Allied Telesis AT-GS950/48 Скачать руководство пользователя страница 290 | Manualshive

Страница: 290 / 410

background image

Chapter 21: Security

290

RADIUS Client

You can use the RADIUS client with 802.1x port-based access control to
authenticate which packets are forwarded through the switch. This section
explains how to configure the RADIUS client on the switch and contains
the following sections:



“RADIUS Overview”



“General Guidelines”



“RADIUS Client Configuration” on page 291



“RADIUS Accounting Status” on page 292

Note

To activate the RADIUS feature, you must also configure the port-
based network access control feature. See “Port Access Control” on
page 284.

Note

To permanently save your new settings or any changes to the
configuration file, select

Save Settings to Flash

from the main

menu on the left side of the page.

RADIUS

Overview

RADIUS (Remote Authentication Dial In User Services) is an
authentication protocol for enhancing the security of your network. The
protocol transfers the task of authenticating network access from a
network device to an authentication protocol server.

The AT-S116 Management software comes with RADIUS client software.
You can use the client software together with 802.1x port-based access
control. To control which end users and end nodes can send packets
through the switch, you can configure the RADIUS client using “RADIUS
Client Configuration” on page 291.

General

Guidelines

The following guidelines apply when using the RADIUS protocol.



You must install RADIUS server software on a network server or
management station. Authentication protocol server software is not
available from Allied Telesis.



The RADIUS server must communicate with the switch through a port
that is an untagged member of the Default VLAN and is configured for
Forced-Authorized (802.1x) port control.



If the RADIUS server is on a different subnet from switch, be sure to
specify a System Default Gateway in the IP Setup Page, so that the
switch and server can communicate with each other via the gateway.

«
...
288
289
290
291
292
...
»

Содержание AT-GS950/48

Страница 1: ...613 001806 Rev C AT GS950 48 Gigabit Ethernet Switch AT GS950 48 Web Interface User Guide AT S116 Version 2 0 0 1 00 016...

Страница 2: ...espective owners Allied Telesis Inc reserves the right to make changes in specifications and other information contained in this document without prior written notice The information provided herein i...

Страница 3: ...bor List 36 Delete an IPv6 Neighbor Entry 37 Find an IPv6 Neighbor 37 IP Access List Configuration 40 Create an IP Access List 40 Delete an IP Address List Entry 41 User Name and Password Configuratio...

Страница 4: ...l 94 Create VLAN Mapping to MST Instance 95 Modify MST Instance 95 Delete MST Instance 95 MST Port Settings 96 Instance Information 98 Chapter 6 Static Port Trunking 99 Overview 100 Create a Port Trun...

Страница 5: ...ete a Tagged VLAN 171 Tagged VLAN Port Settings 172 Port Based VLAN Configuration 174 Create a Port Based VLAN 174 Modify a Port Based VLAN 175 Delete a Port Based VLAN 176 Select MAC Address Forwardi...

Страница 6: ...Entry 223 Chapter 17 SNMPv3 225 Overview 226 SNMPv3 Authentication Protocols 226 SNMPv3 Privacy Protocol 227 SNMPv3 MIB Views 227 SNMPv3 Configuration Process 228 SNMPv3 User and Group Names 230 Crea...

Страница 7: ...Delete OUI Setting 282 Chapter 21 Security 283 Port Access Control 284 Port Access Control Overview 284 Port Access Control Configuration 285 RADIUS Client 290 RADIUS Overview 290 General Guidelines 2...

Страница 8: ...Updates 339 Overview 340 Upgrade Firmware Image via HTTP 341 Upgrade Firmware Image via TFTP 343 Download or Upload a Configuration File via HTTP 345 Configuration File Download 346 Configuration Fil...

Страница 9: ...General Guidelines 379 VLAN and MSTI Associations 380 Ports in Multiple MSTIs 381 Multiple Spanning Tree Regions 382 MST Region Guidelines 384 Common and Internal Spanning Tree CIST 385 MSTP with STP...

Страница 10: ...Contents 10...

Страница 11: ...25 Edge Port 77 Figure 26 STP and VLAN Fragmentation with Untagged Ports 79 Figure 27 STP and VLAN Compatibility with Tagged Ports 80 Figure 28 Spanning Tree Protocol Settings Page 81 Figure 29 Port S...

Страница 12: ...MP User Group Page 215 Figure 78 SNMP User Group Page Example 216 Figure 79 Community Table Page 218 Figure 80 SNMP Community Table Page Example 219 Figure 81 Trap Management Page 221 Figure 82 Trap M...

Страница 13: ...irmware Upgrade via HTTP Page 342 Figure 135 Firmware Upgrade via TFTP Page 344 Figure 136 Configuration File Backup Restore via HTTP Page 345 Figure 137 Save Configuration File Message 346 Figure 138...

Страница 14: ...Figures 14...

Страница 15: ...pings Priority Levels to Priority Queues 197 Table 4 Example of Weighted Round Robin Priority 199 Table 5 Traffic Comparison Options 328 Table 6 Historical Status Options 334 Table 7 MSTP Region 383 T...

Страница 16: ...List of Tables 16...

Страница 17: ...GS950 48 Gigabit Ethernet Switch The AT S116 Management software has a web browser interface that you can access from any management workstation on your network that has a web browser application This...

Страница 18: ...tions Note Notes provide additional information Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data Warning Warnings inform you tha...

Страница 19: ...n about RMAs and contact Allied Telesis technical experts USA and EMEA phone support Select the phone number that best fits your location and customer type Hardware warranty information Learn about Al...

Страница 20: ...Preface 20...

Страница 21: ...21 Section I Getting Started This section contains the following chapters Chapter 1 Starting a Web Browser Session on page 23 Chapter 2 System Configuration on page 29...

Страница 22: ...22...

Страница 23: ...tarting using and quitting a web browser management session on the AT GS950 48 switch This chapter includes the following sections Establishing a Remote Connection to the Web Browser Interface on page...

Страница 24: ...ration on page 53 Whether you use the pre assigned IP address or assign a new one you must set your local PC to the same subnet as the switch To start a web browser management session perform the foll...

Страница 25: ...assword refer to User Name and Password Configuration on page 42 Figure 3 AT GS950 48 Switch Information Page The main menu appears on the left side and is common for all of the management pages discu...

Страница 26: ...at have a link to an end node Ports without a link are grey To view the status of the ports for an MSTP instance select the instance from the MST Instance ID drop down menu The AT GS950 48 switch fron...

Страница 27: ...b Browser Tools You can use the web browser tools to move around the management pages Selecting Back on your browser s toolbar returns you to the previous display You can also use the browser s Bookma...

Страница 28: ...Chapter 1 Starting a Web Browser Session 28 Quitting a Web Browser Management Session To exit a web browser management session close the web browser...

Страница 29: ...onfiguration on page 36 IP Access List Configuration on page 40 User Name and Password Configuration on page 42 User Interface Configuration on page 45 System Time on page 47 SSL Settings on page 50 D...

Страница 30: ...an also help to avoid performing a configuration procedure on the wrong switch To set a switch s administration information perform the following procedure 1 From the main menu on the left side of the...

Страница 31: ...ystem Contact Specifies the name of the network administrator responsible for managing the switch This contact name is optional and may contain up to 30 characters 4 Click Apply 5 From the main menu o...

Страница 32: ...DHCP Client Configuration on page 53 To change the switch s IPv4 configuration perform the following procedure 1 From the main menu on the left side of the page click the System folder The System fold...

Страница 33: ...dress System Subnet Mask and System Default Gateway parameters because these parameters are automatically retrieved by the DHCP or BootP server For information about setting the DHCP mode refer to DHC...

Страница 34: ...enu on the left side of the page click the System folder The System folder expands 2 From the System folder select IPv6 System Settings The IPv6 System Settings Page is displayed See Figure 7 Figure 7...

Страница 35: ...hange this parameter 6 Click Apply 7 To change the Neighbor Solicitation NS retransmit time enter the new time in the field next to NS Retransmit Time The range is from 1 to 3600 seconds 8 Change the...

Страница 36: ...te a list of IPv6 neighbors perform the following procedure 1 From the main menu on the left side of the page click the System folder The System folder expands 2 From the System folder select IPv6 Nei...

Страница 37: ...u want to remove The IP address is removed from the list You can also delete multiple entries by using the top row of the table To delete all entries select All from the drop down menu under State the...

Страница 38: ...isk in the Link Layer MAC Address field The asterisk serves as a wildcard character See Figure 10 for an example Figure 10 Example Search with Neighbor IPv6 Address Or Type an asterisk in the Neighbor...

Страница 39: ...om the drop down menu under State To find all dynamic IPv6 neighbors type asterisks in the Neighbor IPv6 Address and Link Layer MAC Address fields then select Dynamic from the drop down menu under Sta...

Страница 40: ...st See the following sections Create an IP Access List Delete an IP Address List Entry on page 41 Note To modify an IP address that has already been created it must first be deleted and then re create...

Страница 41: ...ion allows unrestricted access to the AT S116 management software 6 Click Apply Access to the management software is now restricted to those IP addresses listed in the IP Access List table 7 From the...

Страница 42: ...me and Password is manager and friend both without the quotes To configure new User Name and Password information perform the following procedure 1 From the main menu on the left side of the page clic...

Страница 43: ...lash to permanently save your changes Modify User Name and Password To modify a user name password perform the following procedure 1 From the main menu on the left side of the page click the System fo...

Страница 44: ...Delete User Name and Password To delete a user name that you have previously added perform the following procedure 1 From the main menu on the left side of the page click the System folder The System...

Страница 45: ...led SNMP Interface To enable or disable the AT GS950 48 SNMP interface perform the following procedure 1 From the main menu on the left side of the page click the System folder The System folder expan...

Страница 46: ...7 on page 45 3 Refer to the bottom portion of the web page Enter the Web Idle Timeout parameter The range is from 3 to 60 minutes 4 From the main menu on the left side of the page select Save Settings...

Страница 47: ...e following sections Manually Setting System Time Setting SNTP on page 48 Setting Daylight Savings Parameters on page 49 Manually Setting System Time To set the system time manually perform the follow...

Страница 48: ...om the System folder select System Time The System Time Page is displayed See Figure 18 on page 47 3 Use the pull down menu to set the Clock Mode parameter to SNTP 4 Enter the IPv4 or IPv6 address of...

Страница 49: ...Figure 18 on page 47 3 In the Daylight Savings Time Status field select Enabled 4 Specify the Month Day Hour and Minute when Daylight Savings will take effect in the From time fields 5 Specify the Mo...

Страница 50: ...urity risks and web sessions conducted in the non secure HTTP mode are vulnerable to security issues because the packets are sent in clear text Web browser management sessions that use the secure HTTP...

Страница 51: ...ust log into the switch s management using the HTTPS mode on your browser Disabled The secure SSL mode is inactive You must log into the switch s management using the HTTP mode on your browser 4 Click...

Страница 52: ...r When the DHCP feature is enabled a DHCP server automatically assigns an IP address which is not advertised over the network As a consequence you do not know the IP address that has been assigned to...

Страница 53: ...r more information After you enable DHCP your current management session ends because a different IP address is assigned to the switch by the DHCP server The new IP address can be discovered using the...

Страница 54: ...then save your configuration you are saving the DHCP setting The next time the switch boots up it will use the DHCP process to establish the IP address used to manage the AT GS950 48 switch If you en...

Страница 55: ...ction to the Web Browser Interface on page 24 6 Save your new settings or any changes to the configuration file by selecting Save Settings to Flash from the main menu on the left side of the page to p...

Страница 56: ...he page click the System folder The System folder expands 2 From the System folder select System The DHCP Auto Configuration Settings Page is shown in Figure 20 Figure 20 DHCP Auto Configuration Setti...

Страница 57: ...edure 1 From the main menu on the left side of the page select Switch Info The Switch Information Page is displayed See Figure 21 Figure 21 AT GS950 48 Switch Information Page The Switch Information P...

Страница 58: ...This parameter displays the system IP address Refer to Configuration of IPv4 Address Subnet Mask and Gateway Address on page 32 to manually assign an IP address or DHCP Client Configuration on page 5...

Страница 59: ...nk local address Automatic Network Features Section IPv4 DHCP Client Mode This parameter displays the status of the DHCP client on the switch For information about setting this parameter refer to DHCP...

Страница 60: ...vide vital information about system activity that can help in the identification and solutions of system problems To configure the System log perform the following procedure 1 From the main menu on th...

Страница 61: ...xx xxx xxx xxx If the address is left at the default setting of 0 0 0 0 no server is specified IPv6 addresses Click IPv6 then enter the address The format is xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxx in...

Страница 62: ...Chapter 2 System Configuration 62...

Страница 63: ...87 Chapter 6 Static Port Trunking on page 99 Chapter 7 LACP Port Trunks on page 109 Chapter 8 Port Mirroring on page 119 Chapter 9 Loopback Protection on page 125 Chapter 10 MAC Address Table on page...

Страница 64: ...64...

Страница 65: ...e that explains how to view and change the port settings This chapter includes the following sections Overview on page 66 Displaying and Configuring Ports on page 67 Note To permanently save your new...

Страница 66: ...cs of an AT GS950 48 switch You can display and modify the settings of all the ports on one web page The port characteristics that are displayed are Trunk Group Number Port type Link Status Admin Stat...

Страница 67: ...e adjustable The parameters are defined as follows Port Specifies the port number The All value indicates all ports on the AT GS950 48 switch You cannot change this parameter Note You can use the All...

Страница 68: ...le the port to resume normal operation after the problem has been fixed You can also disable an unused port to secure it from unauthorized connections The possible values are Ignore This parameter app...

Страница 69: ...tiation mode 1000 Full This parameter indicates the port is configured for 1000Mbps operation in full duplex mode 100 Full This parameter indicates the port is configured for 100Mbps operation in full...

Страница 70: ...that the All setting does not apply to the EAP Pass field In other words each port is set individually Enabled This parameter indicates that the port is able to send and receive EAP packets Disabled T...

Страница 71: ...sections in the chapter include Overview on page 72 STP and RSTP Global Settings on page 81 STP and RSTP Port Settings on page 84 For detailed information about STP refer to IEEE Std 802 1D For detail...

Страница 72: ...ath in case a main link fails Where the two protocols differ is in the time each takes to complete the process referred to as convergence With the convergence process when a change is made to the netw...

Страница 73: ...rity number the one with the lowest MAC address is designated as the root bridge You can change the bridge priority number in the AT S116 Management software You can designate which switch on your net...

Страница 74: ...o a blocking state Path cost is determined by evaluating port costs Every port on a bridge participating in STP has a cost associated with it The cost of a port on a bridge is typically based on port...

Страница 75: ...topology change is made before all bridges have been notified and that could adversely impact network performance To forestall the formation of temporary data loops during topology changes a port des...

Страница 76: ...hether it has the lowest bridge priority number of all the bridges and should therefore become the root bridge The root bridge periodically transmits a BPDU to determine whether there have been any ch...

Страница 77: ...An edge port on a bridge should not have any STP or RSTP devices connected to it either directly or through another device connected to that port In this configuration since the port has no STP or RS...

Страница 78: ...his chapter If you choose to define multiple spanning trees on this switch go to Chapter 5 Multiple Spanning Tree Protocol on page 87 The single spanning tree encompasses all ports on the switch If th...

Страница 79: ...e STP or RSTP enabled on your network If each port connecting the two bridges is a tagged member of all three VLANs then traffic for each of the VLANs can still flow through one of the data links if t...

Страница 80: ...patibility with Tagged Ports Note For information about tagged and untagged ports refer to Chapter 13 VLAN Overview on page 158 T T T T T T Ports blocked by STP Blocked Data Links VLAN 1 3 VLAN 1 3 VL...

Страница 81: ...procedure 1 From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select the Spanning Tree folder The Spanning Tree folder expands 3 From th...

Страница 82: ...is used to determine the root bridge for RSTP The bridge with the lowest priority number is selected as the root bridge If two or more bridges have the same priority value that is the lowest value of...

Страница 83: ...Root Cost The sum of all root port costs of all bridges between the switch s root port and the root bridge including the switch s root port cost Root Maximum Age The parameter displays the maximum amo...

Страница 84: ...splays the following information about the ports Port Indicates the port numbers on the AT GS950 48 switch You can select the All row to apply the same setting to all ports of your switch STP Status I...

Страница 85: ...tate Learning While the port does not yet forward frames packets in this state the port does learn source addresses from frames received and adds them to the filtering switching database Forwarding A...

Страница 86: ...CN Applies only to MSTP For information on MSTP refer to Chapter 5 Multiple Spanning Tree Protocol on page 87 Migrate Clicking the Restart button under the Migrate field in the All row restarts the pr...

Страница 87: ...verview and configuration guidelines for this feature in MSTP Overview on page 373 When you configure MSTP the information should be entered in order on the following web pages MSTP Global Settings on...

Страница 88: ...lder expands 2 From the Bridge folder select the Spanning Tree folder The Spanning Tree folder expands 3 From the Spanning Tree folder select Protocol Settings The Spanning Tree Protocol Settings Page...

Страница 89: ...u enable MSTP Refer to Displaying and Configuring Ports on page 67 Protocol Version Select MSTP Bridge Priority This parameter specifies the priority used in determining the regional root for a partic...

Страница 90: ...entifier is used as a tie breaker in the selection of the root bridge when two or more bridges have the same bridge priority Root Cost The sum of all root port costs of all bridges between the switch...

Страница 91: ...w of this page Figure 31 Port Settings Page You may choose a port and configure its MSTP parameters on this page The following information is displayed Port Indicates the port numbers on the AT GS950...

Страница 92: ...continues to monitor the port for incoming BPDUs that indicate the port should return to the blocking state to prevent a loop Disabled This state is not strictly part of STP However a network adminis...

Страница 93: ...DU packets Migrate A switch running MSTP supports a built in protocol migration mechanism that enables it to inter operate with legacy 802 1D switches Clicking the Restart button under the Migrate fie...

Страница 94: ...m the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select the Spanning Tree folder The Spanning Tree folder expands 3 From the Spanning Tree...

Страница 95: ...termines the regional root using the Priority drop down menu 4 Click Add The Instance ID and the Mapped VLAN or VLANs will be displayed in the table on the page 5 From the main menu on the left side o...

Страница 96: ...eters on this page The following information is displayed Port You can select one of the ports on the AT GS950 48 switch using the Port drop down menu MSTI ID Indicates the MSTP Instance associated wi...

Страница 97: ...used to communicate with the root bridge Disabled This switch can only operate with RSTP and MSTP packets 4 Once you have configured the parameters click Apply in the Action column 5 If you choose to...

Страница 98: ...Page is displayed See Figure 34 Figure 34 Instance Information Page The following information displayed on this page shows the current status of each MST instance MSTI ID MST instance ID Internal Root...

Страница 99: ...rview on page 100 Create a Port Trunk on page 103 Modify a Port Trunk on page 105 Disable a Port Trunk on page 107 Note For information about Link Aggregation Control Protocol LACP port trunking see C...

Страница 100: ...insufficient to handle the traffic load A static port trunk consists of 2 or more ports on the switch that function as a single virtual link between the switch and another device A static port trunk...

Страница 101: ...ng a static trunk Allied Telesis recommends setting static port trunks between Allied Telesis networking devices to ensure compatibility A static trunk can contain up to 10 ports The ports of a static...

Страница 102: ...o be members of more than one VLAN The ports of a static trunk can be either untagged or untagged members of the same VLAN The switch selects a port in the trunk to handle broadcast packets and packet...

Страница 103: ...to configuring the ports can create loops in your network topology Loops can result in broadcast storms which can severely limit the effective bandwidth of your network To create a port trunk perform...

Страница 104: ...P Data Unit LACPDU packets This setting enables the LACP feature for the trunk Passive The specific aggregator will not broadcast LACPDU packets but it will respond to them This setting disables the L...

Страница 105: ...unk Config folder expands 4 From the Trunk Config folder select Trunking The Trunking Page is shown in Figure 36 on page 103 5 Click the pull down menu of the port trunk you want to modify and change...

Страница 106: ...atic Port Trunking 106 9 Configure the port trunk on the other switch with the same parameters 10 Connect the Ethernet cables between trunk ports on the AT GS950 48 switch and the trunk ports on the o...

Страница 107: ...unk perform the following procedure 1 Disconnect all of the Ethernet cables from the ports of the trunk 2 Select the Bridge folder The Bridge folder expands 3 From the Bridge folder select the Trunk C...

Страница 108: ...Chapter 6 Static Port Trunking 108...

Страница 109: ...verview on page 110 System Priority on page 111 Port Priority Value on page 112 General Guidelines on page 113 Group Status on page 115 Port Priority Configuration on page 118 Note For information abo...

Страница 110: ...ng ports 1 to 4 as the active ports and 9 as reserve If an active port loses its link the switch automatically activates one of the reserve ports to maintain maximum bandwidth of the trunk The main co...

Страница 111: ...lem and deciding whose LACP settings take precedence This is the function of the system LACP priority value This value is used whenever the devices encounter a conflict creating a trunk the lower the...

Страница 112: ...matically activated to take its place The selection of the active links in an aggregate trunk is dynamic and changes as links are added removed lost or re established For example if an active port los...

Страница 113: ...mple ports 2 4 6 8 A port can belong to only one aggregator at a time A port cannot be a member of an aggregator and a static trunk at the same time The ports of an aggregate trunk must be untagged me...

Страница 114: ...n a trunk If the number is less than eight the maximum number for the AT GS950 48 switch you should assign the other vendor s device a higher system LACP priority than your AT GS950 48 switch This can...

Страница 115: ...tus The LACP Group Status Page is displayed See Figure 37 for a partial view of this page Figure 37 LACP Group Status Page Note Go to Create a Port Trunk on page 103 to directly change the parameters...

Страница 116: ...iguration is shown in Figure 38 before the Ethernet cables are connected Figure 38 LACP Group Status Page with No Cables Connected 2 Physically connect the network cables between the switch and a seco...

Страница 117: ...8 Web Interface User Guide 117 Figure 39 LACP Group Status Page with Three Cables Connected You can now see that each port has been grouped under a single aggregator since the ports are now in a Link...

Страница 118: ...r a partial view of this page Figure 40 AT GS950 48 Port Priority Page The System Priority is a preassigned value that you cannot alter This value applies to the switch See System Priority on page 111...

Страница 119: ...gress and egress traffic on a port by having the traffic copied to another port This chapter contains the following sections Overview on page 120 Port Mirroring Configuration on page 121 Disable Port...

Страница 120: ...mirroring port Observe the following guidelines when you create a port mirror You can select more than one source port at a time However the more ports you mirror the less likely the mirroring port i...

Страница 121: ...eature and the rest of the configuration parameters become active on the page Disabled This parameter de activates the Port Mirroring feature and the rest of the configuration parameters become inacti...

Страница 122: ...ring configuration is implemented immediately on the AT GS950 48 switch You can connect a data analyzer to the mirroring port to monitor the Ethernet traffic on the source port s 7 From the main menu...

Страница 123: ...Mirroring The Mirroring page is shown in Figure 41 on page 121 3 Next to the Status field select Disabled and click Apply Port mirroring is immediately disabled on the switch and the parameters on th...

Страница 124: ...Chapter 8 Port Mirroring 124...

Страница 125: ...the same port are connected then this feature detects this condition and disables the port for a pre configured amount of time This chapter contains the following topics Configuration on page 126 Stat...

Страница 126: ...opback Detection Page is displayed See Figure 42 for a partial view of this page Figure 42 AT GS950 48 Loopback Detection Page 3 For the Loopback Detection State field at the top of the page select on...

Страница 127: ...arameters become active 6 In the table at the bottom of the page select one of the Loopback Detection State choices from the pull down menu Ignore This parameter indicates that the setting in the All...

Страница 128: ...Rx pairs connected Disabled This status indicates that the port does not have the Tx to Rx pairs connected The Disabled state will be reset to Normal after two conditions are both met The loopback con...

Страница 129: ...tic Unicast MAC Address Configuration on page 132 Modify Static Unicast Address on page 134 Delete Static Unicast Address on page 135 Static Multicast Address Configuration on page 136 Modify Static M...

Страница 130: ...ains in the table indefinitely and is never deleted by the switch even when the end node is inactive You can only delete a static MAC address by manually configuring the switch with the AT S116 Manage...

Страница 131: ...edefined within the network design and they will not change over time then they can be manually entered as static entries into the MAC address table This allows the multicast stream to be forwarded im...

Страница 132: ...the 802 1Q VLAN parameter Port Based VLAN Configuration on page 174 regarding the Port Based VLAN parameter To add a static MAC address to the switch perform the following procedure 1 From the main m...

Страница 133: ...ign the MAC address a Port Member by selecting the radio button beside the port number Note You can assign a maximum limit of 256 static unicast addresses on the switch 6 Click Apply The Static Unicas...

Страница 134: ...age 132 3 Select Modify next to the static unicast MAC address that you want to change The Modify Static Unicast Address Page is displayed See Figure 45 Figure 45 Modify Static Unicast Address Page 4...

Страница 135: ...able Page is displayed See Figure 43 on page 132 3 Select Delete next to the static unicast address that you want to remove The static unicast address is removed from the Static Unicast Address Table...

Страница 136: ...ters see Tagged VLAN Configuration on page 166 regarding the 802 1Q VLAN parameter Port Based VLAN Configuration on page 174 regarding the Port Based VLAN parameter To add a static multicast MAC addre...

Страница 137: ...button 4 In the Group MAC Address field enter a multicast MAC address The range is from 01 00 5E 00 01 00 to 01 00 5E 7F FF FF 5 Assign the MAC address a Group Member or members by selecting the chec...

Страница 138: ...u enter on the Static Multicast Address Table Page are also displayed on the IGMP Snooping Page For more information see IGMP Snooping Configuration on page 144 7 From the main menu on the left side o...

Страница 139: ...t Modify next to the static MAC address that you want to change The Modify Static Multicast Address Page is displayed See Figure 48 Figure 48 Modify Static Multicast Address Page 4 In the Group Member...

Страница 140: ...e Page is displayed See Figure 47 on page 137 3 Select Delete next to the static multicast address that you want to remove The static multicast address is removed from the Static Multicast Address Tab...

Страница 141: ...Snooping in the web interface The following topics are discussed Overview on page 142 IGMP Snooping Configuration on page 144 IGMP Snooping Router Port Modification on page 147 Note To permanently sav...

Страница 142: ...uter ports where host nodes are located There are three versions of IGMP versions 1 2 and 3 One of the differences between the versions is how a host node signals that it no longer wants to be a membe...

Страница 143: ...ch flooding of packets can negatively impact network performance The AT GS950 48 switch maintains a list of multicast groups through an adjustable time out value which controls how frequently it expec...

Страница 144: ...cedure 1 From the main menu on the left side of the page select the Bridge folder The Bridge folder expands 2 From the Bridge folder select the IGMP Snooping folder 3 From the IGMP Snooping folder sel...

Страница 145: ...le from 2 to 255 The robustness variable is an integer used during IGMP snooping calculations for IGMP messages to allow for expected packet loss 10 To set the Last Member Query Interval type the numb...

Страница 146: ...Chapter 11 IGMP Snooping 146 Figure 50 IGMP Snooping Page with MAC Address 14 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Страница 147: ...page select the Bridge folder The Bridge folder expands 2 From the Bridge folder select the IGMP Snooping folder 3 From the IGMP Snooping folder select IGMP Snooping Router Port The IGMP Snooping Rout...

Страница 148: ...in the Static Router Port area Selected ports are indicated with a check mark To select all ports click the All button under Static Router Port Note To restore the original group member ports click Re...

Страница 149: ...dth feature The following topics are discussed Overview on page 150 Configuration on page 152 Ingress Rate Limiting on page 154 Egress Rate Limiting on page 156 Note To permanently save your new setti...

Страница 150: ...Lookup Failure DLF setting is concerned with comparing the destination MAC address of a packet received by the switch to the forwarding database When the AT GS950 48 switch receives a packet it scans...

Страница 151: ...as follows Bandwidth 64Kbps x rate limit The rate limit parameter is an integer ranging from 1 to 15625 Egress Rate Limiting The Egress Rate Limiting feature restricts the traffic to a pre configured...

Страница 152: ...folder select Storm Control The AT GS950 48 Storm Control page is displayed See Figure 53 for a partial view of this page Figure 53 AT GS950 48 Storm Control Page 4 To enable or disable the DLF field...

Страница 153: ...o change You can select the All row to set all of the ports to the same setting The Ignore parameter indicates that the setting in the All row does not apply to the Multicast menu for individual ports...

Страница 154: ...older select Bandwidth Control The Bandwidth Control folder expands 3 From the Bandwidth Control folder select Ingress Rate Limiting The AT GS950 48 Ingress Rate Limiting page is displayed See Figure...

Страница 155: ...o the port that you want to change You can select the All row to set all of the ports to the same setting The Ignore parameter indicates that the setting in the All row does not apply to the Status me...

Страница 156: ...ial view of this page Figure 55 AT GS950 48 Egress Rate Limiting Page To set the Bandwidth field enter a number in the range of 1 to 15625 You can select the All row to set all of the ports to the sam...

Страница 157: ...iew on page 158 Assign Ports to a VLAN Mode on page 164 Tagged VLAN Configuration on page 166 Tagged VLAN Port Settings on page 172 Port Based VLAN Configuration on page 174 Select MAC Address Forward...

Страница 158: ...s within the separate logical LAN segment of the VLAN The nodes of a VLAN receive traffic only from nodes of the same VLAN This reduces the need for nodes to handle traffic that is not destined for th...

Страница 159: ...As explained in the VLAN Overview on page 158 a VLAN consists of a group of ports on an Ethernet switch that form an independent traffic domain This type of VLAN is independent of the header informati...

Страница 160: ...st be assigned the same VLAN index Create up to 52 port based VLANs Tagged VLAN Overview The second type of VLAN supported by the AT S116 Management software is the tagged VLAN In this type of VLAN me...

Страница 161: ...mbination of tagged and untagged ports in the same VLAN Note A port can also be dynamically assigned to a tagged VLAN within a voice VLAN configuration which is a special configuration of a tagged VLA...

Страница 162: ...he same VLAN ID A tagged port can be a member of multiple VLANs The AT GS950 48 Gigabit Ethernet Switch can support up to 255 tagged VLANs per switch Private VLAN Overview Private VLANs create special...

Страница 163: ...rt VLAN at a time The source port cannot be a static port trunk or an LACP trunk The source port is untagged It does not include tagged VLAN information in the packets that it forwards to forwarding p...

Страница 164: ...tagged VLAN with a VLAN ID of 1 The default VLAN is permanent and must have at least one untagged port assigned to it at any time To assign ports to an 802 1Q Tagged VLAN or port based VLAN perform t...

Страница 165: ...age 174 5 Click Apply 6 If you want to restore the port assignment before saving the configuration click Restore Note Once the VLAN assignment has been saved by clicking first on the Apply button and...

Страница 166: ...f a specific tagged VLAN If it is it is eligible to be switched to other member ports of the same VLAN If it is determined that the frame s tag does not conform to the tagged VLAN the frame is discard...

Страница 167: ...ed VLAN Page is displayed See Figure 57 for a partial view of this page Figure 57 AT GS950 48 Tagged VLAN Page 4 Assign a VLAN ID by entering a VLAN ID in the VLAN ID field The range for this field is...

Страница 168: ...gn ports to the VLAN click on the port numbers labeled either Static Tagged or Static Untagged To assign all ports to the VLAN as Static Tagged click All under Static Tagged To assign all ports to the...

Страница 169: ...169 Figure 58 Example of AT GS950 48 Tagged VLAN Page 4 In the VLAN Action column click Modify in the row of the VLAN that you want to change The Modify VLAN Page is displayed See Figure 59 A partial...

Страница 170: ...is VLAN select one of the following choices from the pull down menu Enable This parameter enables Management VLAN on this VLAN Caution If you Disable the Management VLAN on a newly assigned VLAN and y...

Страница 171: ...o delete a tagged VLAN perform the following procedure 1 From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select VLAN The VLAN folder ex...

Страница 172: ...age Figure 60 AT GS950 48 VLAN Port Settings Page 4 For a selected port set the PVID field to an existing VLAN ID For an explanation of the PVID parameter see Port VLAN Identifier PVID on page 162 5 S...

Страница 173: ...menu Enabled This enables ingress filtering at the selected port Disabled This disables ingress filtering at the selected port 7 Click Apply The port configuration becomes effective 8 If you need to...

Страница 174: ...in the following sections Create a Port Based VLAN Modify a Port Based VLAN on page 175 Delete a Port Based VLAN on page 176 Create a Port Based VLAN To create a port based VLAN perform the following...

Страница 175: ...to the VLAN click All under VLAN Member 7 Click Apply 8 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes Modify a Port Based VLAN To modif...

Страница 176: ...save your changes Delete a Port Based VLAN To delete a port based VLAN perform the following procedure 1 From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From...

Страница 177: ...From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select VLAN The VLAN folder expands 3 From the VLAN folder select Forwarding Table Mode...

Страница 178: ...mic Forwarding Table The Dynamic Forwarding Table Page is shown in Figure 65 Figure 65 Dynamic Forwarding Table Page 4 To view all MAC addresses select All from the Port drop down menu To view MAC add...

Страница 179: ...rned by the switch or assigned to the port Type Dynamic or Static Dynamic MAC address the switch learns automatically and is not stored indefinitely in the table Static MAC address assigned manually a...

Страница 180: ...VLAN on page 182 For more information on Private VLANs refer to Private VLAN Overview on page 162 Enable or Disable Private VLAN To enable or disable private VLAN perform the following procedure 1 Fr...

Страница 181: ...te VLANs must be Enabled before a specific Private VLAN can be created See Enable or Disable Private VLAN on page 180 1 From the main menu on the left side of the page select Bridge The Bridge folder...

Страница 182: ...ee Figure 66 on page 181 for a partial view of this page 4 Use the Source Port drop down menu to select the source port of the private VLAN to be modified 5 Select the forwarding ports Click the check...

Страница 183: ...de 183 6 Click the Apply button under the forwarding ports The modified private VLAN is deleted from the Port List table 7 From the main menu on the left side of the page select Save Settings to Flash...

Страница 184: ...he Bridge folder select VLAN The VLAN folder expands 3 From the VLAN folder select VLAN Current Database See Figure 67 for an example of the VLAN Current Database page with VLAN configurations Figure...

Страница 185: ...AT GS950 48 Web Interface User Guide 185 Port Based VLAN table VLAN Index VLAN ID numbers VLAN Name VLAN names VLAN Member VLAN untagged member ports...

Страница 186: ...Chapter 13 Virtual LANs 186...

Страница 187: ...187 Chapter 14 GVRP This chapter contains the following sections Overview and Guidelines on page 188 General Configuration on page 189 Port Settings on page 190 Time Settings on page 192...

Страница 188: ...VLANs To be detected by GVRP a VLAN must have at least one active node or have at least one port with a valid link to an end node GVRP cannot detect a VLAN that does not have any active nodes or valid...

Страница 189: ...the GVRP folder select GVRP Global Settings The GVRP Global Settings Page is displayed See Figure 68 Figure 68 GVRP Global Settings Page 4 From the GVRP Status field select one of the following choice...

Страница 190: ...s are listed for each port Port This parameter displays the ports on the switch Dynamic Vlan Status This parameter defines the GVRP status of the port From the Dynamic Vlan Status field select one of...

Страница 191: ...he Restricted VLAN Registration is activated for the port row selected Disabled The Restricted VLAN Registration is de activated for the port row selected 5 Once you have configured the parameters cli...

Страница 192: ...yed See Figure 70 for a partial view of this page Figure 70 AT GS950 48 GVRP Time Settings Page Note The GARPLeaveTimer must be greater than GARPJoinTimer x2 10 and the GARPLeaveAllTimer must be great...

Страница 193: ...elation to the GVRP Leave Timer according to the following equation GARPLeaveAllTimer GARPLeaveTimer 10 Note To ensure compatibility between network devices you must configure the same values for the...

Страница 194: ...Chapter 14 GVRP 194...

Страница 195: ...page 202 Associate DSCP Classes to Egress Queues on page 203 Queue Scheduling Algorithm on page 205 IPv6 Traffic Class Mapping on page 206 Note Before mapping the QoS Priorities and the egress queues...

Страница 196: ...to manage the flow of traffic through a switch by having the switch ports give higher priority to some packets such as delay sensitive traffic over other packets This is referred to as prioritizing tr...

Страница 197: ...r egress queues of a switch port You can change these mappings For example you might decide that packets with a priority of 6 and 7 need to be handled by egress queue Highest and packets with a priori...

Страница 198: ...contain a priority level However the AT GS950 48 switch has a priority associated with each individual ingress port By default each port s priority is Low You can redefine this parameter as described...

Страница 199: ...in Priority Scheduling The weighted round robin WRR scheduling method functions as its name implies The port transmits a set number of packets from each queue in a round robin fashion so that each has...

Страница 200: ...arameter definition in Displaying and Configuring Ports on page 67 Note When Jumbo frames are enabled CoS cannot be enabled To configure CoS mapping perform the following procedure 1 From the main men...

Страница 201: ...ck on the Queue Low Medium High Highest radio button that applies to your configuration 5 After you have completed this mapping process select Enable in the QoS Status field 6 Click Apply 7 From the m...

Страница 202: ...s perform the following procedure 1 From the main menu on the left side of the page select Bridge The Bridge folder expands 2 From the Bridge folder select QoS The QoS folder expands 3 From the QoS fo...

Страница 203: ...es Low Highest The default queue for all DSCP values is Low To assign the queue mappings to the DSCP values perform the following procedure 1 From the main menu on the left side of the page select Bri...

Страница 204: ...value that is relevant to your configuration select a queue Low Medium High Highest in the Queue column To set all queues in a Queue column to the same value use the Queue drop down menu in the first...

Страница 205: ...igure 74 Figure 74 Scheduling Algorithm Page 4 In the Scheduling Algorithm list select one of the following algorithms Strict Priority The port transmits all packets out of higher priority queues befo...

Страница 206: ...ach port See the Jumbo parameter definition in Displaying and Configuring Ports on page 67 Note When Jumbo frames are enabled IPv6 traffic class mapping cannot be enabled Enable or Disable IPv6 Traffi...

Страница 207: ...Click Apply Create IPv6 Traffic Class Entries To create IPv6 traffic class priority entries perform the following procedure 1 Enter a value for the IPv6 packet header s 8 bit priority in the IPv6 Traf...

Страница 208: ...select Bridge The Bridge folder expands 2 From the Bridge folder select QoS The QoS folder expands 3 From the QoS folder select IPv6 Traffic Class Priority Settings 4 Under the Action column click th...

Страница 209: ...v2c on page 211 Chapter 17 SNMPv3 on page 225 Chapter 18 Access Control Configuration on page 243 Chapter 19 RMON on page 259 Chapter 20 Voice VLAN on page 273 Chapter 21 Security on page 283 Chapter...

Страница 210: ...210...

Страница 211: ...s SNMPv1 and SNMPv2c Overview on page 212 Trap Receiver Attributes on page 213 Activate SNMP Interface on page 214 SNMPv1 and SNMPv2c User and Group Names on page 215 SNMP Community Strings on page 21...

Страница 212: ...nd loading new configurations via the agent in the managed equipment The NMS and agent communicate with each other using variables organized into pre defined hierarchies called Management Information...

Страница 213: ...raps to monitor activities on the switch Trap receivers are the typically SNMP management stations that you want to receive the traps sent by the switch You specify a trap receiver by its IP address w...

Страница 214: ...Chapter 16 SNMPv1 and v2c 214 Activate SNMP Interface The SNMP interface is activated by default If you want to de activate it or re activate it go to User Interface Configuration on page 45...

Страница 215: ...string and what the string allows a network management station to do on the switch The AT S116 Management Software does not provide any default community strings You must first define an SNMP User and...

Страница 216: ...ter a name up to 32 characters in length 5 Select either v1 or v2c as the SNMP Version Note The encrypted check box and Auth Protocol Priv Protocol and password fields are intended for SNMPv3 configur...

Страница 217: ...s on page 215 Delete User and Group Names This procedure explains how to delete an entry on the SNMP User Group page 1 From the main menu on the left side of the page select the SNMP folder The SNMP f...

Страница 218: ...wing sections to create modify and delete SNMP community strings Create SNMP Community Strings next Modify SNMP Community Strings on page 219 Delete SNMP Community Strings on page 219 Create SNMP Comm...

Страница 219: ...Community Strings If you need to modify a Community Table entry you must first delete the entry by using the procedure below and then re enter it with the modification by creating a new Community tabl...

Страница 220: ...Chapter 16 SNMPv1 and v2c 220 4 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Страница 221: ...Table Entry next Modify a Trap Host Table Entry on page 222 Delete a Trap Host Table Entry on page 223 Create Trap Host Table Entry Use the following procedure to create a trap Host table entry 1 Fro...

Страница 222: ...correlate with one of the communities displayed on the SNMP Community Table page See SNMP Community Strings on page 218 If you enter a Community Name that has not been pre defined the Trap Host entry...

Страница 223: ...ands 2 From the SNMP folder select Trap Management 3 The Trap Management Page is displayed See Figure 81 on page 221 4 To delete an entry in the host table click Delete next to the entry in the table...

Страница 224: ...Chapter 16 SNMPv1 and v2c 224...

Страница 225: ...wing sections Overview on page 226 SNMPv3 User and Group Names on page 230 SNMPv3 View Names on page 233 SNMPv3 View Table on page 236 SNMPv3 Traps on page 239 SNMP Engine ID on page 240 Note To perma...

Страница 226: ...ning which portions of the Management Information Bases MIB that can be viewed by specific users In this way you restrict which MIBs a user can display and modify In addition you can restrict the type...

Страница 227: ...requires the authentication protocol to be configured as either MD5 or SHA If you assign a DES privacy protocol to a user then you are also required to assign a privacy password If you choose to not...

Страница 228: ...subtree view and enables you to restrict an MIB view to a specific row of the OID MIB table You need a thorough understanding of the OID MIB table to define a subtree mask SNMPv3 Configuration Proces...

Страница 229: ...r Guide 229 5 Finally the traps can be defined on the Trap Management page based on the Community or User Name See Figure 84 for an illustration of how the user configuration tables are linked Figure...

Страница 230: ...The SNMP folder expands 2 From the SNMP folder select SNMP User Group The SNMP User Group page is displayed See Figure 77 on page 215 Note There are no default User Names or Group Names defined for S...

Страница 231: ...set to DES and you must also specify an authentication protocol and password 10 Click Add The new User Name and Group Name are displayed on the SNMP User Group page See Figure 85 Figure 85 SNMP User...

Страница 232: ...age select the SNMP folder The SNMP folder expands 2 From the SNMP folder select SNMP User Group The SNMP User Group Page is displayed See Figure 77 on page 215 3 In the Action column of the table cli...

Страница 233: ...ting SNMPv3 View Names on page 235 Creating SNMPv3 View Names Before you can create an SNMPv3 View name you must define a Group Name using the SNMP User Group page See Creating SNMPv3 User and Group N...

Страница 234: ...aracters in length 7 From the Security Model pull down menu select v3 8 Enter the Security Level from the pull down menu The selection options are NoAuthNoPriv This selection is appropriate when no Au...

Страница 235: ...in this table see Creating SNMPv3 View Names on page 233 Deleting SNMPv3 View Names This procedure explains how to delete an entry on the SNMP Group Access Table page 1 From the main menu on the left...

Страница 236: ...ections Creating SNMPv3 View Table Entries Modifying SNMPv3 View Table Entries on page 237 Deleting SNMPv3 View Table Entries on page 237 Creating SNMPv3 View Table Entries This procedure explains how...

Страница 237: ...changes Modifying SNMPv3 View Table Entries If you need to modify an entry in the View Table page you must first delete the entry and then re enter it For information about how to delete an entry in...

Страница 238: ...ote The views corresponding to the ReadOnly and ReadWrite Group Names are default values and cannot be removed 3 From the main menu on the left side of the page select Save Settings to Flash to perman...

Страница 239: ...AT GS950 48 Web Interface User Guide 239 SNMPv3 Traps The creation modification and deletion of traps for SNMPv3 is identical to the procedure for SNMPv1 v2 See SNMP Traps on page 221...

Страница 240: ...is procedure explains how to modify the engine ID 1 From the main menu on the left side of the page select the SNMP folder The SNMP folder expands 2 From the SNMP folder select Engine ID The SNMP Engi...

Страница 241: ...page is displayed See Figure 90 on page 240 3 Reset the engine ID To reset the engine ID to the previous setting click Reset To reset the engine ID to the default setting click Reset to Default 4 Fro...

Страница 242: ...Chapter 17 SNMPv3 242...

Страница 243: ...GS950 48 switch s Access Control Configuration feature and the procedures to create modify and delete an Access Control configuration This chapter contains the following sections Overview on page 244...

Страница 244: ...iority behavior Note Before you specify the Access Control policies be sure to configure the QoS parameters The QoS entries may have a direct effect on each policy s behavior For more information see...

Страница 245: ...Policy on page 251 View Specific Classifier Details on page 252 Create a Policy To create a policy perform the following procedure 1 From the main menu on the left side of the page select the Access...

Страница 246: ...r 18 Access Control Configuration 246 Figure 92 IPv4 Policy Settings Page To create an IPv6 policy click Add IPv6 The IPv6 Policy Settings page is displayed See Figure 93 Figure 93 IPv6 Policy Setting...

Страница 247: ...can be specified as a consecutive list a non consecutive list or a combination of the two At least one or more ports must be specified For example you can specify ports 1 3 5 8 Note You cannot combin...

Страница 248: ...IPv6 only IPv6 Destination IP Address Destination IPv6 address Applies to IPv6 only IPv6 Destination IP Prefix Length Prefix length of the destination IPv6 address ranging from 1 128 Applies to IPv6...

Страница 249: ...isplayed in at the bottom of the table If you do not see your new entry you may need to navigate to another page of the table with the First Page Previous Page Next Page and Last Page buttons located...

Страница 250: ...t to change the status to Disable Click OK to enable or Cancel to cancel the action 4 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes Mod...

Страница 251: ...ave Settings to Flash to permanently save your changes Delete a Policy To delete a policy entry perform the following procedure 1 From the main menu on the left side of the page select the Access Cont...

Страница 252: ...the main menu on the left side of the page select the Access Control Config folder The Access Control Config folder expands 2 From the Access Control Config folder select Policy Settings The Policy Se...

Страница 253: ...rate control entry by following the procedures in the following sections Create a Rate Control Entry next Modify the Committed Rate on page 254 Delete a Rate Control Entry on page 255 Create a Rate Co...

Страница 254: ...ed Rate To modify the committed rate for a rate control entry perform the following procedure 1 From the main menu on the left side of the page select the Access Control Config folder The Access Contr...

Страница 255: ...e 254 3 From the Rate Control page identify which committed rate entry that you want to delete and click the Delete button in the Action column The committed rate entry is deleted from the Committed R...

Страница 256: ...ce To display the policy sequence perform the following procedure 1 From the main menu on the left side of the page select the Access Control Config folder The Access Control Config folder expands 2 F...

Страница 257: ...ntrol Config folder select Policy Database The Policy Database page is displayed in Figure 99 on page 256 3 Select the switch port from the Select Port pull down menu that you want to view 4 Click the...

Страница 258: ...Chapter 18 Access Control Configuration 258...

Страница 259: ...hapter 19 RMON This chapter contains the following sections Overview on page 260 Enable and Disable RMON on page 261 Port Statistics on page 262 Histories on page 264 Events on page 266 Alarms on page...

Страница 260: ...s group is used to collect histories of port statistics to identify traffic trends or patterns For information about configuring a History group refer to Histories on page 264 Event group This group i...

Страница 261: ...s on how to configure SNMP on your switch refer to Chapter 16 SNMPv1 and v2c on page 211 or Chapter 17 SNMPv3 on page 225 Perform the following procedure to activate RMON 1 From the main menu on the l...

Страница 262: ...is displayed See Figure 102 Figure 102 Ethernet Statistics Settings Page 3 The following fields are listed Index This parameter specifies the ID number of the new group The range is 1 to 65535 Port T...

Страница 263: ...re 103 Ethernet Statistics Configuration Example 5 If you want to configure RMON statistics for other ports repeat Step 3 and Step 4 6 From the main menu on the left side of the page select Save Setti...

Страница 264: ...buckets in a group the more snapshots it can store Perform the following procedure to configure RMON history 1 From the main menu on the left side of the page click the RMON folder The RMON folder ex...

Страница 265: ...n interval of 60 seconds Owner This parameter is used to identify the person who created an entry It is primarily intended for switches that are managed by more than one person and is an optional fiel...

Страница 266: ...the following procedure to configure RMON events 1 From the main menu on the left side of the page click the RMON folder The RMON folder expands 2 From the RMON folder select Event The RMON Event Sett...

Страница 267: ...witches that are managed by more than one person and is an optional field 4 Once you have configured the parameters click Add Your entry appears in the table at the bottom of the page See Figure 107 F...

Страница 268: ...s that comprise RMON alarms RMON statistics group A port must have an RMON statistics group configured if it is to have an alarm When you create an alarm you specify the port to which it is to be assi...

Страница 269: ...e is 1 to 65535 Interval This parameter specifies the time in seconds over which the data is sampled Its range is 1 to 2147483647 seconds Variable This parameter specifies the RMON MIB object that the...

Страница 270: ...x for the rising threshold Its range is 1 to 65535 This field is mandatory and must match an Event Index that you previously entered in Events on page 266 Falling Event Index This parameter specifies...

Страница 271: ...AT GS950 48 Web Interface User Guide 271 6 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Страница 272: ...Chapter 19 RMON 272...

Страница 273: ...nd delete a voice VLAN configuration This chapter contains the following sections Overview on page 274 General Guidelines on page 277 Configuration on page 278 OUI Setting on page 281 Note To permanen...

Страница 274: ...nsure that the voice data packets are processed before other types of data so that the voice quality is maintained as the voice data passes through the AT GS950 48 switch Note For more information abo...

Страница 275: ...untagged ports that will serve as the voice VLAN uplink downlink By default a tagged or untagged port is a static member of a tagged VLAN Note See Create a Tagged VLAN on page 167 for more information...

Страница 276: ...to have the port VLAN ID PVID configured to be the same as the voice VLAN ID This insures that all untagged packets entering the port are switched within the voice VLAN as the voice data passes throug...

Страница 277: ...ports of a tagged VLAN are static and cannot have the voice VLAN Auto Detection feature enabled IP phones that are not VLAN aware should be connected to Static tagged ports of the voice VLAN The voice...

Страница 278: ...ice VLAN on the AT GS950 48 switch To configure a voice VLAN perform the following procedure 1 From the main menu on the left side of the page select Voice VLAN The Voice VLAN folder expands 2 From th...

Страница 279: ...tes the amount of time in hours after the last IP phone s OUI was received on a port after which this port will be removed from the voice VLAN The range is 1 to 120 hours CoS This parameter is the CoS...

Страница 280: ...t have the voice VLAN Auto Detection feature enabled The Status column displays Static for the member ports See Dynamic Auto Detection vs Static Ports on page 275 for more information 7 Click Apply in...

Страница 281: ...gure 111 Voice VLAN OUI Settings Page 3 Enter a text description that helps you identify the manufacturer s OUI in the User Defined OUI Description field This parameter can be up to 20 characters in l...

Страница 282: ...page select Voice VLAN The Voice VLAN folder expands 2 From the Voice VLAN folder select Voice VLAN OUI Settings The Voice VLAN OUI Settings Page is displayed See Figure 111 on page 281 3 To delete a...

Страница 283: ...includes the following sections Port Access Control on page 284 RADIUS Client on page 290 TACACS on page 293 Dial in User Local Authentication on page 296 Destination MAC Filter on page 299 Note To p...

Страница 284: ...g a user name and password This feature can prevent an unauthorized individual from connecting a computer to a port or using an unattended workstation to access your network resources Only those users...

Страница 285: ...rol Settings Page is displayed See Figure 112 Figure 112 Port Access Control Settings Page 3 Configure the following parameters as required NAS ID This parameter assigns an 802 1x identifier to the sw...

Страница 286: ...when you are finished configuring the parameters 5 To set the advanced configuration parameters click Settings The Port Access Control Settings page is expanded See Figure 113 Figure 113 Expanded Port...

Страница 287: ...ized state without any authentication exchanges required The ports transmit and receive traffic normally without 802 1x based authentication of the clients Re authentication Status This parameter acti...

Страница 288: ...ment is enabled Disabled The VLAN Assignment is disabled Secure VLAN This field is inactive Guest VLAN ID This parameter specifies the VLAN ID that is designated as a Guest VLAN The range is 0 to 4093...

Страница 289: ...of clients on an authenticator port The range is 1 to 65535 seconds Server Timeout Sets the length of time the switch waits for a response from the authentication server The range is 1 to 65535 second...

Страница 290: ...rotocol transfers the task of authenticating network access from a network device to an authentication protocol server The AT S116 Management software comes with RADIUS client software You can use the...

Страница 291: ...rt Access Control Configuration on page 285 and RADIUS Client Configuration For more information about the RADIUS authentication protocol refer to the RFC 2865 standard RADIUS Client Configuration To...

Страница 292: ...packets contain an Account Status Type attribute that provides information related to a user s network access To enable or disable RADIUS Accounting Status perform the following procedure 1 From the...

Страница 293: ...cation protocol for enhancing the security of your network The protocol transfers the task of authenticating network access from a network device to an authentication protocol server TACACS is similar...

Страница 294: ...tions when configuring the TACACS server software on the authentication server Note This guide does not explain how to configure TACACS server software Refer to the documentation that comes with the T...

Страница 295: ...Server Port field that you want to assign to TCP You may only assign one port number to this parameter 5 Type the timeout interval in seconds for the TACACS server in the Timeout field This parameter...

Страница 296: ...h In this case the user name and password combinations are entered with an optional VLAN when they are defined Based on these entries the authentication process of a supplicant is done locally by the...

Страница 297: ...Dynamic VLAN field enter the VID of the VLAN which you will allow the user to access If you enter 0 this field will be ignored 6 Click the Add button The Dial in User page is refreshed See Figure 118...

Страница 298: ...to access 6 Click Apply 7 To permanently save these settings in the configuration file select Save Settings to Flash from the main menu to permanently save your changes Delete a Dial in User To delete...

Страница 299: ...ware prevents the switch from forwarding it and drops the packet You may want to block access to a device within your organization For instance you may not want users on the Sales group switch to have...

Страница 300: ...ess the Destination MAC Filter Page is updated with the MAC address 6 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes Delete Destination...

Страница 301: ...3 Select the Delete button next to the MAC address that you want to delete The MAC address is removed from the MAC address table 4 From the main menu on the left side of the page select Save Settings...

Страница 302: ...Chapter 21 Security 302...

Страница 303: ...guration This chapter contains the following sections Overview on page 304 General Guidelines on page 306 General Configuration on page 307 VLAN Setting on page 310 Trusted and Untrusted Port Configur...

Страница 304: ...g ways Directly to the legitimate trusted DHCP Server A network device relaying DHCP messages to and from a trusted server Another trusted source such as a switch with DHCP Snooping enabled Untrusted...

Страница 305: ...definition untrusted ports do not accept DHCP packets originating form a DHCP server and immediately drop them when they are detected The DHCP packets types that are not accepted are DHCPOFFER and DHC...

Страница 306: ...e relaying DHCP messages to and from a trusted server Another trusted source such as a switch with DHCP Snooping enabled Untrusted ports are connected to DHCP clients and to traffic that originates ou...

Страница 307: ...of the page select DHCP Snooping The DHCP Snooping folder expands 2 From the DHCP Snooping folder select General Settings The General Settings page is displayed See Figure 121 Figure 121 General Setti...

Страница 308: ...0 48 switch 4 From the Verify MAC Address field select one of the following choices from the pull down menu Enable The MAC address of each ingress ARP packet is validated when compared against the Bin...

Страница 309: ...into the DHCP packets Disable The AT S116 Management software does not insert the DHCP Option 82 information into the DHCP packets 8 Click Apply The values for the DHCP Snooping General Settings take...

Страница 310: ...expands 2 From the DHCP Snooping folder select VLAN Settings The VLAN Settings page is displayed See Figure 122 Figure 122 DHCP Snooping VLAN Settings Page 3 In the VLAN ID field enter a VLAN ID that...

Страница 311: ...nu on the left side of the page select DHCP Snooping The DHCP Snooping folder expands 2 From the DHCP Snooping folder select VLAN Settings The VLAN Settings page is displayed See Figure 122 on page 31...

Страница 312: ...terfaces The AT GS950 48 Trusted Interfaces page is displayed See Figure 123 for a partial view of this page Figure 123 AT GS950 48 Trusted Interfaces Page 3 From the Trust column select one of the fo...

Страница 313: ...124 Trusted Interfaces Page Example 5 If you choose to configure other switch ports as trusted or untrusted repeat Step 3 and Step 4 6 From the main menu on the left side of the page select Save Sett...

Страница 314: ...he following procedure describes how to configure the DHCP Snooping Binding Database on the AT GS950 48 switch for static IP addresses and how to view the MAC Address and IP Address information for al...

Страница 315: ...cted Type Because the IP Address being entered is static select Static 2 Click Add The static address information is entered into the Binding Database See Figure 126 for an example Figure 126 Binding...

Страница 316: ...the following Learned The host IP Address is dynamically assigned by the DHCP server Static The host IP Address is statically assigned See Static IP Addresses on page 314 for more information Lease Ti...

Страница 317: ...nected devices on the network and to store data that is learned about other devices This chapter provides the following information Overview on page 318 Global Configuration on page 319 Neighbors Info...

Страница 318: ...protocol That is the information transmitted in LLDP advertisements flows in one direction only from one device to its neighbors and the communication ends there Transmitted advertisements do not sol...

Страница 319: ...ation The LLDP port settings are on the bottom of the page See Figure 127 for a partial view of the LLDP Global Settings page Figure 127 AT GS950 48 LLDP Global Settings Page Perform the following pro...

Страница 320: ...ou have selected is now active 5 Below the Enable or Disable radio buttons you may adjust the following parameters as needed then click the Apply button in the area of these parameters Message TX Hold...

Страница 321: ...er to System Management Information on page 30 System Description This parameter lists the product name of the switch You cannot change this parameter Setting Port States Each port on the switch can b...

Страница 322: ...Chapter 23 LLDP 322 4 From the main menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Страница 323: ...the LLDP information is received from them Port This parameter specifies the AT GS950 48 local port number where the LLDP information was received Chassis ID Subtype This parameter describes the Chas...

Страница 324: ...Chapter 23 LLDP 324...

Страница 325: ...switch and its ports This chapter includes the following sections Overview on page 326 Traffic Comparison Statistics on page 327 Error Group Statistics on page 331 Historical Status Statistics on pag...

Страница 326: ...network traffic statistics charts There are three types of statistics charts Traffic Comparison Allows you to display a specified traffic statistic over all of the ports You can select 24 statistic ty...

Страница 327: ...rt To display traffic comparison statistics perform the following procedure 1 Select the Statistics Chart folder The Statistics Chart folder expands 2 From the Statistics Chart folder select Traffic C...

Страница 328: ...ts per second Outbound Non unicast Packet Rate Pkts s Measures the rate of outbound non unicast packets in packets per second Outbound Discard Rate Pkts s Measures the rate of outbound discarded packe...

Страница 329: ...t packets in packets per second Outbound Non unicast Packets Pkts Measures the number of outbound non unicast such as broadcast and multicast packets packets in packets per second Outbound Discards Pk...

Страница 330: ...ple Yellow Orange Gray Light Red Light Blue Light Green Light Yellow Light Gray 6 To create the Traffic Comparison chart click Draw See Figure 130 for an example of the Traffic Comparison chart with d...

Страница 331: ...display error group statistics for a port perform the following procedure 1 Select the Statistics Chart folder The Statistics Chart folder expands 2 From the Statistics Chart folder select Error Group...

Страница 332: ...s 15 seconds 30 seconds 5 To select the color of the Error Group chart select Color Choose one of the following colors Green Blue Red Purple Yellow Orange Gray Light Red Light Blue Light Green Light Y...

Страница 333: ...To display historical status statistics for a port perform the following procedure 1 Select the Statistics Chart folder The Statistics Chart folder expands 2 From the Statistics Chart folder select H...

Страница 334: ...ond Inbound Errors Pkts Measures the number of inbound errors in packets per second Outbound Octets Bytes Measures the number of outbound octet bits in bytes per second Outbound Unicast Packets Pkts M...

Страница 335: ...s 5 To select the color of the Historical Statistics chart select Color Choose one of the following colors Green Blue Red Purple Yellow Orange Gray Light Red Light Blue Light Green Light Yellow Light...

Страница 336: ...Chapter 24 Network Statistics 336 Figure 133 Historical Statistics Page Example 8 From the menu on the left side of the page select Save Settings to Flash to permanently save your changes...

Страница 337: ...er 25 Software Configuration Updates on page 339 Chapter 26 Cable Diagnostics on page 351 Chapter 27 LED ECO Mode on page 353 Chapter 28 Energy Efficient Ethernet on page 357 Chapter 29 Rebooting the...

Страница 338: ...338...

Страница 339: ...ge 341 Upgrade Firmware Image via TFTP on page 343 Download or Upload a Configuration File via HTTP on page 345 Download or Upload a Configuration File via TFTP on page 349 Note For information about...

Страница 340: ...de the AT S116 Management software or upload or download your configuration file Using a web browser via HTTP Using a TFTP server To perform one of these operations using HTTP you only need to have ac...

Страница 341: ...mask assigned either manually or via DHCP For instructions on how to set the IP address and subnet mask on a switch see Configuration of IPv4 Address Subnet Mask and Gateway Address on page 32 To enab...

Страница 342: ...meter as necessary Enter the path and the firmware file name or click the Browse button and select the file name 4 To begin the upgrade process on the switch click Apply The software begins to downloa...

Страница 343: ...116 image file on the TFTP server Start the TFTP server software before you begin the download procedure Caution Downloading a new version of management software onto the switch causes the device to r...

Страница 344: ...IPv6 address click IPv6 then enter the address using xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx hexadecimal format Image File Name The full name of the AT S116 file including the file extension you are...

Страница 345: ...ually or via DHCP For instructions on how to manually set the IP address and subnet mask on a switch see Configuration of IPv4 Address Subnet Mask and Gateway Address on page 32 To enable a DHCP clien...

Страница 346: ...Save Configuration File Message 2 Save the configuration file to your PC Clicking Save automatically saves the file to your PC without letting you choose the location Clicking Save As lets you choose...

Страница 347: ...mented immediately after upload A short interruption in network service will be experienced while the new configuration file is loaded Note If the IP address contained in the new configuration file is...

Страница 348: ...Chapter 25 Software Configuration Updates 348 4 If you cannot access the Configuration File Backup Restore via HTTP page refresh the page and log back into the AT S116 web interface...

Страница 349: ...ocedure 1 From the menu on the left side of the home page select the Tools folder The Tools folder expands 2 From the Tools folder select the Config File Backup Restore folder The Config File Backup R...

Страница 350: ...xxxx xxxx xxxx xxxx hexadecimal format 2 Select the Restore button 3 The software immediately begins to upload the configuration file from the TFTP server to the switch Caution If you are uploading a...

Страница 351: ...nfiguration file select Save Settings to Flash from the main menu on the left side of the page To run these cable diagnostics perform the following procedure 1 From the main menu on the left side of t...

Страница 352: ...n one pair of wires and another pair within the cable Cable Fault Distance This parameter specifies the distance from the switch port to the cable fault Cable Length This parameter specifies the lengt...

Страница 353: ...serve additional power on the port LEDs This eco friendly feature turns off the port LEDs on the switch to save power when they are not necessary The LED ECO Mode can be turned off when you need to se...

Страница 354: ...rom the Tools folder select LED ECO Mode The LED ECO Mode page is displayed See Figure 143 Figure 143 LED ECO Mode Page 3 Select Enabled from the LED ECO Mode pull down menu 4 Click Apply The port LED...

Страница 355: ...From the Tools folder select LED ECO Mode The LED ECO Mode page is displayed See Figure 145 Figure 145 LED ECO Mode in Enabled State 3 Select Disabled from the LED ECO Mode pull down menu 4 Click App...

Страница 356: ...Chapter 27 LED ECO Mode 356...

Страница 357: ...l retains full network performance When EEE is enabled the power reduction results from putting the circuitry driving the Ethernet line into Sleep mode when there is no data activity When data activit...

Страница 358: ...ls folder The Tools folder expands 2 From the Tools folder select IEEE 802 3az EEE The IEEE 802 3az EEE page is displayed See Figure 147 Figure 147 IEEE 802 3az EEE Page 3 Select Enabled from the IEEE...

Страница 359: ...ect the Tools folder The Tools folder expands 2 From the Tools folder select IEEE 802 3az EEE The IEEE 802 3az EEE page is displayed See Figure 147 on page 358 3 Select Disabled from the IEEE 802 3az...

Страница 360: ...Chapter 28 Energy Efficient Ethernet 360...

Страница 361: ...al factory default settings There are two ways to accomplish this Press the front panel eco friendly button for more than 10 seconds and release it Reboot the switch in the AT S116 management software...

Страница 362: ...r changes All configuration parameters that have not been previously saved are lost After the switch is reboots they are reset to the values stored in the flash memory Caution This procedure causes th...

Страница 363: ...e Two additional options are available in the Reboot Type field The procedures for these options are described in Configure Factory Default Values 5 Click Apply The switch immediately begins to reload...

Страница 364: ...lower part of the page to the Reboot section 4 In the Reboot Type field use the pull down menu to select one of the following options Normal This setting reloads all configuration parameters that are...

Страница 365: ...tings are managed by the DHCP server 5 Click Apply The switch begins the reboot process You must wait approximately two minutes for the switch to complete the reboot process before you can re establis...

Страница 366: ...disabled However you can still reset the switch via the management software without affecting the switch s configuration The factory default reset can be enabled again by using the password that you i...

Страница 367: ...r entering a password See Figure 149 Figure 149 Factory Default Reset Reboot Page with Password Entry 5 In the New Password field enter a password of up to 12 characters in length It is case sensitive...

Страница 368: ...oose to Enable it perform the following procedure 1 From the main menu on the left side of the page select the Tools folder The Tools folder expands 2 From the Tools folder select Reboot The Factory D...

Страница 369: ...Reset Reboot Page is displayed with the Factory Default Reset field Enabled See Figure 148 on page 362 In the Reboot section the Reboot Type field now includes the options presented in its pull down...

Страница 370: ...Chapter 29 Rebooting the AT GS950 48 370...

Страница 371: ...the default VLAN and within the same local area network as your switch In other words the port on the switch through which the node is communicating with the switch must be an untagged or tagged memb...

Страница 372: ...r a response before assuming that a ping has failed Number of Ping Requests Specifies the number of ping requests you want the switch to perform 4 Click Start 5 To view the ping results click Show Pin...

Страница 373: ...STI on page 376 General Guidelines on page 379 VLAN and MSTI Associations on page 380 Ports in Multiple MSTIs on page 381 Multiple Spanning Tree Regions on page 382 Associating VLANs to MSTIs on page...

Страница 374: ...using tagged ports which can handle traffic from multiple VLANs simultaneously The drawback to this approach is that the link formed by the tagged ports can create a bottleneck to your Ethernet traffi...

Страница 375: ...erface User Guide 375 Note The implementation of MSTP in the management software complies fully with the new IEEE 802 1s standard and should be interoperable with any other vendor s fully compliant 80...

Страница 376: ...o VLANs Sales and Production The ports of each VLAN on each switch are connected with a direct link using untagged ports If the switches were running STP or RSTP one of these two links would be blocke...

Страница 377: ...Ns Assigned to an MSTI An MSTI can contain more than one VLAN This is illustrated in Figure 156 on page 378 where there are two AT GS950 48 switches with four VLANs There are two MSTIs each containing...

Страница 378: ...the VLAN parts are made with tagged not untagged ports so that they can carry traffic from more than one virtual LAN Referring again to Figure 156 the tagged link in MSTI 1 is carrying traffic for bot...

Страница 379: ...at a time A switch port can belong to more than one spanning tree instance at a time by being an untagged and tagged member of VLANs belonging to different MSTIs This is possible because a port can be...

Страница 380: ...of the task of configuring MSTP involves assigning VLANs to spanning tree instances The mapping of VLANs to MSTIs is called associations A VLAN either port based or tagged can belong to only one insta...

Страница 381: ...as generic parameters These are set just once on a port and apply to all the MSTIs in which the port is a member One of these parameters is the external path cost which sets the operating cost of a po...

Страница 382: ...used to keep track of the revision level of a region s configuration For example you might use this value to maintain the number of times you revise a particular MSTP region It is important that each...

Страница 383: ...port and the bridge connected to the port as belonging to another region The same is true for any ports connected to bridges running the single instance spanning tree STP Those ports are also conside...

Страница 384: ...is used to determine the root bridge for an entire bridged network the MSTI priority is used only to determine the regional root for a particular MSTI The range for this parameter is the same as the R...

Страница 385: ...en different regions and between regions and single instance spanning tree to form one spanning tree for the entire bridged network MSTP uses CIST to form the spanning tree of an entire bridged networ...

Страница 386: ...and the bridge as belonging to a different region An MSTP region can be considered as a virtual bridge The implication is that other MSTP regions and STP and RSTP single instance spanning trees canno...

Страница 387: ...and has been assigned to MSTI ID 10 and port 8 is a member of VLAN 3 assigned to MSTI ID 10 The BPDUs transmitted by port 8 to switch B indicate that the port is a member of both CIST 0 and MSTI 15 w...

Страница 388: ...etermining whether a loop exists The result would be that the switch detects a loop because the other port is also receiving BPDU packets from CIST 0 Switch B would block port 3 to cancel the loop To...

Страница 389: ...th MSTI 4 Port 6 is a tagged and untagged member of two different VLANs both associated to MSTI 12 If both switches were a part of the same region there would be no problem because the ports reside in...

Страница 390: ...t group the 3 VLANs in MSTI 12 and in Region 2 you could group them into MSTI 16 After they are grouped you can connect the VLANs across the regions using a link of untagged tagged ports as shown in F...

Страница 391: ...the forwarding state for another spanning tree instance A network can contain any number of regions and a region can contain any number of AT GS950 48 switches The AT GS950 48 switch can belong to on...

Страница 392: ...Appendix A MSTP Overview 392...

Страница 393: ...1 4 167 1 3 6 1 4 207 1 4 166 1 3 6 1 4 207 1 4 165 1 3 6 1 4 207 1 4 167 1 3 6 1 4 1 207 1 4 203 1 3 6 1 4 1 207 1 4 199 1 3 6 1 4 1 207 1 4 204 System Name none 0 15 characters System Location none...

Страница 394: ...Web Server Status Enabled Enabled Disabled Web Idle Timeout 10 Minutes 3 60 Minutes System System Time Clock Mode Local Time SNTP Local Time Date Setting YYYY MM DD 2009 1 1 Time Setting HH MM SS 00 1...

Страница 395: ...System DHCP Auto Configuration Settings Auto Configuration State Disabled Enabled Disabled System System Log Configuration Syslog Status Disabled Enabled Disabled Time Stamp Enabled Enabled Disabled...

Страница 396: ...abled Flow Control Disabled Enabled Disabled EAP Pass Disabled Enabled Disabled BPDU Enabled Enabled Disabled Bridge Spanning Tree RSTP Global RSTP Status Disabled Enabled Disabled Protocol Version RS...

Страница 397: ...1 1 31 Bridge Priority 32768 0 61440 Configuration Name MAC Address of AT GS950 48 switch Revision Level 0 0 65535 Bridge Maximum Age 20 Seconds 6 40 Seconds Bridge Forward Delay 15 Seconds 4 30 Secon...

Страница 398: ...32768 System ID MAC Address of AT GS950 48 switch Port Priority 0 0 65535 Bridge Mirroring Mirroring Status Disabled Enabled Disabled Mirroring Port 1 All 1 48 Ingress Mirrored Port All 1 48 Egress Mi...

Страница 399: ...ing IGMP Snooping Status Disabled Enabled Disabled IGMP Snooping Age Out Timer 260 seconds 130 153025 seconds Querier Status Disabled Enabled Disabled Query Interval 125 seconds 6 600 seconds Max Resp...

Страница 400: ...Port Based VLAN on any port Tagged VLAN ID none 2 4093 Tagged VLAN Name none 0 32 characters Tagged Management VLAN Enabled on DefaultVLAN Disabled on all other VLANs Always Enabled on Default VLAN E...

Страница 401: ...000 milli seconds 40 2147483640 milli seconds Bridge QoS QoS Status Disabled Enabled Disabled Queue for Traffic Classes Low Low Medium High Highest Port Priority 0 0 7 DSCP Mapping Queue Low Low Mediu...

Страница 402: ...munity Table Community Name none 1 32 characters User Name View Policy none 1 32 characters SNMP Trap Management Trap Enabled Enabled Disabled Host IP Address none IPv4 address in xxx xxx xxx xxx form...

Страница 403: ...x xxxx xxxx xxxx xxxx hex format Source IP Mask Length none 1 32 Destination IP Address none IPv4 address in xxx xxx xxx xxx hex format IPv6 address in xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx hex form...

Страница 404: ...History Interval none 1 3600 seconds History Owner none Alarms Index none 1 65535 Alarms Interval none 1 to 2147483647 seconds Alarms Variable none Alarms Sample Type Absolute value Absolute value Del...

Страница 405: ...mat Security Port Access Control NAS ID fsNas1 1 16 characters Port Access Control Disabled Disabled Enabled Port Access Control Authentication Method Local Local Radius TACACS Port Number port 1 port...

Страница 406: ...gnore RADIUS Server IP 0 0 0 0 IPv4 address in xxx xxx xxx xxx hex format IPv6 address in xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx hex format RADIUS Server Port 1812 1 65535 RADIUS Accounting Port 1813...

Страница 407: ...ed Disabled General Setting Verify MAC Address Enabled Enabled Disabled General Setting Backup Database Disabled Enabled Disabled General Setting Database Update Interval 1200 seconds 600 86400 second...

Страница 408: ...elay 2 seconds 1 8192 seconds Global Settings Port State Disabled Disabled RxTx RxOnly TxOnly Statistics Chart Traffic Comparison Statistics Inbound Octet Rate Bytes s 24 statistics Traffic Comparison...

Страница 409: ...on OS file name limitation Firmware Upgrade via TFTP Retry Count none 1 20 Configuration File Upload Download via HTTP Select File none Configuration File Upload Download via TFTP TFTP Server IP none...

Страница 410: ...lt Except IP Ping Destination IP Address 0 0 0 0 IPv4 address in xxx xxx xxx xxx hex format IPv6 address in xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx hex format Ping Timeout Value 3 seconds 1 5 seconds...

Отзывы:

Нет отзывов

Похожие инструкции для AT-GS950/48

Бренд: C&H Technologies Страницы: 46

Бренд: Quectel Страницы: 23

SINUS H PROFInet

Бренд: Enertronica Santerno Страницы: 34

Бренд: WABCO Страницы: 29

Бренд: Kramer Страницы: 2

301300U - Ethernet Disk NAS Server

Бренд: LaCie Страницы: 62

DiamondLink 3201

Бренд: Patton Страницы: 12

Ezi-SERVOII EtherCAT TO

Бренд: Fastech Страницы: 108

Бренд: Global411 Страницы: 15

Бренд: TP-Link Страницы: 57

Бренд: Ubiquiti Страницы: 20

Бренд: Milesight Страницы: 15

TE100S8P - Fast Ethernet Switch

Бренд: TRENDnet Страницы: 11

Бренд: CopperOptics Страницы: 12

Fast EtherLink XL PCI 10/100BASE-TXNetwork Interface...

Бренд: 3Com Страницы: 12

Бренд: Hama Страницы: 7

Wireless Kit 108MBPS

Бренд: Topcom Страницы: 100

Бренд: NetComm Wireless Страницы: 154

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды