is reached and no more MAC addresses should be taken in Shut...

Page 183: ...to hold the MAC address indefinitely a dash will be shown 3 13 Warning Event Settings Since industrial Ethernet devices are often located at the endpoints of a system these devices will not always kno...

Page 184: ...of the switch Port Link Down Broken Warning Relay output is triggered when Port number The port is disconnected e g the cable is pulled out or the opposing device shuts down 3 13 2 Configuring Email...

Page 185: ...ch is powered up or down SNMP Authentication Failure Incorrect SNMP authentication O Ring Topology Change If the Master of the O Ring has changed or the backup path is activated O Chain Topology Chang...

Page 186: ...uthentication Setting Description Factory Default Check Uncheck Check if the SMTP server needs authentication Unchecked Username Type the username of the SMTP server None Password Type the password of...

Page 187: ...Send the specific messages which severity code is less or equal than Error 3 Warning Send the specific messages which severity code is less or equal than Warning 4 Message Send the specific messages...

Page 188: ...c MAC entries are learned all other frames are dropped Auto NOTE If the setting of the port for the MAC Table Learning is Secure make sure the link used for managing the switch is added to the static...

Page 189: ...rough the Entries per page input field When first visited the web page will show the first 20 entries from the beginning of the MAC table The first displayed will be the one with the lowest VLAN ID an...

Page 190: ...d transmitted bytes per port Errors The number of frames received in error and the number of incomplete transmissions per port Drops The number of frames discarded due to ingress or egress congestion...

Page 191: ...eue Counters The number of received and transmitted packets per input and output queue Receive Error Counters Rx Drops The number of frames dropped due to lack of receive buffers or egress congestion...

Page 192: ...ss or destination mirroring Remote mirroring RMirror is an additional function available on the switch to extend the destination port to another switch of the network So the administrator can analyze...

Page 193: ...g If you want to monitor some VLANs on the switch you can set the selected VLANs on this field 200 Port Configuration Source Setting Description Factory Default Disabled Neither transmitted nor receiv...

Page 194: ...t closest Event Log table match In the Syslog are defined four different levels for the Event Log Table Error The system log entry belongs to error level Warning The system log entry belongs to warnin...

Page 195: ...r short to pair C Short D Cross pair short to pair D Cross A Abnormal cross pair coupling with pair A Cross B Abnormal cross pair coupling with pair B Cross C Abnormal cross pair coupling with pair C...

Page 196: ...The amount of light being received from the fiber optic cable in dBm Besides monitoring the SFP status it is also possible to configure a high temperature warning that can be logged in Syslog Warning...

Page 197: ...ler switch and send ping commands out through its ports To use the Ping function type in the desired IP address ICMPv4 or ICMPv6 and then click Start The payload size of the ICMP packet 8 to 1400 byte...

Page 198: ...er to define the operation of the PoE ports The different parameters that can be configured are described below Reserved Power determined by Setting Description Factory Default Class Each port automat...

Page 199: ...n this mode the port power is not turned on if the PD requests more power than available from the power supply Legacy Capacitor Detection Setting Description Factory Default Enable Disable When enable...

Page 200: ...lows the user to inspect the current status of all PoE ports Parameter Description Local Port Port of the swich PD class Each PD is classified according to a class that defines the maximum power the P...

Page 201: ...PoE Schedule Powered devices usually do not need to be running 24 hours a day 7days a week The PoE Ethernet switch provides a PoE timetabling mechanism to let users set a flexible working schedule fo...

Page 202: ...cking packets to a specific device 0 0 0 0 Interval Time Setting Description Factory Default Number between 10 and 120 sec Define the interval for the switch to send alive checking packets 10 Retry Ti...

Page 203: ...This is capable of very accurate time synchronization by using special Ethernet hardware that records the exact time a PTP synchronization message is received at the Ethernet card It achieves clock ac...

Page 204: ...k details 0 Device Type Setting Description Factory Default Inactive Ord Bound P2pTransp E2eTransp Mastronly Slaveonly Indicates the Type of the Clock Instance There are five Device Types Ord Bound Cl...

Page 205: ...ows the actual PTP time with nanosecond resolution and the actual clock adjustment method depending on the available hardware on the network The button Synchronize from System Clock is taking the swit...

Page 206: ...e then requests Announce messages from all the configured masters The slave uses the BMC algorithm to select one as master clock the slave then request Sync messages from the selected master The param...

Page 207: ...save it The text Running configuration changed but not saved as startup configuration is shown in all the pages of the web interface It means the changes would be lost after restarting the switch The...

Page 208: ...he current IP address and username password settings Behavior External Reset Button Pressing the reset button located in front of the switch for more than five seconds will always restore the running...

Page 209: ...tion User Manual and Hardware Installation Guide Download via Product Catalogue Online Catalogue Download latest Firmware version Private MIB EDS GSDML file or Documentation http www weidmueller com S...

Reviews:

No comments

Related manuals for 2682360000

iDirect Evolution X3 Installation And Safety Manual preview
Evolution X3
Brand: iDirect Pages: 60
M86 Security R3000 Series Evaluation Manual preview
R3000 Series
Brand: M86 Security Pages: 46
OCCITALINA OXTOPUS EIA-709 User Manual preview
OXTOPUS EIA-709
Brand: OCCITALINA Pages: 54
NA DigiNet 416 User Manual preview
DigiNet 416
Brand: NA Pages: 22
Ericsson Marconi OMS 1200 Product Description preview
Marconi OMS 1200
Brand: Ericsson Pages: 136
SAGEMCOM SE681 WiMAX User Manual preview
SE681 WiMAX
Brand: SAGEMCOM Pages: 75
Aewin Technologies SCB-9651 User Manual preview
SCB-9651
Brand: Aewin Technologies Pages: 86
ADDON ARM8100 Quick Installation Manual preview
ARM8100
Brand: ADDON Pages: 4
Cleerline SSF Quick Start Manual preview
SSF
Brand: Cleerline Pages: 2
Intellinet 561044 Instructions Manual preview
561044
Brand: Intellinet Pages: 12
IBA ibaBM-FOX-i-3o-D Manual preview
ibaBM-FOX-i-3o-D
Brand: IBA Pages: 13
ProCurve J8451A Quick Start Manual preview
J8451A
Brand: ProCurve Pages: 2
LOOQS MB202 User Manual preview
MB202
Brand: LOOQS Pages: 69
LOOQS MeeBox MB201 User Manual preview
MeeBox MB201
Brand: LOOQS Pages: 76
NetApp NS224 Instructions Manual preview
NS224
Brand: NetApp Pages: 28
Tripp Lite N302-010 Specification Sheet preview
N302-010
Brand: Tripp Lite Pages: 2
D-Link DES-1026G Manual preview
DES-1026G
Brand: D-Link Pages: 16
Haier AB09SC2VH2 User Manual preview
AB09SC2VH2
Brand: Haier Pages: 9

Brands by name

Popular brands

Load more brands