ZyXEL Communications GS1915 Series Скачать руководство пользователя страница 259 | Manualshive

Страница: 259 / 346

background image

Chapter 32 Access Control

GS1915 Series User’s Guide

259

C

HAPTER

32

Access Control

32.1 Access Control Overview

This chapter describes how to control access to the Switch.

A console port and FTP are allowed one session each, Telnet and SSH share nine sessions, up to five web
sessions (five different user names and passwords) and/or limitless SNMP access control sessions are
allowed.

A console port access control session and Telnet access control session cannot coexist when multi-login
is disabled.

32.1.1 What You Can Do

• Use the

Access Control

screen (

Section 32.2 on page 259

) to display the main screen.

• Use the

SNMP

screen (

Section 32.3 on page 260

) to configure your SNMP settings.

• Use the

Trap Group

screen (

Section 32.3.1 on page 261

) to specify the types of SNMP traps that should

be sent to each SNMP manager.

• Use the

User Information

screen (

Section 32.3.3 on page 263

) to create SNMP users for authentication

with managers using SNMP v3 and associate them to SNMP groups.

• Use the

Logins

Section 32.4 on page 265

) to assign which users can access the Switch

through Web Configurator at any one time.

• Use the

Service Access Control

screen (

Section 32.5 on page 266

) to decide what services you may

use to access the Switch.

• Use the

Remote Management

Section 32.6 on page 267

) to specify a group of one or more

“trusted computers” from which an administrator may use a service to manage the Switch.

• Use the

Account Security

screen (

Section 32.7 on page 268

) to encrypt all passwords configured in

the Switch. You can also display the authentication, authorization, external authentication server

information (RADIUS), system and SNMP user account information in the configuration file saved.

32.2 Access Control Main Settings

Use this screen to display the main screen.

Click

Management

>

Access Control

in the navigation panel to display the main screen as shown.

Table 130 Access Control Overview

Console Port

SSH

Telnet

FTP

Web

SNMP

One session

Share up to 9 sessions

One session

Up to 5 accounts

No limit

«
...
257
258
259
260
261
...
»

Содержание GS1915 Series

Страница 1: ...24 port Gigabit Smart Managed Layer 2 Switch Copyright 2022 Zyxel and or its affiliates All Rights Reserved Management IP Address http setup zyxel or http DHCP assigned IP or http 192 168 1 1 User Name admin Password 1234 Version 4 70 Edition 4 05 2022 ...

Страница 2: ...stem Every effort has been made to ensure that the information in this manual is accurate Related Documentation Quick Start Guide The Quick Start Guide shows how to connect the Switch Online Help Click the help link for a description of the fields in the Switch menus Nebula Control Center NCC User s Guide Go to the Nebula Control Center to get this User s Guide on how to configure the Switch using...

Страница 3: ...s field labels and field choices are all in bold font A right angle bracket within a screen name denotes a mouse click For example Basic Setting IP Setup IP Configuration Network Proxy Configuration means you first click Basic Setting in the navigation panel then the IP Setup sub menu then IP Configuration and finally Network Proxy Configuration to get to that screen Icons Used in Figures Figures ...

Страница 4: ...c MAC Forwarding 133 Static Multicast Forwarding 135 Filtering 138 Spanning Tree Protocol 140 Bandwidth Control 146 Broadcast Storm Control 148 Mirroring 150 Link Aggregation 152 Port Security 159 Time Range 162 Queuing Method 164 Multicast 167 AAA 173 DHCP Snooping 181 Loop Guard 192 Error Disable 195 Green Ethernet 202 Link Layer Discovery Protocol LLDP 204 Differentiated Services 226 DHCP 230 A...

Страница 5: ...ew GS1915 Series User s Guide 5 Cluster Management 288 MAC Table 294 ARP Table 297 Path MTU Table 299 Configure Clone 300 IPv6 Neighbor Table 302 Port Status 304 Troubleshooting and Appendices 309 Troubleshooting 310 ...

Страница 6: ...Bridging Example 24 1 2 4 High Performance Switching Example 24 1 2 5 IEEE 802 1Q VLAN Application Examples 25 1 3 Ways to Manage the Switch 26 1 4 Good Habits for Managing the Switch 26 Chapter 2 Hardware Installation and Connection 27 2 1 Installation Scenarios 27 2 2 Safety Precautions 27 2 3 Desktop Installation Procedure 27 2 4 Wall Mounting 28 2 4 1 Installation Requirements 28 2 5 Mounting ...

Страница 7: ...ON Utility 44 4 3 1 Requirements 44 4 3 2 Run the ZON Utility 45 4 4 Wizard 48 4 4 1 Basic 49 4 4 2 Protection 53 4 4 3 VLAN 56 4 4 4 QoS 57 4 5 Web Configurator Layout 58 4 5 1 Change Your Password 62 4 6 Save Your Configuration 63 4 7 Switch Lockout 63 4 8 Reset the Switch 63 4 8 1 Restore Reset Button 63 4 9 Log Out of the Web Configurator 64 4 10 Help 64 Chapter 5 Initial Setup Example 65 5 1 ...

Страница 8: ...8 1 1 What You Can Do 85 8 2 System Information 85 8 3 General Setup 86 8 4 Switch Setup 88 8 4 1 Introduction to VLANs 88 8 4 2 Setting up 89 8 5 IP Setup 90 8 5 1 IP Interfaces 90 8 5 2 IP Status 91 8 5 3 IP Status Details 91 8 5 4 IP Configuration 93 8 5 5 Network Proxy Configuration 95 8 6 Port Setup 96 8 7 PoE Status 97 8 7 1 PoE Time Range Setup 99 8 7 2 PoE Setup 100 8 8 Interface Setup 103...

Страница 9: ... 123 9 6 Configure VLAN Port Settings 124 9 7 Voice VLAN 125 9 8 MAC Based VLAN 127 9 9 Vendor ID Based VLAN 128 9 10 Port Based VLAN Setup 130 9 10 1 Configure a Port Based VLAN 130 Chapter 10 Static MAC Forwarding 133 10 1 Overview 133 10 1 1 What You Can Do 133 10 2 Configure Static MAC Forwarding 133 Chapter 11 Static Multicast Forwarding 135 11 1 Static Multicast Forwarding Overview 135 11 1 ...

Страница 10: ... Overview 148 15 1 1 What You Can Do 148 15 2 Broadcast Storm Control Setup 148 Chapter 16 Mirroring 150 16 1 Mirroring Overview 150 16 2 Port Mirroring Setup 150 Chapter 17 Link Aggregation 152 17 1 Link Aggregation Overview 152 17 1 1 What You Can Do 152 17 1 2 What You Need to Know 152 17 2 Link Aggregation Status 153 17 3 Link Aggregation Setting 154 17 3 1 Link Aggregation Control Protocol 15...

Страница 11: ...ooping VLAN 171 Chapter 22 AAA 173 22 1 Authentication Authorization and Accounting AAA 173 22 1 1 What You Can Do 173 22 1 2 What You Need to Know 173 22 2 AAA Screens 174 22 3 RADIUS Server Setup 174 22 4 AAA Setup 176 22 5 Technical Reference 178 22 5 1 Vendor Specific Attribute 178 22 5 2 Supported RADIUS Attributes 179 22 5 3 Attributes Used for Authentication 180 Chapter 23 DHCP Snooping 181...

Страница 12: ... Disable Detect Configuration 199 25 6 Error Disable Recovery Configuration 200 Chapter 26 Green Ethernet 202 26 1 Green Ethernet Overview 202 26 2 Configuring Green Ethernet 202 Chapter 27 Link Layer Discovery Protocol LLDP 204 27 1 LLDP Overview 204 27 2 LLDP MED Overview 205 27 3 LLDP Settings 206 27 4 LLDP Local Status 207 27 4 1 LLDP Local Port Status Detail 208 27 5 LLDP Remote Status 211 27...

Страница 13: ...iguring DHCPv4 Global Relay 234 29 4 4 Configure DHCPv4 Global Relay Port 235 29 4 5 Global DHCP Relay Configuration Example 236 29 4 6 DHCPv4 VLAN Setting 237 29 4 7 Configure DHCPv4 VLAN Port 238 29 4 8 Example DHCP Relay for Two VLANs 239 29 5 DHCPv6 Relay 240 Chapter 30 ARP Setup 242 30 1 ARP Overview 242 30 1 1 What You Can Do 242 30 1 2 What You Need to Know 242 30 2 ARP Setup 244 30 2 1 ARP...

Страница 14: ...l Overview 259 32 1 1 What You Can Do 259 32 2 Access Control Main Settings 259 32 3 Configure SNMP 260 32 3 1 Configure SNMP Trap Group 261 32 3 2 Enable or Disable Sending of SNMP Traps on a Port 262 32 3 3 Configure SNMP User 263 32 4 Set Up Login Accounts 265 32 5 Service Access Control 266 32 6 Remote Management 267 32 7 Account Security 268 32 8 Technical Reference 270 32 8 1 About SNMP 270 ...

Страница 15: ...er 37 MAC Table 294 37 1 MAC Table Overview 294 37 1 1 What You Can Do 294 37 1 2 What You Need to Know 294 37 2 Viewing the MAC Table 295 Chapter 38 ARP Table 297 38 1 Overview 297 38 1 1 What You Can Do 297 38 1 2 What You Need to Know 297 38 2 Viewing the ARP Table 297 Chapter 39 Path MTU Table 299 39 1 Path MTU Overview 299 39 2 Viewing the Path MTU Table 299 Chapter 40 Configure Clone 300 40 ...

Страница 16: ...Utilization 308 Part III Troubleshooting and Appendices 309 Chapter 43 Troubleshooting 310 43 1 Power Hardware Connections and LEDs 310 43 2 Switch Access and Login 311 43 3 Switch Configuration 313 Appendix A Customer Support 314 Appendix B Common Services 319 Appendix C IPv6 322 Appendix D Legal Information 331 Index 336 ...

Страница 17: ...17 PART I User s Guide ...

Страница 18: ...nd provisioned by the Zyxel Nebula Control Center NCC When the Switch is in standalone mode it can be configured and managed by the Web Configurator The following table describes the hardware features of the Switch by model Table 1 GS1915 Series Comparison Table FEATURES GS1915 8 GS1915 8EP GS1915 24E GS1915 24EP Number of 10 100 1000 Mbps Ethernet ports 8 8 24 24 Number of 10 100 1000 Mbps PoE po...

Страница 19: ... or configure and manage the Switch directly in standalone mode The Nebula Control Center NCC is an alternative cloud based network management system that allows you to remotely manage and monitor the Switch You may also access a minimized version of the Web Configurator in cloud mode Nebula Cloud Management To have Nebula manage the Switch you must first register it at the Nebula web portal at ht...

Страница 20: ... Click Get Started in the Nebula web portal Enter your myZyxel account information You will be redirected to another screen where you can sign up for a myZyxel account if you do not have one 3 Create an organization and a site using the Nebula setup wizard or select an existing organization 4 Register the Switch by entering its Registration MAC Address and serial number and assign it to the site T...

Страница 21: ...l Center https nebula zyxel com 2 Go to the Organization wide Configure License inventory Devices screen 3 Select the Switch you want to remove unregister from the organization 4 Click Actions then click Remove from organization It will take a while for the Switch to reboot and reset to factory default 1 1 3 ZON Utility With its built in Web Configurator including the Neighbor Management feature S...

Страница 22: ...The following table describes the PoE features of the Switch by model 1 2 Example Applications This section shows a few examples of using the Switch in various network environments Note that the Switch in the figure is just an example Switch and not your actual Switch Table 3 GS1915 Series Models and PoE Features POE FEATURES GS1915 8EP GS1915 24EP IEEE 802 3af PoE Yes Yes IEEE 802 3at PoE Yes Yes...

Страница 23: ...2 PoE Example Application 1 2 2 Backbone Example Application The Switch is an ideal solution for small networks where rapid growth can be expected in the near future The Switch can be used standalone for a group of heavy traffic users You can connect computers and servers directly to the Switch s port or connect other switches to the Switch In this example all computers can share high speed applic...

Страница 24: ...andwidth can connect to high speed department servers through the Switch You can provide a super fast uplink connection by using a Gigabit Ethernet or SFP port on the Switch Moreover the Switch eases supervision and maintenance by allowing network managers to centralize multiple servers at a single location Figure 4 Bridging Application 1 2 4 High Performance Switching Example The Switch is ideal ...

Страница 25: ...rmance Switched Workgroup Application 1 2 5 IEEE 802 1Q VLAN Application Examples A VLAN Virtual Local Area Network allows a physical network to be partitioned into multiple logical networks Stations on a logical network belong to one or more groups With VLAN a station cannot directly talk to or hear from stations that are not in the same groups unless such traffic first goes through a router 1 2 ...

Страница 26: ...Management Cluster Management allows you to manage multiple switches through one switch called the cluster manager See Chapter 36 on page 288 ZON Utility ZON Utility is a program designed to help you deploy and perform initial setup on a network more efficiently See Section 4 3 on page 44 1 4 Good Habits for Managing the Switch Do the following regularly to make the Switch more secure and to manag...

Страница 27: ...om of the Switch and at least 5 cm of clearance on all four sides of the Switch This allows air circulation for cooling Do NOT block the ventilation holes nor store cables or power cords on the Switch Allow clearance for the ventilation holes to prevent your Switch from overheating This is especially crucial when your Switch does not have fans Overheating could affect the performance of your Switc...

Страница 28: ...Make sure there is a power outlet nearby Cautions Avoid stacking fanless Switches to prevent overheating Ensure enough clearance around the Switch to allow air circulation for cooling Do NOT remove the rubber feet as it provides space for air circulation 2 4 Wall Mounting The Switch can be mounted on a wall You may need screw anchors if mounting on a concrete or brick wall 2 4 1 Installation Requi...

Страница 29: ...es for the screw anchors into the wall Push the anchors into the full depth of the holes then insert the screws into the anchors Do NOT insert the screws all the way in leave a small gap of about 0 5 cm If not using screw anchors use a screwdriver to insert the screws into the wall Do NOT insert the screws all the way in leave a gap of about 0 5 cm 4 Make sure the screws are fastened well enough t...

Страница 30: ...t be facing up or down as this position is less safe 2 5 Mounting the Switch on a Rack The Switch can be mounted on an EIA standard size 19 inch rack or in a wiring closet with other equipment Follow the steps below to mount your Switch on a standard EIA rack using a rack mounting kit Note Make sure there is enough clearance between each equipment on the rack for air circulation 2 5 1 Installation...

Страница 31: ...ng the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the Switch lining up the four screw holes on the bracket with the screw holes on the side of the Switch Figure 8 Attaching the Mounting Brackets 2 Using a 2 Philips screwdriver install the M3 flat head screws through the mounting bracket holes into the Switch 3 Repeat steps 1 and 2 to install the second mounting br...

Страница 32: ...h on a Rack 2 Using a 2 Philips screwdriver install the M5 flat head screws through the mounting bracket holes into the rack Note Make sure you tighten all the four screws to prevent the Switch from getting slanted 3 Repeat steps 1 and 2 to attach the second mounting bracket on the other side of the rack ...

Страница 33: ...3 Front Panel GS1915 24EP The following table describes the ports Table 5 Panel Connections CONNECTOR DESCRIPTION 8 24 1000Base T RJ 45 Ethernet Ports These are 10 100 1000Base T auto negotiating and auto crossover Ethernet ports Connect these ports to a computer a hub a router or an Ethernet switch 8 12 1000Base T RJ 45 PoE Ports These are 10 100 1000Base T auto negotiating and auto crossover Eth...

Страница 34: ...gs for the Gigabit ports on the Switch are Speed Auto Duplex Auto Flow control Off Link Aggregation Disabled 3 1 1 2 Auto crossover All ports support auto crossover that is auto MDIX ports Media Dependent Interface Crossover so you may use either a straight through Ethernet cable or crossover Ethernet cable for all Gigabit port connections Auto crossover ports automatically sense whether they need...

Страница 35: ...s protective earthing terminals are valid terminals Installation of Ethernet cables must be separate from AC power lines To avoid electric surge and electromagnetic interference use a different electrical conduit or raceway tube trough or enclosed conduit for protecting electric wiring that is 15 cm apart or as specified by your country s electrical regulations Any device that is located outdoors ...

Страница 36: ...The grounding terminal of the server rack or on site grounding terminal must also be grounded and connected to the building s main grounding electrode Make sure the grounding terminal is connected to the buildings grounding electrode and has an earth resistance of less than 10 ohms or according to your country s electrical regulations Figure 20 Connecting to the Building s Main Grounding Electrode...

Страница 37: ...talled it in a rack Note Use the included power cord for the AC power connection 1 Connect the female end of the power cord to the AC power socket 2 Connect the other end of the cord to a power outlet Disconnecting the Power The power input connectors can be disconnected from the power source individually 1 Disconnect the power cord from the power outlet 2 Disconnect the power cord from the AC pow...

Страница 38: ...is disabled in Basic Setting Cloud Management in the Switch Web Configurator Ethernet Ports and PoE LNK ACT Green On The link to an Ethernet network is up Blinking The Switch is transmitting or receiving to or from an Ethernet network Off The link to an Ethernet network is down PoE Mode GS1915 8EP GS1915 24EP Green On Power is supplied through the Ethernet port Off There is no power supplied Note ...

Страница 39: ...39 PART II Technical Reference ...

Страница 40: ...r 2 The Switch is a DHCP client by default Type http DHCP assigned IP in the Location or Address field Press ENTER Note You can always use the domain name setup zyxel to access the Web Configurator whether the Switch is using a DHCP assigned IP or static IP address This requires your PC to be directly connected to the Switch Make sure your PC can connect to a DNS server via the switch If the Switc...

Страница 41: ...n a new tab or window The NCC is a cloud based network management system that allows you to remotely manage and monitor the Switch See the Section on page 20 for information on changing your Switch to Nebula Cloud management Figure 22 Visit Nebula 5 Alternatively click Login to log into the Web Configurator to manage the Switch directly The default user name is admin and associated default passwor...

Страница 42: ...up Wizard screen will overwrite the existing settings Otherwise click the Exit button You can select the Ignore this wizard next time check box and click Apply Save if you do not want the Setup Wizard screen to appear the next time you log in If you want to open the Setup Wizard screen later click the Wizard icon in the upper right hand corner of the Web Configurator Figure 23 Web Configurator Wiz...

Страница 43: ...th the admin user name You cannot change the default administrator user name Old Password Enter the existing system password 1234 is the default password when shipped New Password Enter your new system password Up to 32 characters are allowed for the new password except space or Retype to confirm Re enter your new system password for confirmation General Setting Use this section to specify the SNM...

Страница 44: ...4 bit versions Windows 8 1 both 32 bit 64 bit versions Windows 10 both 32 bit 64 bit versions Note To check for your Windows operating system version right click on My Computer Properties on your computer You should see this information in the General tab Get Community Enter the Get Community string which is the password for the incoming Get and GetNext requests from the management station The Get...

Страница 45: ...ility you will see if your device and firmware version support the ZON Utility Click the OK button to close this screen Figure 26 Supported Devices and Versions If you want to check the supported models and firmware versions later you can click the Show information about ZON icon in the upper right of the screen Then select the Supported model and firmware version link If your device is not listed...

Страница 46: ...lity Screen 3 Select a network adapter to which your supported devices are connected Figure 28 Network Adapter 4 Click the Go button for the ZON Utility to discover all supported devices in your network Figure 29 Discovery 5 The ZON Utility screen shows the devices discovered ...

Страница 47: ...restart the selected devices This may be useful when troubleshooting or upgrading new firmware 4 Reset Configuration to Default Use this icon to reload the factory default configuration file This means that you will lose all previous configurations 5 Locator LED Use this icon to locate the selected device by causing its Locator LED to blink 6 Web GUI Use this to access the selected device Web Conf...

Страница 48: ...eld displays an icon of the kind of device discovered Model This field displays the model name of the discovered device Firmware Version This field displays the firmware version of the discovered device MAC Address This field displays the MAC address of the discovered device IP Address This field displays the IP address of an internal interface on the discovered device that first received a ZDP di...

Страница 49: ...ring to set a new host name The host name should not contain or IP Interface Select DHCP Client if the Switch is connected to a router with the DHCP server enabled You then need to check the router for the IP address assigned to the Switch in order to access the Switch s Web Configurator again Select Static IP Address when the Switch is NOT connected to a router or you want to assign it a fixed IP...

Страница 50: ...ad of an IP address Next Click Next to show the next screen Cancel Click Cancel to exit this screen without saving Table 11 Wizard Basic Step 2 Password LABEL DESCRIPTION Administrator s Password Current password Type the existing system password 1234 is the default password when shipped New password Enter your new system password Up to 32 characters are allowed for the new password except space o...

Страница 51: ...management station The Get Community string is only used by SNMP managers using SNMP version 2c or lower Set Community Enter the Set Community string which is the password for the incoming Set requests from the management station The Set Community string is only used by SNMP managers using SNMP version 2c or lower Trap Community Enter the Trap Community string which is the password sent with each ...

Страница 52: ...mbers of a trunk group Select LACP if the ports are configured to join a trunk group through LACP Previous Click Previous to show the previous screen Next Click Next to show the next screen Cancel Click Cancel to exit this screen without saving Table 13 Wizard Basic Step 4 Summary LABEL DESCRIPTION Setup IP Host Name This field displays a host name IP Interface This field displays whether the WAN ...

Страница 53: ...s password and activate SNMP New Password This field displays asterisks when a new password has been created SNMP This field displays whether the Switch acts as an SNMP agent Version This field displays the SNMP version for the Switch Get Community This field displays the Get Community string Set Community This field displays the Set Community string Trap Community This field displays the Trap Com...

Страница 54: ...e After clicking Next the Broadcast Storm Control screen appears Table 14 Wizard Protection Step 1 Loop Guard LABEL DESCRIPTION Loop Guard Select all ports Select all ports to enable the loop guard feature on all ports You can select a port by clicking it Next Click Next to show the next screen Cancel Click Cancel to exit this screen without saving ...

Страница 55: ... Wizard Protection Step 2 Broadcast Storm Control LABEL DESCRIPTION Broadcast Storm Control Select all ports Select all ports to apply settings on all ports You can select a port by clicking it Broadcast pkt s Specify how many broadcast packets the port receives per second Previous Click Previous to show the previous screen Next Click Next to show the next screen Cancel Click Cancel to exit this s...

Страница 56: ...Step 3 Summary LABEL DESCRIPTION Summary Loop Guard If the loop guard feature is enabled on a port the Switch will prevent loops on this port Broadcast Storm Control If the broadcast storm control feature is enabled on a port the number of broadcast packets the Switch receives per second will be limited on this port Previous Click Previous to show the previous screen Finish Review the information ...

Страница 57: ...SCRIPTION VLAN Setting Default VLAN 1 Access Untagged port After you create a VLAN and select the VLAN ID from the drop down list box select ports and use the right arrow to add them as the untagged ports to a VLAN group VLAN member port VLAN Type a number between 2 and 4094 to create a VLAN Trunk Tagged port Select ports and use the downward arrow to add them as the tagged ports to the VLAN group...

Страница 58: ...icking it High Select ports and click the High button so they will have high priority The port s IEEE 802 1p priority level will be set to 5 Use the Basic Setting Port Setup screen to adjust the value Medium Select ports and click the Medium button and so they will have medium priority The port s IEEE 802 1p priority level will be set to 3 Use the Basic Setting Port Setup screen to adjust the valu...

Страница 59: ... Click this link to save your configuration into the Switch s non volatile memory Non volatile memory is the configuration of your Switch that stays the same even if the Switch s power is turned off D Click this link to go to the status page of the Switch E Click this icon to open the wizard screen where you can configure the Switch s IP login password SNMP community link aggregation and so on F C...

Страница 60: ...tion Panel Sub links Overview BASIC SETTING ADVANCED APPLICATION IP APPLICATION MANAGEMENT Table 20 Navigation Panel Links LINK DESCRIPTION Basic Setting System Info This link takes you to a screen that displays general system information General Setup This link takes you to a screen where you can configure general identification information about the Switch Switch Setup This link takes you to a s...

Страница 61: ... to screens where you can copy traffic from one port or ports to another port in order that you can examine the traffic from the first port without interference Link Aggregation This link takes you to screens where you can logically aggregate physical links to form one logical higher bandwidth link Port Security This link takes you to a screen where you can activate MAC address learning and set th...

Страница 62: ...n System Log This link takes you to a screen where you can view system logs Syslog Setup This link takes you to a screen where you can setup system logs and a system log server Cluster Management This link takes you to screens where you can configure clustering management and view its status MAC Table This link takes you to a screen where you can view the MAC addresses and types of devices attache...

Страница 63: ... as a member The CPU port is the management port of the Switch 3 Filter all traffic to the CPU port 4 Disable all ports 5 Misconfigure the text configuration file 6 Forget the password and or IP address 7 Prevent all services from accessing the Switch 8 Change a service port number but forget it 9 You forgot to log out of the Switch from a computer before logging in again on another computer Note ...

Страница 64: ...have to log in with your password again after you log out This is recommended after you finish a management session for security reasons Figure 43 Web Configurator Logout Screen 4 10 Help The Web Configurator s online help has descriptions of individual screens and some supplementary information Click the Help link from a Web Configurator screen to view an online help description of that screen ...

Страница 65: ...Set Port VID Configure Switch Management IP Address 5 1 1 Create a VLAN VLANs confine broadcast frames to the VLAN group in which the ports belongs You can do this with port based VLAN or tagged static VLAN with fixed port members In this example you want to configure port 1 as a member of VLAN 2 Figure 44 Initial Setup Network Example VLAN 1 Click Advanced Application VLAN VLAN Configuration in t...

Страница 66: ...network is connected to port 1 on the Switch select Fixed to configure port 1 to be a permanent member of the VLAN only 4 To ensure that VLAN unaware devices such as computers and hubs can receive frames properly clear the TX Tagging check box to set the Switch to remove VLAN tags before sending 5 Click Add to save the settings to the run time memory Settings in the run time memory are lost when t...

Страница 67: ...panel Then click the VLAN Port Setup link 2 Enter 2 in the PVID field for port 1 and click Apply to save your changes back to the run time memory Settings in the run time memory are lost when the Switch s power is turned off 5 1 3 Configure Switch Management IP Address If the Switch fails to obtain an IP address from a DHCP server the Switch will use 192 168 1 1 as the management IP address You ca...

Страница 68: ... sure your computer is in the same subnet as the Switch 2 Open your web browser and enter 192 168 1 1 the default IP address in the address bar to access the Web Configurator See Section 4 2 on page 40 for more information 3 Click Basic Setting IP Setup IP Configuration in the navigation panel 4 Configure the related fields in the IP Setup screen ...

Страница 69: ... 0 as the subnet mask 6 In the VID field enter the ID of the VLAN group to which you want this management IP address to belong This is the same as the VLAN ID you configure in the Static VLAN screen 7 Click Add to save your changes back to the run time memory Settings in the run time memory are lost when the Switch s power is turned off ...

Страница 70: ... IP addresses to all devices in VLAN network V Create a VLAN containing ports 4 5 and 6 Connect a computer M to the Switch for management Figure 47 Tutorial DHCP Snooping Tutorial Overview The settings in this tutorial are as the following 1 Access the Switch through http 192 168 1 1 by default Log into the Switch by entering the user name default admin and password default 1234 Table 21 Tutorial ...

Страница 71: ...rol field as shown Figure 48 Tutorial Create a VLAN and Add Ports to It 3 Go to Advanced Application VLAN VLAN Configuration VLAN Port Setup and set the PVID of the ports 4 5 and 6 to 100 This tags untagged incoming frames on ports 4 5 and 6 with the tag 100 Figure 49 Tutorial Tag Untagged Frames 4 Go to Advanced Application DHCP Snooping Configure activate and specify VLAN 100 as the DHCP VLAN as...

Страница 72: ...because they are connected to DHCP clients Click Apply Figure 51 Tutorial Set the DHCP Server Port to Trusted 7 Go to Advanced Application DHCP Snooping Configure VLAN show VLAN 100 by entering 100 in the VLAN Search by VID field and click Search Then select Yes in the Enabled field of the VLAN 100 entry shown at the bottom section of the screen Click Apply If you want to add more information in t...

Страница 73: ...the DHCP snooping binding table as shown next 6 3 How to Use DHCPv4 Relay on the Switch This tutorial describes how to configure your Switch to forward DHCP client requests to a specific DHCP server The DHCP server can then assign a specific IP address based on the information in the DHCP requests 6 3 1 DHCP Relay Tutorial Introduction In this example you have configured your DHCP server 192 168 2...

Страница 74: ...memory Figure 54 Tutorial Set VLAN Type to 802 1Q 3 Click Advanced Application VLAN VLAN Configuration Static VLAN Setup 4 In the Static VLAN screen select ACTIVE enter a descriptive name VLAN 102 for example in the Name field and enter 102 in the VLAN Group ID field 5 Select Fixed to configure port 2 to be a permanent member of this VLAN 6 Clear the TX Tagging check box to set the Switch to remov...

Страница 75: ...the VLAN Port Setup link in the VLAN Configuration screen Figure 56 Tutorial Click the VLAN Port Setting Link 9 Enter 102 in the PVID field for port 2 to add a tag to incoming untagged frames received on that port so that the frames are forwarded to the VLAN group that the tag defines 10 Click Apply to save your changes back to the run time memory ...

Страница 76: ...al link to open the DHCP Relay screen 2 Select the Active check box 3 Enter the DHCP server s IP address 192 168 2 3 in this example in the Remote DHCP Server 1 field 4 Select default1 or default2 in the Option 82 Profile field 5 Click Apply to save your changes back to the run time memory Figure 58 Tutorial Set DHCP Server and Relay Information 6 Click the Save link in the upper right of the Web ...

Страница 77: ... Client A is connected to the Switch s port 2 in VLAN 102 2 You configured the correct VLAN ID port number and system name for DHCP relay on both the DHCP server and the Switch 3 You clicked the Save link on the Switch to have your settings take effect ...

Страница 78: ...u can also display other status screens for more information Use the Neighbor screen Section 7 2 1 on page 81 to view a summary and manage Switch s neighbor devices Use the Neighbor Detail screen Section 7 2 2 on page 82 to view more detailed information on the Switch s neighbor devices 7 2 Status The Status screen displays when you log into the Switch or click Status at the top right of the Web C...

Страница 79: ... Firmware Version This field displays the version number and date of the firmware the Switch is currently running System Time This field displays the current date and time in the UAG The format is mm dd yyyy hh mm ss Serial Number This field displays the serial number of this Switch The serial number is used for device tracking and control System Up Time This field displays how long the Switch has...

Страница 80: ... the firmware the Switch is currently running Ethernet Address This field refers to the Ethernet MAC Media Access Control address of the Switch CPU Utilization CPU utilization quantifies how busy the system is Current displays the current percentage of CPU utilization Memory Utilization Memory utilization shows how much DRAM memory is available and in use It also displays the current percentage of...

Страница 81: ...r the switch button to go to the Basic Setting Cloud Management screen You can enable disable NCC Discovery or view the NCC connection status in the Cloud Management screen 1 Internet Green The Switch is connected to the Internet Orange The Switch is not connected to the Internet 2 Nebula Green The Switch is connected to NCC Orange The Switch is not connected to NCC 3 Registration Green The Switch...

Страница 82: ... within the power budget of the Switch System Name This shows the system name of the neighbor device IPv4 This shows the IPv4 address of the neighbor device The IPv4 address is a hyper link that you can click to log into and manage the neighbor device through its Web Configurator IPv6 This shows the IPv6 address of the neighbor device The IPv6 address is a hyper link that you can click to log into...

Страница 83: ...n button from 5 to 0 starts Note The Switch must support power sourcing PSE or the network device is a powered device PD Remote System Name This shows the system name of the neighbor device Model This shows the model name of the neighbor device This field will show for devices that do not support the ZON utility Firmware This shows the firmware version of the neighbor device This field will show f...

Страница 84: ... warning message Are you sure you want to load factory default appears prompting you to confirm the action After confirming the action a count down button from 5 to 0 starts Note The Switch must support power sourcing PSE or the network device is a powered device PD If multiple neighbor devices use the same port the Reset button is not available You can only reset Zyxel powered devices that suppor...

Страница 85: ...Switch IP address default gateway device management VLAN ID and proxy server Use the Port Setup screen Section 8 6 on page 96 to configure Switch port settings Use the PoE Setup screens Section 8 7 on page 97 to view the current amount of power that PDs are receiving from the Switch and set the priority levels for the Switch in distributing power to PDs This screen is available for PoE models only...

Страница 86: ... support information in the website ZyNOS F W Version This field displays the version number of the Switch s current firmware including the date created Ethernet Address This field refers to the Ethernet MAC Media Access Control address of the Switch CPU Utilization CPU utilization quantifies how busy the system is Current displays the current percentage of CPU utilization Memory Utilization Memor...

Страница 87: ...e main differences between them are the time format When you select the Daytime RFC 867 format the Switch displays the day month year and time with no time zone adjustment When you use this format it is recommended that you use a Daytime timeserver within your geographical time zone Time RFC 868 format displays a 4 byte integer giving the total number of seconds since 1970 1 1 at 0 0 0 NTP RFC 130...

Страница 88: ...n the second Sunday of March Each time zone in the United States starts using Daylight Saving Time at 2 A M local time So in the United States you would select Second Sunday March and 2 00 Daylight Saving Time starts in the European Union on the last Sunday of March All of the time zones in the European Union start using Daylight Saving Time at the same moment 1 A M GMT or UTC So in the European U...

Страница 89: ...this screen Figure 64 Basic Setting Switch Setup The following table describes the labels in this screen Table 27 Basic Setting Switch Setup LABEL DESCRIPTION VLAN Type Choose 802 1Q or Port Based The Advanced Application VLAN Setup screen changes depending on whether you choose 802 1Q VLAN type or Port Based VLAN type in this screen MAC Address Learning MAC address learning reduces outgoing traff...

Страница 90: ...eight priority levels On the Switch traffic assigned to higher index queues gets through faster while traffic in lower index queues is dropped if the network is congested Priority Level The following descriptions are based on the traffic types defined in the IEEE 802 1d standard which incorporates the 802 1p To map a priority level to a physical queue select a physical queue from the drop down men...

Страница 91: ... Server This field displays the IP address of the DNS server Source This field displays whether the DNS server address is configured manually Static or obtained automatically using DHCPv4 Note If DNS server is not configured or configuration is deleted the system automatically uses the default Backup server IP Interface Index This field displays the index number of an entry IP Address This field d...

Страница 92: ...entification number to which an IP routing domain belongs IP Address This is the IP address of your Switch in dotted decimal notation for example 192 168 1 1 IP Subnet Mask This is the IP subnet mask of your Switch in dotted decimal notation for example 255 255 255 0 Lease Time This displays the length of time in seconds that this interface can use the current dynamic IP address from the DHCP serv...

Страница 93: ...e primary and secondary DNS servers assigned by the DHCP server 0 0 0 0 means no DNS server is assigned Table 30 Basic Setting IP Setup IP Status Details DHCP continued LABEL DESCRIPTION Table 31 Basic Setting IP Setup IP Configuration LABEL DESCRIPTION Domain Name Server 1 2 Enter a domain name server IPv4 address in order to be able to use a domain name instead of an IP address Default Managemen...

Страница 94: ...igation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to your previous configuration Management IP Address Use these fields to set the settings for the management port IP Address Enter the IP address for managing the Switch by the members of the VLAN specified in the VID field below IP Subnet Mask Enter the IP subnet mas...

Страница 95: ...a proxy server Server Enter the IP address dotted decimal notation or host name of the proxy server When entering the host name up to 128 alphanumeric characters are allowed for the Server except or Port Enter the port number of the proxy server 1 65535 Authentication Select this option to enable proxy server authentication using a Username and Password Username Enter a login user name from the pr...

Страница 96: ...single byte printable characters except or Note Due to space limitations the port name may be truncated in some Web Configurator screens Speed Duplex Select the speed and the duplex mode of the Ethernet connection on this port Choices are Auto 10 an 10M auto negotiation 10M Half Duplex 10M Full Duplex 100 an 100M auto negotiation 100M Half Duplex 100M Full Duplex and 1G Full Duplex Selecting Auto ...

Страница 97: ...ws buffer memory causing packet discards and frame losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The Switch uses IEEE 802 3x flow control in full duplex mode and backpressure flow control in half duplex mode IEEE 802 3x flow control is used in full duplex mode to send a pause signal to the sending port causing it to temporarily stop se...

Страница 98: ...ured in Basic Setting PoE Setup PoE Setup PoE Usage Threshold This field displays the percentage of PoE usage The Switch will generate a trap and or a log when the usage exceeds the specified threshold Consuming Power W This field displays the amount of power the Switch is currently supplying to the connected PoE enabled devices Allocated Power W This field displays the total amount of power the S...

Страница 99: ...tal PoE power budget on the Switch you can set the priority to allow the Switch to provide power to ports with higher priority first Critical has the highest priority High has the Switch assign power to the port after all critical priority ports are served Low has the Switch assign power to the port after all critical and high priority ports are served Power Up This field displays the PoE standard...

Страница 100: ...to provide power on the port To select more than one schedule press SHIFT and select the choices at the same time Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Clear Click Clear to c...

Страница 101: ...Chapter 8 Basic Setting GS1915 Series User s Guide 101 Figure 75 Basic Setting PoE Setup PoE Setup ...

Страница 102: ...he PoE usage threshold Situation 3 Trap sent if total usage power decreases below the PoE usage threshold only if previous total power usage exceeded the PoE usage threshold and a trap was sent Note If the MIB Trap is ON you must also configure SNMP trap destination Management Access Control SNMP SNMP trap group Management Access Control SNMP Trap Group and SNMP trap port Management Access Control...

Страница 103: ...at High Power over Ethernet standard and can supply power of up to 30 W per Ethernet port IEEE 802 3at is also known as PoE or PoE Plus An IEEE 802 3at compatible device is referred to as Type 2 Power Class 4 High Power can only be used by Type 2 devices If the connected PD requires a Class 4 current when it is turned on it will be powered up in this mode Force 802 3at the Switch offers power of u...

Страница 104: ...ation VLAN screens Add Click this to create a new entry This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to your previous configuration Index This field display...

Страница 105: ...reen opens Table 38 Basic Setting IPv6 LABEL DESCRIPTION IPv6 Status Domain Name Server This field displays the IP address of the DNS server Source This field displays whether the DNS server address is configured manually Static or obtained automatically using DHCPv6 IPv6 Table Index This field displays the index number of an IPv6 interface Click on an index number to view more interface details I...

Страница 106: ...s of up to the bucket size can be transmitted 0 means no limit Stateless Address Autoconfig This field displays whether the Switch s interface can automatically generate a link local address through stateless auto configuration Link Local Address This field displays the Switch s link local IP address and prefix generated by the interface It also shows whether the IP address is preferred which mean...

Страница 107: ... but an IA_TA option does not The DHCPv6 server uses T1 and T2 to control the time at which the client contacts with the server to extend the lifetimes on any addresses in the IA_NA before the lifetimes expire T2 This field displays the DHCPv6 T2 timer If the time T2 is reached and the server does not respond the Switch sends a Rebind message to any available server State This field displays the s...

Страница 108: ...e Switch IPv6 Interface Setup Click the link to go to a screen where you can enable an IPv6 interface on the Switch IPv6 Addressing IPv6 Link Local Address Setup Click the link to go to a screen where you can configure the IPv6 link local address for an interface IPv6 Global Address Setup Click the link to go to a screen where you can configure the IPv6 global address for an interface IPv6 Neighbo...

Страница 109: ...o the bucket size can be transmitted 0 means no limit Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Clear Click Clear to r...

Страница 110: ... LABEL DESCRIPTION Table 43 Basic Setting IPv6 IPv6 Configuration IPv6 Link Local Address Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure Link Local Address Manually configure a static IPv6 link local address for the interface Default Gateway Set the default gateway IPv6 address for the interface When an interface cannot find a routing information for a frame s de...

Страница 111: ...me Server values in this screen to their last saved values Interface Select the IPv6 interface you want to configure IPv6 Global Address Manually configure a static IPv6 global address for the interface Prefix Length Specify an IPv6 prefix length that specifies how many most significant bits start from the left in the address compose the network address EUI 64 Select this option to have the interf...

Страница 112: ...ou want to configure DAD Attempts The Switch uses Duplicate Address Detection DAD with neighbor solicitation and advertisement messages to check whether an IPv6 address is already in use before assigning it to an interface Specify the number of consecutive neighbor solicitations from 0 to 600 the Switch sends for this interface Enter 0 to turn off DAD NS Interval Specify the time interval from 100...

Страница 113: ... supports the VLAN interface type for IPv6 at the time of writing Interface ID Specify a unique identification number from 1 to 4094 for the interface A static IPv6 neighbor entry displays in the Management IPv6 Neighbor Table screen only when the interface ID is also created in the Basic Setup Interface Setup screen To have IPv6 function properly you should configure a static VLAN with the same I...

Страница 114: ...hbor Setup continued LABEL DESCRIPTION Table 47 Basic Setting IPv6 IPv6 Configuration DHCPv6 Client Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure IA Type Select IA NA to set the Switch to get a non temporary IP address from the DHCPv6 server for this interface Optionally you can also select Rapid Commit to have the Switch send its DHCPv6 Solicit message with a R...

Страница 115: ...e factory defaults Index This is the interface index number Click an index number to change the settings Interface This is the name of the IPv6 interface you created IA NA This field displays whether the Switch obtains a non temporary IP address from the DHCPv6 server Rapid Commit This field displays whether the Switch obtains information from the DHCPv6 server by a rapid two message exchange DNS ...

Страница 116: ...d Management LABEL DESCRIPTION Nebula Control Center NCC Discovery Select this to turn on NCC discovery on the Switch Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring ...

Страница 117: ... number and MAC address for handy NCC registration of the Switch using the Nebula Mobile app First download the app from the Google Play store for Android devices or the App Store for iOS devices and create an organization and site Cancel Click Cancel to begin configuring this screen afresh Connection Status This field displays The Switch Internet connection status The connection status between th...

Страница 118: ... the Switch when you change ports The Switch will forward the packets based on the source MAC address you set up previously Use the Vendor ID Based VLAN Setup screen Section 9 9 on page 128 to set up VLANs that allow you to group untagged packets into logical VLANs based on the source MAC address of the packet You can specify a mask for the MAC address to create a MAC address filter and enter a we...

Страница 119: ...ch first decides where to forward the frame and then inserts a VLAN tag reflecting the ingress port s default VID The default PVID is VLAN 1 for all ports but this can be changed A broadcast frame or a multicast frame for a multicast group that is known by the system is duplicated only on ports that are members of the VID except the ingress port itself thus confining the broadcast to a specific do...

Страница 120: ...ing Switch Setup screen Figure 89 Basic Setting Switch Setup Select VLAN Type 802 1Q Static VLAN Make sure 802 1Q is selected in the Basic Setting Switch Setup screen Use a static VLAN to decide whether an incoming frame on a port should be sent to a VLAN group as normal depending on its VLAN tag sent to a group whether it has a VLAN tag or not blocked from a VLAN group regardless of its VLAN tag ...

Страница 121: ...he Switch The Number of Search Results This is the number of VLANs that match the searching criteria and display in the list below This field displays only when you use the Search button to look for certain VLANs Index This is the VLAN index number Click an index number to view more VLAN details VID This is the VLAN identification number that was configured in the corresponding VLAN configuration ...

Страница 122: ...ber This column displays the ports that are participating in a VLAN A tagged port is marked as T an untagged port is marked as U and ports not participating in a VLAN are marked as Elapsed Time This field shows how long it has been since a normal VLAN was registered or a static VLAN was set up Status This field shows how this VLAN was added to the Switch Static added as a permanent entry Table 51 ...

Страница 123: ...ists of up to 64 printable characters The string should not contain or VLAN Group ID Enter the VLAN ID for this static entry the valid range is between 1 and 4094 Note Do NOT add a VLAN ID that has been used in the Voice VLAN Setup Port The port number identifies the port you are configuring Settings in this row apply to all ports Use this row only if you want to make some settings the same for al...

Страница 124: ...rned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Clear Click Clear to start configuring the screen again VID This field displays the ID number of the VLAN group Click the number to edit the VLAN settings Active This field indicates whethe...

Страница 125: ...elected the Switch discards incoming frames on a port for VLANs that do not include this port in its member set Clear this check box to disable ingress filtering PVID A PVID Port VLAN ID is a tag that adds to incoming untagged frames received on a port so that the frames are forwarded to the VLAN group that the tag defines Enter a number between 1and 4094 as the port VLAN ID Acceptable Frame Type ...

Страница 126: ...alue you assign the higher the priority for this voice traffic Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this section afresh Clear Click ...

Страница 127: ...lowing screen Figure 96 Advanced Application VLAN VLAN Configuration MAC Based VLAN Setup Description Enter a description up to 32 characters excluding or for the Voice VLAN device For example Siemens Add Click Add to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your chan...

Страница 128: ... the VLAN Configuration screen to see the following screen Table 55 Advanced Application VLAN VLAN Configuration MAC Based VLAN Setup LABEL DESCRIPTION Name Enter a name up to 32 alphanumeric characters excluding or for the MAC based VLAN entry MAC Address Enter a MAC address that is bind to the MAC based VLAN entry This is the source MAC address of the data packet that is looked up when untagged ...

Страница 129: ...at is associated with the vendor ID based VLAN entry Priority Select the priority level that the Switch assigns to frames belonging to this VLAN The higher the numeric value you assign the higher the priority for this vendor ID based VLAN entry Weight Enter a number between 0 and 255 to specify the rule s weight This is to decide the priority in which the rule is applied The higher the number the ...

Страница 130: ...to the Switch on which they were created Note When you activate port based VLAN the Switch uses a default VLAN ID of 1 You cannot change it Note In screens such as IP Setup and Filtering that require a VID you must enter 1 as the VID The port based VLAN setup screen is shown next The CPU management port forms a VLAN with all Ethernet ports 9 10 1 Configure a Port Based VLAN Select Port Based as th...

Страница 131: ...Chapter 9 VLAN GS1915 Series User s Guide 131 Figure 98 Advanced Application VLAN Port Based VLAN Setup All Connected Figure 99 Advanced Application VLAN Port Based VLAN Setup Port Isolation ...

Страница 132: ...that is a port through which a data packet enters If you wish to allow two subscriber ports to talk to each other you must define the ingress port for both ports The numbers in the top row denote the incoming port for the corresponding port listed on the left its outgoing port CPU refers to the Switch management port By default it forms a VLAN with all Ethernet ports If it does not form a VLAN wit...

Страница 133: ...e Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table Static MAC addresses do not age out When you set up static MAC address rules you are setting static MAC addresses for a port This may reduce the need for broadcasting Static MAC address forwarding together with port security allow only computers in the MAC address table on a port to a...

Страница 134: ... the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to their last saved values Clear Click Clear to begin configuring this screen afresh Index Click an index number to modify a static MAC address rule for a port Active This field displays whether this static MAC address forwarding rule is a...

Страница 135: ... table This identifies the destination of the multicast content Multicast IPv4 addresses uses the Class D IP addresses range 224 0 0 0 to 239 255 255 255 Multicast MAC addresses have a 1 as the last binary bit of the first octet pair for example 01 00 5e 00 00 0A Static multicast addresses do not age out See IP Multicast Addresses on page 167 for more information on IP multicast addresses Note Sta...

Страница 136: ...without deleting it by clearing this check box Name Enter a descriptive name up to 32 single byte printable characters except or for this static multicast MAC address forwarding rule This is for identification only MAC Address Enter a multicast MAC address which identifies the multicast group The last binary bit of the first octet pair in a multicast MAC address must be 1 For example the first oct...

Страница 137: ...address rule for ports Active This field displays whether a static multicast MAC address forwarding rule is active Yes or not No You may temporarily deactivate a rule without deleting it Name This field displays the descriptive name for identification purposes for a static multicast MAC address forwarding rule MAC Address This field displays the multicast MAC address that identifies a multicast gr...

Страница 138: ...urce and or destination MAC addresses and VLAN group ID 12 1 1 What You Can Do Use the Filtering screen Section 12 2 on page 138 to create rules for traffic going through the Switch 12 2 Configure a Filtering Rule Use this screen to create rules for traffic going through the Switch Click Advanced Application Filtering in the navigation panel to display the screen as shown next Figure 103 Advanced ...

Страница 139: ...r to update an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to your previous configuration Clear Click Clear to clear the fields to the factory...

Страница 140: ... R STP compliant switches in your network to ensure that only one path exists between any two stations on the network The Switch uses IEEE 802 1w RSTP Rapid Spanning Tree Protocol that allows faster convergence of the spanning tree than STP while also being backwards compatible with STP only aware bridges In RSTP topology change information is directly propagated throughout the network from the de...

Страница 141: ...ts transmitted from the root bridge If a bridge does not get a Hello BPDU after a predefined interval Max Age the bridge assumes that the link to the root bridge is down This bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology STP Port States STP assigns five port states to eliminate packet looping A bridge port is not allowed t...

Страница 142: ...t and Our Bridge if the Switch is the root switch Hello Time second This is the time interval in seconds at which the root switch transmits a configuration message The root bridge determines Hello Time Max Age and Forwarding Delay Max Age second This is the maximum time in seconds the Switch can wait without receiving a configuration message before attempting to reconfigure Forwarding Delay second...

Страница 143: ...o the LAN segment All the ports on a root bridge root switch are designated ports Alternate A blocked port which has a best alternate path to the root bridge This path is different from using the root port The port moves to the forwarding state when the designated port for the LAN segment fails Backup A blocked port which has a backup or redundant path to a LAN segment where a designated port is a...

Страница 144: ... the time interval in seconds between BPDU Bridge Protocol Data Units configuration message generations by the root switch The allowed range is 1 to 10 seconds Max Age This is the maximum time in seconds the Switch can wait without receiving a BPDU before attempting to reconfigure All Switch ports except for designated ports should receive BPDUs at regular intervals Any port that ages out STP info...

Страница 145: ...t becomes a non edge port as soon as it receives a Bridge Protocol Data Unit BPDU Priority Configure the priority for each port here Priority decides which port should be disabled when more than one port forms a loop in a switch Ports with a higher priority numeric value are disabled first The allowed range is between 0 and 255 and the default value is 128 Path Cost Path cost is the cost of transm...

Страница 146: ...fining a maximum allowable bandwidth for incoming and or out going traffic flows on a port 14 1 1 What You Can Do Use the Bandwidth Control screen Section 14 2 on page 146 to limit the bandwidth for traffic going through the Switch 14 2 Bandwidth Control Setup Click Advanced Application Bandwidth Control in the navigation panel to bring up the screen as shown next Figure 106 Advanced Application B...

Страница 147: ... as you make them Active Select this check box to activate ingress rate limits on this port Ingress Rate Specify the maximum bandwidth allowed in kilobits per second Kbps for the incoming traffic flow on a port Note Ingress rate bandwidth control applies to layer 2 traffic only Active Select this check box to activate egress rate limits on this port Egress Rate Specify the maximum bandwidth allowe...

Страница 148: ... and or DLF packets is reached per second the subsequent packets are discarded Enable this feature to reduce broadcast multicast and or DLF packets in your network You can specify limits for each packet type on each port 15 1 1 What You Can Do Use the Broadcast Storm Control screen Section 15 2 on page 148 to limit the number of broadcast multicast and destination lookup failure DLF packets the Sw...

Страница 149: ...tments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Broadcast pkt s Select this option and specify how many broadcast packets the port receives per second Multicast pkt s Select this option and specify how many multicast packets the port receives per second DLF pkt s Select this option and specify how many destination lookup failure DLF pack...

Страница 150: ...to a monitor port the port you copy the traffic to in order that you can examine the traffic from the monitor port without interference 16 2 Port Mirroring Setup Click Advanced Application Mirroring in the navigation panel to display the Mirroring screen Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port Figure 108 Advanced Application Mirroring ...

Страница 151: ...rts Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Mirrored Select this option to mirror the traffic on a port Direction Specify the direction of the traffic to mirror by selecting from the drop dow...

Страница 152: ... transmitting data as one logical link in the trunk group and so on Use the Link Aggregation Setting screen Section 17 3 on page 154 to configure static link aggregation Use the Link Aggregation Control Protocol screen Section 17 3 1 on page 156 to enable Link Aggregation Control Protocol LACP 17 1 2 What You Need to Know The Switch supports both static and dynamic link aggregation Note In a prope...

Страница 153: ...pology loops Link Aggregation ID LACP aggregation ID consists of the following information1 17 2 Link Aggregation Status Click Advanced Application Link Aggregation in the navigation panel The Link Aggregation Status screen displays by default See Section 17 1 on page 152 for more information Figure 109 Advanced Application Link Aggregation Status Table 68 Link Aggregation ID Local Switch SYSTEM P...

Страница 154: ...ity and port number The ID displays only when there is a port belonging to this trunk group and LACP is also enabled for this group Criteria This shows the outgoing traffic distribution algorithm used in this trunk group Packets from the same source and or to the same destination are sent over the same link within the trunk src mac means the Switch distributes traffic based on the packet s source ...

Страница 155: ...outer the packet s destination or source MAC address will be changed In this case set the Switch to distribute traffic based on its IP address to make sure port trunking can work properly Select src mac to distribute traffic based on the packet s source MAC address Select dst mac to distribute traffic based on the packet s destination MAC address Select src dst mac to distribute traffic based on a...

Страница 156: ... the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 71 Advanced Application Link Aggregation Link Aggregation Setting continued LABEL DESCRIPTION Table 72 Advanced...

Страница 157: ...P Active Select this option to enable LACP for a trunk Port This field displays the port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them LACP Timeout Ti...

Страница 158: ...k Aggregation Setting In this screen activate trunk group T1 select the traffic distribution algorithm used by this group and select the ports that should belong to this group as shown in the figure below Click Apply when you are done Figure 113 Trunking Example Configuration Screen Your trunk group 1 T1 configuration is now complete ...

Страница 159: ...dresses in total with no limit on individual ports other than the sum cannot exceed 8k For maximum port security enable this feature disable MAC address learning and configure static MAC addresses for a port It is not recommended you disable port security together with MAC address learning as this will result in many broadcasts By default MAC address learning is still enabled even though the port ...

Страница 160: ...row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Active Select this check box to enable the port security feature on this port The Switch forwards packets whose MAC addresses is in the MAC address table on this port Packets with no matching MAC addresses are dropped Clear this check ...

Страница 161: ...y The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 73 Advanced Application Port Security continued LABEL DESCRIPTION ...

Страница 162: ...dules One time schedules are effective only once while recurring schedules usually repeat Both types of schedules are based on the current date and time in the Switch 19 1 1 What You Can Do Use the Time Range screen Section 19 2 on page 162 to view or define a schedule on the Switch 19 2 Configuring Time Range Click Advanced Application Time Range in the navigation panel to display the screen as s...

Страница 163: ...elect the day of the week hour and minute when the schedule begins and ends respectively Select the second option if you want to define a recurring schedule for multiple non consecutive time periods You need to select each day of the week the recurring schedule is effective You also need to specify the hour and minute when the schedule begins and ends each day The schedule begins and ends in the s...

Страница 164: ... Q6 empties and then traffic is transmitted on Q5 and so on If higher priority queues never empty then traffic on lower priority queues never gets sent SPQ does not automatically adapt to changing network requirements Weighted Fair Queuing Weighted Fair Queuing is used to guarantee each queue s minimum bandwidth based on its bandwidth weight portion the number you configure in the Weight field whe...

Страница 165: ...d returns to queues that have not yet emptied 20 2 Configuring Queuing Use this screen to set priorities for the queues of the Switch This distributes bandwidth across the different traffic queues Click Advanced Application Queuing Method in the navigation panel Figure 116 Advanced Application Queuing Method The following table describes the labels in this screen Table 75 Advanced Application Queu...

Страница 166: ...ith larger weights get more service than queues with smaller weights Weight When you select WFQ or WRR enter the queue weight here Bandwidth is divided across the different traffic queues according to their weights Hybrid SPQ Lowest Queue This field is applicable only when you select WFQ or WRR Select a queue Q0 to Q7 to have the Switch use SPQ to service the subsequent queues after and including ...

Страница 167: ...nooping screen Section 21 3 1 on page 169 to enable IGMP snooping to forward group multicast traffic only to ports that are members of that group Use the IGMP Snooping VLAN screen Section 21 3 2 on page 171 to perform IGMP snooping on VLANs 21 1 2 What You Need to Know Read on for concepts on Multicasting that can help you configure the screens in this chapter IP Multicast Addresses In IPv4 a mult...

Страница 168: ...s auto mode Alternatively you can specify the VLANs that IGMP snooping should be performed on This is referred to as fixed mode In fixed mode the Switch does not learn multicast group membership of any VLANs other than those explicitly added as an IGMP snooping VLAN 21 2 Multicast Setup Use this screen to configure IGMP for IPv4 Click Advanced Application Multicast in the navigation panel Figure 1...

Страница 169: ...ulticast IPv4 Multicast LABEL DESCRIPTION Index This is the index number of the entry VID This field displays the multicast VLAN ID Port This field displays the port number that belongs to the multicast group Multicast Group This field displays IP multicast group addresses Table 78 Advanced Application Multicast IPv4 Multicast IGMP Snooping LABEL DESCRIPTION IGMP Snooping Use these settings to con...

Страница 170: ...rd a packet with the destination IP address within this range to other networks See the IANA web site for more information The layer 2 multicast MAC addresses used by Cisco layer 2 protocols 01 00 0C CC CC CC and 01 00 0C CC CC CD are also included in this group Specify the action to perform when the Switch receives a frame with a reserved multicast address Select Drop to discard the frames Select...

Страница 171: ...t as an IGMP query port if the port receives IGMP query packets Select Fixed to have the Switch always use the port as an IGMP query port Select this when you connect an IGMP multicast server to the port Select Edge to stop the Switch from using the port as an IGMP query port The Switch will not keep any record of an IGMP router being connected to this port The Switch does not forward IGMP join or...

Страница 172: ...ion of the screen to add VLANs on which the Switch is to perform IGMP snooping Name Enter the descriptive name of the VLAN for identification purposes The string should not contain or VID Enter the ID of a static VLAN the valid range is between 1 and 4094 Add Click this to create a new entry or to update an existing one This saves your changes to the Switch s run time memory The Switch loses these...

Страница 173: ...ds used to authenticate users accessing the Switch and which database the Switch should use first 22 1 2 What You Need to Know Authentication is the process of determining who a user is and validating access to the Switch The Switch can authenticate users who try to log in based on user accounts configured on the Switch itself The Switch can also use an external authentication server to authentica...

Страница 174: ...ed to the memory capacity of the device In essence RADIUS authentication allows you to validate an unlimited number of users from a central location 22 2 AAA Screens The AAA screens allow you to enable authentication and authorization or both of them on the Switch First configure your authentication server settings and then set up the authentication priority activate authorization Click Advanced A...

Страница 175: ...robin to alternate between the RADIUS servers that it sends authentication requests to Timeout Specify the amount of time in seconds that the Switch waits for an authentication request response from the RADIUS server If you are using two RADIUS servers then the timeout value is divided between the two RADIUS servers For example if you set the timeout value to 30 seconds then the Switch waits for a...

Страница 176: ...nting server in dotted decimal notation UDP Port The default port of a RADIUS accounting server for accounting is 1813 You need not change this value unless your network administrator instructs you to do so Shared Secret Specify a password up to 32 alphanumeric characters except or as the key to be shared between the external RADIUS accounting server and the Switch This key is not sent over the ne...

Страница 177: ...or administrator accounts specify them in the Method 2 field Select local to have the Switch check the administrator accounts configured in the Access Control Logins screen Select radius to have the Switch check the administrator accounts configured through your RADIUS server Authorization Use this section to configure authorization settings on the Switch Type Set whether the Switch provides the f...

Страница 178: ...tribute identifying the setting you want to modify Vendor data A value you want to assign to the setting Note Refer to the documentation that comes with your RADIUS server on how to configure VSAs for users authenticating through the RADIUS server The following table describes the VSAs supported on the Switch Broadcast Select this to have the Switch send accounting information to all configured ac...

Страница 179: ...utes used by authentication functions on the Switch In cases where the Table 82 Supported VSAs FUNCTION ATTRIBUTE Ingress Bandwidth Assignment Vendor Id 890 Vendor Type 1 Vendor data ingress rate Kbps in decimal format Egress Bandwidth Assignment Vendor Id 890 Vendor Type 2 Vendor data egress rate Kbps in decimal format Privilege Assignment Vendor ID 890 Vendor Type 3 Vendor Data shell priv lvl N ...

Страница 180: ...d for Authenticating Privilege Access User Name The format of the User Name attribute is enab where is the privilege level 1 14 User Password NAS Identifier NAS IP Address 22 5 3 2 Attributes Used to Login Users User Name User Password NAS Identifier NAS IP Address 22 5 3 3 Attributes Used by the IEEE 802 1x Authentication User Name NAS Identifier NAS IP Address NAS Port NAS Port Type This value i...

Страница 181: ...ur network 23 1 1 What You Can Do Use the DHCP Snooping screen Section 23 2 on page 181 to look at various statistics about the DHCP snooping database Use this DHCP Snooping Configure screen Section 23 3 on page 184 to enable DHCP snooping on the Switch not on specific VLAN specify the VLAN where the default DHCP server is located and configure the DHCP snooping database Use the DHCP Snooping Port...

Страница 182: ...CP Snooping The following table describes the labels in this screen Table 84 Advanced Application DHCP Snooping LABEL DESCRIPTION Database Status This section displays the current settings for the DHCP snooping database You can configure them in the DHCP Snooping Configure screen Agent URL This field displays the location of the DHCP snooping database ...

Страница 183: ...e DHCP snooping database unsuccessfully Last failed reason This field displays the reason the Switch updated the DHCP snooping database unsuccessfully This section displays historical information about the number of times the Switch successfully or unsuccessfully read or updated the DHCP snooping database Total attempts This field displays the number of times the Switch has tried to access the DHC...

Страница 184: ... leases This field displays the number of bindings the Switch ignored because the lease time had already expired Unsupported vlans This field displays the number of bindings the Switch ignored because the VLAN ID does not exist anymore Last ignored time This field displays the last time the Switch ignored any bindings for any reason from the DHCP binding database Total ignored bindings counters Th...

Страница 185: ...ts from different VLAN Select Disable if you do not want the Switch to forward DHCP packets to a specific VLAN Database If Timeout interval is greater than Write delay interval it is possible that the next update is scheduled to occur before the current update has finished successfully or timed out In this case the Switch waits to start the next update until it completes the current one Agent URL ...

Страница 186: ... to load it You can use this to load dynamic bindings from a different DHCP snooping database than the one specified in Agent URL When the Switch loads dynamic bindings from a DHCP snooping database it does not discard the current dynamic bindings first If there is a conflict the Switch keeps the dynamic binding in volatile memory and updates the Binding collisions counter in the DHCP Snooping scr...

Страница 187: ... port Untrusted Trusted ports are connected to DHCP servers or other switches and the Switch discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high Untrusted ports are connected to subscribers and the Switch discards DHCP packets from untrusted ports in the following situations The packet is a DHCP server packet for example OFFER ACK or NACK The source M...

Страница 188: ...Enabled Select Yes to enable DHCP snooping on the VLAN You still have to enable DHCP snooping on the Switch and specify trusted ports Note If DHCP is enabled and there are no trusted ports DHCP requests will not succeed Option 82 Profile Select a pre defined DHCP option 82 profile that the Switch applies to all ports in the specified VLANs The Switch adds the information such as slot number port n...

Страница 189: ... 3 5 and 7 Option 82 Profile Select a pre defined DHCP option 82 profile that the Switch applies to the specified ports in this VLAN The Switch adds the information such as slot number port number VLAN ID and or system name specified in the profile to DHCP requests that it broadcasts to the DHCP VLAN if specified or VLAN You can specify the DHCP VLAN in the DHCP Snooping Configure screen The profi...

Страница 190: ... external TFTP server If you set up the DHCP snooping database the Switch can reload the dynamic bindings from the DHCP snooping database after the Switch restarts You can configure the name and location of the file on the external TFTP server The file has the following format Figure 130 DHCP Snooping Database File Format The initial checksum helps distinguish between the bindings in the latest up...

Страница 191: ...ing for each source VLAN This setting is independent of the DHCP relay settings 23 4 1 4 Configuring DHCP Snooping Follow these steps to configure DHCP snooping on the Switch 1 Enable DHCP snooping on the Switch 2 Enable DHCP snooping on each VLAN and configure DHCP relay option 82 3 Configure trusted and untrusted ports and specify the maximum number of DHCP packets that each port can receive per...

Страница 192: ...on the edge of your network This can occur when a port is connected to a Switch that is in a loop state Loop state occurs as a result of human error It happens when two ports on a switch are connected with the same cable When a switch in loop state sends out broadcast messages the messages loop back to the switch and are re broadcast again and again causing a broadcast storm If a switch not in loo...

Страница 193: ...returns to port N on A The Switch then shuts down port N to ensure that the rest of the network is not affected by the switch in loop state Figure 133 Loop Guard Probe Packet The Switch also shuts down port N if the probe packet returns to switch A on any other port In other words loop guard also protects against standard network loops The following figure illustrates three switches forming a loop...

Страница 194: ...w only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Active Select this check box to enable the loop guard feature on this port The Switch sends broadcast and multicast probe packets from this port to check if the s...

Страница 195: ...op guard or CPU protection allow the Switch to shut down a port or discard specific packets on a port when an error is detected on the port For example if the Switch detects that packets sent out the ports loop back to the Switch the Switch can shut down the ports automatically After that you need to enable the ports or allow the packets on a port manually through the Web Configurator or the comma...

Страница 196: ...to Errdisable Status in the Advanced Application Errdisable screen to display the screen as shown Table 90 Advanced Application Errdisable LABEL DESCRIPTION Errdisable Status Click this link to view whether the Switch detected that control packets exceeded the rate limit configured for a port or a port is disabled according to the feature requirements and what action you configure and related info...

Страница 197: ...et the specified ports to handle ARP BPDU or IGMP packets instead of ignoring them if the ports is in inactive reason mode Errdisable Status Port This is the number of the port on which you want to configure Errdisable Status Cause This displays the type of the control packet received on the port or the feature enabled on the port and causing the Switch to take the specified action Active This fie...

Страница 198: ...rol packets such as BPDU on the port rate limitation The Switch drops the additional control packets the ports has to handle in every one second Rate This field displays how many control packets this port can receive or transmit per second It can be adjusted in CPU Protection 0 means no rate limit Status This field displays the errdisable status Forwarding The Switch is forwarding packets Rate lim...

Страница 199: ...ed to all the ports as soon as you make them Rate Limit pkt s Enter a number from 0 to 256 to specify how many control packets this port can receive or transmit per second 0 means no rate limit You can configure the action that the Switch takes when the limit is exceeded Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or los...

Страница 200: ...o the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 93 Advanced Application Errdisable Errdisable Detect continued LABEL DESCRIPTION Table 94 Advanced Application...

Страница 201: ... to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 94 Advanced Application Errdisable Errdisable Recovery continued LABEL DESCRIPTION ...

Страница 202: ...e sent a WAKE signal is sent to the link partner to return the link to active mode Auto Power Down Auto Power Down turns off almost all functions of the port s physical layer functions when the link is down so the port only uses power to check for a link up pulse from the link partner After the link up pulse is detected the port wakes up from Auto Power Down and operates normally Short Reach Tradi...

Страница 203: ...e same for all ports Use this row first and then make adjustments to each port if necessary Changes in this row are copied to all the ports as soon as you make them EEE Select this to activate Energy Efficient Ethernet on this port Auto Power Down Select this to activate Auto Power Down on this port Short Reach Select this to activate Short Reach on this port Apply Click Apply to save your changes...

Страница 204: ...he form of TLV Type Length Value Device information carried in the received LLDPDUs is stored in the standard MIB The Switch supports these basic management TLVs End of LLDPDU mandatory Chassis ID mandatory Port ID mandatory Time to Live mandatory Port Description optional System Name optional System Description optional System Capabilities optional Management Address optional The Switch also supp...

Страница 205: ...nd easy trouble shooting for mis configured IP addresses There are three classes of endpoint devices that the LLDP MED supports Class I IP Communications Controllers or other communication related servers Class II Voice Gateways Conference Bridges or Media Servers Class III IP Phones PC based Softphones End user Communication Appliances supporting IP Media The following figure shows that with the ...

Страница 206: ...n next Figure 144 Advanced Application LLDP The following table describes the labels in this screen Table 96 Advanced Application LLDP LABEL DESCRIPTION LLDP LLDP Local Status Click here to show a screen with the Switch s LLDP information LLDP Remote Status Click here to show a screen with LLDP information from the neighboring devices LLDP Configuration Click here to show a screen to configure LLD...

Страница 207: ...MED LLDP MED Configuration Click here to show a screen to configure LLDP MED Link Layer Discovery Protocol for Media Endpoint Devices parameters LLDP MED Network Policy Click here to show a screen to configure LLDP MED Link Layer Discovery Protocol for Media Endpoint Devices network policy parameters LLDP MED Location Click here to show a screen to configure LLDP MED Link Layer Discovery Protocol ...

Страница 208: ...itch System Capabilities Supported Bridge System Capabilities Enabled Bridge Management Address TLV The Management Address TLV identifies an address associated with the local LLDP agent that may be used to reach higher layer entities to assist discovery by network management The TLV may also include the system interface number and an object identifier OID that are associated with this management a...

Страница 209: ...GS1915 Series User s Guide 209 Figure 146 Advanced Application LLDP LLDP Local Status LLDP Local Port Status Detail ...

Страница 210: ...ation AN Enabled The current auto negotiation status of the port AN Advertised Capability The auto negotiation capabilities of the port Oper MAU Type The current Medium Attachment Unit MAU type of the port Link Aggregation TLV The Link Aggregation TLV indicates whether the link is capable of being aggregated whether the link is currently in an aggregation and if in an aggregation the port identifi...

Страница 211: ...ocation Identifier Number Table 98 Advanced Application LLDP LLDP Local Status LLDP Local Port Status Detail continued LABEL DESCRIPTION Table 99 Advanced Application LLDP LLDP Remote Status LABEL DESCRIPTION Index The index number shows the number of remote devices that are connected to the Switch Click on an index number to view the detailed LLDP status for this remote device in the LLDP Remote ...

Страница 212: ...rt Status Detail Basic TLV LABEL DESCRIPTION Local Port This displays the number of the Switch s port to which the remote device is connected Basic TLV Chassis ID TLV Chassis ID Subtype this displays how the chassis of the remote device is identified Chassis ID this displays the chassis ID of the remote device The chassis ID is identified by the chassis ID subtype Port ID TLV Port ID Subtype this ...

Страница 213: ...m Capabilities TLV This displays whether the system capabilities are enabled and supported on the remote device System Capabilities Supported System Capabilities Enabled Management Address TLV This displays the management address IPv4 and IPv6 of the remote device Management Address Subtype Management Address Interface Number Subtype Interface Number Object Identifier Table 100 Advanced Applicatio...

Страница 214: ...d Application LLDP LLDP Remote Status LLDP Remote Port Status Detail Dot1 and Dot3 TLV LABEL DESCRIPTION Dot1 TLV Port VLAN ID TLV This displays the VLAN ID of this port on the remote device Port Protocol VLAN ID TLV This displays the IEEE 802 1 Port Protocol VLAN ID TLV which indicates whether the VLAN ID and whether it is enabled and supported on the port of remote Switch which sent the LLDPDU P...

Страница 215: ... negotiation capabilities of the port Oper MAU Type The current Medium Attachment Unit MAU type of the port Link Aggregation TLV The Link Aggregation TLV indicates whether the link is capable of being aggregated whether the link is currently in an aggregation and if in an aggregation the port identification of the aggregation Aggregation Capability The current aggregation capability of the port Ag...

Страница 216: ...Chapter 27 Link Layer Discovery Protocol LLDP GS1915 Series User s Guide 216 Figure 150 Advanced Application LLDP LLDP Remote Status LLDP Remote Port Status Detail MED TLV ...

Страница 217: ...ase LCI latitude and longitude coordinates of the Location Configuration Information LCI Civic LCI IETF Geopriv Civic Address based Location Configuration Information ELIN Emergency Location Identifier Number Inventory TLV The majority of IP Phones lack support of management protocols such as SNMP so LLDP MED inventory TLVs are used to provide their inventory information to the Network Connectivit...

Страница 218: ...ded when its corresponding TTL expires The TTL value is to multiply the TTL multiplier by the LLDP packets transmitting interval Transmit Delay Enter the delay in seconds between successive LLDPDU transmissions initiated by value or status changes in the Switch MIB Reinitialize Delay Enter the number of seconds for LLDP to wait before initializing on a port Apply Click Apply to save your changes t...

Страница 219: ...ile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 103 Advanced Application LLDP LLDP Configuration continued LABEL DESCRIPTION Table 104 Advanced Application LLDP LLDP Configuration Basic TLV Setting LABEL DESCRIPTION Port This displays the Switch s port number Use this row to make the setting the same for all ports Use this row first and th...

Страница 220: ...N Port This displays the Switch s port number Use this row to make the setting the same for all ports Use this row first and then make adjustments to each port if necessary Changes in this row are copied to all the ports as soon as you make them Dot1 TLV Port VLAN ID Select the check boxes to enable or disable the sending of IEEE 802 1 Port VLAN ID TLVs on the ports All check boxes in this column ...

Страница 221: ...all ports simultaneously Use this row to make the setting the same for all ports Use this row first and then make adjustments to each port if necessary Changes in this row are copied to all the ports as soon as you make them Notification Topology Change Select to enable LLDP MED topology change traps on this port MED TLV Setting Location Select to enable transmitting LLDP MED location TLV Network ...

Страница 222: ...defined from 0 through 63 with the 0 representing use of the default DSCP value Priority Enter the priority value for the network policy Add Click Add after finish entering the network policy information A summary table will list all the Switch you have added Cancel Click Cancel to begin entering the information afresh Index This field displays the of index number of the network policy Click an in...

Страница 223: ...P MED Network Policy continued LABEL DESCRIPTION Table 108 Advanced Application LLDP LLDP MED Location LABEL DESCRIPTION Port Enter the port number you want to set up the location within the LLDP MED network Location Coordinates The LLDP MED uses geographical coordinates and Civic Address to set the location information of the remote device Geographical based coordinates includes latitude longitud...

Страница 224: ...eet Direction Street Suffix Trailing Street Suffix House Number House Number Suffix Landmark Additional Location Name Zip Code Building Unit Floor Room Number Place Type Postal Community Name Post Office Box Additional Code ELIN Number Enter a numerical digit string corresponding to the ELIN identifier which is used during emergency call setup to a traditional CAMA or ISDN trunk based PSAP The val...

Страница 225: ...n Identification Number ELIN which is used to identify endpoint devices when they issue emergency call services The valid length is form 10 to 25 characters Select an entry s check box to select a specific entry Otherwise select the check box in the table heading row to select all entries Delete Check the locations that you want to remove then click the Delete button Cancel Click Cancel to clear t...

Страница 226: ...fServ screen Section 28 2 on page 227 to activate DiffServ to apply marking rules or IEEE 802 1p priority mapping on the Switch Use the DSCP Setting screen Section 28 3 1 on page 229 to change the DSCP IEEE 802 1p mapping 28 1 1 What You Need to Know Read on for concepts on Differentiated Services that can help you configure the screens in this chapter DSCP and Per Hop Behavior DiffServ defines a ...

Страница 227: ...marking rules A network administrator can then apply various traffic policies to the traffic flows An example traffic policy is to give higher drop precedence to one traffic flow over others In our example packets in the Bronze traffic flow are more likely to be dropped when congestion occurs than the packets in the Platinum traffic flow as they move across the DiffServ network Figure 158 DiffServ...

Страница 228: ...a port on the Switch Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Changes in this row are copied to all the ports as soon as you make them Active Select Active to enable Diffserv on the port Apply Click Apply to save your changes to t...

Страница 229: ... 111 IP Application DiffServ DSCP Setting LABEL DESCRIPTION 0 63 This is the DSCP classification identification number To set the IEEE 802 1p priority mapping select the priority level from the drop down list box Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel t...

Страница 230: ...on 82 profile to certain ports on the Switch Use the VLAN Setting screen Section 29 4 6 on page 237 to configure your DHCPv4 settings based on the VLAN domain of the DHCPv4 clients Use the DHCPv4 VLAN Port screen Section 29 4 7 on page 238 to apply a different DHCP option 82 profile to certain ports in a VLAN Use the DHCPv6 Relay screen Section 29 5 on page 240 to enable and configure DHCPv6 relay...

Страница 231: ...P Application DHCP DHCPv4 The following table describes the labels in this screen 29 4 DHCPv4 Relay Configure DHCP relay on the Switch if the DHCP clients and the DHCP server are not in the same broadcast domain During the initial IP address leasing the Switch helps to relay network information such as the IP address and subnet mask between a DHCP client and a DHCP server Once the DHCP client obta...

Страница 232: ...stem Name of the Switch if you select this option You can change the System Name in Basic Setting General Setup The following describes the DHCP relay agent information that the Switch sends to the DHCP server 29 4 1 1 DHCPv4 Relay Agent Information Format A DHCP Relay Agent Information option has the following format i1 i2 and iN are DHCP relay agent sub options which contain additional informati...

Страница 233: ...e N 1 byte MAC Address or String Table 117 IP Application DHCP DHCPv4 Option 82 Profile LABEL DESCRIPTION Name Enter a descriptive name for the profile for identification purposes You can use up to 32 single byte printable characters Circuit ID Use this section to configure the Circuit ID sub option to include information that is specific to the relay agent the Switch Enable Select this option to ...

Страница 234: ...es power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to their last saved values Profile Name This field displays the descriptive name of the profile Click the name to change the settings Circuit ID This section displays the Circuit ID sub option including information that is s...

Страница 235: ...the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 119 IP Application DHCP DHCPv4 Global Port LABEL DESCRIPTION Port Enter the number of ports to which you want to apply the specified DHCP option 82 profile You can enter multiple ports separated by no space comma or hyphen For example enter 3 5 for ports 3 4 and 5 Enter 3 5 7 for...

Страница 236: ...CP server This allows the DHCP server to assign the appropriate IP address according to the VLAN ID Index This field displays a sequential number for each entry Click an index number to change the settings Port This field displays the ports to which the Switch applies the settings Profile Name This field displays the DHCP option 82 profile that the Switch applies to the ports Select an entry s che...

Страница 237: ... to which these DHCP settings apply Relay Use this section if you want to configure the Switch to function as a DHCP relay for this VLAN Remote DHCP Server 1 3 Enter the IP address of a DHCP server in dotted decimal notation Option 82 Profile Select a pre defined DHCP option 82 profile that the Switch applies to all ports in this VLAN The Switch adds the Circuit ID sub option and or Remote ID sub ...

Страница 238: ...ove them Cancel Click Cancel to clear the check boxes Table 120 IP Application DHCP DHCPv4 VLAN continued LABEL DESCRIPTION Table 121 IP Application DHCP DHCPv4 VLAN Port LABEL DESCRIPTION VID Enter the ID number of the VLAN you want to configure here Port Enter the number of ports to which you want to apply the specified DHCP option 82 profile You can enter multiple ports separated by no space co...

Страница 239: ...t applicable to clear the fields above Clear Click Clear to reset the fields to the factory defaults Index This field displays a sequential number for each entry Click an index number to change the settings VID This field displays the VLAN to which the ports belongs Port This field displays the ports to which the Switch applies the settings Profile Name This field displays the DHCP option 82 profi...

Страница 240: ...d the interface ID option to the Relay Forward DHCPv6 messages The remote ID option carries a user defined string such as the system name The interface ID option provides slot number port information and the VLAN ID to the DHCPv6 server The remote ID option if any is stripped from the Relay Reply messages before the relay agent sends the packets to the clients The DHCPv6 server copies the interfac...

Страница 241: ...te an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to their last saved values Clear Click Clear to reset the fields to the factory defaults VID...

Страница 242: ...ts the request to all the devices on the LAN The Switch fills in its own MAC and IP address in the sender address fields and puts the known IP address of the target in the target IP address field In addition the Switch puts all ones in the target MAC field FF FF FF FF FF FF is the Ethernet broadcast address The replying device which is either the IP address of the device being sought or the router...

Страница 243: ...o the IP address of the device that sends this request and the destination MAC address field is set to the broadcast address There will be no reply to a gratuitous ARP request A device may send a gratuitous ARP packet to detect IP collisions If a device restarts or its MAC address is changed it can also use gratuitous ARP to inform other devices in the same network to update their ARP table with t...

Страница 244: ...n as shown Click the link next to ARP Learning to open a screen where you can set the ARP learning mode for each port Figure 173 IP Application ARP Setup 30 2 1 ARP Learning Use this screen to configure each port s ARP learning mode Click the link next to ARP Learning in the IP Application ARP Setup screen to display the screen as shown next ...

Страница 245: ...Learning Mode Select the ARP learning mode the Switch uses on the port Select ARP Reply to have the Switch update the ARP table only with the ARP replies to the ARP requests sent by the Switch Select Gratuitous ARP to have the Switch update its ARP table with either an ARP reply or a gratuitous ARP request Select ARP Request to have the Switch update the ARP table with both ARP replies gratuitous ...

Страница 246: ...n Section 31 2 1 on page 248 to reset the configuration to the Zyxel default configuration settings Use the Save Configuration screen Section 31 2 2 on page 248 to save the current configuration settings to a specific configuration file on the Switch Use the Reboot System screen Section 31 2 3 on page 248 to restart the Switch without physically turning the power off and load a specific configurat...

Страница 247: ...guration file Reboot System Click Config 1 to reboot the Switch and load Configuration 1 on the Switch Click Config 2 to reboot the Switch and load Configuration 2 on the Switch Click Factory Default to reboot the Switch and load the Zyxel factory default configuration settings on the Switch Click Custom Default to reboot the system and load a saved Custom Default configuration file on the Switch ...

Страница 248: ...rrent configuration settings permanently to Configuration 1 on the Switch These configurations are set up according to your network environment Click Config 2 to save the current configuration settings permanently to Configuration 2 on the Switch These configurations are set up according to your network environment Click Custom Default to save the current configuration settings permanently to a cu...

Страница 249: ... file was not saved clicking Custom Default loads the factory default configuration on the Switch 31 2 4 Factory Default Follow the steps below to reset the Switch back to the factory defaults 1 Click the Factory Default button 2 Click OK to continue or Cancel to abort Figure 177 Load Factory Default Confirmation If you want to access the Switch Web Configurator again you may need to change the IP...

Страница 250: ...ce Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device Click Management Maintenance Firmware Upgrade to view the screen as shown next Figure 179 Management Maintenance Firmware Upgrade The top of firmware upgrade screen shows which firmware version is currently running on the Switch Enter the path and file name of the firmware file you wish to ...

Страница 251: ...tting Firmware 1 shows its version number and model code and MM DD YYYY creation date Firmware 2 shows its version number and model code and MM DD YYYY creation date Current Boot Image This displays which firmware is currently in use on the Switch Firmware 1 or Firmware 2 Config Boot Image Select which firmware Firmware 1 or Firmware 2 should load click Apply and reboot the Switch to see changes y...

Страница 252: ...Save As to save the file to a specific place If a dialog box pops up asking whether you want to open or save the file click Save or Save File to download it to the default downloads folder on your computer If a Save As screen displays after you click Save or Save File choose a location to save the file on your computer from the Save in drop down list box and type a descriptive name for it in the F...

Страница 253: ...x The Mbuf log report is stored in flash permanent memory For example Mbuf 50 means a log will be created when the Mbuf utilization is over 50 The higher the Mbuf threshold number the fewer logs will be created and the less data technical support will have to analyze and vice versa Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned...

Страница 254: ...nfigurator See Section 32 8 3 on page 275 for more information about HTTPS Certificates are based on public private key pairs A certificate contains the certificate owner s identity and public key Certificates provide a way to exchange public keys for use in authentication Click Management Maintenance Certificates to open the following screen Use this screen to import the Switch s CA signed certif...

Страница 255: ...hority from your computer to the Switch Service This field displays the service type that this certificate is for Subject This field displays identifying information about the certificate s owner such as CN Common Name OU Organizational Unit or department O Organization or company and C Country It is recommended that each certificate have unique subject information Issuer This field displays ident...

Страница 256: ...rom the Switch using FTP commands First understand the filename conventions 31 8 2 Filename Conventions The configuration file also known as the romfile or ROM contains the Zyxel factory default configuration settings in the screens such as password Switch setup IP Setup and so on Once you have customized the Switch s settings they can be saved back to your computer under a filename of your choosi...

Страница 257: ...Switch 3 Press ENTER when prompted for a user name 4 Enter your password as requested the default is 1234 5 Enter bin to set transfer mode to binary 6 Use put to transfer files from the computer to the Switch for example put firmware bin ras transfers the firmware on your computer firmware bin to the Switch and renames it to ras Similarly put config cfg config transfers the configuration file on y...

Страница 258: ... 129 General Commands for GUI based FTP Clients COMMAND DESCRIPTION Host Address Enter the address of the host server Login Type Anonymous This is when a user I D and password is automatically supplied to the server for anonymous access Anonymous logins will work only if your ISP or service administrator has enabled this option Normal The server requires a unique User ID and Password to login Tran...

Страница 259: ...ntication with managers using SNMP v3 and associate them to SNMP groups Use the Logins screens Section 32 4 on page 265 to assign which users can access the Switch through Web Configurator at any one time Use the Service Access Control screen Section 32 5 on page 266 to decide what services you may use to access the Switch Use the Remote Management screen Section 32 6 on page 267 to specify a grou...

Страница 260: ...this link to configure your SNMP settings Logins Click this link to assign which users can access the Switch through Web Configurator at any one time Service Access Control Click this link to decide what services you may use to access the Switch Remote Management Click this link to specify a group of one or more trusted computers from which an administrator may use a service to manage the Switch A...

Страница 261: ...e Set Community string which is the password for incoming Set requests from the management station The Set Community string is only used by SNMP managers using SNMP version 2c or lower Trap Community Enter the Trap Community string which is the password sent with each trap to the SNMP manager The Trap Community string is only used by SNMP managers using SNMP version 2c or lower Trap Destination Us...

Страница 262: ...pe Select the categories of SNMP traps that the Switch is to send to the SNMP manager Options Select the individual SNMP traps that the Switch is to send to the SNMP station The traps are grouped by category Selecting a category automatically selects all of the category s traps Clear the check boxes for individual traps that you do not want the Switch to send to the SNMP station Clearing a categor...

Страница 263: ... box to enable the trap type of SNMP traps on this port The Switch sends the related traps received on this port to the SNMP manager Clear this check box to disable the sending of SNMP traps on this port Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save yo...

Страница 264: ...Model VACM group SNMP managers in one group are assigned common access rights to MIBs Specify in which SNMP group this user is admin Members of this group can perform all types of system configuration including the management of administrator accounts readwrite Members of this group have read and write rights meaning that the user can create and edit the MIBs on the Switch except the user account ...

Страница 265: ... privilege level Click Management Access Control Logins to view the screen as shown Figure 191 Management Access Control Logins Note The input string in any field of this screen should not contain or In the Password fields space is also not allowed The following table describes the labels in this screen Delete Click Delete to remove the selected entry from the summary table Cancel Click Cancel to ...

Страница 266: ... 13 Configure features except for login accounts SNMP user accounts the authentication method sequence and authorization settings multiple logins administrator and enable passwords and configuration information display 14 Configure login accounts SNMP user accounts the authentication method sequence and authorization settings multiple logins and administrator and enable passwords and display confi...

Страница 267: ... the new port number for that service Timeout Enter how many minutes from 1 to 255 a management session can be left idle before the session times out After it times out you have to log in with your password again Very long idle timeouts may have security risks Login Timeout The Telnet or SSH server do not allow multiple user logins at the same time Enter how many seconds from 30 to 300 seconds a l...

Страница 268: ...se a service to manage the Switch Active Select this check box to activate this secured client set Clear the check box if you wish to temporarily disable the set without deleting it Start Address End Address Configure the IP address range of trusted computers from which you can manage this Switch The Switch checks if the client IP address of a computer requesting a service or protocol matches the ...

Страница 269: ...SNMP user authentication in the Authentication field and the password for the encryption method for SNMP communication in the Privacy field Note The passwords will appear as encrypted text when Password Encryption is Active Click Management Access Control Account Security to view the screen as shown next Click Access Control to return to the Access Control screen Figure 194 Management Access Contr...

Страница 270: ...ement software module that resides in a managed Switch the Switch An agent translates the local management information from the managed Switch into a form compatible with SNMP The manager is the console through which network administrators perform network management functions It executes applications that control and monitor managed devices Display Select which specific information to display in p...

Страница 271: ...cts that is organized according to hierarchy The objects define the attributes of the managed device which includes the names status access rights and data types Each object can be addressed through an object identifier OID MIBs let administrators collect statistics and monitor status and performance The Switch uses standard public RFC defined MIBs for standard functionality To view a list of stan...

Страница 272: ... This trap is sent when the Ethernet link is down lldp lldpRemTablesChange 1 0 8802 1 1 2 0 0 1 The trap is sent when entries in the remote database have any updates Link Layer Discovery Protocol LLDP defined as IEEE 802 1ab enables LAN devices that support LLDP to exchange their configured settings This helps eliminate configuration mismatch issues Table 143 SNMP AAA Traps OPTION OBJECT LABEL OBJ...

Страница 273: ...ow SSH Works The following table summarizes how a secure connection is established between two remote hosts Table 145 SNMP Switch Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION stp STPNewRoot 1 3 6 1 2 1 17 0 1 This trap is sent when the STP root switch changes STPTopologyChange 1 3 6 1 2 1 17 0 2 This trap is sent when the STP topology changes rmon RmonRisingAlarm 1 3 6 1 2 1 16 0 1 This trap is...

Страница 274: ...cryption Method Once the identification is verified both the client and server must agree on the type of encryption method to use 3 Authentication and Data Transmission After the identification is verified and data encryption activated a secure tunnel is established between the client and the server The client then sends its authentication information user name and password to the server to log in...

Страница 275: ...h must always authenticate itself to the SSL client the computer which requests the HTTPS connection with the Switch whereas the SSL client only should authenticate itself when the SSL server requires it to do so Authenticating client certificates is optional and if selected means the SSL client must send the Switch a certificate You must apply for a certificate for the browser from a Certificate ...

Страница 276: ... access is blocked Figure 199 Security Alert Dialog Box Internet Explorer 6 Internet Explorer 7 later version When you attempt to access the Switch HTTPS server a screen with the message There is a problem with this website s security certificate may display If that is the case click Continue to this website not recommended to proceed to the Web Configurator login screen Figure 200 Security Certif...

Страница 277: ...he on screen instructions to install the certificate in your browser Figure 202 Certificate Internet Explorer 11 Mozilla Firefox Warning Messages When you attempt to access the Switch HTTPS server a Your connection is not secure screen may display If that is the case click I Understand the Risks and then the Add Exception button EXAMPLE EXAMPLE ...

Страница 278: ... Series User s Guide 278 Figure 203 Security Alert Mozilla Firefox Confirm the HTTPS server URL matches Click Confirm Security Exception to proceed to the Web Configurator login screen Figure 204 Security Alert Mozilla Firefox EXAMPLE ...

Страница 279: ...e case click Advanced and then Proceed to x x x x unsafe to proceed to the Web Configurator login screen Figure 205 Security Alert Google Chrome 58 0 3029 110 32 8 4 1 Main Settings After you accept the certificate and enter the login user name and password the Switch main screen appears The lock displayed in the bottom right of the browser status bar or next to the website address denotes a secur...

Страница 280: ...GS1915 Series User s Guide 280 Figure 206 Example Lock Denoting a Secure Connection EXAMPLE ...

Страница 281: ...he Diagnostic screen You can use this screen to help you identify problems 33 2 Diagnostic Click Management Diagnostic in the navigation panel to open this screen Use this screen to ping IP addresses run a traceroute perform port tests or show the Switch s location between devices Figure 207 Management Diagnostic ...

Страница 282: ...e Time To Live TTL value for the ICMP Echo Request packets This is to set the maximum number of the hops routers a packet can travel through Each router along the path will decrement the TTL value by one and forward the packets When the TTL value becomes zero and the destination is not found the router drops the packets and informs the sender Wait Time Specify how many seconds the Switch waits for...

Страница 283: ...us is Open or Short Check the Distance to fault This shows Unsupported if the Switch chipset does not support to show the cable length Distance to fault This displays the distance between the port and the location where the cable is open or shorted This shows N A if the Pair status is Ok This shows Unsupported if the Switch chipset does not support to show the distance Table 146 Management Diagnos...

Страница 284: ...n a log reaches the maximum number of log messages new log messages automatically overwrite existing log messages starting with the oldest existing log message first Figure 208 Management System Log The summary table shows the time the log message was recorded and the reason the log message was generated Click Refresh to update this screen Click Clear to clear the whole log regardless of what is c...

Страница 285: ...els 35 1 1 What You Can Do Use the Syslog Setup screen Section 35 2 on page 285 to configure the device s system logging settings and configure a list of external syslog servers 35 2 Syslog Setup The syslog feature sends logs to an external syslog server Use this screen to configure the device s system logging settings and configure a list of external syslog servers Click Management Syslog Setup i...

Страница 286: ...changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Syslog Server Setup Active Select this check box to have the device send logs to this syslog server Clear t...

Страница 287: ...er to edit the entry Active This field displays Yes if the device is to send logs to the syslog server No displays if the device is not to send logs to the syslog server IP Address This field displays the IP address of the syslog server UDP Port This field displays the port of the syslog server Log Level This field displays the severity level of the logs that the device is to send to this syslog s...

Страница 288: ...her switches on the upper floors of the building are cluster members Figure 210 Clustering Application Example 36 1 1 What You Can Do Use the Cluster Management Status screen Section 36 2 on page 289 to view the role of the Switch within the cluster and to access a cluster member Switch s Web Configurator Table 149 Zyxel Clustering Management Specifications Maximum number of cluster members 24 Clu...

Страница 289: ...ot through the cluster manager None neither a manager nor a member of a cluster Manager This field displays the cluster manager Switch s hardware MAC address The Number of Member This field displays the number of switches that make up this cluster The following fields describe the cluster member switches Index You can manage cluster member switches through the cluster manager Switch Each number in...

Страница 290: ...then its Status is displayed as Error in the Cluster Management Status screen and a warning icon appears in the member summary list below Name Type a name to identify the Clustering Manager You may use up to 32 printable characters spaces are allowed VID This is the VLAN ID and is only applicable if the Switch is set to 802 1Q VLAN All switches must be directly connected and in the same VLAN group...

Страница 291: ... be managed from the Cluster Manager Its Status is displayed as Error in the Cluster Management Status screen If multiple devices have the same password then hold SHIFT and click those switches to select them Then enter their common Web Configurator password Add Click Add to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use t...

Страница 292: ...Figure 213 Cluster Management Cluster Member Web Configurator Screen 36 4 1 1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example example ...

Страница 293: ...K ftp 297 bytes received in 0 00Seconds 297000 00Kbytes sec ftp bin 200 Type I OK ftp put 470ACAQ0 bin fw 00 a0 c5 01 23 46 200 Port command okay 150 Opening data connection for STOR fw 00 a0 c5 01 23 46 226 File received OK ftp 262144 bytes sent in 0 63Seconds 415 44Kbytes sec ftp Table 152 FTP Upload to Cluster Member Example FTP PARAMETER DESCRIPTION User Enter admin Password The Web Configurat...

Страница 294: ...itch uses the MAC Table to determine how to forward frames See the following figure 1 The Switch examines a received frame and learns the port on which this source MAC address came 2 The Switch checks to see if the frame s destination MAC address matches a source MAC address already learned in the MAC Table If the Switch has already learned the port for this MAC address then it forwards the frame ...

Страница 295: ...e Use this screen to search specific MAC addresses You can also directly add dynamic MAC addresses into the static MAC forwarding table or MAC filtering table from the MAC table using this screen Click Management MAC Table in the navigation panel to display the following screen Figure 216 Management MAC Table ...

Страница 296: ...Select PORT to display and arrange the data according to port number Transfer Type Select Dynamic to MAC forwarding and click the Transfer button to change all dynamically learned MAC address entries in the summary table below into static entries They also display in the Advanced Application Static MAC Forwarding screen Select Dynamic to MAC filtering and click the Transfer button to change all dy...

Страница 297: ... it finds the address it sends it to the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The Switch fills in its own MAC and IP address in the sender address fields and puts the known IP address of the target in the target IP address field In addition the Switch puts all ones in the target MAC field FF FF FF FF FF FF is the Ethernet broadcast...

Страница 298: ...ARP entries according to the condition you specified Cancel Click Cancel to return the fields to the factory defaults Index This is the ARP table entry number IP Address This is the IP address of a device connected to a Switch port with the corresponding MAC address below MAC Address This is the MAC address of the device with the corresponding IP address above VID This field displays the VLAN to w...

Страница 299: ...een to view IPv6 path MTU information on the Switch Click Management Path MTU Table in the navigation panel to display the screen as shown Figure 218 Management Path MTU Table The following table describes the labels in this screen Table 155 Management Path MTU Table LABEL DESCRIPTION Path MTU aging time This field displays how long an entry remains in the Path MTU table before it ages out and nee...

Страница 300: ...you how you can copy the settings of one port onto other ports 40 2 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports Click Management Configure Clone to open the following screen Figure 219 Management Configure Clone ...

Страница 301: ...indicates that ports 2 through 6 are the destination ports Select to apply all settings to the port Use this first to select the common settings and then remove the settings you do not want copied Basic Setting Select which port settings you configured in the Basic Setting menus should be copied to the destination ports Advanced Application Select which port settings you configured in the Advanced...

Страница 302: ... Neighbor Setup screen When the Switch needs to send a packet it first consults other table to determine the next hop Once the next hop IPv6 address is known the Switch looks into the neighbor table to get the link layer address and sends the packet when the neighbor is reachable If the Switch cannot find an entry in the neighbor table or the state for the neighbor is not reachable it starts the a...

Страница 303: ... initial request The field displays this also when the Switch receives an unrequested response from the neighbor s interface delay D The neighboring interface is no longer known to be reachable and traffic has been sent to the neighbor recently The Switch delays sending request packets for a short to give upper layer protocols a chance to determine reachability probe P The Switch is sending reques...

Страница 304: ...describes the labels in this screen Table 158 Management Port Status LABEL DESCRIPTION Port This identifies the Ethernet port Click a port number to display the Port Details screen Name This is the name you assigned to this port in the Basic Setting Port Setup screen Link This field displays the speed either 10M for 10 Mbps 100M for 100 Mbps or 1G for 1 Gbps and the duplex F for full duplex or H f...

Страница 305: ...xPkts This field shows the number of transmitted frames on this port RxPkts This field shows the number of received frames on this port Errors This field shows the number of received errors on this port Tx kB s This field shows the number of kilobytes per second transmitted on this port Rx kB s This field shows the number of kilobytes per second received on this port Up Time This field shows the t...

Страница 306: ...eld displays Down if the port is not connected to any device State If STP Spanning Tree Protocol is enabled this field displays the STP state of the port If STP is disabled this field displays FORWARDING if the link is up otherwise it displays STOP When LACP Link Aggregation Control Protocol and STP are in blocking state it displays Blocking LACP This field shows if LACP is enabled on this port or...

Страница 307: ... one collision Multiple This is a count of successfully transmitted packets for which transmission was inhibited by more than one collision Excessive This is a count of packets for which transmission failed due to excessive collisions Excessive collision is defined as the number of maximum collisions before the retransmission count is reset Late This is the number of times a late collision is dete...

Страница 308: ...ber of packets including bad packets received that were between 1519 octets and the maximum frame size The maximum frame size varies depending on your switch model Table 159 Management Port Status Port Details continued LABEL DESCRIPTION Table 160 Management Port Status Utilization LABEL DESCRIPTION Port This identifies the Ethernet port Link This field displays the speed either 10M for 10 Mbps 10...

Страница 309: ...309 PART III Troubleshooting and Appendices ...

Страница 310: ... 2 Make sure the power adapter or cord is connected to the Switch and plugged in to an appropriate power source Make sure the power source is turned on 3 Disconnect and re connect the power adapter or cord to the Switch 4 If the problem continues contact the vendor One of the LEDs does not behave as expected 1 Make sure you understand the normal behavior of the LED See Section 3 3 on page 37 2 Che...

Страница 311: ...fter performing step 3 and you want to use the Cloud management mode make sure the Switch is registered in your organization and site in the NCC portal To register the Switch again scan the QR code using the Zyxel Nebula Mobile app See the Section on page 20 for more information on using the app to register the Switch I forgot the IP address for the Switch 1 The default IP address is http DHCP ass...

Страница 312: ...with the default IP address See Section 4 8 on page 63 6 If the problem continues contact the vendor or try the advanced suggestion Advanced Suggestion Try to access the Switch using another service such as Telnet If you can access the Switch check the remote management settings to find out why the Switch does not respond to HTTP Pop up Windows JavaScripts and Java Permissions In order to use the ...

Страница 313: ...Configurator to save the configuration permanently See also Section 31 2 2 on page 248 for more information about how to save your configuration I accidentally unplugged the Switch I am not sure which configuration file will be loaded If you plug the power cable back to the Switch it will reboot and load the configuration file that was used the last time For example if Config 1 was used on the Swi...

Страница 314: ...com index shtml for the latest information Please have the following information ready when you contact an office Required Information Product model and serial number Warranty Information Date that you received your device Brief description of the problem and the steps you took to solve it Corporate Headquarters Worldwide Taiwan Zyxel Communications Corporation https www zyxel com Asia China Zyxel...

Страница 315: ...k Philippines Zyxel Philippines http www zyxel com ph Singapore Zyxel Singapore Pte Ltd http www zyxel com sg Taiwan Zyxel Communications Corporation https www zyxel com tw zh Thailand Zyxel Thailand Co Ltd https www zyxel com th th Vietnam Zyxel Communications Corporation Vietnam Office https www zyxel com vn vi Europe Belarus Zyxel BY https www zyxel by Bulgaria Zyxel България https www zyxel co...

Страница 316: ... https www zyxel com fi fi France Zyxel France https www zyxel fr Germany Zyxel Deutschland GmbH https www zyxel com de de Hungary Zyxel Hungary SEE https www zyxel com hu hu Italy Zyxel Communications Italy https www zyxel com it it Netherlands Zyxel Benelux https www zyxel com nl nl Norway Zyxel Communications https www zyxel com no no Poland Zyxel Communications Poland https www zyxel com pl pl...

Страница 317: ...k Spain Zyxel Communications ES Ltd https www zyxel com es es Sweden Zyxel Communications https www zyxel com se sv Switzerland Studerus AG https www zyxel ch de https www zyxel ch fr Turkey Zyxel Turkey A S https www zyxel com tr tr UK Zyxel Communications UK Ltd https www zyxel com uk en Ukraine Zyxel Ukraine http www ua zyxel com South America Argentina Zyxel Communications Corporation https ww...

Страница 318: ...ations Corporation https www zyxel com co es Ecuador Zyxel Communications Corporation https www zyxel com co es South America Zyxel Communications Corporation https www zyxel com co es Middle East Israel Zyxel Communications Corporation http il zyxel com North America USA Zyxel Communications Inc North America Headquarters https www zyxel com us en ...

Страница 319: ...ions in which this service is used Table 161 Commonly Used Services NAME PROTOCOL PORT S DESCRIPTION AH IPSEC_TUNNEL User Defined 51 The IPSEC AH Authentication Header tunneling protocol uses this service AIM New ICQ TCP 5190 AOL s Internet Messenger service It is also used as a listening port by ICQ AUTH TCP 113 Authentication protocol used by some servers BGP TCP 179 Border Gateway Protocol BOOT...

Страница 320: ...that sends out ICMP echo requests to test whether or not a remote host is reachable POP3 TCP 110 Post Office Protocol version 3 lets a client computer get e mail from a POP3 server through a temporary connection TCP IP or other PPTP TCP 1723 Point to Point Tunneling Protocol enables secure transfer of data over public networks This is the control channel PPTP_TUNNEL GRE User Defined 47 PPTP Point ...

Страница 321: ...S UDP 49 Login Host Protocol used for Terminal Access Controller Access Control System TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments It operates over TCP IP networks Its primary function is to allow users to log into remote host systems TFTP UDP 69 Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP...

Страница 322: ... 1a2f 0015 2001 db8 1a2f 0 0 15 or 2001 db8 0 0 1a2f 15 Prefix and Prefix Length Similar to an IPv4 subnet mask IPv6 uses an address prefix to represent the network address An IPv6 prefix length specifies how many most significant bits start from the left in the address compose the network address The prefix length is written as x where x is a number For example 2001 db8 1a2b 15 1a2f 0 32 means th...

Страница 323: ...owing table describes some of the predefined multicast addresses The following table describes the multicast addresses which are reserved and cannot be assigned to a multicast group Table 163 Predefined Multicast Address MULTICAST ADDRESS DESCRIPTION FF01 0 0 0 0 0 0 1 All hosts on a local node FF01 0 0 0 0 0 0 2 All routers on a local node FF02 0 0 0 0 0 0 1 All hosts on a local connected link FF...

Страница 324: ...ing UDP Each DHCP client and server has a unique DHCP Unique IDentifier DUID which is used for identification when they are exchanging DHCPv6 messages The DUID is generated from the MAC address time vendor assigned ID and or the vendor s private enterprise number registered with the IANA It should not change over time even after you reboot the device Identity Association An Identity Association IA...

Страница 325: ...d uplink router for its LAN The Switch uses the received IPv6 prefix for example 2001 db2 48 to generate its LAN IP address Through sending Router Advertisements RAs regularly by multicast the Switch passes the IPv6 prefix information to its LAN hosts The hosts then can use the prefix to generate their IPv6 addresses ICMPv6 Internet Control Message Protocol for IPv6 ICMPv6 or ICMP for IPv6 is defi...

Страница 326: ... as the next hop Otherwise the Switch determines the next hop from the default router list or routing table Once the next hop IP address is known the Switch looks into the neighbor cache to get the link layer address and sends the packet when the neighbor is reachable If the Switch cannot find an entry in the neighbor cache or the state for the neighbor is not reachable it starts the address resol...

Страница 327: ... DHCPv6 for IP address assignment you have to additionally install a DHCPv6 client software on your Windows XP Note If you use static IP addresses or Router Advertisement for IPv6 address assignment in your network ignore this section This example uses Dibbler as the DHCPv6 client To enable DHCPv6 client on your computer 1 Install Dibbler and select the DHCPv6 client option on your computer 2 Afte...

Страница 328: ...Example Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer To enable IPv6 in Windows 7 1 Select Control Panel Network and Sharing Center Local Area Connection 2 Select the Internet Protocol Version 6 TCP IPv6 check box to enable it 3 Click OK to save the change ...

Страница 329: ... DHCPv6 is enabled when you enable IPv6 on a Windows 10 PC To enable IPv6 in Windows 10 1 Select Control Panel Network and Sharing Center 2 On the left side of the Network and Sharing Center select Change adapter settings 3 Right click your network connection and select Properties C ipconfig Windows IP Configuration Ethernet adapter Local Area Connection Connection specific DNS Suffix IPv6 Address...

Страница 330: ...your computer 1 Select Start Settings Network Internet 2 On the left side of the Network Internet select Ethernet Then select the Ethernet network you are connected to 3 Under IP assignment select Edit 4 Under Edit IP settings select Automatic DHCP or Manual Then click Save When you select Automatic DHCP the IP address settings and DNS server address setting are set automatically by your router Wh...

Страница 331: ...ject to the following two conditions 1 This Switch may not cause harmful interference 2 This Switch must accept any interference received including interference that may cause undesired operations Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment This equipment has been tested and found to comply with th...

Страница 332: ...and electronic Switch For detailed information about recycling of this product please contact your local city office your household waste disposal service or the store where you purchased the product Use ONLY power wires of the appropriate wire gauge for your Switch Connect it to a power supply of the correct voltage Fuse Warning Replace a fuse only with a fuse of the same type and rating The POE ...

Страница 333: ...itpunkt der Entsorgung wird die getrennte Sammlung von Produkt und oder seiner Batterie dazu beitragen natürliche Ressourcen zu sparen und die Umwelt und die menschliche Gesundheit zu schützen El símbolo de abajo indica que según las regulaciones locales su producto y o su batería deberán depositarse como basura separada de la doméstica Cuando este producto alcance el final de su vida útil llévelo...

Страница 334: ...壞請從插座拔除若您還繼續插電使用會有觸電死亡的風險請勿試圖修理電源變壓器或電源變壓器的纜線若有毀損請直接聯絡您購買的店家購買個新的電源變壓器請勿將此設備安裝於室外此設備僅適合放置於室內請勿隨般垃圾丟棄請參閱產品背貼上的設備額定功率請參考產品型錄或是彩盒上的作業溫度設備必須接地接地導線不允許被破壞或沒有適當安裝接地導線如果不確定接地方式是否符合要求可聯繫相應的電氣檢驗機構檢驗如果您提供的系統中有提供熱插拔電源連接或斷開電源請遵循以下指導原則先連接電源線至設備連再連接電源先斷開電源再拔除連接至設備的電源線如果系統有多個電源需拔除所有連接至電源的電源線再關閉設備電源產品沒有斷電裝置或者採用電源線的插頭視為斷電裝置的部分以下警語將適用對永久連接之設備在設備外部須安裝可觸及之斷電裝置對插接式之設備插座必須接近安裝之地點而且是易於觸及的 A...

Страница 335: ... with damaged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fitness for a particular use or purpose Zyxel shall in no event be held liable for indirect or consequen...

Страница 336: ...Setting Wizard 132 applications backbone 23 bridging 24 IEEE 802 1Q VLAN 25 PoE 23 switched workgroup 24 ARP how it works 242 learning mode 242 overview 242 setup 244 ARP Address Resolution Protocol 297 ARP Learning screen 244 ARP Setup screen 244 ARP Table screen 297 ARP Reply 242 ARP Request 243 ATM Asynchronous Transmission Mode 25 authentication setup 176 authentication authorization and accou...

Страница 337: ...ile backup 252 restore 251 save 248 Configure Clone screen 300 contact information 314 copying port settings see port cloning copyright 331 CoS 226 CPU management port 130 CPU protection 195 crossover Ethernet cable 34 current date 88 current time 87 customer support 314 D date current 88 daylight saving time 88 DHCP configuration options 230 Dynamic Host Configuration Protocol 230 modes 230 Relay...

Страница 338: ...324 dynamic link aggregation 152 E egress port 132 egress rate 147 electrical inspection authority 36 electrician 37 EMC statement 331 Environment Statement 333 Errdisable Detect screen 199 Errdisable Recovery screen 200 Errdisable screen 196 errdisable status 198 error disable 195 control packets 197 CPU protection 198 detect 199 recovery 200 status 196 error disable recovery 195 Ethernet broadca...

Страница 339: ... Internet Assigned Number Authority 319 Identity Association IA 324 IEEE 802 3af 22 IEEE 802 3at 22 IEEE 802 3az 202 IEEE standard 22 IGMP leave timeout fast 170 IGMP snooping 167 IGMP snooping and VLANs 168 ingress port 132 ingress rate 147 initial setup 65 Innovation Science and Economic Development Canada ICES statement 331 installation air circulation 27 desktop 27 freestanding 27 rack mountin...

Страница 340: ...EDs 37 limit MAC address learning 160 link aggregation 52 152 dynamic 152 ID information 153 setup 154 traffic distribution algorithm 154 traffic distribution type 155 trunk group 152 link aggregation trunking example 24 Link Aggregation Control Protocol LACP 152 Link Aggregation screen Wizard 51 Link Layer Discovery Protocol 204 LLDP 204 basic TLV 219 global settings 218 local port status 208 org...

Страница 341: ...aximum transmission unit 299 Maximum Transmission Unit MTU 106 Mbuf Memory Buffer 253 MDIX Media Dependent Interface Crossover 34 Media Access Control 86 Memory Buffer 253 MIB and SNMP 271 supported MIBs 271 MIB Management Information Base 271 mirroring ports 150 monitor port 150 mounting brackets attaching 31 MTU 299 MTU Multi Tenant Unit 88 multicast IP addresses 167 setup 168 multicast IP addre...

Страница 342: ... Setting Wizard 132 port mirroring 150 port redundancy 152 Port screen DHCP snooping 188 DHCPv4 Global Relay 235 DHCPv4 VLAN 238 port security 159 address learning 160 limit MAC address learning 160 setup 159 Port Setup screen 96 port status 304 port details 305 port utilization 308 port utilization 308 Port VID PVID 66 port VLAN ID see PVID 125 port VLAN trunking 119 port based VLAN 130 all conne...

Страница 343: ...5 Round Robin Scheduling 164 Router Advertisement RA 325 routing domain 90 RSTP configuration 143 rubber feet 18 attach 28 running configuration 248 erase 248 reset 248 S safety precautions using the Switch 27 safety warnings 332 save configuration 63 248 Save link 63 schedule one time 162 recurring 162 type 163 screw anchors using 29 screw specification for wall mounting 28 Secure Shell see SSH s...

Страница 344: ... 144 path cost 140 145 port priority 145 port role 143 port state 141 143 root port 141 status 142 terminology 140 vs loop guard 192 STP Path Cost 141 straight through Ethernet cable 34 subnet masking 324 Switch DHCP client 40 fanless type usage precaution 27 fan type usage precaution 27 switch lockout 63 Switch reset 63 Switch Setup screen 88 Switch s QR code 20 syslog 285 protocol 285 settings 2...

Страница 345: ... filtering 125 introduction 88 118 number of VLANs 121 port number 122 port settings 124 port based 132 port based VLAN 130 port based isolation 132 port based wizard 132 PVID 125 static VLAN 123 status 120 121 122 tagged 118 trunking 119 125 type 89 120 VLAN Virtual Local Area Network 88 VLAN ID 118 VLAN member port 57 VLAN number 92 94 VLAN setting Wizard 56 VLAN Setting screen 239 DHCPv4 237 VL...

Страница 346: ...um hardware requirements 45 network adapter select 46 password prompt 47 run 45 supported firmware version 45 supported models 45 Switch IP address 40 ZON utility use for troubleshooting 311 ZyNOS Zyxel Network Operating System 256 Zyxel AP Configurator ZAC 48 Zyxel Discovery Protocol ZDP 44 Zyxel Nebula Mobile App register the Switch 20 Zyxel One Network ZON Utility 21 ...

Отзывы:

Нет отзывов

Похожие инструкции для GS1915 Series

DGS-3224TGR - Switch

Бренд: D-Link Страницы: 160

Бренд: D-Link Страницы: 145

DGS-1510 Series

Бренд: D-Link Страницы: 64

DES-3528 - xStack Switch - Stackable

Бренд: D-Link Страницы: 367

Бренд: AAVARA Страницы: 23

Бренд: wavin Страницы: 4

VNLW-P-1001-MV-N-V

Бренд: Greengate Страницы: 2

HD Flash 4 KD-SW4x1

Бренд: Key Digital Страницы: 12

Бренд: Eaton Страницы: 43

Бренд: Dahua Страницы: 17

Бренд: Gefen Страницы: 11

Бренд: A-Neuvideo Страницы: 15

Бренд: Kramer Страницы: 35

Бренд: AT&T Страницы: 24

Бренд: Wyrestorm Страницы: 2

Personal MiniHub

Бренд: Black Box Страницы: 22

Бренд: PIKA Страницы: 7

Бренд: SEH Страницы: 40

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды