IP-COM G3224P Скачать руководство пользователя страница 121

Страница: 121 / 175

114

To add MAC address filter

1. Click

Add

to enter interface below:

2. Specify the VLAN ID in the VLAN field. Valid range is 1-4094 and the VLAN ID must already exist.

3. Enter the MAC address you wish to filter, such as ―0000-aaaa-aaaa‖.

4. Click

To delete a single MAC address filter entry, click the corresponding

Delete

button.

To batch delete MAC address filter entries, click

Batch Delete

Note

1. The MAC address in the Static Address Table cannot be added to the Filtering Address Table.

2. This MAC address filtering function is not available if the 802.1X feature is enabled.

4.8.4 802.1X

802.1X Overview

IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC). It is part of the IEEE 802.1

group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or

WLAN.IEEE 802.1X defines the encapsulation of EAP over LAN" or EAPOL. 802.1X authentication involves

three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client device (such as

a laptop) that wishes to attach to the LAN/WLAN - though the term 'supplicant' is also used interchangeably to

refer to the software running on the client that provides credentials to the authenticator. The authenticator is a

network device, such as an Ethernet switch or wireless access point; and the authentication server is typically a host

running software supporting the RADIUS and EAP protocols. The authenticator acts like a security guard to a

protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the

protected side of the network until the supplicant’s identity has been validated and authorized. With 802.1X

port-based authentication, the supplicant provides credentials, such as user name / password or digital certificate, to

the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the

authentication server determines the credentials are valid, the supplicant (client device) is allowed to access

resources located on the protected side of the network.

Содержание G3224P

Страница 1: ......

Страница 2: ...more about our product information please visit our website at www ip com com cn Disclaimer Pictures images and product specifications herein are for references only To improve internal design operati...

Страница 3: ...re the switch is installed 4 Operating conditions Keep the switch away from electromagnetic noise such as photocopy machines microwaves cellphones etc Use Notes 1 Use the provided accessories such as...

Страница 4: ...it 2 Use soft cloth to clean the device s housing shell Environmental Protection 1 Throw the discarded device or batteries into the specified recycling places 2 Observe the local processing acts abou...

Страница 5: ...g the Switch on a Flat Workbench 7 2 3 Connecting to Protective Grounding Line 8 2 3 1 With Grounding Bar 8 2 3 2 Without Grounding Bar 8 2 4 Connecting the Power Cord 9 2 5 Connecting to Interface 9...

Страница 6: ...76 4 6 5 SNMP 78 4 6 6 DHCP Relay 85 4 6 7 DHCP Snooping 88 4 7 QoS 91 4 7 1 QoS Configuration 91 4 7 2 Traffic Control 96 4 7 3 ACL 98 4 8 Security 103 4 8 1 Attack Defense 103 4 8 2 IP Filter 110 4...

Страница 7: ...ocol VLAN 137 5 3 18 Voice VLAN 138 5 3 19 MAC Configuration 139 5 3 20 QoS Configuration 140 5 3 21 STP Configuration 141 5 3 22 IGMP Configuration 144 5 3 23 Time Range Management 145 5 3 24 PoE Man...

Страница 8: ...features Aiming at solving the safety problems in LAN it provides user grading management management VLAN ARP attack defense worm attack defense DoS attack defense MAC attack defense IP MAC PORT VLAN...

Страница 9: ...RJ45 10 100 1000 auto negotiation Gigabit switching ports 4 1000Mbps SFP ports Management Interface One Console port Operating Temperature 0 40 Storage Temperature 40 70 Operating Humidity 10 90 RH n...

Страница 10: ...storm constrain based on ports Multicast storm constrain based on ports Unknown unicast storm constrain based on ports STP IEEE 802 1d STP IEEE 802 1w FSTP IEEE 802 1s MSTP protocol In MSTP mode up to...

Страница 11: ...e contains the following items 24 Port Gigabit with 4 Shared SFP PoE Managed Switch Power Cord Install Guide Console Cable Mounting Kit 2 brackets screws Four Footpads 1 4 Device Hardware Interfaces 1...

Страница 12: ...valid link is established on the port Off An invalid link is established on the port 1 4 3 Interfaces 1 4 3 1 Console Interface This switch with an RS232 asynchronous console port can be used for con...

Страница 13: ...y for detachable connection between optical channels is very convenient for the test and maintenance of the optical system This device with its 1000Mbps Combo copper fiber ports supports gigabit SFP c...

Страница 14: ...19 inch rack is not available place the switch on a clean flat workbench Attach the 4 footpads to corresponding position of the switch bottom to avoid potential sliding and vibration and ensure good...

Страница 15: ...proper options for grounding bar The grounding cable on the switch should be connected to the grounding bar in the IT room 2 3 2 Without Grounding Bar 1 With mud land nearby and allowed to bury groun...

Страница 16: ...t the DB 9 plug on the console cable to a PC Connect the RJ45 connector to the console port on the switch 2 5 2 Connecting to RJ45 ports The switch provides auto MDI MDIX feature on each RJ45 ports PC...

Страница 17: ...compliant AP IP telephone or IP camera to switch By default the power supply mode is dynamic PoE power supply is enabled and the power supply standard is 802 3at 2 6 Check the Installation Before appl...

Страница 18: ...etwork segment It can t be 192 168 0 1 Web Browser Microsoft IE 8 0 or higher Ethernet Cable One CAT 5 RJ45 cable 3 1 2 Configuration Preparation Launch a web browser such as IE8 type in 192 168 0 1 a...

Страница 19: ...C to the console port on the switch Step 2 Run terminal program for example terminal in Windows 3 X Hyper Terminal in Windows 9X Windows 2000 Windows XP an example of Windows XP is described below on...

Страница 20: ...13 Figure 3 2 Connect To Figure 3 3 Port Settings Step 3 Power the switch press Enter input user name and password admin admin by default and then press Enter again Below screen will appear...

Страница 21: ...3 3 Telnet Login Take Windows XP as an example click Start Run and enter telnet 192 168 0 1 as seen below Then press Enter input the username and password admin admin and the following window will app...

Страница 22: ...ser This section allows you to add new users and change password Port Management Port Configuration Allows users to configure them a port and displays port status and statistics Link Aggregation Displ...

Страница 23: ...ettings and client access settings QoS CoS CoS priority 0 7 is supported Default 0 and 3 correspond to queue 1 1 and 2 correspond to 2 4 and 5 correspond to queue 3 6 and 7 correspond to queue 4 DSCP...

Страница 24: ...ation Corporate and hotel network administrators can use this section to easily configure file server port and router port For details please refer to 4 9 Smart Configuration Maintenance Allows users...

Страница 25: ...ccess the switch s web manager The default is 192 168 0 1 Subnet Mask Configure the corresponding subnet mask of the IP address specified above The default is 255 255 255 0 Gateway Specify a gateway a...

Страница 26: ...d time will not be updated or synchronized with other devices and will be restored to factory defaults after system reboot 2 System Time Config Click System Configuration System Time to enter interfac...

Страница 27: ...rent settings will be lost after reset So if you want to retain current settings please click Save Configurations in the lower left concern of the page 2 Do not operate the device while reset is in pr...

Страница 28: ...areas SSL Security Privacy Adopting asymmetrical encryption technology and RSA Rivest Shamir and Adleman SSL uses key pair to encrypt information Authentication Authenticate the users and the servers...

Страница 29: ...ryptography negotiation and authentication A session will be established between clients and the server Session ID certificate of the other side cryptography algorithm and primary security key are inc...

Страница 30: ...ng the set time the web manager will return to login window The Login Timeout can be set to any value between 30 and 3600 seconds The default setting is 300 seconds User Name Specify a user name for l...

Страница 31: ...the switch to factory default To add user do as follows 1 Click Add to enter interface below 2 Enter the user name 3 Select user or technician from the Access Mode pull down list 4 Specify a password...

Страница 32: ...f a port is not connected Speed Duplex Three types of duplex modes are available on Ethernet ports Full duplex Ports operating in Full duplex mode can send and receive packets concurrently Half duplex...

Страница 33: ...l ports are enabled Isolation Only in 802 1Q VLAN mode isolation feature can be set It can implement isolation of group members intercommunication by adding a port into one isolation group This featur...

Страница 34: ...for ports in an aggregation will not be affected 5 When a not isolated port joins an isolated aggregation group it joins the same isolation group automatically Port Mirroring Port Mirroring allows co...

Страница 35: ...roring port packets loss will happen Ingress Only incoming packets are copied to the monitor port Egress Only outgoing packets are copied to the monitor port Egress Ingress Both inbound and outbound p...

Страница 36: ...ink Aggregation Overview Link aggregation groups multiple Ethernet ports together in parallel to act as a single logical link Aggregation enabled devices treat all physical links ports in an aggregati...

Страница 37: ...will treat a link aggregation group as a single link on the switch level On the port level the STP will use the port parameters of the Master Port in the calculation of port cost and in determining th...

Страница 38: ...rding status can send receive both service packets and LACP frames ports in blocked status can only send receive LACP frames Link Aggregation View Config Click Port Management Link Aggregation to ente...

Страница 39: ...ote Once ports in static aggregation group are linked successfully they will be aggregated and not be affected by port speed LACP Aggregation Config Click New to enter the configuration screen as seen...

Страница 40: ...ding port joins an LACP aggregation group and Disable when the port does not join any LACP aggregation group or joined a static aggregation group Priority Configure port priority 0 65535 The default i...

Страница 41: ...1 and port 3 3 Set Switch A s system priority on the LACP protocol interface to a value which is smaller than 32768 so that switch A s priority is higher than switch B s At the same time set port 2 s...

Страница 42: ...AC learning Enable IP filter Configuring mirroring destination port Enable voice VLAN feature Enable 802 1X authentication Below ports cannot join the aggregation group 802 1x enabled port s ACL Bindi...

Страница 43: ...n order to better collaborate with staffs from home or abroad on a special project a workgroup is indispensable Using VLAN all workstations and servers that a particular workgroup uses can be assigned...

Страница 44: ...ive and send traffic for them Usually ports that connect switches are configured as trunk ports Hybrid Like a trunk port a hybrid port can carry multiple VLANs to receive and send traffic for them A p...

Страница 45: ...PVID If voice VLAN protocol VLAN MAC VLAN and 802 1Q VLAN are configured on this switch ingress packets will be matched according to the VLAN sequence mentioned above VLAN Mode Toggle You can toggle b...

Страница 46: ...ailable Port and click to move them to Member Ports 4 Click OK and below screen will be displayed Note 1 Available values for VLAN ID range from 2 to 4029 You can configure multiple VLANs by entering...

Страница 47: ...elete an access port 1 Click the VLAN ID of 2 2 Select port3 from Available Ports and click 3 Select port2 from Member Ports and click 4 Click OK To add trunk port 1 Click Trunk Port to enter the trun...

Страница 48: ...e a trunk port in the trunk port view To delete a single trunk port click the Delete button to delete a batch of trunk ports click and then the Batch Delete button Note 1 An existing hybrid port canno...

Страница 49: ...ple 1 24 denotes 24 ports while 1 24 indicates 2 ports 3 PVID Enter an existing VLAN ID 4 Tagged VLAN Enter 1 4094 or leave it empty 5 Untagged VLAN Enter 1 4094 or leave it empty 6 Click OK To edit a...

Страница 50: ...ete a batch of hybrid ports click and then the Batch Delete button Note 1 An existing trunk port cannot be directly configured as a hybrid port However you can convert a Trunk port into a Hybrid port...

Страница 51: ...LAN1 To isolate them from other ports do as follows 1 Click VLAN1 as seen below Select port1 and port2 in Member Ports to move them back to Available Ports Click OK Add members to a port VLAN To add n...

Страница 52: ...VLAN The packet in MAC VLAN is processed in the following way 1 When receiving an untagged packet the switch will check whether the corresponding MAC VLAN has been created If the corresponding MAC VLA...

Страница 53: ...MAC VLAN As shown above click the Delete button to delete the corresponding MAC VLAN Up to 64 MAC VLANs can be supported on this device 4 3 3 Protocol VLAN Overview Protocol VLAN another way to classi...

Страница 54: ...Type on this device is set to LLC Ether Type of this protocol VLAN will match 16 18th bytes of the packet for VLAN mapping Ethernet SNAP The biggest difference between Ethernet SNAP Frame and 802 3 8...

Страница 55: ...e Displays protocol model s encapsulation Frame Type Ethernet II LLC or SNAP To add protocol model 1 Click New to enter interface below Configure protocol name in the Protocol Name Field Up to 31 char...

Страница 56: ...AN matches with 13 14th bytes to map VLAN LLC Protocol VLAN matches with 17 18th bytes to map VLAN SNAP Protocol VLAN matches with 23 24th bytes to map VLAN and 16 21th bytes are AA AA 03 00 00 00 To...

Страница 57: ...ice VLAN Voice VLAN Overview Voice VLAN is a VLAN designed for voice data flow partition By creating voice VLAN and adding ports connected to voice devices into the voice VLAN you can centrally transm...

Страница 58: ...s are described as below Voice VLAN Working Mode Voice Traffic Type Port Link Type Auto Tagged Access Not supported Trunk Supported but the default VLAN of the connected port must already exist and ca...

Страница 59: ...rted but the default VLAN of the connected port must already exist and can t be voice VLAN And voice VLAN should be in the allowed tagged VLAN list Global Setup Click VLAN Management Voice VLAN Global...

Страница 60: ...ription Port Display port number VLAN Display voice VLAN ID on corresponding port Mode Display voice VLAN mode auto or manual Status Display voice VLAN status Enable or Disable To configure voice VLAN...

Страница 61: ...54 OUI Setup Click VLAN Management Voice VLAN OUI Setup to enter interface below To configure OUI settings To add a new OUI address click Add on the OUI Setup page...

Страница 62: ...B900 0000 FFFF FF00 0000 Philips NEC 5 00D0 1E00 0000 FFFF FF00 0000 Pingtel 6 00E0 7500 0000 FFFF FF00 0000 Polycom 7 00E0 BB00 0000 FFFF FF00 0000 3com To delete an OUI address click Delete on the...

Страница 63: ...iority port number If the priority is the same the smaller the port number is the higher the priority Power Utilization Displays the current power utilization rate PoE CPU Temperature Displays the thr...

Страница 64: ...EEE 802 3af Enter a valid power value between 0 15 4w If you enter a power value that is greater than 15 4w 15 4w will be applied automatically IEEE 802 3at Enter a valid power value between 0 30w If...

Страница 65: ...week 4 5 1 Time Range Click Time Range Management Time Range to enter interface below Fields on the screen are described below Field Description Time Range ID Displays corresponding time range ID Tim...

Страница 66: ...length is 6 bytes The format is XXXX XXXX XXXX and X is hexadecimal When forwarding a frame the device adopts the following forwarding modes based on the MAC address table Unicast mode If an entry is...

Страница 67: ...be manually added or dynamically learned and might age out Configure MAC Address Table Entries To display MAC address entries globally Click Device Management MAC MAC Address Display to enter interfa...

Страница 68: ...ss while the VLAN ID is optional In Port VLAN mode you only need to enter a MAC address to view details Delete Click this button next to the corresponding MAC address to delete the MAC address Batch D...

Страница 69: ...agement MAC Static MAC Address to enter interface below To add a static MAC address entry Click Add enter a MAC address specifying a VLAN ID and selecting port then click OK In Port VLAN mode only MAC...

Страница 70: ...work nodes This is accomplished in the STP A STP enabled switch can perform the following tasks 1 Discover and generate an optimum STP topology 2 Discover and repair failures on the network automatica...

Страница 71: ...all of its spanning tree information in a single BPDU format Not only does this reduce the number of BPDUs required on a LAN to communicate spanning tree information for each VLAN but it also ensures...

Страница 72: ...max aging time for messages You may choose a time between 6 and 40 seconds The default value is 20s Hello time Configure the Hello Time You may choose a time between 1 and 10 seconds The default value...

Страница 73: ...e 32 characters allowed The default is the device s MAC address Modification Level Configure MSTP modification level Valid range is 0 65535 The default is 0 Format Selector Display 0 Configuration Abs...

Страница 74: ...ed instance Only instance 0 is enabled by default and can t be disabled VLAN Mapping List Display instance s current mapping VLANs Bridge Priority Display instance s current bridge priority To configu...

Страница 75: ...onding port as seen below Fields on the screen are described below Field Description STP Status STP feature switch By default the STP is disabled To activate the STP feature you must enable STP both g...

Страница 76: ...k automatically Instance ID Configure port parameters in different instances Priority By default the port priority is set to 128 Default Path Cost Enable disable port default path cost You can specify...

Страница 77: ...dification level and the same instance mapping Make VLAN 10 30 100 map instance 1 and set Device 1 as the root bridge of instance 1 Make VLAN 20 40 200 map instance 2 and set Device 2 as the root brid...

Страница 78: ...Configuration MSTP Configuration Save configurations Steps Add vlan10 20 30 40 100 and 200 Set ports on Device 1 and Device 2 to Hybrid and Tagged Set Device 1 and Device 2 s domain name to G3224P se...

Страница 79: ...settings is represented in TLV Type Length Value format according to the IEEE 802 1ab standard and these TLVs are encapsulated in LLDPDU Link Layer Discovery Protocol Data Unit The LLDPDU distributed...

Страница 80: ...iplier you can control this device info s age time on the neighboring device 2 10s Sending Delay When local configurations change each LLDP packet will be sent after one sending delay time 1 8192s and...

Страница 81: ...the Port Setup page to configure LLDP settings on a batch of ports concurrently Fields on the screen are described below Field Description Port Properties Select LLDP working status Disable Send Only...

Страница 82: ...receives LLDP packet System Name Display the neighboring device s system name Neighbor Port Display the port which sends LLDP packets on the neighboring device Chassis ID Display the MAC address of t...

Страница 83: ...MP Snooping enabled disabled How IGMP Snooping Works A switch that runs IGMP snooping performs different actions when receiving different IGMP messages When receiving a general query The IGMP querier...

Страница 84: ...d to such port After receiving the IGMP leave message from a host the IGMP querier resolves the multicast group address in the message and sends an IGMP group specific query to that multicast group th...

Страница 85: ...nable Disable multicast VLAN When multicast VLAN is enabled multicast VLAN ID becomes configurable and multicast packets can only be forwarded in this VLAN Multicast VLAN ID This option 1 4094 becomes...

Страница 86: ...ged objects depending on the type of packets received and generate Response packets to return to NMS SNMP Version The device supports SNMP v3 and is compatible with SNMP v1 and SNMP v2c SNMP v3 adopts...

Страница 87: ...al location SNMP Version Select V1 V2c or V3 Click Add to create a community name as seen below Note You must create a view before you can create a community Community Name Click Standard and select p...

Страница 88: ...t and enter a password and confirm password at least 8 characters If noauth nopriv is selected this field will be greyed out Select an Encryption Mode from the drop down list and enter a password and...

Страница 89: ...iv Specify Read only View Read Write View Notification View respectively from corresponding drop down list To edit groups click the corresponding Group Name to enter the interface for modification Vie...

Страница 90: ...s undergoing a coldstart power disconnection or reboot Warmstart Trap Send Warmstart Trap to designated host when the SNMP is disabled on the switch Linkdown Trap Send Linkdown Trap to designated host...

Страница 91: ...me IP net segment as the switch say 192 168 0 77 3 Enter a UDP port number to which Traps are to be sent in the Port NO field The default is 162 4 Enter a custom community name of up to 31 characters...

Страница 92: ...relay forwarding process DHCP relay working process When network devices with DHCP relay feature receive DHCP DISCOVER or DHCP REQUEST packets broadcast transmitted by DHCP clients the giaddr field w...

Страница 93: ...ts without Option82 Any Add the switch defined one into Option 82 field DHCP Relay Global Setup Click Device Management DHCP Relay Global Setup to enter interface below Fields on the screen are descri...

Страница 94: ...virtual interface click New as below 1 Specify the VLAN ID ranging from 2 to 4094 and the VLAN ID must be existing 802 1Q VLAN ID 2 Enable the IPV4 setup status 3 Enter the valid IPV4 address say 1 1...

Страница 95: ...mmunication In order that DHCP clients obtain IP addresses via legal DHCP servers trusted ports and untrusted ports are allowed Trusted ports can forward DHCP packets they ve received After receiving...

Страница 96: ...e Management DHCP Snooping Global Setup as below Fields on the screen are described below Field Description DHCP Snooping Enable Disable DHCP snooping feature globally By default it is disabled Source...

Страница 97: ...o port setup page Three strategies are available for this device Replace When DHCP relay receives DHCP packets with Option 82 the previous Option 82 information will be replaced by the default content...

Страница 98: ...munication QoS addresses network latency and congestion issues Non critical elastic applications like web browsing or emailing do not rely on QoS as they function however much or little bandwidth is a...

Страница 99: ...ues ranging from 0 to 7 Bits 3 6 denote the ToS priority with available values ranging from 0 to 15 The RFC 2474 redefined the IPv4 ToS field as the DS field The DSCP priority is denoted by the first...

Страница 100: ...d before low priority packets The lowest priority queue would be serviced only when highest priority queues had no packets buffered Disadvantages of SP The SP queueing gives absolute priority to high...

Страница 101: ...mediately Thus bandwidth resources are fully utilized Scheduling Scheme Click QoS QoS Configuration Scheduling Scheme to enter interface below To configure scheduling scheme select SP or WRR from the...

Страница 102: ...red mapping relationships at first Then according to the CoS queue mapping table it assigns packets with DSCP priority to queues which CoS priority corresponds to Port Priority To configure port prior...

Страница 103: ...t via configuring the available bandwidth of each port In this way the network bandwidth can be reasonably distributed and utilized Rate limit adopts token bucket for flow control If rate limit is con...

Страница 104: ...ilter broadcast multicast and unknown unicast frames in the network If the transmission rate of the three kind packets exceeds the set bandwidth the packets will be automatically discarded to avoid ne...

Страница 105: ...An access control list ACL implements packet filter via configured rules and operations attached to a packet When the switch receives a packet it analyzes the packet using currently applied ACL rules...

Страница 106: ...l existing MAC based ACLs and rules thereof To delete an existing MAC based ACL Select the ACL you wish to delete from the ACL drop down list and click on the Delete ACL button To create MAC based ACL...

Страница 107: ...tch and apply to all packets with whatever source MAC destination MAC Message Type Specify the message type in Hex Action Permit Allow messages that match existing rules to pass device Prohibit Discar...

Страница 108: ...n Configure required ACL settings and click OK ACL ID Specify an ACL ID between 1 and 100 Description Specify an ACL description To add rules to a specified ACL Select an ACL from the ACL drop down li...

Страница 109: ...configurable only when TCP or UDP protocol is selected Action Specify an action to handle messages Permit Allow messages that match existing rules to pass device Prohibit Discard messages that match e...

Страница 110: ...Attack Defense ARP Attack Defense If a switch continuously receives an enormous number of ARP messages on a specific port it will not function properly as CPU is overloaded and worse still may break u...

Страница 111: ...ARP RX Rate The default is 100PPS Note PPS refers to the number of packets per second It has nothing to do with the size of a packet Status Displays the status how a corresponding port deals with rec...

Страница 112: ...responding page for configuration Worm Attack Defense Worm Attack Defense prevents virus worm infected PCs being spread to targeted healthy PCs and the whole network by scanning for security failures...

Страница 113: ...ck defense feature 1 Click New to enter screen below 2 Enter the virus name say SQLSlammer 3 Specify a protocol say TCP or UDP 4 Specify the TCP destination port number say 1434 5 Click OK and defense...

Страница 114: ...o enter the corresponding interface Re configure it and then click OK Note The device supports up to 20 virus types DoS Attack Defense DoS Attack Defense prevents potential attackers from making a mac...

Страница 115: ...graded due to an oversized MAC address table The MAC Attack Defense is implemented on the device by limiting the number of MAC addresses that can be learned on each port Click Security Attack Defense...

Страница 116: ...port can learn is not limited Unknown MAC Address Drop If enabled corresponding port s will discard packets where source MAC addresses are not in the MAC address table when reaching the set address l...

Страница 117: ...for example 192 168 100 1 Enter an IP address in the End IP field for example 192 168 100 254 Enter a number in VLAN ID field for example 1 and this field is optional Click OK to start searching Searc...

Страница 118: ...for example 24 This item is optional 5 Enter a number in VLAN ID field for example 1 This item is optional 6 Click OK The IP MAC Port VLAN Bind screen will display added binding entries Port Filter Se...

Страница 119: ...ch the active IP MAC Port VLAN Binding entries can pass such port s otherwise are dropped directly No Selecting NO sets corresponding port s as trusted port s namely IP packets will not be examined wh...

Страница 120: ...erface to check whether the IP filter is disabled if not such port will not be able to receive any IP packets Thus before you delete an IP MAC Port VLAN Binding entry ensure that the IP filter has bee...

Страница 121: ...n authenticator and an authentication server The supplicant is a client device such as a laptop that wishes to attach to the LAN WLAN though the term supplicant is also used interchangeably to refer t...

Страница 122: ...thout being authenticated However if the first user is disconnected other users will be unable to access Internet When MAC based access control is adopted all users connected to this port need to be a...

Страница 123: ...on the same net segment as the switch s management IP address Authorized Shared Key Enter the authorized shared key as it is on the Radius authentication authorization server Recertification Enable o...

Страница 124: ...eed authenticating first to communicate with other devices Note If PORT is select from Access Control Method drop down list the default maximum access number is 1 But this does not indicate only one u...

Страница 125: ...s on the screen are described below Field Description Cash Register Server Port The priority of a Cash Register Server Port will be automatically set to 7 and two cash register server ports can be con...

Страница 126: ...istration Technology Agent software actively broadcasts requests to join server s management domain and server determines whether to accept the client When accepting such client the Intel Platform Adm...

Страница 127: ...Server Port Specify a port to connect to a file server File Server Port Priority Specify priority for the file serve port say Higher High Standard or Low which represents 7 5 3 and 1 respectively For...

Страница 128: ...for network administrators and developers to monitor network operation and diagnose malfunction The system logs have the following features 1 Classification of Syslog Log log info Trap warning info D...

Страница 129: ...creen are described below Field Description Enable Logging Enable disable Log feature By default it is enabled Enable Server Check to enable log server Log Severity Level Only logs of severity level e...

Страница 130: ...messages sent from the originating host to a destination computer Ping operates by sending Internet Control Message Protocol ICMP echo request packets to the target host and waiting for an ICMP respo...

Страница 131: ...t Display the ping result Tracert Check up Tracert Overview Tracert is a computer network diagnostic tool for displaying the route path and measuring whether network connection is available or not Whe...

Страница 132: ...knows packets have reached Device D and the route packets have passed from Device A to Device D is obtained 1 1 1 2 1 1 2 2 1 1 3 2 To implement tracert check up click Maintenance Network Diagnostics...

Страница 133: ...lost When the page refreshes the action of saving configurations is completed 2 Backup Settings Once you have configured the device the way you want you can save all settings to your local hard drive...

Страница 134: ...ection if only one match is found then it will be populated to the con field automatically To go back to previous directory press the key is invalid in IP COM To activate a command press Enter after y...

Страница 135: ...ig a gateway IP address IP COM show ip Note View configured IP address es 5 3 4 Enable DHCP Client to Obtain an IP Address IP COM config ip dhcp Note Enable DHCP client and switch will obtain an IP ad...

Страница 136: ...stem Time Configuration IP COM clock set 14 09 30 4 11 2012 Note Manually set system date and time to Apr 11 2012 and 14 09 30 respectively IP COM config sntp enable Note Enable SNTP server IP COM con...

Страница 137: ...ia a TFTP server 5 3 9 Web Login Timeout Configuration IP COM config http redirect timeout 300 Note Config web login timeout interval as 300 seconds IP COM show http redirect timeout Note View web log...

Страница 138: ...stination port IP COM config monitor source interface range gigabitethernet 0 1 3 rx Note Config ports 1 3 as mirroring source ports and sniffer mode as Ingress IP COM config monitor source interface...

Страница 139: ...te aggregation group IP COM config interface range gigabitethernet 0 1 4 Note Set ports 1 4 as link aggregation member ports IP COM config if trunk group 1 type static Note Set static aggregation grou...

Страница 140: ...lgorithm IP COM config port channel load balance src dst ip Note Config source and destination IP algorithm View aggregation info IP COM show aggregate port Note View aggregation group IP COM show lac...

Страница 141: ...port 5 and port 6 from QVLAN2 A port must belong to a single VLAN and belong to VLAN1 by default Delete QVLAN IP COM config no vlan 2 Note Delete QVLAN2 IP COM config no vlan 10 15 Note Delete multipl...

Страница 142: ...et 0 24 IP COM config if switchport mode access Note Change port 24 to access port trunk port 24 will not exist IP COM config interface range gigabitethernet 0 1 10 IP COM config if switchport mode ac...

Страница 143: ...ethernet 0 10 IP COM config if switchport mode access Note Delete existing Hybrid port 10 IP COM config interface range gigabitethernet 0 1 24 IP COM config if switchport mode access Note Delete all h...

Страница 144: ...Note Add MAC VLANs whose MAC address is 0000 0000 0001 It is described as v11 and corresponds to vlan2 with cos 0 IP COM configure terminal IP COM config no mac vlan 0000 0000 0001 Note Delete the MAC...

Страница 145: ...Disable voice VLAN global security mode IP COM config voice vlan agetime 3600 Note Set voice VLAN agetime to 3600min IP COM show voice vlan global Note View voice VLAN global info Voice VLAN port sett...

Страница 146: ...ig mac address table aging time 0 Note Set MAC address never to age out IP COM config mac address table aging time 100 Note Config MAC age time IP COM config no mac address table aging time Note Resto...

Страница 147: ...w mac address table interface gigabitethernet 0 5 Note Display MAC address es on a certain port Clear MAC address table IP COM clear mac address table Note Delete all dynamic MAC addresses 5 3 20 QoS...

Страница 148: ...mstp Note Set STP version to mstp IP COM config spanning tree bpdu forward broadcast Note Broadcast BPDU packets IP COM config spanning tree bpdu forward filter Note Filter BPDU packets IP COM config...

Страница 149: ...config no spanning tree mstp max hops Note Delete max hop setting and restore it to the default 20 IP COM config no spanning tree mstp 0 priority Note Delete instance bridge priority setting and resto...

Страница 150: ...onfig if spanning tree link type point to point auto Note spanning tree link type point to point auto IP COM config if spanning tree link type point to point force false Note Set port as non p2p port...

Страница 151: ...edge port setting P2P port setting port role port status STP statistics on port 5 IP COM show spanning tree detail Note Display all STP info IP COM show spanning tree enable instance Note Display all...

Страница 152: ...e Reset Max age of IGMP routing port to factory default IP COM config no ip igmp snooping host aging time Note Reset Max age of IGMP host port to factory default Enable disable IGMP port fast leave IP...

Страница 153: ...M config interface range gigabitethernet 0 9 IP COM config if power inline standard af at Note Configure interface power supply standard IP COM config interface range gigabitethernet 0 6 IP COM config...

Страница 154: ...any dst mac mask any Note Add rule 3 and deny all packets at the source MAC address of aaaa aaaa aaa passing Note Deny Deny packets matching the rule to pass Vlan Specify VID Eth type Specify protocol...

Страница 155: ...e IP ACL rule binding with time range Delete ACL IP COM config no access list 125 Note Delete MAC based ACL 125 IP COM config no access list 1 Note Delete IP based ACL 1 Delete an ACL rule IP COM conf...

Страница 156: ...ound port s 5 3 26 DoS Attack Defense Configuration IP COM config ip deny ping of death Note Enable Ping of Death Attack Defense IP COM config no ip deny ping of death Note Disable Ping of Death Attac...

Страница 157: ...packets with destination port number of 10 IP COM config filter aaa tcp 10 off Note Disable filter of TCP virus packets with destination port number of 10 IP COM config filter ccc udp 65535 on Note E...

Страница 158: ...te Disable ARP Attack Defense on ports11 20 5 3 29 Config MAC Attack Defense IP COM config interface gigabitethernet 0 1 IP COM config if mac address learning limit 8191 Note Set MAC address learning...

Страница 159: ...erface gigabitethernet 0 5 Note Add IP MAC Port VLAN binding entry bind the IP address of 192 168 0 5 and MAC address of 0000 0000 0002 to port 5 in VLAN4094 Port binding and unbinding IP COM config i...

Страница 160: ...es Note Display all port filter settings and IP MAC Port VLAN binding entries 5 3 31 DHCP Relay DHCP relay global settings IP COM config service dhcp Note Enable global DHCP feature IP COM config no s...

Страница 161: ...ay all virtual interfaces which have been created IP COM show interface vlan interface 2 Note Display settings on VLAN virtual interface 2 only Remote server configuration IP COM config ip helper addr...

Страница 162: ...o ip dhcp snooping verify mac address Note Disable verifying MAC address Port settings IP COM config interface range gigabitethernet 0 7 IP COM config if ip dhcp snooping trust Note Set port property...

Страница 163: ...t community name to public access right to read write and enable SNMP in the meantime Adding the first community name enables the SNMP agent feature and the SNMP will stay enabled thereafter unless di...

Страница 164: ...e Enable warmstart trap on the Switch IP COM config snmp server trap type 4 Note Enable Linkdown Trap on the Switch IP COM config snmp server trap type 8 Note Enable Linkup Trap on the Switch IP COM c...

Страница 165: ...8 0 2 public Note Delete the destination host 192 168 0 2 5 3 34 Log Configuration Enable disable logging IP COM config logging on Note Enable log IP COM config logging off Note Disable log Enable dis...

Страница 166: ...dot1x re authentication Note Disable 802 1X re authentication IP COM config dot1x timeout re authperiod 1 Note Specify 802 1X re authentication timeout as 1s IP COM config dot1x timeout tx period 255...

Страница 167: ...and port status IP COM show dot1x statistics Note Display all ports status IP COM show dot1x interface gigabitethernet 0 1 Note Display a single port s status 5 3 36 Save Configurations IP COM copy ru...

Страница 168: ...g if no port isolated Note Disable port isolation Display settings on port IP COM show interface gigabitethernet 0 3 Note Display basic settings on interface 3 IP COM show interface status Note Displa...

Страница 169: ...waits for a client s request message Upon receiving the request the server sends back a status line and a message of its own Auto negotiation Auto negotiation is an Ethernet procedure by which two con...

Страница 170: ...routers and switches an Access Control List refers to rules that are applied to port numbers or IP Addresses that are available on a host or other layer 3 each with a list of hosts and or networks per...

Страница 171: ...Pv4 uses 32 bit addresses which indicates 4 billion or 4 3 109 available addresses Thus IPv6 is brought into use for addressing rapid exhaustion of IP addresses The IPv6 uses 128 bit addresses which i...

Страница 172: ...allows a network design to include spare redundant links to provide automatic backup paths if an active link fails without the danger of bridge loops or the need for manual enabling disabling of these...

Страница 173: ...ervices Field DS field field and a two bit Explicit Congestion Notification ECN field While Differentiated Services is somewhat backward compatible with TOS ECN is not The TOS field could specify a da...

Страница 174: ...le in use please feel free to go to www ip com com cn to find a solution or email your problems to info ip com com cn We will be more than happy to help you out as soon as possible Website http www ip...

Страница 175: ...rdance with the instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the us...

Результаты поиска

Содержание G3224P

Отзывы:

Похожие инструкции для G3224P

Бренды по названию

Популярные бренды

IP-COM G3224P, Руководство пользователя

Результаты поиска

Содержание G3224P

Отзывы:

Похожие инструкции для G3224P

Бренды по названию

Популярные бренды