Westermo MDI-112 Series User Manual Download | Manualshive

Page: 129 / 175

background image

125

[IFNAME] Egress interface name

Switch(config-ext-macl)#permit host

0007.7c11.2233 host 0011.7711.2234 gi25

Note: MAC Rule: Permit/Deny wildcard Source_MAC

wildcard Dest_MAC Egress_Interface

Example 1: Edit IP

Extended access list

Switch(config)# ip access-list extended 100

Switch(config-ext-acl)#permit

ip Any Internet Protocol

tcp Transmission Control Protocol

udp User Datagram Protocol

icmp Internet Control Message Protocol

Switch(config-ext-acl)#permit ip

A.B.C.D Source address

any Any source host

host A single source host

Switch(config-ext-acl)#permit ip

192.168.20.200

A.B.C.D Source wildcard bits

Switch(config-ext-acl)#permit ip

192.168.20.200 0.0.0.1

A.B.C.D Destination address

any Any destination host

host A single destination host

Switch(config-ext-acl)#permit ip

192.168.20.200 0.0.0.1 192.168.2.201 0.0.0.1

[IFNAME] Egress interface name

Switch(config-ext-acl)#permit ip

192.168.20.200 0.0.0.1 192.168.2.201 0.0.0.1

gi17

Note: Follow the below rule to configure ip

extended access list.

IP Rule: Permit/Deny Source_IP wildcard Dest_IP

wildcard Egress_Interface

TCP Rule: Permit/Deny tcp Source_IP wildcard

Dest_IP wildcard eq Given_Port_Number

Egress_Interface

«
...
127
128
129
130
131
...
»

Summary of Contents for MDI-112 Series

Page 1: ...1 MDI 118 Series MDI 112 Series User s Manual Version 1 1 Industrial Managed Ethernet Switch...

Page 2: ...2 Copyright Notice Copyright 2013 Westermo Teleindustri AB All rights reserved Reproduction in any form or by any means without permission is prohibited...

Page 3: ...equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operatio...

Page 4: ...ion 10 2 10 Wall Mounting Installation 12 2 11 Safety Warning 13 3 Preparation for Management 14 3 1 Preparation for Serial Console 14 3 2 Preparation for Web Interface 15 3 3 Preparation for Telnet C...

Page 5: ...1 4 15 Logout 152 5 Appendix 153 5 1 Pin Assignment of the RS 232 Console Cable 153 5 2 Private MIB 154 5 3 ModBus TCP IP 155 5 4 Revision History 170...

Page 6: ...ooping LACP for network control SNMP LLDP for network management The secured access is protected by Port Security 802 1x and flexible Access Control List The switch can work with network management sy...

Page 7: ...remote management Works with Network Management Systems Advanced Security supports IP Port Security 802 1x and Access Control List Dual 12 48VDC power inputs 1 3 Package List The product is shipped w...

Page 8: ...ing Combo Ports 2 7 Wiring RS 232 console cable 2 8 DIN Rail Mounting Installation 2 9 Wall Mounting Installation 2 10 Safety Warning 2 1 Hardware Introduction LED Diagnostic LED System Power 1 Power...

Page 9: ...5 Figure of MDI 118 F2G Figure of MDI 112 F4G...

Page 10: ...oth accepted but Power 1 and Power 2 must apply the same mode Note 1 It is a good practice to turn off input and load power and to unplug power terminal block before making wire connections Otherwise...

Page 11: ...lt conditions The fault conditions include power failure Ethernet port link break or other pre defined events which can be configured in management UI The default without power state of the Digital Ou...

Page 12: ...bles Note that crossover cables simply cross connect the transmit lines at each end to the received lines at the opposite end Straight through Cabling Schematic Cross over Cabling Schematic Note that...

Page 13: ...at the opposite end as illustrated in the figure below Note This is a Class 1 Laser LED product Don t look into the Laser LED Beam 2 7 Wiring Gigabit Combo Ports The switch includes RJ 45 Gigabit Com...

Page 14: ...follow the instructions and the figure below to attach the DIN Rail clip to the switch Follow the steps below to mount to the switch on a DIN Rail track 1 First insert the upper end of DIN Rail clip i...

Page 15: ...11 2 Lightly push the bottom of DIN Rail clip into the track 3 Check if the DIN Rail clip is tightly attached to the track 4 To remove the switch from the track reverse the steps above...

Page 16: ...e switch loosen the screws 2 Place the wall mounting plate on the rear panel of the switch 3 Use the screws to tighten the wall mounting plate onto the switch 4 Use the hook holes at the corners of th...

Page 17: ...warning test is provided in user manual Below is the information For tilslutning af de ovrige ledere se medfolgende installationsvejledning Laite on liitettava suojamaadoitus koskettimilla varustettuu...

Page 18: ...scover the device across the subnet Following topics are covered in this chapter 3 1 Preparation for Serial Console 3 2 Preparation for Web Interface 3 3 Preparation for Telnet console 3 1 Preparation...

Page 19: ...perating system supports TCP IP protocol 2 Wire DC power to the switch and connect your switch to your computer 3 Make sure that the switch default IP address is 192 168 2 200 4 Change your computer I...

Page 20: ...t Note 1 Internet Explorer 5 0 or later versions do not allow Java applets to open sockets by default Users have to directly modify the browser settings to selectively enable Java applets to use netwo...

Page 21: ...ser name and the password The default user name is admin and password is westermo 6 Press Enter or click on OK The welcome page of the web based management interface will then appear 7 Once you enter...

Page 22: ...itch you should download the SSH client tool first SSH Client There are many free sharewares trials or charged SSH clients you can find on the internet Fox example PuTTY is a free and popular Telnet S...

Page 23: ...After few seconds the SSH connection is opened 4 Type the Login Name and its Password The default Login Name and Password are admin westermo 5 All the commands you see in SSH are the same as the CLI...

Page 24: ...et SSH Web browser and SNMP Following topics are covered in this chapter 4 1 Command Line Interface CLI Introduction 4 2 Basic Setting 4 3 Port Configuration 4 4 Network Redundancy 4 5 VLAN 4 6 Traffi...

Page 25: ...ion reset default reload switch show system information save configuration and enter the global configuration mode Type configure terminal to enter next mode exit to leave to see the command list Swit...

Page 26: ...rminal Switch config access list Add an access list entry administrator Administrator account setting arp Set a static ARP entry clock Configure time of day clock default Set a command to its defaults...

Page 27: ...e Switch config interface fa1 Switch config if acceptable Configure 802 1Q acceptable frame types of a port auto negotiation Enable auto negotiation state of a given port description Interface specifi...

Page 28: ...lobal configuration command Switch Global configuration In global configuration mode you can configure all the features that the system provides you Enter Type configure terminal in privileged EXEC mo...

Page 29: ...mmand Ctrl S To lock the screen of the terminal You can t input any command Ctrl Q To unlock the screen which is locked by Ctrl S Ctrl Z To exit configuration mode Alert message when multiple users wa...

Page 30: ...o Frame 4 2 6 DHCP Server 4 2 7 Backup and Restore 4 2 8 Firmware Upgrade 4 2 9 Factory Default 4 2 10 System Reboot 4 2 11 CLI Commands for Basic Setting 4 2 1 Switch Setting You can assign System na...

Page 31: ...play unique hardware address MAC address assigned by the manufacturer Once you finish the configuration click on Apply to apply your settings Note Always remember to select Save to save your settings...

Page 32: ...work for your switch If DHCP Client function is enabled you don t need to assign an IP address to the switch as it will be overwritten by DHCP server and shown here The default IP is 192 168 2 200 Sub...

Page 33: ...typing new IPv6 address in this field Prefix the size of subnet or network and it equivalent to the subnet mask but written in different The default subnet mask length is 64bits and written in decima...

Page 34: ...to NTP client to enable the NTP client service NTP client will be automatically enabled if you change Time source to NTP Client The system will send requests to acquire current time from the configure...

Page 35: ...az 17 GMT 04 00 Santiago 18 GMT 03 00 NewFoundland 19 GMT 03 00 Brasilia 20 GMT 03 00 Buenos Aires Georgetown 21 GMT 03 00 Greenland 22 GMT 02 00 Mid Atlantic 23 GMT 01 00 Azores 24 GMT 01 00 Cape Ver...

Page 36: ...nepura 53 GMT 06 30 Rangoon 54 GMT 07 00 Bangkok Hanoi Jakarta 55 GMT 07 00 Krasnoyarsk 56 GMT 08 00 Beijing Chongqing Hong Kong Urumqi 57 GMT 08 00 Irkutsk Ulaan Bataar 58 GMT 08 00 Kuala Lumpur Sing...

Page 37: ...ly your configuration 4 2 5 Jumbo Frame What is Jumbo Frame A typical Ethernet frame is range from 64 to 1518 bytes This is sufficient for general usages However when users want to transmit large file...

Page 38: ...ess for the DHCP server IP pool Subnet Mask Default Gateway address and Lease Time for client Once you have finished the configuration click Apply to apply your configuration Excluded Address You can...

Page 39: ...Configuration the DHCP server with option 82 function presented in latest firmware This feature support fully DHCP relay function and allows user to configured relay circuit ID Remote ID to compliant...

Page 40: ...check It will show the MAC and IP address that was assigned by the switch Click the Reload button to refresh the listing DHCP Relay Agent You can select to Enable or Disable DHCP relay agent function...

Page 41: ...teway port 4 2 7 Backup and Restore With Backup command you can save current configuration file saved in the switch s flash to admin PC or TFTP server This will allow you to go to Restore command late...

Page 42: ...onfiguration settings and then restore back to the switch Startup Configuration File After you saved the running config to flash the new settings will be kept and work after power cycle You can use sh...

Page 43: ...rade In this section you can update the latest firmware for your switch Westermo provides the latest firmware in the web site The new firmware may include new features bug fixes or other software chan...

Page 44: ...and Web UI TFTP Server IP Address You need to key in the IP address of your TFTP Server here Firmware File Name The file name of the new firmware The UI also shows you the current firmware version an...

Page 45: ...default IP The system will remain the IP address so that you can still connect the switch via the network 4 2 10 System Reboot System Reboot allows you to reboot the device Some of the feature changes...

Page 46: ...termo se Display SWITCH show snmp server name SWITCH SWITCH show snmp server location Sweden SWITCH show snmp server contact support westermo se SWITCH show version 0 31 20061218 Switch show hardware...

Page 47: ...emove Gateway SWITCH config no ip route 0 0 0 0 0 192 168 2 254 24 Display SWITCH show running config interface vlan1 ip address 192 168 2 8 24 no shutdown ip route 0 0 0 0 0 192 168 2 254 24 Time Set...

Page 48: ...don SWITCH show clock timezone clock timezone 26 GMT Greenwich Mean Time Dublin Edinburgh Lisbon London Switch show ptpd PTPd is enabled Mode Slave Jumbo Frame Jumbo Frame Switch config system mtu jum...

Page 49: ...p Replace option82 field replace Show DHCP server information Switch show ip dhcp server statistics Switch show ip dhcp server statistics DHCP Server ON Address Pool 1 network 192 168 17 0 24 default...

Page 50: ...arget TFTP server IP or file name in this command Restore Configuration Switch copy tftp 192 168 2 33 default conf startup config Show Startup Configuration Switch show startup config Show Running Con...

Page 51: ...on 4 3 1 Port Control Port Control commands allow you to enable disable port state or configure the port auto negotiation speed duplex and flow control Select the port you want to configure and make c...

Page 52: ...on the switch will work anyway Once you finish configuring the settings click on Apply to save the configuration Technical Tips If both ends are not at the same speed they can t link with each other...

Page 53: ...t received power of DDM SFP transceiver Note 1 Most of the SFP transceivers provide vendor information which allows your switch to read it The UI can display vendor name wave length and distance of al...

Page 54: ...tch is step by 8Kbps 4 3 4 Storm Control The Storm Control is similar to Rate Control Rate Control filters all the traffic over the threshold you configure in the User Interface Storm Control allows u...

Page 55: ...ernet ports and to increase link bandwidth The aggregated ports can be viewed as one physical port so that the bandwidth is higher than merely one single Ethernet port The member ports of the same tru...

Page 56: ...s the ID for the port trunking group Ports with same group ID are in the same group Click None you can select the Trunk ID from Trunk 1 to Trunk 8 Trunk Type Static and 802 3ad LACP Each Trunk Group c...

Page 57: ...mand Line Port Control Port Control State Switch config if shutdown Disable port state Port1 Link Change to DOWN interface fastethernet1 is shutdown now Switch config if no shutdown Enable port state...

Page 58: ...duplex full Port1 Link Change to DOWN set the duplex mode ok Switch config if Port1 Link Change to UP Port Control Flow Control Switch config if flowcontrol on Flowcontrol on for port 1 set ok Switch...

Page 59: ...e of the port Flow control Flow Control status of the port Rate Control Rate Control Ingress or Egress Switch config if rate limit egress Outgoing packets ingress Incoming packets Note To enable rate...

Page 60: ...56 Bandwidth 0 100 Limit in magabits per second 0 is no limit Switch config if rate limit ingress bandwidth 8 Set the ingress rate limit 8Mbps for Port 1...

Page 61: ...cast packets for Port 13 Switch config if storm control dlf 10000 Enables rate limit for Destination Lookup Failue packets for Port 13 Port Trunking LACP Switch config lacp group 1 gi8 10 Group 1 base...

Page 62: ...group 1 FLAGS I Individual P In channel D Port Down Trunk Group GroupID Protocol Ports 1 LACP 8 D 9 D 10 D Switch show trunk group 2 FLAGS I Individual P In channel D Port Down Trunk Group GroupID Pro...

Page 63: ...as Auto Ring Coupling Besides ring technology the switch also supports 802 1D 2004 version Rapid Spanning Tree Protocol RSTP New version of RSTP standard includes 802 1D 1998 STP 802 1w RSTP Following...

Page 64: ...Spanning Tree Protocol RSTP was adopted and represents the evolution of STP providing much faster spanning tree convergence after a topology change This is specified in IEEE 802 1w In 2004 802 1w is i...

Page 65: ...ch Since different RSTP aware switches may have their own mechanism to calculate the message age So that this is most possibly occurred when interoperate different vendors RSTP aware switches together...

Page 66: ...ther bridge i e it is served by a point to point LAN segment or if it can be connected to two or more bridges i e it is served by a shared medium LAN segment This function allows link status of the li...

Page 67: ...Path Cost Port Priority Oper P2P mode Oper edge port mode and Aggregated ID Type 4 4 4 MSTP Multiple Spanning Tree Protocol Configuration MSTP is the abbreviation of Multiple Spanning Tree Protocol Th...

Page 68: ...aintain connectivity among each of the assigned VLAN groups An Internal Spanning Tree IST is used to connect all the MSTP switches within an MST region An MST Region may contain multiple MSTP Instance...

Page 69: ...uration This page allows configure the Region Name and its Revision mapping the VLAN to Instance and check current MST Instance configuration The network can be divided virtually to different Regions...

Page 70: ...N setting page Instance ID Select the Instance ID the available number is 1 15 VLAN Group Type the VLAN ID you want mapping to the instance Instance Priority Assign the priority to the instance After...

Page 71: ...a LAN Link Type There are 3 types for you select Auto P2P and Share Some of the rapid state transitions that are possible within RSTP depend upon whether the port of concern can only be connected to...

Page 72: ...Port Information shows the port setting and status of the ports within the instance Click on Reload to reload the MSTP information display 4 4 7 Multiple Super Ring MSR The most common industrial net...

Page 73: ...to enable the settings for Multiple Super Ring and Rapid Dual Homing New Ring To create a Rapid Super Ring just fill in the Ring ID which has range from 0 to 31 If the name field is left blank the nam...

Page 74: ...sign another port for ring connection Path Cost Change the Path Cost of Ring Port2 Rapid Dual Homing Rapid Dual Homing is a feature of MSR When you want to connect multiple RSR or form a redundant top...

Page 75: ...re Command Line RSTP Enable Switch config spanning tree enable Disable Switch config spanning tree disable RSTP mode Switch config spanning tree mode rapid stp SpanningTree Mode change to be RSTP 802...

Page 76: ...port disable RSTP Info Active status Switch show spanning tree active Rapid Spanning Tree feature Enabled Spanning Tree BPDU transmission limit 3 Root Address 0007 7c01 0386 Priority 4096 Root Path C...

Page 77: ...Port is Edge Designated root has priority 32768 address 0007 7c00 0112 Designated bridge has priority 32768 address 0007 7c60 1aec Designated Port ID is 128 6 Root Path Cost is 600000 Timers message...

Page 78: ...or 255 default set default 128 valid range is 0 or 255 Switch config multiple super ring port cost 100 0 255 valid range is 0 or 255 default set default 128 valid range is 0 or 255 Switch config supe...

Page 79: ...N A Configuration Version Rapid Super Ring Priority 128 Ring Port fa1 fa2 Path Cost 100 200 Dual Homing II Disabled Statistics Watchdog sent 0 received 0 missed 0 Link Up sent 0 received 0 Link Down...

Page 80: ...ation stored in a VLAN header attached to IEEE 802 3 packet frames This tag contains a VLAN Identifier VID that indicates which VLAN a frame belongs to Since each switch only has to check a frame s ta...

Page 81: ...VLAN ID Enter the port VLAN ID PVID allows the switches to identify which port belongs to which VLAN To keep things simple it is recommended that PVID is equivalent to VLAN IDs The values of PVIDs ar...

Page 82: ...a port the egress setting of the port should be Tag it indicates the egress packet is always tagged This is configured in Static VLAN Configuration table Please refer to the VLAN Configuration chapte...

Page 83: ...if the frames can be processed or not For example if a tagged frame from Engineer VLAN is received and Ingress Filtering is enabled the switch will determine if the port is on the Engineer VLAN s Egre...

Page 84: ...ent VLAN ID is 1 Static VLAN You can assign a VLAN ID and VLAN Name for new VLAN here VLAN ID is used by the switch to identify different VLANs Valid VLAN ID is between 1 and 4094 and VLAN 1 is the de...

Page 85: ...see the created VLANs and specify the egress outgoing port rule to be Untagged or Tagged here Static VLAN Configuration table You can see that new VLAN 3 is created VLAN name is test Egress rules of t...

Page 86: ...t Join Timer Controls the interval of sending the GVRP Join BPDU and an instance of this timer is required on a per Port per GARP Participant basis Leave Timer Control the time to release the GVRP res...

Page 87: ...D of the VLAN Name Name of the VLAN Status Static shows this is a manually configured static VLAN Unused means this VLAN is created by UI CLI and has no member ports This VLAN is not workable yet Dyna...

Page 88: ...witch config if ingress filtering enable ingress filtering enable Switch config if ingress filtering disable ingress filtering disable Egress rule Untagged for VLAN 2 Switch config if switchport acces...

Page 89: ...tch config interface vlan 2 Switch config if Note In CLI configuration you should create a VLAN interface first Then you can start to add remove ports Default status of the created VLAN is unused unti...

Page 90: ...f shutdown Switch config if no shutdown Turn on the VLAN Display VLAN table Switch sh vlan VLAN Name Status Trunk Ports Access Ports 1 VLAN1 Static fa1 7 gi8 10 2 VLAN2 Unused 3 test Static fa4 7 gi8...

Page 91: ...gvrp mode enable Gvrp is enabled on the switch Configure GVRP timer Join timer Leave timer LeaveAll timer Switch config inter fa1 Switch config if garp timer 10 10000 Switch config if garp timer 20 6...

Page 92: ...The ports within the same community VLAN can communicate with each other However the isolated VLAN ports can Not The figure shows the typical Private VLAN network The SCADA Public Server or NMS works...

Page 93: ...PVLAN Port Configuration page allows configure Port Configuration and Private VLAN Association Private VLAN Association Secondary VLAN After the Isolated and Community VLAN Type is assigned in Private...

Page 94: ...y VLAN Isolated or Community 3 Private VLAN Association Associate VLAN 3 5 to VLAN 2 in Private VLAN Association first 4 Private VLAN Port Configuration VLAN 2 Primary The member port of VLAN 2 is pro...

Page 95: ...91 4 6 3 Private VLAN Information This page allows you to see the Private VLAN information 4 6 4 CLI Command of the PVLAN Command Lines of the Private VLAN configuration...

Page 96: ...g vlan private vlan isolated cr Switch config vlan private vlan community cr Private VLAN Port Configuraiton Go to the port configuraiton Switch config interface port_number ex fa9 Switch config if sw...

Page 97: ...tchport private vlan mapping 2 add 4 Switch config if switchport private vlan mapping 2 add 5 Private VLAN Information Private VLAN Information Switch show vlan private vlan FLAGS I Isolated P Promisc...

Page 98: ...association 2 5 interface fastethernet8 switchport access vlan add 2 4 switchport trunk native vlan 4 switchport mode private vlan host switchport private vlan host association 2 4 interface fastethe...

Page 99: ...ict Priority scheme which follows 802 1p COS tag and IPv4 TOS DiffServ information to prioritize the traffic of your industrial network Following commands are included in this section 4 7 1 QoS Settin...

Page 100: ...tio for each class The 10 is the highest ratio The ratio of each class is as below Wx W0 W1 W2 W3 W4 W5 W6 W7 Total volume of Queue 0 7 4 7 2 Port based Queue Mapping Choose the Queue value of each po...

Page 101: ...0 the lowest queue CoS values 0 and 3 are mapped to physical Queue 1 the low normal physical queue CoS values 4 and 5 are mapped to physical Queue 2 the middle physical queue CoS values 6 and 7 are ma...

Page 102: ...98 After configuration press Apply to enable the settings...

Page 103: ...ights for COS queue 0 queue_id 0 Switch config qos queue sched wrr 10 1 10 Weights for COS queue 1 queue_id 1 Switch config qos queue sched wrr 1 2 3 4 The queue scheduling scheme is setting to Weight...

Page 104: ...0 3 0 4 0 5 0 6 0 7 0 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 16 0 17 0 18 0 CoS Queue Mapping Format Switch config qos cos map PRIORITY Assign an priority 7 highest Switch config qos cos map 1 QUEUE A...

Page 105: ...CoS to queue mapping is set ok Map CoS 6 to Queue 3 Switch config qos cos map 6 3 The CoS to queue mapping is set ok Map CoS 7 to Queue 3 Switch config qos cos map 7 3 The CoS to queue mapping is set...

Page 106: ...ng Switch show qos dscp map DSCP to Queue Mapping dscp d1 d2 d2 0 1 2 3 4 5 6 7 8 9 d1 0 1 1 1 1 1 1 1 1 0 0 1 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 1 1 1 1 1 1 3 1 1 2 2 2 2 2 2 2 2 4 2 2 2 2 2 2 2 2 3 3 5 3...

Page 107: ...queries report packets and manage multicast traffic through the switch IGMP has three fundamental types of messages as shown below Message Description Query A message sent from the querier an IGMP rou...

Page 108: ...IGMP Snooping for specific VLAN You can enable IGMP Snooping for some VLANs so that some of the VLANs will support IGMP Snooping and others won t To assign IGMP Snooping to VLAN please select the che...

Page 109: ...ANs that are connected to it For networks with more than one IGMP querier a switch with the lowest IP address will become the IGMP querier In IGMP Query selection you can select V1 V2 or Disable V1 me...

Page 110: ...ticast will be flooded to all ports even if they are not member ports of the groups Discard The unknown multicast will be discarded Non member ports will not receive the unknown multicast streams 4 8...

Page 111: ...d Vlan2 is IGMP snooping enabled Vlan3 is IGMP snooping disabled Display IGMP Table Switch sh ip igmp snooping multicast all VLAN IP Address Type Ports 1 239 192 8 0 IGMP fa6 1 239 255 255 250 IGMP fa...

Page 112: ...p no shutdown Unknown Multicast Unknown Multicast Enable Force filtering Send to All Ports Disable Force filtering Discard Switch config mac address table multicast filtering Filtering unknown multica...

Page 113: ...on This page allows users to configure SNMP V1 V2c Community The community string can be viewed as the password because SNMP V1 V2c doesn t request you to enter password before you try to access SNMP...

Page 114: ...he switch and the administrator are encrypted to ensure secure communication Security Level Here the user can select the following levels of security None User Authentication and Authentication with p...

Page 115: ...ion Password Here the user enters the password for SNMP v3 user DES Encryption 4 9 3 SNMP Traps SNMP Trap is the notification feature defined by SNMP protocol All the SNMP management applications can...

Page 116: ...Trap Server IP with version 1 and community Switch config snmp server host 192 168 2 33 version 1 private SNMP trap host add OK Note private is the community name version 1 is the SNMP version SNMP T...

Page 117: ...CE is short of Access Control Entry user defines the Permit or Deny rule for specific IP MAC address or IP groups by network mask in each ACE One ACL may include several ACEs the system checks the ACE...

Page 118: ...C address you want configure the format is AABB CCDD EEFF Example Source to Destination is 0007 7c00 0000 to 0007 7c00 0001 Source Destination Wildcard This command allows user to define single host o...

Page 119: ...click on Add to apply your configuration see below screen Example of the below Entry Permit Source MAC 0007 7c00 0000 to Destination MAC 0007 7c00 0001 The Permit rule is egress rule and it is bind to...

Page 120: ...he content for the rule After configured click Apply to apply all the rules Reload to reload setting Remove to remove one of the entries Example IP Standard Access List This kind of ACL allows user to...

Page 121: ...ID or the name for this IP Filter entry Action Permit to permit traffic from specified sources and Deny to deny traffic from those sources Source Destination Address Type the source destination IP add...

Page 122: ...nding high order bits in the IP address are significant The selected action applies to any source address with these high order bits Protocol Select a protocol you want associate with the filter The f...

Page 123: ...ss control capability the above commands are applied to generic managed switch But due to the hardware restriction some of the above command may not support in your product Please check the web and CL...

Page 124: ...r Port UDP port of the Radius server Accounting Port Port for packets that contain the information of account login or logout Secondary Radius Server IP Backup Radius Server could be set in case of th...

Page 125: ...se the port will be set to a Guest VLAN Host Mode If there are more than one device connected to this port set the Host Mode to single means only the first PC authenticate success can access this port...

Page 126: ...tialize status Click Reauthenticate Selected to send EAP Request to supplicant to request reauthentication Click Default Selected to reset the configurable 802 1x parameters of selected port to the de...

Page 127: ...nd or set its defaults quit Exit current mode and down to previous mode Add IP Standard access list Switch config ip access list extended Extended access list standard Standard access list Switch conf...

Page 128: ...ate a command or set its defaults quit Exit current mode and down to previous mode remark Access list entry comment Example 1 Edit MAC access list Switch config ext macl permit MACADDR Source MAC addr...

Page 129: ...Any source host host A single source host Switch config ext acl permit ip 192 168 20 200 A B C D Source wildcard bits Switch config ext acl permit ip 192 168 20 200 0 0 0 1 A B C D Destination addres...

Page 130: ...vities Note 1 Rule Add the static MAC VLAN and Port binding first then enable the port security to stop new MAC learning Note 2 Not all the model support this feature check the product detail specific...

Page 131: ...ven default 1812 RADIUS Accounting Port number NOT given default 1813 RADIUS Server IP 192 168 2 200 RADIUS Server Key 1234 RADIUS Server Port 1812 RADIUS Accounting Port 1813 Switch config radius sec...

Page 132: ...acts are energized open for normal operation and will close under fault conditions Fault conditions include Dry Output Power Failure Ethernet port Link Failure Ping Failure and Super Ring Topology Cha...

Page 133: ...f the other terminal unit the setting can help you to change DI state If you connect DO to the power set of other terminal units this setting can help you to turn on or off the unit How to turn On Off...

Page 134: ...ou want to monitor How to configure Select the checkbox of the Ethernet ports you want to monitor You can select one or multiple ports When the selected ports are physically down the system will short...

Page 135: ...tem will start ping the target device Ex Reset Time is 5 sec Hold Time is 50 sec If the ping failure occurred the switch system will turn Relay output to open state to emulate power switch off for 5 s...

Page 136: ...Community String is entered Time Synchronize Failure Accessing to NTP Server is failure Power 1 Failure Selected Power ID is failure Power 2 Failure Selected Power ID is failure Fault Relay The DO Fa...

Page 137: ...ch local mode and remote mode Local Mode In this mode the switch will print the occurred events selected in the Event Selection page to System Log table of The switch You can monitor the system logs i...

Page 138: ...11 4 SMTP Configuration The switch supports E mail Warning feature The switch will send the occurred events to remote E mail server The receiver can then receive notification by E mail The E mail warn...

Page 139: ...receive email alarm Rcpt E mail Address 1 The first email address to receive email alert from the switch Max 40 characters Rcpt E mail Address 2 The second email address to receive email alert from t...

Page 140: ...itch config relay 1 dry 5 5 Ping Failure Switch config relay 1 ping 192 168 2 200 cr reset reset a device Switch config relay 1 ping 192 168 2 200 reset 1 65535 reset time Switch config relay 1 ping 1...

Page 141: ...tch power failure event sfp Switch SFP event super ring Switch super ring topology change event time sync Switch time synchronize event Ex Cold Start event Switch config warning event coldstart Set co...

Page 142: ...ert set Server 192 168 20 200 Account support westermo se ok Receiver mail Switch config smtp server receipt 1 support westermo se SMTP Email Alert set receipt 1 support westermo se ok Authentication...

Page 143: ...139 Username admin Password admin SMTP Email Alert Receipt Receipt 1 support westermo se Receipt 2 Receipt 3 Receipt 4...

Page 144: ...he learned MAC address To save more entries for new MAC address the switch fabric will age out non used MAC address entry per Aging Time timeout The default Aging Time is 300 seconds Static Unicast MA...

Page 145: ...Link State Rx Good Rx Bad Rx Abort Tx Good Tx Bad and Collision Rx means the received packet while Tx means the transmitted packets Note If you see many Bad Abort or Collision counts increased that ma...

Page 146: ...r Mode Select Enable Disable to enable disable Port Mirror Source Port This is also known as Monitor Port These are the ports you want to monitor and the traffic of all source monitor ports will be co...

Page 147: ...Event Log When System Log Local mode is selected the switch will record occurred events in local log table This page shows this log table The entry includes the index occurred data and time and conten...

Page 148: ...ant from the connected devices LLDP Select Enable Disable to enable disable LLDP function LLDP Configuration To configure the related timer of LLDP LLDP Timer The interval time of each LLDP and counts...

Page 149: ...vides Ping Utility for users to ping remote device and check whether the device is alive or not Type Target IP address of the target device and click on Start to start the ping After few seconds you c...

Page 150: ...address table static MAC_address VLAN VID interface interface_name Add Multicast MAC address Switch config mac address table multicast 0100 5e01 0101 vlan 1 interface fa6 7 Adds an entry in the multic...

Page 151: ...a6 7 Show MAC Address Table Static MAC addresses Switch show mac address table static Destination Address Address Type Vlan Destination Port 0007 7c10 0101 Static 1 fa7 0007 7c10 0102 Static 1 fa7 Sho...

Page 152: ...le ok Select Source Port Switch config mirror source fa1 2 both Received and transmitted traffic rx Received traffic tx Transmitted traffic Switch config mirror source fa1 2 both Mirror source fa1 2 b...

Page 153: ...d range is 10 255 Switch config lldp timer 5 254 Valid range is 5 254 Ping Ping IP Switch ping 192 168 2 33 PING 192 168 2 33 192 168 2 33 56 data bytes 64 bytes from 192 168 2 33 icmp_seq 0 ttl 128 t...

Page 154: ...d Font Ports Feature On Link UP Off Link Down Other Power 1 P1 Green Black Power 2 P2 Green Black Digital Output 1 DO1 Red Black Digital Output 2 DO2 Red Black Ring Master R M Green Black Ring Fail R...

Page 155: ...the switch without clicking on Save Configuration will cause loss of new settings After selecting Save Configuration click on Save to Flash to save your new configuration Command Lines Feature Comman...

Page 156: ...tion will be logged out if you don t input any command after 30 seconds and the Logout command allows you to manually logout the web connection Click on Yes to logout No to go back the configuration p...

Page 157: ...153 5 Appendix 5 1 Pin Assignment of the RS 232 Console Cable The total cable length is 150cm RJ45 Pin DB9 Pin 1 7 2 9 3 4 4 5 5 1 6 3 7 2 8 8...

Page 158: ...te MIB file by your SNMP tool The private MIB tree is the same as the web tree This is easier to understand and use If you are not familiar with standard MIB you can directly use private MIB to manage...

Page 159: ...e between multiple independent Modbus end units The Modbus devices communicate using a master client slave server architecture only one device can initiate transaction and the others respond to the ma...

Page 160: ...gital output 02 Read Input Status Read the state of a digital input 03 Read Holding Register Read holding register in 16 bits register format 04 Read Input Registers Read data in 16 bits register form...

Page 161: ...perform the requested action 05 Acknowledge The slave has accepted the request and processing it but a long duration of time will be required to do so 06 Slave Device Busy The slave is engaged in proc...

Page 162: ...tion string 0x0120 128 words SNMP system contact string 0x01A0 32 words SNMP system OID string 0x01C0 2 words System uptime unsigned long 0x01C2 to 0x01FF 60 words Reserved address space 0x0200 2 word...

Page 163: ...te 0x0A Word 1 Lo byte 0x01 0x0302 2 words Subnet Mask 0x0304 2 words Default Gateway 0x0306 2 words DNS Server 0x0308 to 0x3FF 248 words Reserved address space IPv6 or others 0x0400 1 word AC1 0x0000...

Page 164: ...RDY 0x0000 Off 0x0001 On 0x0421 1 word RM 0x0000 Off 0x0001 On 0x0422 1 word RF 0x0000 Off 0x0001 On 0x0423 1 word RS 0x0423 to 0x0BFF 2103 words Reserved address space 0x0C00 1 words Clear all rmon...

Page 165: ...0x0000 disable 0x0001 enable 0x1220 to 0x123F 1 word Operating Status 0x0000 disable 0x0001 enable 0xFFFF unavailable 0x1240 to 0x125F 1 word Duplex 0x0000 half 0x0001 full 0x0003 auto half 0x0004 au...

Page 166: ...0x0001 enable 0x1320 to 0x133F 1 word Auto Negotiation 0x0000 disable 0x0001 enable 0xFFFF unavailable 0x1340 to 0x135F 1 word Loopback Mode 0x0000 none 0x0001 MAC 0x0002 PHY 0xFFFF unavailable 0x136...

Page 167: ...o 0x153F 1 words Wave length 0x1540 to 0x157F 2 words Distance 0x1580 to 0x167F 8 words Vender 0x1680 to 0x17FF 384 words Reserved address space SFP DDM Information 32 Ports 0x1800 to 0x181F 1 words T...

Page 168: ...2 words Filtered frames 0x2300 to 0x233F 2 words RxError 0x2340 to 0x237F 2 words FCSError 0x2380 to 0x23BF 2 words Collisions 0x23C0 to 0x23FF 2 words Dropped Frames 0x2400 to 0x243F 2 words Last Act...

Page 169: ...ds Reserved address space Number of frames received and transmitted with a length in octets 0x2A00 to 0x2A3F 2 words 64 0x2A40 to 0x2A7F 2 words 65 to 127 0x2A80 to 0x2ABF 2 words 128 to 255 0x2AC0 to...

Page 170: ...ice Role 0x0000 none 0x0001 disable 0x0002 RM Ring Master 0x0003 non RM 0xFFFF unavailable 0x300D 2 word Ring 0 s Port List of 1st Ring Port Word 0 port 1 16 Word 1 port 17 32 Ex 0x0001 Ethernet port...

Page 171: ...ming Status 0x0000 none 0x0001 disable 0x0002 enable 0xFFFF unavailable 0x3017 to 0x301F 9 words Reserved address space 0x3020 to 0x303F Ring 1 s Information 0x3040 to 0x305F Ring 2 s Information 0x30...

Page 172: ...Information 0x3240 to 0x325F Ring 18 s Information 0x3260 to 0x327F Ring 19 s Information 0x3280 to 0x329F Ring 20 s Information 0x32A0 to 0x32BF Ring 21 s Information 0x32C0 to 0x32DF Ring 22 s Infor...

Page 173: ...h config modbus disable Set Modbus interval time between request Switch config modbus idle timeout 200 10000 Timeout vlaue 200 10000ms Switch config modbus idle timeout 200 set interval request time o...

Page 174: ...170 5 4 Revision History Edition Date Modifications V1 0 2010 11 9 The first release V1 1 2013 11 12 Add IPv6 Private VLAN QinQ Modbus TCP IP Advanced DHCP function option 82 port based DHCP server...

Page 175: ...171...

Reviews:

No comments

Related manuals for MDI-112 Series

Brand: Paradyne Pages: 11

Brand: Paradyne Pages: 19

Brand: Paradyne Pages: 32

COMSPHERE 3550 Series

Brand: Paradyne Pages: 153

Jetstream CPX-1000

Brand: Paradyne Pages: 141

FrameSaver 9783

Brand: Paradyne Pages: 28

COMSPHERE 6800 Series

Brand: Paradyne Pages: 7

Brand: Enginko Pages: 19

IBOX-BAC Series

Brand: IntesisBox Pages: 2

WRT54GR - Wireless-G Broadband Router

Brand: Linksys Pages: 81

UniFi Cloud Key

Brand: Ubiquiti Pages: 13

Brand: Abocom Pages: 63

Brand: NETGEAR Pages: 142

airMAX NanoBridge M NBM3

Brand: Ubiquiti Pages: 24

Secure Site Manager 16

Brand: Black Box Pages: 16

iMarc SLV 9820-2M

Brand: Paradyne Pages: 24

Brand: DPS Pages: 57

IP Board IPT10000C

Brand: Dialogic Pages: 2

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands