Home
/
ZyXEL Communications
/
ES-2024 Series
/
User Manual

ZyXEL Communications ES-2024 Series, User Manual, Page: 157 / 282

Share

Page: 157 / 282

ZyXEL Communications ES-2024 Series User Manual Download Page 157

ES-2024 Series User’s Guide

157

C

H A P T E R

22

AAA

This chapter describes how to configure authentication and accounting settings on the Switch.

22.1 Authentication, Authorization and Accounting (AAA)

Authentication is the process of determining who a user is and validating access to the Switch.
The Switch can authenticate users who try to log in based on user accounts configured on the
Switch itself. The Switch can also use an external authentication server to authenticate a large
number of users
Authorization is the process of determining what a user is allowed to do. Different user
accounts may have higher or lower privilege levels associated with them. For example, user A
may have the right to create new login accounts on the Switch but user B cannot. The Switch
can authorize users based on user accounts configured on the Switch itself or it can use an
external server to authorize a large number of users.
Accounting is the process of recording what a user is doing. The Switch can use an external
server to track when users log in, log out, execute commands and so on. Accounting can also
record system related actions such as boot up and shut down times of the Switch.
The external servers that perform authentication, authorization and accounting functions are
known as AAA servers. The Switch supports RADIUS (Remote Authentication Dial-In User
Service, see

Section 22.1.2 on page 158

) and TACACS+ (Terminal Access Controller Access-

Control System Plus, see

Section 22.1.2 on page 158

) as external authentication, authorization

and accounting servers.

Figure 89

AAA Server

22.1.1 Local User Accounts

By storing user profiles locally on the Switch, your Switch is able to authenticate and
authorize users without interacting with a network AAA server. However, there is a limit on
the number of users you may authenticate in this way (See

Chapter 29 on page 209

«
...
155
156
157
158
159
...
»

Summary of Contents for ES-2024 Series

Page 1: ...www zyxel com www zyxel com ES 2024 Series Ethernet Switch User s Guide Version 3 90 11 2008 Edition 3 DEFAULT LOGIN IP Address http 192 168 1 1 User Name admin Password 1234...

Page 2: ......

Page 3: ...nformation CLI Reference Guide The CLI Reference Guide is intended for people who want to configure the ES 2024 via commands It is recommended you use the web configurator to configure the Switch Supp...

Page 4: ...are brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then press the ENTER key Select or choose means...

Page 5: ...s Guide 5 Icons Used in Figures Figures in this User s Guide may use the following generic icons The Switch icon is not an exact representation of your device Switch Computer Notebook computer Server...

Page 6: ...ltage for example 110V AC in North America or 230V AC in Europe Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or co...

Page 7: ...Safety Warnings ES 2024 Series User s Guide 7 This product is recyclable Dispose of it properly...

Page 8: ...Safety Warnings ES 2024 Series User s Guide 8...

Page 9: ...and Port Statistics 67 Basic Setting 71 Advanced Setup 85 VLAN 87 Static MAC Forwarding 99 Static Multicast Forwarding 101 Filtering 105 Spanning Tree Protocol 107 Bandwidth Control 121 Broadcast Sto...

Page 10: ...Contents Overview ES 2024 Series User s Guide 10 Access Control 209 Diagnostic 227 Syslog 229 Cluster Management 233 MAC Table 239 ARP Table 243 Configure Clone 245 Appendices and Index 247...

Page 11: ...mple 32 1 1 3 High Performance Switching Example 32 1 1 4 IEEE 802 1Q VLAN Application Examples 33 1 2 Ways to Manage the Switch 34 1 3 Good Habits for Managing the Switch 34 Chapter 2 Hardware Instal...

Page 12: ...witch 54 4 6 1 Reload the Configuration File 54 4 7 Logging Out of the Web Configurator 55 4 8 Help 55 Chapter 5 Initial Setup Example 57 5 1 Overview 57 5 1 1 Creating a VLAN 57 5 1 2 Setting Port VI...

Page 13: ...ng Tagged and Untagged Frames 87 9 2 Automatic VLAN Registration 88 9 2 1 GARP 88 9 2 2 GVRP 88 9 3 Port VLAN Trunking 89 9 4 Select the VLAN Type 89 9 5 Static VLAN 89 9 5 1 Static VLAN Status 90 9 5...

Page 14: ...ree Protocol 115 13 6 Multiple Spanning Tree Protocol Status 118 Chapter 14 Bandwidth Control 121 14 1 Bandwidth Control Setup 121 Chapter 15 Broadcast Storm Control 123 15 1 Broadcast Storm Control S...

Page 15: ...Overview 143 21 1 1 IP Multicast Addresses 143 21 1 2 IGMP Filtering 143 21 1 3 IGMP Snooping 143 21 1 4 IGMP Snooping and VLANs 144 21 2 Multicast Status 144 21 3 Multicast Setting 144 21 4 IGMP Sno...

Page 16: ...3 4 1 ARP Inspection Log Status 175 23 5 ARP Inspection Configure 176 23 5 1 ARP Inspection Port Configure 178 23 5 2 ARP Inspection VLAN Configure 179 Chapter 24 Loop Guard 181 24 1 Loop Guard Overvi...

Page 17: ...Factory Default 204 28 3 Save Configuration 204 28 4 Reboot System 205 28 5 Firmware Upgrade 205 28 6 Restore a Configuration File 206 28 7 Backup a Configuration File 206 28 8 FTP Command Line 207 28...

Page 18: ...nostic 227 30 1 Diagnostic 227 Chapter 31 Syslog 229 31 1 Syslog Overview 229 31 2 Syslog Setup 229 31 3 Syslog Server Setup 230 Chapter 32 Cluster Management 233 32 1 Clustering Management Status Ove...

Page 19: ...S 2024 Series User s Guide 19 Part VI Appendices and Index 247 Appendix A Product Specifications 249 Appendix B IP Addresses and Subnetting 257 Appendix C Legal Information 265 Appendix D Customer Sup...

Page 20: ...Table of Contents ES 2024 Series User s Guide 20...

Page 21: ...8 Figure 18 Change Administrator Login Password 53 Figure 19 Resetting the Switch Via the Console Port 55 Figure 20 Web Configurator Logout Screen 55 Figure 21 Initial Setup Network Example VLAN 57 Fi...

Page 22: ...nning Tree Protocol RSTP 113 Figure 60 Advanced Application Spanning Tree Protocol Status RSTP 115 Figure 61 Advanced Application Spanning Tree Protocol MSTP 116 Figure 62 Advanced Application Spannin...

Page 23: ...00 ARP Inspection Port Configure 178 Figure 101 ARP Inspection VLAN Configure 179 Figure 102 Loop Guard vs STP 181 Figure 103 Switch in Loop State 182 Figure 104 Loop Guard Probe Packet 182 Figure 105...

Page 24: ...ure 138 Management Access Control Service Access Control 223 Figure 139 Management Access Control Remote Management 224 Figure 140 Management Diagnostic 227 Figure 141 Management Syslog 230 Figure 142...

Page 25: ...on Static MAC Forwarding 100 Table 21 Advanced Application Static Multicast Forwarding 102 Table 22 Advanced Application Filtering 105 Table 23 STP Path Costs 108 Table 24 STP Port States 109 Table 25...

Page 26: ...6 Table 55 RADIUS Attributes Exec Events via Console 168 Table 56 RADIUS Attributes Exec Events via Telnet SSH 168 Table 57 RADIUS Attributes Exec Events via Console 168 Table 58 IP Source Guard 173 T...

Page 27: ...ement Cluster Management 235 Table 95 FTP Upload to Cluster Member Example 236 Table 96 Management Clustering Management Configuration 237 Table 97 Management MAC Table 240 Table 98 Management ARP Tab...

Page 28: ...List of Tables ES 2024 Series User s Guide 28...

Page 29: ...29 PART I Introduction Getting to Know Your Switch 31 Hardware Installation and Connection 35 Hardware Overview 39...

Page 30: ...30...

Page 31: ...terminal emulator program on the console port or third party SNMP management See Appendix A on page 249 for a full list of software features available on the Switch 1 1 1 Backbone Application The Swi...

Page 32: ...ing network managers to centralize multiple servers at a single location Figure 2 Bridging Application 1 1 3 High Performance Switching Example The Switch is ideal for connecting two networks that nee...

Page 33: ...that are not in the same group s unless such traffic first goes through a router For more information on VLANs refer to Chapter 9 on page 87 Ports in the same VLAN group share the same frame broadcast...

Page 34: ...ged by an SNMP manager See Section 29 3 on page 210 1 3 Good Habits for Managing the Switch Do the following things regularly to make the Switch more secure and to manage the Switch more effectively C...

Page 35: ...weight of the Switch and the connected cables Make sure there is a power outlet nearby 3 Make sure there is enough clearance around the Switch to allow air circulation and the attachment of cables an...

Page 36: ...uirements Two mounting brackets Eight M3 flat head screws and a 2 Philips screwdriver Four M5 flat head screws and a 2 Philips screwdriver Failure to use the proper screws may damage the unit 2 2 1 1...

Page 37: ...e Switch on a rack Proceed to the next section 2 2 3 Mounting the Switch on a Rack 1 Position a mounting bracket that is already attached to the Switch on one side of the rack lining up the two screw...

Page 38: ...Chapter 2 Hardware Installation and Connection ES 2024 Series User s Guide 38...

Page 39: ...ows you how to make the hardware connections 3 1 Front Panel Connection The figure below shows the front panel of the Switch Figure 8 Front Panel ES 2024A Figure 9 Front Panel ES 2024PWR 10 100 Mbps E...

Page 40: ...Gigabit port will be disabled The speed of the Gigabit Ethernet mini GBIC ports can be 100 Mbps or 1000 Mbps and the duplex mode can be half duplex at 100 Mbps or full duplex An auto negotiating port...

Page 41: ...s while the Switch is operating You can use different transceivers to connect to Ethernet switches with different types of fiber optic connectors Type SFP connection interface Connection speed 1 Gigab...

Page 42: ...ing figures show the rear panel of the Switch The power receptacle is on the rear panel Figure 14 AC Rear Panel Figure 15 DC Rear Panel 3 2 1 Power Connector Make sure you are using the correct power...

Page 43: ...ng The Ethernet port is negotiating in half duplex mode and collisions are occurring the more collisions that occur the faster the LED blinks On The Ethernet port is negotiating in full duplex mode Of...

Page 44: ...Chapter 3 Hardware Overview ES 2024 Series User s Guide 44...

Page 45: ...45 PART II Basic Configuration The Web Configurator 47 Initial Setup Example 57 Tutorials 61 System Status and Port Statistics 67 Basic Setting 71...

Page 46: ...46...

Page 47: ...ls In order to use the web configurator you need to allow Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by de...

Page 48: ...e are quick links which allow you to perform certain tasks no matter which screen you are currently working in B Click this link to save your configuration into the Switch s nonvolatile memory Nonvola...

Page 49: ...figurator ES 2024 Series User s Guide 49 In the navigation panel click a main link to reveal a list of submenu links Table 3 Navigation Panel Sub links Overview BASIC SETTING ADVANCED APPLICATION IP A...

Page 50: ...ation Setting Link Aggregation Control Protocol Port Authentication 802 1x Port Security Queuing Method Multicast Multicast Setting IGMP Snooping VLAN IGMP Filtering Profile MVR Group Configuration AA...

Page 51: ...static multicast MAC addresses for port s These static multicast MAC addresses do not age out Filtering This link takes you to a screen to set up filtering rules Spanning Tree Protocol This link take...

Page 52: ...s you to a screen where you can configure the DHCP settings Management Maintenance This link takes you to screens where you can perform firmware and configuration file maintenance as well as reboot th...

Page 53: ...atile memory refers to the Switch s storage that remains even if the Switch s power is turned off Use the Save link when you are done with a configuration session 4 5 Switch Lockout You could block yo...

Page 54: ...e port will be reset to the default of 9600 bps with 8 data bits no parity one stop bit and flow control set to none The password will also be reset to 1234 and the IP address to 192 168 1 1 To upload...

Page 55: ...h a management session for security reasons Figure 20 Web Configurator Logout Screen 4 8 Help The web configurator s online help has descriptions of individual screens and some supplementary informati...

Page 56: ...Chapter 4 The Web Configurator ES 2024 Series User s Guide 56...

Page 57: ...uter to any Ethernet port on the Switch Make sure your computer is in the same subnet as the Switch 2 Open your web browser and enter 192 168 1 1 the default IP address in the address bar to access th...

Page 58: ...10 on the Switch select Fixed to configure port 10 to be a permanent member of the VLAN only 4 To ensure that VLAN unaware devices such as computers and hubs can receive frames properly clear the TX...

Page 59: ...Enter 2 in the PVID field for port 10 and click Apply to set the VLAN port setting and click the Save button to save the settings 5 1 3 Configuring Switch Management IP Address The default management...

Page 60: ...ure the related fields in the IP Setup screen For the VLAN2 network enter 192 168 2 1 as the IP address and 255 255 255 0 as the subnet mask 3 In the VID field enter the ID of the VLAN group to which...

Page 61: ...hen assign a specific IP address based on the information in the DHCP requests 6 1 1 DHCP Relay Tutorial Introduction In this example you have configured your DHCP server 192 168 2 3 and want to have...

Page 62: ...Click Advanced Application VLAN Static VLAN 4 In the Static VLAN screen select ACTIVE enter a descriptive name VALN 102 for example in the Name field and enter 102 in the VLAN Group ID field 5 Select...

Page 63: ...then the VLAN Port Setting link in the VLAN Status screen Figure 27 Tutorial Click the VLAN Port Setting Link 9 Enter 102 in the PVID field for port 2 to add a tag to incoming untagged frames received...

Page 64: ...y on the Switch and allow the Switch to add relay agent information such as the VLAN ID to DHCP requests 1 Click IP Application DHCP and then the Global link to open the DHCP Relay screen 2 Select the...

Page 65: ...c IP address based on the DHCP request 6 1 4 Troubleshooting Check the client A s IP address If it did not receive the IP address 172 16 1 18 make sure 1 Client A is connected to the Switch s port 2 i...

Page 66: ...Chapter 6 Tutorials ES 2024 Series User s Guide 66...

Page 67: ...howing statistical details 7 2 Port Status Summary To view the port statistics click Status in any web configurator screen to display the Status screen as shown next Figure 30 Status The following tab...

Page 68: ...only This field displays the current amount of power consumed by devices powered devices or PD that use Power over Ethernet PoE to get power from the Switch on this port LACP This fields displays whet...

Page 69: ...Protocol is enabled this field displays the STP state of the port see Section 13 1 3 on page 109 for more information If STP is disabled this field displays FORWARDING if the link is up otherwise it d...

Page 70: ...led due to excessive collisions Excessive collision is defined as the number of maximum collisions before the retransmission count is reset Late This is the number of times a late collision is detecte...

Page 71: ...lso allows you to set the system time manually or get the current time and date from an external server when you turn on your Switch The real time is then displayed in the Switch logs The Switch Setup...

Page 72: ...t in this field Temperature MAC CPU and LOCAL refer to the location of the temperature sensors on the Switch printed circuit board Current This shows the current temperature at this sensor MAX This fi...

Page 73: ...that this fan is functioning above the minimum speed Error indicates that this fan is functioning below the minimum speed Voltage V The power supply for each voltage has a sensor that is capable of d...

Page 74: ...pear locked for 60 seconds Please wait Current Time This field displays the time you open this menu or refresh the menu New Time hh min ss Enter the new time in hour minute and second format The new t...

Page 75: ...Setup in the navigation panel to display the screen as shown The VLAN setup screens change depending on whether you choose 802 1Q or Port Based in the VLAN Type field in this screen Refer to the chapt...

Page 76: ...iseconds Each port has a Join Period timer The allowed Join Time range is between 100 and 65535 milliseconds the default is 200 milliseconds See the chapter on VLAN setup for more background informati...

Page 77: ...ations in delay Level 5 Typically used for video that consumes high bandwidth and is sensitive to jitter Level 4 Typically used for controlled load latency sensitive traffic such as SNA Systems Networ...

Page 78: ...P Client Select this option if you have a DHCP server that can assign the Switch an IP address and subnet mask a default gateway IP address and a domain name server IP address Static IP Address Select...

Page 79: ...P Address Enter the IP address for managing the Switch by the members of the VLAN specified in the VID field below IP Subnet Mask Enter the IP subnet mask in dotted decimal notation For example 255 25...

Page 80: ...screens Type This field displays 10 100M for an Ethernet Fast Ethernet connection and 10 100 1000M for Gigabit connections Speed Duplex Select the speed and the duplex mode of the Ethernet connection...

Page 81: ...f the receiving port The Switch uses IEEE 802 3x flow control in full duplex mode and backpressure flow control in half duplex mode IEEE 802 3x flow control is used in full duplex mode to send a pause...

Page 82: ...Consuming Power W This field displays the amount of power the Switch is currently supplying to the connected PoE enabled devices Allocated Power W This field displays the total amount of power the Sw...

Page 83: ...lass 0 PD Priority When the total power requested by the PDs exceeds the total PoE power budget on the Switch you can set the PD priority to allow the Switch to provide power to ports with higher prio...

Page 84: ...a PD connected to the port If left unchecked the PD connected to the port cannot receive power from the Switch PD Priority This field is only available on the PWR model but not available for the Giga...

Page 85: ...ulticast Forwarding 101 Filtering 105 Spanning Tree Protocol 107 Bandwidth Control 121 Broadcast Storm Control 123 Mirroring 125 Link Aggregation 127 Port Authentication 133 Port Security 137 Queuing...

Page 86: ...86...

Page 87: ...rt The remaining twelve bits define the VLAN ID giving a possible maximum number of 4 096 VLANs Note that user priority and VLAN ID are independent of each other A frame with VID VLAN Identifier of nu...

Page 88: ...it VLAN groups beyond the local Switch Please refer to the following table for common IEEE 802 1Q VLAN terminology Table 14 IEEE 802 1Q VLAN Terminology VLAN PARAMETER TERM DESCRIPTION VLAN Type Perma...

Page 89: ...th VLAN Trunking enabled on a port s in each intermediary switch you only need to create VLAN groups in the end devices A and B C D and E automatically allow frames with VLAN group tags 1 and 2 VLAN g...

Page 90: ...the list below Leave this field blank and click Search to display all VLANs configured on the Switch The Number of VLAN This is the number of VLANs configured on the Switch The Number of Search Resul...

Page 91: ...AN Detail LABEL DESCRIPTION VLAN Status Click this to go to the VLAN Status screen VID This is the VLAN identification number that was configured in the Static VLAN screen Port Number This column disp...

Page 92: ...t to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as s...

Page 93: ...This field indicates whether the VLAN settings are enabled Yes or disabled No Name This field displays the descriptive name for this VLAN group Delete Click Delete to remove the selected entry from t...

Page 94: ...PVID Enter a number between 1and 4094 as the port VLAN ID GVRP Select this check box to allow GVRP on this port Acceptable Frame Type Specify the type of frames allowed on a port Choices are All and...

Page 95: ...t based VLAN setup screen is shown next The CPU management port forms a VLAN with all Ethernet ports 9 6 1 Configure a Port based VLAN Select Port Based as the VLAN Type in the Switch Setup screen and...

Page 96: ...Chapter 9 VLAN ES 2024 Series User s Guide 96 Figure 47 Advanced Application VLAN Port Based VLAN Setup Port Isolation...

Page 97: ...at is a port through which a data packet enters If you wish to allow two subscriber ports to talk to each other you must define the ingress port for both ports The numbers in the top row denote the in...

Page 98: ...Chapter 9 VLAN ES 2024 Series User s Guide 98...

Page 99: ...MAC address table Static MAC addresses do not age out When you set up static MAC address rules you are setting static MAC addresses for a port This may reduce the need for broadcasting Static MAC add...

Page 100: ...or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afre...

Page 101: ...ows you the administrator to forward multicast frames to a member without the member having to join the group first If a multicast group has no members then the switch will either flood the multicast...

Page 102: ...ve Select this check box to activate your rule You may temporarily deactivate a rule without deleting it by clearing this check box Name Type a descriptive name up to 32 printable ASCII characters for...

Page 103: ...modify a static multicast MAC address rule for port s Active This field displays whether a static multicast MAC address forwarding rule is active Yes or not No You may temporarily deactivate a rule wi...

Page 104: ...Chapter 11 Static Multicast Forwarding ES 2024 Series User s Guide 104...

Page 105: ...LABEL DESCRIPTION Active Make sure to select this check box to activate your rule You may temporarily deactivate a rule without deleting it by deselecting this check box Name Type a descriptive name u...

Page 106: ...n is it deactivated Name This field displays the descriptive name for this rule This is for identification purpose only MAC Address This field displays the MAC address with the VLAN identification num...

Page 107: ...liant switches in your network to ensure that only one path exists between any two stations on the network The Switch uses IEEE 802 1w RSTP Rapid Spanning Tree Protocol that allows faster convergence...

Page 108: ...for connected LANs and disables all other ports that participate in STP Network packets are therefore only forwarded between enabled ports eliminating any possible network loops STP aware switches exc...

Page 109: ...iple Spanning Tree Instance MSTI MSTI allows multiple VLANs to use the same spanning tree Load balancing is possible as traffic from different VLANs can use distinct paths in a region 13 1 4 1 MSTP Ne...

Page 110: ...network devices that appears as a single device to the rest of the network Each MSTP enabled device can only belong to one MST region When BPDUs enter an MST region external path cost of paths outside...

Page 111: ...4 Common and Internal Spanning Tree CIST A CIST represents the connectivity of the entire network and it is equivalent to a spanning tree in an STP RSTP The CIST is the default MST instance MSTID 0 An...

Page 112: ...Table 25 Advanced Application Spanning Tree Protocol Configuration LABEL DESCRIPTION Spanning Tree Mode You can activate one of the STP modes on the Switch Select Rapid Spanning Tree or Multiple Rapi...

Page 113: ...en become the root switch Select a value from the drop down list box The lower the numeric value you assign the higher the priority for this bridge Bridge Priority determines the root bridge which in...

Page 114: ...all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Active Select t...

Page 115: ...MAC address This ID is the same for Root and Our Bridge if the Switch is the root switch Hello Time second This is the time interval in seconds at which the root switch transmits a configuration messa...

Page 116: ...The following table describes the labels in this screen Table 28 Advanced Application Spanning Tree Protocol MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen see Figure 62...

Page 117: ...ration Devices must have the same revision number to belong to the same region Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off...

Page 118: ...rst The allowed range is between 0 and 255 and the default value is 128 Path Cost Path cost is the cost of transmitting a frame on to a LAN through that port It is recommended to assign this value acc...

Page 119: ...ridge is this Switch This Switch may also be the root bridge Bridge ID This is the unique identifier for this bridge consisting of bridge priority plus MAC address This ID is the same for Root and Our...

Page 120: ...e spanning tree was last reconfigured Instance These fields display the MSTI to VLAN mapping In other words which VLANs run on each spanning tree instance Instance This field displays the MSTI ID VLAN...

Page 121: ...or incoming and or out going traffic flows on a port Click Advanced Application Bandwidth Control in the navigation panel to bring up the screen as shown next Figure 63 Advanced Application Bandwidth...

Page 122: ...mber down to the nearest multiple of 8000 for a number between 104000 and 1000000 Active Select this check box to activate egress rate limit on this port Egress Rate Specify the maximum bandwidth allo...

Page 123: ...ackets the Switch receives per second on the ports When the maximum number of allowable broadcast multicast and or DLF packets is reached per second the subsequent packets are discarded Enable this fe...

Page 124: ...ontrol on the port Clear this check box to disable the feature Rate Specify the traffic a port receives in Kilobits per second Kbps If you enter a number between 64 and 1728 the Switch automatically r...

Page 125: ...low to a monitor port the port you copy the traffic to in order that you can examine the traffic from the monitor port without interference Click Advanced Application Mirroring in the navigation panel...

Page 126: ...address Select All to copy all outgoing traffic from the mirrored port s Select Destination MAC to copy outgoing traffic to a specified MAC address on the mirrored port s Enter the destination MAC ad...

Page 127: ...tic and dynamic link aggregation In a properly planned network it is recommended to implement static link aggregation only This ensures increased network stability and control over the trunk groups on...

Page 128: ...mation Figure 66 Advanced Application Link Aggregation Status The following table describes the labels in this screen Table 33 Link Aggregation ID Local Switch SYSTEM PRIORITY MAC ADDRESS KEY PORT PRI...

Page 129: ...o Section 17 2 1 on page 128 for more information on this field Status This field displays how these ports were added to the trunk group It displays Static if the ports are configured as static member...

Page 130: ...Aggregation Setting LACP Port This field displays the port number Group Select the trunk group to which a port belongs Apply Click Apply to save your changes to the Switch s run time memory The Switc...

Page 131: ...higher the priority level Group ID The field identifies the link aggregation group that is one logical link containing multiple ports LACP Active Select this option to enable LACP for a trunk Port Th...

Page 132: ...lication Link Aggregation Link Aggregation Setting In this screen activate trunking group T1 and select the ports that should belong to this group as shown in the figure below Click Apply when you are...

Page 133: ...s See Section 22 1 2 on page 158 for more information on configuring your RADIUS server settings 18 1 1 IEEE 802 1x Authentication The following figure illustrates how a client connecting to a IEEE 80...

Page 134: ...settings in the AAA Radius Server Setup screen Click Advanced Application Port Authentication in the navigation panel to display the screen as shown Figure 72 Advanced Application Port Authentication...

Page 135: ...n a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Active Select this check box to permit 802 1x authentication on this port You must first allow 802...

Page 136: ...Chapter 18 Port Authentication ES 2024 Series User s Guide 136...

Page 137: ...r a port By default MAC address learning is still enabled even though the port security is not activated Functionally the Switch allows for three possible outcomes with port security You can configure...

Page 138: ...ox to enable the port security feature on the Switch Port This field displays a port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for all...

Page 139: ...field to limit the number of dynamic MAC addresses that may be learned on a port For example if you set this field to 5 on port 2 then only the devices with these five learned MAC addresses may acces...

Page 140: ...TIVATE ADDRESS LEARNING LIMIT NO OF LEARNED MAC ADDRESSES 1 X 0 disables limits Forward all packets learn all MAC addresses 2 X X 0 disables limits Forward all packets learn all MAC addresses 3 X 0 di...

Page 141: ...priority queue Q7 is transmitted first When that queue empties traffic on the next highest priority queue Q6 is transmitted until Q6 empties and then traffic is transmitted on Q5 and so on If higher...

Page 142: ...Strict Priority Queuing SPQ services queues based on priority only When the highest priority queue empties traffic on the next highest priority queue begins Q3 has the highest priority and Q0 the lowe...

Page 143: ...s IP addresses in the Class D range 224 0 0 0 to 239 255 255 255 are used for IP multicasting Certain IP multicast numbers are reserved by IANA for special purposes see the IANA web site for more info...

Page 144: ...ormed on This is referred to as fixed mode In fixed mode the Switch does not learn multicast group membership of any VLANs other than those explicitly added as an IGMP snooping VLAN 21 2 Multicast Sta...

Page 145: ...450 in seconds that elapses before the Switch removes an IGMP group membership entry if it does not receive report messages from the port 802 1p Priority Select a priority level 0 7 to which the Swit...

Page 146: ...eport frame s is dropped on this port Throttling IGMP throttling controls how the Switch deals with the IGMP reports when the maximum number of the IGMP groups a port can join is reached Select Deny t...

Page 147: ...witch can learn up to 16 VLANs including up to three VLANs you configured in the MVR screen For example if you have configured one multicast VLAN in the MVR screen you can only specify up to 15 VLANs...

Page 148: ...ast Multicast Setting IGMP Filtering Profile Add Click Add to insert the entry in the summary table below and save your changes to the Switch s run time memory The Switch loses these changes if it is...

Page 149: ...ion purposes To configure additional rule s for a profile that you have already added enter the profile name and specify a different IP multicast address range Start Address Type the starting multicas...

Page 150: ...The following figure shows a multicast television example where a subscriber device such as a computer in VLAN 1 receives multicast traffic from the streaming media server S via the Switch Multiple s...

Page 151: ...nd select the receiver port s and a source port for each multicast VLAN Click Advanced Applications Multicast Multicast Setting MVR link to display the screen as shown next You can create up to three...

Page 152: ...of the multicast VLAN 802 1p Priority Select a priority level 0 7 with which the Switch replaces the priority in outgoing IGMP control packets belonging to this multicast VLAN Mode Specify the MVR mo...

Page 153: ...ect this checkbox if you want the port to tag the VLAN ID in all outgoing frames transmitted Add Click Add to save your changes to the Switch s run time memory The Switch loses these changes if it is...

Page 154: ...er to Section 21 1 1 on page 143 for more information on IP multicast addresses End Address Enter the ending IP multicast address of the multicast group in dotted decimal notation Enter the same IP ad...

Page 155: ...in the MVR screen and set the receiver and source ports Figure 86 MVR Configuration Example To set the Switch to forward the multicast group traffic to the subscribers configure multicast group settin...

Page 156: ...Chapter 21 Multicast ES 2024 Series User s Guide 156 Figure 87 MVR Group Configuration Example Figure 88 MVR Group Configuration Example...

Page 157: ...Switch itself or it can use an external server to authorize a large number of users Accounting is the process of recording what a user is doing The Switch can use an external server to track when use...

Page 158: ...First configure your authentication server settings RADIUS TACACS or both and then set up the authentication priority and accounting settings Click Advanced Application AAA in the navigation panel to...

Page 159: ...that it sends authentication requests to Note If you are using two different RADIUS servers select round robin in this field If the designated server is not available the connection times out instead...

Page 160: ...se this section to configure your RADIUS accounting server settings Timeout Specify the amount of time in seconds that the Switch waits for an accounting request response from the RADIUS accounting se...

Page 161: ...bin to alternate between the TACACS servers that it sends authentication requests to Note If you are using two different TACACS servers select round robin in this field If the designated server is not...

Page 162: ...n afresh Accounting Server Use this section to configure your TACACS accounting settings Timeout Specify the amount of time in seconds that the Switch waits for an accounting request response from the...

Page 163: ...Reference Guide for local authentication The TACACS and RADIUS are external servers Before you specify the priority make sure you have set up the corresponding database correctly first You can specif...

Page 164: ...f specific types of events RADIUS is the only method for IEEE 802 1x authorization Accounting Use this section to configure accounting settings on the Switch Update Period This is the amount of time i...

Page 165: ...umentation that comes with your RADIUS server on how to configure VSAs for users authenticating via the RADIUS server The following table describes the VSAs supported on the Switch Method Select wheth...

Page 166: ...ion Refer to RFC 2866 and RFC 2869 for RADIUS attributes used for accounting This appendix lists the attributes used by authentication and accounting functions on the Switch In cases where the attribu...

Page 167: ...dress 22 3 1 3 Attributes Used by the IEEE 802 1x Authentication User Name NAS Identifier NAS IP Address NAS Port NAS Port Type This value is set to Ethernet 15 on the Switch Calling Station Id Frame...

Page 168: ...P User Name Y Y Y NAS Identifier Y Y Y NAS IP Address Y Y Y Service Type Y Y Y Acct Status Type Y Y Y Acct Delay Time Y Y Y Acct Session Id Y Y Y Acct Authentic Y Y Y Acct Session Time Y Y Acct Termin...

Page 169: ...sion Id Y Y Y Acct Authentic Y Y Y Acct Input Octets Y Y Acct Output Octets Y Y Acct Session Time Y Y Acct Input Packets Y Y Acct Output Packets Y Y Acct Terminate Cause Y Acct Input Gigawords Y Y Acc...

Page 170: ...Chapter 22 AAA ES 2024 Series User s Guide 170...

Page 171: ...t number in the binding table If there is a binding the Switch forwards the packet If there is not a binding the Switch discards the packet The Switch builds from information provided manually by admi...

Page 172: ...n volatile memory They do not use the same space in memory that regular MAC address filters use They appear only in the ARP Inspection screens and commands not in the MAC Address Filter screens and co...

Page 173: ...s an existing static binding the new static binding replaces the original one To open this screen click Advanced Application IP Source Guard Static Binding Table 58 IP Source Guard LABEL DESCRIPTION I...

Page 174: ...k this to reset the values above based on the last selected static binding or if not applicable to clear the fields above Clear Click this to clear the fields above Index This field displays a sequent...

Page 175: ...MAC address filters that were created because the Switch identified unauthorized ARP packets Index This field displays a sequential number for each MAC address filter MAC Address This field displays...

Page 176: ...og message Port This field displays the source port of the ARP packet VID This field displays the source VLAN ID of the ARP packet Sender MAC This field displays the source MAC address of the ARP pack...

Page 177: ...ifies an unauthorized ARP packet The Switch automatically deletes the MAC address filter afterwards Enter 0 if you want the MAC address filter to be permanent Log Profile Log buffer size Enter the max...

Page 178: ...erval is illustrated in the following examples 4 invalid ARP packets per second Syslog rate is 5 Log interval is 1 the Switch sends 4 syslog messages every second 6 invalid ARP packets per second Sysl...

Page 179: ...untrusted ports if the sender s information in the ARP packet does not match any of the current bindings Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these...

Page 180: ...log messages when it forwards an ARP packet from the VLAN All The Switch generates log messages every time it receives an ARP packet from the VLAN Apply Click Apply to save your changes to the Switch...

Page 181: ...le loop problems on the edge of your network This can occur when a port is connected to a Switch that is in a loop state Loop state occurs as a result of human error It happens when two ports on a swi...

Page 182: ...ws a loop guard enabled port N on switch A sending a probe packet P to switch B Since switch B is in loop state the probe packet P returns to port N on A The Switch then shuts down port N to ensure th...

Page 183: ...loop guard feature can not be enabled on the ports that have Spanning Tree Protocol RSTP or MSTP enabled Figure 106 Advanced Application Loop Guard The following table describes the labels in this scr...

Page 184: ...the Switch it is connected to is in loop state If the Switch that this port is connected is in loop state the Switch will shut down this port Clear this check box to disable the loop guard feature App...

Page 185: ...185 PART IV IP Application Static Route 187 Differentiated Services 191 DHCP 195...

Page 186: ...186...

Page 187: ...ic routes to send data to a server or device that is not reachable through the default gateway for example when sending SNMP traps or using ping to test IP connectivity This figure shows a Telnet sess...

Page 188: ...The metric represents the cost of transmission for routing purposes IP routing uses hop count as the measurement of cost with a minimum of 1 for directly connected networks Enter a number that approx...

Page 189: ...ediate neighbor of your Switch that will forward the packet to the destination Metric This field displays the cost of transmission for routing purposes Delete Click Delete to remove the selected entry...

Page 190: ...Chapter 25 Static Route ES 2024 Series User s Guide 190...

Page 191: ...or remember state information for every flow In addition applications do not have to request a particular service or give advanced notice of where the traffic is going 26 1 1 DSCP and Per Hop Behavior...

Page 192: ...d marking rules A network administrator can then apply various traffic policies to the traffic flows An example traffic policy is to give higher drop precedence to one traffic flow over others In our...

Page 193: ...splays the index number of a port on the Switch Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common...

Page 194: ...pping DSCP VALUE 0 7 8 15 16 23 24 31 32 39 40 47 48 55 56 63 IEEE 802 1p 0 1 2 3 4 5 6 7 Table 69 IP Application DiffServ DSCP Setting LABEL DESCRIPTION 0 63 This is the DSCP classification identific...

Page 195: ...your network then you can configure the Switch as a DHCP relay agent When the Switch receives a request from a computer on your network it contacts the DHCP server for the necessary IP information and...

Page 196: ...ent Information This helps provide authentication about the source of the requests The DHCP server can then provide an IP address based on this information Please refer to RFC 3046 for more details Th...

Page 197: ...le 71 Relay Agent Information FIELD LABELS DESCRIPTION Table 72 IP Application DHCP Global LABEL DESCRIPTION Active Select this check box to enable DHCP relay Remote DHCP Server 1 3 Enter the IP addre...

Page 198: ...o assign the appropriate IP address according to the VLAN ID Figure 116 DHCP Relay Configuration Example 27 4 Configuring DHCP VLAN Settings Use this screen to configure your DHCP settings based on th...

Page 199: ...elect the check box for the Switch to add the system name to the client DHCP requests that it relays to a DHCP server Add Click Add to save your changes to the Switch s run time memory The Switch lose...

Page 200: ...AN The system is set up to forward DHCP requests from the dormitory rooms VLAN 1 to the DHCP server with an IP address of 192 168 1 100 Requests from the academic buildings VLAN 2 are sent to the othe...

Page 201: ...201 PART V Management Maintenance 203 Access Control 209 Diagnostic 227 Syslog 229 Cluster Management 233 MAC Table 239 ARP Table 243 Configure Clone 245...

Page 202: ...202...

Page 203: ...0 Management Maintenance The following table describes the labels in this screen Table 74 Management Maintenance LABEL DESCRIPTION Current This field displays which configuration Configuration 1 is cu...

Page 204: ...in the same subnet as that of the default Switch IP address 192 168 1 1 28 3 Save Configuration Click Config 1 to save the current configuration settings permanently to Configuration 1 on the Switch...

Page 205: ...re you have downloaded and unzipped the correct model firmware and version to your computer before uploading to the device 1 Be sure to upload the correct model firmware as uploading the wrong model f...

Page 206: ...configuration file is automatically renamed when you restore using this screen 28 7 Backup a Configuration File Backing up your Switch configurations allows you to create various snap shots of your d...

Page 207: ...e current configuration to a file called config cfg on your computer If your T FTP client does not allow you to have a destination filename different than the source you will need to rename them as th...

Page 208: ...nts 28 8 4 FTP Restrictions FTP will not work when FTP service is disabled in the Service Access Control screen The IP address es in the Remote Management screen does not match the client IP address I...

Page 209: ...rol sessions are allowed A console port access control session and Telnet access control session cannot coexist when multi login is disabled See the CLI Reference Guide for more information on disabli...

Page 210: ...ment functions It executes applications that control and monitor managed devices The managed devices contain object variables managed objects that define each piece of information to be collected abou...

Page 211: ...MP Traps The Switch sends traps to an SNMP manager when an event occurs The following tables outline the SNMP traps by category An OID Object ID that begins with 1 3 6 1 4 1 890 1 5 8 16 ES 2024A or 1...

Page 212: ...890 1 5 8 16 27 2 1 1 3 6 1 4 1 890 1 5 8 27 27 2 1 This trap is sent when intrusion lock occurs on a port loopguard LoopguardEventOn 1 3 6 1 4 1 890 1 5 8 16 27 2 1 1 3 6 1 4 1 890 1 5 8 27 27 2 1 Th...

Page 213: ...eEve ntOn 1 3 6 1 4 1 890 1 5 8 16 27 2 1 1 3 6 1 4 1 890 1 5 8 27 27 2 1 This trap is sent when there is no response message from the RADIUS server RADIUSNotReachableEve ntClear 1 3 6 1 4 1 890 1 5 8...

Page 214: ...2 This trap is sent when the STP topology changes MSTPTopologyChange 1 3 6 1 4 1 890 1 5 8 16 107 7 0 2 1 3 6 1 4 1 890 1 5 8 27 107 7 0 2 This trap is sent when the MSTP root switch changes mactable...

Page 215: ...ing Get and GetNext requests from the management station The Get Community string is only used by SNMP managers using SNMP version 2c or lower Set Community Enter the Set Community which is the passwo...

Page 216: ...h to implement an authentication algorithm for SNMP messages sent by this user priv to implement authentication and encryption for SNMP messages sent by this user This is the highest security level No...

Page 217: ...the SNMP Setting screen Use the rest of the screen to select which traps the Switch sends to that SNMP manager Type Select the categories of SNMP traps that the Switch is to send to the SNMP manager O...

Page 218: ...n shipped New Password Enter your new system password Retype to confirm Retype your new system password for confirmation Edit Logins You may configure passwords for up to four users These users have p...

Page 219: ...9 5 How SSH works The following table summarizes how a secure connection is established between two remote hosts Figure 132 How SSH Works 1 Host Identification The SSH client sends a connection reques...

Page 220: ...Switch over SSH 29 7 Introduction to HTTPS HTTPS HyperText Transfer Protocol over Secure Socket Layer or HTTP over SSL is a web protocol that encrypts and decrypts web pages Secure Socket Layer SSL is...

Page 221: ...h IP Address is the IP address or domain name of the Switch you wish to access 29 8 1 Internet Explorer Warning Messages When you attempt to access the Switch HTTPS server a Windows dialog box pops up...

Page 222: ...rom the Switch If Accept this certificate temporarily for this session is selected then click OK to continue in Netscape Select Accept this certificate permanently to import the Switch s certificate i...

Page 223: ...Access Control allows you to decide what services you may use to access the Switch You may also change the default service port and configure trusted computer s for each service in the Remote Manageme...

Page 224: ...Timeout Type how many minutes 1 255 a management session via the web configurator can be left idle before the session times out After it times out you have to log in with your password again Very lon...

Page 225: ...ick Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes t...

Page 226: ...Chapter 29 Access Control ES 2024 Series User s Guide 226...

Page 227: ...llowing table describes the labels in this screen Table 89 Management Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi line text box Click Clear to empty t...

Page 228: ...Chapter 30 Diagnostic ES 2024 Series User s Guide 228...

Page 229: ...r to the documentation of your syslog program for details The following table describes the syslog severity levels 31 2 Syslog Setup Click Management Syslog in the navigation panel to display this scr...

Page 230: ...olumn displays the names of the categories of logs that the device can generate Active Select this option to set the device to generate logs for the corresponding category Facility The log facility al...

Page 231: ...n time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done confi...

Page 232: ...Chapter 31 Syslog ES 2024 Series User s Guide 232...

Page 233: ...be able to communicate with one another In the following example switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members Table 9...

Page 234: ...Guide 234 Figure 143 Clustering Application Example 32 2 Cluster Management Status Click Management Cluster Management in the navigation panel to display the following screen A cluster can only have o...

Page 235: ...manager None neither a manager nor a member of a cluster Manager This field displays the cluster manager switch s hardware MAC address The Number of Member This field displays the number of switches...

Page 236: ...rw rw 1 owner group 393216 Jul 01 12 00 config w w w 1 owner group 0 Jul 01 12 00 fw 00 a0 c5 01 23 46 rw rw rw 1 owner group 0 Jul 01 12 00 config 00 a0 c5 01 23 46 226 File sent OK ftp 297 bytes re...

Page 237: ...es list If a switch that was previously a cluster member is later set to become a cluster manager then its Status is displayed as Error in the Cluster Management Status screen and a warning icon appea...

Page 238: ...anaged from the Cluster Manager Its Status is displayed as Error in the Cluster Management Status screen and a warning icon appears in the member summary list below If multiple devices have the same p...

Page 239: ...mine how to forward frames See the following figure 1 The Switch examines a received frame and learns the port on which this source MAC address came 2 The Switch checks to see if the frame s destinati...

Page 240: ...display and arrange the data according to that button type The information is then displayed in the summary table below MAC Click this button to display and arrange the data according to MAC address...

Page 241: ...This is the port from which the above MAC address was learned Type This shows whether the MAC address is dynamic learned by the Switch or static manually entered in the Static MAC Forwarding screen T...

Page 242: ...Chapter 33 MAC Table ES 2024 Series User s Guide 242...

Page 243: ...the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The Switch fills in its own MAC and IP address in the sender address fields and puts the kn...

Page 244: ...ION Index This is the ARP Table entry number IP Address This is the learned IP address of a device connected to a Switch port with corresponding MAC address below MAC Address This is the MAC address o...

Page 245: ...you can copy the settings of one port onto other ports 35 1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports Click Manageme...

Page 246: ...2 4 6 indicates that ports 2 4 and 6 are the destination ports 2 6 indicates that ports 2 through 6 are the destination ports Basic Setting Select which port settings you configured in the Basic Setti...

Page 247: ...247 PART VI Appendices and Index Product Specifications 249 IP Addresses and Subnetting 257 Legal Information 265 Customer Support 269 Index 275...

Page 248: ...248...

Page 249: ...24PWR 200 W AC Model Power Supply 100 240 VAC 50 60 Hz ES 2024A 0 4 A ES 2024PWR 2 A DC Model Power Consumption ES 2024A 16 8 W DC Model Power Specification Overload protection 12 V DC 1 4 A maximum T...

Page 250: ...p A device can belong to more than one group With VLAN a device cannot directly talk to or hear from devices that are not in the same group s the traffic must first go through a router MAC Address Fil...

Page 251: ...e grouping of physical ports into one logical higher capacity link You may want to trunk ports if for example it is cheaper to use multiple lower speed links than to under utilize a high speed but mor...

Page 252: ...ces Both devices must support IEEE 802 3ah Because link layer Ethernet OAM operates at layer two of the OSI Open Systems Interconnection Basic Reference model neither IP or SNMP are necessary to monit...

Page 253: ...ss filtering Block unresolved address forwarding Port security Limiting number of dynamic address per port 802 1x port authentication by RADIUS Management login by RADIUS authentication SSHv1 v2 SSL M...

Page 254: ...le 103 Standards Supported STANDARD DESCRIPTION RFC 826 Address Resolution Protocol ARP RFC 867 Daytime Protocol RFC 868 Time Protocol RFC 894 Ethernet II Encapsulation RFC 1112 Internet Group Managem...

Page 255: ...IEEE 802 1ab Link Layer Discovery Protocol IEEE 802 1d MAC Bridges IEEE 802 1p Traffic Types Packet Priority IEEE 802 1q Tagged VLAN IEEE 802 1w Rapid Spanning Tree Protocol RSTP IEEE 802 1s Multiple...

Page 256: ...Appendix A Product Specifications ES 2024 Series User s Guide 256...

Page 257: ...share a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the hos...

Page 258: ...is part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal By convention subnet masks always consi...

Page 259: ...ed by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is usually specified by writing a foll...

Page 260: ...shows the company network before subnetting Figure 154 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The...

Page 261: ...68 1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to...

Page 262: ...ubnet 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet...

Page 263: ...ST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252...

Page 264: ...red You don t need to change the subnet mask computed by the Switch unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique address If your netw...

Page 265: ...e under its patent rights nor the patent rights of others ZyXEL further reserves the right to make changes in any products described herein without notice This publication is subject to change without...

Page 266: ...of Standards Metrology and Inspection A Warning Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipmen...

Page 267: ...nt product of equal or higher value and will be solely at the discretion of ZyXEL This warranty shall not apply if the product has been modified misused tampered with damaged by an act of God or subje...

Page 268: ...Appendix C Legal Information ES 2024 Series User s Guide 268...

Page 269: ...em and the steps you took to solve it is the prefix number you dial to make an international telephone call Corporate Headquarters Worldwide Support E mail support zyxel com tw Sales E mail sales zyxe...

Page 270: ...xel cz Regular Mail ZyXEL Communications Czech s r o Modransk 621 143 01 Praha 4 Modrany Cesk Republika Denmark Support E mail support zyxel dk Sales E mail sales zyxel dk Telephone 45 39 55 07 00 Fax...

Page 271: ...les E mail sales zyxel in Telephone 91 11 30888144 to 91 11 30888153 Fax 91 11 30888149 91 11 26810715 Web http www zyxel in Regular Mail India ZyXEL Technology India Pvt Ltd II Floor F2 9 Okhla Phase...

Page 272: ...4 632 0858 Web www zyxel com Regular Mail ZyXEL Communications Inc 1130 N Miller St Anaheim CA 92806 2001 U S A Norway Support E mail support zyxel no Sales E mail sales zyxel no Telephone 47 22 80 61...

Page 273: ...lanta 28033 Madrid Spain Sweden Support E mail support zyxel se Sales E mail sales zyxel se Telephone 46 31 744 7700 Fax 46 31 744 7701 Web www zyxel se Regular Mail ZyXEL Communications A S Sj porten...

Page 274: ...Support E mail support ua zyxel com Sales E mail sales ua zyxel com Telephone 380 44 247 69 78 Fax 380 44 494 49 32 Web www ua zyxel com Regular Mail ZyXEL Ukraine 13 Pimonenko Str Kiev 04050 Ukraine...

Page 275: ...ion 88 auto negotiating 40 AWG 249 B back up configuration file 206 bandwidth control egress rate 122 ingress rate 122 basic settings 71 basic setup tutorial 61 binding 171 binding table 171 building...

Page 276: ...ervices 191 DSCP DSCP to IEEE802 1p mapping 193 service level 191 what it does 191 DSCP DiffServ Code Point 191 dual personality port 40 dynamic link aggregation 127 E egress port 97 Ethernet broadcas...

Page 277: ...p Management Protocol 143 IGMP filtering 143 profile 148 profiles 145 IGMP leave timeout fast 146 mormal 146 IGMP snooping 143 MVR 149 IGMP throttling 146 ingress check 93 ingress port 97 Internet Ass...

Page 278: ...tance 109 MSTP 107 109 bridge ID 119 120 configuration 115 configuration digest 120 forwarding delay 117 Hello Time 119 hello time 117 Max Age 119 max age 117 max hops 117 MST region 110 network examp...

Page 279: ...ver 158 settings 158 setup 158 Rapid Spanning Tree Protocol See RSTP 107 rear panel 42 reboot load configuration 205 reboot system 205 registration product 267 related documentation 3 remote managemen...

Page 280: ...Strictly Priority Queuing SPQ 141 subnet 257 subnet mask 258 subnetting 260 switch lockout 53 switch reset 54 switch setup 75 syntax conventions 4 syslog 172 229 protocol 229 server setup 230 setting...

Page 281: ...3 port based VLAN 94 port based all connected 97 port based isolation 97 port based wizard 97 static VLAN 91 status 90 91 tagged 87 trunking 89 94 type 76 89 VLAN Virtual Local Area Network 75 VSA 165...

Page 282: ...Index ES 2024 Series User s Guide 282...

Reviews:

No comments