WAGO 852-1322 Скачать руководство пользователя страница 31

Страница: 31 / 84

Function Description 31

852-1322/852-1328 Industrial Managed Switch

Manual

1.0.01

Function Description

6.1

Security

6.1.1

IEEE 802.1X

IEEE 802

1X is an IEEE standard for port

based Network

Access Control

protocol.

It provides an authentication mechanism to devices that need to attach

to a LAN.

This protocol restricts unauthorized clients from connecting to a LAN

through ports that are opened to the Internet

The authentication basically

involves three parties

(see Figure 9 “RADIUS Authentication Sequence”)

supplicant, an authenticator, and an authentication server.

•

Supplicant: A client device that requests access to the LAN

•

Authentication Server: This server performs the actual authentication .We

utilize RADIUS (

emote

uthentication

ial-

ser

ervice) as the

authentication server.

•

Authenticator: The Authenticator is a network device (i.e. the WAGO

Industrial managed switch) that acts as a proxy between the supplicant and

the authentication server. It passes around information, verifies information

with the server, and relays responses to the supplicant.

The authenticator acts like a security guard to a protected network. The

supplicant is not allowed accessing to the protected side of the network through

the authenticator until the supplicant

’

s identity has been validated and

authorized.

With IEEE802

1X authentication, a supplicant and an authenticator

exchange EAP (Extensible Authentication Protocol, an authentication framework

widely used by IEEE). Then the authenticator forwards this information to the

authentication server for verification.

If the authentication server confirms the

request, the supplicant

(client device

(

will be allowed to access resources located

on the protected side of the network

Содержание 852-1322

Страница 1: ...10_ 0 do cx 4053 88 1 Manual 852 1322 Managed Switch 8 Port Gb MACsec 852 1328 Managed Switch 6 Port Gb 2FOC MACsec 1 0 1 Pos 3 Alle Se rien Allge meine Mo dule Rec htliches Allgem eines Imp ress um f...

Страница 2: ...measure has been taken to ensure the accuracy and completeness of this documentation However as errors can never be fully excluded we always appreciate any information or suggestions for improving the...

Страница 3: ...erating the Industrial Switches 11 2 1 Safety Advice Precautions 12 3 Device Description 15 3 1 View 16 3 1 1 Front View 16 3 1 2 Top View 17 3 2 Connectors 18 3 2 1 Grounding screw 18 3 2 2 Power Sup...

Страница 4: ...7 4 4 Password 48 7 4 5 Clock 49 7 5 Diagnostics 51 7 5 1 SNMP 51 7 5 1 1 SNMP Agent 54 7 5 1 2 SNMP V1 V2c Community 54 7 5 1 3 SNMP Trap 56 7 5 1 4 SNMP V3 Auth 57 7 5 2 Modbus TCP 59 7 5 3 System...

Страница 5: ...Table of Contents 5 852 1322 852 1328 Industrial Managed Switch Manual 1 0 01 E nde der Liste f r Tex tma rke Ve rzeic hnis_v orn e...

Страница 6: ...r Doku me ntatio n G l tigkeits ber eich Do kum enta tion 852 xxxx 16 mod _13 784 582 086 96_ 21 d ocx 130 868 1 This documentation is only applicable to WAGO ETHERNET accessory products Managed Switc...

Страница 7: ...mein e M odul e Siche rh eits und s onsti ge Hinw eise Vo rsicht Vo rsicht _Wa rnu ng vo r Per sone nsch de n allge mei n_ Erl ut eru ng 13 mo d_13 433 100 287 62_ 21 d ocx 101 038 1 Personal Injury...

Страница 8: ...d Switch Manual 1 0 01 Additional Information Refers to additional information which is not an integral part of this documentation e g the Internet Pos 11 6 Dok ume ntati on all gem ein Glie de rung s...

Страница 9: ...23 mo d_14 356 471 860 05_ 21 d ocx 184 814 2 1 1 5 Font Conventions Pos 11 10 Alle Se rien Allge mein e Mo dule Rec htliches Allgem eines Schriftk onv entio nen 3 mod _12 210 5952 143 7_2 1 do cx 21...

Страница 10: ...or from the legal protection of utility patents Third party products are always mentioned without any reference to patent rights Thus the existence of such rights cannot be excluded 3 m od_ 122 234 63...

Страница 11: ...if t 2 und Inhal t 3 mo d_1 222 346 2394 53_ 21 docx 22 261 3 1 2 1 5 Standards and Regulations for Operating the Industrial Switches Please observe the standards and regulations that are relevant to...

Страница 12: ...ing the appropriate key or tool Pos 14 12 3 Alle Seri en Allg emei ne Mod ule Sich er heits und sons tige Hi nweise Gefa hr Gefa hr U nfallve rh tung svors chrift en beac hten 6 mo d_1 260 180 6570 00...

Страница 13: ...nweise Ac htun g Achtu ng V erp olung en der D aten u nd Ve rsor gun gsleitu nge n ve rmei den 6 mo d_1 2601 840 457 44_ 21 d ocx 467 67 1 Do not reverse the polarity of connection lines Avoid reverse...

Страница 14: ...erference in residential areas This is a Class B device and therefore suitable to be used also in residential areas without specific measures to prevent interference Pos 14 15 D okum ent ation allge m...

Страница 15: ...uses GCM AES to implement point to point security for ETHERNET links between switches In other words it can secure a network from a whole host of security threats including intrusion man in the middl...

Страница 16: ...Table 3 Legend for the Figure Front View of the Industrial Managed Switch Pos Descrip tion Meaning For Details see Section 1 PWR Power is being supplied through the Power input Device Descriptions Un...

Страница 17: ...end for the Figure Top View of the Industrial Managed Switch No Descrip tion Meaning For Details see Section 1 Grounding screw Device Description Connectors 2 Connector male for power consumption RPS...

Страница 18: ...r G er teb eschr eibu ng Ansc hl sse Anschl s se 8 52 150 5 00 0 0 01 Er dun gssch rau be 35 mod _15 635 1124 232 7_2 1 d ocx 5546 49 3 1 3 2 1 Grounding screw The switch must be grounded Connect the...

Страница 19: ...e top of the switch Both PWR and RPS support input voltage between 9 and 48 VDC The male connector shows the following pin assignment Figure 4 Power Supply Connector Table 5 Legend for Figure Power Su...

Страница 20: ...Figure Network Connections No Desig nation Meaning For Details see Section 1 852 1328 6 x RJ 45 connections 10 100 1000BASE T Device Description 10 100 1000BASE T Ports 2 852 1328 2 x SFP connections...

Страница 21: ...ansmission modes These ports also provide automatic crossover detection Auto MDI MDI X with plug and play capabilities Simply plug the network cables into the ports they then adapt to the end node dev...

Страница 22: ...supply Off The primary power supply has been switched off or a fault has occurred RPS Redundant Power System LED Green The industrial managed switch uses the redundant power supply Off The redundant p...

Страница 23: ...ustrial managed switch Figure 8 Label Table 9 Legend for Figure Label Item Product Label Description Item No Item number IN Device input and maximum current and voltage Ambient Temp Operating temperat...

Страница 24: ...e of protection IP30 3 5 2 System Data Table 11 Technical Data System Data MAC table 16384 entries Jumbo Frame Size 10 kB Wavelength optical fibers Depends on SFP module Maximum lengths 10 100 1000BAS...

Страница 25: ...ckets IEEE 802 1ae for MACsec 3 5 5 Environmental Conditions Table 15 Technical Data Environmental Conditions Surrounding air temperature operation 20 70 C Surrounding air temperature storage 40 85 C...

Страница 26: ...6 1 Conformity Marking Pos 20 29 D okum ent ation allge mein Gliede run gsele me nte Lee rabs atz 2 Z 3 mod _12 2466 275 568 7_0 docx 24 460 1 Pos 20 30 Se rie 8 52 ETHERNET Zu beh r Ger te besch reib...

Страница 27: ...ure that the heat output from the industrial managed switch and ventilation around it is adequate Do not place any heavy objects on the industrial managed switch 4 2 Installation on a Carrier Rail The...

Страница 28: ...ence from electromagnetic radiation Observe the corresponding standards for EMC compatible installations as well 2 Plug the female connector into the male connector of the switch if it has not already...

Страница 29: ...optics 1 Insert the respective SFP modules 2 Ensure that the fiber optic ports are clean You can clean the cable connectors by wiping them with a clean cloth or a cotton ball soaked with a little eth...

Страница 30: ...witch support both autosensing and auto negotiation 1 Connect one end of the twisted pair cable of the type Category 3 5 5e to an available RJ 45 port on the industrial managed switch and the other en...

Страница 31: ...e as the authentication server Authenticator The Authenticator is a network device i e the WAGO Industrial managed switch that acts as a proxy between the supplicant and the authentication server It p...

Страница 32: ...transparently secure an IEEE 802 LAN connection to a peer device such as another switch that also supports the MACsec MACsec defines two terms called secure channel and connectivity association when...

Страница 33: ...he changed configuration settings to take effect 7 1 Login 1 To open the WBM launch a Web browser e g Microsoft Edge or Mozilla Firefox or Google Chrome 2 Enter the IP address of the device i e WAGO 8...

Страница 34: ...ity Warning Page a Please click on the red box Advanced button and click on Accept the Risk and Continue button as shown in Figure Security Warning Page Figure 11 Security Warning Page 6 After pressin...

Страница 35: ...r update your changes to apply the settings 12 It is highly recommended to avoid using the factory default password during the actual operation of your device Therefore if you logged in with the defau...

Страница 36: ...mation Legal Information Configuration System Settings Network Settings Port Settings Password Clock Diagnostics SNMP Modbus TCP System Log Port Monitor Security Static SAK Secure Code 802 1X Maintena...

Страница 37: ...e second tries will have 0 second waiting time The third try will have a waiting time of 10 seconds The fourth try will have a waiting time of 100 seconds The fifth up to tenth tries will have a waiti...

Страница 38: ...the characters in the security card and use them to enter them in the Secure code textbox as shown in Figure Example of Dialog after Clicking Forget it Button The secure code dialog in Figure Example...

Страница 39: ...age to immediately update the password as shown in Figure Re direction to Change Password Tab Page When you finished changing the new password click on the Submit button The system will prompt you wit...

Страница 40: ...O 852 1322 switch Table WBM Information Page System Information Tab summarizes the description of each field of system information Figure 21 WBM Information Page System Information Tab Table 17 WBM In...

Страница 41: ...has two tabs that are WAGO Licenses and Open Source Licenses They list all information and terms about software license agreement 7 3 2 1 WAGO Licenses Figure 22 WBM Information Page Legal Information...

Страница 42: ...mit button to update the information on the switch Figure WBM Configuration Page System Settings Tab shows System Settings page of an 852 1322 industrial managed switch model Table WBM Configuration P...

Страница 43: ...ch can obtain IP address setting automatically from a DHCP server available on the user s local network If the DHCP is enabled the rest of the fields will be disabled Note that the user should consult...

Страница 44: ...ed parameters will be automatically assigned Otherwise user can set up the static IP address and related fields manually Static IP Address 192 168 1 254 This field displays current IP address The user...

Страница 45: ...n Figure 26 WBM Configuration Page Port Settings Tab The description of each parameter and its default value in Port Settings tab page are summarized in Table WBM Configuration Page Port Settings Tab...

Страница 46: ...e box which are Port 7 and Port 8 Therefore the tab in Figure WBM Configuration Page Fiber Port Speed Setting Tab will allow the user to set the data rate or communication speed on each of the fiber p...

Страница 47: ...er Port Speed Setting Tab Table 21 WBM Configuration Page Fiber Port Speed Setting Tab Parameters Factory Default Description Ports Fiber port number on the industrial managed switch For WAGO 852 1328...

Страница 48: ...irm its correctness Please click on the Submit button to update the user name and password information on the switch Figure 28 WBM Configuration Page Password Tab The description of each parameter and...

Страница 49: ...two standards one is the UTC time and the other is the Local time which is the time converted by Timezone The 12 hour format check box can be checked for 12 hour format or unchecked for 24 hour format...

Страница 50: ...field displays the current local time on the device The local time for the device is read only cannot be changed It is display in the format of HH MM SS UTC 12 30 30 This field displays the current UT...

Страница 51: ...SNMP manager and the device the SNMP agent The string is included in every packet transmitted between the SNMP manager and the SNMP agent The SNMP community acts like a password and is used to define...

Страница 52: ...52 Configuration in the WBM 852 1322 852 1328 Industrial Managed Switch Manual 1 0 01 Figure 30 WBM Diagnostics Page SNMP Tab...

Страница 53: ...Configuration in the WBM 53 852 1322 852 1328 Industrial Managed Switch Manual 1 0 01...

Страница 54: ...ters Factory Default Description SNMP Enabled Disable Check the box to enable SNMP agent SNMP Version V3 Check the desired SNMP Version as either V1 V2c and or V3 7 5 1 2 SNMP V1 V2c Community SNMP V1...

Страница 55: ...the Add button Figure 32 SNMP V1 V2c Community Setting Table WBM Diagnostics Page SNMP Tab SNMP V1 V2c Community Setting briefly provides descriptions of SNMP V1 V2c community string setting Table 25...

Страница 56: ...P Trap section Figure 33 WBM Diagnostics Page SNMP Tab SNMP Trap The SNMP Trap Mode allows users to configure SNMP Trap mode or Inform mode by selecting the desired mode from the dropdown list as show...

Страница 57: ...e maximum length of the string is 15 characters 7 5 1 4 SNMP V3 Auth As mentioned earlier SNMP V3 is a more secure SNMP protocol In this part the user will be able to set a password and an encryption...

Страница 58: ...ered in the Encryption Key field and re entered again in Confirmed Key field After filling all the required fields please click on Add button to update the information on the industrial managed switch...

Страница 59: ...nagement Information Base MIB browser The switch will be a Modbus slave which can be remotely configured by a Modbus master The Modbus slave address must be set to match the setting inside the Modbus...

Страница 60: ...he Modbus Port field Click Submit button to set the Modbus TCP Table WBM Diagnostics Page Modbus TCP Tab summarizes the descriptions of the Modbus TCP s parameters Please refer to Appendix 0 for the M...

Страница 61: ...Log Setting Tab The syslog can be saved to flash memory inside the industrial managed switch and or it can be sent to a remote log server The user needs to select the log level and provides the IP add...

Страница 62: ...server Syslog Server IP 0 0 0 0 Set the IP address of Syslog server Syslog Server Service Port 514 Set the service port number of Syslog server Range from Port 1 to Port 65535 7 5 3 2 Log The Log tab...

Страница 63: ...ic refresh cycle in seconds by entering the number in the corresponding field Note that the log records are sorted by date and time Table WBM Page Diagnostics System Log Log Tab summarizes the descrip...

Страница 64: ...resh cycle sec Disable 20 Select the check box to enable cyclic refresh Enter the cycle time in seconds in which a cyclic refresh is performed The label of the button Refresh Start Stop changes depend...

Страница 65: ...t status whether a port is connected Link Up Green color or disconnected Link Down Yellow color or disabled Black color Table WBM Diagnostics Page Port Monitor Tab summarizes the descriptions of each...

Страница 66: ...nable secure association mode on industrial managed switch s port s first select one of the two ports from the dropdown list under the Ports Then check the Enabled box Then enter the Secure Channel Id...

Страница 67: ...e Enabled box Then click on the Submit button This will update the status of the setting in the Static SAK Status table in the lower part of the Figure WBM Page Security Static SAK Tab Table 33 WBM Pa...

Страница 68: ...of Secure Codes They can be used to log in to the industrial managed switch when the user forgot the password and selected the Forget it button at the login dialog The use of the device recovery card...

Страница 69: ...328 Industrial Managed Switch Manual 1 0 01 7 6 3 IEEE 802 1X The 802 1X tab under the Security page is subdivided into three sub tabs which are Setting Parameters Setting and Port Setting as shown be...

Страница 70: ...tion fields will become active The user then have to enter all the required fields to configure the 802 1X Setting which are the IP address of RADIUS server the RADIUS server s port number the RADIUS...

Страница 71: ...ers Shared Key NULL A shared key between the managed switch and the RADIUS Server Both devices must be configured to use the same key where the maximum length is 30 characters Confirmed Shared Key Dep...

Страница 72: ...server to respond to the supplicant s EAP packet The range is from 10 to 300 seconds Maximum Requests 2 The maximum number of the retransmissions that the authentication server can send the EAP reque...

Страница 73: ...X security on any of the port s click one of the port or press Ctrl key and click multiple ports on the list and choose the Authorization Mode from the dropdown list and click the Update button To che...

Страница 74: ...rmware from WAGO s website and save it in a local computer Then the users can click Browse button and choose the firmware file that is already downloaded The switch s firmware typically has a dld exte...

Страница 75: ...n the Reset button as shown in Figure WBM Maintenance Page Reset to Default Tab When the switch is restarted the web browser will be re directed to the login web page as depicted in Figure Login Web P...

Страница 76: ...ion box the user will be prompted to save or keep the file name 852 1322_XXX XXX XXX XXX ini by the Web browser Choosing to Save File will back up the switch s current configuration to your local driv...

Страница 77: ...ustrial Managed Switch Manual 1 0 01 7 7 4 Reboot A simple reboot function is provided in this tab page requiring only one single click on the Reboot button as shown in Figure WBM Maintenance Page Reb...

Страница 78: ...ss or user The user can logout of the device by either browsing to the Logout page and click Logout button or using the logout quick button which is located on the upper right corner of the web page a...

Страница 79: ...2 Hi byte 0x04 Word 2 Lo byte 0x05 0x0024 36 1 word R Kernel Version Ex Version 1 03 Word 0 Hi byte 0x01 Word 0 Lo byte 0x03 IP Information 0x0050 80 1 word R DHCP Status 0x0000 Disabled 0x0001 Enabl...

Страница 80: ...R Port Speed Status 10M 0x01 Status 100M 0x02 Status 1000M 0x03 Word 0 Hi byte Port 1 Status Word 0 Lo byte Port 2 Status Word 1 Hi byte Port 3 Status Word 1 Lo byte Port 4 Status Word 2 Hi byte Port...

Страница 81: ...21 WBM Information Page System Information Tab 40 Figure 22 WBM Information Page Legal Information WAGO Licenses Tab 41 Figure 23 WBM Information Page Legal Information Open Source License Tab 41 Fig...

Страница 82: ...fault Tab 75 Figure 49 Login Web Page 75 Figure 50 WBM Maintenance Page Backup Restore Tab 76 Figure 51 WBM Maintenance Page Reboot Tab 77 Figure 52 WBM Maintenance Page Logout Tab 78 Figure 53 Logout...

Страница 83: ...Links and WBM Pages 36 Table 17 WBM Information Page System Information Tab 40 Table 18 WBM Configuration Page System Settings Tab 42 Table 19 WBM Configuration Page System Settings Tab 44 Table 20 WB...

Страница 84: ...CI 2 017 2 8 mo d_1 486 477 503 580 _21 docx 40 539 4 1 WAGO Kontakttechnik GmbH Co KG Postfach 2880 D 32385 Minden Hansastra e 27 D 32423 Minden Phone 49 571 887 0 Fax 49 571 887 844169 E Mail info...

Результаты поиска

Содержание 852-1322

Отзывы:

Похожие инструкции для 852-1322

Бренды по названию

Популярные бренды

WAGO 852-1322, Руководство пользователя

Результаты поиска

Содержание 852-1322

Отзывы:

Похожие инструкции для 852-1322

Бренды по названию

Популярные бренды