Comnet CWGE24MODMS Скачать руководство пользователя страница 74

Страница: 74 / 106

7.7.4 ACL

An ACL is a sequential list of permit or deny conditions that apply to IP addresses. This

switch tests ingress or egress packets against the conditions in an ACL one by one. A

packet will be accepted as soon as it matches a permit rule, or dropped as soon as it

matches a deny rule. If no rules match for a list of all permit rules, the packet is dropped; and

if no rules matches for a list of all deny rules, the packet is accepted.

The following restrictions apply to ACLs:



The ACL only support single port and not support trunk group.



The maximum number of ACLs is also 5 for each port.

Command Attributes



Enable:

An ACL can be enabled per port.



Default Action:

The action if no rules matched.



Action:

An ACL can be permit or deny rule.



IP Address and Prefix Length:

Include destination and source IP address.

Ex: source 192.168.10.1/24 means all frames that source IP address is 192.168.10.x

matched.

Access Control Configuration Interface

Содержание CWGE24MODMS

Страница 1: ...entional CAT 5e copper or optical transmission media The 24 electrical ports support the 10 100 1000 Mbps Ethernet IEEE 802 3 protocol and auto negotiating and auto MDI MDIX features are provided for...

Страница 2: ...in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to tr...

Страница 3: ...4 2 Module Features 11 4 3 Module Hardware Description 12 4 3 1Module LED Indicators 12 4 3 2Port Description 14 4 4 Installing Module in CWGE24MODMS Switch Chassis 14 4 5 Module Troubleshooting 15 C...

Страница 4: ...System Event Log 29 7 4 6 1 LOG Configuration 29 7 4 6 2 Logging Events Level 31 7 4 6 3 Logging RAM Table 32 7 4 6 4 Logging Flash Table 32 7 4 7 Security Manager 33 7 5 Port 34 7 5 1 Port Statistic...

Страница 5: ...7 6 6 1 IGMP Configuration 56 7 6 6 2 IGMP Static Configuration 57 7 6 7 LLDP 58 7 6 7 1 LLDP Configuration 58 7 6 7 2 LLDP Neighbor Table 59 7 7 Security 60 7 7 1 802 1x RADIAS 60 7 7 1 1Misc Configu...

Страница 6: ...ble Commands Set 79 Port Mirroring Commands Set 81 TFTP Commands Set 81 QOS Commands Set 82 Spanning Tree Commands Set 83 VLAN Commands Set 85 System log Commands Set 88 SNTP Commands Set 91 IGMP Comm...

Страница 7: ...addresses in a 16K entry MAC address table The MDI Medium Dependent Interface Port is also called an uplink port The MDI port does not cross transmit and receive lines which is done by the regular por...

Страница 8: ...vity 4 Port Gigabit copper 4 Port SFP module RJ45 Link Activity 1000 100 10Mbps speed SFP Link Activity Connector RS232 console Female DB 9 Gigabit copper module 8 x RJ45 SFP module 8 x SFP socket Gig...

Страница 9: ...ture and the member up to 8 ports Spanning Tree IEEE802 1w Rapid spanning tree Compatible with STP VLAN Port based VLAN up to 24 groups IEEE802 1Q Tag VLAN Static VLAN groups up to 256 entries and dyn...

Страница 10: ...control list on Source IP Destination IP DHCP DHCP Client and DHCP Server DNS Provide DNS client feature and support Primary and Secondary DNS server System log 1000 records Maximum Provide remote sto...

Страница 11: ...gainst the checklist below CWGE24MODMS Managed Switch Chassis Four Rubber Feet Power Cord Rack mounted kit RS232 Cable User Guide Compare the contents of your CWGE24MODMS Managed Switch package with t...

Страница 12: ...er 2 Hardware Description This section describes the hardware of the CWGE24MODMS Managed Switch 2 1 Physical Dimension The physical dimensions of the CWGE24MODMS Managed Switch are 440mm W x 280mm D x...

Страница 13: ...ug is located at the Rear Panel of the CWGE24MODMS Managed Switch as shown in figure below The switches will work with AC in the range 100 240V AC 50 60Hz The DC redundant power jack is optional Rear...

Страница 14: ...sturdy Make sure there is enough clearance around the switch to allow attachment of cables power cord and air circulation Attaching Rubber Feet 1 Make sure that the mounting surface on the bottom of t...

Страница 15: ...the appropriate holes on the rack Secure the switch to the rack with a screwdriver and the rack mounting screws Note For proper ventilation allow about at least 4 inches 10 cm of clearance on the fron...

Страница 16: ...he module package and verify them against the checklist below Module your selection of the following CWGE24MODMS 8TX CWGE24MODMS 8FXSCM1 CWGE24MODMS 8FXSCS1 CWGE24MODMS 8FXSFP CWGE24MODMS 8TX4SFP4 Use...

Страница 17: ...02 3z Gigabit fiber SX or LX Connector Gigabit copper RJ45 Gigabit SX SC Multimode Fiber Gigabit LX SC Single Mode Fiber LED Gigabit Fiber Link Activity Gigabit Copper Link Activity 100 1000 Connect D...

Страница 18: ...ions of the LED status and their meaning for each module CWGE24MODMS 8TX Module LED Status Meaning Green Link on 1000Mbps speed mode Amber Link on 100Mbps speed mode 100 1000 Off Link on 10Mbps speed...

Страница 19: ...connected Blink The port is receiving or transmitting data LK ACT Off No device attached Link is disconnected SFP Green Link is connected Blink The port is receiving or transmitting data LK ACT Off N...

Страница 20: ...n the Module SX uses Multimode fiber cable 62 5 125um 50 125um distance 500 meters LX uses Single mode fiber cable 8 125um 9 125um distance 10 km SFP Hot swappable allowing you to install different fi...

Страница 21: ...for 1000Base T Gigabit 1000T module Select the proper Fiber cable to construct your network The Fiber TX and RX port should be connect to partner s right fiber port Example TX connects to partner s F...

Страница 22: ...ch other by directly connecting with CWGE24MODMS Managed Switch The switch automatically learns node addresses which are subsequently used to filter and forward all traffic based on the destination ad...

Страница 23: ...ne You can use the CWGE24MODMS Managed Switch to connect PCs workstations and servers to each other All the devices in this network can communicate with each other by connecting directly to the switch...

Страница 24: ...nnector to connect a terminal or PC to the Console port Connecting the switch to a terminal via RS 232 cable 6 2 Login in the Console Interface When the connection between switch and PC is ready turn...

Страница 25: ...en shows up press Enter key to get into command line mode Please see below figure for login screen 6 3 CLI Management The system supports console management CLI command After you login to the system y...

Страница 26: ...lied for Java Applets for reducing network bandwidth consumption enhance access speed and present an easy viewing screen NOTE By default IE5 0 or later version does not allow Java Applets to activate...

Страница 27: ...the PC 2 Key in http the IP address of the switch and then Press Enter 3 The login screen will appear right after 4 Key in the user name and password The default user name and password are the same as...

Страница 28: ...l location The maximum length is 31 bytes Contact Enter the name of contact person or organization Object ID The most common OIDs seen in the wild usually belong to the private enterprise numbers allo...

Страница 29: ...e status of Fan 1 Fan 2 Status display the status of Fan 2 7 4 2 2 Management Software Firmware Version display the firmware version Configure Data version display the configure data version Command L...

Страница 30: ...l assign the IP address that is going to be displayed in this column for the switch The default IP is 192 168 10 1 Subnet Mask Assign the subnet mask of the IP address If IP Address Mode function is i...

Страница 31: ...rk 2 DHCP IP Address Pool User has to set a range of IP addresses for the DHCP server assigning an IP address to the DHCP client by giving the starting IP address and how many IP addresses within this...

Страница 32: ...s in your network 6 Lease Duration hours Assign the lease duration time in hours 7 And then click DHCP Server Configuration interface DHCP Client Information Display the DHCP Client information that h...

Страница 33: ...server 1 TFTP Server IP Address Fill in your TFTP server IP 2 Firmware File Name The name of firmware image 3 Click TFTP Update Firmware interface 7 4 5 2 TFTP Backup Configuration User can save curr...

Страница 34: ...can restore EEPROM value from TFTP server but user must put back the backup file in TFTP server switch will download it back 1 TFTP Server IP Address Fill in the TFTP server IP 2 Restore File Name Fil...

Страница 35: ...Level to send event log to flash ROM or RAM by assigning the level Flash Level Set the level range of 0 to 7 RAM Level Set the level range of 0 to 7 Remote Logging Mark this check box for enabling to...

Страница 36: ...30 LOG Configuration interface...

Страница 37: ...4 events Cold Start Event Warm Start Event Auth Failure Event and Port Link Change Event Pull down the right side item menu to select the event level When selected events occur the system will issue...

Страница 38: ...Table Logging RAM Table displays the logs that have been sent to RAM Logging RAM Table interface 7 4 6 4 Logging Flash Table Logging Flash Table displays the logs that have been sent to Flash ROM Logg...

Страница 39: ...me and password for the management security issue User Name Key in the new user name The default is root New Password Key in the new password The default is root Confirm Password Re type the new passw...

Страница 40: ...34 7 5 Port 7 5 1 Port Statistics Display the port statistic information Port Statistic interface...

Страница 41: ...5 3 Port Control In Port configuration user can view every port status that depended on user setting and the negotiation result 1 Port select the port that user wants to configure 2 State Current port...

Страница 42: ...disabled user can select the port link speed 5 Duplex set full duplex or half duplex mode of the port 6 Flow Control set flow control function is Enable or Disable The default value is Enabled 7 Jumbo...

Страница 43: ...nctions in an orderly manner Link aggregation lets you group up to eight ports into two dedicated connections This feature can expand bandwidth between 2 or more devices LACP operation requires full d...

Страница 44: ...38 Trunk Configuration interface 7 5 4 2 Trunk Information After setting up the trunk group user will see the related information as below Trunk Information interface...

Страница 45: ...ctivity State as below Port Activity interface 7 5 5 Port Mirror The port mirror is a method for monitor traffic in switched networks Traffic through ports can be monitored by specific port That means...

Страница 46: ...or analyzing all monitor port traffic User can connect mirror port to LAN analyzer or Netxray 3 Monitor Port The ports which user wants to monitor All monitored port traffic will be copied to analysis...

Страница 47: ...Input State There are 4 check boxes of Bc Mc UnkUc KnownUc for selecting Rate 1 1526 Rate 655Kbps Type in the input rate limit in number between 1 1526 Output State Enable or disable the output rate l...

Страница 48: ...same members of VLAN Basically creating a VLAN from a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch However all the network devices are still plug...

Страница 49: ...tion 1 Port Select the port number in the table list 2 VLAN ID Key in the VLAN ID 3 Ingress Filter Enable or Disable the ingress filter 4 Acceptable Frame Type Choose Tag only or All type 5 Click Port...

Страница 50: ...up 1 Select the VLAN group in the table list 2 Click VLAN Table Configuration interface 3 User can add remove the ports from a VLAN group 4 Click VLAN Table Configuration Edit interface 5 Mark the che...

Страница 51: ...or RSTP protocol 7 6 2 1 STP System Configuration User can view spanning tree information about the Root Bridge User can modify RSTP state After modification click Mode user must enable or disable RST...

Страница 52: ...0 Forward Delay Time 4 30 the number of seconds a port waits before changing from its Rapid Spanning Tree Protocol learning and listening states to the forwarding state Enter a value between 4 through...

Страница 53: ...n only be connected to exactly one other bridge i e it is served by a point to point LAN segment or can be connected to two or more bridges i e it is served by a shared medium LAN segment This functio...

Страница 54: ...istrators to manage network performance find and solve network problems and plan for network growth Network management systems learn of problems by receiving traps or change notices from network devic...

Страница 55: ...on and to set MIB objects SNMP Trap managers A trap manager is a management station that receives traps the system alerts generated by the switch If no trap manager is defined no traps will issue Crea...

Страница 56: ...50 SNMP Configuration interface...

Страница 57: ...S Configuration Queue Profile Select the queue profile from the column list Priority Precedence There are 4 priority precedence selections available Click QoS Configuration interface 7 6 4 2 Port base...

Страница 58: ...52 Port base Configuration interface 7 6 4 3 COS Configuration Set up the COS priority level COS priority Set up the COS priority level 0 7 7 is the highest priority Click COS Configuration interface...

Страница 59: ...he IP packet is received the system will check the DSCP level value in the IP packet that has been received For example user set the DSCP level 25 as high When the packet received the system will chec...

Страница 60: ...TC Timezone Set the switch location time zone The following table lists the different location time zone for your reference Local Time Zone Conversion from UTC Time at 12 00 UTC November Time Zone 1 h...

Страница 61: ...urs 6 pm WAST West Australian Standard 7 hours 7 pm CCT China Coast USSR Zone 7 8 hours 8 pm JST Japan Standard USSR Zone 8 9 hours 9 pm EAST East Australian Standard GST Guam Standard USSR Zone 9 10...

Страница 62: ...st to the querier to indicate that the host wants to be or is a member of a given group indicated in the report message Leave Group A message sent by a host to the querier to indicate that the host ha...

Страница 63: ...raffic if they register to join specific multicast groups With multicast filtering network devices only forward multicast traffic to the end stations that are connected to registered ports This functi...

Страница 64: ...the same IEEE 802 LAN the major capabilities provided by the system incorporating that station the management address or addresses of the entity or entities that provide management of those capabilit...

Страница 65: ...59 LLDP Configuration interface 7 6 7 2 LLDP Neighbor Table User will see all information of port by LLDP enable LLDP Neighbor Table interface...

Страница 66: ...od during which the port doesn t try to acquire a supplicant 3 TX Period Set the period the port waits for retransmit next EAPOL PDU during an authentication session 4 Supplicant Timeout Set the perio...

Страница 67: ...61 MISC Configuration interface 7 7 1 2 Port Configuration Port Configuration interface...

Страница 68: ...whether the authentication passed or not Click 7 7 1 3 Radius Client Configuration After having enabled the IEEE 802 1X function user can configure the parameters of this function 1 Radius Server IP S...

Страница 69: ...itch s address table regardless of whether the device is physically connected to the switch This saves the switch from having to re learn a device s MAC address when the disconnected or powered off de...

Страница 70: ...Vid enter the Vid of the MAC address between 1 and 4094 5 Click 6 If user wants to delete the MAC address from filtering table select the MAC address and click 7 7 2 2 Filter MAC Address Table MAC add...

Страница 71: ...e 1 MAC Address Enter the MAC address that user wants to filter 2 Vid enter the Vid of the MAC address between 1 and 4094 3 Click 4 If user wants to delete the MAC address from filtering table select...

Страница 72: ...ble Aging Aging Status Pull down menu to enable MAC address table aging function Aging Time 20 620 Assign the aging time in second Address Aging interface 7 7 2 4 Dynamic MAC Address Table Dynamic Mac...

Страница 73: ...ed will be restricted IP Security interface 1 Mode When mode is set at ON user can assign up to 10 Security IP addresses 2 HTTP mark the check box to enable the access via HTTP for the assigned IP 3 T...

Страница 74: ...f no rules matches for a list of all deny rules the packet is accepted The following restrictions apply to ACLs The ACL only support single port and not support trunk group The maximum number of ACLs...

Страница 75: ...lue or to reset all configuration except reserved IP user name and password Factory Default interface 7 9 Save Configuration Save all configurations that user has made in the system To ensure the all...

Страница 76: ...70 7 10 System Reboot Reboot the switch in software reset Click to reboot the system System Reboot interface...

Страница 77: ...iously faulty connections If they appear to be OK make sure the connections are snug If that does not correct the problem try a different cable Non standard cables Non standard and miss wired cables m...

Страница 78: ...st storms that will severely impact your network performance Diagnosing LED Indicators The switch can be monitored through panel indicators which describes common problems you may encounter and where...

Страница 79: ...ction status save configures Global configuration Enter the configure command while in privileged EXEC mode switch config To exit to privileged EXEC mode enter exit or end Use this mode to configure P...

Страница 80: ...stem description string switch config system description xxx system contact contact Global configuration mode Set switch system contact window string switch config system contact xxx ip address ip add...

Страница 81: ...ation mode Set console timeout The range of timeout is 30 sec 600 sec 180 sec switch config console timeout 30 show system info Privileged EXEC Show system information switch show system info show ip...

Страница 82: ...l or switch config if duplex half speed 10 100 1000 auto Interface configuration mode Use the speed configuration command to specify the speed mode of operation for Fast Ethernet switch config interfa...

Страница 83: ...isable switch config interface gigaethernet 1 switch config if rate limit input mode bc or switch config if no rate limit input mode bc or switch config if rate limit input mode mc or switch config if...

Страница 84: ...wn form of this command to enable the port Enable switch config interface gigaethernet 1 switch config if shutdown switch config if no shutdown show interfaces status gigaethernet port channel vlan if...

Страница 85: ...to all VLANs time must be 20 620 and in steps of 20 seconds 300 secs Enable switch config mac address table aging time 150 Disable switch config mac address table aging time 0 Default switch config no...

Страница 86: ...lter hwaddr 000012348678 vlan 1 show mac address tabl e static filter all or show mac address tabl e static or show mac address tabl e filter or show mac address tabl e all Privileged EXEC mode Show s...

Страница 87: ...information switch show monitor TFTP Commands Set Netstar Commands Command Level Description Default Example backup flash backup_cfg Global configuration mode Save configuration to TFTP server and ne...

Страница 88: ...priority dscp dscp Qid or no qos priority dscp Global configuration mode Set DSCP Map switch config qos priority dscp 61 5 or Default switch config no qos priority dscp qos priority profile profile G...

Страница 89: ...recedence Spanning Tree Commands Set Netstar Commands Command Level Description Default Example show spanning tree Privileged EXEC Display a summary of the spanning tree states switch show spanning tr...

Страница 90: ...bridge protocol data units BPDUs 2 sec switch config spanning tree hello time 3 spanning tree forward time 4 30seconds Global configuration mode Use the spanning tree forward time global configuration...

Страница 91: ...config if stp admin edge enable or switch config if stp admin edge disable stp admin stp disable enable Interface configuration mode Use the stp admstp interface configuration command to configure a p...

Страница 92: ...N switch vlan vlan port based grpname test grpid 2 port 2 4 or switch vlan vlan port based grpname test grpid 2 port 2 3 4 802 1Q 802 1Q with GVRP VLAN mode vlan 8021q name GroupName vid VLAN ID media...

Страница 93: ...owed vlan 8021q remove 2 or switch config if no switchport allowed vlan 8021q switchport native vlan PVID or no switchport native vlan Interface configuration mode Set Port PVID 1 switch config interf...

Страница 94: ...tchport gigaethernet port channel port Privileged EXEC show Port PVID and ingress filter accept frame type switch show interfaces switchport gigaethernet 1 Future Release System log Commands Set Netst...

Страница 95: ...rtlinkchange Global configuration mode Set the level of each logging events Level 7 Switch config logging events coldstart 3 Switch config no logging events coldstart Logging host server or no logging...

Страница 96: ...MTP server address Switch config logging sendmail host 0 192 168 10 5 Switch config no logging sendmail host 0 192 168 10 5 logging sendmail level value or no logging sendmail level Global configurati...

Страница 97: ...ds Set Netstar Commands Command Level Description Default Example calendar set hour min sec day mon year Global configuration mode Set system time switch config calendar set 15 03 30 29 4 2006 sntp ti...

Страница 98: ...iguration mode Set SNTP client polling interval seconds 16 switch config sntp poll 60 no sntp poll Global configuration mode Set SNTP client polling interval seconds to default switch config no sntp p...

Страница 99: ...leged EXEC Shows known multicast addresses for specific VLAN Id switch show mactbl multicast vlan 1 show mactbl multicast user igmp snooping Privileged EXEC Shows known multicast addresses only the us...

Страница 100: ...face gigaethernet 1 switch config if channel group 1 no channel group Interface configuration mode Remove a port from a trunk switch config interface gigaethernet 1 switch config if no channel group 1...

Страница 101: ...t RO RW Global configuration mode Add SNMP community string public private switch config snmp community strings public right rw no snmp community string s Community Global configuration mode Remove th...

Страница 102: ...dhcp server switch config no dhcpserver show dhcpserver Privileged EXEC Show configuration of dhcp server and client status switch show dhcpserver Security IP Commands Set Netstar Commands Command Le...

Страница 103: ...command to set the supplicant timeout 30 switch config 8021x misc supportimeout 20 8021x misc servertimeout sec Global configuration mode Use the 802 1x misc server timeout global configuration comman...

Страница 104: ...port port ID Global configuration mode Use the 802 1x system account port global configuration command to change the accounting port switch config 8021x system accountport 816 8021x system sharekey ID...

Страница 105: ...be Deny or Permit Use the no form of this command to return the port to its default value disable Disable switch config interface gigaethernet 1 switch config if acl port deny or switch config if no...

Страница 106: ...urnberry Park Road Danbury CT 06810 USA Gildersome Morley T 203 796 5300 Leeds LS27 7LE UK F 203 796 5303 T 44 0 113 307 6400 888 678 9427 Tech Support F 44 0 113 253 7462 info ComNet net info europe...

Результаты поиска

Содержание CWGE24MODMS

Отзывы:

Бренды по названию

Популярные бренды

Comnet CWGE24MODMS, Инструкция по установке и эксплуатации

Результаты поиска

Содержание CWGE24MODMS

Отзывы:

Бренды по названию

Популярные бренды