Black Box LGB1152A Скачать руководство пользователя страница 143 | Manualshive

Страница: 143 / 232

background image

143

1.877.877.2269

BLACKBOX.COM

NEED HELP?

LEAVE THE TECH TO US

LIVE 24/7

TECHNICAL

SUPPORT

1.877.877.2269

CHAPTER 10: SECURITY

PARAMETER DESCRIPTION

Authentication Method Configuration

Client: The management client for which the configuration below applies.

Method: Authentication Method can be set to one of the following values:

- none : authentication is disabled and login is not possible.
- local : use the local user database on the switch for authentication.
- radius : use a remote RADIUS server for authentication.
- tacacs : use a remote TACACS server for authentication.
Methods that involve remote servers are timed out if the remote servers are offline. In this case the next method is tried. Each
method is tried from left to right and continues until a method either approves or rejects a user. If a remote server is used for
primary authentication it is recommended to configure secondary authentication as ‘local’. This will enable the management
client to login via the local user database if none of the configured authentication servers are alive.

Service Port: The TCP port for each client service. The valid port number is 1 ~ 65534.

HTTP Redirect: Enable http Automatic Redirect.

Command Authorization Method Configuration

Client: The management client for which the configuration below applies.

Method: Authorization Method can be set to one of the following values:

- none: authorization is disabled and login is not possible.
- tacacs: use a remote server for authorization.

Cmd Lvl: Runs authorization for all commands at the specified privilege level. Specifies the command level that should be

authorized. Valid entries are 0 through 15.

Cfg Cmd: Enable or disable the configure command.

Fallback: The local database can act as a fallback method for several functions. This behavior is designed to help you prevent

accidental lockout from the security appliance.

Accounting Method Configuration

Client: The management client for which the configuration below applies.

Method: The Accounting Method can be set to one of the following values:

- none: accounting is disabled and login is not possible.
- tacacs: use a remote server for accounting.

Cmd Lvl: Runs accounting for all commands at the specified privilege level. Specifies the command level that should be authorized.

Valid entries are 0 through 15.

Exec: Runs accounting to determine if the user is allowed to run an EXEC shell. This facility might return user profile information

such as auto command information.

Buttons

Apply: Click to save changes.

Reset: Click to undo any changes made locally and revert to previously saved values.

«
...
141
142
143
144
145
...
»

Содержание LGB1152A

Страница 1: ...COM GUI USER MANUAL GIGABIT MANAGED ENET SWITCH LGB1152A 1 2 3 2 4 5 6 7 9 8 11 10 13 12 15 14 17 16 21 20 23 22 25 24 27 26 29 28 19 18 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 49 50 51...

Страница 2: ...6 2 3 System Time 18 2 4 LLDP 20 2 4 1 LLDP Configuration 20 2 4 2 LLDP MED Configuration 23 2 4 3 LLDP Neighbor 29 2 4 4 LLDP MED Neighbor 30 2 4 5 LLDP Neighbor EEE 33 2 4 6 LLDP Statistics 34 2 5 U...

Страница 3: ...4 7 GVRP 68 4 8 Private VLAN 69 4 9 Port Isolation 70 4 10 Voice VLAN 71 4 10 1 Configuration 71 4 10 2 OUI 73 5 QUALITY OF SERVICE 75 5 1 Port Classification 75 5 2 Port Policers 77 5 3 Port Shapers...

Страница 4: ...us 119 8 2 4 Groups Information 120 8 2 5 MLD SFM Information 121 8 3 MVR 122 8 3 1 Basic Configuration 122 8 3 2 Statistics 124 8 3 3 MVR Groups Information 125 8 3 4 MVR SFM Information 126 8 4 Mult...

Страница 5: ...160 10 5 Port Security 162 10 5 1 Configuration 162 10 5 2 Status 164 10 6 RADIUS 166 10 6 1 Configuration 166 10 6 2 Status 167 10 7 TACACS 171 11 ACCESS CONTROL 173 11 1 Ports Configuration 173 11...

Страница 6: ...ing 210 13 5 2 iPush Options 212 14 DIAGNOSTICS 214 14 1 Ping 214 14 2 Traceroute 215 14 3 Cable Diagnostics 216 14 4 Mirroring 217 14 5 sFlow 218 14 5 1 Configuration 218 14 5 2 Statistics 220 15 MAI...

Страница 7: ...Protocol IP and Hypertext Transfer Protocol HTTP REVISION HISTORY Release Number Initial release Date 9 1 2017 Revision A1 ADDITIONAL DOCUMENTATION This GUI User Manual and related documents availabl...

Страница 8: ...bination of affordability and capabilities for entry level networking including small business or enterprise applications and helps you create a more efficient better connected workforce LGB1152A Giga...

Страница 9: ...BLACKBOX COM NEED HELP LEAVE THE TECH TO US LIVE 24 7 TECHNICAL SUPPORT 1 877 877 2269 INTRODUCTION Chapter 11 Access Control Chapter 12 SNMP Chapter 13 Event Notification Chapter 14 Diagnostics Chapt...

Страница 10: ...n and password is empty The first time you use the switch enter the default username and password and then click the Login button The login process now is completed In this login menu you have to inpu...

Страница 11: ...page 3 Click Apply FIGURE 2 1 SYSTEM INFORMATION PARAMETER DESCRIPTION Model Name Displays the factory defined model name to identify the switch System Description Displays the system description Loc...

Страница 12: ...1 s 10 s of the system Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 2 2 IP ADDRESS 2 2 1 SETTINGS The IPv4 address for the swi...

Страница 13: ...four servers available for configuration and the index of the server presents the preference less index has higher priority in doing DNS name resolution The following modes are supported No DNS serve...

Страница 14: ...igure whether the IP stack should act as a Host or a Router In Host mode IP traffic between interfaces will not be routed In Router mode traffic is routed between all interfaces DNS Server This settin...

Страница 15: ...he interface is not desired IPv4 Mask Length The IPv4 network mask in number of bits prefix length Valid values are between 0 and 30 bits for a IPv4 address If DHCP is enabled this field is not used T...

Страница 16: ...next hop VLAN for the gateway If the IPv6 gateway address is not link local system ignores the next hop VLAN for the gateway Buttons Add Interface Click to add a new IP interface A maximum of 8 interf...

Страница 17: ...lags of the interface and or address IP Routes Network Show the destination IP network or host address of this route Gateway Show the gateway address of this route Status Show the status flags of the...

Страница 18: ...URE 2 6 TIME CONFIGURATION Parameter description Time Configuration Clock Source There are two modes for configuring where the Clock Source is from Select Local Settings to obtain the Clock Source fro...

Страница 19: ...ngs Week Select the starting week number Day Select the starting day Month Select the starting month Hours Select the starting hour Minutes Select the starting minute End time settings Week Select the...

Страница 20: ...ng each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can only appear o...

Страница 21: ...5 32768 seconds Tx Hold Each LLDP frame contains information about how long the information in the LLDP frame will be considered valid The LLDP information valid period is set to Tx Hold multiplied by...

Страница 22: ...nt Address field The CDP address TLV can contain multiple addresses but only the first address is shown in the LLDP neighbors table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version...

Страница 23: ...nagement allowing network administrators to track their network devices and determine their characteristics manufacturer software and hardware versions and serial or asset number This page allows you...

Страница 24: ...24 1 877 877 2269 BLACKBOX COM NEED HELP LEAVE THE TECH TO US LIVE 24 7 TECHNICAL SUPPORT 1 877 877 2269 CHAPTER 2 SYSTEM FIGURE 2 11 LLDP MED CONFIGURATION PART 2...

Страница 25: ...transmitted when an LLDP frame with new information is received NOTE The LLDP MED and the LLDP MED Fast Start mechanism is only intended to run on links between LLDP MED Network Connectivity Devices a...

Страница 26: ...he North American Vertical Datum of 1988 NAVD88 This datum pair is to be used when referencing locations on land not near tidal water which would use Datum NAD83 MLLW NAD83 MLLW North American Datum 1...

Страница 27: ...lication types supported on a given port The application types specifically addressed are 1 Voice 2 Guest Voice 3 Softphone Voice 4 Video Conferencing 5 Streaming Video 6 Control Signalling conditiona...

Страница 28: ...cing application policy Tag Tag indicating whether the specified application type is using a tagged or an untagged VLAN Untagged indicates that the device is using an untagged frame format and does no...

Страница 29: ...as received Chassis ID The Chassis ID is the identification of the neighbor s LLDP frames Port ID The Remote Port ID is the identification of the neighbor port Port Description Port Description is the...

Страница 30: ...D neighbor 1 Click System LLDP and LLDP MED Neighbor 2 Click Refresh for manual update web screen 3 Click Auto refresh for auto update web screen FIGURE 2 14 LLDP MED NEIGHBOR INFORMATION NOTE If ther...

Страница 31: ...services defined in this class include LAN configuration device location network policy power management and inventory management LLDP MED Media Endpoint Class II The LLDP MED Media Endpoint Class II...

Страница 32: ...the video signaling than for the video media Policy Policy indicates that an Endpoint Device wants to explicitly advertise that the policy is required by the device Can be either Defined or Unknown Un...

Страница 33: ...Tw The link partner s time that receiver would like the transmitter to hold off to allow time for the receiver to wake from sleep Fallback Receive Tw The link partner s fallback receive Tw A receivin...

Страница 34: ...ink partner have agreed on wakeup times Buttons Auto refresh Refresh off FIGURE 2 17 AUTO REFRESH REFRESH BUTTONS Auto refresh Check this box to refresh the page automatically Automatic refresh occurs...

Страница 35: ...information Local Port The port on which LLDP frames are received or transmitted Tx Frames The number of LLDP frames transmitted on the port Rx Frames The number of LLDP frames received on the port R...

Страница 36: ...nds Refresh Click to refresh the page Clear Clears the counters for the selected port 2 5 UPNP UPnP is an acronym for Universal Plug and Play The goals of UPnP are to allow devices to connect seamless...

Страница 37: ...in the duration it will think that the switch no longer exists Due to the unreliable nature of UDP in the standard we recommend that you refresh advertisements at less than one half of the advertising...

Страница 38: ...via an alphanumeric string describing the full name and version identification for the system s hardware type software version and networking application 3 Specify the Speed Configured Flow Control Ma...

Страница 39: ...a port this section indicates the flow control capability that is advertised to the link partner When a fixed speed setting is selected that is what is used The Current Rx column indicates whether pau...

Страница 40: ...lick Refresh to refresh the port statistics or clear all information when you click Clear 4 To see detailed port statistics then you need to click that port FIGURE 3 2 PORT STATISTICS OVERVIEW Paramet...

Страница 41: ...s box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page Clear Clears the counters for all ports If you want to see the detailed statistics fo...

Страница 42: ...f received and transmitted good and bad multicast packets Rx and Tx Broadcast The number of received and transmitted good and bad broadcast packets Rx and Tx Pause A count of the MAC Control frames re...

Страница 43: ...efresh Refresh Clear off FIGURE 3 6 AUTO REFRESH REFRESH CLEAR BUTTONS Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh t...

Страница 44: ...of the SFP module Mon1 Bias mA Show the Bias current of the SFP module Mon2 TX PWR Show the transmit power of the SFP module Mon3 RX PWR Show the receiver power of SFP module Buttons Auto refresh Ref...

Страница 45: ...h port number of the logical EEE port Configure Controls whether EEE is enabled for this switch port Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to prev...

Страница 46: ...nable the use of the IP Address or uncheck to disable By default IP Address is enabled TCP UDP Port Number Use the TCP UDP port number to calculate the destination port for the frame Check to enable t...

Страница 47: ...s switch port LACP will form an aggregation when 2 or more ports are connected to the same partner Key The Key value incurred by the port range 1 65535 The Auto setting will set the key as appropriate...

Страница 48: ...ics FIGURE 3 12 LACP SYSTEM STATUS Parameter description Aggr ID The Aggregation ID associated with this aggregation instance For LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner...

Страница 49: ...that LACP is enabled and the port link is up No means that LACP is not enabled or that the port link is down Backup means that the port could not join the aggregation group but will join if another p...

Страница 50: ...he locked ports WEB INTERFACE To configure the Loop Protection parameters in the web interface 1 Click Port Management Loop Protection and Configuration 2 Select enable or disable the port loop Protec...

Страница 51: ...locally and revert to previously saved values 3 6 2 STATUS This section displays the loop protection port status the ports of the currently selected switch WEB INTERFACE To display the Loop Protectio...

Страница 52: ...lick to refresh the page immediately 3 7 UDLD 3 7 1 CONFIGURATION This page allows the user to inspect the current UDLD configurations and possibly change them as well WEB INTERFACE To configure the U...

Страница 53: ...n that port Message Interval Configures the period of time between UDLD probe messages on ports that are in the advertisement phase and are determined to be bidirectional The range is from 7 to 90 sec...

Страница 54: ...Bidirectional State The current state of the port Neighbor Status Port The current port of the neighbor device Device ID The current ID of the neighbor device Link Status The current link status of th...

Страница 55: ...nly one management VLAN can be active at a time When you specify a new management VLAN your HTTP connection to the old management VLAN is lost Make sure you have a connection between your management s...

Страница 56: ...discards all frames that are not classified to the Access VLAN on egress all frames are transmitted untagged Trunk Trunk ports can carry traffic on multiple VLANs simultaneously and are normally used...

Страница 57: ...e switch engine However the port will never transmit frames classified to VLANs that it is not a member of Ingress Acceptance Hybrid ports allow for changing the type of frames that are accepted on in...

Страница 58: ...figured in hardware VLAN User module uses services of the VLAN management functionality to configure VLAN memberships and VLAN port configurations such as PVID and UVID Currently we support the follow...

Страница 59: ...lt VLAN membership allows the frames classified to the VLAN ID to be forwarded on the respective VLAN member ports Show entries You can choose how many items you want to show up Admin You can choose t...

Страница 60: ...proves network resource use while maintaining a loop free environment DMS Shows DMS VLAN membership status VCL shows MAC based VLAN entries configured by various MAC based VLAN users Port The logical...

Страница 61: ...ill be displayed as Yes for the Combined user and the offending software module The Combined user reflects what is actually configured in hardware Admin You can choose the Vlan User Buttons Auto refre...

Страница 62: ...mbers and all boxes are unchecked Buttons Adding New Entry Click to add a new MAC based VLAN entry An empty row is added to the table and the MAC based VLAN entry can be configured as needed Any unica...

Страница 63: ...NTERFACE To Display MAC based address VLAN configuration in the web interface 1 Click VLAN Management MAC based VLAN and Status 2 To auto refresh the information select Auto refresh 3 Click Refresh to...

Страница 64: ...rk Access Protocol SNAP is a mechanism for multiplexing on networks using IEEE 802 2 LLC more protocols than can be distinguished by the 8 bit 802 2 Service Access Point SAP fields SNAP supports ident...

Страница 65: ...in string is a hexadecimal value ranges from 0x00 0xff b PID If the OUI is hexadecimal 000000 the protocol ID is the Ethernet type EtherType field value for the protocol running on top of SNAP if the...

Страница 66: ...default no ports are members and all boxes are unchecked Buttons Delete To delete a Group Name to VLAN map entry check this box The entry will be deleted on the switch during the next Save Add New Ent...

Страница 67: ...the network mask length VLAN ID Indicates the VLAN ID VLAN ID can be changed for the existing entries Port Members A row of check boxes for each port is displayed for each IP subnet to VLAN ID mappin...

Страница 68: ...is a subset of an active topology GARP defines the architecture rules of operation state machines and variables for the registration and de registration of attribute values A GARP participation in a s...

Страница 69: ...n particular port locally Disable Select to Disable GVRP mode on this port GVRP Enable Select to Enable GVRP mode on this port Buttons Apply Click to save changes Reset Click to undo any changes made...

Страница 70: ...VLANs Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 4 9 PORT ISOLATION Port Isolation provides for an apparatus and method to...

Страница 71: ...ly saved values 4 10 VOICE VLAN Voice VLAN is VLAN configured specially for voice traffic By adding the ports with voice devices attached to voice VLAN we can perform QoS related configuration for voi...

Страница 72: ...the value equals the management VID MVR VID PVID etc The allowed range is 1 to 4095 Aging Time Indicates the Voice VLAN secure learning aging time The allowed range is 10 to 10000000 seconds It is us...

Страница 73: ...covery protocol to LLDP or Both Changing the discovery protocol to OUI or LLDP will restart the auto detect process Possible discovery protocols are OUI Detect telephony device by OUI address LLDP Det...

Страница 74: ...o a vendor by IEEE It must be 6 characters long and the input format is xx xx xx x is a hexadecimal digit Description The description of the OUI address Normally it describes which vendor telephony de...

Страница 75: ...rding to what was configured for that specific QoS class The switch supports advanced memory control mechanisms providing excellent performance of all QoS classes under any traffic scenario including...

Страница 76: ...value in the tag Otherwise the frame is classified to the default DPL The classified DPL can be overruled by a QCL entry PCP Controls the default PCP value All frames are classified to a PCP value If...

Страница 77: ...y and revert to previously saved values Cancel Click to undo any changes made locally and return to the previous page 5 2 PORT POLICERS This section provides an overview of QoS Ingress Port Policers f...

Страница 78: ...ort is in flow control mode then pause frames are sent instead of discarding frames Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved valu...

Страница 79: ...ed for this queue on this switch port Queue Shaper Rate Controls the rate for the queue shaper This value is restricted to 100 13107100 when Unit is kbps and 1 13107 when Unit is Mbps The rate is inte...

Страница 80: ...changes Reset Click to undo any changes made locally and revert to previously saved values 5 4 STORM CONTROL This section explains how to configure the Storm control for the switch There is a destina...

Страница 81: ...lobal storm policer Supported rates are divisible by 10 fps or 25 kbps Unit Controls the unit of measure for the global storm policer rate as fps kfps kbps or Mbps Port Storm Policer Configuration Hel...

Страница 82: ...the QoS Port Schedulers in the web interface 1 Click Quality of Service and Port Scheduler 2 Click the Port and display the QoS Egress Port Schedulers 3 Scroll Port and Scheduler Mode specify the Que...

Страница 83: ...that this shaper operates on data rate Queue Scheduler Weight Controls the weight for this queue This value is restricted to 1 100 This parameter is only shown if Scheduler Mode is set to Weighted Que...

Страница 84: ...stack unit as reflected by the page header WEB INTERFACE To configure the QoS Port PCP Remarking in the web interface 1 Click Quality of Service and Port PCP Remarking 2 Click the Port and display th...

Страница 85: ...de Shows the PCP remarking mode for this port Keep Use classified PCP DEI values Specific Use default PCP DEI values Mapped Use mapped versions of CoS and DPL PCP DEI Configuration Controls the defaul...

Страница 86: ...5 To cancel the setting click the Reset button It will revert to previously saved values FIGURE 5 9 QOS PORT DSCP CONFIGURATION Parameter description Port The Port column shows the list of ports for w...

Страница 87: ...configure the basic QoS DSCP Translation settings for all switches DSCP translation can be done in Ingress or Egress WEB INTERFACE To configure the DSCP Translation parameters in the web interface 1...

Страница 88: ...s how to configure and allows you to map a DSCP value to a QoS Class and DPL value The settings relate to the currently selected stack unit as reflected by the page header WEB INTERFACE To configure t...

Страница 89: ...e DSCP Based QoS Ingress Classification parameters in the web interface 1 Click Quality of Service DSCP and DSCP Based QoS 2 Enable or disable the DSCP for Trust 3 Scroll to select Queue Priority and...

Страница 90: ...256 on each switch Click on the lowest plus sign to add a new QCE to the list WEB INTERFACE To configure the QoS Control List parameters in the web interface 1 Click Quality of Service QoS Contol List...

Страница 91: ...IP this field indicates the DMAC Tag Type Indicates tag type Possible values are Any Match tagged and untagged frames Untagged Match untagged frames Tagged Match tagged frames C Tagged Match C tagged...

Страница 92: ...lude the port in the QCL entry By default all ports are included Key Parameters Key configuration is described below DMAC Destination MAC address Possible values are Unicast Multicast Broadcast Specif...

Страница 93: ...are in the range 0 63 including BE CS1 CS7 EF or AF11 AF43 Sport Source TCP UDP port 0 65535 or Any specific or port range applicable for IP protocol UDP TCP Dport Destination TCP UDP port 0 65535 or...

Страница 94: ...elect the combined static Voice VLAN and conflict 4 Click Refresh to refresh an entry of the MVR Statistics Information FIGURE 5 15 QOS CONTROL LIST STATUS Parameter description User Indicates the QCL...

Страница 95: ...SH RESOLVE CONFLICT BUTTONS Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately Combined Select the QCL...

Страница 96: ...s the Queue number There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received and transmitted packets per queue Buttons Auto refresh Refresh Clear off First Page Next...

Страница 97: ...cost spanning tree it enables all root ports and designated ports and disables all other ports Network packets are therefore only forwarded between root ports and designated ports eliminating any poss...

Страница 98: ...seconds Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge Valid values are in the range 6 to 40 seconds and MaxAge must be FwdDelay 1 2 Maximum Hop Count...

Страница 99: ...citly mapped You need to set the list of VLANs mapped to the MSTI The VLANs must be separated with a comma and or space A VLAN can only be mapped to one MSTI An unused MSTI should just be left empty i...

Страница 100: ...mapped to it Example 2 5 20 40 MSTI Priority Controls the bridge priority Lower numeric values have better priority The bridge priority plus the MSTI instance number concatenated with the 6 byte MAC...

Страница 101: ...nning tree s active topology as a result of persistently incorrect learned station location information It is set by a network administrator to prevent bridges external to a core region of the network...

Страница 102: ...Bridge Topology Flag The current state of the Topology Change Flag of this Bridge instance Topology Change Last The time since the last Topology Change occurred STP Port Status Port The switch port nu...

Страница 103: ...ince the Topology Flag was last set CIST Ports Aggregations State Port The switch port number of the logical STP port Port ID The port id as used by the STP protocol This is the priority part and the...

Страница 104: ...ort The switch port number of the logical STP port MSTP The number of MSTP Configuration BPDU s received transmitted on the port RSTP The number of RSTP Configuration BPDU s received transmitted on th...

Страница 105: ...s and switch ports The frames also contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the...

Страница 106: ...ther frames are dropped NOTE Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can...

Страница 107: ...ss Table and Information 2 If you want to auto refresh the information select Auto refresh 3 Click Refresh to refresh the MAC Address Table FIGURE 7 3 MAC ADDRESS TABLE PARAMETER DESCRIPTION Navigatin...

Страница 108: ...ries turn to the next page NOTES 00 40 C7 73 01 29 your switch MAC address for IPv4 33 33 00 00 00 01 Destination MAC for IPv6 Router Advertisement reference IPv6 RA JPG 33 33 00 00 00 02 Destination...

Страница 109: ...ward the packet to the members who previously joined in a specified IP multicast group The packets will be discarded by the IGMP Snooping if the user transmits multicast packets to the multicast group...

Страница 110: ...ave Proxy This feature can be used to avoid forwarding unnecessary leave messages to the router side Proxy Enabled Enable IGMP Proxy This feature can be used to avoid forwarding unnecessary join and l...

Страница 111: ...the Reset button It will revert to previously saved values FIGURE 8 2 IGMP SNOOPING VLAN CONFIGURATION PARAMETER DESCRIPTION Start from Vlan Click to Refresh the displayed table starting from the VLA...

Страница 112: ...val is 10 in tenths of seconds 1 second URI sec Unsolicited Report Interval The Unsolicited Report Interval is the time between repetitions of a host s initial report of membership in a group The allo...

Страница 113: ...t is learnt to be a router port Both denote the specific port is configured or learnt to be a router port Port Switch port number Status Indicate whether a specific port is a router port or not Button...

Страница 114: ...dress The Next Page will use the last entry of the currently displayed table as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the Fir...

Страница 115: ...FM Information Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address T...

Страница 116: ...address will receive the traffic sent to that address Application software running on the source and destination systems cooperates to determine what multicast address to use NOTE This is a function...

Страница 117: ...e SSM aware hosts and routers to run the SSM service model for the groups in the address Using IPv6 Address range Leave Proxy Enabled Enable MLD Leave Proxy This feature can be used to avoid forwardin...

Страница 118: ...CRIPTION Delete Check to delete the entry The designated entry will be deleted during the next save VLAN ID This displays the VLAN ID of the entry Snooping Enabled Enable the per VLAN IGMP Snooping Up...

Страница 119: ...nterval is 1 second Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 8 2 3 STATUS This section describes how to display the MLD Sn...

Страница 120: ...ted first by VLAN ID and then by group WEB INTERFACE To display the MLD Snooping Group information in the web interface 1 Click Multicast MLD Snooping and Group Information 2 To auto refresh the infor...

Страница 121: ...rmation 2 To auto refresh the information select Auto refresh 3 Click Refresh to refresh an entry of the MLD SFM Information 4 Click First Next Page to change the page FIGURE 8 10 MLD SFM CONFIGURATIO...

Страница 122: ...the group information entries turn to the next page 8 3 MVR The MVR feature enables multicast traffic forwarding on the Multicast VLAN In a multicast television application a PC or a television with...

Страница 123: ...nagement address is not set system uses the first available IPv4 management address Otherwise the system uses a pre defined value By default this value will be 192 0 2 1 Mode Specify the MVR mode of o...

Страница 124: ...MVR VID MVR Name IGMP Address Mode Tagging Priority LLQI Interface Channel Profile Click Apply Delete Check to delete the entry The designated entry will be deleted during the next save Apply Click t...

Страница 125: ...he information select Auto refresh 3 Click Refresh to refresh an entry of the MVR Groups Information 4 Click First Next Page to change the page FIGURE 8 13 MVR GROUP INFORMATION PARAMETER DESCRIPTION...

Страница 126: ...ulticast MVR and MVR SFM Information 2 To auto refresh the information select Auto refresh 3 Click Refresh to refresh an entry of the MVR Groups Information 4 Click First Next Page to change the page...

Страница 127: ...ould be handled by a chip or not Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately First Page...

Страница 128: ...which is composed of up to 16 alphabetic and numeric characters Profile Description Additional description which is composed of up to 64 alphabetic and numeric characters about the profile No blank or...

Страница 129: ...be logged Rule Management Buttons You can manage rules and the corresponding precedence order by using the following buttons Insert a new rule before the current entry of rule X Delete the current en...

Страница 130: ...ress that will be used as an address range End Address The ending IPv4 IPv6 Multicast Group Address that will be used as an address range Buttons Add New Address Range Entry Click to add new address r...

Страница 131: ...bes how to configure the DHCP Snooping parameters of the switch DHCP Snooping can prevent attackers from adding their own DHCP servers to the network WEB INTERFACE To configure DHCP snooping in the we...

Страница 132: ...enabled All DHCP clients obtained the dynamic IP address from the DHCP server will be listed in this table except for local VLAN interface IP addresses Entries in the Dynamic DHCP snooping Table are...

Страница 133: ...INTERFACE To display a DHCP Relay statistics in the web interface 1 Click DHCP Snooping and Detailed Statistics 2 Select that port for which you want to display the DHCP Detailed Statistics 3 To auto...

Страница 134: ...that have IP UDP checksum errors Rx Discarded from Untrusted The number of discarded packets that are coming from untrusted ports Buttons Auto refresh Check this box to refresh the page automatically...

Страница 135: ...m VLAN ID 3 switch ID 1 port No 8 And the option 82 remote ID value equals the switch MAC address Possible modes are Enabled Enable DHCP relay information mode operation When DHCP relay information mo...

Страница 136: ...eived from a server Receive Missing Agent Option The number of packets received without agent information options Receive Missing Circuit ID The number of packets received with the Circuit ID option m...

Страница 137: ...fresh Click to refresh the page immediately Clear Clear all statistics 9 3 SERVER 9 3 1 CONFIGURATION This page configures the mode to enable disable DHCP server per system and per VLAN It also config...

Страница 138: ...address of this route DNS Server Specify the DNS server Buttons Delete Check to delete the entry It will be deleted during the next save Add Interface Click to add a new DHCP server Apply Click to sa...

Страница 139: ...net Mask Display the subnet mask of the DHCP address Default router Display the destination IP network or host address of this route DNS Server Display the DNS server Buttons Auto refresh Check this b...

Страница 140: ...rict input to an interface by limiting and identifying MAC addresses 10 1 MANAGEMENT 10 1 1 ACCOUNT This page provides an overview of the current users Currently the only way to login as another user...

Страница 141: ...read write access The system maintenance options software upload factory defaults and etc need user privilege level 15 Generally the privilege level 15 can be used for an administrator account privil...

Страница 142: ...uration read only configuration execute read write User Privilege should be same or greater than the authorization Privilege level to have the access to that group Buttons Apply Click to save changes...

Страница 143: ...ization Method Configuration Client The management client for which the configuration below applies Method Authorization Method can be set to one of the following values none authorization is disabled...

Страница 144: ...PTION Mode Indicates the access management mode operation Possible modes are On Enable access management mode operation Off Disable access management mode operation VLAN ID Indicates the VLAN ID for t...

Страница 145: ...imply logging on to the Internet WEB INTERFACE To configure IEEE 802 1X in the web interface 1 Click Security 802 1X and Configuration 2 Select on in the Mode of IEEE 802 1X Configuration 3 Check Reau...

Страница 146: ...s no longer attached For MAC based ports reauthentication is only useful if the RADIUS server configuration has changed It does not involve communication between the switch and the client and therefor...

Страница 147: ...ature see RADIUS Assigned QoS Enabled below for a detailed description The RADIUS Assigned QoS Enabled checkbox provides a quick way to globally enable disable RADIUS server assigned QoS Class functio...

Страница 148: ...how many information exchange frames are needed for a particular method The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards it When authentica...

Страница 149: ...C address is converted to a string on the following form xx xx xx xx xx xx that is a dash is used as separator between the lower cased hexadecimal digits The switch only supports the MD5 Challenge aut...

Страница 150: ...nel Type and Tunnel Private Group ID attributes must all be present at least once in the Access Accept packet The switch looks for the first set of these attributes that have the same Tag value and fu...

Страница 151: ...licant mode Currently X clients are authorized and Y are unauthorized Restart Two buttons are available for each row The buttons are only enabled when authentication is globally enabled and the port s...

Страница 152: ...or EAPOL based authentication and the source MAC address from the most recently received frame from a new client for MAC based authentication QoS Class QoS Class assigned to the port by the RADIUS ser...

Страница 153: ...the IP Source Guard 10 3 1 CONFIGURATION This section describes how to configure the IP Source Guard setting including Mode Enabled and Disabled Maximum Dynamic Clients 0 1 2 Unlimited WEB INTERFACE...

Страница 154: ...mode is enabled and the value of max dynamic client is equal to 0 the switch only allows the IP packets to be forwarded that match static entries on the specific port Buttons Apply Click to save chan...

Страница 155: ...deleted during the next save Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 10 3 3 DYNAMIC TABLE Entries in the Dynamic IP Source Guard...

Страница 156: ...ached the text No more entries is shown in the displayed table Use the First Page button to start over Port Switch Port Number for which the entries are displayed VLAN ID VLAN ID in which the IP traff...

Страница 157: ...settings of Check VLAN are Enabled Enable check VLAN operation Disabled Disable check VLAN operation Only when the Global Mode and Port Mode on a given port are enabled and the setting of Check VLAN...

Страница 158: ...to previously saved values Translate dynamic to static Click to translate all dynamic entries to static entries 10 4 2 VLAN CONFIGURATION Specify which VLANs have ARP Inspection enabled WEB INTERFACE...

Страница 159: ...Port Mode on a given port are enabled ARP Inspection is enabled on this given port Second you can specify which VLAN will be inspected on VLAN mode configuration web page The log type also can be conf...

Страница 160: ...ddress and then by IP address All dynamic entries are learning from DHCP Snooping Navigating the ARP Inspection Table Each page shows up to 99 entries from the Dynamic ARP Inspection table default is...

Страница 161: ...per page FIGURE 10 14 DYNAMIC ARP INSPECTION TABLE PARAMETER DESCRIPTION ARP Inspection Table Columns Port Switch Port Number for which the entries are displayed VLAN ID VLAN ID in which the ARP traf...

Страница 162: ...ode Violation Limit for each port 4 Click Apply to save the setting 5 To cancel the setting click the Reset button It will revert to previously saved values FIGURE 10 15 PORT SECURITY CONFIGURATION PA...

Страница 163: ...exceed 1024 If the limit is exceeded the corresponding action is taken The switch is born with a total number of MAC addresses from which all ports draw whenever a new MAC address is seen on a Port Se...

Страница 164: ...interface 1 Click Security Port Security and status 2 Check Auto refresh 3 Click Refresh to refresh the port detailed statistics 4 Click the port number to see the status for this particular port FIG...

Страница 165: ...dress VLAN ID The MAC address and VLAN ID that is seen on this port If no MAC addresses are learned a single row stating No MAC addresses attached is displayed State Indicates whether the correspondin...

Страница 166: ...Click Apply to save the setting 6 To cancel the setting click the Reset button It will revert to previously saved values FIGURE 10 18 RADIUS SERVER CONFIGURATION PARAMETER DESCRIPTION Global Configur...

Страница 167: ...rver Configuration The table has one row for each RADIUS server and a number of columns which are Hostname The IP address or hostname of the RADIUS server Auth Port The UDP port to use on the RADIUS s...

Страница 168: ...arily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server...

Страница 169: ...alid or invalid received from the server Malformed Access Responses The number of malformed RADIUS Access Response packets received from the server Malformed packets include packets with an invalid le...

Страница 170: ...US Accounting Statistics for Server 1 The statistics map closely to those specified in RFC4670 RADIUS Accounting Client MIB Use the server select box to switch between the backend servers to show deta...

Страница 171: ...matched it from the RADIUS accounting server The unit of this measurement is 100 ms A value of 0 ms indicates that there hasn t been round trip communication with the server yet Buttons Auto refresh...

Страница 172: ...en configured Key The secret key up to 63 characters long shared between the TACACS server and the switch Server Configuration The table has one row for each TACACS server and a number of columns whic...

Страница 173: ...to update the counter or Clear the information FIGURE 11 1 ACL PORTS CONFIGURATION PARAMETER DESCRIPTION Port The logical port for the settings contained in the same row Policy ID Select the policy to...

Страница 174: ...ports by changing the volatile port configuration of the ACL user module Disabled Close ports by changing the volatile port configuration of the ACL user module The default value is Enabled Counter Co...

Страница 175: ...page shows the Access Control List ACL which is made up of the ACEs defined on this switch Each row describes the ACE that is defined The maximum number of ACEs is 512 on each switch Click on the low...

Страница 176: ...with a specific policy Port The ACE will match a specific ingress port Policy Bitmask Indicates the policy number and bitmask of the ACE Frame Type Indicates the frame type of the ACE Possible values...

Страница 177: ...rame type selected A frame that hits this ACE matches the configuration that is defined here Ingress Port Select the ingress port for which this ACE applies All The ACE applies to all ports Port n The...

Страница 178: ...matching the ACE are stored in the System Log Disabled Frames matching the ACE are not logged NOTE The logging feature only works when the packet length is less than 1518 without VLAN tags and the Sys...

Страница 179: ...y is don t care ARP Parameters The ARP parameters can be configured when Frame Type ARP is selected ARP RARP Specify the available ARP RARP opcode OP flag for this ACE Any No ARP RARP OP flag is speci...

Страница 180: ...v4 0x04 Any Any value is allowed don t care Ethernet Specify whether frames can hit the action according to their ARP RARP hardware address space HRD settings 0 ARP RARP frames where the HLD is not eq...

Страница 181: ...imal notation DIP Filter Specify the destination IP filter for this ACE Any No destination IP filter is specified Destination IP filter is don t care Host Destination IP filter is set to Host Specify...

Страница 182: ...specified ICMP code filter status is don t care Specific If you want to filter a specific ICMP code filter with this ACE you can enter a specific ICMP code value A field for entering an ICMP code val...

Страница 183: ...t care TCP PSH Specify the TCP Push Function PSH value for this ACE 0 TCP frames where the PSH field is set must not be able to match this entry 1 TCP frames where the PSH field is set must be able t...

Страница 184: ...e web interface 1 Click Access Control and ACL status 2 To auto refresh the information select Auto refresh 3 Click Refresh to refresh the ACL Status FIGURE 11 4 ACL STATUS SCREEN PARAMETER DESCRIPTIO...

Страница 185: ...e rate limiter number of the ACE The allowed range is 1 to 16 When Disabled is displayed the rate limiter operation is disabled CPU Forward packets that match the specific ACE to CPU Counter The count...

Страница 186: ...he SNMP agent will be de activated and the related Community Name Trap Host IP Address Trap and all MIB counters will be ignored 12 1 CONFIGURATION This section describes how to configure an SNMP Syst...

Страница 187: ...26 The field is applicable only when SNMP version is SNMPv1 or SNMPv2c If SNMP version is SNMPv3 the community string will be associated with SNMPv3 communities table It provides more flexibility to c...

Страница 188: ...s source address prefix Buttons Add New Entry Click to add a new entry Specify the name and configure the new entry Click Apply Delete Check to delete the entry It will be deleted during the next save...

Страница 189: ...not be modified if entry already exists That means it must first be ensured that the value is set correctly Authentication Protocol Indicates the authentication protocol that this entry should belong...

Страница 190: ...Add new entry 3 Specify the SNMP group parameter 4 Click Apply FIGURE 12 4 SNMP GROUPS CONFIGURATION PARAMETER DESCRIPTION Security Model Indicates the security model that this entry should belong to...

Страница 191: ...ously saved values 12 2 4 VIEWS This function is used to configure SNMPv3 view The Entry index keys are OID Subtree and View Name To create a new view account check the Add new view button and enter t...

Страница 192: ...OID Subtree The OID defining the root of the subtree to add to the named view The allowed OID length is 1 to 128 The allowed string content is a digital number or asterisk Buttons Add New Entry Click...

Страница 193: ...ible security models are NoAuth NoPriv No authentication and no privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy Read View Name The name of the MIB view defining...

Страница 194: ...Entry 3 Specify the ID parameters 4 Click Apply FIGURE 12 7 RMON STATISTICS CONFIGURATION PARAMETER DESCRIPTION ID Indicates the index of the entry The range is from 1 to 65535 Data Source Indicates t...

Страница 195: ...you want to check 3 Check Auto refresh 4 Click Refresh to refresh the port detailed statistics FIGURE 12 8 RMON STATISTICS STATUS PARAMETER DESCRIPTION ID Indicates the index of Statistics entry Data...

Страница 196: ...512 1023 The total number of packets including bad packets received that were between 512 to 1023 octets in length 1024 1588 The total number of packets including bad packets received that were betwee...

Страница 197: ...ed during the next save Add New Entry Click to add a new entry Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 12 4 2 STATUS This page pr...

Страница 198: ...cted to a multicast address CRC Errors The total number of packets received that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets inclusive but had either a b...

Страница 199: ...ariable Indicates the particular variable to be sampled the possible variables are InOctets The total number of octets received on the interface including framing characters InUcastPkts The number of...

Страница 200: ...vent index 1 65535 Falling Threshold Falling threshold value 2147483648 2147483647 Falling Index Falling event index 1 65535 Buttons Delete Check to delete the entry It will be deleted during the next...

Страница 201: ...Rising Threshold Rising threshold value Rising Index Rising event index Falling Threshold Falling threshold value Falling Index Falling event index Show entries You can choose how many items you want...

Страница 202: ...the entry It will be deleted during the next save Add New Entry Click to add a new entry Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values...

Страница 203: ...ION Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry LogTIme Indicates the Event log time LogDescription Indicates the Event description Show entries Y...

Страница 204: ...cify the SNMP Trap parameter 4 Click Apply FIGURE 13 1 SNMP TRAP CONFIGURATION PARAMETER DESCRIPTION Trap Destination Configurations Name Indicates the trap Configuration s name Indicates the trap des...

Страница 205: ...length is 0 to 63 and the allowed content is ASCII characters from 33 to 126 Trap Destination Address Indicates the SNMP trap destination address It allows a valid IP address in dotted decimal notatio...

Страница 206: ...eMail 2 Specify the SMTP Configuration parameter 3 Click Apply FIGURE 13 2 SMTP CONFIGURATION PARAMETER DESCRIPTION Mail Server The IP address or hostname of the mail server IP address is expressed i...

Страница 207: ...s and Server Port 4 Click Apply FIGURE 13 3 SYSTEM LOG CONFIGURATION PARAMETER DESCRIPTION Server Mode Indicates the server mode operation When the mode operation is enabled the syslog message will se...

Страница 208: ...MATION PARAMETER DESCRIPTION ID ID 1 of the system log entry Level level of the system log entry The following level types are supported Debug debug level message Info informational message Notice nor...

Страница 209: ...urations Trap event severity can also be configured here WEB INTERFACE To display the configure Trap Event Severity in the web interface 1 Click Event Notification and Event Configuration 2 Scroll to...

Страница 210: ...oup Name in Push Notification Buttons Apply Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 13 5 SWITCH2GO 13 5 1 SWITCH2GO SETTING Configure S...

Страница 211: ...he Switch2go server for the connection back to this switch from a mobile device Possible modes are Enabled Enable Switch2go mode Disabled Disable Switch2go mode Server Address Indicates the IPv4 host...

Страница 212: ...ent Severity Configuration The name and role of each port also can be defined here WEB INTERFACE To configure the iPush Option in the web interface 1 Click Event Notification Switch2go and iPush Optio...

Страница 213: ...KBOX COM NEED HELP LEAVE THE TECH TO US LIVE 24 7 TECHNICAL SUPPORT 1 877 877 2269 CHAPTER 13 EVENT NOTIFICATION Apply Click to save changes Reset Click to undo any changes made locally and revert to...

Страница 214: ...nectivity issues WEB INTERFACE To configure a PING in the web interface 1 Click Diagnostics and Ping 2 Specify IP Address Ping Length Ping Count Ping Interval and Egress Interface 3 Click Start FIGURE...

Страница 215: ...iven PING6 finds the best matched interface for destination Do not specify egress interface for loopback address Do specify egress interface for link local or multicast address Buttons Start Click the...

Страница 216: ...kets per hop Values range from 1 to 10 The default is 3 Buttons Start Click the Start button to start to traceroute the target IP Address New Ping Back to Traceroute page 14 3 CABLE DIAGNOSTICS This s...

Страница 217: ...IRRORING You can mirror traffic from any source port to a target port for real time analysis You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the so...

Страница 218: ...ther frames transmitted nor frames received are mirrored Enabled Frames received and frames transmitted are mirrored on the mirror port Buttons Apply Click to save changes Reset Click to undo any chan...

Страница 219: ...eceiver If sFlow is configured through SNMP all controls except for the Release button are disabled to avoid inadvertent reconfiguration The Release button allows for releasing the current owner and d...

Страница 220: ...of bytes that should be copied from a sampled packet to the sFlow datagram Valid range is 14 to 200 bytes with a default of 128 bytes If the maximum datagram size does not take into account the maximu...

Страница 221: ...sfully sent to the sFlow receiver Tx Errors The number of UDP datagrams that have failed transmission The most common source of errors is invalid sFlow receiver IP hostname configuration To diagnose p...

Страница 222: ...RT 1 877 877 2269 CHAPTER 14 DIAGNOSTICS Buttons Auto refresh Check this box to refresh the page automatically Automatic refresh occurs every 3 seconds Refresh Click to refresh the page immediately Cl...

Страница 223: ...This file is volatile startup config The startup configuration for the switch read at boot time default config A read only file with vendor specific configuration This file is read when the system is...

Страница 224: ...A virtual file that represents the currently active configuration on the switch This file is volatile startup config The startup configuration for the switch read at boot time default config A read on...

Страница 225: ...nto running config startup config The startup configuration for the switch read at boot time Create new file To create new files Buttons Browse Click the button to search the configuration text file a...

Страница 226: ...elected file will be activated to be the switch s running configuration 15 1 5 DELETE You can delete any of the writable files stored in flash including startup config If this is done and the switch i...

Страница 227: ...ble afterwards WEB INTERFACE To Restart Device in the web interface 1 Click Maintenance and Restart Device 2 Click Yes FIGURE 15 6 RESTART DEVICE PARAMETER DESCRIPTION Restart Device You can restart t...

Страница 228: ...irmware and Firmware Upgrade 2 Click Upload FIGURE 15 8 FIRMWARE UPGRADE PARAMETER DESCRIPTION Browse Click the Browse button to search the Firmware URL and filename 15 4 2 FIRMWARE SELECTION This pag...

Страница 229: ...n Image The file name of the firmware image from when the image was last updated Version The version of the firmware image Date The date where the firmware was produced Buttons Activate Alternate Imag...

Страница 230: ...consequential or cost of cover damages resulting from any errors in the product information or specifications set forth in this document and Black Box Corporation may revise this document at any time...

Страница 231: ..._______ _ _________________________________________________________________________________________________ ____________________________________________________________________________________________...

Страница 232: ...NEED HELP LEAVE THE TECH TO US LIVE 24 7 TECHNICAL SUPPORT 1 877 877 2269 COPYRIGHT 2018 BLACK BOX CORPORATION ALL RIGHTS RESERVED LGB1152A_GUI_USER_REV1 PDF...

Отзывы:

Нет отзывов

Похожие инструкции для LGB1152A

Бренд: D-Link Страницы: 16

Бренд: D-Link Страницы: 2

Бренд: KELCO Страницы: 22

Бренд: Zektor Страницы: 17

Бренд: Kramer Страницы: 2

Бренд: Aube Technologies Страницы: 118

Бренд: HMS Networks Страницы: 16

Бренд: PureLink Страницы: 10

Бренд: DAB Страницы: 56

Бренд: N-Tron Страницы: 132

Бренд: Imtex-Controls Страницы: 2

Guard Master 440N-Z2NRS1A

Бренд: Allen-Bradley Страницы: 4

Бренд: Manhattan Страницы: 2

SmartSwitch SBU128

Бренд: Cabletron Systems Страницы: 76

Hi-Speed USB 4-Port Bay Hub

Бренд: SIIG Страницы: 8

Бренд: H3C Страницы: 70

Бренд: Planet Страницы: 2

CheetaHub Power-3004E

Бренд: Accton Technology Страницы: 11

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды