manualshive.com logo in svg

Comnet CNGE11FX3TX8MS, Инструкция по установке и эксплуатации

"Comnet CNGE11FX3TX8MS - устройство сетевого коммутатора с возможностью передачи по протоколу Ethernet и разработанный для промышленных условий. Установочное и Руководство по эксплуатации доступно для загрузки бесплатно на нашем сайте. Получите подробные инструкции по установке и использованию прямо сейчас!" Загрузите его с сайта manualshive.com.

Поделиться
Скачать
background image

INS_CNGE11FX3TX8MS[POE][HO]     Rev. 11.6.17     PAGE 62

INSTRUCTION MANUAL 

CNGE11FX3TX8MS[POE][HO]

TECH SUPPORT: 1.888.678.9427

Object

Description

Admin State

If NAS is globally enabled, this selection controls the port’s authentication mode. The following modes are available: 
Force Authorized 
In this mode, the switch will send one EAPOL Success frame when the port link comes up, and any client on the port will be 
allowed network access without authentication. 
Force Unauthorized 
In this mode, the switch will send one EAPOL Failure frame when the port link comes up, and any client on the port will be 
disallowed network access. 
Port-based 802.1X 
In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication 
server. The authenticator acts as the man-in-the-middle, forwarding requests and responses between the supplicant and the 
authentication server. Frames sent between the supplicant and the switch are special 802.1X frames, known as EAPOL (EAP 
Over LANs) frames. EAPOL frames encapsulate EAP PDUs (RFC3748). Frames sent between the switch and the RADIUS server 
are RADIUS packets. RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch’s IP address, 
name, and the supplicant’s port number on the switch. EAP is very flexible, in that it allows for different authentication methods, 
like MD5-Challenge, PEAP, and TLS. The important thing is that the authenticator (the switch) doesn’t need to know which 
authentication method the supplicant and the authentication server are using, or how many information exchange frames are 
needed for a particular method. The switch simply encapsulates the EAP part of the frame into the relevant type (EAPOL or 
RADIUS) and forwards it. 
When authentication is complete, the RADIUS server sends a special packet containing a success or failure indication. Besides 
forwarding this decision to the supplicant, the switch uses it to open up or block traffic on the switch port connected to the 
supplicant. 
Note: Suppose two backend servers are enabled and that the server timeout is configured to X seconds (using the AAA 
configuration page), and suppose that the first server in the list is currently down (but not considered dead). Now, if the supplicant 
retransmits EAPOL Start frames at a rate faster than X seconds, then it will never get authenticated, because the switch will cancel 
on-going backend authentication server requests whenever it receives a new EAPOL Start frame from the supplicant. And since 
the server hasn’t yet failed (because the X seconds haven’t expired), the same server will be contacted upon the next backend 
authentication server request from the switch. This scenario will loop forever. Therefore, the server timeout should be smaller than 
the supplicant’s EAPOL Start frame retransmission rate. 
Single 802.1X 
In port-based 802.1X authentication, once a supplicant is successfully authenticated on a port, the whole port is opened for 
network traffic. This allows other clients connected to the port (for instance through a hub) to piggy-back on the successfully 
authenticated client and get network access even though they really aren’t authenticated. To overcome this security breach, use 
the Single 802.1X variant. 
Single 802.1X is really not an IEEE standard, but features many of the same characteristics as does port-based 802.1X. In Single 
802.1X, at most one supplicant can get authenticated on the port at a time. Normal EAPOL frames are used in the communication 
between the supplicant and the switch. If more than one supplicant is connected to a port, the one that comes first when the 
port’s link comes up will be the first one considered. If that supplicant doesn’t provide valid credentials within a certain amount 
of time, another supplicant will get a chance. Once a supplicant is successfully authenticated, only that supplicant will be allowed 
access. This is the most secure of all the supported modes. In this mode, the Port Security module is used to secure a supplicant’s 
MAC address once successfully authenticated. 
Multi 802.1X 
Multi 802.1X is - like Single 802.1X - not an IEEE standard, but a variant that features many of the same characteristics. In Multi 
802.1X, one or more supplicants can get authenticated on the same port at the same time. Each supplicant is authenticated 
individually and secured in the MAC table using the Port Security module. 
In Multi 802.1X it is not possible to use the multicast BPDU MAC address as destination MAC address for EAPOL frames sent from 
the switch towards the supplicant, since that would cause all supplicants attached to the port to reply to requests sent from the 
switch. Instead, the switch uses the supplicant’s MAC address, which is obtained from the first EAPOL Start or EAPOL Response 
Identity frame sent by the supplicant. An exception to this is when no supplicants are attached. In this case, the switch sends 
EAPOL Request Identity frames using the BPDU multicast MAC address as destination - to wake up any supplicants that might be 
on the port. 
The maximum number of supplicants that can be attached to a port can be limited using the Port Security Limit Control 
functionality. 
MAC-based Auth. 
Unlike port-based 802.1X, MAC-based authentication is not a standard, but merely a best-practices method adopted by the 
industry. In MAC-based authentication, users are called clients, and the switch acts as the supplicant on behalf of clients. The 
initial frame (any kind of frame) sent by a client is snooped by the switch, which in turn uses the client’s MAC address as both 
username and password in the subsequent EAP exchange with the RADIUS server. The 6-byte MAC address is converted to a 
string on the following form “xx-xx-xx-xx-xx-xx”, that is, a dash (-) is used as separator between the lower-cased hexadecimal digits. 
The switch only supports the MD5-Challenge authentication method, so the RADIUS server must be configured accordingly. 
When authentication is complete, the RADIUS server sends a success or failure indication, which in turn causes the switch to open 
up or block traffic for that particular client, using the Port Security module. Only then will frames from the client be forwarded on 
the switch. There are no EAPOL frames involved in this authentication, and therefore, MAC-based Authentication has nothing to 
do with the 802.1X standard. 
The advantage of MAC-based authentication over 802.1X-based authentication is that the clients don’t need special supplicant 
software to authenticate. The disadvantage is that MAC addresses can be spoofed by malicious users - equipment whose MAC 
address is a valid RADIUS user can be used by anyone. Also, only the MD5-Challenge method is supported. The maximum 
number of clients that can be attached to a port can be limited using the Port Security Limit Control functionality.

Содержание CNGE11FX3TX8MS

Страница 1: ...MSTP RSTP STP ERPS G 8032 which protect your applications from network interruptions or temporary malfunctions by redirecting transmission within the network The switch provides advanced IP based man...

Страница 2: ...e Switch on DIN Rail 8 Wall Mounting Installation 10 Hardware Overview 11 Power Supply 12 Front Panel LEDs 12 POEHO 60 W PoE Model 12 WEB Management 13 Login 13 Configuration 17 Green Ethernet 24 Ther...

Страница 3: ...141 Protocol based VLAN 142 Voice VLAN 146 Mirroring Remote Mirroring Configuration 167 UPnP 170 GVRP 171 Monitor Menu 173 System 173 CUP Load 174 Input Power Status 175 System IP Status 176 System Lo...

Страница 4: ...oups 248 Quick Start 249 Log In and Reset Configuration to Factory Default 249 Set Device Hostname and Admin User Password 250 Set VLAN 1 IP Address 250 Display and Save Configuration to Flash 252 ICL...

Страница 5: ...d Deletion Users 282 Using Show Commands 283 Listing All Show Commands 284 Show running config 287 Default vs Non default vs All Defaults 287 Show running config all defaults 289 Show running config f...

Страница 6: ...warranty period with shipment expenses apportioned by ComNet and the distributor This warranty does not cover product modifications or repairs done by persons other than ComNet approved personnel and...

Страница 7: ...tion in restricted access location is required for this case For POE models requiring a power supply not labeled LPS the unit should be installed in a restricted access location using a 60950 1 2nd Ed...

Страница 8: ...17 PAGE 8 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Hardware Installation Installing the Switch on DIN Rail Each switch has a Din Rail kit on the rear panel The DIN Rail kit...

Страница 9: ...E11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 It is easy to install the switch on the Din Rail Mount Series on DIN Rail Step 1 Tilt the switch and mount the metal spring to DIN Rail Step 2 Push the s...

Страница 10: ...into wood surface recommended Step 1 Remove DIN Rail kit if it is installed Step 2 Remove the two screws at the top of the unit s back panel Remove only one pair of back panel screws at time these hol...

Страница 11: ...TX8MS POE HO Call out Description 1 1 100 1000Base FX SFP Port 2 2 100 1000 2500Base FX SFP Ports 3 Link Activity LED Indicators for SFP Ports 4 8 10 100 1000Base TX RJ45 Ports 5 PoE LED Indicators Po...

Страница 12: ...unt of air flow required for safe operation of the equipment is not compromised Front Panel LEDs LED Color Status Description Alarm Red On Alarm Fault Status has been triggered Power 1 Alarm Green On...

Страница 13: ...168 10 1 This is the main login page Default user name is admin with maximum length 32 Default password is admin with maximum length 32 Warning Any changes made to the settings will apply only to the...

Страница 14: ...CTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Menu Trees The following tree views show the available menus within the switch web GUI It offers the user quick access to all the configu...

Страница 15: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 15 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Monitor Menu Diagnostics Menu...

Страница 16: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 16 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Maintenance Menu...

Страница 17: ...gned name for this managed node By convention this is the node s fully qualified domain name A domain name is a text string drawn from the alphabet A Za z digits 0 9 minus sign No space characters are...

Страница 18: ...Proxy When DNS proxy is enabled system will relay DNS requests to the currently configured DNS server and reply as a DNS resolver to the client devices on the network IP Interfaces Delete Select this...

Страница 19: ...iguous zeros but it can appear only once It can also represent a legally valid IPv4 address For example 192 1 2 34 The field may be left blank if IPv6 operation on the interface is not desired IPv6 Ma...

Страница 20: ...er Provide the IPv4 or IPv6 address of a NTP server IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80...

Страница 21: ...me Configuration Daylight Saving Time This is used to set the clock forward or backward according to the configurations set below for a defined Daylight Saving Time duration Select Disable to disable...

Страница 22: ...ber of minutes to add during Daylight Saving Time Range 1 to 1440 Non Recurring Configurations Start time settings Month Select the starting month Date Select the starting date Year Select the startin...

Страница 23: ...if the syslog server does not exist Possible modes are Enabled Enable server mode operation Disabled Disable server mode operation Server Address Indicates the IPv4 host address of syslog server If t...

Страница 24: ...intensity Intensity The LEDs intensity 100 Full power 0 LED off Maintenance On time at link change When a network administrator does maintenance of the switch e g adding or moving users he might want...

Страница 25: ...nabled PerfectReach works by determining the cable length and lowering the power for ports with short cables EEE Controls whether EEE is enabled for this switch port For maximizing power savings the c...

Страница 26: ...When the temperature exceeds the configured thermal protection temperature ports will be turned off in order to decrease the power consumption It is possible to arrange the ports with different groups...

Страница 27: ...2 5Gbps FDX Forces the port in 2 5Gbps full duplex mode Advertise Duplex When duplex is set as auto i e auto negotiation the port will only advertise the specified duplex as either Fdx or Hdx to the...

Страница 28: ...f 1535 and below If the EtherType Length field is above 1535 it indicates that the field is used as an EtherType indicating which protocol is encapsulated in the payload of the frame If frame length c...

Страница 29: ...T if the VLAN range contains only 1 VLAN ID then you can just input it into either one of the first and second VLAN ID or both On the other hand if you want to disable existed VLAN range then you can...

Страница 30: ...HCP client IP Range Define the IP range to be excluded IP addresses The first excluded IP must be smaller than or equal to the second excluded IP BUT if the IP range contains only 1 excluded IP then y...

Страница 31: ...l printable characters except white space If you want to configure the detail settings you can click the pool name to go into the configuration page Type Display which type of the pool is Network the...

Страница 32: ...OE HO Rev 11 6 17 PAGE 32 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 DHCP Pool Configuration DHCP Pool Configuration Help DHCP Pool Configuration This page configures all set...

Страница 33: ...n 3 Specify a list of IP addresses for routers on the client s subnet DNS Server DHCP option 6 Specify a list of Domain Name System name servers available to the client NTP Server DHCP option 42 Speci...

Страница 34: ...ify the vendor type and configuration of a DHCP client DHCP server will deliver the corresponding option 43 specific information to the client that sends option 60 vendor class identifier Vendor i Spe...

Страница 35: ...tion When DHCP snooping mode operation is enabled the DHCP requests messages will be forwarded to trusted ports and only allow reply packets from trusted ports Disabled Disable DHCP snooping mode oper...

Страница 36: ...circuit ID format as vlan_id module_id port_no The first four characters represent the VLAN ID the fifth and sixth characters are the module ID in standalone device it always equal 0 in stackable devi...

Страница 37: ...l value is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level User s privilege should be same or greater than...

Страница 38: ...and the MAC Address Limit ACL HTTPS SSH ARP Inspection IP source guard IP Everything except ping Port Everything except VeriPHY Diagnostics ping and VeriPHY Maintenance CLI System Reboot System Restor...

Страница 39: ...r database on the switch for authentication radius Use remote RADIUS server s for authentication tacacs Use remote TACACS server s for authentication Methods that involve remote servers are timed out...

Страница 40: ...OE HO TECH SUPPORT 1 888 678 9427 SSH Configure SSH on this page Object Description Mode Indicates the SSH mode operation Possible modes are Enabled Enable SSH mode operation Disabled Disable SSH mode...

Страница 41: ...upload method can be selected Web Browser or URL Generate To generate certification Certificate Algorithm HTTPS can generate two types of certification Possible types are RSA RSA certification DSA DS...

Страница 42: ...Indicates the VLAN ID for the access management entry Start IP address Indicates the start IP address for the access management entry End IP address Indicates the end IP address for the access managem...

Страница 43: ...ility to configure security name than a SNMPv1 or SNMPv2c community string In addition to community string a particular range of source addresses can be used to restrict source subnet Write Community...

Страница 44: ...ap supported version 3 Destination Address Indicates the SNMP trap destination address It allows a valid IP address in dotted decimal notation x y z w And it also allows a valid hostname A valid hostn...

Страница 45: ...cket The allowed string length is 0 to 255 and the allowed content is ASCII characters from 33 to 126 Trap Destination Address Indicates the SNMP trap destination address It allows a valid IP address...

Страница 46: ...between 10 and 64 but all zeros and all F s are not allowed Trap Security Name Indicates the SNMP trap security name SNMPv3 traps and informs using USM for authentication and privacy A unique security...

Страница 47: ...permit access to SNMPv3 agent The allowed string length is 1 to 32 and the allowed content is ASCII characters from 33 to 126 The community string will be treated as security name and map a SNMPv1 or...

Страница 48: ...thentication and no privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy The value of security level cannot be modified if entry already exists That means it must fir...

Страница 49: ...elong to Possible security models are v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Name A string identifying the security name that this entry should belo...

Страница 50: ...he view type that this entry should belong to Possible view types are included An optional flag to indicate that this view subtree should be included excluded An optional flag to indicate that this vi...

Страница 51: ...served for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Level Indicates the security model that this entry should belong to Possible security models are NoAuth NoPriv No...

Страница 52: ...Configure RMON History table on this page The entry index key is ID Object Description Delete Check to delete the entry It will be deleted during the next save ID Indicates the index of the entry The...

Страница 53: ...castPkts The number of uni cast packets that request to transmit OutNUcastPkts The number of broad cast and multi cast packets that request to transmit OutDiscards The number of outbound packets that...

Страница 54: ...pe Indicates the notification of the event the possible types are none No SNMP log is created no SNMP trap is sent log Create SNMP log entry when the event is triggered snmptrap Send SNMP trap when th...

Страница 55: ...a given port A user is identified by a MAC address and VLAN ID If Limit Control is enabled on a port the limit specifies the maximum number of users on the port If this number is exceeded an action i...

Страница 56: ...ter requested aging period of all modules that use the functionality The Aging Period can be set to a number between 10 and 10 000 000 seconds To understand why aging may be desired consider the follo...

Страница 57: ...he port shut down the port This implies that all secured MAC addresses will be removed from the port and no new address will be learned Even if the link is physically disconnected and reconnected on t...

Страница 58: ...cess to the network These backend RADIUS servers are configured on the Configuration Security AAA page The IEEE802 1X standard defines port based operation but non standard variants overcome security...

Страница 59: ...plugged into a switch port or if a supplicant is no longer attached For MAC based ports reauthentication is only useful if the RADIUS server configuration has changed It does not involve communication...

Страница 60: ...the Configuration Security AAA page the client is put on hold in the Unauthorized state The hold timer does not count during an on going authentication In MAC based Auth mode the switch will ignore ne...

Страница 61: ...oballyenabled Valid values are in the range 1 4095 Max Reauth Count The number of times the switch transmits an EAPOL Request Identity frame without response before considering entering the Guest VLAN...

Страница 62: ...ny of the same characteristics as does port based 802 1X In Single 802 1X at most one supplicant can get authenticated on the port at a time Normal EAPOL frames are used in the communication between t...

Страница 63: ...he RADIUS server when a supplicant is successfully authenticated If present and valid the port s Port VLAN ID will be changed to this VLAN ID the port will be set to be a member of that VLAN ID and th...

Страница 64: ...ss frame when entering the Guest VLAN While in the Guest VLAN the switch monitors the link for EAPOL frames and if one such frame is received the switch immediately takes the port out of the Guest VLA...

Страница 65: ...CL rate limiter and EVC policer can not both be enabled EVC Policer ID Select which EVC policer ID to apply on this port The allowed values are Disabled or the values 1 through 256 Port Redirect Selec...

Страница 66: ...e shutdown feature only works when the packet length is less than 1518 without VLAN tags State Specify the port state of this port The allowed values are Enabled To reopen ports by changing the volati...

Страница 67: ...ACL of the switch Object Description Rate Limiter ID The rate limiter ID for the settings contained in the same row Rate The rate range is located 0 3276700 in pps Or 0 100 200 300 1000000 in kbps Un...

Страница 68: ...s which are not ICMP UDP TCP IPv6 The ACE will match all IPv6 standard frames Action Indicates the forwarding action of the ACE Permit Frames matching the ACE may be forwarded and learned Deny Frames...

Страница 69: ...3 and the policy bitmask is 0x10 bit 0 is don t care bit then policy 2 and 3 are applied to this rule Frame Type Select the frame type for this ACE These frame types are mutually exclusive Any Any fra...

Страница 70: ...ort will be disabled Disabled Port shut down is disabled for the ACE Note The shutdown feature only works when the packet length is less than 1518 without VLAN tags Counter The counter indicates the n...

Страница 71: ...ify the sender IP address in the SIP Address field that appears Network Sender IP filter is set to Network Specify the sender IP address and sender IP mask in the SIP Address and SIP Mask fields that...

Страница 72: ...appear These fields are explained later in this help file TCP Select TCP to filter IPv4 TCP protocol frames Extra fields for defining TCP parameters will appear These fields are explained later in thi...

Страница 73: ...for defining TCP parameters will appear These fields are explained later in this help file Next Header Value When Specific is selected for the IPv6 next header value you can enter a specific value The...

Страница 74: ...r a specific TCP UDP destination value A field for entering a TCP UDP destination value appears Range If you want to filter a specific range TCP UDP destination filter with this ACE you can enter a sp...

Страница 75: ...ter Specify the Ethernet type filter for this ACE Any No EtherType filter is specified EtherType filter status is don t care Specific If you want to filter a specific EtherType filter with this ACE yo...

Страница 76: ...Source Guard is enabled on which ports Only when both Global Mode and Port Mode on a given port are enabled IP Source Guard is enabled on this given port Max Dynamic Clients Specify the maximum number...

Страница 77: ...to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The vlan id for the settings IP Address Allowed Source IP address MAC address Allowed Source...

Страница 78: ...ou have to enable the setting of Check VLAN The default setting of Check VLAN is disabled When the setting of Check VLAN is disabled the log type of ARP Inspection will refer to the port setting And t...

Страница 79: ...he button will use the next entry of the currently displayed VLAN entry as a basis for the next lookup When the end is reached the warning message is shown in the displayed table Use the button to sta...

Страница 80: ...t will be deleted during the next save Port The logical port for the settings VLAN ID The vlan id for the settings MAC Address Allowed Source MAC address in ARP request packets IP Address Allowed Sour...

Страница 81: ...next Dynamic ARP Inspection Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same st...

Страница 82: ...he Deadtime to a value greater than 0 zero will enable this feature but only if more than one server has been configured Key The secret key up to 63 characters long shared between the RADIUS server an...

Страница 83: ...obal timeout value Retransmit This optional setting overrides the global retransmit value Leaving it blank will use the global retransmit value Key This optional setting overrides the global key Leavi...

Страница 84: ...ting the Deadtime to a value greater than 0 zero will enable this feature but only if more than one server has been configured Key The secret key up to 63 characters long shared between the TACACS ser...

Страница 85: ...ss The IP address can be used to calculate the destination port for the frame Check to enable the use of the IP Address or uncheck to disable By default IP Address is enabled TCP UDP Port Number The T...

Страница 86: ...e Specific setting a user defined value can be entered Ports with the same Key value can participate in the same aggregation group while ports with different keys cannot Role The Role shows the LACP a...

Страница 87: ...each port valid values are 1 to 10 seconds Shutdown Time The period in seconds for which a port will be kept disabled in the event of a loop is detected and the port action shuts down the port Valid...

Страница 88: ...address of the switch forms a Bridge Identifier For MSTP operation this is the priority of the CIST Otherwise this is the priority of the STP RSTP bridge Forward Delay The delay used by STP Bridges to...

Страница 89: ...The port will enter the error disabled state and will be removed from the active topology Port Error Recovery Control whether a port in the error disabled state automatically will be enabled after a c...

Страница 90: ...r MSTI s Intra region The name is at most 32 characters Configuration Revision The revision of the MSTI configuration named above This must be an integer between 0 and 65535 MSTI Mapping MSTI The brid...

Страница 91: ...ations and possibly change them as well Object Description MSTI The bridge instance The CIST is the default instance which is always active Priorities Controls the bridge priority Lower numeric values...

Страница 92: ...nal flag describing whether the port is connecting directly to edge devices No Bridges attached Transition to the forwarding state is faster for edge ports having operEdge true than for other ports Th...

Страница 93: ...idge setting the port Edge status does not effect this setting A port entering error disabled state due to this setting is subject to the bridge Port Error Recovery setting as well Point to Point Cont...

Страница 94: ...ing the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost ports are ch...

Страница 95: ...which is composed of at maximum 16 alphabetic and numeric characters At least one alphabet must be present Profile Description Additional description which is composed of at maximum 64 alphabetic and...

Страница 96: ...s the group address matches the address range of the rule Permit Group address matches the range specified in the rule will be learned Deny Group address matches the range specified in the rule will b...

Страница 97: ...que name which is composed of at maximum 16 alphabetic and numeric characters At least one alphabet must be present Start Address The starting IPv4 IPv6 Multicast Group Address that will be used as an...

Страница 98: ...VLANs with corresponding channel profile for each Multicast VLAN The channel profile is defined by the IPMC Profile which provides the filtering conditions Object Description MVR Mode Enable Disable t...

Страница 99: ...Profile When the MVR VLAN is created select the IPMC Profile as the channel filtering condition for the specific MVR VLAN Summary about the Interface Channel Profiling of the MVR VLAN will be shown b...

Страница 100: ...nd routers run the SSM service model for the groups in the address range Leave Proxy Enabled Enable IGMP Leave Proxy This feature can be used to avoid forwarding unnecessary leave messages to the rout...

Страница 101: ...ent address is not set system uses the first available IPv4 management address Otherwise system uses a pre defined value By default this value will be 192 0 2 1 Compatibility Compatibility is maintain...

Страница 102: ...port Interval is the time between repetitions of a host s initial report of membership in a group The allowed range is 0 to 31744 seconds default unsolicited report interval is 1 second Add New IGMP V...

Страница 103: ...ering Profile Select the IPMC Profile as the filtering condition for the specific port Summary about the designated profile will be shown by clicking the view button Profile Management Button You can...

Страница 104: ...outers run the SSM service model for the groups in the address range Leave Proxy Enable Enable MLD Leave Proxy This feature can be used to avoid forwarding unnecessary leave messages to the router sid...

Страница 105: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 105 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427...

Страница 106: ...It indicates the MLD control frame priority level generated by the system These values can be used to prioritize different classes of traffic The allowed range is 0 best effort to 7 highest default in...

Страница 107: ...pply changes Reset Click to revert to previous values Refresh Click to refresh the table starting from VLAN input fields Click to update the table starting from the first entry in the VLAN Table lowes...

Страница 108: ...information valid period is set to Tx Hold multiplied by Tx Interval seconds Valid values are restricted to 2 10 times Tx Delay If some configuration is changed e g the IP address a new LLDP frame is...

Страница 109: ...Address field The CDP address TLV can contain multiple addresses but only the first address is shown in the LLDP neighbors table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version an...

Страница 110: ...ach port determine the amount power it reserves by exchanging PoE information using the LLDP protocol and reserves power accordingly If no LLDP information is available for a port the port will reserv...

Страница 111: ...port HO models only Forced Enables 60W PoE Force mode per port HO models only Priority The priority is used in the case where the remote devices require more power than the power supply can deliver In...

Страница 112: ...ate a EPS in the Port Domain W P Flow is a Port Architecture 1 1 This will create a 1 1 EPS 1 1 This will create a 1 1 EPS W Flow The working flow for the EPS See Domain P Flow The protecting flow for...

Страница 113: ...e APS PDU handling MEP Instance Configuration Configured Red This EPS is only created and has not yet been configured is not active Green This EPS is configured is active Protection Type Unidirectiona...

Страница 114: ...ng local SF detected on working Instance State Protection State EPS state according to State Transition Tables in G 8031 W Flow OK State of working flow is ok SF State of working flow is Signal Fail S...

Страница 115: ...tity Intermediate Point Direction Down This is a Down MEP monitoring ingress OAM and traffic on Residence Port Up This is a Up MEP monitoring egress OAM and traffic on Residence Port Residence Port Th...

Страница 116: ...ed MPLS Link This is a MEP in the MPLS Link Domain MPLS Tunnel This is a MEP in the MPLS Tunnel Domain MPLS PW This is a MEP in the MPLS Pseudo Wires Domain MPLS LSP This is a MEP in the MPLS LSP Doma...

Страница 117: ...ICC This is defined by ITU Y1731 Fig A5 Domain Name is not used MEG id must be max 15 char Domain Name This is the IEEE Maintenance Domain Name and is only used in case of IEEE String format This stri...

Страница 118: ...ed if no CCM PDU has been received within 3 5 periods see cLOC Fault Cause cPeriod is declared if a CCM PDU has been received with different period see cPeriod Selecting 300f sec or 100f sec will conf...

Страница 119: ...UI field CC Organization Specific Sub Type The last received value in the OS TLV Sub Type field CC Organization Specific Value The last received value in the OS TLV Value field CC Organization Specifi...

Страница 120: ...1 888 678 9427 MEP Fault Management Configuration This page allows the user to inspect and configure the Fault Management of the current MEP Instance Note that the sub tables of Link Trace Link Trace...

Страница 121: ...size DMAC 6 SMAC 6 TYPE 2 LBM PDU LENGTH 46 CRC 4 64 bytes The transmitted frame will be four bytes longer for each tag added 8 bytes in case of a tunnel EVC There are two frame MAX sizes to consider...

Страница 122: ...ay action can be one of the following MAC The was a hit on the LT Target MAC FDB LTM is forwarded based on hit in the Filtering DB MFDB LTM is forwarded based on hit in the MIP CCM DB Last MAC The MAC...

Страница 123: ...ll be 10101010 Test Signal State TX frame count The number of transmitted TST frames since last Clear RX frame count The number of received TST frames since last Clear RX rate The current received TST...

Страница 124: ...ansmitted as fast as possible in case of using this for protection in the end point LOCK Enable Insertion of LOCK signal LCK PDU transmission in client layer flows can be enable disabled Frame Rate Se...

Страница 125: ...ts in TAG if any In case of enable of Continuity Check and Loss Measurement both implemented on SW based CCM Priority has to be the same Frame rate Selecting the frame rate of CCM LMM PDU This is the...

Страница 126: ...ny Cast Selection of 1DM DMM PDU transmitted unicast or multicast The unicast MAC will be configured through Peer MEP Peer MEP This is only used if the Cast is configured to Uni The 1DM DMR unicast MA...

Страница 127: ...n is a counter that stores the number of delay measurements falling within a specified range during a Measurement Interval Measurement Bins for FD Configurable number of Frame Delay Measurement Bins p...

Страница 128: ...eshold is 5000 us and the total number of Measurement Bins is four we can give an example as follows Bin Threshold Range bin0 0 us 0 us measurement 5 000 us bin1 5 000 us 5 000 us measurement 10 000 u...

Страница 129: ...nces 0 in this field indicates that no Port 1 SF MEP is associated with this instance Port 0 APS MEP The Port 0 APS PDU handling MEP Port 1 APS MEP The Port 1 APS PDU handling MEP As only one APS MEP...

Страница 130: ...F MEP is associated with this instance Port 0 APS MEP The Port 0 APS PDU handling MEP Port 1 APS MEP The Port 1 APS PDU handling MEP As only one APS MEP is associated with interconnected sub ring with...

Страница 131: ...ely configured to be in either manual switch or forced switch state Forced Switch Forced Switch command forces a block on the ring port where the command is issued Manual Switch In the absence of a fa...

Страница 132: ...ct Description Delete To delete a VLAN entry check this box The entry will be deleted on all stack switch units during the next Save VLAN ID Indicates the ID of this particular VLAN Adding a New VLAN...

Страница 133: ...ther frames are dropped Note Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can...

Страница 134: ...tion mappings are organized into Groups identified by the Group ID This way a port is configured to use a number of VLAN Translation mappings easily by simply configuring it to use a given group Then...

Страница 135: ...igured to use any of the groups but only one at any given time Multiple ports can be configured to use the same group A valid Group ID is an integer value from 1 to 1111 Note By default each port is s...

Страница 136: ...ers of all VLANs specified in the Allowed VLANs field By default only VLAN 1 is enabled More VLANs may be created by using a list syntax where the individual elements are separated by commas Ranges ar...

Страница 137: ...ilities Can be configured to be VLAN tag unaware C tag aware S tag aware or S custom tag aware Ingress filtering can be controlled Ingress acceptance of frames and configuration of egress tagging can...

Страница 138: ...the Port VLAN are transmitted untagged Other frames are transmitted with the relevant tag Tag All All frames whether classified to the Port VLAN or not are transmitted with a tag Untag All All frames...

Страница 139: ...LAN ID Indicates the ID of this particular private VLAN Port Members A row of check boxes for each port is displayed for each private VLAN ID To include a port in a Private VLAN check the box To remov...

Страница 140: ...olated ports on the same VLAN and Private VLAN Port Members A check box is provided for each port of a private VLAN When checked port isolation is enabled on that port When unchecked port isolation is...

Страница 141: ...xclude the port from the mapping make sure the box is unchecked By default no ports are members and all boxes are unchecked Adding a New MAC to VLAN ID mapping entry Click Add New Entry to add a new M...

Страница 142: ...ame Type is called etype Valid values for etype range between 0x0600 and 0xffff 2 LLC Valid value in this case is comprised of two different sub values a DSAP 1 byte long string 0x00 0xff b SSAP 1 byt...

Страница 143: ...ble An empty row is added to the table where Frame Type Value and the Group Name can be configured as needed The Delete button can be used to undo the addition of new entry The maximum possible Protoc...

Страница 144: ...he port lists of these mappings are mutually exclusive e g Group1 can be mapped to VID 1 on port 1 and to VID 2 on port 2 VLAN ID Indicates the VLAN ID to which the Group Name will be mapped A valid V...

Страница 145: ...heck boxes for each port is displayed for each IP subnet to VLAN ID mapping entry To include a port in a mapping simply check the box To remove or exclude the port from the mapping make sure the box i...

Страница 146: ...nable Voice VLAN It can avoid the conflict of ingress filtering Possible modes are Enabled Enable Voice VLAN mode operation Disabled Disable Voice VLAN mode operation VLAN ID Indicates the Voice VLAN...

Страница 147: ...d all non telephonic MAC addresses in the Voice VLAN will be blocked for 10 seconds Possible port modes are Enabled Enable Voice VLAN security mode operation Disabled Disable Voice VLAN security mode...

Страница 148: ...to delete the entry It will be deleted during the next save Telephony OUI A telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 characters long and the inpu...

Страница 149: ...es after the configured default CoS DPL Controls the default drop precedence level All frames are classified to a drop precedence level If the port is VLAN aware and the frame is tagged then the frame...

Страница 150: ...ode and or mapping Note This setting has no effect if the port is VLAN unaware Tagged frames received on VLAN unaware ports are always classified to the default CoS and DPL DSCP Based Click to Enable...

Страница 151: ...agged frames on this port Disabled Use default QoS class and Drop Precedence Level for tagged frames Enabled Use mapped versions of PCP and DEI for tagged frames PCP DEI to QoS class DP level Mapping...

Страница 152: ...nabled on this switch port Rate Controls the rate for the policer The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 3300 when the...

Страница 153: ...E Enable or disable the queue policer for this switch port Rate Controls the rate for the queue policer This value is restricted to 100 3276700 when Unit is kbps and 1 3276 when Unit is Mbps The rate...

Страница 154: ...eduler This page provides an overview of QoS Egress Port Schedulers for all switch ports Object Description Port The logical port for the settings contained in the same row Click on the port number in...

Страница 155: ...Unit is kbps and 1 3281 when Unit is Mbps Ports in Basic or Hierarchical Scheduling Mode HQoS setting only have queue shapers on queue 6 and 7 The rate is internally rounded up to the nearest value su...

Страница 156: ...kbps and 1 3281 when Unit is Mbps Only shown when configuring HQoS entries The rate is internally rounded up to the nearest value supported by the HQoS shaper HQoS Shaper Unit Controls the unit of mea...

Страница 157: ...rs Qn Shows disabled or actual queue shaper rate e g 800 Mbps Port Shows disabled or actual port shaper rate e g 800 Mbps Port Tag Remarking This page provides an overview of QoS Egress Port Tag Remar...

Страница 158: ...PCP DEI values Default Use default PCP DEI values Mapped Use mapped versions of QoS class and DP level PCP DEI Configuration Controls the default PCP and DEI values used when the mode is set to Defau...

Страница 159: ...ess DSCP Classification DSCP 0 Classify if incoming or translated if enabled DSCP is 0 Selected Classify only selected DSCP for which classification is enabled as specified in DSCP Translation window...

Страница 160: ...tches Object Description DSCP Maximum number of supported DSCP values is 64 Trust Controls whether a specific DSCP value is trusted Only frames with trusted DSCP values are mapped to a specific QoS cl...

Страница 161: ...map There are two configuration parameters for DSCP Translation Translate Classify Translation DSCP at Ingress side can be translated to any of 0 63 DSCP values Classify Click to enable Classification...

Страница 162: ...ws you to configure the mapping of QoS class and Drop Precedence Level to DSCP value Object Description QoS Class Actual QoS class DSCP DP0 Select the classified DSCP value 0 63 for Drop Precedence Le...

Страница 163: ...s Tagged Match tagged frames The default value is Any VID Indicates VLAN ID either a specific VID or range of VIDs VID can be in the range 1 4095 or Any PCP Priority Code Point Valid values of PCP are...

Страница 164: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 164 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427...

Страница 165: ...lue mask format or Any IP and Mask are in the format x y z w where x y z and w are decimal numbers between 0 and 255 When Mask is converted to a 32 bit binary string and read from left to right all bi...

Страница 166: ...present on the MAC Address table The configuration indicates the permitted packet rate for unicast multicast or broadcast traffic across the switch Object Description Frame Type The settings in a part...

Страница 167: ...to get the tagged mirrored traffic you have to set VLAN egress tagging as Tag All on the reflector port On the other hand if you want to get untagged mirrored traffic you have to set VLAN egress tagg...

Страница 168: ...sed Mirroring If you want to monitor some VLANs on the switch you can set the selected VLANs on this field Note1 The Mirroring session shall have either ports or VLANs as sources but not both Remote M...

Страница 169: ...nooping High disabled disabled ip_source_guard Critical disabled disabled disabled ipmc igmpsnp Critical un conflict ipmc mldsnp Critical un conflict lacp Low o disabled lldp Low o disabled mac learni...

Страница 170: ...he range 1 to 255 Advertising Duration The duration carried in SSDP packets is used to inform a control point or control points how often it or they should receive an SSDP advertisement message from t...

Страница 171: ...i e in units of one hundredth of a second The default is 20 Leave time is a value in the range 60 300 in the units of centi seconds i e in units of one hundredth of a second The default is 60 Leave Al...

Страница 172: ...ation This page allows you to enable disable a port for GVRP Object Description Port The logical port that is to be configured Mode Mode can be either Disabled or GVRP enabled These values turn the GV...

Страница 173: ...system name configured in Configuration System Information System Name Location The system location configured in Configuration System Information System Location MAC Address The MAC Address of this...

Страница 174: ...9427 CUP Load This page displays the CPU load using line chart The load is measured as averaged over the last 100ms 1 s and 10 seconds intervals The last 1 256 samples maximum 256 are graphed and the...

Страница 175: ...ECH SUPPORT 1 888 678 9427 Input Power Status This page shows the status of the 2 power inputs along with power LED s and the fault relay status Auto_refresh Check to refresh the page automatically ev...

Страница 176: ...ype of the entry This may be LINK or IPv4 Address The current address of the interface of the given type Status The status flags of the interface and or address IP Routes Network The destination IP ne...

Страница 177: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 177 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427...

Страница 178: ...y allowing for continuous refresh with the same start input field The will use the last entry of the currently displayed table as a basis for the next lookup When the end is reached the text No more e...

Страница 179: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 179 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Click to update the table entries ending at the last available entry...

Страница 180: ...1 of the system log entry Message The detailed message of the system log entry Refresh Click to update the system log entry to the current entry ID Click to update the system log entry to the first av...

Страница 181: ...rt State This page provides an overview of the current switch port states The port states are illustrated as follows RJ45 ports SFP ports State Disabled Down Link Object Description Auto refresh Check...

Страница 182: ...reflects the settings at the Port Power Savings configuration page LP EEE cap Shows if the link partner is EEE capable EEE Savings Shows if the system is currently saving power due to EEE When EEE is...

Страница 183: ...affic statistics for all switch ports Object Description Port The logical port for the settings contained in the same row Packet The number of received and transmitted packets per port Bytes The numbe...

Страница 184: ...for all switch ports Object Description Port The logical port for the settings contained in the same row Qn There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received...

Страница 185: ...n taken on ingress frame if parameters configured are matched with the frame s content Possible actions are CoS Classify Class of Service DPL Classify Drop Precedence Level DSCP Classify DSCP value PC...

Страница 186: ...e number of received and transmitted good and bad bytes Includes FCS but excludes framing bits Rx and Tx Unicast The number of received and transmitted good and bad unicast packets Rx and Tx Multicast...

Страница 187: ...ed with invalid CRC Rx Jabber The number of long 2 frames received with invalid CRC Rx Filtered The number of received frames filtered by the forwarding process 1 Short frames are frames that are smal...

Страница 188: ...nters Automatic Binding Number of bindings with network type pools Manual Binding Number of bindings that administrator assigns an IP address to a client That is the pool is of host type Expired Bindi...

Страница 189: ...inding Possible types are Automatic Manual Expired State State of binding Possible states are Committed Allocated Expired Pool Name The pool that generates the binding Server ID Server IP address to s...

Страница 190: ...AL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Declined IP This page displays declined IP addresses Declined IP List of IP addresses declined Auto_refresh Check to refresh the page automatically...

Страница 191: ...owing for continuous refresh with the same start address The will use the last entry of the currently displayed table as a basis for the next lookup When the end is reached the text No more entries is...

Страница 192: ...rcuit ID The number of packets whose Circuit ID option did not match known circuit ID Receive Bad Remote ID The number of packets whose Remote ID option did not match known Remote ID Client Statistics...

Страница 193: ...ed Rx and Tx NAK The number of NAK option 53 with value 6 packets received and transmitted Rx and Tx Release The number of release option 53 with value 7 packets received and transmitted Rx and Tx Inf...

Страница 194: ...Click to refresh the page Clear Click to clear all statistics Network Port Security Switch This page shows the Port Security status Port Security is a module with no direct configuration Configuratio...

Страница 195: ...vice Ready The Port Security service is in use by at least one user module and is awaiting frames from unknown MAC addresses to arrive Limit Reached The Port Security service is enabled by at least th...

Страница 196: ...is seen on this port If no MAC addresses are learned a single row stating No MAC addresses attached is displayed State Indicates whether the corresponding MAC address is blocked or forwarding In the b...

Страница 197: ...ased authentication and the most recently received frame from a new client for MAC based authentication Last ID The user name supplicant identity carried in the most recently received Response Identit...

Страница 198: ...to NAS Admin State for a description of possible values Port State The current state of the port Refer to NAS Port State for a description of the individual states QoS Class The QoS class assigned by...

Страница 199: ...mes with TCP protocol IPv4 Other The ACE will match IPv4 frames which are not ICMP UDP TCP IPv6 The ACE will match all IPv6 standard frames Action Indicates the forwarding action of the ACE Permit Fra...

Страница 200: ...nput fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently disp...

Страница 201: ...input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently di...

Страница 202: ...n the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled RADIUS Accounting Servers The RADIUS...

Страница 203: ...ns information about the state of the server and the latest round trip time RADIUS Accounting Statistics Packet Counters RADIUS accounting server packet counter There are five receive and four transmi...

Страница 204: ...cted to a multicast address CRC Errors The total number of packets received that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets inclusive but had either a b...

Страница 205: ...le was measured Drop The total number of events in which packets were dropped by the probe due to lack of resources Octets The total number of octets of data including those in bad packets received on...

Страница 206: ...arm table Object Description ID Indicates the index of Alarm control entry Interval Indicates the interval in seconds for sampling and comparing the rising and falling threshold Variable Indicates the...

Страница 207: ...one with the lowest Event Index and Log Index found in the Event table Object Description Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry Log Time Ind...

Страница 208: ...n Aggr ID The Aggregation ID associated with this aggregation instance Name Name of the Aggregation group ID Type Type of the Aggregation group Static or LACP Speed Speed of the Aggregation group Conf...

Страница 209: ...or LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner System ID The system ID MAC address of the aggregation partner Partner Key The Key that the partner has assigned to this aggreg...

Страница 210: ...ns that the port could not join the aggregation group but will join if other port leaves Meanwhile its LACP status is disabled Key The key assigned to this port Only ports with the same key can aggreg...

Страница 211: ...onds Refresh Click to refresh the displayed table starting from the input fields Clear Click to Clear the counters for all ports Loop Protection This page displays the loop protection port status the...

Страница 212: ...e Bridge ID of the currently elected root bridge Root Port The switch port currently assigned the root port role Root Cost Root Path Cost For the Root Bridge it is zero For all other Bridges it is the...

Страница 213: ...ernal Root Cost The Regional Root Path Cost For the Regional Root Bridge this is zero For all other CIST instances in the same MSTP region it is the sum of the Internal Port Path Costs on the least co...

Страница 214: ...d or explicitly configured Each Edge Port transits directly to the Forwarding Port State since there is no possibility of it participating in a loop Point to Point The current STP port point to point...

Страница 215: ...nitialized Auto_refresh Check to refresh the page automatically every 3 seconds Refresh Click to refresh the displayed table starting from the input fields Port Statistics This page displays the STP p...

Страница 216: ...ectively IGMP MLD Queries Transmitted The number of Transmitted Queries for IGMP and MLD respectively IGMPv1 Joins Received The number of Received IGMPv1 Join s IGMPv2 MLDv1 Report s Received The numb...

Страница 217: ...ation Table match In addition the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will u...

Страница 218: ...hen the end is reached the text No more entries is shown in the displayed table Use the button to start over Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed...

Страница 219: ...ts V2 Report Received The number of Received V2 Reports V3 Report Received The number of Received V3 Reports V2 Leaves Received The number of Received V2 Leaves Router Port Display which ports act as...

Страница 220: ...on the two input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the cu...

Страница 221: ...displayed table as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the button to start over Object Description VLAN ID VLAN ID of the...

Страница 222: ...ber of Received V1 Reports V2 Report Received The number of Received V2 Reports V1 Leaves Received The number of Received V1 Leaves Router Port Display which ports act as router ports A router port is...

Страница 223: ...wo input fields will upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently...

Страница 224: ...ly displayed table as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the button to start over Object Description VLAN ID VLAN ID of th...

Страница 225: ...hbor unit System Name System Name is the name advertised by the neighbor unit System Capabilities System Capabilities describes the neighbor unit s capabilities The possible capabilities are 1 Other 2...

Страница 226: ...Unknown If the device is a PD device it can either run on its local power supply or it can use the PSE as power source It can also use both its local power supply and the PSE If it is unknown what pow...

Страница 227: ...eive Tw_sys_tx DISABLE denotes the specific interface is administratively disabled Echo Tx Tw The link partner s Echo Tx Tw value The respective echo values shall be defined as the local link partners...

Страница 228: ...g Local Counters Local Port The port on which LLDP frames are received or transmitted Tx Frames The number of LLDP frames transmitted on the port Rx Frames The number of LLDP frames received on the po...

Страница 229: ...e the LLDP information is valid age out time If no new LLDP frame is received within the age out time the LLDP information is removed and the Age Out counter is incremented Auto_refresh Check to refre...

Страница 230: ...ority shows the port s priority configured by the user The resolved value that is the actual tx wakeup time used for this link based on EEE information exchanged via LLDP Port Status The Port Status s...

Страница 231: ...upon a Refresh button click assume the value of the first displayed entry allowing for continuous refresh with the same start address The will use the last entry of the currently displayed VLAN MAC a...

Страница 232: ...er Various internal software modules may use VLAN services to configure VLAN memberships on the fly The drop down list on the right allows for selecting between showing VLAN memberships as configured...

Страница 233: ...row Port Type Shows the port type Unaware C Port S Port S Custom Port that a given user wants to configure on the port The field is empty if not overridden by the selected user Ingress Filtering Shows...

Страница 234: ...this gives rise to a conflict which is solved in a prioritized way The Administrator has the least priority Other software modules are prioritized according to their position in the drop down list Th...

Страница 235: ...troubleshoot IP connectivity issues Object Description IP Address The destination IP Address Ping Length The payload size of the ICMP packet Values range from 2 bytes to 1452 bytes Ping Count The cou...

Страница 236: ...Values range from 1 time to 60 times Ping Interval The interval of the ICMP packet Values range from 0 second to 30 seconds Egress Interface only for IPv6 The VLAN ID VID of the specific egress IPv6...

Страница 237: ...r 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete Object Description Port The port where you are requesting VeriPHY Cable Diagnostics Cable Status Port Port...

Страница 238: ...e page without resetting configurations Factory Defaults You can reset the configuration of the switch on this page Only the IP configuration is retained The new configuration is available immediately...

Страница 239: ...ftware image and click Upload button After the software image is uploaded a page announces that the firmware update is initiated After a few minutes the firmware is updated and the switch restarts War...

Страница 240: ...corruption of the primary image or by manual intervention uploading a new firmware image to the device will automatically use the primary image slot and activate this 3 The firmware version and date...

Страница 241: ...ation Copy running config to startup config thereby ensuring that the currently active configuration will be used at the next reboot Click Save Configuration button to save Download A user can downloa...

Страница 242: ...rrent configuration is fully replaced with the configuration in the uploaded file Merge mode The uploaded file is merged into running config If the file system is full i e contains the three system fi...

Страница 243: ...he writable files stored in flash including startup config If this is done and the switch is rebooted without a prior Save operation this effectively resets the switch to default configuration Select...

Страница 244: ...can use console or telnet to management switch by CLI CLI Management by RS 232 Serial Console 115200 8 none 1 none Before Configuring RS 232 serial console use a USB Male A to USB Male B cable to con...

Страница 245: ...INS_CNGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 245 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Step 2 Input a name for new connection Step 3 Select to use COM port number...

Страница 246: ...678 9427 Step 4 The COM port properties setting 115200 for Bits per second 8 for Data bits None for Parity 1 for Stop bits and none for Flow control Step 5 The Console login screen will appear Use th...

Страница 247: ...68 10 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 10 254 User Name admin Password admin Follow the steps below to access the console via Telnet Step 1 Telnet to the IP address of the switch fr...

Страница 248: ...TION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 Commander Groups Typing and Enter at any prompt will list the valid commands with their descriptions in this mode Typing and Enter after a...

Страница 249: ...The computer must be running a terminal emulator such as TeraTerm or PuTTY on Windows or Minicom on Linux Log In and Reset Configuration to Factory Default Press Enter one or more times until the User...

Страница 250: ...sword unencrypted very secret my device config exit my device The user admin now has the password very secret Other users can be added in similar fashion Set VLAN 1 IP Address The objective is to assi...

Страница 251: ...P my device show ip interface brief displays all configured and active IP interfaces The status should be UP If it isn t then the reason could be that there is no link on any port If DHCP negotiation...

Страница 252: ...e name startup config as this file is read and executed upon every boot and is therefore responsible for restoring the running configuration of the system to the state it had when the save took place...

Страница 253: ...hing is displayed for them As a general rule only non default configuration is displayed otherwise the output would be huge and readability would suffer There are a few exceptions that will be discuss...

Страница 254: ...mands instruct the device to use DHCP to obtain an IP address or if DHCP fails to use a static fallback address Inclusion of a fallback IP is optional and may be omitted ICLI Basics The following list...

Страница 255: ...n be abbreviated as long as they are unambiguous For example these commands are identical my device show interface GigabitEthernet 1 5 capabilities my device sh in g 1 5 c This works because There are...

Страница 256: ...be present indicates a grouping the constructs within belong together indicates a choice between two or more alternatives example a b c which reads as a or b or c Thus the first command syntax is simp...

Страница 257: ...o times or one time not repeated There are variations Group of options of which at least one must be present a b c 1 Group of options where one or more has fixed position a b c This says that b is opt...

Страница 258: ...or sequences whereas a sequence is of the form from to Some examples GigabitEthernet 1 5 for the single gigabit port number 5 on switch 1 GigabitEthernet 1 2 4 10 12 for gigabit ports 2 4 10 11 12 on...

Страница 259: ...of ports but may output an error message if a specific switch ID or port number doesn t exist For example these sets are invalid interface 2 All ports of all types on switch 2 which isn t a member of...

Страница 260: ...hile also allowing cursor movement and insertion deletion of characters and words The following table shows the available editing functions and keys Table 1 Basic Line Editing Key Key Operation Left R...

Страница 261: ...of lines to keep in the history for the current session is configurable between 0 and 32 where 0 disables the history altogether my device terminal history size 32 The current value is displayed as pa...

Страница 262: ...TRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 It is possible to list the history my device show history show running config copy running config startup config dir show history my d...

Страница 263: ...cription or expand current word if it is unambiguous The context sensitive help only displays commands that are accessible at the current session privilege level see Understanding Privilege Levels pag...

Страница 264: ...show aggregation mode This shows that there is an optional mode word square brackets indicate an option Repeated presses of toggles display between next possible input and syntax my device show aggreg...

Страница 265: ...crolled right the third line has been scrolled to the middle of a quite long line Pagination appears each time execution of a command causes output of more lines than what has been configured as the t...

Страница 266: ...able filtering is Begin display the first line that matches and all subsequent lines Include display exactly those lines that match Exclude display exactly those lines that do not match The string is...

Страница 267: ...29 sec Idle time is 0 day 0 hour 0 min 0 sec Understanding Modes and Sub Modes The ICLI implements a number of modes that control the available command set The modes are further influenced by the pri...

Страница 268: ...MC Profile Config Config Sub mode for configuring IP Multicast profiles Command ipmc profile profile_name Prompt hostname config ipmc profile SNMP Server Host Config Config Sub mode for configuring SN...

Страница 269: ...ernet interfaces goes through global configuration or another sub mode Thus it is possible to change directly from VLAN sub mode to Ethernet interface sub mode for instance Thus each mode and sub mode...

Страница 270: ...f vlan do show ip interface brief Vlan Address Method Status 1 192 168 10 15 24 DHCP UP my device config if vlan end When in Exec no do prefix is needed my device show ip interface brief Vlan Address...

Страница 271: ...e This enters the VLAN sub mode as indicated by a new prompt my device config vlan 100 my device config vlan name MyVlan Change directly from VLAN sub mode into Ethernet interface sub mode for interfa...

Страница 272: ...sed for example as follows The user account is configured with privilege level 0 Whenever the user needs to perform higher privileged commands the user changes session priority level executes the nece...

Страница 273: ...ted Then follows either the level for which a password is being configured or if no level is given the password for level 15 my device config enable secret 0 word32 Password level Set exec level passw...

Страница 274: ...ity timer automatically log out after a period of inactivity A value of zero disables automatic logout history Exec Line Length of command history buffer length Exec Line Terminal length in lines used...

Страница 275: ...his line now Alive from Console Default privileged level is 2 Command line editing is enabled Display EXEC banner is enabled Display Day banner is enabled Terminal width is 80 length is 24 history siz...

Страница 276: ...0 day 0 hour 16 min 31 sec Idle time is 0 day 0 hour 0 min 0 sec Then we do the same but for all future console sessions Note how the commands have no terminal prefix terminal length vs length my dev...

Страница 277: ...actual text of the banner then follows and ends at the first appearance of the delimiter character The delimiters are not included in the actual text Configuring Banners First configure the MOTD banne...

Страница 278: ...it Log out then log in again my device exit This is the Message Of The Day Banner It spans multiple lines And one more But now it ends Press ENTER to get started ENTER This is my device Username admin...

Страница 279: ...ve configuration to flash Configuration Example In this example the hostname and VLAN 1 IP address is configured verified and saved This example assumes the session is initially unprivileged 1 Raise p...

Страница 280: ...back 192 168 10 2 255 255 0 0 end More verification Display IP interfaces and assigned IP address and status my device show ip interface brief Vlan Address Method Status 1 192 168 10 15 24 DHCP UP An...

Страница 281: ...the tasks accomplished Configure the VLAN 1 interface IP address to use DHCP Configure the DNS name server to be taken from DHCP Inspect the configuration Remove the DNS name server Remove the IP add...

Страница 282: ...ope of this document It is possible to create several user accounts on a system Each user account has a set of configurable attributes User name Password Privilege level All attributes are configured...

Страница 283: ...Delete the operator user and verify it is removed from the configuration my device config no username operator my device config do show running config include username username admin privilege 15 pass...

Страница 284: ...agement access list Access list aggregation Aggregation port configuration clock Configure time of day clock dot1x IEEE Standard for port based Network Access Control eps Ethernet Protection Switching...

Страница 285: ...configuration qos Quality of Service radius serverRADIUS configuration rfc2544 RFC2544 perfomance tests rmon RMON statistics running config Show running system information sflow Statistics flow snmp D...

Страница 286: ...ansfer Protocol igmp Internet Group Management Protocol interface IP interface status and configuration name server Domain Name System route Display the current ip routing table source source command...

Страница 287: ...he system configuration that is stored in binary form in the RAM memory of the device Because the effective device configuration is huge running config in the majority of cases only lists the delta be...

Страница 288: ...interface GigabitEthernet 1 4 Building configuration interface GigabitEthernet 1 4 speed 1000 duplex full end Include all default settings for that interface my device show running config interface Gi...

Страница 289: ...p inspection auth clock dhcp dhcp snooping dhcp_server dns dot1x eps erps evc green ethernet http icli ip igmp snooping ip igmp snooping port ip igmp snooping vlan ipmc profile ipmc profile range ipv4...

Страница 290: ...2 5GigabitEthernet Building configuration interface 2 5GigabitEthernet 1 1 speed 1000 duplex full interface 2 5GigabitEthernet 1 2 end In this example there is only one VLAN on the system 16 40 Show r...

Страница 291: ...ed to defaults This file is also used if startup config is missing It contains product specific customizations to the default settings of the device User defined configuration files created by the use...

Страница 292: ...ting and resetting the default configuration is accomplished with the reload command reload cold sid switch_id I reload defaults keep ip I The reload cold version reboots the system If the system is s...

Страница 293: ...98 bytes total Display the contents of the file backup output is abbreviated my device more flash backup hostname my device end Use file backup for the next boot by overwriting startup config my devic...

Страница 294: ...CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 rw 1970 01 01 19 54 01 1237 backup 2 files 1885 bytes total Use the currently running config for next boot my device copy running config startup confi...

Страница 295: ...y show ip interface brief Vlan Address Method Status 1 192 168 10 17 24 DHCP UP Contents of flash are unchanged my device dir Directory of flash r 1970 01 01 00 00 00 648 default config rw 1970 01 06...

Страница 296: ...swap simply switches the Active and Alternate designation on each image and reboots the system A firmware upgrade performs these steps Download new firmware using TFTP HTTP HTTPS FTP and verify suitab...

Страница 297: ...Protection Switching Example Configuration Introduction This section shows how to configure the Ethernet Ring Protection Switching ERPS for ComNet switches using the Web GUI and the CLI commands The...

Страница 298: ...avoid creating a loop The web client is connected to switch 1 3 To avoid conflict with ERPS disable spanning tree on all switches if it is enabled 4 Enable VLAN tag aware on all three switches In VLAN...

Страница 299: ...can remain empty because it will be learned by receiving the CCM from the peer side On ComNet switches before they are learned the CCM frame rate cannot be changed to above 100 sec If known enter the...

Страница 300: ...itch 2 Figure 5 Switch 2 Port 1 and 2 MEP Configuration 2 Edit MEP1 of switch 2 by clicking 1 under Instance of the MEP table Configure the MEP as shown and click Save or Apply Figure 6 Switch 2 MEP 1...

Страница 301: ...1 and 2 of switch 3 Figure 8 Switch 3 Port 1 and 2 MEP Configuration 2 Edit MEP1 of switch 3 by clicking 1 under Instance of the MEP table Configure the MEP as shown and click Save or Apply Figure 9 S...

Страница 302: ...Protection Group Switch 1 Configuration 2 Edit ERPS1 by clicking 1 Set the configuration as shown and click Save or Apply Figure 12 ERPS 1 Switch 1 Configuration 3 Click VLAN Config to edit the prote...

Страница 303: ...h 2 the RPL Neighbor 1 On switch 2 click ERPS followed by Add New Protection Group Figure 15 Add New Protection Group Switch 2 Configuration 2 Edit ERPS1 by clicking 1 Configure the device as shown an...

Страница 304: ...RPS on Switch 3 1 On switch 3 click ERPS followed by Add New Protection Group Figure 18 Add New Protection Group Switch3 2 Edit ERPS1 by clicking 1 No action is required on switch 3 Keep the RPL owner...

Страница 305: ...88 678 9427 Ethernet Ring Protection Switching Configuration Verifying ERPS 1 Change the CCM rate starting from switch 3 Click on MEP 2 and then use the frame rate pull down to select 300 f sec Figure...

Страница 306: ...CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 3 Change the CCM rate on switch 1 Click on MEP 1 and then use the frame rate pull down to select 300 f sec Figure 23 Edit MEP 1 CCM Rate Switch 1 4 Ch...

Страница 307: ...CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 5 Change the CCM rate on switch 2 Click on MEP 1 and then use the frame rate pull down to select 300 f sec Figure 25 Edit MEP 1 CCM Rate Switch 2 6 Ch...

Страница 308: ...n Switch 1 check ERPS status by clicking ERPS to ensure normal link status Figure 27 Switch 1 ERPS Status 8 Disconnect the normal link for switch 1 and switch 3 Figure 28 Disconnect Normal Link 9 Rest...

Страница 309: ...NGE11FX3TX8MS POE HO Rev 11 6 17 PAGE 309 INSTRUCTION MANUAL CNGE11FX3TX8MS POE HO TECH SUPPORT 1 888 678 9427 10 After WTR timeout and clicking Refresh it should show as Idle Figure 30 Refresh ERPS S...

Страница 310: ...LI Initial Switch Configuration The following commands disable STP and LLDP and they enable C Port on Port 1 and 2 on all switches Configure port 1 2 interface GigabitEthernet 1 1 2 set C Port switchp...

Страница 311: ...ep mep 1 peer mep id 5 enable ccm default is 1FPS mep 1 cc 0 enable RAPS mep 1 aps 0 raps mep 2 down domain port flow 2 level 0 interface GigabitEthernet 1 2 mep 2 mep id 2 mep 2 vid 3001 mep 2 peer m...

Страница 312: ...ernet 1 1 mep 1 mep id 3 mep 1 vid 3001 mep 1 peer mep id 2 mep 1 cc 0 mep 1 aps 0 raps mep 2 down domain port flow 2 level 0 interface GigabitEthernet 1 2 mep 2 mep id 4 mep 2 vid 3001 mep 2 peer mep...

Страница 313: ...t 1 2 mep 2 mep id 6 mep 2 vid 3001 mep 2 peer mep id 4 mep 2 cc 0 mep 2 aps 0 raps erps 1 major port0 interface GigabitEthernet 1 1 port1 interface GigabitEthernet 1 2 erps 1 mep port0 sf 1 aps 1 por...

Страница 314: ...CH SUPPORT 1 888 678 9427 INFO COMNET NET 8 TURNBERRY PARK ROAD GILDERSOME MORLEY LEEDS UK LS27 7LE T 44 0 113 307 6400 F 44 0 113 253 7462 INFO EUROPE COMNET NET MECHANICAL INSTALLATION INSTRUCTIONS...

Отзывы:

Нет отзывов

Похожие инструкции для CNGE11FX3TX8MS

D-Link DIR-855L Quick Installation Manual preview
DIR-855L
Бренд: D-Link Страницы: 28
D-Link DIR-826L Quick Install Manual preview
DIR-826L
Бренд: D-Link Страницы: 2
D-Link DIR-655 - Xtreme N Gigabit Router Wireless Quick Start Manual preview
DIR-655 - Xtreme N Gigabit Router Wireless
Бренд: D-Link Страницы: 3
D-Link DIR-605L Technical Support Setup Procedure preview
DIR-605L
Бренд: D-Link Страницы: 11
D-Link DIR-822 Quick Instillation Manual preview
DIR-822
Бренд: D-Link Страницы: 35
D-Link DIR-880L Quick Install Manual preview
DIR-880L
Бренд: D-Link Страницы: 12
D-Link DIR-842 Quick Install Manual preview
DIR-842
Бренд: D-Link Страницы: 12
D-Link DIR-821 Quick Install Manual preview
DIR-821
Бренд: D-Link Страницы: 24
D-Link DIR-803 Quick Installation Manual preview
DIR-803
Бренд: D-Link Страницы: 20
D-Link DIR-815/AC Quick Installation Manual preview
DIR-815/AC
Бренд: D-Link Страницы: 44
D-Link DIR-830M Quick Installation Manual preview
DIR-830M
Бренд: D-Link Страницы: 52
D-Link DIR-821 User Manual preview
DIR-821
Бренд: D-Link Страницы: 103
Qlogic SANbox 6142 Supplementary Manual preview
SANbox 6142
Бренд: Qlogic Страницы: 2
Qlogic iSR6142 User Manual preview
iSR6142
Бренд: Qlogic Страницы: 172
Ubiquiti PBE-5AC-300-ISO Quick Start Manual preview
PBE-5AC-300-ISO
Бренд: Ubiquiti Страницы: 28
Ubiquiti UniFi WiFi BaseStation XG Quick Start Manual preview
UniFi WiFi BaseStation XG
Бренд: Ubiquiti Страницы: 19
CG Emotron OSTO 100 Instruction Manual preview
Emotron OSTO 100
Бренд: CG Страницы: 112
Airlinkplus ASW224 User Manual preview
ASW224
Бренд: Airlinkplus Страницы: 20

Бренды по названию

Популярные бренды

Загрузить еще бренды