manualshive.com logo in svg

Ubiquiti ES-24-250W, Руководство администратора

Поделиться
Скачать
Ubiquiti ES-24-250W Скачать руководство пользователя страница 206

205

Managing Device Security

EdgeSwitch

 Administration Guide

 Ubiquiti Networks, Inc.

Global Port Access Control Configuration

Use the 

Port Access Control Configuration

 page to enable or disable port access control on the system.

To display the 

Port Access Control Configuration 

page, click 

Security

 > 

Port Access Control

 > 

Configuration

 

in the navigation menu.

Port Access Control Configuration

Port Access Control Configuration Fields 

Field

Description

Admin Mode

Specifies whether to 

Enable

 or 

Disable

 port-based authentication on the switch. The default is 

Disable

.

VLAN Assignment Mode

The administrative mode of RADIUS-based VLAN assignment on the device. When enabled, this 
feature allows a port to be placed into a particular VLAN based on the result of the authentication or 
type of 802.1X authentication a client uses when it accesses the device. The authentication server can 
provide information to the device about which VLAN to assign the supplicant.

Dynamic VLAN Creation Mode

The administrative mode of dynamic VLAN creation on the device. Select 

Enable

 to allow the switch 

to dynamically create a RADIUS-assigned VLAN if it does not already exist in the VLAN database. If 
RADIUS-assigned VLANs are enabled, the RADIUS server is expected to include the VLAN ID in the 
802.1X tunnel attributes of its response message to the device. If dynamic VLAN creation is enabled 
on the device and the RADIUS-assigned VLAN does not exist, then the assigned VLAN is dynamically 
created. This implies that the client can connect from any port and can get assigned to the appropriate 
VLAN. This feature gives flexibility for clients to move around the network without much additional 
configuration required.

Monitor Mode

The administrative mode of the Monitor Mode feature on the device. Monitor mode is a special mode 
that can be enabled in conjunction with port-based access control. Monitor mode provides a way for 
network administrators to identify possible issues with the port-based access control configuration 
on the device without affecting the network access to the users of the device. It allows network access 
even in cases where there is a failure to authenticate, but it logs the results of the authentication 
process for diagnostic purposes. If the device fails to authenticate a client for any reason (for example, 
RADIUS access reject from the RADIUS server, RADIUS timeout, or the client itself is 802.1X unaware), 
the client is authenticated and is undisturbed by the failure condition(s). The reasons for failure are 
logged and buffered into the local logging database for tracking purposes. 

EAPOL Flood Mode

The administrative mode of the Extensible Authentication Protocol (EAP) over LAN (EAPOL) flood 
support on the device. EAPOL Flood Mode can be enabled when 

Admin Mode

 and 

Monitor Mode

 are 

disabled.

Use the buttons to perform the following tasks:

•  If you change any settings, click 

Submit

 to apply the new settings to the system.

•  Click 

Refresh

 to refresh the page with the most current data from the switch.

To retain the changes across the switch’s next power cycle, click 

System

 > 

Configuration Storage

 > 

Save

.

Содержание ES-24-250W

Страница 1: ...User Interface for PoE Switches Models ES 24 250W ES 24 500W ES 48 500W ES 48 750W Administration Guide...

Страница 2: ...nfiguration and Status Fields 12 Table Filtering 14 Help Page Access 14 User Defined Fields 14 Using the Command Line Interface 15 Chapter 2 Configuring Power over Ethernet 16 Chapter 3 Configuring Sy...

Страница 3: ...tics 61 Email Alert Subject Configuration 62 Email Alert To Address Configuration 63 Viewing Device Port Information 64 Port Summary 64 Port Description 66 Cable Test 67 Mirroring 68 Configuring a Por...

Страница 4: ...r Pool Options 104 DHCP Server Bindings Information 106 DHCP Server Statistics 107 DHCP Server Conflicts Information 108 Configuring Time Ranges 109 Time Range Configuration 109 Time Range Entry Confi...

Страница 5: ...ific Multicast 145 IGMP Snooping VLAN Status 146 IGMP Snooping Multicast Router Configuration 147 IGMP Snooping Multicast Router VLAN Status 148 IGMP Snooping Multicast Router VLAN Configuration 149 C...

Страница 6: ...184 Chapter 5 Configuring Routing 186 Configuring ARP 187 ARP Table 188 ARP Table Configuration 189 Configuring Global IP Settings 190 Routing IP Configuration 190 Routing IP Interface Summary 192 Ro...

Страница 7: ...ol Lists 229 Access Control List Summary 230 Access Control List Configuration 231 Access Control List Interface Summary 235 Access Control List VLAN Summary 236 Configuring Auto VoIP 237 Auto VoIP Gl...

Страница 8: ...P 261 Using the CLI to Configure MSTP 263 Configuring VLAN Routing 264 Using the CLI to Configure VLAN Routing 264 Configuring Policy Based Routing 266 Configuring Policy Based Routing Using the CLI 2...

Страница 9: ...System Information on page 19 describes how to configure administrative features such as SNMP system users and port information Chapter 4 Configuring Switching Information on page 126 describes how t...

Страница 10: ...s used throughout this document Typographical Conventions Convention Indicates Example Bold User selection User entered text Select VLAN 2 from the VLAN ID list Click Submit enter 3 to assign VLAN 3 a...

Страница 11: ...em depends on your network size and requirements and on your preference This guide describes how to use the EdgeSwitch UI to manage and monitor the system For information about how to manage and monit...

Страница 12: ...text specific help page or log out of the system Device View Logout Button Navigation Menu Configuration and Status Fields Command Button Help Page Access EdgeSwitch UI Page Layout Device View The Dev...

Страница 13: ...t Navigation Menu The navigation menu located at the top right of each UI page lists the device s main features PoE System Switching Routing Security and QoS You can access each feature s UI pages usi...

Страница 14: ...he following illustration Page Selection Tabs Page Selection Tabs on System Resource Configuration Page Configuration and Status Fields The main area of the screen displays fields that you use to conf...

Страница 15: ...DHCP lease Remove Deletes the selected entries Reset Resets a field to its default value Submit Sends the updated configuration to the switch Configuration changes take effect immediately but changes...

Страница 16: ...string that row is displayed in the table Matching is not case sensitive Enter filter string here Filtering the Contents of a Table Help Page Access The Help icon appears in the upper right corner of...

Страница 17: ...n mark at the command prompt To display the available command keywords or parameters enter a question mark after each word you type at the command prompt If there are no additional command keywords or...

Страница 18: ...Ethernet Fields Field Description Interface The interface slot port for which PoE information is displayed PoE Mode The PoE mode on the interface Off PoE is disabled for the interface 54V auto Standar...

Страница 19: ...wing tasks To edit an interface s PoE settings select the interface click Edit and make the changes as needed Then click Submit to apply the settings Click Refresh to refresh the page with the most cu...

Страница 20: ...age 21 Viewing the Dual Image Status on page 22 Viewing System Resources on page 23 Defining General Device Information on page 25 Basic Switch Configuration on page 52 Managing Logs on page 53 Config...

Страница 21: ...by a device as is typical of a router either a single ARP cache is used for all interfaces or a separate cache is maintained per interface While the latter approach is useful when network addressing...

Страница 22: ...Fields Field Description System Description The product name of this switch Machine Type The hardware platform of this switch Machine Model The product model number Serial Number The unique serial nu...

Страница 23: ...l Image Status page click System Firmware Status in the navigation menu Dual Image Status Dual Image Status Fields Field Description Active Displays the version of the active code file Backup Displays...

Страница 24: ...em Resource Status Fields Field Description Memory Usage section Free Memory Displays the available free memory on the switch Alloc Memory Displays the allocated memory for the switch Task ID Displays...

Страница 25: ...uration of this field is optional If configured the falling threshold value must be equal to or less than the rising threshold value If not configured it takes the same value as the rising threshold F...

Страница 26: ...ptions on page 31 HTTP Configuration on page 31 Secure HTTP Configuration on page 32 SSH Configuration on page 33 Telnet Session Configuration on page 34 User Accounts on page 35 Authentication Server...

Страница 27: ...ess The IP Address assigned to the network interface The network interface is the logical interface that allows remote management of the device via any of the front panel switch ports To change the IP...

Страница 28: ...ss that was last found to be in conflict If multiple conflicts are detected only the most recent occurrence is displayed This field is displayed only if a conflict has been detected since the switch w...

Страница 29: ...01 10 3 are not valid Subnet Mask The IP subnet mask for the interface The factory default value is 0 0 0 0 Default Gateway The default gateway for the IP interface The factory default value is 0 0 0...

Страница 30: ...default gateway for the IPv6 network interface Use the buttons to perform the following Click this button to change the field s setting Click this button to reset the field to the default value Stati...

Страница 31: ...device is a router False The neighbor device is not a router Neighbor State Specifies the state of the neighbor cache entry Following are the states for dynamic entries in the IPv6 neighbor discovery...

Страница 32: ...lowing tasks Click Submit to apply the settings immediately to the running configuration Click Refresh to refresh the page with the most current data from the switch To retain the changes across the s...

Страница 33: ...ge click System Management Access HTTPS in the navigation menu Secure HTTP Configuration Secure HTTP Configuration Fields Field Description HTTPS Admin Mode Used to Enable or Disable the HTTPS adminis...

Страница 34: ...b browser and the embedded web server on the device Click this button to delete an SSL certificate button available only if an SSL certificate is present on the device Use the buttons to perform the f...

Страница 35: ...field provides information about the file transfer Click to manually generate an RSA key on the device Click to delete an RSA key downloaded to the device or manually generated on the device DSA Key S...

Страница 36: ...option to permit new Telnet sessions until the maximum number allowed is reached Clear this option to disable new Telnet sessions but existing sessions are not disconnected Use the buttons to perform...

Страница 37: ...unts page also provides the capability to add edit and remove user accounts To add a user click Add The Add new user dialog box opens specify the new account information in the available fields and cl...

Страница 38: ...ion to encrypt the password before it is stored on the device Authentication Server Users Use the Auth Server Users page to add and remove users from the local authentication server user database For...

Страница 39: ...To change the password information for an existing user select the user to update click Edit configure the settings and click Submit to apply the changes To delete a user from the database select each...

Страница 40: ...IP address of the administrative system Idle Time Shows the amount of time in hours minutes and seconds that the logged on user has been inactive Session Time Shows the amount of time in hours minute...

Страница 41: ...to view and configure the accounting lists for users who access the command line interface CLI to manage and monitor the device Accounting lists are used to record user activity on the device The devi...

Страница 42: ...t select it and click Use the buttons to perform the following tasks To configure a new accounting list click Add configure the settings in the Add New Accounting List dialog box and then click Submit...

Страница 43: ...TTP Use the buttons to perform the following tasks If you make changes to the page click Submit to apply the changes to the running configuration Click Refresh to refresh the page with the most curren...

Страница 44: ...thod Options are configurable Configured The list has been added by a user Access Line The access method s that use the list for authentication The settings for this field are configured on the Authen...

Страница 45: ...this page click System AAA Authentication Selection in the navigation menu Authentication Selection The following table shows the fields for the Authentication Selection page Authentication Selection...

Страница 46: ...for the corresponding Line Mode in this field This must be the same value entered in the Line Password field Be sure the password conforms to the allowed number of characters The password characters...

Страница 47: ...it The password characters are not displayed on the page but are disguised in a browser specific manner Use the buttons to perform the following tasks If you make changes to the page click Submit to a...

Страница 48: ...ssword Repetition means the same character occurring in succession anywhere in the password such as 11 or EEEE Maximum Number of Consecutive Characters Specifies the maximum number of characters belon...

Страница 49: ...Result Last Password Result Fields Field Description Last Result Displays information about the last User Line Enable password configuration result If the field is blank no passwords have been configu...

Страница 50: ...Configuration Fields Field Description TCP Settings These options help prevent the device and the network from attacks that exploit the TCP header size or the information in the TCP or UDP headers of...

Страница 51: ...ckets that have a TCP header smaller than this configured value ICMP Settings These options help prevent the device and the network from attacks that involve issues with the ICMP echo request packets...

Страница 52: ...f you reach the end of the line the text wraps to the next line The line might not wrap at the same location in the CLI To create a line break carriage return in the message press Enter on the keyboar...

Страница 53: ...l traffic loss When enabled flow control allows lower speed or congested switches to communicate with higher speed switches by sending a PAUSE frame to request that the higher speed switch refrain fro...

Страница 54: ...ing of messages logged or forwarded based on severity and generating component The in memory log stores messages in memory based upon the settings for message component and severity On stackable syste...

Страница 55: ...en Notice 5 The device is experiencing normal but significant conditions Info 6 The device is providing non critical information Debug 7 The device is providing debug level information Persistent Log...

Страница 56: ...el associated with the log entry The severity can be one of the following Emergency 0 The device is unusable Alert 1 Action must be taken immediately Critical 2 The device is experiencing primary syst...

Страница 57: ...ry with the most recent entry listed first lowest number Type The incident category that indicates the cause of the log entry EVENT ERROR etc Filename The EdgeSwitch source code filename identifying t...

Страница 58: ...t warning level An alert log is saved if there is a serious device malfunction such as all device features being down Critical 2 The third highest warning level A critical log is saved if a critical d...

Страница 59: ...type of interface to use as the source interface None The primary IP address of the originating outbound interface is used as the source address Interface The primary IP address of a physical port is...

Страница 60: ...associated with the log entry The severity can be one of the following Emergency 0 The device is unusable Alert 1 Action must be taken immediately Critical 2 The device is experiencing primary system...

Страница 61: ...ncritical messages to the SMTP Server For example if set to 30 the noncritical messages are sent every 30 minutes Urgent Messages Severity Configures the urgent severity level s for log messages urgen...

Страница 62: ...lerts that the device sends Port The TCP port that email alerts are sent to on the SMTP server Security The type of authentication to use with the mail server which can be TLSv1 SMTP over SSL or None...

Страница 63: ...nt The number of email alert messages successfully sent since the counters were cleared or the system was reset Number of Emails Failed The number of email alert messages that failed to be sent since...

Страница 64: ...igure the subject line Urgent or Nonurgent Email Subject Specify the text to be displayed in the subject of the email alert message Remove To reset the email alert subject to the default value select...

Страница 65: ...he type of message for which you want to specify a recipient address Urgent or Nonurgent To Address Specify the email address to which the selected type of messages are sent Use the buttons to perform...

Страница 66: ...nd probe ports see Mirroring on page 69 Probe The port is configured as a monitoring port and is the destination port in a port mirroring session For more information on port monitoring and probe port...

Страница 67: ...m sends a trap when the link status changes Disable The system does not send a trap when the link status changes Maximum Frame Size The maximum Ethernet frame size the interface supports or is configu...

Страница 68: ...hen the MIB object type PortList is used to manage the switch in SNMP Interface Index The interface index object value assigned by the IF MIB This value is used to identify the interface when managing...

Страница 69: ...rs If the cable length cannot be determined Unknown is displayed This field shows the range between the shortest estimated length and the longest estimated length Note This field displays a value only...

Страница 70: ...rroring page to define port mirroring sessions To access the Multiple Port Mirroring page click System Port Mirroring in the navigation menu Multiple Port Mirroring Multiple Port Mirroring Fields Fiel...

Страница 71: ...ring page click Configure Source to display the Source Configuration dialog box 2 Configure the fields shown in the table below Multiple Port Mirroring Source Configuration Fields Field Description Se...

Страница 72: ...k traffic analyzer Remote VLAN The VLAN that is configured as the RSPAN VLAN Port Click the drop down box to select the port to which traffic is mirrored If the Type is Remote VLAN the selected port i...

Страница 73: ...ity Model USM is defined for SNMPv3 and includes Authentication Provides data integrity and data origin authentication Privacy Protects against disclosure of message content Cipher Bock Chaining CBC i...

Страница 74: ...he client and identifies the access the user may connect with Security Name Identifies the Security entry that associates Communities and Groups for a specific access type Group Name Identifies the Gr...

Страница 75: ...n a certain event has occurred on the device The message is not acknowledged by the SNMP management host SNMP Version The version of SNMP to use which is either SNMPv1 or SNMPv2 Timeout Value The numb...

Страница 76: ...ty Auth No Priv Authentication but no data encryption With this security level users send SNMP messages that use an MD5 key password for authentication but not a DES key password for encryption Auth P...

Страница 77: ...up Fields Field Description Group Name The name that identifies the SNMP group Context Name The SNMP context associated with the SNMP group and its views A user or a management application specifies t...

Страница 78: ...box enter the settings and then click Submit to apply the changes To remove one or more SNMP groups select each entry to delete click Remove and confirm the deletion Click Refresh to refresh the page...

Страница 79: ...uthentication Method parameter is not set to None DES DES protocol will be used None No privacy protocol will be used Authentication Key Specifies the password used to generate the key to be used in e...

Страница 80: ...a tunnel interface is used as the source address Interface When the selected Type is Interface select the physical port to use as the source interface VLAN ID When the selected Type is VLAN select the...

Страница 81: ...out Errors The total number of packets including unicast broadcast and multicast packets successfully transmitted or received by the processor Packets Discarded The number of outbound Transmit column...

Страница 82: ...in the MAC address table or VLAN database that have been dynamically learned by the device Total Entries Deleted The number of VLANs that have been created and then deleted since the last reboot This...

Страница 83: ...ceived that were directed to the broadcast address Note that this number does not include multicast packets Tx Good The total number of outbound packets transmitted by the interface to its Ethernet se...

Страница 84: ...Statistics The Port Detailed Statistics page displays a variety of per port traffic statistics To access the Port Detailed page click System Statistics System Port Detailed in the navigation menu The...

Страница 85: ...ad packets received or transmitted that were between 4096 and 9216 octets in length inclusive excluding framing bits but including FCS octets Basic section Unicast Packets The Transmit column shows th...

Страница 86: ...packets that contained errors preventing them from being delivered to a higher layer protocol Overruns The total number of frames discarded as this port was overloaded with incoming packets and could...

Страница 87: ...DHCPv6 advertisement messages received from one or more DHCPv6 servers to which the client did not respond Received Reply Packets Discarded Number of DHCPv6 reply messages received from one or more DH...

Страница 88: ...r time based reporting so it is important to configure the system clock manually or through SNTP before using this feature To access the page click System Statistics Time Based Group in the navigation...

Страница 89: ...the group Use the buttons to perform the following tasks To add a set of time based traffic group statistics to collect click Add configure the desired settings and then click Submit to apply the cha...

Страница 90: ...interfaces is checked against the rule When you click Add the Time Based Flow Configuration dialog box opens and allows you to configure a rule for traffic flow statistics The match conditions are opt...

Страница 91: ...erface on which the statistics were reported Counter Id For traffic group statistics this field identifies the type of traffic Counter Value For traffic group statistics this field shows the number of...

Страница 92: ...click System Utilities System Reset in the navigation menu System Reset Click Reset to initiate the system reset If you have not saved the changes that you submitted since the last system reset the c...

Страница 93: ...et to IP Address Interface The interface to use when sending the Echo requests packets This field is enabled when the Source option is set to Interface Status Displays the results of the ping Results...

Страница 94: ...mber of ICMP echo request packets to send to the host Interval Enter the number of seconds to wait between sending ping packets Size The size of the ping packet in bytes Changing the size allows you t...

Страница 95: ...ot saved as part of the device configuration To access the TraceRoute page click System Utilities TraceRoute in the navigation menu TraceRoute Traceroute Fields Field Description Host Name or IP Addre...

Страница 96: ...raceroute which can be Not Started The traceroute has not been initiated since viewing the page In Progress The traceroute has been initiated and is running Stopped The traceroute was interrupted by c...

Страница 97: ...ration in the system Click Clear History to reset the IP address conflict detection status information that was last seen by the device Click Refresh to refresh the data on the screen with the present...

Страница 98: ...ts Select this option to transfer the factory default configuration file to a remote system Error Log Select this option to transfer the system error persistent log which is also known as the event lo...

Страница 99: ...rmation to encrypt authenticate and validate HTTPS sessions SSL Server Certificate PEM File Select this option to transfer an SSL Server Certificate file PEM Encoded to the device SSL DH Weak Encrypti...

Страница 100: ...TFTP server option 66 Either the TFTP address or name is specified not both in most network configurations If a TFTP hostname is given a DNS server is required to translate the name to an IP address T...

Страница 101: ...age If this option is cleared you must explicitly save the downloaded configuration in non volatile memory for the configuration to be available for the next reboot AutoReboot Mode If this option is s...

Страница 102: ...mber of Traps Since Last Reset The number of traps generated since the trap log entries were last cleared Number of Traps Since Log Last Viewed The number of traps that have occurred since the traps w...

Страница 103: ...cted this option enables activation of link status traps by selecting the corresponding line on the pulldown entry field This feature is enabled by default Multiple Users When selected this option ena...

Страница 104: ...ns for clients Conflict Logging Mode Used to Enable or Disable the logging mode for IP address conflicts When enabled the system stores information IP address conflicts that are detected by the DHCP s...

Страница 105: ...lds Field Description Pool Name Select the pool to configure The menu includes all pools that have been configured on the device Type of Binding Specifies the type of binding for the pool The options...

Страница 106: ...utton to configure the Next Server Address field Click this button to reset the field to the default value Default Router DNS Server NetBIOS Server To configure settings for one or more default router...

Страница 107: ...the default value Bootfile Name The name of the default boot image that the client should attempt to download from a specified boot server Use the buttons as follows Click this button to configure th...

Страница 108: ...to view information about the IP address bindings in the DHCP server database To access the DHCP Server Bindings page click System Advanced Configuration DHCP Server Bindings in the navigation menu D...

Страница 109: ...Shows the number of DHCPRELEASE messages received by the DHCP server DHCPINFORM Shows the number of DHCPINFORM messages received by the DHCP server DHCPOFFER Shows the number of DHCPOFFER messages se...

Страница 110: ...ARP The DHCP client detected the conflict by broadcasting an ARP request to the address specified in the DHCP offer message sent by the server If the client receives a reply to the ARP request it decl...

Страница 111: ...on Admin Mode Used to Enable or Disable the Time Range administrative mode When enabled actions with subscribed components are performed for existing time range entries Time Range Name The unique ID o...

Страница 112: ...rts For an absolute entry indicates the time day month and year that the entry begins If this field is blank the absolute entry became active when it was configured For a periodic entry indicates the...

Страница 113: ...ive To select multiple days press and hold CTRL and select each desired start day Starting Time of Day Specify the time of day that the entry becomes active by entering the information in the field or...

Страница 114: ...r of seconds to allow a DNS server to respond to a request before a retry Range is 0 to 3600 Default is 3 Domain List The domain names that have added to the DNS client s domain list If a DNS query th...

Страница 115: ...ers is 63 IP Address The IPv4 or IPv6 address associated with the configured Host Name For Static entries specify the IP Address after you click Add You can specify either an IPv4 or an IPv6 address D...

Страница 116: ...f interface to use as the source interface None The primary IP address of the originating outbound interface is used as the source address Interface The primary IP address of a physical port is used a...

Страница 117: ...types for the server time Polling for Unicast information is used for polling a server for which the IP address is known SNTP servers that have been configured on the device are the only ones that are...

Страница 118: ...uttons as follows Click this button to change the field s setting Click this button to reset the field to the default value Unicast Poll Interval Specifies the interval in seconds between unicast poll...

Страница 119: ...s Success The SNTP operation was successful and the system time was updated Request Timed Out A directed SNTP request timed out without a response from the SNTP server Bad Date Encoded The time provid...

Страница 120: ...ntered a hostname Port Enter a port number from 1 to 65535 The default is 123 Priority Enter a priority from 1 to 3 with 1 being the highest priority The switch will attempt to use the highest priorit...

Страница 121: ...ersion Not Supported The SNTP version supported by the server is not compatible with the version supported by the client Server Unsynchronized The SNTP server is not synchronized with its peers This i...

Страница 122: ...primary IP address of a tunnel interface is used as the source address Interface When the selected Type is Interface select the physical port to use as the source interface VLAN ID When the selected T...

Страница 123: ...either been manually configured or not configured at all Time Zone This section contains information about the time zone and offset Zone The acronym that represents the time zone Offset The offset in...

Страница 124: ...owing time zone settings Offset The system clock s offset from UTC which is also known as Greenwich Mean Time GMT Zone The acronym that represents the time zone This field is not validated against an...

Страница 125: ...ing time Used in some countries around the world summer time is the practice of temporarily advancing clocks during the summer months Typically clocks are adjusted forward one or more hours near the s...

Страница 126: ...he desired month and click the date Starting Time and Day The time in hours and minutes to start summer time on the specified day End Date The day month and year that summer time ends To change the da...

Страница 127: ...n page 135 Configuring DHCP Snooping on page 137 Configuring IGMP Snooping on page 144 Configuring IGMP Snooping Querier on page 151 Creating Port Channels on page 154 Viewing Multicast Forwarding Dat...

Страница 128: ...avigation menu VLAN Status VLAN Status Fields Field Description VLAN ID The VLAN Identifier VID of the VLAN The range of the VLAN ID is 1 to 4093 VLAN ID 1 is reserved for the default VLAN which is al...

Страница 129: ...ly when the Participation mode is Auto Detect The Status is one of the following Include The port is a member of the selected VLAN Exclude The port is not a member of the selected VLAN Participation T...

Страница 130: ...ntifies the physical interface associated with the rest of the data in the row Port VLAN ID The VLAN ID assigned to untagged or priority tagged frames received on this port This value is also known as...

Страница 131: ...nal Usage Configuration page click Switching VLAN Internal Usage in the navigation menu VLAN Internal Usage VLAN Internal Usage Fields Field Description Base VLAN ID The first VLAN ID to be assigned t...

Страница 132: ...rameters for all interfaces to the factory default values To access the Reset VLAN Configuration page click Switching VLAN Reset in the navigation menu Reset VLAN Configuration To reset the VLAN confi...

Страница 133: ...e is disabled by default To display the Voice VLAN Configuration page click Switching Voice VLAN Configuration Voice VLAN Configuration Voice VLAN Configuration Fields Field Description Voice VLAN Adm...

Страница 134: ...802 1p priority value None Use the settings configured on the IP phone to send untagged voice traffic Untagged Send untagged voice traffic Disable Operationally disables the Voice VLAN feature on the...

Страница 135: ...ess to fully identify the frames to filter Source Members The port s included in the inbound filter If a frame with the MAC address and VLAN ID specified by the filter arrives on a port in the Source...

Страница 136: ...Mode The administrative mode of GMRP on the system When set to Enable GMRP can help control the flooding of multicast traffic by keeping track of group membership information GMRP is similar to IGMP...

Страница 137: ...ol to be active on the interface When disabled the protocol will not be active on the interface and the GARP timers have no effect Join Timer Centisecs The amount of time between the transmission of G...

Страница 138: ...or DHCP snooping When enabled the device checks packets that are received on untrusted interface to verify that the MAC address and the DHCP client hardware address match If the addresses do not match...

Страница 139: ...the changes across the switch s next power cycle click System Configuration Storage Save DHCP Snooping Interface Configuration Use this page to view and configure the DHCP snooping settings for each i...

Страница 140: ...abled The interface is considered trusted and forwards DHCP server messages without validation Log Invalid Packets The administrative mode of invalid packet logging on the interface If enabled the DHC...

Страница 141: ...he MAC address associated with the DHCP client This is the Key to the binding database VLAN ID The ID of the VLAN the client is authorized to use IP Address The IP address of the client Use the button...

Страница 142: ...s as a reply to the DHCP Inform messages received on trusted ports To access the DHCP Snooping Dynamic Bindings page click Switching DHCP Snooping Base Dynamic Bindings in the navigation menu DHCP Sno...

Страница 143: ...either locally on the device Local or on a remote system Remote Remote IP Address The IP address of the system on which the DHCP snooping bindings database will be stored This field is available only...

Страница 144: ...e dropped because the source MAC address and client hardware address did not match MAC address verification is performed only if it is globally enabled Client Ifc Mismatch The number of packets that w...

Страница 145: ...head to filter packets addressed to unrequested group addresses they are unable to transmit new packets onto the shared media for the period of time that the multicast packet is flooded The problem of...

Страница 146: ...The amount of time in seconds that the interface should wait after sending a query if it does not receive a report for a particular group on that interface The value must be greater or equal to 1 and...

Страница 147: ...ooping Source Specific Multicast IGMP Snooping Source Specific Multicast Fields Field Description VLAN ID VLAN on which the IGMP v3 report is received Group The IPv4 multicast group address Interface...

Страница 148: ...me Seconds The number of seconds the VLAN should wait after sending a query if does not receive a report for a particular group The specified value should be less than the Group Membership Interval Mu...

Страница 149: ...on in the navigation menu IGMP Snooping Multicast Router Configuration IGMP Snooping Multicast Router Configuration Fields Field Description Interface Select the physical or LAG interface to display M...

Страница 150: ...nterface The interface associated with the rest of the data in the row Only interfaces that are configured with multicast router VLANs appear in the table VLAN IDs The ID of the VLAN configured as ena...

Страница 151: ...LAN IDs The VLANs configured on the system that are not currently enabled as multicast router interfaces on the selected port or LAG To enable a VLAN as a multicast router interface click the VLAN ID...

Страница 152: ...ion Admin Mode The administrative mode for the IGMP snooping querier on the device When set to Enable the IGMP snooping querier sends out periodic IGMP queries that trigger IGMP report messages from t...

Страница 153: ...ier in the VLAN If the snooping querier finds that the other querier source IP address is lower than its own address it stops sending periodic queries If the snooping querier wins the election because...

Страница 154: ...to the configured querier query interval If the snooping switch sees a better querier numerically lower in the VLAN it moves to non querier mode Non Querier The snooping switch is in non querier mode...

Страница 155: ...ion group LAG The switch can treat the port channel as if it were a single link To access the page click Switching Port Channel Summary in the navigation menu Port Channel Summary Port Channel Summary...

Страница 156: ...orithm used to distribute traffic load among the physical ports of the port channel while preserving the per flow packet order The packet attributes that the load balancing algorithm can use to determ...

Страница 157: ...terface type which is either Port Channel logical link aggregation group or Member Port physical port Flap Count The number of times the interface has gone down The counter for a member port is increm...

Страница 158: ...VLAN ID associated with the entry in the MFDB MAC Address The multicast MAC address that has been added to the MFDB Component The feature on the device that was responsible for adding the entry to th...

Страница 159: ...manually added to the MFDB by an administrator Dynamic The entry has been added to the MFDB as a result of a learning process or protocol Entries that appear on this page have been added by using GARP...

Страница 160: ...rm the action before the counters are reset Click Refresh to refresh the page with the most current data from the switch To retain the changes across the switch s next power cycle click System Configu...

Страница 161: ...roup Name This is the configured name of the protected ports group Protected Ports The ports that are members of the protected ports group When adding a port to a protected ports group the Available I...

Страница 162: ...opriately to STP and RSTP bridges A MSTP bridge can be configured to behave entirely as a RSTP bridge or a STP bridge Note For two bridges to be in the same region the force version should be 802 1S a...

Страница 163: ...ID to MST ID mapping Configuration Format Selector The version of the configuration format being used in the exchange of BPDUs Use the buttons to perform the following tasks If you make any configura...

Страница 164: ...the bridge priorities for multiple bridges are equal the bridge with the lowest MAC address is elected as the root bridge Time Since Topology Change The amount of time that has passed since the topol...

Страница 165: ...e least cost path to the root bridge on its segment Alternate A blocked port that has an alternate path to the root bridge Backup A blocked port that has a redundant path to the same network segment a...

Страница 166: ...t will flood the received BPDU to all the ports on the switch that are similarly disabled for spanning tree BPDU Guard Effect Shows the status Disabled or Enabled of BPDU Guard Effect on the interface...

Страница 167: ...op Inconsistent State Displays True if the interface is currently in a loop inconsistent state otherwise displays False An interface transitions to a loop inconsistent state if loop guard is enabled a...

Страница 168: ...bridge Time Since Topology Change The amount of time that has passed since the topology of the MSTI has changed Designated Root The bridge identifier of the root bridge for the MST instance The identi...

Страница 169: ...o the root bridge on its segment Alternate A blocked port that has an alternate path to the root bridge Backup A blocked port that has a redundant path to the same network segment as another port on t...

Страница 170: ...able or Enable on the port Designated Root The bridge ID of the root bridge for the MST instance Designated Cost The path cost offered to the LAN by the designated port Designated Bridge The bridge ID...

Страница 171: ...IEEE 802 1w BPDUs received by the interface RSTP BPDUs Tx The number of RSTP BPDUs sent by the interface MSTP BPDUs Rx The number of MSTP IEEE 802 1s BPDUs received by the interface MSTP BPDUs Tx The...

Страница 172: ...the data in the table shows which traffic class is mapped to the priority value Incoming frames containing the designated 802 1p priority value are mapped to the corresponding traffic class in the de...

Страница 173: ...ort The behavior of packets is the same as for dynamic locking only packets with an allowable source MAC address can be forwarded To see the MAC addresses learned on a specific port see Basic Switch C...

Страница 174: ...number includes all dynamically learned MAC addresses that have been converted to static MAC addresses Sticky Mode The sticky MAC address learning mode which is one of the following Enabled MAC addre...

Страница 175: ...ace associated with the rest of the data in the row When adding a static MAC address entry use the Interface menu to select the interface to associate with the permitted MAC address Static MAC Address...

Страница 176: ...namic addresses to static addresses use the Interface menu to select the interface to associate with the MAC addresses Dynamic MAC Address The MAC address that was learned on the device An address is...

Страница 177: ...rt If all the remote entries on the switch are filled up the new neighbors are ignored In case of multiple VOIP devices on a single interface the 802 1ab component sends the Voice VLAN configuration t...

Страница 178: ...atus on the interface If the notify mode is enabled the interface sends SNMP notifications when a link partner device is added or removed Optional TLV s Select each check box next to the type length v...

Страница 179: ...DP 802 1AB data in the row When viewing the details for an interface this field identifies the interface that is being viewed Port ID The port identifier which is the physical address associated with...

Страница 180: ...PDUs from remote devices Note If the interface has not received any LLDPDUs from remote devices a message indicates that no LLDP data has been received Chassis ID Subtype The type of information used...

Страница 181: ...ystems because the information timelines interval has expired Interface Identifies the interfaces Transmit Total Displays the total number of LLDP frames transmitted by the LLDP agent on the correspon...

Страница 182: ...rks Inc Use the buttons to perform the following tasks Click Refresh to update the page with the most current information Click Clear to clear the LLDP statistics of all the interfaces To retain the c...

Страница 183: ...otocol Data Units PDUs that will be transmitted when the protocol is enabled The range is from 1 to 10 The default value is 3 Device Class Specifies local device s MED Classification The following thr...

Страница 184: ...he interface Notification Status Indicates whether LLDP MED topology change notifications are enabled or disabled on the interface Operational Status Indicates whether the interface will transmit TLVs...

Страница 185: ...cation type that is transmitted has the VLAN ID priority DSCP tagged bit status and unknown bit status A port may transmit one or many such application types This information is displayed only when a...

Страница 186: ...rence Bridge Class III Communication for example IP Telephone The fourth device is Network Connectivity Device which is typically a device such as a LAN switch or router IEEE 802 1 bridge or IEEE 802...

Страница 187: ...remote device Information The text description of the location information included in the subtype Extended PoE Indicates whether the remote device is advertised as a PoE device Device Type If the rem...

Страница 188: ...it does then the silicon searches the host table for a matching destination IP address If an entry is found then the packet is routed to the host If there is not a matching entry then the switch perfo...

Страница 189: ...fields regardless of whether it is an ARP request or response Thus when an ARP request is broadcast to all stations on a LAN segment or virtual LAN VLAN every recipient has the opportunity to store t...

Страница 190: ...with the device through this interface Type The ARP entry type Dynamic An ARP entry that has been learned by the router Gateway A dynamic ARP entry that has the IP address of a routing interface Local...

Страница 191: ...vice waits for an ARP response to an ARP request that it sends Retries The maximum number of times an ARP request will be retried after an ARP response is not received The number includes the initial...

Страница 192: ...ion menu Routing IP Configuration Routing IP Configuration Fields Field Description Routing Mode The administrative mode of routing on the device The options are as follows Enable The device can act a...

Страница 193: ...ce The default distance preference for local routes Maximum Next Hops The maximum number of hops supported by the switch This is a read only value Maximum Routes The maximum number of routes routing t...

Страница 194: ...ve link IP Address The IP address of the interface Subnet Mask The IP subnet mask for the interface also known as the network mask or netmask It defines the portion of the interface s IP address that...

Страница 195: ...d on the interface When local proxy ARP is enabled the interface can respond to an ARP request for a host other than itself Unlike proxy ARP local proxy ARP allows the interface to respond to ARP requ...

Страница 196: ...Interface The menu contains all interfaces that can be configured for routing To configure routing settings for an interface select it from the menu and then configure the rest of the settings on the...

Страница 197: ...selected network directed broadcasts are forwarded If this option is cleared network directed broadcasts are dropped Proxy ARP When this option is selected proxy ARP is enabled and the interface can r...

Страница 198: ...istration Guide Ubiquiti Networks Inc Routing IP Statistics The statistics reported on the Routing IP Statistics page are as specified in RFC 1213 To display the page click Routing IP Statistics in th...

Страница 199: ...arded e g for lack of buffer space Note that this counter would include datagrams counted in IpForwDatagrams if any such packets met this discretionary discard criterion IpOutNoRoutes The number of IP...

Страница 200: ...de errors discovered outside the ICMP layer such as the inability of IP to route the resultant datagram In some implementations there may be no types of error which contribute to this counter s value...

Страница 201: ...erface address that identifies the attached network Protocol This field tells which protocol created the specified route A route can be created in the following ways Dynamically learned through a supp...

Страница 202: ...opped rather than forwarded Next Hop Interface The outgoing interface to use when forwarding traffic to the destination For a static reject route the next hop is Null Preference The preference of the...

Страница 203: ...le by an administrator Static Reject A route where packets that match the route are discarded instead of forwarded The device might send an ICMP Destination Unreachable message 3 Configure the remaini...

Страница 204: ...f Routing and QOS packages is required to have PBR functional Normally routers take forwarding decision based on routing tables in order to forward packets to destination addresses Policy Based Routin...

Страница 205: ...use the port without restrictions At any given time only one supplicant is allowed to attempt authentication on a port in this mode Ports in this mode are under bidirectional control This is the defau...

Страница 206: ...N is dynamically created This implies that the client can connect from any port and can get assigned to the appropriate VLAN This feature gives flexibility for clients to move around the network witho...

Страница 207: ...Access Control Port Summary Fields Field Description Interface The interface associated with the rest of the data in the row PAE Capabilities The Port Access Entity PAE role which is one of the follo...

Страница 208: ...wing Initialize Disconnected Connecting Authenticating Authenticated Aborting Held ForceAuthorized ForceUnauthorized Backend State The current state of the back end authentication state machine which...

Страница 209: ...t Configuration Use the Port Access Control Port Configuration page to enable and configure port access control on one or more ports To access the Port Access Control Port Configuration page click Sec...

Страница 210: ...ddresses Quiet Period The number of seconds that the port remains in the quiet state following a failed authentication exchange Transmit Period The value in seconds of the timer used by the authentica...

Страница 211: ...icating the supplicant provides the password associated with the selected User Name Authentication Period The amount of time the supplicant port waits to receive a challenge from the authentication se...

Страница 212: ...permission by the authentication server before it can send and receive traffic through the remote port Authenticator Options The fields in this section provide information about the settings that app...

Страница 213: ...is VLAN might be configured with limited network access Supplicant Timeout The amount of time that the port waits for a response before retransmitting an EAP request frame to the client Server Timeout...

Страница 214: ...ote authenticator port EAPOL Frames Received The total number of valid EAPOL frames received on the interface EAPOL Frames Transmitted The total number of EAPOL frames sent by the interface Last EAPOL...

Страница 215: ...ent by a supplicant to indicate that it is disconnecting from the network and the interface can return to the unauthorized state This field is displayed only if the interface is configured as a suppli...

Страница 216: ...lient uses to identify itself as a supplicant to the authentication server Supplicant MAC Address The MAC address of the supplicant that is connected to the port Session Time The amount of time that h...

Страница 217: ...this field identifies each interface being configured Users The users that are allowed access to the system through the associated port When configuring user access for a port the Available Users fie...

Страница 218: ...e data in the row Only interfaces that have entries in the log history are listed Time Stamp The absolute time when the authentication event took place VLAN Assigned The ID of the VLAN the supplicant...

Страница 219: ...will not occur until the configured timeout value on that server has passed without a response from the RADIUS server Therefore the maximum delay in receiving a response from the RADIUS server equals...

Страница 220: ...the RADIUS server Server Name Shows the RADIUS server name Multiple RADIUS servers can have the same name In this case RADIUS clients can use RADIUS servers with the same name as backups for each othe...

Страница 221: ...f RADIUS packets received from the server on the authentication port and dropped for some other reason When you click Details the RADIUS Server Detailed Statistics window displays the following additi...

Страница 222: ...ther the shared secret for this server has been configured Secret The shared secret text string used for authenticating and encrypting all RADIUS communications between the RADIUS client on the device...

Страница 223: ...out or received a response Timeouts The number of times a response was not received from the server within the configured timeout value Packets Dropped The number of RADIUS packets received from the s...

Страница 224: ...accounting statistics to zero To access the RADIUS Clear Statistics page click Security RADIUS Clear Statistics in the navigation menu RADIUS Clear Statistics Click Reset to clear all statistics for t...

Страница 225: ...e Interface Configuration RADIUS Source Interface Configuration Fields Field Description Type The type of interface to use as the source interface None The primary IP address of the originating outbou...

Страница 226: ...TACACS communications between the device and the TACACS server The key must match the key configured on the TACACS server Click this button to configure the field Click this button to reset the field...

Страница 227: ...the additional field below Key String Specifies the authentication and encryption key for TACACS communications between the device and the TACACS server The key must match the encryption used on the T...

Страница 228: ...ich the TACACS servers are used Port Specifies the authentication port Key String Specifies the authentication and encryption key for TACACS communications between the device and the TACACS server The...

Страница 229: ...e Interface Configuration TACACS Source Interface Configuration Fields Field Description Type The type of interface to use as the source interface None The primary IP address of the originating outbou...

Страница 230: ...is queued for transmission in a port the rate at which it is serviced depends on how the queue is configured and possibly the amount of traffic present in the other queues of the port If a delay is ne...

Страница 231: ...Control Lists IP access control lists ACL allow network managers to define classification actions and rules for specific ports ACLs are composed of access control entries ACE or rules that consist of...

Страница 232: ...same as IPv4 Extended ACLs but the ACL ID can be an alphanumeric name instead of a number IPv6 Named Match criteria can be based on information including the source and destination IPv6 addresses sour...

Страница 233: ...signed to a rule when it is created Rules are added in the order they are created and cannot be renumbered Packets are checked against the rule criteria in order from the lowest numbered rule to the h...

Страница 234: ...y if protocol is either TCP or UDP Equal to Not Equal to Greater than and Less than options are available For TCP protocol BGP Domain Echo FTP FTP Data HTTP SMTP Telnet WWW POP2 or POP3 For UDP protoc...

Страница 235: ...tion is exclusive to all other match criteria if Every is selected no other match criteria can be configured To configure specific match criteria this option must be cleared Protocol The IANA assigned...

Страница 236: ...n provide information about the actions to take on a frame or packet that matches the rule criteria The attributes specify actions other than the basic Permit or Deny actions Assign Queue The number t...

Страница 237: ...e type also determines which attributes can be applied to matching traffic IPv4 ACLs classify Layer 3 and Layer 4 IPv4 traffic IPv6 ACLs classify Layer 3 and Layer 4 IPv6 traffic and MAC ACLs classify...

Страница 238: ...sify Layer 3 and Layer 4 IPv6 traffic and MAC ACLs classify Layer 2 traffic The ACL types are as follows IPv4 Standard Match criteria is based on the source address of IPv4 packets IPv4 Extended Match...

Страница 239: ...o VoIP Global Configuration page to configure the VLAN ID for the Auto VoIP VLAN or to reset the current Auto VoIP VLAN ID to the default value Voice over Internet Protocol VoIP enables telephone call...

Страница 240: ...hony OUI The unique OUI that identifies the device manufacturer or vendor The OUI is specified in three octet values each octet is represented as two hexadecimal digits separated by colons Status Iden...

Страница 241: ...and the interface detects an OUI match the device assigns the traffic in that session to the traffic class mapped to this priority value Traffic classes with a higher value are generally used for tim...

Страница 242: ...ed Auto VoIP mode on the interfaces To display the Protocol Based Auto VoIP page click QoS Auto VoIP Protocol Based Auto VoIP in the navigation menu A portion of the UI page is shown below Protocol Ba...

Страница 243: ...e bandwidth allocation to allow priority treatment for VoIP traffic Interface The interface associated with the rest of the data in the row When editing Auto VoIP settings on one or more interfaces th...

Страница 244: ...to the appropriate outbound CoS queue through a mapping table CoS queue characteristics that affect queue mapping such as minimum guaranteed bandwidth transmission rate shaping etc are user configurab...

Страница 245: ...244 Configuring Quality of Service EdgeSwitch Administration Guide Ubiquiti Networks Inc CoS IP DSCP Mapping Configuration 2 of 2...

Страница 246: ...interface to configure To configure the same settings on all interfaces select Global Trust Mode The trust mode for ingress traffic on the interface which is one of the following untrusted The interf...

Страница 247: ...interface for all the queues Queue ID The CoS queue The higher the queue value the higher its priority is for sending traffic Minimum Bandwidth The minimum guaranteed bandwidth allocated to the select...

Страница 248: ...ueue threshold below which now packets are dropped for the associated drop precedence level After the minimum is reached WRED randomly drops packets based on their priority DSCP or IP precedence This...

Страница 249: ...While enabled Differentiated Services are active MIB Table The information in this table displays the number of entries rows that are currently in each of the main DiffServ private MIB tables and the...

Страница 250: ...enaming an existing class the name of the class is specified in the Class field of the dialog window Type The class type which is one of the following All All the various match criteria defined for th...

Страница 251: ...ation Diffserv Class Configuration Fields Field Description Class The name of the class To configure match criteria for a class select its name from the menu Type The class type which is one of the fo...

Страница 252: ...D with the lowest value within a range of VLANs Secondary VLAN ID End The secondary VLAN ID with the highest value within the range of VLANs This field is not required if the match criteria is a singl...

Страница 253: ...following fields to configure the IP DSCP match criteria IP DSCP Keyword The IP DSCP keyword code that corresponds to the IP DSCP value to match If you select a keyword you cannot configure an IP DSC...

Страница 254: ...cy the name of the policy is specified in the Policy field of the Add Policy dialog box Type The traffic flow direction to which the policy is applied In The policy is specific to inbound traffic Out...

Страница 255: ...k CoS Select this option to mark all packets in a traffic stream with the specified Class of Service CoS queue value Use the Class of Service field to select the CoS value to mark in the priority fiel...

Страница 256: ...or occasional bursting Conform Action The action taken on packets considered to be conforming below the police rate Exceed Action The action taken on packets that are considered to exceed the committe...

Страница 257: ...Edit this dialog box opens and allows you to configure DiffServ interface policies Specifying None for a policy has no effect when adding or editing interface policies To remove an interface policy m...

Страница 258: ...ut The policy is applied to traffic as it exits the interface Status The operational status of this service interface either Up or Down Octets Offered The total number of octets offered to all class i...

Страница 259: ...raffic flow direction to which the policy is applied In The policy is applied to traffic as it enters the interface Out The policy is applied to traffic as it exits the interface Policy The name of th...

Страница 260: ...ge 270 Configuring Differentiated Services for VoIP on page 271 Note Each configuration example starts from a factory default configuration unless otherwise noted Configuring VLANs The diagram in this...

Страница 261: ...8 Select VLAN 3 from the VLAN ID and Name List 9 Select the Participate option in the VLAN field 10 For ports 0 2 0 3 and 0 4 select Include from the Participation menu to specify that these ports ar...

Страница 262: ...nfig mode for port 0 2 assign VLAN3 as the default VLAN UBNT EdgeSwitch Interface 0 2 vlan pvid 3 exit 4 Specify that frames will always be transmitted tagged from ports that are members of VLAN 2 UBN...

Страница 263: ...is associated with instance 10 on one switch you must associate VLAN 10 and instance 10 on the other switches Using the Web UI to Configure MSTP 1 Create VLANs 10 and 20 a Access the Switching VLAN St...

Страница 264: ...associate MST instance 20 to VLAN 20 and assign it a bridge priority value of 61440 By using a lower priority for MST 20 MST 10 becomes the root bridge 5 Force port 0 2 to be the root port for MST 20...

Страница 265: ...anning tree mst vlan 20 20 5 Change the name so that all the bridges that want to be part of the same region can form the region spanning tree configuration name ubnt 6 Make the MST ID 10 bridge the r...

Страница 266: ...icipating in one VLAN and one port in the other The script shows the commands you would use to configure the EdgeSwitch software to provide the VLAN routing support shown in the diagram 24V 24V 24V 24...

Страница 267: ...NT EdgeSwitch vlan database vlan routing 10 vlan routing 20 exit 6 View the logical interface IDs assigned to the VLAN routing interfaces UBNT EdgeSwitch show ip vlan MAC Address used by Routing VLANs...

Страница 268: ...se entries are evaluated in sequence number order until the first match If there is no match the packets are routed as usual Configuring Policy Based Routing Using the CLI In the following configurati...

Страница 269: ...tion include 10 exit interface 0 4 vlan pvid 20 vlan participation exclude 1 vlan participation include 20 exit interface 0 22 vlan pvid 30 vlan participation exclude 1 vlan participation include 30 e...

Страница 270: ...0 0 255 exit 6 Create a route map and add match set terms to the route map configure route map pbr_test permit 10 match ip address 1 set ip next hop 3 3 3 3 exit exit 7 Assign a route map to VLAN rou...

Страница 271: ...0 1 the system challenges the supplicant for login credentials The system encrypts the provided information and transmits it to the RADIUS server If the RADIUS server grants access the system sets the...

Страница 272: ...tch operating as Router 1 1 28 1 28 TUE MAY 20 Calculator Calculator Calendar Calendar Gallery Gallery Sound Recorder Sound Recorder Hangouts Hangouts Gmail Gmail Settings Settings Drive Drive UniFi V...

Страница 273: ...d pol_voip and then add the previously created classes class_ef and class_voip as instances within this policy This policy handles incoming packets already marked with a DSCP value of EF per class_ef...

Страница 274: ...respond to support inquiries within a 24 hour period Online Resources Support support ubnt com Community community ubnt com Downloads downloads ubnt com Ubiquiti Networks Inc 2580 Orchard Parkway San...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды