Asus GIGAX2024B Скачать руководство пользователя страница 60

Страница: 60 / 102

GigaX2024B L2 Managed Switch User Manual

4.8.4 Port security

The switch also supports port security feature. It enables a systemʼs

administrator to control who can connect to their network. You can use the

port security feature to restrict input to an interface by limiting and identifying

MAC addressed of the stations allowed to access the port. When you assign

secure MAC addresses to a secure port, the port does not forward with source

addresses outside the group of deﬁned addresses. This decreases the possibility

that a non-authorized device can use our network for malicious purposes.

4.8.4.1 Port conﬁguration

The page is used to conﬁgure port security conﬁguration.
First, you must select a port by clicking it from the following table. Then, begin

to set the port configuration. Please click

Modify

when youʼre done with the

modiﬁcations:

a) Admin: Enable or disable port security feature.
b) Violation Mode: It decides the port behavior when security violation happens.

If “Shutdown” is selected, the port becomes blocking state and system

logs a syslog message, and increments the violation counter. If “Restrict” is

selected, a syslog message is logged, and the violation counter increments.

If “Protect” is selected, you are not notified that a security violation has

occurred.

c) Max MAC Address: The maximum numbers of secure MAC addresses on

this port. It is between 1 and 132 and the total number in the system is 1024.

d) Aging Time: The aging time for this port. After the expiration of the time, the

corresponding dynamic secure MAC address will be removed from secure

MAC address table. The valid range is 0 to 1440(mins). If the time is equal

to 0, the aging mechanism is disabled for this port.

e) Aging Type: The aging type determines the action when the secure MAC

addresses are aged out. If “Absolute” is selected, the secure addresses on

the port are deleted after the speciﬁed aging time. If “Inactivity” is selected,

the secure addresses in the port are deleted only if there is no data trafﬁc

from the secure source MAC address for the speciﬁed time period.

Click

to make the settings permanent. Click

Reload

to refresh the settings to

current value.

Содержание GIGAX2024B

Страница 1: ...GigaX2024B User Manual Layer 2 Managed Switch ...

Страница 2: ...bility or fitness for a particular purpose In no event shall ASUS its directors ofﬁcers employees or agents be liable for any indirect special incidental or consequential damages including damages for loss of profits loss of business loss of use or data interruption of business and the like even if ASUS has been advised of the possibility of such damages arising from any defect or error in this ma...

Страница 3: ...pment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment to an outlet on a circuit different from that ...

Страница 4: ...l tmd1 asus com Web Site usa asus com Technical Support Support Fax 1 502 933 8713 General Support 1 502 995 0883 Notebook Support 1 510 739 3777 x5110 Support Email tsd asus com ASUS COMPUTER GmbH Germany and Austria Address Harkort Str 25 D 40880 Ratingen BRD Germany General Fax 49 2102 9599 31 General Email sales asuscom de for marketing requests only Technical Support Support Hotlines Componen...

Страница 5: ...1 Installing the hardware 6 3 1 1 Installing the switch on a ﬂat surface 6 3 1 2 Mounting the switch on a rack 6 3 2 Part 2 Setting up the switch 6 3 2 1 Connect the console port 6 3 2 2 Connect to the computers or a LAN 7 3 2 3 Attach the RPS module 7 3 2 4 Attach the power adapter 7 3 3 Part 3 Basic switch setting for management 8 3 3 1 Setting up through the console port 8 3 3 2 Setting up thro...

Страница 6: ...dge parameters 21 4 5 1 4 Port parameters 22 4 5 1 5 Runtime status 23 4 5 2 Link aggregation static 23 4 5 3 LACP 25 4 5 4 Mirroring 26 4 5 5 Static multicast 27 4 5 6 IGMP snooping 28 4 5 7 Trafﬁc control 29 4 5 8 Dynamic addresses 29 4 5 9 Static addresses 30 4 5 10 VLAN conﬁguration 31 4 5 11 GVRP 32 4 5 12 QoS and CoS 33 4 5 12 1 802 1p priority 33 4 5 12 2 CoS queue mapping 34 4 5 12 3 QoS b...

Страница 7: ...4 4 8 2 Dial in user 46 4 8 3 RADIUS 47 4 8 4 Port security 48 4 8 4 1 Port conﬁguration 48 4 8 4 2 Port status 49 4 8 4 3 Secure MAC address 50 4 9 Trafﬁc chart 51 4 9 1 Trafﬁc comparison 51 4 9 2 Error group chart 52 4 10 Cable diagnosis 53 4 11 Save conﬁguration 53 5 Console interface 54 5 1 Power on self test 54 5 1 1 Boot ROM command mode 54 5 1 2 Boot ROM commands 55 5 2 Login and logout 56 ...

Страница 8: ...8 5 3 3 6 exit 58 5 3 3 7 help 58 5 3 3 8 host name 58 5 3 3 9 System contact 58 5 3 3 10 System Location 59 5 3 3 11 IP address and network mask 59 5 3 3 12 Default gateway 59 5 3 3 13 reboot 59 5 3 3 14 reload default conﬁg ﬁle 60 5 3 3 15 show running conﬁg 60 5 3 3 16 write 60 5 3 3 17 Assign a new user account 60 5 3 3 18 Delete a new user account 60 5 3 4 Physical interface commands 60 5 3 4...

Страница 9: ...gation group 63 5 3 7 2 trunk load balancing 64 5 3 7 3 show aggregation link trunk 64 5 3 8 LACP 64 5 3 8 1 lacp aggregation link trunk 64 5 3 8 2 disable lacp aggregation link trunk 64 5 3 8 3 lacp system priority 64 5 3 9 Mirroring 65 5 3 9 1 Mirror setting 65 5 3 9 2 Show mirror 65 5 3 9 3 No mirror 65 5 3 9 4 No mirror 65 5 3 10 Static Multicast 65 5 3 10 1 mac address table multicast 65 5 3 ...

Страница 10: ...atic addresses 68 5 3 14 1 add static mac address 68 5 3 14 2 show mac address table 68 5 3 15 VLAN 68 5 3 15 1 show vlan name string 68 5 3 15 2 vlan vid 68 5 3 15 3 name string 69 5 3 15 4 access vlan 69 5 3 15 5 allowed VLANs 69 5 3 16 GVRP 69 5 3 16 1 clear gvrp statistics 69 5 3 16 2 gvrp mode 69 5 3 16 3 show gvrp conﬁguration 70 5 3 16 4 show gvrp statistics 70 5 3 17 CoS QoS 70 5 3 17 1 qu...

Страница 11: ...5 3 20 2 dot1x max req 73 5 3 20 3 dot1x port control 73 5 3 21 Dial in user 73 5 3 21 1 dot1x username password 73 5 3 21 2 show dot1x user 73 5 3 22 RADIUS 74 5 3 22 1 RADIUS settings 74 5 3 22 2 show dot1x radius 74 5 3 23 Port security 74 5 3 23 1 show port security 74 5 3 23 2 clear port security 74 5 3 23 3 switchport port security 75 5 3 23 4 switchport port security aging 75 5 4 Miscellane...

Страница 12: ...2 Managed Switch User Manual x 6 2 Subnet masks 77 7 Troubleshooting 79 7 1 Diagnosing problems using IP utilities 79 7 1 1 ping 79 7 1 2 nslookup 80 7 2 Replacing defective fans 81 7 3 Simple ﬁxes 83 8 Glossary 85 ...

Страница 13: ...d 2 x 10 100 1000BASE T auto sensing gigabit Ethernet switching ports Two small form factor SFP gigabit interface converter GBIC slots Automatic MDI MDIX support for All ports Compliant with 802 3z and 802 3ab speciﬁcations 802 1D transparent bridge STP RSTP MSTP 16K MAC address cache with hardware assisted aging 802 3x ﬂow control 802 1Q based tagged VLAN up to 255 VLANs 802 1p class of service 4...

Страница 14: ...N and network are used interchangeably to refer to a group of Ethernet connected computers at one site 1 2 2 Typography Boldface type text is used for items you select from menus and drop down lists and text strings you type when prompted by the program 1 2 3 Symbols This document uses the following icons to call your attention to specific instructions or explanations Provides clarification or add...

Страница 15: ...witch package comes with the following items GigaX 2024B L2 managed switch AC power cord Null modem cable for console interface DB9 Rack installation kit two brackets with six 6 32 screws USB cable for console interface Installation CD ROM Quick installation guide Figure 1 GigaX L2 managed switch package contents ...

Страница 16: ...ndant power supply Amber ON ThePSUisabnormalandtheswitchispoweredbyRPS OFF No power system LED is also off RPS does not work properly or not installed system LED is on FAN Green ON Both fans are working properly Amber ON Both or either one of the fans stopped 10 100 ports Green ON Ethernet link is established Flashing Data is being transmitted received OFF No Ethernet link 10 100 1000 port status ...

Страница 17: ...pply connector 2 4 Technical speciﬁcations Table 3 Technical speciﬁcations Physical Dimensions 43 5mm H x 444 mm W x 322mm D Power Input Consumption 100 240V AC 2 5A 50 60Hz 50 watts Redundant Power Supply RPS Input Output 100 240V AC 1 8A 50 60Hz 12V DC 12 5A Environmental Ranges Operating Storage Temperature 0 to 40 C 32 to 122 F 25 to 70 C 40 to 158 F Humidity 15 to 90 0 to 95 Altitude up to 10...

Страница 18: ...urface The switch must be installed on a level surface that can support the weight of the switch and its accessories Attach four rubber pads on the marked location on the bottom of the switch 3 1 2 Mounting the switch on a rack 1 Position the bracket posts with the holes on both sides of the switch 2 Use three screws to secure the bracket to the switch 3 Repeat the above steps for the other side o...

Страница 19: ...S module Connect your Redundant Power Supply RPS module optional to the RPS jack on the rear panel of the switch and make sure the other end of the RPS is connected to the power cord Connect to the power cord to a grounded power outlet 3 2 4 Attach the power adapter 1 Connect the AC power cord to the POWER receptacle on the back of the switch and plug the other end of the power cord into a wall ou...

Страница 20: ...d IE5 0 or higher version Command Line Interface using console port to conﬁgure the switch 3 3 1 Setting up through the console port 1 Use the supplied crossover RS 232 cable to connect to the console port on the back of the switch This port is a male DB 9 connector implemented as a data terminal equipment DTE connection Tighten the retaining screws on the cable to secure it on the connector Conne...

Страница 21: ... switch IP is 192 168 1 1 and the network mask is 255 255 255 0 Then you should type ip address 192 168 1 1 24 e Type end it will return to previous level with prompt ASUS f Type write the changes will be applied and written to conﬁguration ﬁle g Type reboot If the switch has to be managed across networks then a default gateway or a static route entry is required Follow these steps to assign a def...

Страница 22: ...atically download and installs it It means that your PC should be able to reach the web site If the Internet is not available you should prepare it on diskette and install it Java Runtime Environment is necessary to install on you PC to access Web configuration manager You can install it from support CD packed with the main device 2 At any PC connected to the network that the switch can access ope...

Страница 23: ...ction 6 3 1 System Commands The browser will download java applet from the switch and this will take several seconds 3 To setup a new IP address click System then IP Setup Fill in the IP address network mask and default gateway then click OK 4 When the new address is applied to the switch the browser can no longer update the switch status window or retrieve any page You need to retype the new IP a...

Страница 24: ...ollowing in the web address or location box and press Enter http 192 168 1 1 This is the factory default IP address for the switch A login screen displays as shown in Figure 8 Figure 8 Conﬁguration manager login screen 2 Enter your user name and password then click OK Use the following defaults the first time you log into the system You can change the password at any time through CLI interface see...

Страница 25: ...er window all the times and updates the LED status periodically See Table 4 for the LED deﬁnitions See Table 5 for the color status description Figure 11 Port selection panel Table 5 Port color description Port Color Description Green Ethernet link is established Amber Link is present but port is disabled manually or by spanning tree OFF No Ethernet link Clicking on the port icon of the switch dis...

Страница 26: ...ation Table 6 Commonly used buttons and icons Button Icon Description Stores any changes you have made on the current page Re displays the current page with updated statistics or settings Modiﬁes the existing conﬁguration in the system e g a static route or a ﬁlter ACL rule and etc Adds the existing conﬁguration to the system e g a static MAC address or a ﬁrewallACLrule and etc Adds the existing c...

Страница 27: ...ystem editable System Contact editable System Location editable Click on OK to make the setting effective immediately Click on Reload to refresh the setting to current value as shown in Figure 13 Figure 13 Management 4 3 2 IP setup The IP Setup page contains the following editable information DHCP Client Enables or disables DHCP IP Address Assigns a static IP address to the switch Network Mask Def...

Страница 28: ...hows the hardware revision number Boot ROM Version shows the version of the boot code Firmware Version shows the current running firmware version This number renews automatically after ﬁrmware update is complete Enter the TFTP server IP address and ﬁrmware name Click Upgrade to update the switch ﬁrmware See Figure 15 for reference For example TFTP Server 192 168 1 155 File name gx2024b 3 2 02 0a i...

Страница 29: ... disable DHCP snooping function DHCP Snooping assign the selected port to be untrusted or trusted port Select the corresponding port number and configure the port setting then click on the Modify button The ﬁeld you change will update the content of the display window However the new settings do not take effect until the Save Conﬁguration is executed Runtime Status Window displays the following in...

Страница 30: ...18 GigaX2024B L2 Managed Switch User Manual Figure 17 Physical interface runtime status ...

Страница 31: ...le or enable STP There are three modes STP RSTP and MSTP can be enabled If MSTP is enabled the following four attributes are enabled at the same time Region Name An alphanumeric conﬁguration name Revision A conﬁguration revision number Instance ID A STP instance you can configure MSTP on your switch to map multiple VLANs into a single STP instance VLAN Group A group associates each of the potentia...

Страница 32: ...t bridge which include Instance ID The VLAN group belong to which instance ID MAC Address of root bridge Priority of root bridge Maximum age of root bridge Hello timer of root bridge Forwarding delay timer of root bridge Path cost of root bridge Root port of the bridge Figure 19 Spanning tree current roots ...

Страница 33: ...tion of conﬁguration BPDU Max Age a timeout value to be used by all Bridges in the LAN Forward Delay a timeout value to be used by all bridges in the LAN Bridge Priority the switch priority in the LAN Transmission Limit The root switch of the instance always sends a BPDU or M record with a cost of 0 and the transmission limit set to the maximum value Figure 20 Spanning tree bridge parameters ...

Страница 34: ...rity is more likely to be blocked by STP if a network loop is detected The valid value is from 0 to 240 Path Cost the valid value is from 1 to 65535 RSTP 200000000 The higher cost is more likely to be blocked by STP if a network loop is detected Link Type By default the link type is determined from the duplex mode of the interface a full duplex port is considered to have a point to point connectio...

Страница 35: ...e Port these port icons are listed the same way as on the front panel You have to click on the icon to select the group members The port can be removed from the group by clicking the selected port again Click OK to make the setting send to the connected switch Click Reload to refresh the settings to current value To make the conﬁguration effective go to Save Conﬁguration page and click Save You ha...

Страница 36: ... the ports in full duplex force mode then the link partner MUST have the same setting Otherwise the link aggregation could operate abnormally All the ports in the link aggregation group MUST have the same VLAN setting All the ports in the link aggregation group are treated as a single logical link That is if any member changes an attribute the others will change also For example a trunk group cons...

Страница 37: ...eriﬁcation Port Selection Criterion the algorithm to distribute packets among the ports of the link aggregation group according to source MAC address destination MAC address source and destination MAC address source IP address destination IP address or source and destination IP address Trunk ID a number to identify the trunk group besides the group name Port these port icons are listed the same wa...

Страница 38: ...24B only Mirror Mode Enables or disables the mirror function for the selected group Monitor Port Receives the copies of all the trafﬁcs in the selected mirrored ports The monitor port can not belong to any link aggregation group The monitor port can not belong to any Private VLAN The monitor port can not operate as a normal switch port It does not switch packets or do address learning Click OK to ...

Страница 39: ... speciﬁed multicast packets to other ports in the group Port selects the port from selection panel Or select an existing group address from list panel to display VLAN selects the VLAN group it is VLAN based feature MAC Address assigns the multicast address CoS assigns the priority for Class of Service Click OK to make the setting effective Click Reload to refresh the settings to current value Figu...

Страница 40: ...s an IGMP leave message from a subscriber on a receiver port it sends out an IGMP query on that port and waits for IGMP group membership reports If no reports are received in a conﬁgured time period the receiver port is removed from multicast group membership The second part provides the following settings Status If global snooping is enabled you can enable or disable VLAN snooping Immediate leave...

Страница 41: ... the conﬁguration effective go to Save Conﬁguration page then click Reload Figure 28 Trafﬁc Control 4 5 8 Dynamic addresses This page displays the result of dynamic MAC address lookup by port VLAN ID or speciﬁed MAC address The dynamic address is the MAC address learned by switch it will age out from the address table if the address is not learned again during the age time User can set the age tim...

Страница 42: ... the Add when you create a new static MAC address by the above information Then you will see the new added entry shows in the address window You can remove the existed address by selecting the entry with the mouse then clicking on Remove The Modify button updates the existed MAC address entries You can look up a static address entry by MAC address and VLAN ID then click on the Query Click OK to ma...

Страница 43: ...ll be tagged blank type This port is not a member of the VLAN group If one untagged port belongs to two or more VLAN groups at the same time it will confuse the switch and cause ﬂooding trafﬁcs To prevent it the switch only allows one untagged port belongs to one VLAN at the same time If you want to assign an untagged port from one VLAN to another you have to remove it from the original VLAN or ch...

Страница 44: ...ort Mode enables disables GVRP on the individual 802 1Q trunk port GVRP must be conﬁgured on both sides of the trunk to work correctly Registration By default GVRP ports are in normal registration mode These ports use GVRP join messages from neighboring switches to prune the VLANs running across the 802 1Q trunk link If the device on the other side is not capable of sending GVRP messages or if you...

Страница 45: ...before the other queues are serviced You can use the strict priority queue for mission critical and time sensitive trafﬁc There are three options First Come First Service the ﬁrst come frame has the highest priority High Priority First Packetʼs priority depends on its CoS value Weighted Round Robin WRR If WRR scheduling algorithm is enabled the ratio of the weights is the ratio of frequency in whi...

Страница 46: ...iority scheduler That is each CoS value can map into one of the four queues For strict priority the queue four has the highest priority to transmit the packets Click OK to save the conﬁguration To make the conﬁguration effective go to Save Conﬁguration page and click Save The CoS values range from 0 for low priority to 4 for high priority Figure 35 CoS Queue Mapping ...

Страница 47: ...w to conﬁgure Ingress Bandwidth Maximum ingress bandwidth for selected port Default CoS every untagged packet received from this port will be assigned to this CoS value in the VLAN tagged Click on Modify to change the content in the port list window Click on OK to save the configuration To make the configuration effective go to Save Conﬁguration page and click Save Figure 36 QoS Bandwidth ...

Страница 48: ... configuration including Community Table Host Table and Trap Setting 4 6 1 Community table You can type different community names and specify whether the community has the privilege to do set action write access by checking the box Click OK to save the conﬁguration permanently or Reload to refresh the page ...

Страница 49: ...ommunity name from the drop down list Click OK to save the configuration permanently or Reload to refresh the page Figure 38 Host table 4 6 3 Trap setting By setting trap destination IP addresses and community names you can enable SNMP trap function to send trap packets in different versions v1 or v2c Click to save the conﬁguration permanently or to refresh the page Figure 34 Trap setting ...

Страница 50: ... View belongs Included or Excluded when View Subtree matches the Oid in the SNMPv3 message View Subtree enter the View Subtree that the View belongs The Subtree is the Oid to match the Oid in the SNMPv3 message The match is good when the subtree is shorter than the Oid in the SNMPv3 message Click on the Add when you create a new VACM View entry by the above information Then you will see the new ad...

Страница 51: ...r the Security Model Name that the Group belongs Any is suitable for v1 v2 v3 USM is SNMPv3 related Security level enter the Security level Name that the Group belongs Only NoAuth AuthNopriv AuthPriv can be chosen Click on the Add when you create a new VACM group entry by the above information Then you will see the new added entry shows in the group window You can remove the existed group by selec...

Страница 52: ...an be chosen If the NoPriv is chosen there is no need to enter password Priv Password enter the password that the Priv Protocol belongs The password needs at least 8 characters or digits Security level enter the Security level Name that the Group belongs Only NoAuth AuthNopriv AuthPriv can be chosen Click on the Add when you create a new VACM group entry by the above information Then you will see ...

Страница 53: ... can check the IP Filter and give an ID Name then clicking on Add Click OK to save the conﬁguration permanently or Reload to refresh the page Please click OK before editing Click on a ﬁlter set to select the set you want to edit or remove Second click on Edit to enter the rule page or click on Remove to remove the ﬁlter set You have to follow the rules to make a valid ﬁlter set One set consists of...

Страница 54: ...e application port and destination application port The Action ﬁeld determines if the packet should be dropped or forwarding when it matches the rule If a packet matches two rules with different action the packet will follow the rule showed ﬁrst in the rule list Figure 44 Filter rule in MAC mode Figure 45 Filter rule in IP mode Two examples tell us about the how of IP provisioning 1 Assign a dedic...

Страница 55: ...s of the system Attach to certain ports you can specify the ingress ports to be applied Detach from all ports remove all the ﬁlters from the attached ports You may not detach certain ports after issuing an Attach All command If you wish to detach ports use the Detach All command Once the filter set is attached to the ingress ports it will filter the packets according to the ingress port and the pa...

Страница 56: ...ʼre done with the modiﬁcations Port Specify which port to conﬁgure from port list window Multi host If enabled ALL hosts connected to the selected port are allowed to use the port if ONE of the hosts passed the authentication If disabled only ONE host is allowed to use the port Authentication Control If ForceAuthorized is selected the selected port is forced authorized Thus traffic from all hosts ...

Страница 57: ...ication request to the port user Max Reauthent Attempt Retry count if the port user failed to respond to authentication requests from the switch Guest Vlan Specify a guest VLAN to clients that are not 802 1x capable Click OK to make the settings permanent Click Reload to refresh the settings to current value Figure 47 Port Access Control ...

Страница 58: ...e new user Conﬁrm Password Enter the password again Vlan ID Specify the VLAN ID assigned to the 802 1x authenticated clients Please click Add to add the new user Click Modify when youʼre done with the modiﬁcations Click Remove when you want to remove the selected user Click OK to make the settings permanent Click Reload to refresh the settings to current value Figure 48 Dial In user ...

Страница 59: ...he port number for the RADIUS server is listening to Authentication Server Key The key is used for communications between GigaX and the RADIUS server Conﬁrm Authentication Key Re type the key entered above The VLAN of the RADIUS server connected to the switch must be the same as the VLAN of the system management interface Please click OK to make the settings permanent Click Reload to refresh the s...

Страница 60: ...ns If Shutdown is selected the port becomes blocking state and system logs a syslog message and increments the violation counter If Restrict is selected a syslog message is logged and the violation counter increments If Protect is selected you are not notified that a security violation has occurred c Max MAC Address The maximum numbers of secure MAC addresses on this port It is between 1 and 132 a...

Страница 61: ...curity is conﬁgured to be enabled but could not be enabled due to certain reasons such as conﬂict with other features d Restrict This indicates that the port occurs port security violation when the violation mode is ʻrestrictʼ e Shutdown This indicates that the port is shutdown due to port security violation when the violation mode is ʻshutdownʼ When some port status is Shutdown you can click it a...

Страница 62: ...ll show all MAC addresses on this port b Add User can select some port by Port Selection ﬁeld and input a MAC address to add on MAC Address ﬁeld After push Add button the MAC address will add on the selected port and the type of the MAC is static c Remove You can use Query function to display all the MAC addresses on some port Selecting a MAC from list and pushing Remove button it will be removed ...

Страница 63: ...ck Refresh Rate to set the period for retrieving new data from the switch You can differentiate the statistics or ports by selecting Color Finally click on Draw to let the browser to draw the graphic chart Each new Draw will reset the statistics display 4 9 1 Trafﬁc comparison This page shows the one statistics item for all the ports in one graphic chart Specify the statistics item to display and ...

Страница 64: ...ll the discards or error counts for the speciﬁed port The data is updated periodically Figure 54 Error group chart 4 9 3 Historical status You can display information for different ports and statistics items in this chart Since this shows the history of the statistics information the line chart keeps the old data even it is refreshed Figure 55 Historical status ...

Страница 65: ...o save configuration permanently you have to click Save The setting also takes effective after a successful save Sometimes you may want to reset the switch configuration you can click on Restore to reset the configuration file to factory default Of course a system reboot will follow this restoration process You will lose all the conﬁgurations when you choose to restore the factory default conﬁgura...

Страница 66: ...ery useful when you are not familiar with the CLI commands All the CLI commands are case sensitive 5 1 Power on self test POST is executing during the system booting time It tests system memory LED and hardware chips on the switchboard It displays system information as the result of system test and initialization You can ignore the information until the prompt ASUS appears Note Figure 58 CLI inter...

Страница 67: ...ate ethaddr none none get MAC address gatewayip IP address xxx xxx xxx xxx set gateway IP address go none none boot ﬁrmware image or help none none print online help ipaddr IP address xxx xxx xxx xxx set TFTP client IP address xload none none load binary file over serial line X modem netmask mask xxx xxx xxx xxx set network mask ping host xxx xxx xxx xxx send ICMP echo_request to host pwd none non...

Страница 68: ... has to do login again with authorized user name and password 5 3 CLI commands The switch provides CLI commands for all managed functions This way you can follow the instructions and set up the switch correctly as easily as using WEB interface to conﬁgure the switch Always use or list to get the available commands list and help Always use end to get back to the root directory enable mode 5 3 1 Use...

Страница 69: ...ement conﬁguration 5 3 3 1 Firmware upgrade Upgrading new ﬁrmware into switch CLI Syntax archive download sw overwrite tftp ImageFile Example ASUS archive download sw overwrite tftp 192 168 1 3 GX2024B 3 2 02 00 release img 5 3 3 2 conﬁgure terminal Use the write conﬁguration command on the switch to conﬁguration CLI Syntax conﬁgure terminal Example ASUS conﬁgure terminal 5 3 3 3 enable Entering e...

Страница 70: ...is an RFC 1213 deﬁned MIB object in System Group and provides administrative information on the managed node CLI Syntax hostname WORD Example conﬁg hostname Switch If you put a name in the name description ﬁeld the switch system name changes to the new one 5 3 3 9 System contact Displays the detail information of contact about the switch This is an RFC 1213 deﬁned MIB object in System Group and pr...

Страница 71: ...plays the IP address for the switch This IP address is used for manageable purpose i e network applications such as http server SNMP server tftp server ssh and telnet server of the switch are all using this IP address in interface vlan1 CLI Syntax ip address A B C D M Example conﬁg interface vlan 1 conﬁg if ip address 192 168 20 121 24 5 3 3 12 Default gateway Displays the IP address of the defaul...

Страница 72: ...le ASUS show running conﬁg 5 3 3 16 write Use the write file configuration command on the switch stack or standalone switch to write conﬁguration to the ﬁle CLI Syntax write Example ASUS write 5 3 3 17 Assign a new user account Add a user which is named tony and its password is tony123456 CLI Syntax user add WORD WORD Example user add tony tony123456 5 3 3 18 Delete a new user account Delete a use...

Страница 73: ... CLI Syntax duplex full half Example conﬁg interface fa1 0 2 conﬁg if duplex full This example shows how to use the duplex configuration command on the switch to set full duplex on the interface 5 3 4 3 Interface ﬂow control Use the flow control configuration command on the switch to set flow control status of the port CLI Syntax ﬂowcontrol rx tx both Example conﬁg interface fa1 0 2 conﬁg if ﬂowco...

Страница 74: ... a vlan entry Use the vlan vid command to create vlan entry on the switch Use the name string command to create vlan entry with string on the switch CLI Syntax vlan id Example conﬁg vlan 3 conﬁg vlan name vlan3 5 3 5 3 interface vlan VLAN ID This command changes the operation to vlan interface command mode CLI Syntax interface vlan VLAN ID Example interface vlan 1 5 3 5 4 ip address This command s...

Страница 75: ...5 3 6 Spanning Tree 5 3 6 1 show spanning tree summary To show spanning tree active CLI Syntax show spanning tree summary Example ASUS show spanning tree summary 5 3 6 2 spanning tree enable and disable Enable Disable the spanning tree CLI Syntax spanning tree enable disable Example ASUS spanning tree disable 5 3 7 Link aggregation 5 3 7 1 trunk aggregation group Use the aggregation link trunk gro...

Страница 76: ...group 1 5 3 8 LACP 5 3 8 1 lacp aggregation link trunk This command sets the Link Aggregation Control Protocol LACP operation add set for the trunk group ports on the switch CLI Syntax lacp aggregation link group 1 6 add set IFLIST Example ASUS lacp aggregation link group1 add fa1 0 1 3 5 3 8 2 disable lacp aggregation link trunk This command sets the Link Aggregation Control Protocol LACP operati...

Страница 77: ...n Example ASUS show mirror session 5 3 9 3 No mirror This command disable the mirror function CLI Syntax no mirror session 1 Example conﬁg no mirror session 1 5 3 9 4 No mirror This command resets the source interfacesʼ received or transmitted traffic or both the destination interface CLI Syntax no mirror session 1 source IFLIST Example conﬁg no mirror session 1 source fa1 01 2 5 3 10 Static Multi...

Страница 78: ...t entries CLI Syntax show mac address table multicast Example ASUS show mac address table multicast 5 3 11 IGMP snooping 5 3 11 1 ip igmp snooping This command sets the IGMP snooping function enabled globally CLI Syntax ip igmp snooping Example conﬁg ip igmp snooping 5 3 11 2 interval time This command sets the interval time for the IGMP queries sent by switch CLI Syntax ip igmp snooping last memb...

Страница 79: ...te conﬁguration command on the switch to clear dynamic L2 MAC addresses in the database CLI Syntax clear mac address table dynamic mac MAC_ADDR Example conﬁg clear mac address table dynamic mac 0000 1111 2222 5 3 13 2 aging time Use the mac address table aging time configuration command on the switch stack or on a standalone switch to set the length of time that a dynamic entry remains in the MAC ...

Страница 80: ...ble static MAC_ADDR VLANID IFNAME Example conﬁg mac address table static 0000 1111 2222 1 fa1 0 2 5 3 14 2 show mac address table It shows static and dynamic mac address CLI Syntax show mac address table Example ASUS show mac address table 5 3 15 VLAN 5 3 15 1 show vlan name string Use the show vlan user EXEC command to display the parameters for all configured VLANs or one VLAN if the VLAN ID or ...

Страница 81: ...witch to add or remove the allowed VLANs that can receive and send trafﬁc on this interface in tagged format when in trunking mode CLI Syntax switchport trunk allowed vlan add remove VLANLIST Example conﬁg interface fa1 0 2 conﬁg if switchport trunk allowed vlan add 1 10 5 3 16 GVRP 5 3 16 1 clear gvrp statistics Use the clear gvrp statistics conﬁguration command on the switch to clear all the GVR...

Страница 82: ... cos map Use the queue cos map conﬁguration command on the switch to set which Cos queue a given priority should map into CLI Syntax cos cos map PRIORITY QUEUE Example ASUS cos cos map 3 3 5 3 17 2 show queue cos map This command sets the GVRP conﬁguration to default CLI Syntax show cos cos map Example conﬁg show cos cos map 5 3 17 3 qos mode This command sets qos mode to highﬁrst mode CLI Syntax ...

Страница 83: ...3 18 2 show snmp server community To show snmp server community CLI Syntax show snmp server community Example ASUS show snmp server community 5 3 18 3 snmp server host This command sets the SNMP host information CLI Syntax snmp server host A B C D Example conﬁg snmp server host 192 168 8 31 5 3 19 Filter 5 3 19 1 deny any host Use the deny MAC access list conﬁguration command on the switch to prev...

Страница 84: ...yntax permit deny any any Example conﬁg acl permit any any 5 3 19 4 ﬁlter attach This command deﬁne an extended MAC access list using a name and enter access list conﬁguration mode CLI Syntax mac access group WORD in Example conﬁg if mac access group mac_acl_1 in 5 3 20 Port access control 5 3 20 1 dot1x guest vlan Use the dot1x guest vlan interface configuration command on the switch to specify a...

Страница 85: ...0 1 conﬁg if dot1x max req 2 5 3 20 3 dot1x port control Use the dot1x port control interface configuration command on the switch to enable manual control of the authorization state of the port Use the no form of this command to return to the default setting CLI Syntax dot1x port control auto force authorized force unauthorized Example conﬁg interface fa1 0 1 conﬁg if dot1x port control force auth...

Страница 86: ...ius 5 3 23 Port security 5 3 23 1 show port security This command used to show the port security configuration status and MAC addresses information CLI Syntax show port security address interface IFNAME Example ASUS show port security ASUS show port security interface gi1 0 25 ASUS show port security address ASUS show port security address gi1 0 25 5 3 23 2 clear port security This command used to...

Страница 87: ...port port security reup 5 3 23 4 switchport port security aging This command used to set the port security aging conﬁguration CLI Syntax switchport port security aging time TIME type absolute inactivity Example conﬁg interface gi1 0 1 conﬁg if switchport port security aging time 20 conﬁg if switchport port security aging type absolute 5 4 Miscellaneous commands show private health shows the enviro...

Страница 88: ...ion The IP address 20 56 0 211 reads twenty dot ﬁfty six dot zero dot two eleven 6 1 1 Structure of an IP address IP addresses have a hierarchical design similar to that of telephone numbers For example a 7 digit telephone number starts with a 3 digit preﬁx that identiﬁes a group of thousands of telephone lines and ends with four digits that identify one speciﬁc line in that group Similarly IP add...

Страница 89: ...o hold over 65 000 hosts There can be up to 16 384 class B networks in existence A class B network might be appropriate for a large organization such as a business or government agency Class C networks are the smallest only able to hold 254 hosts at most but the total possible number of class C networks exceeds 2 million 2 097 152 to be exact LANs connected to the Internet are usually class C netw...

Страница 90: ...d 4 is also included Since this extra bit has only two values 0 and 1 this means there are two subnets Each subnet uses the remaining 7 bits in ﬁeld4 for its host IDs which range from 0 to 127 instead of the usual 0 to 255 for a class C address Similarly to split a class C network into four subnets the mask is 255 255 255 192 or 11111111 11111111 11111111 11000000 The two extra bits in Field 4 can...

Страница 91: ...other computers on your network and the Internet A ping command sends a message to the computer you specify If the computer receives the message it sends messages in reply To use it you must know the IP address of the computer with which you are trying to communicate On Windows based computers you can execute a ping command from the Start menu Click the Start button and then click Run In the Open ...

Страница 92: ...em administration utility 7 1 2 nslookup You can use the nslookup command to determine the IP address associated with an Internet site name You specify the common name and the nslookup command looks up the name on your DNS server usually located with your ISP If that name is not an entry in your ISPʼs DNS table the request is then referred to another higher level server and so on until the entry i...

Страница 93: ... and press Enter at the command prompt 7 2 Replacing defective fans Turn off the power of the switch when you remove the fan module on the rear side of the switch When any one of the switch fans located on the rear panel becomes defective you can easily replace it following these steps 1 Unlock the fan module by loosening the thumbscrew that secures it to the rear panel Figure 63 Loosening the thu...

Страница 94: ...eft side when you are facing the rear panel 7 Insert the fan module to the switch chassis until it ﬁts in place Make sure that the fan power cables are not caught between the fan module and chassis 8 Secure the fan module to the chassis with the thumbscrew Check around the fan module to make sure no cable is caught between the chassis and the fan module Fan speciﬁcations Dimensions 40 x 40 x 20 mm...

Страница 95: ... in the RPS section FAN LED is amber blinking Check the fans on the back of the switch If any of the fans is defective refer to section 7 2 to replace the fan Ethernet Link LED does not illuminate after an Ethernet cable is attached 1 Verify if the Ethernet cable is securely connected to your LAN switch hub PC and to the switch Make sure the PC and or hub switch is turned on 2 Verify if your cable...

Страница 96: ...nged the password from the default try using admin as the user ID and bypassing password 2 Login to console mode through RS232 or USB use sys user show to display the lost information Some pages do not display completely 1 Verify that you are using Internet Explorer v6 0 or later Netscape is not supported Support for Javascript must be enabled in your browser Support for Java may also be required ...

Страница 97: ...1111 00000100 11110000 in binary See also bit IP address network mask bit Short for binary digit a bit is a number that can have two values 0 or 1 See also binary bps bits per second CoS Class of Service Deﬁned in 802 1Q the value range is from 0 to 7 DSCP Differentiated Services Code Point The six most signiﬁcant bits of the DiffServ ﬁeld in IP header is called as the DSCP The available DSCP valu...

Страница 98: ...tocol An Internet protocol that enables a computer to share information about its membership in multicast groups with adjacent routers A multicast group of computers is one whose members have designated as interested in receiving specific content from the others Multicasting to an IGMP group can be used to simultaneously update the address books of a group of mobile computer users or to send compa...

Страница 99: ...urer MAC addresses are expressed as six pairs of characters mask See network mask Multicast To send data to a group of network devices Mbps Abbreviation for Megabits per second or one million bits per second Network data rates are often expressed in Mbps Monitor Also called Roving Analysis allow you to attach a network analyzer to one port and use it to monitor the trafﬁcs of other ports on the sw...

Страница 100: ...into and out of the device protocol A set of rules governing the transmission of data In order for a data transmission to work both ends of the connection have to follow the rules of the protocol PVLAN Private Virtual Local Area Network QoS Quality of Service Defined in 802 1Q For datacommunication network performance QoS characteristics are bandwidth delay and reliability remote In a physically s...

Страница 101: ...kets for delivery and reassembling them at the destination while IP is responsible for delivering the packets from source to destination When TCP and IP are bundled with higher level applications such as HTTP FTP Telnet etc TCP IP refers to this whole suite of protocols Telnet SSH An interactive character based program used to access a remote computer While HTTP the web protocol and FTP only allow...

Страница 102: ...oftware program that uses Hyper Text Transfer Protocol HTTP to download information from and upload to web sites and displays the information which may consist of text graphic images audio or video to the user Web browsers use Hyper Text Transfer Protocol HTTP Popular web browsers include Netscape Navigator and Microsoft Internet Explorer See also HTTP web site WWW Web page A web site file typical...

Результаты поиска

Содержание GIGAX2024B

Отзывы:

Похожие инструкции для GIGAX2024B

Бренды по названию

Популярные бренды

Asus GIGAX2024B, Руководство пользователя

Результаты поиска

Содержание GIGAX2024B

Отзывы:

Похожие инструкции для GIGAX2024B

Бренды по названию

Популярные бренды