manualshive.com logo in svg

IS5 COMMUNICATIONS IES12G, Руководство пользователя

Получите бесплатное руководство пользователя для IS5 COMMUNICATIONS IES12G прямо сейчас! Это подробное руководство поможет вам настроить и использовать продукт с легкостью. Скачайте его бесплатно на manualshive.com. Убедитесь, что вы всегда имеете под рукой нужное руководство для работы с вашим устройством.

Поделиться
Скачать
background image

iES12G 

User’s

  Manual 

 

 

UM-iES12G-1.72.2-EN.docx   

 

 

 

 

 

 

Pages 130 of 166 

© 2020 IS5 COMMUNICATIONS INC. ALL RIGHTS RESERVED 

Label 

Description 

supplicant retransmits EAPOL Start frames at a rate faster than X seconds, then it will 
never  get  authenticated,  because  the  switch  will  cancel  on-going  backend 
authentication server requests whenever it receives a new EAPOL Start frame from 
the supplicant. And since the server hasn't yet failed (because the X seconds haven't 

expired), the same server will be contacted upon the next backend authentication 
server request from the switch. This scenario will loop forever. Therefore, the server 
timeout should be smaller than the supplicant's EAPOL Start frame retransmission 
rate. 

MAC-based 

Auth. 

Unlike  802.1X,  MAC-based  authentication  is  not  a  standard,  but  merely  a  best-
practices method  adopted  by the industry. In MAC-based  authentication, users are 
called clients, and the switch acts as the supplicant  on  behalf  of  clients.  The  initial 
frame  (any  kind of  frame)  sent  by  a  client  is snooped  by  the  switch,  which  in turn 

uses the client's  MAC  address as both  username and password in the subsequent 
EAP exchange with the RADIUS  server. The 6-byte MAC address is converted to a 
string  in the following  form  "xx-xx- xx-xx- xx-xx",  that  is,  a  dash  (-)  is  used  as 
separator  between  the  lower-cased  hexadecimal  digits.  The  switch  only  supports 
the  MD5-Challenge  authentication  method,  so  the  RADIUS  server  must  be 
configured accordingly. 
When  authentication  is  complete,  the  RADIUS  server  sends  a  success  or  failure 

indication,  which  in  turn  causes  the  switch  to  open  up  or  block  traffic  for  that 
particular client, using the Port Security module. Only then will frames from the client 
be  forwarded  on  the  switch.  There  are  no  EAPOL  frames  involved  in  this 
authentication, and therefore, MAC-based Authentication has nothing to do with the 
802.1X standard. 
The advantage of MAC-based authentication over port-based 802.1X is that several 
clients can be connected to the same port (e.g. through a 3rd party switch or a hub) 

and still require individual authentication, and that the clients don't need special 
supplicant software to authenticate. The disadvantage is that MAC addresses can 
be spoofed by malicious users - equipment whose MAC address is a valid RADIUS 
user can be used by anyone. Also, only the MD5-Challenge method is supported. 
The maximum number of clients that can be attached to a port can be limited using 
the Port Security Limit Control functionality. 

Port State 

The current state of the port. It can undertake one of the following values: 

Globally Disabled

: NAS is globally disabled. 

Link Down

: NAS is globally enabled, but there is no link on the port.   

Authorized

:  the  port  is in  Force  Authorized  or  a  single-supplicant  mode  and  the 

supplicant is authorized. 

Unauthorized: 

the port is in Force Unauthorized or a single-supplicant mode  and the 

supplicant is not successfully authorized by the RADIUS server. 

X  Auth/Y  Unauth

:  the  port  is  in  a  multi-supplicant mode.  Currently X clients are 

authorized and Y are unauthorized. 

Restart 

Two  buttons  are  available  for  each  row.  The  buttons  are  only  enabled  when 

authentication is globally enabled and the port's Admin State is in an  EAPOL-based 
or MAC-based mode. 
Clicking these buttons will not cause settings changed on the page to take effect. 

Reauthenticate:

 schedules a reauthentication whenever the quiet-period of the port 

runs  out  (EAPOL-based  authentication).  For  MAC-based  authentication, 
reauthentication will be attempted immediately. 
The button only has effect on successfully authenticated clients on the port and will not 

cause the clients to be temporarily unauthorized. 

Reinitialize:

  forces  a  reinitialization  of  the  clients  on  the  port  and  hence  a 

reauthentication immediately. The clients will transfer to the unauthorized state while 
the reauthentication is in progress. 

 

Содержание IES12G

Страница 1: ...User s Manual IES12G Intelligent 12 Port Managed Gigabit Ethernet Switch IES12G https is5com com products Version 1 72 2 May 20 2020 2020 iS5 Communications Inc All rights reserved...

Страница 2: ...to be defective within this warranty period including shipping costs This warranty does not cover product modifications or repairs done by persons other than iS5 approved personnel and this warranty...

Страница 3: ...ew 8 2 1 Front Panel 8 2 2 Front Panel LED 9 2 3 Bottom View of Panel 9 2 4 Rear Panel 11 2 5 Side Panel 12 Hardware Installation 13 3 1 Installing the Switch on DIN Rail 13 Mounting on DIN Rail 13 3...

Страница 4: ...tistics 30 Global Counters 31 Local Counters 31 Modbus TCP 32 Backup Restore Configuration 32 Firmware Update 32 DHCP Server Relay 33 Setting 33 DHCP Dynamic Client List 33 DHCP Client List 34 Port Se...

Страница 5: ...p 59 Example for Port Based VLAN Setting 60 For ingress port 60 For egress port 61 802 1Q Access port Setting 62 802 1Q Trunk port setting multi tag 63 Private VLAN 68 Private VLAN Membership Configur...

Страница 6: ...LAN Configurations 95 IGMP Snooping Status 96 IGMP Snooping Group Information 97 Remote Control Security 98 Remote Control Security Configuration 98 Device Binding 98 Advanced Configurations 100 Alias...

Страница 7: ...2 Warning 137 Fault Alarm 137 System Warning 138 SYSLOG Setting 138 SMTP Settings 139 Event Selection 140 4 3 Monitor and Diagnostic 141 MAC Table 141 MAC Address Table Configuration 141 Aging Config...

Страница 8: ...figuration 20 Figure 17 System Password 21 Figure 18 Guest Password Configuration 21 Figure 19 Authentication Method Configuration 22 Figure 20 Auto Logout Configuration 23 Figure 21 IP Configuration...

Страница 9: ...Accesses Configuration 76 Figure 76 Storm Control Configuration 78 Figure 77 QoS Ingress Port Classification 79 Figure 78 QoS Egress Port Tag Remarking 80 Figure 79 QoS Port DSCP Configuration 81 Fig...

Страница 10: ...9 Last Supplicant Client Info Admin State MAC based Auth 136 Figure 130 Last Supplicant Client Info Admin State 802 1X based 136 Figure 131 Selected Counters Attached Clients 137 Figure 132 Fault Alar...

Страница 11: ...ual UM iES12G 1 72 2 EN docx Page ix 2020 IS5 COMMUNICATIONS INC ALL RIGHTS RESERVED Table 5 1000 Base T MDI MDI X Pin Assignments 16 Table 6 Signals and Pinouts from Console Port RJ 45 to DB 9 Serial...

Страница 12: ...nce in which case the user may be required to take adequate measures Caution LASER This product contains a laser system and is classified as a CLASS 1 LASER PRODUCT Use of controls or adjustments or p...

Страница 13: ...up to 4 Gigabit SFP ports The iES12G provides redundancy support through functions such as STP RSTP MSTP assuring protection of all mission critical network applications iES12G can be managed via the...

Страница 14: ...40037c31414269 html scrolltoc Online Accessed on Apr 3 2019 7 Stack Overflow Maximum size of ICMP IPv6 packet https stackoverflow com questions 15434362 maximum size of icmp ipv6 packet 8 Cisco com Ci...

Страница 15: ...e ARP hardware address type ar hrd HSR High availability Seamless Redundancy HTTPS Hyper Text Transfer Protocol Secure or HTTP over SSL ICMP Internet Control Message Protocol IGMP Internet Group Mana...

Страница 16: ...Service RARP Reverse Address Resolution Protocol Reverse ARP RIP Routing Information Protocol RMON Remote Monitoring RSTP Rapid Spanning Tree Protocol SIP Source IP SMAC Source MAC Address SNMP Simpl...

Страница 17: ...ALL RIGHTS RESERVED Acronym Explanation SSH Secure Shell UDP User Datagram Protocol URG Urgent Pointer Field Significant an ACE value USM User based Security Model UTC Coordinated Universal Time VACM...

Страница 18: ...Auto MDI MDIX 8 4 X 100 1000Base X SFP 4 RS 232 Serial Console Port RS 232 in RJ45 connector with console cable 115200 bps 8 N 1 Warning Monitoring System Relay output for fault event alarming 2 alar...

Страница 19: ...ds for factory default 2 LED for PWR When the PWR UP the green led will be light on 3 LED for PWR1 4 LED for PWR2 5 LED for R M Ring master When the LED light on it means that the switch is the ring m...

Страница 20: ...Blinking Data is transmitted On Port link up 2 3Bottom View of Panel The Phillips Screw Terminal Block located on the bottom of the unit has Phillips screws with compression plates allowing either ba...

Страница 21: ...or Neutral terminal of an AC power source 4 G Chassis Ground Connected to the ground bus for DC inputs or Safety Ground terminal for AC Units Chassis Ground connects to both power supply surge grounds...

Страница 22: ...ure 3 Rear Panel 100 240VAC rated equipment A 250VAC appropriately rated circuit breaker must be installed Equipment must be installed according to the applicable country wiring codes When equipped wi...

Страница 23: ...al UM iES12G 1 72 2 EN docx Pages 12 of 166 2020 IS5 COMMUNICATIONS INC ALL RIGHTS RESERVED 2 5Side Panel The components on the side of the iES10G are shown below 1 Screw holes 4 for wall mount kit Fi...

Страница 24: ...IN Rail bracket on the rear panel The DIN Rail bracket helps secure the switch on to the DIN Rail Mounting on DIN Rail Step 1 Slant the switch and hook the top 2 catches of the metal bracket onto the...

Страница 25: ...anel or wall Mounting IES12G on a Wall or Panel Option 1 Side of switch Fix mounting brackets to the side of switch using the 4 screws included in the package Figure 7 Brackets Mounted on Side of Swit...

Страница 26: ...T Cat 3 4 5 100 ohm UTP 100 m 328ft RJ 45 100BASE TX Cat 5 100 ohm UTP UTP 100 m 328ft RJ 45 1000BASE T Cat 5 Cat 5e 100 ohm UTP UTP 100 m 328ft RJ 45 Pin Assignments With 10 100 1000BASE T X cables p...

Страница 27: ...used Table 5 1000 Base T MDI MDI X Pin Assignments Pin Number MDI port MDI X port 1 BI_DA BI_DB 2 BI_DA BI_DB 3 BI_DB BI_DA 4 BI_DC BI_DD 5 BI_DC BI_DD 6 BI_DB BI_DA 7 BI_DD BI_DC 8 BI_DD BI_DC Note a...

Страница 28: ...port using the RS232 DB 9 to RJ 45 cable provided Connect to the PC via the RS 232 DB9 connector and the RJ45 connector to the console port of the switch Table 6 Signals and Pinouts from Console Port...

Страница 29: ...It is based on Java Applets with an aim at reducing network bandwidth consumption and enhances access speed in a viewing screen Note By default IE 5 0 or later versions do not allow Java Applets to o...

Страница 30: ...een 5 Enter the username and password The default username and password are admin 6 Click OK The main interface of the Web Management appears see Figure 14 Figure 14 Main Interface or System Informati...

Страница 31: ...e closet 3rd floor The allowed string length is 0 to 255 and only ASCII characters from 32 to 126 are allowed System Contact The textual identification of the contact person for this managed node toge...

Страница 32: ...system admin password required to access the web interface or log in to the CLI Figure 17 System Password Label Description Username The default user name is admin Old Password The existing password...

Страница 33: ...lient for which the configuration below applies Authentication Method Authentication Method can be set to one of the following values None authentication is disabled and login is not possible Local lo...

Страница 34: ...onfiguration The Current column is used to show the active IP configuration Label Description DHCP Client Enable the DHCP client by checking this box If DHCP fails and the configured IP address is zer...

Страница 35: ...digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous z...

Страница 36: ...es made locally and revert to previously saved values IP Configuration Configure SNTP on this page Figure 23 SNTP Configuration Label Description Mode Indicates the selected Simple Network Time Protoc...

Страница 37: ...ntain _ or Daylight Savings Time Mode This is used to set the clock forward or backward according to the configurations set below for a defined Daylight Saving Time duration Options include Disable to...

Страница 38: ...Switch Time Configuration Configure date and time on this page Figure 25 Switch Time Configuration Mode Description Current Date Modify Current Date in the following order according to your preferenc...

Страница 39: ...network Typical applications include remote command line login and remote command execution but any network service can be secured with SSH Configure SSH settings in the following page Figure 27 SSH C...

Страница 40: ...Description LLDP Parameters Tx Interval The switch periodically transmits LLDP frames to its neighbours for having the network discovery information up to date The interval between each LLDP frame is...

Страница 41: ...f the neighbor s capabilities The capabilities include Other Repeater Bridge WLAN Access Point Router Telephone DOCSIS Cable Device Station Only Reserved When a capability is enabled a will be display...

Страница 42: ...rames are received or transmitted Tx Frames The number of LLDP frames transmitted on the port Rx Frames The number of LLDP frames received on the port Rx Errors The number of received LLDP frames cont...

Страница 43: ...refresh occurs every 3 seconds Modbus TCP This page shows Modbus TCP support of the switch For more information regarding Modbus refer to http www modbus org Figure 32 MODBUS Configuration Label Desc...

Страница 44: ...DHCP in this page Figure 36 DHCP Server Configuration Label Description Enabled Enable Disable DHCP server Start IP Address The first IP address of IP pool End IP Address The Last IP address of IP po...

Страница 45: ...rt When the device is connecting to the port and asks for dynamic IP assigning the system will assign the IP address that has been assigned before in the connected device Figure 38 DHCP Static Client...

Страница 46: ...nt Rx column indicates whether pause frames on the port are obeyed and the Current Tx column indicates whether pause frames on the port are transmitted The Rx and Tx settings are determined by the res...

Страница 47: ...done Port Alias This page shows the port alias configuration Figure 40 Port Alias Label Description Port This is the port number Port Alias This is the port alias Save Click to save changes Reset Clic...

Страница 48: ...ble the use of the TCP UDP Port Number or uncheck to disable By default TCP UDP Port Number is enabled Figure 42 Aggregation Group Configuration Label Description Group ID Indicates the ID of each agg...

Страница 49: ...the port ranging from 1 to 65535 Auto will set the key according to the physical link speed 10Mb 1 100Mb 2 1Gb 3 Specific allows the user to enter a user defined value Ports with the same key value c...

Страница 50: ...able an automatic refresh of the page at regular Intervals LACP Port Status This page provides an overview of the LACP status for all ports Figure 45 LACP Status Label Description Port Switch port num...

Страница 51: ...ch port Discarded The number of unknown or illegal LACP frames discarded at each port Refresh Click to refresh the page immediately Auto refresh Check to enable an automatic refresh of the page at reg...

Страница 52: ...sabled permanently until the device is restarted Figure 48 Port Configuration Label Description Port The switch port number of the port Enable Controls whether loop protection is enabled on this switc...

Страница 53: ...nges affecting all switches It is a good method for connecting two rings Coupling Port Used for connecting multiple rings A coupling ring needs four switches to build an active and a backup link Links...

Страница 54: ...ork State There three states for uplink port Link Down Blocking and Forwarding Save Click to apply the configurations Refresh Click to refresh the page immediately iBridge Figure 51 iBridge Label Desc...

Страница 55: ...e Multiple Spanning Tree Instances MSTI number concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier For MSTP operation this is the priority of the CIST Otherwise this is th...

Страница 56: ...0000 Priority 0 240 Enter which port should be blocked by setting the priority on the LAN Enter a number between 0 and 240 The value of priority must be a multiple of 16 Admin Edge Admin Edge is the p...

Страница 57: ...or disabled on this switch port Port Priority Which ports should be blocked by priority in LAN A number 0 through 240 The value of priority must be the multiple of 16 Label Description Auto refresh Ch...

Страница 58: ...ges i e It is served by a shared medium LAN segment OperP2P shows the P2P status of the link to be manipulated administratively True means P2P enabling False means P2P disabling Role The Role of each...

Страница 59: ...to be disabled and re enabled for normal STP operation The condition is also cleared by a system reboot Port Error Recovery Timeout The time to pass before a port in the error disabled state can be e...

Страница 60: ...of the MSTI configuration named above This must be an integer between 0 and 65535 MSTI Mapping MSTI The bridge instance The CIST is not available for explicit mapping as it will receive the VLANs not...

Страница 61: ...iority Indicates bridge priority The lower the value the higher the priority The bridge priority MSTI instance number and the 6 byte MAC address of the switch forms a Bridge Identifier Save Click to s...

Страница 62: ...s the priority for ports having identical port costs See above Admin Edge Configures the operEdge flag should start as set or cleared the initial operEdge stated when a port is initialized Auto Edge C...

Страница 63: ...milar bridge setting the port Edge status does not effect this setting A port entering error disabled state due to this setting is subject to the bridge Port Error Recovery setting as well Point to Po...

Страница 64: ...Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports The range of valid values is 1 to 200000000 Priority Configures the priority for ports having identical port cos...

Страница 65: ...nable an automatic refresh of the page at regular intervals STP Port Status This page displays the STP port status for the currently selected switch Figure 62 STP Port Status Label Description Port Th...

Страница 66: ...on the port RSTP The number of RSTP configuration BPDU s received transmitted on the port STP The number of legacy STP configuration BPDU s received transmitted on the port TCN The number of legacy to...

Страница 67: ...Recovery Dual Port Recovery mode is defined to work with unmanaged devices switches or ring of switches This feature can be set to on single port of switches on both sides of unmanaged ring The IES12G...

Страница 68: ...k of port in Forwarding state goes down the backup port is changing its state to be forwarding like in picture below The disconnected port changes its status to No Link When link of port 1 on switch 2...

Страница 69: ...he unmanaged switch ring of switches Note User need to select one port to be Active Port on each of two devices of each side Test Interval Setting Interval time for sending keep alive messages 10 5000...

Страница 70: ...VLAN name can be edited for the existing VLAN entries or it can be added to the new entries Port Members A row of check boxes for each port is displayed for each VLAN ID To include a port in a VLAN ch...

Страница 71: ...0 of 166 2020 IS5 COMMUNICATIONS INC ALL RIGHTS RESERVED Example for Port Based VLAN Setting For ingress port VLAN Membership Configuration setting port 1 VID 50 VLAN Port 1 Configuration Disable VLAN...

Страница 72: ...1 of 166 2020 IS5 COMMUNICATIONS INC ALL RIGHTS RESERVED For egress port VLAN Membership Configuration setting port 2 VID 50 VLAN Port 2 Configuration don t care VLAN Aware 3 VLAN Port 2 Configuration...

Страница 73: ...ALL RIGHTS RESERVED 802 1Q Access port Setting 4 1 6 2 1 1 For ingress port VLAN Membership Configuration setting port VID 50 VLAN Port Configuration Enable VLAN Aware VLAN Port Configuration Mode spe...

Страница 74: ...ONS INC ALL RIGHTS RESERVED VLAN Port Configuration Disable VLAN Aware 3 VLAN Port Configuration Mode specific ID 50 untagged tag 50 packet can enter egress port 802 1Q Trunk port setting multi tag 4...

Страница 75: ...tion Enable VLAN Aware 3 VLAN Port Configuration Mode specific ID 11 when enterring packet is untagged frame added tag 11 When entering the tagged frame only VID 11 22 33 three kinds of packets can pa...

Страница 76: ...UM iES12G 1 72 2 EN docx Pages 65 of 166 2020 IS5 COMMUNICATIONS INC ALL RIGHTS RESERVED VLAN Port Configuration Mode none egress port can receive tag 11 22 33 packet In addition only tag 11packet ca...

Страница 77: ...CATIONS INC ALL RIGHTS RESERVED Q in Q VLAN Setting ingress Port 1 egress Port 2 4 1 6 2 1 3 For ingress port Port 1 VLAN Membership Configuration setting port 1 2 3 VID 50 2 VLAN Port Configuration D...

Страница 78: ...2020 IS5 COMMUNICATIONS INC ALL RIGHTS RESERVED 4 1 6 2 1 4 For egress port Port 2 VLAN Membership Configuration setting port VID 50 VLAN Port Configuration Enable Port 2 3 VLAN Aware 3 VLAN Port Con...

Страница 79: ...ANs can be added or deleted Port members of each Private VLAN can be added or removed Private VLANs are based on the source port mask and there are no connections to VLANs This means that VLAN IDs and...

Страница 80: ...s enabled when you click Save The Delete button can be used to undo the addition of new private VLANs Save Click to save changes Reset Click to undo any changes made locally and revert to previously s...

Страница 81: ...SNMPv1 or SNMPv2c SNMPv3 uses User based Security Model USM for authentication and privacy and the community string will be associated with SNMPv3 communities table It provides more flexibility to co...

Страница 82: ...ng length is 0 to 255 and the allowed content is ASCII characters from 33 to 126 community string In addition to community string a particular range of source addresses can be used to restrict source...

Страница 83: ...D Indicates the SNMP trap probe security engine ID mode of operation Possible values are Enabled Enable SNMP trap probe security engine ID mode of operation Disabled Disable SNMP trap probe security e...

Страница 84: ...Name Figure 72 SNMPv3 User Configuration Label Description Delete Check to delete the entry It will be deleted during the next save Engine ID An octet string identifying the engine ID that this entry...

Страница 85: ...otocol SHA an optional flag to indicate that this user is using SHA authentication protocol The value of security level cannot be modified if the entry already exists which means the value must be set...

Страница 86: ...for SNMPv2c usm User based Security Model USM Security Name A string identifying the security name that this entry should belong to The allowed string length is 1 to 32 and only ASCII characters from...

Страница 87: ...efining the root of the subtree to add to the named view The allowed OID length is 1 to 128 The allowed string content is digital number or asterisk Add New Entry Click to add a new view configuration...

Страница 88: ...rioritization Storm Control A traffic storm occurs when packets flood the LAN creating excessive traffic and degrading network performance Storm Control is a feature which monitors incoming traffic le...

Страница 89: ...ork or to carry information from one interface in a device to another When traffic is marked QoS operations on that traffic can be applied Shaping and policing Shaping is the process of imposing a max...

Страница 90: ...be overruled by a QCL entry Note if the default QoS class has been dynamically changed then the actual default QoS class is shown in parentheses after the configured default QoS class DP level Contro...

Страница 91: ...on the mode to configure the mode and or mapping Note this setting has no effect if the port is VLAN unaware Tagged frames received on VLAN unaware ports are always classified to the default QoS clas...

Страница 92: ...tings for individual ports There are two configuration parameters available in Ingress 1 Translate 2 Classify Translate Check to enable ingress translation Classify Classification has 4 different valu...

Страница 93: ...icer The default value is 500 This value is restricted to 100 to 1000000 when the Unit is kbps or fps and it is restricted to 1 13200 when the Unit is Mbps or kfps Unit Configures the unit of measurem...

Страница 94: ...abled Unit Configures the unit of measurement for each queue policer rate as kbps or Mbps The default value is kbps This field is only shown if at least one of the queue policers is enabled Save Click...

Страница 95: ...nfigure the shapers Details for configuration can be found in the QoS Egress Port Scheduler and Shapers section Shapers Qn Shows disabled or actual port shaper rate e g 800 Mbps QoS Egress Port Schedu...

Страница 96: ...is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Queue Shaper Excess Allows the queue to use excess bandwidth Port Shaper Enable Check to enable port shaper for individual switch ports...

Страница 97: ...gures the weight of each queue The default value is 17 This value is restricted to 1 to 100 This parameter is only shown if Scheduler Mode is set to Weighted Queue Scheduler Percent Shows the weight o...

Страница 98: ...g frame is classified to a DP level which is used throughout the device for providing congestion control guarantees to the frame according to what was configured for that specific DP level Frames with...

Страница 99: ...o new DSCP before using the DSCP for QoS class and DPL map There are two configuration parameters for DSCP Translation 1 Translate DSCP can be translated to any of 0 63 DSCP values 2 Classify check to...

Страница 100: ...o configure the mapping of QoS class to DSCP value Figure 88 DSCP Classification Label Description QoS Class Actual QoS class A QoS class of 0 zero has the lowest priority DPL Actual Drop Precedence L...

Страница 101: ...e QCL entry By default all ports are included Key Parameters Key configurations include Tag value of tag can be Any Untag or Tag VID valid value of VLAN ID can be any value from 1 to 4095 o r Any a sp...

Страница 102: ...Source IP address in value mask format or Any IP and mask are in the format of x y z w where x y z and w are decimal numbers between 0 and 255 When the mask is converted to a 32 bit binary string and...

Страница 103: ...8 QoS queues per port Q0 is the lowest priority Rx Tx The number of received and transmitted packets per queue Refresh Click to refresh the page immediately Clear Clear all statistics counters Auto r...

Страница 104: ...t will be put in the queue DPL Drop Precedence Level if a frame matches the QCE then DP level will be set to a value displayed under DPL column DSCP if a frame matches the QCE then DSCP will be classi...

Страница 105: ...ooding The flooding control takes effect only when IGMP Snooping is enabled When IGMP Snooping is disabled unregistered IPMCv4 traffic flooding is always active in spite of this setting Router Port Sp...

Страница 106: ...he displayed table starting from that or the next closest VLAN Table match The will use the last entry of the currently displayed entry as a basis for the next lookup When the end is reached the text...

Страница 107: ...Transmitted The number of transmitted Queries Queries Received The number of Received Queries V1 Reports Received The number of received V1 reports V2 Reports Received The number of received V2 report...

Страница 108: ...he next closest IGMP Group Table match In addition the two input fields will upon clicking Refresh assume the value of the first displayed entry allowing for continuous refresh with the same start add...

Страница 109: ...0 0 0 it means Any IP Web Check this item to enable Web management interface Telnet Check this item to enable Telnet management interface SNMP Check this item to enable SNMP management interface Save...

Страница 110: ...continually Alive Check Status Indicates the Alive Check status Possible options are Disable Got Reply Got ping reply from device that means the device is still alive Lost Reply Lost ping reply from d...

Страница 111: ...ias IP Address Specifies alias IP address Keep 0 0 0 0 if the device does not have an alias IP address Alive Check You can use ping commands to check port link status If port link fails you can set ac...

Страница 112: ...Enables or disables DDOS prevention of the port Sensibility Indicates the level of DDOS detection Possible levels are Low low sensibility Normal normal sensibility Medium medium sensibility High high...

Страница 113: ...Log it simply logs the event Status Indicates the DDOS prevention status Possible statuses are disables DDOS prevention Analyzing analyzes packet throughput for initialization Running analysis complet...

Страница 114: ...ure Stream Check settings Figure 102 Steam Check Label Description Mode Enables or disables stream monitoring of the port Action Indicates the action to take when the stream gets low Possible actions...

Страница 115: ...value is Disabled Port Redirect Select which port frames are redirected on The allowed values are Disabled or a specific port number and it can t be set when action is permitted The default value is...

Страница 116: ...he page immediately Clear Clear all statistics counters Save Click to save changes Reset Click to undo any changes made locally and revert to previously saved values Rate Limiters This page allows the...

Страница 117: ...click the sign the following default ACE Configuration appears Figure 106 Default ACE Configuration An ACE consists of several parameters These parameters vary with the frame type you have selected F...

Страница 118: ...tch the ACE Ethernet Type only Ethernet type frames can match the ACE The IEEE 802 3 describes the value of length types should be greater than or equal to 1536 decimal equal to 0600 hexadecimal ARP o...

Страница 119: ...ed Shutdown Specifies the shutdown operation of the ACE The allowed values are Enabled if a frame matches the ACE the ingress port will be disabled Disabled port shutdown is disabled for the ACE Count...

Страница 120: ...number appears VLAN ID When Specific is selected for the VLAN ID filter the user can enter a specific VLAN ID number The allowed range is 1 to 4095 Frames matching the ACE will use this VLAN ID value...

Страница 121: ...t not be able to match this entry Non zero IPv4 frames with a time to live field greater than zero must be able to match this entry Any any value is allowed don t care IP Fragment Specifies the fragme...

Страница 122: ...Host Specify the destination IP address in the DIP Address field that appears Network destination IP filter is set to Network Specify the destination IP address and destination IP mask in the DIP Addr...

Страница 123: ...ted decimal notation Sender IP Mask When Network is selected for the sender IP filter you can enter a specific sender IP mask in dotted decimal notation Dotted Decimal Notation refers to a method of w...

Страница 124: ...where the HLN is equal to Ethernet 0x06 and the PLN is equal to IPv4 0x04 must match this entry Any any value is allowed don t care IP Specifies whether frames will meet the action according to their...

Страница 125: ...matching the ACE will use this ICMP value ICMP Code Filter Specifies the ICMP code filter for the ACE Any no ICMP code filter is specified ICMP code filter status is don t care Specific if you want to...

Страница 126: ...Destination Filter Specifies the TCP UDP destination filter for the ACE Any no TCP UDP destination filter is specified TCP UDP destination filter status is don t care Specific if you want to filter a...

Страница 127: ...le to match this entry Any any value is allowed don t care TCP URG Specifies the TCP URG urgent pointer field significant value for the ACE 0 TCP frames where the URG field is set must not be able to...

Страница 128: ...4 TCP The ACE will match IPv4 frames with TCP protocol IPv4 Other The ACE will match IPv4 frames which are not ICMP UDP TCP IPv6 The ACE will match all IPv6 standard frames Action Indicates the forwar...

Страница 129: ...sage warns about this event and interface is marked with a loop protect comment by system Conflict Show conflict entries in the ACL Refresh Click to refresh the page Auto refresh Check to enable an au...

Страница 130: ...The RADIUS Authentication Server number for which the configuration below applies Enabled Enable the RADIUS Authentication Server by checking this box IP Address The IP address of the RADIUS Authentic...

Страница 131: ...The IP address and UDP port number in IP Address UDP Port notation of the server For example 0 0 0 0 1812 Status The current status of the server This field takes one of the following values Disabled...

Страница 132: ...eady The server is enabled IP communication is up and running and the RADIUS module is ready to accept access attempts Dead X seconds left Access attempts were made to this server but it did not reply...

Страница 133: ...AccessChallenges The number of RADIUS Access Challenge packets valid or invalid received from the server Rx Malformed Access Responses radiusAuthClientExt MalformedAccessRe sponses The number of malfo...

Страница 134: ...te of the server and the latest round trip time Name RFC4668 Name 4 Description IP Address IP address and UDP port for the authentication server in question State Shows the state of the server It take...

Страница 135: ...received from the server Malformed packets include packets with an invalid length Bad authenticators or unknown types are not included as malformed access responses Rx Bad Authenticators radiusAcctCl...

Страница 136: ...the following values Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and runn...

Страница 137: ...between the switch and the RADIUS server are RADIUS packets RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch s IP address name and the supplicant s port number o...

Страница 138: ...igured accordingly When authentication is complete the RADIUS server sends a success or failure indication which in turn causes the switch to open up or block traffic for that particular client using...

Страница 139: ...sed ports Aging Period This setting applies to the following modes i e modes using the Port Security functionality to secure MAC addresses MAC Based Auth When the NAS module uses the Port Security mod...

Страница 140: ...icant and the authentication server Frames sent between the supplicant and the switch are special 802 1X frames known as EAPOL EAP Over LANs frames EAPOL frames encapsulate EAP PDUs 2 Frames sent betw...

Страница 141: ...as nothing to do with the 802 1X standard The advantage of MAC based authentication over port based 802 1X is that several clients can be connected to the same port e g through a 3rd party switch or a...

Страница 142: ...frame for EAPOL based authentication and the most recently received frame from a new client for MAC based authentication Last ID The user name supplicant identity carried in the most recently received...

Страница 143: ...urrent state of the port Refer to NAS Port State for more details regarding each value Port n The port select drop down box determines which port s information is shown by selecting port n Where n is...

Страница 144: ...tch Rx Start dot1xAuthEapolStartFrames Rx The number of EAPOL Start frames that have been received by the switch Rx Logoff dot1xAuthEapolLogoffFram esRx The number of valid EAPOL Logoff frames that ha...

Страница 145: ...elect drop down box determines which port s information is shown by selecting port n Where n is a valid port number Auto refresh Check this box to refresh the page automatically Automatic refresh occu...

Страница 146: ...ackend server chose an EAP method MAC based Not applicable Rx Auth Successes dot1xAuthBackend AuthSuccesses 802 1X and MAC based Counts the number of times that the switch receives a success indicatio...

Страница 147: ...ion MAC Address dot1xAuthLastEapol FrameSource The MAC address of the last supplicant client VLAN ID The VLAN ID on which the last frame from the last supplicant client was received Version dot1xAuthL...

Страница 148: ...no clients are attached it shows No clients attached VLAN ID This column holds the VLAN ID of the corresponding client that is currently secured through the Port Security module State The client can e...

Страница 149: ...Figure 133 System Log Configuration Label Description Server Mode Indicates existing server mode When the mode operation is enabled the syslog message will be sent to syslog server The syslog protoco...

Страница 150: ...E mail Alarm Enables or disables transmission of system warnings by e mail SMTP Server Address The SMTP server IP address or domain name address Sender E mail Address Sender email address Mail Subjec...

Страница 151: ...t the checkbox cannot be checked when SYSLOG is disabled Figure 135 System Warning Event Selection SYSLOG is the warning method supported by the system Check the corresponding box to enable the system...

Страница 152: ...own Link Up Link Down SMTP Port Event Select the SMTP event for a specific port number Options are Disable Link Up Link Down Link Up Link Down Save Click to save changes Reset Click to undo any change...

Страница 153: ...Description Auto Learning is done automatically as soon as a frame with unknown SMAC is received Disable No learning is done Secure Only static MAC entries are learned all other frames are dropped No...

Страница 154: ...rt to mirror is also known as the mirror port Frames from ports that have either source Rx or destination Tx mirroring enabled are mirrored to this port Disabled option disables mirroring Figure 138 M...

Страница 155: ...or error level of the system log All choose for all levels to be logged Time The time of the system log entry Message The MAC Address of this switch Auto refresh Check this box to enable an automatic...

Страница 156: ...for receive and transmit Label Description Port The logical port for the settings contained in the same row Click on a port to go to that ports Detailed Statistics page Packets The number of received...

Страница 157: ...nters The number of received and transmitted packets per input and output queue Rx Drops The number of frames dropped due to insufficient receive buffer or egress congestion Rx CRC Alignment The numbe...

Страница 158: ...range from 1 time to 60 times Ping Interval The interval of the ICMP packet Values range from 0 second to 30 seconds VeriPHY Cable Diagnostics This page is used for running the VeriPHY Cable Diagnosti...

Страница 159: ...gnostics Therefore running VeriPHY on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete Label Description Port The port for which VeriPHY Cable Diagno...

Страница 160: ...an measure the temperature of the apparatus helping you monitor the status of connection and detect errors immediately through DDM Web interface event alarms can be managed and set up Figure 144 SFP M...

Страница 161: ...el Description One_PPS_Mode The box allows the user to select One_PPS_Mode configurations The following values are possible Output enable the 1 pps clock output Input enable the 1 pps clock input Disa...

Страница 162: ...y measurements are performed i e this is applicable only if frequency synchronization is needed The master always responds to delay requests Protocol The options for Transport protocol used by the PTP...

Страница 163: ...66 2020 IS5 COMMUNICATIONS INC ALL RIGHTS RESERVED Status This page allows the user to examine the current PTP clock settings For information on this screen see Synchronization Configuration above Fig...

Страница 164: ...witch is restored to factory defaults Figure 149 Factory Defaults Label Description Yes Click to reset the configuration to factory defaults No Click to return to the System Information page without r...

Страница 165: ...8 none 1 none Before starting CLI management by the RS 232 serial console connect the RS 232 port of the switch to your PC Follow the steps below to access the console via a RS 232 serial cable 1 Star...

Страница 166: ...2 Tera Term VT Serial port setup 4 Press Enter for the Console login screen to appear Use the keyboard to enter the Console Username and Password which is same as for Web management admin for both the...

Страница 167: ...e steps below to access the console via Telnet Connect your PC to one of the Ethernet ports of the switch via an Ethernet cable Telnet to the IP address of the switch from the Windows Run command or f...

Страница 168: ...Link Aggregation Control Protocol STP Spanning Tree Protocol Dot1x IEEE 82 1X port authentication IGMP Internet Group Management Protocol snooping LLDP Link Layer Discovery Protocol MAC MAC address ta...

Страница 169: ...DHCP enable disable Setup ip_addr ip_mask ip_router vid Ping ip_addr_string ping_length SNTP ip_addr_string Auth Auth Configuration Timeout timeout Deadtime dead_time RADIUS server_index enable disabl...

Страница 170: ...st active passive Status port_list Statistics port_list clear STP STP Configuration Version stp_version Non certified release v Txhold holdcount lt 15 15 15 Dec 6 2007 MaxAge max_age FwdDelay delay bp...

Страница 171: ...uthorized Authenticate port_list now Reauthentication enable disable Period reauth_period Timeout eapol_timeout Statistics port_list clear eapol radius Clients port_list all client_cnt Agetime age_tim...

Страница 172: ...VLAN Configuration port_list Aware port_list enable disable PVID port_list vid none FrameType port_list all tagged Add vid port_list Delete vid Lookup vid PVLAN PVLAN Configuration port_list Add pvlan...

Страница 173: ...t policy Rate rate_limiter_list packet_rate Add ace_id ace_id_next switch port port policy policy vid tag_prio dmac_type etype etype smac dmac arp sip dip smac arp_opcode arp_flags ip sip dip protocol...

Страница 174: ...kup index Group Add security_model security_name group_name Group Delete index Group Lookup index View Add view_name included excluded oid_subtree View Delete index View Lookup index Access Add group_...

Страница 175: ...apacity of 1 A at 24 VDC Technology MAC Table 8K Priority Queues 8 Processing Store and Forward Switch Properties Switching latency 7 s Switching bandwidth 24 Gbps Max Number of Available VLANs 4096 I...

Страница 176: ...ackets for troubleshooting IP connectivity issues SNTP for synchronizing of clocks over network Network Redundancy RSTP IEEE 802 1 D w MSTP RSTP STP compatible Fast Recovery and Dual Port Recovery Phy...

Страница 177: ...escription 16 VendorName 48 ProductName 81 Version 85 MacAddress 256 SysName 512 SysDescription 768 SysLocation 1024 SysContact 4096 PortStatus Port 1 VTSS_PORTS Value 0x0000 Link down 0x0001 Link up...

Отзывы:

Нет отзывов

Похожие инструкции для IES12G

Keithley 707 Quick Reference Manual preview
707
Бренд: Keithley Страницы: 66
IBM N Series Setup And Configuration Manual preview
N Series
Бренд: IBM Страницы: 44
C&H Technologies M221 Specifications preview
M221
Бренд: C&H Technologies Страницы: 1
D-Box G3 Installation Manual preview
G3
Бренд: D-Box Страницы: 31
Hama 11800 Operating Instruction preview
11800
Бренд: Hama Страницы: 5
3Com SuperStack 3 4900 Datasheet preview
SuperStack 3 4900
Бренд: 3Com Страницы: 2
Cabletron Systems SmartSwitch 6500 User Manual preview
SmartSwitch 6500
Бренд: Cabletron Systems Страницы: 150
Cabletron Systems MMAC-Plus 9H421-12 User Manual preview
MMAC-Plus 9H421-12
Бренд: Cabletron Systems Страницы: 38
Cabletron Systems ESXMIM Management Manual preview
ESXMIM
Бренд: Cabletron Systems Страницы: 86
Cabletron Systems MMAC-Plus 9T125-24 User Manual preview
MMAC-Plus 9T125-24
Бренд: Cabletron Systems Страницы: 30
Cabletron Systems 7C03 MMAC SmartSWITCH Installation Manual preview
7C03 MMAC SmartSWITCH
Бренд: Cabletron Systems Страницы: 16
ATEN CS1922M User Manual preview
CS1922M
Бренд: ATEN Страницы: 17
F&F PF-421 TRMS Manual preview
PF-421 TRMS
Бренд: F&F Страницы: 10
N-Tron 708M12 User Manual & Installation Manual preview
708M12
Бренд: N-Tron Страницы: 169
Accton Technology EH2045S Quick Start Manual preview
EH2045S
Бренд: Accton Technology Страницы: 8
CoolGear CG-UC31PD4H Product Manual preview
CG-UC31PD4H
Бренд: CoolGear Страницы: 8
IOGear GUH227 Quick Start Manual preview
GUH227
Бренд: IOGear Страницы: 6
Lantech IGS-3208MGSFP User Manual preview
IGS-3208MGSFP
Бренд: Lantech Страницы: 27

Бренды по названию

Популярные бренды

Загрузить еще бренды