manualshive.com logo in svg

Comelit IPSWC162A, Руководство пользователя

Поделиться
Скачать
Comelit IPSWC162A Скачать руководство пользователя страница 28

 

28 

device or server to provide normal service to legitimate users, as the following picture: 

 

Instructions

 

Open the anti DOS attack function, intercept Land attack packets, illegal TCP packets, to 

ensure that the device or server provide normal service to legitimate users. 

 

Configuration Example

 

Such as: Open the anti DOS attack function 

 

 

4.4.1.3 IP source guard 

In the navigation bar select 

“Fault/Safety>Anti Attack>IP Source Guard”

, through the 

source port security enabled, on port forwarding the packet filter control, prevent illegal 

message through the port, thereby limiting the illegal use of network resources, improve 

the safety of the port, as the following picture: 

 

Instructions

 

Add the port that is currently being used as an IP source protection enable port, the port 

will not be able to use. 

 

 

Содержание IPSWC162A

Страница 1: ...1 SWITCH 16 GIGABIT PORTS 2 SFP PORTS ART IPSWC162A Please read this manual thoroughly before use and keep it for future reference ...

Страница 2: ...witch to End Node 9 3 2 How to Login the Switch 9 Chapter 4 Switch Configuration 11 4 1 Quickly setting 11 4 2 Port management 13 4 2 1 Basic config 14 4 2 2 Port aggregation 15 4 2 3 Port mirroring 17 4 2 4 Port rate limit 18 4 2 5 Port isolation 19 4 3 VLAN 20 4 3 1 VLAN config 21 4 3 2 Trunk port setting 22 4 3 3 Hybrid port setting 23 4 4 Fault Safety 25 4 4 1 Anti attack 25 4 4 1 1 Anti DHCP ...

Страница 3: ... 1 2 Community config 54 4 9 1 3 View config 55 4 9 1 4 Group config 56 4 9 1 5 User config 57 4 9 1 6 Trap 58 4 9 2 Rmon config 59 4 9 2 1 Statistics group 59 4 9 2 2 History group 61 4 9 2 3 Event group 62 4 9 2 4 Alarm group 63 4 10 System 64 4 10 1 System 65 4 10 1 1 System config 65 4 10 1 2 System restart 67 4 10 1 3 Password change 68 4 10 1 4 System log 69 4 10 2 System upgrade 70 4 10 3 C...

Страница 4: ... filter configuration backup recovery log out and so on This Switch has the easy to use and high performance qualities 1 2 Features Comply with IEEE 802 3 IEEE 802 3u IEEE 802 3ab IEEE 802 3x IEEE 802 3z IEEE 802 3ad standards Supports IEEE 802 3x flow control for Full duplex mode and backpressure for Half duplex mode Supports MAC address auto learning and auto aging Operates in store and forward ...

Страница 5: ...eep the device powered ON and press down the button for about 5 seconds The system restores the factory default settings LED indicators Figure 2 LED Indicators The LED Indicators will allow you to monitor diagnose and troubleshoot any potential problem with the Switch connection or attached devices The following chart shows the LED indicators of the Switch along with explanation of each indicator ...

Страница 6: ...ch already comes with Lightning Protection Mechanism You can also ground the switch through the PE Protecting Earth cable of AC cord or with Ground Cable 1 4 Package Contents Before installing the switch make sure that the following the packing list listed OK If any part is lost and damaged please contact your local agent immediately In addition make sure that you have the tools to install switche...

Страница 7: ...rom lightning do not open the Switch s shell even in power failure Make sure that there is proper heat dissipation from and adequate ventilation around the Switch Make sure the cabinet to enough back up the weight of the Switch and its accessories 2 1 1 Desktop Installation Sometimes users are not equipped with the 19 inch standard cabinet So when installing the Switch on a desktop please attach t...

Страница 8: ... to connect AC Electrical Outlet It is recommended to use single phase three wire receptacle with neutral outlet or multifunctional computer professional receptacle Please make sure to connect the metal ground connector to the grounding source on the outlet AC Power Cord Connection Connect the AC power connector in the back panel of the Switch to external receptacle with the included power cord an...

Страница 9: ...The LINK ACT Speed LEDs for each port lights on when the link is available 3 2 How to Login the Switch As the Switch provides Web based management login you can configure your computer s IP address manually to log on to the Switch The default settings of the Switch are shown below Parameter Default Value Default IP address 192 168 2 1 Default Username admin Default Password admin You can log on to...

Страница 10: ... factory default Username is admin and Password is admin and then click login to log in to the Switch configuration window as below Need to click on the upper right corner of the Language switch to change language between English and Chinese ...

Страница 11: ...itch system such as memory software version The middle shows the switch s current link status Green squares indicate the port link is up while black squares indicate the port link is down Below the switch panel you can find a common toolbar to provide useful functions for users The rest of the screen area displays the configuration settings 4 1 Quickly setting In the navigation bar select Quickly ...

Страница 12: ...age on the interface is considered belongs to the VLAN Obviously the interface of the default VLAN ID PVID in the IEEE 802 1Q VLAN ID is the Native VLAN At the same time send belong to Native VLAN frame on the Trunk must adopt UNTAG way Allowed VLAN List A Trunk can transport all the VLAN traffic 1 4094 supported by the equipment by default But also can be setting the permission VLAN Trunk at the ...

Страница 13: ...device name set as switch 123 default gateway with the DNS server set as 172 16 1 241 3 Use 192 168 2 11 to log in set a new password 4 2 Port management In the navigation bar to select Port Management you may conduct Basic Config Port Aggregation Port Mirroring Port Limit and Port Isolation ...

Страница 14: ... mode flow control cross line order mega frame configuration as the following picture Parameter Description Parameter Description port Select the current configuration port number port status Choose whether to close link port flow control Whether open flow control port speed Can choose the following kinds Aggregation 10 M 100 M 1000 M ...

Страница 15: ...close negotiated Close negotiated is to set port speed rate and working mode to other value Setting the port rate more than actual rate of port will lead the port disconnect Configuration Example Such as The port is set to 10 M half duplex open flow control cross line sequence and port state 4 2 2 Port aggregation In the navigation bar select PORT Port Aggregation in order to expand the port bandw...

Страница 16: ...our own port and with members of other groups Instructions Open the port of the ARP check function the port of the important device ARP the port of the VLAN MAC function and the monitor port in the port image cannot be added Configuration Example Such as set the port 9 10 for aggregation port 1 lets this aggregation port 1 connected to other switch aggregation port 1 to build switch links ...

Страница 17: ...as the following picture Parameter Description Parameter Description Source port To monitor the flow port in and out Destination port Set destination port All packets on the source port are copied and forwarded to the destination port Mirror group Range 1 4 Instructions The port of the aggregate port can t be used as a destination port and the source port destination port and source port can t be ...

Страница 18: ... the navigation bar select Port Port Limit to configure output input speed limit as the following picture Parameter Description Parameter Description Input speed limit Set port input speed Output speed limit Set port output speed ...

Страница 19: ...it s bandwidth is 125KB s Configuration Example Such as the port 9 input rate is set to 6400 KB s the output rate is set to 3200 KB s 4 2 5 Port isolation In the navigation bar select PORT Port Isolation one port can be isolated to one or multiple destination ports As the following picture ...

Страница 20: ...le of being a destination port and source port destination port and source port cannot be the same Configuration Example Such as the source port 2 isolated port 3 4 5 and 6 After the success of the configuration given out by the port 2 package can t in 3 4 5 6 port forwarding but 3 4 5 6 ports issued a message can be forwarded on port 2 if you need not forwarding should be carried out respectively...

Страница 21: ...arameter Description VLAN ID VLAN number 16GE default VLAN 1 VLAN name VLAN mark VLAN IP address Manage switch IP address Instructions Management VLAN the default VLAN cannot be deleted Add ports to access port port access mode can only be a member of the VLAN Configuration Example Such as connect switches pc1 pc2 couldn t ping each other will be one of the PC connection port belongs to a VLAN 2 ...

Страница 22: ...led Native VLAN is refers to UNTAG send or receive a message on the interface is considered belongs to the VLAN Obviously the interface of the default VLAN ID PVID in the IEEE 802 1Q VLAN ID is the Native VLAN At the same time send belong to Native VLAN frame on the Trunk must adopt UNTAG way Allowed VLAN List A Trunk can transport all the VLAN traffic 1 4094 supported by the equipment by default ...

Страница 23: ... let the PC2 PING PC1 cannot PING PC3 4 3 3 Hybrid port setting In the navigation bar select Vlan Config Hybrid port setting can set the port to take the tag and without the tag as the following picture Instructions Hybrid port to packet Receives a packet judge whether there is a VLAN information if there is no play in port PVID exchanged and forwarding if have whether the Hybrid port allows the V...

Страница 24: ...g is sent directly Configuration Example Such as create VLANs 10 20 VLAN sets the Native VLAN port 1 to 10 to tag VLAN for 10 20 sets the Native VLAN port 2 to 20 to tag VLAN for 10 20 This system e0 1 and the receive system e0 2 PC can be exchanged but when each data taken from a VLAN is different Data from the pc1 by inter0 1 PVID VLAN10 encapsulation VLAN10 labeled into switches switch found sy...

Страница 25: ...Safety In the navigation bar select Fault Safety you can set Anti Attack Channel Detection and ACL Access Control configuration 4 4 1 Anti attack 4 4 1 1 Anti DHCP attack In the navigation bar select Fault Safety Anti Attack Anti DHCP Attack open the DHCP anti attack function intercepting counterfeit DHCP server and address attack packets ban kangaroo DHCP server as the following picture Instructi...

Страница 26: ...26 2 Setting DHCP snooping VLAN Set the connection router 10 ports for trust then 12 port is set to the prohibit 3 Verify source mac F0 DE F1 12 98 D2 set server IP address to 192 168 2 1 ...

Страница 27: ...information 5 The port 7 for binding 4 4 1 2 Anti DOS In the navigation bar select Fault Safety Anti Attack Anti DOS open the Anti DOS attack function intercept Land attack packets illegal TCP packets to ensure that the ...

Страница 28: ... as Open the anti DOS attack function 4 4 1 3 IP source guard In the navigation bar select Fault Safety Anti Attack IP Source Guard through the source port security enabled on port forwarding the packet filter control prevent illegal message through the port thereby limiting the illegal use of network resources improve the safety of the port as the following picture Instructions Add the port that ...

Страница 29: ... first then to binding 4 4 1 4 Anti three bind In the navigation bar select Fault Safety Anti Attack Anti Three Bind automatically detect the port based IP address MAC address of the mapping relationship and then realize the function of a key binding as the following picture ...

Страница 30: ...before the binding to enable the switch to open and if you want to access shall be binding and switch the IP address of the same network segment Configuration Example Such as the binding to make first can open must be a key bindings port 7 ...

Страница 31: ...ternet connection and host whether to arrive As the following picture Parameter Description Parameter Description destination IP address Fill in the IP address of the need to detect Timeout period Range of 1 to 10 Repeat number Testing number Instructions Use ping function to test internet connect and whether host can be arrived Configuration Example Such as PING the IP address of the connecting P...

Страница 32: ...he destination through the gateway as the following picture Parameter Description Parameter Description destination IP address Fill in the IP address of the need to detect Timeout period Range of 1 to 10 Instruction The function is used to detect more is up to and reach the destination path If a destination unreachable diagnose problems ...

Страница 33: ...ch as Tracert the IP address of the connecting PC 4 4 2 3 Cable testing In the navigation bar select Fault Safety Channel Detection Cable testing can detect connection device status as the following picture Configuration Example ...

Страница 34: ...inciples 1 According to the order as long as there is a meet will not continue to find 2 Implied refused if don t match so must match the final implied refused entry 3 Any only under the condition of the minimum permissions to the user can satisfy their demand 4 Don t forget to apply the ACL to the port Configuration Example Such as test time is every Monday to Friday 9 to 18 points set port 1 8 c...

Страница 35: ...35 4 5 MSTP In the navigation bar select MSTP you can set to the Mstp Region and Mstp Bridge configuration ...

Страница 36: ...gure the region name Revision level Parameter configuration revision level Instance ID Select configuration instance ID VLAN ID Mapping of the VLAN configuration instance Instruction An instance can only be mapped to a VLAN instance and VLAN is a one to one relationship Configuration Example Such as change the region to DEADBEEF0102 region name is 123 instance 4 is mapped to a VLAN 2 in the first ...

Страница 37: ...nstance priority setting Instance ID Select the created instance id is configured enable Whether to open the STP bridge function Bridge priority Priority setting bridge example the default instance bridge priority for 32768 mode The model is divided into the STP RSTP MSTP Hello time Switches sends bpdu in packet interval Max age Ports are not yet received a message in the time will initiate topolo...

Страница 38: ...d function Bpdu filter Enable or disable Bpdu filter function compatible Enable or disable compatible function Root guard Enable or disable Root guard function TC guard Enable or disable TC guard function TC filter Enable or disable TC filter function Instruction 1 hello_time 1 2 max age f_delay 1 2 enable the switch to set instance priority 2 Enable STP would spend 2 times of the forward delay ti...

Страница 39: ...d port configuration select the created instance set priority port configuration is not online on line configuration will only take effect can click on the view the current configuration button to view the configured completed ...

Страница 40: ...n bar select DHCP RELAY you can set to the Dhcp Relay and option82 4 6 1 DHCP relay In the navigation bar select Dhcp Relay open the DHCP relay function set up and view the relay server IP address and its status As the following picture ...

Страница 41: ...HCP message to be delivered in the form of unicast to configure on the server The DHCP server to IP and switches in the same network segment will only take effect Configuration Example Such as setting DHCP server IP for 192 168 2 22 4 6 2 Option82 In the navigation bar select DHCP RELAY option82 can set to OPTION82 circuit control proxy remote IP address As the following picture ...

Страница 42: ...string length is 3 63 Proxy remote Configuration ASCII remote id string value the length of the range of 1 63 IP address Decimal IP address Instruction Switches relay information to the DHCP server will take option82 VLAN ID must be configured to DHCP message taken VLAN can bring option82 information Configuration Example Such as add circuit control proxy remote IP address information ...

Страница 43: ...g the Queue 4 7 1 QoS multi label In the navigation bar select QoS QoS Multi Label according to different rules tag or queue map packets for port traffic data As the following picture Parameter Description Parameter Description Rule index By setting the rule of heavy tag index number the current switch ...

Страница 44: ... destination Mac address is in accordance with the rules value Set the matching value Choose port to config The application of heavy tag on which interface apply Click on the application of heavy marking rules to take effect Instruction According to the different matching rules to map different packages to different cos and then according to the mapping relationship cos and queue to map different ...

Страница 45: ...ose four kinds of modes RR round robin scheduling SP absolute priority scheduling WRR weighted round robin scheduling WFQ weighted fair scheduling WRR weights Set the weights of each queue they will be in proportion to occupy the bandwidth to send data Instruction Queue 7 cannot be 0 Configuration Example Such as set the scheduling strategy for WRR weight value respectively 10 11 12 13 14 15 16 17...

Страница 46: ...rvice category can be mapped to the corresponding queue As the following picture Parameter Description Parameter Description Server ID COS the VLAN priority fields 0 to 7 Queue ID Set each cosine value mapping queue number 0 to 7 Configuration Example Such as mapping cos 3 to the queue 7 set the queue weight 7 to 10 ...

Страница 47: ...e categories As the following picture Parameter Description Parameter Description Server list DSCP field has seven 0 63 is divided into four tables Queue ID Map the DSCP to COS fields 0 to 7 based on the cosine is mapped to a queue Instruction Cos priority is greater than the DSCP DSCP priority is greater than the port Configuration Example Such as mapping cos 5 to servers whose DSCP value is 3 12...

Страница 48: ...rvice categories As the following picture Parameter Description Parameter Description Port Select the port number 0 18 Service ID Mapped to the service ID and then according to the service ID into the queue Instruction Cos priority is greater than the DSCP DSCP priority is greater than the port Configuration Example Such as port 4 5 6 respectively cos4 cos5 cos6 ...

Страница 49: ...49 4 8 Address table In the navigation bar select Addr Table you can set to MAC add and delete MAC study and aging and MAC address filtering ...

Страница 50: ...ter Description Clear Mac Can choose to clear the multicast Mac address clear dynamic unicast Mac address clear static unicast Mac address clear the specified Mac address Mac address table VLAN Fill in the need to add or delete VLAN id not create VLANs to create can only take effect Instruction According to different conditions to view add learn the Mac address Configuration Example Such as 1 The ...

Страница 51: ...ear port 6 static Mac addresses 4 8 2 Mac study and aging In the navigation bar select Addr Table Mac study and Aging can set up port Mac address study limit and Mac address aging time As the following picture ...

Страница 52: ...y limit to 2000 for port 5 6 7 8 address 2 Disconnect the port or keep static for 2 minutes the learned Mac address of the port will disappear automatically from the Mac address table 4 8 3 Mac address filtering In the navigation bar select Addr Table Mac address filtering the needless MAC address can be filtered according to the condition As the following picture ...

Страница 53: ...ation Example Such as Add the Mac address 00 20 15 09 12 12 to the filter table 4 9 Snmp config In the navigation bar select SNMP you can set to the Snmp Config and Rmon Config 4 9 1 Snmp config 4 9 1 1 Snmp config In the navigation bar select SNMP Snmp config you can enable Snmp function As the following picture ...

Страница 54: ...nfig Community Config can specify the access authority for groups As the following picture Parameter Description Parameter Description group Community strings seem as the password using for communication between the NMS and Snmp agent Access authority Read only specify the NMS Snmp host of MIB variables can only be read cannot be modified Read and write specify the NMS Snmp host of MIB variables c...

Страница 55: ...following picture Parameter Description Parameter Description View name View mane include Indicate the MIB object number contained within the view exclude Indicate the MIB object son number was left out of view MIB subtree OID View the associated MIB object is a number of MIB Subtree mask MIB OID mask Instruction It s the best to configure a view rule for each view otherwise it will affect the SNM...

Страница 56: ...ithout encryption message from users in this group need to verify but the data aren t encrypted Neither need authentication nor encryption message from users in this group don t need to verify and the data aren t encrypted also Both need authentication and encryption message from users in this group need to be verified and data in the message should be encrypted Read view read and write view study...

Страница 57: ...ng Snmp user As the following picture Parameter Description Parameter Description User name User name range 1 16 Security level Need authentication without encryption message from users in this group need to verify but the data aren t encrypted Neither need authentication nor encryption message from users in this group don t need to verify and the data aren t encrypted also Both need authenticatio...

Страница 58: ...figuration is 8 and you must create views and groups first the user s security level must be consistent with its mother group Add authentication and encryption mode for a user and configure belong groups for this user then the user will be used Snmpv3 protocol to connect Configuration Example Such as create new view 123 and create new group group1 then create new users user1 4 9 1 6 Trap In the na...

Страница 59: ... configure a number of different Snmp Trap host used to receive trap messages Trigger the trap message time port Linkup LinkDown equipment of cold start restart when power supply drop warm start a warm restart and Rmon set port statistical fluctuation threshold Configuration Example Such as setting host 192 168 2 30 to receive trap information 4 9 2 Rmon config 4 9 2 1 Statistics group In the navi...

Страница 60: ...s 1 65535 Interface mane To monitor the source port owner Set the table creator range 1 30 characters of a string Instruction At the time of configuration Rmon Snmp functions must be opened first otherwise the prompt dialog box will appear Configuration Example Such as set up monitoring Ethernet port 4 and check the data ...

Страница 61: ...terface Maximum number of samples Set the capacity for the history table corresponding to control table item namely the Max for number of records the history table value range is 1 65535 Sample period Set up the statistical period scope for 5 3600 the unit is in seconds owner Set the table creator range 1 30 characters of a string Instruction At the time of configuration Rmon Snmp functions must b...

Страница 62: ...t table is 1 65535 description The Trap events when the event is triggered the system will send the Trap message Log events when the event is triggered the system will log owner Set the table creator ownername for 1 30 characters of a string Instruction At the time of configuration Rmon Snmp functions must be opened first otherwise the prompt dialog box will appear Configuration Example Such as cr...

Страница 63: ...s 18 Pkts512to1023Octets 19 Pkts1024to1518Octets statistical index Set up the corresponding statistics statistical index number decided to statistics to monitor the port number Sampling interval Sampling time interval the scope for 5 65535 the unit for seconds The sampling type Sample types for the absolute value of sampling the sampling time arrived directly extracting the value of a variable The...

Страница 64: ...st otherwise the prompt dialog box will appear This configuration needs to configure statistics groups and events first Configuration Example Such as new statistics group of 77 and the event group 345 start up alarm when value is more than 12 or below than lower limit 3 4 10 System In the navigation bar select SYSTEM you can set to the System Config System Update Config Management Config Save Admi...

Страница 65: ...arameter Description Parameter Description Device name switch name Manage VLAN Switches use VLAN management Manage ip Switch IP address management timeout Don t use more than login timeout after login to log in again Configuration Example Such as 1 Set up the VLAN 2 is management VLAN should first created VLAN 2 in the VLAN Settings object and set a free port in the VLAN 2 ...

Страница 66: ...66 2 Insert the PC interface 9 or 10 ports set up the management IP for 192 168 2 12 device name is yoyo timeout for 20 minutes 3 Use 192 168 2 12 logging in sets the system time ...

Страница 67: ... restart equipment can be restarted As the following picture Instruction Click the button to restart the switch The restart process may take 1 minute Please wait patiently The page will be refreshed automatically after device restart Configuration Example Such as click restart button ...

Страница 68: ... Instruction 1 If you set a new Web login password then log in again after setting the new password 2 Password can t contain Chinese full width characters question marks and spaces 3 If forget the password can be reset in the console switch config password admin New Password 3456 Confirm Password 3456 Configuration Example Such as change the password to 1234 ...

Страница 69: ... log server As the following picture Parameter Description Parameter Description Log switch Open and close Server ip Appoint to server address Send log level 0 7 key Enter characters for the required query Instruction Open log switch set up the syslog server system log will be pushed to the server automatically ...

Страница 70: ...ation to the server 192 168 2 1 2 Input the keywords Mac click query button Click on the clear log button can clear the log 4 10 2 System upgrade In the navigation bar select SYSTEM System Upgrade optional upgrade file to upgrade the system As the following picture ...

Страница 71: ... to respond to the page while arrange flash at this time cannot power off or restart the device until prompted to upgrade successfully 4 10 3 Config management 4 10 3 1 Current configuration In the navigation bar select SYSTEM Config Management Current configuration can import and export configuration files and backup the configure file As the following picture ...

Страница 72: ...n of configuration to enable the new configuration please restart device in this page otherwise configuration does not take effect Configuration Example Such as 1 Save the page in the configuration first click save configuration to save the current configuration then export the configuration 2 Import configuration ...

Страница 73: ...tion bar select SYSTEM Config Management Configuration backup you can configure backup file As the following picture Instruction Operating this page should backup file via the current configuration page first Configuration Example Such as rename backup file ...

Страница 74: ...configuration and restore factory configuration As the following picture Instruction Restore the factory configuration will delete all current configuration If you have any useful configuration export the current system before restore factory configuration Configuration Example Such as export the current system before restore factory configuration ...

Страница 75: ...n Save settings will delete all default configurations If there are useful configurations click backup Configurations before save the settings Configuration Example Such as click save settings button 4 10 5 Administrator privileges In the navigation bar select SYSTEM Administrator Privileges configure ordinary users As the following picture ...

Страница 76: ...management system of equipment for routine maintenance Except the admin and user there can add five accounts total Ordinary users can only access information on system home page Configuration Example Such as 4 10 6 Info collect In the navigation bar select SYSTEM Info Collect you can collect to the system debug information As the following picture ...

Страница 77: ...77 Instruction It may take a few minutes to collect useful information Configuration Example Such as click on collect button ...

Страница 78: ...10 100 1000Mbps Auto Negotiation ports 2 x SFP ports 1 x Console port Transfer Method Store and Forward Switching Capacity 52Gb s MAC Address Learning Automatically learning automatically update 8K table Frame Filtering and Forward Rate 10Mbps 14880pps 100Mbps 148800pps 1000Mbps 1488000pps Dimensions L W H 440 x 208 x 44 mm Environment Operating Temperature 0 40 Storage Temperature 10 70 Operating...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды