Planet IGS-10020 Скачать руководство пользователя страница 250

Страница: 250 / 409

User’s Manual

250

4.11 Authentication

This section is to control the access of the Industrial Managed Switch, including the user access and management control.

The Authentication section contains links to the following main topics:



IEEE 802.1X Port-based Network Access Control



MAC-based Authentication



User Authentication

Overview of 802.1X (Port-Based) Authentication

In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the

authentication server. The switch acts as the man-in-the-middle, forwarding requests and responses between the supplicant

and the authentication server. Frames sent between the supplicant and the switch are special 802.1X frames, known as

EAPOL

(EAP Over LANs)

frames. EAPOL frames encapsulate

EAP PDU

s (RFC3748). Frames sent between the switch and the

RADIUS server are RADIUS packets. RADIUS packets also encapsulate EAP PDUs together with other attributes like the

switch's IP address, name, and the supplicant's port number on the switch. EAP is very flexible, in that it allows for different

authentication methods, like

MD5-Challenge

PEAP

, and

TLS

. The important thing is that the authenticator (the switch) doesn't

need to know which authentication method the supplicant and the authentication server are using, or how many information

exchange frames are needed for a particular method. The switch simply encapsulates the EAP part of the frame into the

relevant type (EAPOL or RADIUS) and forwards it.

When authentication is completed, the RADIUS server sends a special packet containing a success or failure indication.

Besides forwarding this decision to the supplicant, the switch uses it to open up or block traffic on the switch port connected to

the supplicant.

Overview of MAC-based Authentication

Unlike 802.1X, MAC-based authentication is not a standard, but merely a best-practices method adopted by the industry. In

MAC-based authentication, users are called clients, and the switch acts as the supplicant on behalf of clients. The initial frame

(any kind of frame) sent by a client is snooped by the switch, which in turn uses the client's MAC address as both username and

password in the subsequent EAP exchange with the RADIUS server. The 6-byte MAC address is converted to a string on the

following form "xx-xx-xx-xx-xx-xx", that is, a dash (-) is used as separator between the lower-cased hexadecimal digits. The

switch only supports the MD5-Challenge authentication method, so the RADIUS server must be configured accordingly.

When authentication is complete, the RADIUS server sends a success or failure indication, which in turn causes the switch to

open up or block traffic for that particular client, using static entries into the MAC Table. Only then will frames from the client be

forwarded on the switch. There are no EAPOL frames involved in this authentication, and therefore, MAC-based Authentication

has nothing to do with the 802.1X standard.

Содержание IGS-10020

Страница 1: ...User s Manual...

Страница 2: ...ide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not instal...

Страница 3: ...2 1 6 Wiring the Digital Input Output 49 2 2 Installing the Industrial Managed Switch 51 2 2 1 Installation Steps 51 2 2 2 DIN rail Mounting 53 2 2 3 Wall Mount Plate Mounting 55 2 3 Cabling 56 2 3 1...

Страница 4: ...put 96 4 2 17 Fault Alarm 98 4 2 18 Web Firmware Upgrade 99 4 2 19 TFTP Firmware Upgrade 100 4 2 20 Save Startup Config 101 4 2 21 Configuration Download 101 4 2 22 Configuration Upload 102 4 2 23 Con...

Страница 5: ...Port Configuration 139 4 6 4 VLAN Membership Status 145 4 6 5 VLAN Port Status 146 4 6 6 Private VLAN 147 4 6 7 Port Isolation 149 4 6 8 VLAN setting example 151 4 6 8 1 Two Separate 802 1Q VLANs 151...

Страница 6: ...00 4 8 16 MVR Multicast VLAN Registration 201 4 8 17 MVR Status 204 4 8 18 MVR Groups Information 205 4 8 19 MVR SFM Information 206 4 9 Quality of Service 207 4 9 1 Understanding QoS 207 4 9 2 Port P...

Страница 7: ...w 278 4 11 9 RADIUS Details 280 4 11 10 Windows Platform RADIUS Server Configuration 286 4 11 11 802 1X Client Configuration 291 4 12 Security 294 4 12 1 Port Limit Control 294 4 12 2 Access Managemen...

Страница 8: ...r Ethernet Configuration 343 4 16 4 Port Sequential 345 4 16 5 Port Configuration 346 4 16 6 PoE Status 348 4 16 7 PoE Schedule 350 4 16 8 LLDP PoE Neighbours 352 4 17 Loop Protection 354 4 17 1 Confi...

Страница 9: ...Wizard 383 4 20 6 Ring Wizard Example 384 5 SWITCH OPERATION 387 5 1 Address Table 387 5 2 Learning 387 5 3 Forwarding Filtering 387 5 4 Store and Forward 387 5 5 Auto Negotiation 388 6 TROUBLESHOOTIN...

Страница 10: ...aged Switch IGS 20160HPT Industrial 16 Port 10 100 1000T 802 3at PoE 2 Port 10 100 100T 2 Port 100 1000X SFP Managed Switch Industrial Managed Switch is used as an alternative name for the above model...

Страница 11: ...tem into customer s industrial automation network to enhance system reliability and uptime in harsh factory environments In a certain simple Ring network the recovery time of data link can be as fast...

Страница 12: ...nitor connected PD powered device status in real time via ping action Once the PD stops working and responding the Industrial Managed PoE Switch will recycle the PoE port power and bring the PD back t...

Страница 13: ...witching and redundancy QoS traffic control network access control and authentication and Secure Management features to protect customer s industrial and building automation network connectivity with...

Страница 14: ...eatures 100BASE FX and 1000BASE SX LX SFP Small Form factor Pluggable fiber optic modules meaning the administrator now can flexibly choose the suitable SFP transceiver according to the transmission d...

Страница 15: ...of the Industrial Managed Switch Section 4 WEB CONFIGURATION The section explains how to manage the Industrial Managed Switch by Web interface Section 5 SWITCH OPERATION The chapter explains how to d...

Страница 16: ...PoE power budget control Per port PoE function enable disable PoE admin mode control PoE port power feeding priority Per PoE port power limit PD classification detection Intelligent PoE features Temp...

Страница 17: ...g of the incoming or outgoing traffic on a particular port Loop protection to avoid broadcast loops Supports E R P S Ethernet Ring Protection Switching IEEE 1588 and synchronous Ethernet network timin...

Страница 18: ...tack management Switch Management Interfaces Console Telnet Command Line Interface Web switch management SNMP v1 and v2c switch management SSH SSL and SNMP v3 secure access IPv6 IP address NTP DNS man...

Страница 19: ...e 8K entries automatic source address learning and ageing 8K entries automatic source address learning and ageing 8K entries automatic source address learning and ageing Shared Data Buffer 512 kilobyt...

Страница 20: ...tem on 17 watts 57BTU Full loading LED Indicator System Power 1 Green Power 2 Green Fault Alarm Green Ring Green R O Green Per 10 100 1000T RJ45 Port 1000 LNK ACT Green 10 100 LNK ACT Orange Per SFP I...

Страница 21: ...r 3 Functions IP Interfaces Max 8 VLAN interfaces Routing Table Max 32 routing entries Routing Protocols IPv4 software static routing IPv6 software static routing Standards Conformance Regulatory Comp...

Страница 22: ...Bridge MIB RFC 1643 Ethernet MIB RFC 2863 Interface MIB RFC 2665 Ether Like MIB RFC 2819 RMON MIB Group 1 2 3 and 9 RFC 2737 Entity MIB RFC 2618 RADIUS Client MIB RFC 2933 IGMP STD MIB RFC 3411 SNMP F...

Страница 23: ...tes 29 7Mpps 64Bytes Address Table 8K entries automatic source address learning and ageing Shared Data Buffer 4Mbits Flow Control IEEE 802 3x pause frame for full duplex Back pressure for half duplex...

Страница 24: ...get 130W maximum depending on power input 270W maximum depending on power input 320W maximum depending on power input Max number of Class 2 PDs 8 16 Max number of Class 3 PDs 8 16 Max number of Class...

Страница 25: ...ting Table Max 32 routing entries Routing Protocols IPv4 software static routing IPv6 software static routing Standards Conformance Regulatory Compliance FCC Part 15 Class A CE Stability Testing IEC60...

Страница 26: ...1493 Bridge MIB RFC 1643 Ethernet MIB RFC 2863 Interface MIB RFC 2665 Ether Like MIB RFC 2819 RMON MIB Group 1 2 3 and 9 RFC 2737 Entity MIB RFC 2618 RADIUS Client MIB RFC 2933 IGMP STD MIB RFC 3411 S...

Страница 27: ...and wall mount kit Connector Removable 6 pin terminal block for power input Pin 1 2 for Power 1 Pin 3 4 for fault alarm Pin 5 6 for Power 2 Alarm One relay output for power failure Alarm Relay curren...

Страница 28: ...support MLD Snooping MLD v1 v2 Snooping up to 255 multicast Groups MLD Querier mode support Access Control List IP based ACL MAC based ACL Up to 256 entries Bandwidth Control Per port bandwidth contro...

Страница 29: ...P version 3 RFC 2710 MLD version 1 FRC 3810 MLD version 2 SNMP MIBs RFC 1213 MIB II IF MIB RFC 1493 Bridge MIB RFC 1643 Ethernet MIB RFC 2863 Interface MIB RFC 2665 Ether Like MIB RFC 2737 Entity MIB...

Страница 30: ...es the hardware features of Industrial Managed Switch For easier management and control of the Industrial Managed Switch familiarize yourself with its display indicators and ports Front panel illustra...

Страница 31: ...User s Manual 31 IGS 10020PT IGS 10020PT Dimensions W x D x H 72 x 107 x 152mm...

Страница 32: ...User s Manual 32 IGS 10020HPT IGS 10020HPT Dimensions W x D x H 72 x 107 x 152mm...

Страница 33: ...User s Manual 33 IGS 10080MFT IGS 10080MFT Dimensions W x D x H 72 x 107x 152mm...

Страница 34: ...User s Manual 34 IGS 12040MT IGS 12040MT Dimensions W x D x H 72 x 107 x 152mm...

Страница 35: ...User s Manual 35 IGS 20040MT IGS 20040MT Dimensions W x D x H 72 x 107 x 152mm...

Страница 36: ...User s Manual 36 IGS 20160HPT IGS 20160HPT Dimensions W x D x H 84 x 107 x 152mm...

Страница 37: ...User s Manual 37 2 1 2 Front Panel IGS 10020MT IGS 10020PT IGS 10020HPT Figure 2 1 IGS 10020MT Switch Front Panel Figure 2 2 IGS 10020PT Switch Front Panel Figure 2 3 IGS 10020HPT Switch Front Panel...

Страница 38: ...User s Manual 38 IGS 100080MFT IGS 12040MT IGS 20040MT Figure 2 4 IGS 10080MFT Switch Front Panel Figure 2 5 IGS 12040MT Switch Front Panel Figure 2 6 IGS 20040MT Switch Front Panel...

Страница 39: ...r Console Port The console port is an RJ45 port connector It is an interface for connecting a terminal directly Through the console port it provides rich diagnostic information including IP address se...

Страница 40: ...rning off and on the power The following is the summary table of reset button functions IGS 10020MT IGS 10020PT IGS 10020HPT IGS 20160HPT Figure 2 8 IGS 10020MT Reset Button Figure 2 9 IGS 10020PT IGS...

Страница 41: ...as power P2 Green Indicates power 2 has power Fault Green Indicates either power 1 or power 2 has no power Ring On Indicates the ERPS Ring has been created successfully Off Indicates the ERPS Ring has...

Страница 42: ...essfully R O Green Lights to indicate that the Ring Owner has been enabled Per 10 100 1000Mbps Port with PoE LED Color Function 10 100 1000 LNK ACT Green Lights to indicate the port is running in 10 1...

Страница 43: ...ort is successfully established Blinks Indicates that the Switch is actively sending or receiving data over that port 1000 Orange Lights Indicates that the port is successfully connecting to the netwo...

Страница 44: ...ablished Blinks Indicates that the switch is actively sending or receiving data over that port 10 100 LNK ACT Orange Lights Indicates the port is running in 10 100Mbps speed and successfully establish...

Страница 45: ...naged Switch comes with a DC inlet power socket and one terminal block connector with 6 contacts 1 Insert positive negative DC power wires into contacts 1 and 2 for DC Power 1 or 5 and 6 for DC Power...

Страница 46: ...User s Manual 46 Figure 2 16 IGS 10080MFT Upper Panel Figure 2 17 IGS 12040MT Upper Panel...

Страница 47: ...User s Manual 47 Figure 2 18 IGS 20040MT Upper Panel Figure 2 19 IGS 20160HPT Upper Panel...

Страница 48: ...2 5 DC 48V IGS 10020HPT Pin 1 5 Pin 2 6 DC 48V IGS 10080MFT Pin 1 5 Pin 2 6 DC 12 48V AC 24V IGS 12040MT Pin 1 5 Pin 2 6 DC 12 72V AC 24V IGS 20040MT Pin 1 5 Pin 2 6 DC 9 48V AC 24V IGS 20160HPT Pin 1...

Страница 49: ...ontacts 1 The wire gauge for the terminal block should be in the range of 12 24 AWG 2 When performing any of the procedures like inserting the wires or tightening the wire clamp screws make sure the p...

Страница 50: ...osening 1 2 3 4 5 6 DI0 DI1 DO0 DO1 GND GND Figure 2 22 6 pin Terminal Block for DI and DO Wiring Input 3 There are two Digital Input groups for you to monitor two different devices The following topo...

Страница 51: ...ial Managed Switch and the installation points attended to it 2 2 1 Installation Steps 1 Unpack the Industrial Managed Switch 2 Check if the DIN Rail is screwed on the Industrial Managed Switch or not...

Страница 52: ...rver The UTP port RJ45 LED on the Industrial Managed Switch will light up when the cable is connected with the network device Please refer to the LED Indicators section for LED light indication Make s...

Страница 53: ...the Industrial Managed Switch DIN rail mounting and wall mount plate mounting Please read the following topics and perform the procedures in the order being presented Follow all the DIN rail installat...

Страница 54: ...ual 54 Step 3 Check whether the DIN rail is tightly on the track Please refer to the following procedures to remove the Industrial Managed Switch from the track Step 4 Lightly remove the DIN rail from...

Страница 55: ...Industrial Managed Switch Use the screwdriver to loosen the screws to remove the DIN rail Step 2 Place the wall mount plate on the rear panel of the Industrial Managed Switch Step 3 Use the screwdrive...

Страница 56: ...f unshielded twisted pair cable UTP The IEEE 802 3 802 3u 802 3ab Fast Gigabit Ethernet standard requires Category 5 UTP for 100Mbps 100BASE TX 10BASE T networks can use Cat 3 4 5 or 1000BASE T use 5...

Страница 57: ...mode with both single mode and multi mode SFP transceivers The following list of approved PLANET SFP transceivers is correct at the time of publication Fast Ethernet Transceiver 100BASE X SFP Model Sp...

Страница 58: ...ngle Mode 10km 1310nm 40 75 degrees C MGB TL30 1000 LC Single Mode 30km 1310nm 40 75 degrees C MGB TL70 1000 LC Single Mode 70km 1550nm 40 75 degrees C Gigabit Ethernet Transceiver 1000BASE BX Single...

Страница 59: ...ation or a media converter 3 Check the LNK ACT LED of the SFP slot on the front of the Industrial Managed Switch Ensure that the SFP transceiver is operating correctly 100BASE FX Before connecting the...

Страница 60: ...able to disable the port in advance 2 Remove the fiber optic cable gently 3 Turn the lever of the MGB MFB module to a horizontal position 4 Pull out the module gently through the lever Figure 2 26 Pul...

Страница 61: ...verview Remote Telnet Access Web Management Access SNMP Access Standards Protocols and Related Reading 3 1 Requirements Workstation running Windows XP 2003 Vista Windows 7 8 10 MAC OS X Linux Fedora U...

Страница 62: ...Must be near the switch or use dial up connection Not convenient for remote users Modem connection may prove to be unreliable or slow Remote Telnet Text based Telnet functionality built into Windows X...

Страница 63: ...emote telnet interface from personal computer or workstation in the same Ethernet environment as long as you know the current IP address of the Industrial Managed Switch Direct Access Direct access to...

Страница 64: ...ciated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator Remot...

Страница 65: ...the Industrial Managed Switch you can access the Industrial Managed Switch s Web interface applications directly in your Web browser by entering the IP address of the Industrial Managed Switch Figure...

Страница 66: ...ial Managed Switch and the SNMP Network Management Station to use the same community string This management method in fact uses two community strings the get community string and the set community str...

Страница 67: ...rt Discovery Utility 1 Open the Planet Smart Discovery Utility in administrator PC 2 Run this utility and the following screen appears Figure 3 6 Planet Smart Discovery Utility Screen If there are two...

Страница 68: ...shown below Update Device Use the current setting on one single device Update Multi Use the current setting on choose multi devices Update All Use the current setting on whole devices in the list The...

Страница 69: ...s The Industrial Managed Switch can be configured through an Ethernet connection making sure the manager PC must be set on same the IP subnet address with the Industrial Managed Switch For example the...

Страница 70: ...appears Figure 4 1 2 Login Screen Default User name admin Default Password admin After entering the username and password the main screen appears as Figure 4 1 3 Figure 4 1 3 Default Main page Now you...

Страница 71: ...naged Switch 2 The changed IP address takes effect immediately after clicking on the Save button From now on you need to use the new IP address to access the Internet 3 For security reason please chan...

Страница 72: ...h s Web browser interface to configure and manage it Figure 4 1 4 Main page Panel Display The web agent displays an image of the Industrial Managed Switch s ports The Mode can be set to display differ...

Страница 73: ...Industrial Managed Switch and all its ports or monitor network conditions Via the Web Management the administrator can set up the Industrial Managed Switch by selecting the functions those listed in t...

Страница 74: ...G graph System Log The Managed Switch system log information is provided here Detailed Log The Managed Switch system detailed log information is provided here Remote Syslog Configure remote syslog on...

Страница 75: ...me Location The system location configured in Configuration System Information System Location MAC Address The MAC Address of this Industrial Managed Switch Power Power 1 and Power 2 ON OFF Status dis...

Страница 76: ...ive IP configuration Object Description IP Configurations Mode Configure whether the IP stack should act as a Host or a Router In Host mode IP traffic between interfaces will not be routed In Router m...

Страница 77: ...tween 0 and 30 bits for an IPv4 address IPv6 Address Provide the IP address of this Industrial Managed Switch An IPv6 address is in 128 bit records represented as eight fields of up to four hexadecima...

Страница 78: ...e of the entry This may be LINK or IPv4 Address The current address of the interface of the given type Status The status flags of the interface and or address IP Routes Network The destination IP netw...

Страница 79: ...e allowed range is 1 to 15 If the privilege level value is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level...

Страница 80: ...rivilege level value is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege level User s privilege should be same or...

Страница 81: ...e new user entry is shown on the Users Configuration page Figure 4 2 6 User Configuration page Screenshot If you forget the new password after changing the default password please press the Reset butt...

Страница 82: ...overview of the privilege levels After setup is completed please press the Apply button to take effect Please login web interface with new user name and password and the screen in Figure 4 2 7 appear...

Страница 83: ...PS SSH ARP Inspection and IP source guard IP Everything except ping Port Everything except VeriPHY Diagnostics ping and VeriPHY Maintenance CLI System Reboot System Restore Default System Password Con...

Страница 84: ...ration the agent forward and to transfer NTP messages between the clients and the server when they are not on the same subnet domain Disabled Disable NTP mode operation Server Provide the NTP IPv4 or...

Страница 85: ...2 9 Time Configuration page Screenshot The page includes the following fields Object Description Time Zone Lists various Time Zones worldwide Select appropriate Time Zone from the drop down menu and...

Страница 86: ...s Select the ending hour Minutes Select the ending minute Offset Settings Enter the number of minutes to add during Daylight Saving Time Range 1 to 1440 Buttons Click to apply changes Click to undo an...

Страница 87: ...the implementation the switch sends SSDP messages periodically at the interval one half of the advertising duration minus 30 seconds Valid values are in the range 100 to 86400 Buttons Click to apply c...

Страница 88: ...ame subnet domain And the DHCP broadcast message won t flood for security considered Disabled Disable DHCP relay mode operation Relay Server Indicates the DHCP relay server IP address A DHCP relay age...

Страница 89: ...atistics This page provides statistics for DHCP relay The DHCP Relay Statistics screen in Figure 4 2 12 appears Figure 4 2 12 DHCP Relay Statistics page Screenshot The page includes the following fiel...

Страница 90: ...er that is erroneously sent to servers Receive from Client The packets number that is received from server Receive Agent Option The packets number that is received with relay agent information option...

Страница 91: ...ort the SVG format Consult the SVG Wiki for more information on browser support Specifically at the time of writing Microsoft Internet Explorer will need to have a plugin installed to support SVG The...

Страница 92: ...ystem log Error Error level of the system log All All levels Clear Level To clear the system log entry level The following level types are supported Info Information level of the system log Warning Wa...

Страница 93: ...Log screen in Figure 4 2 15 appears Figure 4 2 15 Detailed Log page Screenshot The page includes the following fields Object Description ID The ID 1 of the system log entry Message The message of the...

Страница 94: ...er since UDP is a connectionless protocol and it does not provide acknowledgments The syslog packet will always be sent out even if the syslog server does not exist Possible modes are Enabled Enable r...

Страница 95: ...rols whether SMTP Authentication is enabled If authentication is required when an e mail is sent Authentication User Name Type the user name for the SMTP server if Authentication is Enable Authenticat...

Страница 96: ...re 4 2 18 Windows File Selection Menu Popup The page includes the following fields Object Description Enable Check the Enable checkbox to enable Digital Input output function Uncheck the Enable checkb...

Страница 97: ...via them As Digital Output Allows user to monitor an alarm from port failure power failure Digital Input 0 DI 0 and Digital Input 1 DI 1 which means if Digital Output has detected these events then D...

Страница 98: ...bject Description Enable Controls whether Fault Alarm is enabled on this switch Record Controls whether Record is sending System log or SNMP Trap or both Action Controls whether Port Fail or Power Fai...

Страница 99: ...ould pop up the file selection menu to choose firmware 4 Select on the firmware then click the Software Upload Progress would show the file with upload status 5 Once the software is loaded to the syst...

Страница 100: ...appears Figure 4 2 22 TFTP Firmware Update page Screenshot The page includes the following fields Object Description TFTP Server IP Fill in your TFTP server IP address Firmware File Name The name of...

Страница 101: ...based or stored in flash on the switch There are three system files running config A virtual file that represents the currently active configuration on the switch This file is volatile startup config...

Страница 102: ...nt configuration is fully replaced with the configuration in the uploaded file Merge mode The uploaded file is merged into running config If the file system is full i e contains the three system files...

Страница 103: ...e 4 2 28 Configuration Delete page Screenshot 4 2 25 Image Select This page provides information about the active and alternate backup firmware images in the device and allows you to revert to the alt...

Страница 104: ...the firmware image Date The date where the firmware was produced Buttons Click to use the alternate image This button may be disabled depending on system state 4 2 26 Factory Default You can reset th...

Страница 105: ...Reboot page enables the device to be rebooted from a remote location Once the Reboot button is pressed users have to re login the Web interface for about 60 seconds later as the System Reboot screen...

Страница 106: ...plays substantial memory and abundant disk space At least one NMS must be present in each managed environment Agents Agents are software modules that reside in network elements They collect and store...

Страница 107: ...anaged Switch s SNMP function This section has the following items System Configuration Configure SNMP on this page Trap Configuration Configure SNMP trap on this page System Information The system in...

Страница 108: ...2c community string In addition to community string a particular range of source addresses can be used to restrict source subnet Write Community Indicates the community write access string to permit a...

Страница 109: ...nfiguration s name for configuring The allowed string length is 0 to 255 and the allowed content is ASCII characters from 33 to 126 Trap Mode Indicates the SNMP trap mode operation Possible modes are...

Страница 110: ...urity Engine ID Indicates the SNMP trap security engine ID SNMPv3 sends traps and informs using USM for authentication and privacy A unique engine ID for these traps and informs is needed When Trap Pr...

Страница 111: ...and the allowed content is the ASCII characters from 32 to 126 System Name An administratively assigned name for this managed node By convention this is the node s fully qualified domain name A domai...

Страница 112: ...s the community access string to permit access to SNMPv3 agent The allowed string length is 1 to 32 and the allowed content is ASCII characters from 33 to 126 The community string will be treated as s...

Страница 113: ...eys In a simple agent usmUserEngineID is always that agent s own snmpEngineID value The value can also take the value of the snmpEngineID of a remote SNMP engine with which this user can communicate I...

Страница 114: ...ates the privacy protocol that this entry should belong to Possible privacy protocol are None None privacy protocol DES An optional flag to indicate that this user using DES authentication protocol AE...

Страница 115: ...owed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Group Name A string identifying the group name that this entry should belong to The allowed string length i...

Страница 116: ...subtree should be excluded In general if a view entry s view type is excluded it should be exist another view entry which view type is included and it s OID subtree overstep the excluded view entry OI...

Страница 117: ...security model that this entry should belong to Possible security models are NoAuth NoPriv None authentication and none privacy Auth NoPriv Authentication and none privacy Auth Priv Authentication an...

Страница 118: ...irror Sets the source and target ports for mirroring 4 4 1 Port Configuration This page displays current port configurations Ports can also be configured here The Port Configuration screen in Figure 4...

Страница 119: ...tes whether pause frames on the port are obeyed and the Current Tx column indicates whether pause frames on the port are transmitted The Rx and Tx settings are determined by the result of the last Aut...

Страница 120: ...ted packets per port Bytes The number of received and transmitted bytes per port Errors The number of frames received in error and the number of incomplete transmissions per port Drops The number of f...

Страница 121: ...rt Statistics Port 1 page Screenshot The page includes the following fields Receive Total and Transmit Total Object Description Rx and Tx Packets The number of received and transmitted good and bad pa...

Страница 122: ...number of long frames received with valid CRC Rx Fragments The number of short frames received with invalid CRC Rx Jabber The number of long frames received with invalid CRC Rx Filtered The number of...

Страница 123: ...type of current SFP module the possible types are 1000BASE SX 1000BASE LX 100BASE FX Speed Display the speed of current SFP module the speed value or description is obtained from the SFP module Differ...

Страница 124: ...anges made locally and revert to previously saved values Click to refresh the page immediately 4 4 5 Port Mirror Configure port Mirroring on this page This function provides monitoring network traffic...

Страница 125: ...All frames received on a given port also known as ingress or source mirroring All frames transmitted on a given port also known as egress or destination mirroring Mirror Port Configuration The Port Mi...

Страница 126: ...s transmitted are not mirrored Tx only Frames transmitted from this port are mirrored to the mirroring port Frames received are not mirrored Disabled Neither frames transmitted or frames received are...

Страница 127: ...signed manually Port Trunk or automatically by enabling Link Aggregation Control Protocol LACP on the relevant links Aggregated Links are treated by the system as a single logical port Specifically th...

Страница 128: ...eted from a VLAN The Spanning Tree Protocol will treat all the ports in a link aggregation as a whole Enable the link aggregation prior to connecting any cable between the switches to avoid creating a...

Страница 129: ...r the frame Check to enable the use of the Source MAC address or uncheck to disable By default Source MAC Address is enabled Destination MAC Address The Destination MAC Address can be used to calculat...

Страница 130: ...Members Each switch port is listed for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports bel...

Страница 131: ...l set the key as appropriate by the physical link speed 10Mb 1 100Mb 2 1Gb 3 Using the Specific setting a user defined value can be entered Ports with the same Key value can participate in the same ag...

Страница 132: ...ng fields Object Description Aggr ID The Aggregation ID associated with this aggregation instance For LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner System ID The system ID MAC...

Страница 133: ...d or that the port link is down Backup means that the port could not join the aggregation group but will join if other port leaves Meanwhile it s LACP status is disabled Key The key assigned to this p...

Страница 134: ...following fields Object Description Port The switch port number LACP Received Shows how many LACP frames have been sent from each port LACP Transmitted Shows how many LACP frames have been received at...

Страница 135: ...used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing function between the VLAN 2 The Industrial Managed S...

Страница 136: ...witch supports the following VLAN features Up to 255 VLANs based on the IEEE 802 1Q standard Port overlapping allowing a port to participate in multiple VLANs End stations can belong to multiple VLANs...

Страница 137: ...ion originally contained in the packet is retained 802 1Q Tag User Priority CFI VLAN ID VID 3 bits 1 bit 12 bits TPID Tag Protocol Identifier TCI Tag Control Information 2 bytes 2 bytes Preamble Desti...

Страница 138: ...to a tag aware device the packet should be tagged Default VLANs The Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to the defaul...

Страница 139: ...stand nomenclature of the Switch IEEE 802 1Q Tagged and Untagged Every port on an 802 1Q compliant switch can be configured as tagged or untagged Tagged Ports with tagging enabled will put the VID num...

Страница 140: ...could easily exceed the maximum VLAN limit of 4096 The Industrial Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge aggregating traffic fro...

Страница 141: ...enabled More VLANs may be created by using a list syntax where the individual elements are separated by commas Ranges are specified with a dash separating the lower and upper bound The following examp...

Страница 142: ...N that the port is not a member of are discarded By default all frames but frames classified to the Port VLAN a k a Native VLAN get tagged on egress Frames classified to the Port VLAN do not get C tag...

Страница 143: ...ts classified to the Port VLAN If frames must be tagged on egress they will be tagged with an S tag S Custom Port On ingress frames with a VLAN tag with a TPID 0x8100 or equal to the Ethertype configu...

Страница 144: ...is identical to the syntax used in the Enabled VLANs field By default a Trunk or Hybrid port will become member of all VLANs and is therefore set to 1 4095 The field may be left empty which means that...

Страница 145: ...from IP phones MVR MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN Multicast traffic for all channels is sent only on a single multicast VLAN Port Member...

Страница 146: ...n in Figure 4 6 5 appears Figure 4 6 5 VLAN Port Status for Static User page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in th...

Страница 147: ...due to hardware limitation Direct conflict between user modules Buttons Select VLAN Users from this drop down list Auto refresh Check this box to refresh the page automatically Automatic refresh occur...

Страница 148: ...ed Adding a New Private VLAN Click Add New Private VLAN to add a new private VLAN ID An empty row is added to the table and the private VLAN can be configured as needed The allowed range for a private...

Страница 149: ...m of web servers in a Demilitarized Zone DMZ are allowed to communicate with the outside world and with database servers on the inside segment but are not allowed to communicate with each other For pr...

Страница 150: ...is page is used for enabling or disabling port isolation on ports in a Private VLAN A port member of a VLAN can be isolated to other isolated ports on the same VLAN and Private VLAN The Port Isolation...

Страница 151: ...arated VLAN Each VLAN isolate network traffic so only members of the VLAN receive traffic from the same VLAN members The screen in Figure 4 6 8 appears and Table 4 6 9 describes the port configuration...

Страница 152: ...received the packet through Port 1 and Port 2 6 While the packet leaves Port 1 and Port 2 it will be stripped away it tag becoming an untagged packet Untagged packet entering VLAN 3 1 While PC 4 tran...

Страница 153: ...of Port 4 6 to be VLAN3 3 Enable VLAN Tag for specific ports Link Type Port 3 VLAN 2 and Port 6 VLAN 3 Change Port 3 Mode as Trunk and select Egress Tagging as Tag All and Type 2 in the Allowed VLANs...

Страница 154: ...thin the same VLAN group The screen in Figure 4 6 12 appears Figure 4 6 12 VLAN Trunking Diagram Setup steps 1 Add VLAN Group Add two VLANs VLAN 2 and VLAN 3 For Type 1 3 in Allowed Access VLANs colum...

Страница 155: ...erlaps both VLAN 2 and VLAN 3 members 4 Assign the VLAN Trunk Port to be the member of each VLAN to be aggregated For this example add Port 7 to be VLAN 2 and VLAN 3 member port 5 Specify Port 7 to be...

Страница 156: ...and promiscuous ports and the each PC is not able to access the isolated port of each other s PCs But they all need to access with the same server AP Printer This section will show you how to configu...

Страница 157: ...6 17 Private VLAN Port Setting 4 6 9 MAC based VLAN The MAC based VLAN entries can be configured here This page allows for adding and deleting MAC based VLAN entries and assigning the entries to diff...

Страница 158: ...ased VLAN entry can be configured as needed Any unicast MAC address can be configured for the MAC based VLAN entry No broadcast or multicast MAC addresses are allowed Legal values for a VLAN ID are 1...

Страница 159: ...one of the following values 1 Ethernet 2 LLC 3 SNAP Note On changing the Frame type field valid value of the following text field will vary depending on the new frame type you selected Value Valid va...

Страница 160: ...f PID will be any value from 0x0000 to 0xffff Group Name A valid Group Name is a unique 16 character long string for every entry which consists of a combination of alphabets a z or A Z and integers 0...

Страница 161: ...mapping entry on this page VLAN ID Indicates the ID to which Group Name will be mapped A valid VLAN ID ranges from 1 4095 Port Members A row of check boxes for each port is displayed for each Group N...

Страница 162: ...links at the time of a primary link failure is also accomplished automatically without operator intervention This automatic network reconfiguration provides maximum uptime to network users However th...

Страница 163: ...t be ideal For instance connecting higher speed links to a port that has a higher number than the current root port can cause a root port change STP Port States The BPDUs take some time to pass throug...

Страница 164: ...are forwarded from or received by STP enabled ports until the forwarding state is enabled for that port 2 STP Parameters STP Operation Levels The Switch allows for two levels of operation the switch...

Страница 165: ...ures that the BPDU is discarded when its age exceeds the value of the maximum age timer 20 seconds Forward Delay Timer The amount time spent by a port in the learning and listening states waiting for...

Страница 166: ...g the above parameters Max Age _ 2 x Forward Delay 1 second Max Age _ 2 x Hello Time 1 second Port Priority A Port Priority can be from 0 to 240 The lower the number the greater the probability the po...

Страница 167: ...User s Manual 167 Figure 4 7 2 Before Applying the STA Rules In this example only the default STP values are used Figure 4 7 3 After Applying the STA Rules...

Страница 168: ...ings The settings are used by all STP Bridge instances in the Switch or Switch Stack The Industrial Managed Switch support the following Spanning Tree protocols Compatibility Spanning Tree Protocol ST...

Страница 169: ...mum 30 Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge Valid values are in the range 6 to 40 seconds Default 20 Minimum The higher of 6 or 2 x Hello Tim...

Страница 170: ...trol packet Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 7 3 Bridge Status This page provides a status overview for all STP bridge inst...

Страница 171: ...allows the user to inspect the current STP CIST port configurations and possibly change them as well The CIST Port Configuration screen in Figure 4 7 6 appears Figure 4 7 6 STP CIST Port Configuratio...

Страница 172: ...re region of the network influence the spanning tree active topology possibly because those bridges are not under the full control of the administrator This feature is also known as Root Guard Restric...

Страница 173: ...802 1w 2001 Ethernet 50 600 200 000 20 000 000 Fast Ethernet 10 60 20 000 2 000 000 Gigabit Ethernet 3 10 2 000 200 000 Table 4 7 1 Recommended STP Path Cost Range Port Type Link Type IEEE 802 1D 199...

Страница 174: ...t The page includes the following fields Object Description MSTI The bridge instance The CIST is the default instance which is always active Priority Controls the bridge priority Lower numerical value...

Страница 175: ...enshot The page includes the following fields Configuration Identification Object Description Configuration Name The name identifying the VLAN to MSTI mapping Bridges must share the name and revision...

Страница 176: ...ows the user to inspect the current STP MSTI port configurations and possibly change them as well A MSTI port is a virtual port which is instantiated separately for each active CIST physical port for...

Страница 177: ...k speed using the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost po...

Страница 178: ...ds Object Description Port The switch port number of the logical STP port CIST Role The current STP port role of the ICST port The port role can be one of the following values AlternatePort BackupPort...

Страница 179: ...ived transmitted on the port RSTP The number of RSTP Configuration BPDU s received transmitted on the port STP The number of legacy STP Configuration BPDU s received transmitted on the port TCN The nu...

Страница 180: ...they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group for membe...

Страница 181: ...User s Manual 181 Figure 4 8 2 Multicast Flooding Figure 4 8 3 IGMP Snooping Multicast Stream Control...

Страница 182: ...p track of the membership of multicast groups on their respective sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A host sen...

Страница 183: ...If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propagates the...

Страница 184: ...during the next save Profile Name The name used for indexing the profile table Each entry has the unique name which is composed of at maximum 16 alphabetic and numeric characters At least one alphabet...

Страница 185: ...6 appears Figure 4 8 6 IPMC Profile Address Configuration page The page includes the following fields Object Description Delete Check to delete the entry The designated entry will be deleted during t...

Страница 186: ...y after the last entry currently displayed 4 8 4 IGMP Snooping Configuration This page provides IGMP Snooping related configuration The IGMP Snooping Configuration screen in Figure 4 8 7 appears Figur...

Страница 187: ...ave the Industrial Managed Switch automatically uses the port as IGMP Router port if the port receives IGMP query packets Fix The Industrial Managed Switch always uses the specified port as an IGMP Ro...

Страница 188: ...ave VLAN ID The VLAN ID of the entry IGMP Snooping Enable Enable the per VLAN IGMP Snooping Only up to 32 VLANs can be selected Querier Election Enable the IGMP Querier election in the VLAN Disable to...

Страница 189: ...ds LLQI LMQI for IGMP Last Member Query Interval The Last Member Query Time is the time value represented by the Last Member Query Interval multiplied by the Last Member Query Count The allowed range...

Страница 190: ...the IGMP join report is forwarded as normal If a requested multicast group is denied the IGMP join report is dropped IGMP throttling sets a maximum number of multicast groups that a port can join at...

Страница 191: ...ived The number of Received Querier V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Reports V3 Reports Received The number of Received V3 Reports V2...

Страница 192: ...ng of the IGMP Group Table The Start from VLAN and group input fields allow the user to select the starting point in the IGMP Group Table The IGMP Groups Information screen in Figure 4 8 11 appears Fi...

Страница 193: ...2 IGMP SSM Information page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed Port Switch port number Mode In...

Страница 194: ...en MLD Snooping is disabled unregistered IPMCv6 traffic flooding is always active in spite of this setting MLD SSM Range SSM Source Specific Multicast Range allows the SSM aware hosts and routers run...

Страница 195: ...put field When first visited the web page will show the first 20 entries from the beginning of the VLAN Table The first displayed will be the one with the lowest VLAN ID found in the VLAN Table The VL...

Страница 196: ...eneral Queries The allowed range is 0 to 31744 in tenths of seconds default query response interval is 100 in tenths of seconds 10 seconds LLQI LMQI for IGMP Last Member Query Interval The Last Member...

Страница 197: ...d the MLD join report is forwarded as normal If a requested multicast group is denied the MLD join report is dropped MLD throttling sets a maximum number of multicast groups that a port can join at th...

Страница 198: ...terface is administratively disabled Querier Transmitted The number of Transmitted Querier Querier Received The number of Received Querier V1 Reports Received The number of Received V1 Reports V2 Repo...

Страница 199: ...20 selected through the entries per page input field When first visited the web page will show the first 20 entries from the beginning of the MLD Group Table The Start from VLAN and group input fields...

Страница 200: ...Figure 4 8 18 appears Figure 4 8 18 MLD SSM Information page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group display...

Страница 201: ...riber port which is a switch port configured as an MVR receiver port When a subscriber selects a channel the set top box or PC sends an IGMP MLD report message to Switch A to join the appropriate mult...

Страница 202: ...ing It is suggested to enable Unregistered Flooding control when the MVR group table is full Delete Check to delete the entry The designated entry will be deleted during the next save MVR VID Specify...

Страница 203: ...mberships on a receiver port before removing the port from multicast group membership The value is in units of tenths of a seconds The range is from 0 to 31744 The default LLQI is 5 tenths or one half...

Страница 204: ...lds Object Description VLAN ID The Multicast VLAN ID IGMP MLD Queries Received The number of Received Queries for IGMP and MLD respectively IGMP MLD Queries Transmitted The number of Transmitted Queri...

Страница 205: ...VLAN and group input fields allow the user to select the starting point in the MVR Group Table The MVR Groups Information screen in Figure 4 8 21 appears Figure 4 8 21 MVR Groups Information page Scr...

Страница 206: ...ure 4 8 22 appears Figure 4 8 22 MVR SFM Information page Screenshot The page includes the following fields Object Description VLAN ID VLAN ID of the group Group Group address of the group displayed P...

Страница 207: ...classifies the traffic on the network Traffic classifications are determined by protocol application source destination and so on You can create and modify classifications The Switch then groups clas...

Страница 208: ...r is enabled on this switch port Rate Controls the rate for the policer This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 3300 when the Unit is Mbps or kfp...

Страница 209: ...ity A CoS of 0 zero has the lowest priority If the port is VLAN aware and the frame is tagged then the frame is classified to a CoS that is based on the PCP value in the tag as shown below Otherwise t...

Страница 210: ...s classified to the default DEI value All means all ports will have one specific setting Tag Class Shows the classification mode for tagged frames on this port Disabled Use default CoS and DPL for tag...

Страница 211: ...re 4 9 3 QoS Egress Port Schedule page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port number in...

Страница 212: ...ess Port Shapers page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port number in order to configu...

Страница 213: ...ields Object Description Schedule Mode Controls whether the scheduler mode is Strict Priority or Weighted on this switch port Queue Shaper Enable Controls whether the queue shaper is enabled for this...

Страница 214: ...Scheduler Mode is set to Weighted Port Shaper Enable Controls whether the port shaper is enabled for this switch port Port Shaper Rate Controls the rate for the port shaper This value is restricted t...

Страница 215: ...page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port number in order to configure tag remarking...

Страница 216: ...ontrols the tag remarking mode for this port Classified Use classified PCP DEI values Default Use default PCP DEI values Mapped Use mapped versions of QoS class and DP level PCP DEI Configuration Cont...

Страница 217: ...gress and egress settings Ingress In Ingress settings you can change ingress translation and classification settings for individual ports There are two configuration parameters available in Ingress Tr...

Страница 218: ...d and frame is remarked with remapped DSCP value The remapped DSCP value is always taken from the DSCP Translation Egress Remap DP0 table Remap DP Aware DSCP from analyzer is remapped and frame is rem...

Страница 219: ...s Classification page Screenshot The page includes the following fields Object Description DSCP Maximum number of supported DSCP values are 64 Trust Controls whether a specific DSCP value is trusted O...

Страница 220: ...DSCP Translation page Screenshot The page includes the following fields Object Description DSCP Maximum number of supported DSCP values are 64 and valid DSCP value ranges from 0 to 63 Ingress Ingress...

Страница 221: ...ue from select menu to which you want to remap DSCP value ranges form 0 to 63 Remap DP1 Select the DSCP value from select menu to which you want to remap DSCP value ranges form 0 to 63 Buttons Click t...

Страница 222: ...QCEs Each row describes a QCE that is defined The maximum number of QCEs is 256 on each switch Click on the lowest plus sign to add a new QCE to the list The QoS Control List screen in Figure 4 9 12 a...

Страница 223: ...incoming frames Possible frame types are Any The QCE will match all frame type Ethernet Only Ethernet frames with Ether Type 0x600 0xFFFF are allowed LLC Only LLC frames are allowed SNAP Only SNAP fr...

Страница 224: ...below DMAC Type Destination MAC type possible values are unicast UC multicast MC broadcast BC or Any SMAC Source MAC address 24 MS bits OUI or Any Tag Value of Tag field can be Any Untag or Tag VID V...

Страница 225: ...urce IP Specific Source IP address in value mask format or Any IP and Mask are in the format x y z w where x y z and w are decimal numbers between 0 and 255 When Mask is converted to a 32 bit binary s...

Страница 226: ...t means that the default classified value is not modified by this QCE Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values Return to the previous...

Страница 227: ...if a frame matches the QCE it will be put in the queue DPL Drop Precedence Level if a frame matches the QCE then DP level will set to value displayed under DPL column DSCP If a frame matches the QCE...

Страница 228: ...across the switch The Storm Control Configuration screen in Figure 4 9 15 appears Figure 4 9 15 Storm Control Configuration page Screenshot The page includes the following fields Object Description Po...

Страница 229: ...Figure 4 9 16 Queuing Counters page Screenshot The page includes the following fields Object Description Port The logical port for the settings contained in the same row Q0 Q7 There are 8 QoS queues p...

Страница 230: ...Voice VLAN Configuration screen in Figure 4 9 18 appears Figure 4 9 17 Voice VLAN Configuration page Screenshot The page includes the following fields Object Description Mode Indicates the Voice VLAN...

Страница 231: ...the specific port and configures the Voice VLAN members automatically Forced Force join to Voice VLAN Port Security Indicates the Voice VLAN port security mode When the function is enabled all non tel...

Страница 232: ...elete Check to delete the entry It will be deleted during the next save Telephony OUI An telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 characters long...

Страница 233: ...mission associated with a particular ACE ID There are three ACE frame types Ethernet Type ARP and IPv4 and two ACE actions permit and deny The ACE also contains many detailed different parameter optio...

Страница 234: ...allowed range is 1 to 16 When Disabled is displayed the rate limiter operation is disabled Port Redirect Indicates the port redirect operation of the ACE Frames matching the ACE are redirected to the...

Страница 235: ...gress port Policy Bitmask Indicates the policy number and bitmask of the ACE Frame Type Indicates the frame type of the ACE Possible values are Any The ACE will match any frame type EType The ACE will...

Страница 236: ...d on the port are not mirrored The default value is Disabled Counter The counter indicates the number of times the ACE was hit by a frame Modification Buttons You can modify each ACE Access Control En...

Страница 237: ...ngress port for which this ACE applies Any The ACE applies to any port Port n The ACE applies to this port number where n is the number of the switch port Policy Filter Specify the policy number filte...

Страница 238: ...icer ID Select which EVC policer ID to apply on this ACE The allowed values are Disabled or the values 1 through 256 Port Redirect Frames that hit the ACE are redirected to the port number specified h...

Страница 239: ...ecific destination MAC address with this ACE choose this value A field for entering a DMAC value appears DMAC Value When Specific is selected for the DMAC filter you can enter a specific destination M...

Страница 240: ...filter is set to Host Specify the sender IP address in the SIP Address field that appears Network Sender IP filter is set to Network Specify the sender IP address and sender IP mask in the SIP Address...

Страница 241: ...s allowed don t care IP Specify whether frames can hit the action according to their ARP RARP hardware address space HRD settings 0 ARP RARP frames where the HLD is equal to Ethernet 1 1 ARP RARP fram...

Страница 242: ...G OFFSET field is greater than zero must not be able to match this entry Yes IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry Any Any...

Страница 243: ...Extra fields for defining ICMP parameters will appear These fields are explained later in this help file UDP Select UDP to filter IPv6 UDP protocol frames Extra fields for defining UDP parameters will...

Страница 244: ...status is don t care Specific If you want to filter a specific ICMP filter with this ACE you can enter a specific ICMP value A field for entering an ICMP value appears ICMP Type Value When Specific is...

Страница 245: ...ion filter with this ACE you can enter a specific TCP UDP destination value A field for entering a TCP UDP destination value appears Range If you want to filter a specific range TCP UDP destination fi...

Страница 246: ...cant URG value for this ACE 0 TCP frames where the URG field is set must not be able to match this entry 1 TCP frames where the URG field is set must be able to match this entry Any Any value is allow...

Страница 247: ...mit Rate Limiter ID Select which rate limiter to apply on this port The allowed values are Disabled or the values 1 through 16 The default value is Disabled EVC Policer Select whether EVC policer is e...

Страница 248: ...re Enabled If a frame is received on the port the port will be disabled Disabled Port shut down is disabled The default value is Disabled State Specify the port state of this port The allowed values a...

Страница 249: ...the following fields Object Description Rate Limiter ID The rate limiter ID for the settings contained in the same row Rate pps The allowed values are 0 3276700 in pps or 0 100 200 300 1000000 in kbps...

Страница 250: ...d The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards it When authentication is completed the RADIUS server sends a special packet containing a...

Страница 251: ...TACACS Local user name and Privilege Level control RADIUS and TACACS are logon authentication protocols that use software running on a central server to control access to RADIUS aware or TACACS aware...

Страница 252: ...ctual authentication of the client The authentication server validates the identity of the client and notifies the switch whether or not the client is authorized to access the LAN and switch services...

Страница 253: ...enable authentication on a port by using the dot1x port control auto interface configuration command the switch must initiate authentication when it determines that the port link state transitions fro...

Страница 254: ...twork In contrast when an 802 1X enabled client connects to a port that is not running the 802 1X protocol the client initiates the authentication process by sending the EAPOL start frame When no resp...

Страница 255: ...allows you to configure how a user is authenticated when he logs into the switch via one of the management client interfaces The Authentication Method Configuration screen in Figure 4 11 3 appears Fi...

Страница 256: ...evert to previously saved values 4 11 3 Network Access Server Configuration This page allows you to configure the IEEE 802 1X and MAC based authentication system and port settings The IEEE 802 1X stan...

Страница 257: ...checked successfully authenticated supplicants clients are reauthenticated after the interval specified by the Reauthentication Period Reauthentication for 802 1X enabled ports can be used to detect...

Страница 258: ...the port is in a 802 1X based mode this is not so critical since supplicants that are no longer attached to the port will get removed upon the next reauthentication which will fail But if reauthentic...

Страница 259: ...disable RADIUS server assigned VLAN functionality When checked the individual ports ditto setting determines whether RADIUS assigned VLAN is enabled for that port When unchecked RADIUS server assigned...

Страница 260: ...mode The following modes are available Force Authorized In this mode the switch will send one EAPOL Success frame when the port link comes up and any client on the port will be allowed network access...

Страница 261: ...server will be contacted upon the next backend authentication server request from the switch This scenario will loop forever Therefore the server timeout should be smaller than the supplicant s EAPOL...

Страница 262: ...limited using the Port Security Limit Control functionality MAC based Auth Unlike port based 802 1X MAC based authentication is not a standard but merely a best practices method adopted by the industr...

Страница 263: ...cess Accept packet no longer carries a QoS Class or it s invalid or the supplicant is otherwise no longer present on the port the port s QoS Class is immediately reverted to the original QoS Class whi...

Страница 264: ...t packet The following criteria are used The Tunnel Medium Type Tunnel Type and Tunnel Private Group ID attributes must all be present at least once in the Access Accept packet The switch looks for th...

Страница 265: ...n the port are allowed access on this VLAN The switch will not transmit an EAPOL Success frame when entering the Guest VLAN While in the Guest VLAN the switch monitors the link for EAPOL frames and if...

Страница 266: ...successfully authenticated clients on the port and will not cause the clients to get temporarily unauthorized Reinitialize Forces a reinitialization of the clients on the port and thereby a reauthenti...

Страница 267: ...address carried in the most recently received EAPOL frame for EAPOL based authentication and the most recently received frame from a new client for MAC based authentication Last ID The user name suppl...

Страница 268: ...Statistics page Screenshot The page includes the following fields Port State Object Description Admin State The port s current administrative state Refer to NAS Admin State for a description of possib...

Страница 269: ...ave been received by the switch Rx Responses dot1xAuthEapolRespFr amesRx The number of valid EAPOL response frames other than Response Identity frames that have been received by the switch Rx Start do...

Страница 270: ...mitted by the switch Backend Server Counters These backend RADIUS frame counters are available for the following administrative states Port based 802 1X Single 802 1X Multi 802 1X MAC based Auth Direc...

Страница 271: ...ent has successfully authenticated to the backend server Rx Auth Failures dot1xAuthBackendAuth Fails 802 1X and MAC based Counts the number of times that the switch receives a failure message This ind...

Страница 272: ...pplicant client was received Version dot1xAuthLastEapolF rameVersion 802 1X based The protocol version number carried in the most recently received EAPOL frame MAC based Not applicable Identity 802 1X...

Страница 273: ...he VLAN ID that the corresponding client is currently secured through the Port Security module State The client can either be authenticated or unauthenticated In the authenticated state it is allowed...

Страница 274: ...MAC based Auth X Click to clear both the port counters and all of the attached client s counters The Last Client will not be cleared however This button is available in the following modes Multi 802 1...

Страница 275: ...Retransmit Retransmit is the number of times in the range from 1 to 1000 a RADIUS request is retransmitted to a server that is not responding If the server has not responded after the last retransmit...

Страница 276: ...ject Description Delete To delete a RADIUS server entry check this box The entry will be deleted during the next Save Hostname The IP address or hostname of the RADIUS server Auth Port The UDP port to...

Страница 277: ...for a reply from a TACACS server before it is considered to be dead Dead Time The Dead Time which can be set to a number between 0 to 1440 minutes is the period during which the switch will not send...

Страница 278: ...ional setting overrides the global key Leaving it blank will use the global key Buttons Click to add a new TACACS server An empty row is added to the table and the TACACS server can be configured as n...

Страница 279: ...only reachable when more than one server is enabled RADIUS Accounting Server Status Overview Object Description The RADIUS server number Click to navigate to detailed statistics for this server IP Add...

Страница 280: ...r Server Overview page Screenshot The page includes the following fields RADIUS Authentication Statistics The statistics map closely to those specified in RFC4668 RADIUS Authentication Client MIB Use...

Страница 281: ...ed RADIUS Access Response packets received from the server Malformed packets include packets with an invalid length Bad authenticators or Message Authenticator attributes or unknown types are not incl...

Страница 282: ...med out or received a response This variable is incremented when an Access Request is sent and decremented due to receipt of an Access Accept Access Reject Access Challenge timeout or retransmission T...

Страница 283: ...one server is enabled Round Trip Time radiusAuthClient ExtRoundTripTim e The time interval measured in milliseconds between the most recent Access Reply Access Challenge and the Access Request that m...

Страница 284: ...eived from the server on the accounting port Rx Packets Dropped radiusAccClientExt PacketsDropped The number of RADIUS packets that were received from the server on the accounting port and dropped for...

Страница 285: ...kes one of the following values Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is...

Страница 286: ...ts counter will not be cleared by this operation 4 11 10 Windows Platform RADIUS Server Configuration Setup the RADIUS server and assign the client IP address to the Industrial Managed Switch In this...

Страница 287: ...d New RADIUS Client on the Windows 2003 server Figure 4 11 12 Windows Server Add New RADIUS Client Setting 3 Assign the client IP address to the Industrial Managed Switch Figure 4 11 13 Windows Server...

Страница 288: ...should be the same as the key configured on the Industrial Managed Switch Figure 4 11 14 Windows Server RADIUS Server Setting 5 Configure ports attribute of 802 1X the same as 802 1X Port Configuratio...

Страница 289: ...6 Create user data The establishment of the user data needs to be created on the Radius Server PC For example the Radius Server is founded on Win2003 Server and then Figure 4 11 16 Windows 2003 AD Se...

Страница 290: ...ctive Directory Users and Computers create legal user data next right click a user what you created to enter properties and what to be noticed Figure 4 11 17 Add User Properties Screen Figure 4 11 18...

Страница 291: ...procedures show how to configure 802 1X Authentication in Windows XP Please note that if you want to change the 802 1x authentication type of a wireless client i e switch to EAP TLS from EAP MD5 you...

Страница 292: ...D 5 Challenge from the drop down list box for EAP type Figure 4 11 20 7 Click OK 8 When client has associated with the Industrial Managed Switch a user authentication notice appears in system tray Cli...

Страница 293: ...anual 293 Figure 4 11 21 Windows Client Popup Login Request Message 9 Enter the user name password and the logon domain that your account belongs 10 Click OK to complete the validation process Figure...

Страница 294: ...ng the number of users on a given port A user is identified by a MAC address and VLAN ID If Limit Control is enabled on a port the limit specifies the maximum number of users on the port If this numbe...

Страница 295: ...ch or hub which in turn is connected to a port on this switch on which Limit Control is enabled The end host will be allowed to forward if the limit is not exceeded Now suppose that the end host logs...

Страница 296: ...port shut down the port This implies that all secured MAC addresses will be removed from the port and no new will be learned Even if the link is physically disconnected and reconnected on the port by...

Страница 297: ...Access Management Configure access management table on this page The maximum entry number is 16 If the application s type matches any one of the access management entries it will allow access to the...

Страница 298: ...ent entry Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 12 3 Access Management Statistics This page provides statistics for access management Th...

Страница 299: ...hen the current connection is HTTPS to apply HTTPS disabled mode operation will automatically redirect web browser to an HTTP connection Possible modes are Enabled Enable HTTPS mode operation Disabled...

Страница 300: ...AC address to forward or block it For a MAC address to be set in the forwarding state all enabled user modules must unanimously agree on allowing the MAC address to forward If only one chooses to bloc...

Страница 301: ...ll enabled user modules must unanimously agree on allowing the MAC address to forward If only one chooses to block it it will be blocked until that user module decides otherwise The status page is div...

Страница 302: ...arrive Limit Reached The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limit is reached and no more MAC addresses should be taken in...

Страница 303: ...age includes the following fields Object Description MAC Address VLAN ID The MAC address and VLAN ID that is seen on this port If no MAC addresses are learned a single row stating No MAC addresses att...

Страница 304: ...intruder on the untrusted ports of DUT when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server Configure DHCP Snooping on this...

Страница 305: ...ration the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports Disabled Disable DHCP snooping mode operation Port Mode Configuration Indicates th...

Страница 306: ...resh the page automatically Automatic refresh occurs every 3 seconds It will use the last entry of the currently displayed table as a basis for the next lookup When the end is reached the text No more...

Страница 307: ...ly when both Global Mode and Port Mode on a given port are enabled IP Source Guard is enabled on this given port Max Dynamic Clients Specify the maximum number of dynamic clients can be learned on giv...

Страница 308: ...includes the following fields Object Description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The VLAN ID for the settings I...

Страница 309: ...the Refresh button will update the displayed table starting from that or the closest next Dynamic IP Source Guard Table match In addition the two input fields will upon a Refresh button click assume...

Страница 310: ...eenshot The page includes the following fields Object Description Mode of ARP Inspection Configuration Enable the Global ARP Inspection or disable the Global ARP Inspection Port Mode Configuration Spe...

Страница 311: ...of ARP Inspection will refer to the port setting There are four log types and possible types are None Log nothing Deny Log denied entries Permit Log permitted entries ALL Log all entries Buttons Clic...

Страница 312: ...N ID then by MAC address and then by IP address The Dynamic ARP Inspection Table screen in Figure 4 12 15 appears Figure 4 12 15 Dynamic ARP Inspection Table Screenshot Navigating the ARP Inspection T...

Страница 313: ...his particular port VLAN ID The VLAN ID of the entry MAC Address The MAC address of the entry IP Address The IP address of the entry Buttons Auto refresh Check this box to refresh the page automatical...

Страница 314: ...and switch ports The frames also contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MA...

Страница 315: ...ved Disable No learning is done Secure Only static MAC entries are learned all other frames are dropped Note Make sure that the link used for managing the switch is added to the Static Mac Table befor...

Страница 316: ...page will show the first 20 entries from the beginning of the MAC Table The first displayed will be the one with the lowest VLAN ID and the lowest MAC address found in the MAC Table The Start from MAC...

Страница 317: ...he ports that are members of the entry Buttons Auto refresh Automatic refresh occurs every 3 seconds Refreshes the displayed table starting from the Start from MAC address and VLAN input fields Flushe...

Страница 318: ...d maintain information gathered about the neighboring network nodes it discovers Link Layer Discovery Protocol Media Endpoint Discovery LLDP MED is an extension of LLDP intended for managing endpoint...

Страница 319: ...the default TTL is 4 30 120 seconds Tx Delay If some configuration is changed e g the IP address a new LLDP frame is transmitted but the time between the LLDP frames will always be at least the value...

Страница 320: ...e LLDP neighbors table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version and Platform is mapped to the LLDP System Description field Both the CDP and LLDP support system capabilities...

Страница 321: ...Object Description Fast start repeat count Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general In addit...

Страница 322: ...sion would be repeated The recommended value is 4 times given that 4 LLDP frames with a 1 second interval will be transmitted when an LLDP frame with new information is received It should be noted tha...

Страница 323: ...um 1983 CRS Code 4269 Prime Meridian Name Greenwich The associated vertical datum is Mean Lower Low Water MLLW This datum pair is to be used when referencing locations on water sea ocean Civic Address...

Страница 324: ...ject Description Emergency Call Service Emergency Call Service ELIN identifier data format is defined to carry the ELIN identifier as used during emergency call setup to a traditional CAMA or ISDN tru...

Страница 325: ...r than between Network Connectivity Devices and Endpoints and therefore does not need to advertise the multitude of network policies that frequently run on an aggregated link interior to the LAN Objec...

Страница 326: ...network policy treatment Video applications relying on TCP with buffering would not be an intended use of this application type Video Signaling conditional for use in network topologies that require...

Страница 327: ...new policy Specify the Application type Tag VLAN ID L2 Priority and DSCP for the new policy Click Save The number of policies supported is 32 Port Policies Configuration Every port may advertise a uni...

Страница 328: ...vice Definition LLDP MED Network Connectivity Devices as defined in TIA 1057 provide access to the IEEE 802 based LAN infrastructure for LLDP MED Endpoint Devices An LLDP MED Network Connectivity Devi...

Страница 329: ...bilities include all of the capabilities defined for the previous Generic Endpoint Class Class I and are extended to include aspects related to media streaming Example product categories expected to a...

Страница 330: ...than for the guest voice media Softphone Voice for use by softphone applications on typical data centric devices such as PCs or laptops Video Conferencing for use by dedicated Video Conferencing equi...

Страница 331: ...be used to provide Diffserv node behavior for the specified application type as defined in IETF RFC 2474 Contain one of 64 code point values 0 through 63 Auto negotiation Auto negotiation identifies i...

Страница 332: ...the neighbor port Port Description Port Description is the port description advertised by the neighbor unit System Name System Name is the name advertised by the neighbor unit System Capabilities Syst...

Страница 333: ...Statistics screen in Figure 4 14 5 appears Figure 4 14 5 LLDP Statistics page Screenshot The page includes the following fields Global Counters Object Description Neighbor entries were last changed It...

Страница 334: ...hassis ID or Remote Port ID is not already contained within the table Entries are removed from the table when a given port links down an LLDP shutdown frame is received or when the entry ages out TLVs...

Страница 335: ...he Industrial Managed Switch transmit ICMP packets and the sequence number and roundtrip time are displayed upon reception of a reply Cable Diagnostics The Cable Diagnostics performing tests on copper...

Страница 336: ...ed or until a timeout occurs The ICMP Ping screen in Figure 4 15 1 appears Figure 4 15 1 ICMP Ping page Screenshot The page includes the following fields Object Description IP Address The destination...

Страница 337: ...ply The page refreshes automatically until responses to all packets are received or until a timeout occurs The ICMPv6 Ping screen in Figure 4 15 2 appears Figure 4 15 2 ICMPv6 Ping page Screenshot The...

Страница 338: ...received or until a timeout occurs The ICMP Ping screen in Figure 4 15 3 appears Figure 4 15 3 Remote IP Ping Test page Screenshot The page includes the following fields Object Description Port The l...

Страница 339: ...ic on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete The ports belong to the currently selected stack unit as reflected by the page header The Veri...

Страница 340: ...ir A Cross B Abnormal cross pair coupling with pair B Cross C Abnormal cross pair coupling with pair C Cross D Abnormal cross pair coupling with pair D Length The length in meters of the cable pair Th...

Страница 341: ...10020HPT 20160HPT PoE Switch makes the installation of cameras or WLAN AP easier and more efficient Figure 4 16 1 Power over Ethernet Status 4 16 1 Power over Ethernet Powered Device 3 5 watts Voice...

Страница 342: ...total output power required by PDs can exceed the maximum available power provided by the PSU The system may come with a PSU capable of supplying less power than the total potential power consumption...

Страница 343: ...hat each port may reserve The allocated reserved power for each port PD is specified in the Maximum Power fields The ports are shut down when total reserved powered exceeds the amount of power that th...

Страница 344: ...ystem will reserve PoE power to PD LLDP Consumption mode System offers PoE power according to PD real power consumption LLDP Reserved Power mode System reserves PoE power to PD according to LLDP confi...

Страница 345: ...0 to 4 in accordance with the maximum power draw as specified by Table 4 16 1 Class Usage Range of maximum power used by the PD Class Description 0 Default 12 95 watts or to 15 4 watts for AF mode 25...

Страница 346: ...PoE Port will start up by following Port number By Priority The PoE Port will start up by following the PoE Priority Buttons Click to apply changes Click to undo any changes made locally and revert t...

Страница 347: ...ill be reserved the same as that in 802 3af mode Priority The Priority represents PoE ports priority There are three levels of power priority named Low High and Critical The priority is used in case t...

Страница 348: ...power reserved and current status for all PoE ports The screen in Figure 4 16 5 appears Figure 4 16 5 PoE Status Screenshot The page includes the following fields Object Description Sequential Power...

Страница 349: ...rating temperature of the second PoE chip unit Local Port This is the logical port number for this row PD Class Displays the class of the PD attached to the port as established by the classification p...

Страница 350: ...protection on the Earth the Managed PoE switch can effectively control the power supply besides its capability of giving high watts power The PoE schedule function helps you to enable or disable PoE p...

Страница 351: ...ile could be applied to the PoE port The page includes the following fields Object Description Profile Set the schedule profile mode Possible profiles are Profile1 Profile2 Profile3 Profile4 Week Day...

Страница 352: ...le this function PoE schedule will not to set time to profile This function is just for PoE port reset at an indicated time Reboot Hour Allows user to set what hour PoE reboots This function only for...

Страница 353: ...se refer to the following example The screen in Figure 4 16 98 appears To enable LLDP function from port1 to port3 administrator has to plug a PD that supports PoE LLDP function and then administrator...

Страница 354: ...n Figure 4 17 1 appears Figure 4 17 1 Loop Protection Configuration page Screenshot The page includes the following fields General Settings Object Description Enable Loop Protection Controls whether l...

Страница 355: ...PDU s Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 17 2 Loop Protection Status This page displays the loop protection port status of th...

Страница 356: ...User s Manual 356 Buttons Click to refresh the page immediately Auto refresh Check this box to enable an automatic refresh of the page at regular intervals...

Страница 357: ...entation of Event Statistics and History display some current or history subnet statistics Alarm and Event provide a method to monitor any integer data change in the network and provide some alerts up...

Страница 358: ...put packet queue in packets Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds possible sample types are Absolute Get the sample d...

Страница 359: ...comparing the rising and falling threshold Variable Indicates the particular variable to be sampled Sample Type The method of sampling the selected variable and calculating the value to be compared ag...

Страница 360: ...he event the possible types are none The total number of octets received on the interface including framing characters log The number of uni cast packets delivered to a higher layer protocol snmptrap...

Страница 361: ...ent Overview page Screenshot The page includes the following fields Object Description Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry LogTime Indicat...

Страница 362: ...which wants to be monitored If in stacking switch the value must add 1000 switch ID 1 for example if the port is switch 3 port 5 the value is 2005 Interval Indicates the interval in seconds for sampl...

Страница 363: ...kets and multicast packets received Broadcast The total number of good packets received that were directed to the broadcast address Multicast The total number of good packets received that were direct...

Страница 364: ...displayed 4 18 7 RMON Statistics Configuration Configure RMON Statistics table on this page The entry index key is ID screen in Figure 4 18 7 appears Figure 4 18 7 RMON Statistics Configuration page S...

Страница 365: ...kets were dropped by the probe due to lack of resources Octets The total number of octets of data including those in bad packets received on the network Pkts The total number of packets including bad...

Страница 366: ...packets including bad packets received that were between 256 to 511 octets in length 512 1023 The total number of packets including bad packets received that were between 512 to 1023 octets in length...

Страница 367: ...P and GPS IEEE 1588 is designed for local systems requiring accuracies beyond those attainable using NTP It is also designed for applications that cannot bear the cost of a GPS receiver at each node o...

Страница 368: ...ice Type In a unicast Slave only clock you also need configure which master clocks to request Announce and Sync messages from See Unicast Slave configuration VLAN Tag Enable Enables the VLAN tagging f...

Страница 369: ...ntifier Dom Clock domain 0 127 Clock Quality The clock quality is determined by the system and holds 3 parts Clock Class Clock Accuracy and OffsetScaledLog Variance as defined in IEEE1588 The Clock Ac...

Страница 370: ...r It is observed parent offset scaled log variance Change Rate Observed Parent Clock Phase Change Rate i e the slave clocks rate offset compared to the master unit ns per s Grand Master Identity Clock...

Страница 371: ...or the sync message Comm State The state of the communication with the master possible values are IDLE The entry is not in use INIT Announce is sent to the master Waiting for a response CONN The maste...

Страница 372: ...pes Ord Bound clock s Device Type is Ordinary Boundary Clock P2p Transp clock s Device Type is Peer to Peer Transparent Clock E2e Transp clock s Device Type is End to End Transparent Clock Master Only...

Страница 373: ...nction and two ports should be assigned as the member ports in the ERPS Only one switch in the Ring group would be set as the RPL owner switch that one port would be blocked called owner port and PRL...

Страница 374: ...Domain Flow Instance is a EVC Mpls Future use Mode MEP This is a Maintenance Entity End Point MIP This is a Maintenance Entity Intermediate Point Direction Ingress This is a Ingress down MEP monitorin...

Страница 375: ...llows the user to inspect and configure the current MEP Instance screen in Figure 4 20 2 appears Figure 4 20 2 Detail MEP configuration page screenshot The page includes the following fields Instance...

Страница 376: ...t a CCM is received with a lower level than the configured for this MEP cMEG Fault Cause indicating that a CCM is received with a MEG ID different from configured for this MEP cMEP Fault Cause indicat...

Страница 377: ...cast Class 1 Priority The priority to be inserted as PCP bits in TAG if any In case of enable of Continuity Check and Loss Measurement both implemented on SW based CCM Priority has to be the same Fra...

Страница 378: ...8032 Type R APS APS PDU is transmitted as R APS this is for ERPS L APS APS PDU is transmitted as L APS this is for ELPS Last Octet This is the last octet of the transmitted and expected RAPS multi ca...

Страница 379: ...n this field indicates that no Port 1 SF MEP is associated with this instance Port 0 APS MEP The Port 0 APS PDU handling MEP Port 1 APS MEP The Port 1 APS PDU handling MEP As only one APS MEP is assoc...

Страница 380: ...ge screenshot The page includes the following fields Instance Data Object Description ERPS ID The ID of the Protection group Port 0 See help on ERPS create WEB Port 1 See help on ERPS create WEB Port...

Страница 381: ...ke persistent check on Signal Fail before switching The range of the hold off timer is 0 to 10 seconds in steps of 100 ms Version ERPS Protocol Version v1 or v2 Revertive In Revertive mode after the c...

Страница 382: ...rt 1 Receive APS The received APS on Port 1 according to State Transition Tables in G 8032 WTR Remaining Remaining WTR timeout in milliseconds RPL Un blocked APS is received on the working flow No APS...

Страница 383: ...page includes the following fields Object Description All Switch Numbers Set all the switch numbers for the ring group The default number is 3 and maximum number is 30 Number ID The switch where you...

Страница 384: ...ID Port MEP ID RPL Type VLAN Group Switch 1 Port 1 1 None 3001 Port 2 2 Owner 3001 Switch 2 Port 1 4 None 3001 Port 2 3 Neighbor 3001 Switch 3 Port 1 6 None 3001 Port 2 5 None 3001 Table 4 2 ERPS Con...

Страница 385: ...S Configuration on Switch 2 Connect PC to switch 2 directly don t connect to port 1 2 Logging on the Switch 2 and click Ring Ring Wizard Set All Switch Number 3 and Number ID 2 click Next button to se...

Страница 386: ...loop please don t connect switch 1 2 3 together in the ring topology before configuring the end of ERPS Follow the configuration or ERPS wizard to connect the Switch 1 2 and 3 together to establish E...

Страница 387: ...hen this packet will be filtered Thereby increasing the network throughput and availability 5 4 Store and Forward Store and Forward is one type of packet forwarding techniques A Store and Forward Indu...

Страница 388: ...bandwidth when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both device is connected and capable of...

Страница 389: ...also check the in out rate of the port Why the Switch doesn t connect to the network Solution 1 Check the LNK ACT LED on the switch 2 Try another port on the Switch 3 Make sure the cable is installed...

Страница 390: ...10 100BASE TX When connecting your Switch to another Fast Ethernet switch a bridge or a hub a straight or crossover cable is necessary Each port of the Switch supports auto MDI MDI X detection That m...

Страница 391: ...Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE 2 Crossover Cable SIDE 1 SIDE 2 1 2 3 4 5 6 7 8 1...

Страница 392: ...manual ACL configuration ACL Access Control List The web page shows the ACEs in a prioritized way highest top to lowest bottom Default the table is empty An ingress frame will only get a hit on one A...

Страница 393: ...in the two ends of a protection group as defined in G 8031 Aggregation Using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase the redundancy for higher...

Страница 394: ...converts it to an unintelligible form called cipher Decrypting cipher converts the data back to its original form called plaintext The algorithm described in this standard specifies both enciphering a...

Страница 395: ...nt the VLAN ID The parameter of module_id is the third byte for the module ID in standalone switch it always equal 0 in stackable switch it means switch ID The parameter of port_no is the fourth byte...

Страница 396: ...d from the multicast tree for the multicast group specified in the original leave message Fast leave processing ensures optimal bandwidth management for all hosts on a switched network even when multi...

Страница 397: ...ages generally contain information about routing difficulties or simple exchanges such as time stamp or echo transactions For example the PING command uses ICMP to test an Internet connection IEEE 802...

Страница 398: ...estination in the same condition it was sent Each device connected to a Local Area Network LAN or Wide Area Network WAN is given an Internet Protocol address and this IP address is used to identify th...

Страница 399: ...MED LLDP MED is an extension of IEEE 802 1ab and is defined by the telecommunication industry association TIA 1057 LOC LOC is an acronym for Loss Of Connectivity and is detected by a MEP and is indica...

Страница 400: ...c from a source VLAN to be shared with subscriber VLANs The main reason for using MVR is to save bandwidth by preventing duplicate multicast streams being sent in the core network instead the stream s...

Страница 401: ...tion and Maintenance It is a protocol described in ITU T Y 1731 used to implement carrier ethernet functionality MEP functionality like CC and RDI is based on this Optional TLVs A LLDP frame contains...

Страница 402: ...s to retrieve email messages from a mail server POP3 is designed to delete mail on the server as soon as the user has downloaded it However some implementations allow users or an administrator to spec...

Страница 403: ...identifier to its QCL The privileges determine specific traffic object to specific QoS class QL QL In SyncE this is the Quality Level of a given clock source This is received on a port in a SSM indic...

Страница 404: ...yer 3 multicast device RSTP In 1998 the IEEE with document 802 1w introduced an evolution of STP the Rapid Spanning Tree Protocol which provides for faster spanning tree convergence after a topology c...

Страница 405: ...NMP allow diverse network objects to participate in a network management architecture It enables network management systems to learn network problems by receiving traps or change notices from network...

Страница 406: ...cronym for Transmission Control Protocol It is a communications protocol that uses the Internet Protocol IP to exchange the messages between computers The TCP protocol guarantees reliable and in order...

Страница 407: ...an acronym for Temporal Key Integrity Protocol It used in WPA to replace WEP with a new encryption algorithm TKIP comprises the same encryption engine and RC4 algorithm defined for WEP The key used f...

Страница 408: ...and transmit untagged frames Provider switching This is also known as Q in Q switching Ports connected to subscribers are VLAN unaware members of one VLAN and set up with this unique Port VLAN ID Por...

Страница 409: ...h and secrecy of the passphrase The design of WPA is based on a Draft 3 of the IEEE 802 11i standard Wikipedia WPA Radius WPA Radius is an acronym for Wi Fi Protected Access Radius 802 1X authenticati...

Результаты поиска

Содержание IGS-10020

Отзывы:

Похожие инструкции для IGS-10020

Бренды по названию

Популярные бренды

Planet IGS-10020, Руководство пользователя

Результаты поиска

Содержание IGS-10020

Отзывы:

Похожие инструкции для IGS-10020

Бренды по названию

Популярные бренды