ZyXEL Communications GS1920-48HPv2 Скачать руководство пользователя страница 170 | Manualshive

Страница: 170 / 432

ZyXEL Communications GS1920-48HPv2 Скачать руководство пользователя страница 170

Chapter 18 Port Authentication

GS1920v2 Series User’s Guide

170

C

HA PTER

1 8

Po rt Authe ntic a tio n

18.1 Po rt Authe ntic a tio n O ve rvie w

This chapter describes the IEEE 802.1x and MAC authentication methods.

Port authentication is a way to validate access to ports on the Switch to clients based on an external
server (authentication server). The Switch supports the following methods for port authentication:

•

IEEE 802.1x

2

- An authentication server validates access to a port based on a username and

password provided by the user.

•

MAC Authe ntic a tio n

- An authentication server validates access to a port based on the MAC address

and password of the client.

Both types of authentication use the RADIUS (Remote Authentication Dial In User Service, RFC 2138,
2139) protocol to validate users. See

RADIUS and on page 226

for more information on

configuring your RADIUS server settings.

Note: If you enable IEEE 802.1x authentication and MAC authentication on the same port, the

Switch performs IEEE 802.1x authentication first. If a user fails to authenticate via the IEEE
802.1x method, then access to the port is denied.

18.1.1 Wha t Yo u C a n Do

• Use the

Po rt Authe ntic a tio n

screen (

Section 18.2 on page 171

) to display the links to the configuration

screens where you can enable the port authentication methods.

• Use the

802.1x

screen (

Section 18.3 on page 172

) to activate IEEE 802.1x security.

• Use the

MAC Authe ntic a tio n

screen (

Section 18.4 on page 175

) to activate MAC authentication.

18.1.2 Wha t Yo u Ne e d to Kno w

IEEE 802.1x Authe ntic a tio n

The following figure illustrates how a client connecting to a IEEE 802.1x authentication enabled port goes
through a validation process. The Switch prompts the client for login information in the form of a user
name and password. When the client provides the login credentials, the Switch sends an authentication
request to a RADIUS server. The RADIUS server validates whether this client is allowed access to the port.

2.

At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system

documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client

software.

«
...
168
169
170
171
172
...
»

Содержание GS1920-48HPv2

Страница 1: ...r s Guide GS1920v2 Series 8 24 48 port GbE Smart Managed Switch Copyright 2018 Zyxel Communications Corporation LAN IP Address http DHCP assigned IP or 192 168 1 1 User Name admin Password 1234 Versio...

Страница 2: ...ting system Every effort has been made to ensure that the information in this manual is accurate Re late d Doc ume ntation Quick Start Guide The Quick Start Guide shows how to connect the Switch Onlin...

Страница 3: ...abels screen names field labels and field choices are all in bold font A right angle bracket within a screen name denotes a mouse click For example Basic Se tting Swtic h Se tup Se le c t VL AN T ype...

Страница 4: ...107 Static MAC Forwarding 127 Static Multicast Forwarding 129 Filtering 133 Spanning Tree Protocol 135 Bandwidth Control 156 Broadcast Storm Control 158 Mirroring 160 Link Aggregation 162 Port Authent...

Страница 5: ...rvices 319 DHCP 323 ARP Setup 335 Maintenance 339 Access Control 348 Diagnostic 368 System Log 371 Syslog Setup 372 Cluster Management 375 MAC Table 381 ARP Table 384 Path MTU Table 386 Configure Clon...

Страница 6: ...EE 802 1Q VLAN Application Examples 25 1 3 Ways to Manage the Switch 26 1 4 Good Habits for Managing the Switch 27 Cha pte r 2 Ha rdwa re Insta lla tion a nd Conne c tion 28 2 1 Installation Scenarios...

Страница 7: ...c hnic a l Re fe re nc e 43 Cha pte r 4 T he We b Configurator 44 4 1 Overview 44 4 2 System Login 44 4 3 The Status Screen 48 4 3 1 Change Your Password 52 4 4 Saving Your Configuration 53 4 5 Switc...

Страница 8: ...en 75 Cha pte r 8 Ba sic Se tting 77 8 1 Overview 77 8 1 1 What You Can Do 77 8 2 System Information 77 8 3 General Setup 79 8 4 Introduction to VLANs 81 8 5 Switch Setup 82 8 6 IP Setup 83 8 6 1 Mana...

Страница 9: ...9 7 Protocol Based VLANs 118 9 7 1 Configuring Protocol Based VLAN 119 9 8 Voice VLAN 120 9 9 MAC Based VLAN 121 9 10 Port Based VLAN Setup 122 9 10 1 Configure a Port Based VLAN 123 9 11 Technical Re...

Страница 10: ...e Protocol 146 13 8 1 Multiple Spanning Tree Protocol Port Configuration 149 13 9 Multiple Spanning Tree Protocol Status 150 13 10 Technical Reference 153 13 10 1 MSTP Network Example 153 13 10 2 MST...

Страница 11: ...ate IEEE 802 1x Security 172 18 3 1 Guest VLAN 173 18 4 Activate MAC Authentication 175 18 5 Technical Reference 177 18 5 1 IEEE 802 1x 177 18 5 2 RADIUS 177 18 5 3 EAP Extensible Authentication Proto...

Страница 12: ...24 1 1 What You Can Do 201 24 1 2 What You Need to Know 201 24 2 Multicast Setup 205 24 3 IPv4 Multicast Status 205 24 3 1 IGMP Snooping 206 24 3 2 IGMP Snooping VLAN 208 24 3 3 IGMP Filtering Profile...

Страница 13: ...nfigure 242 26 6 1 DHCP Snooping Port Configure 244 26 6 2 DHCP Snooping VLAN Configure 245 26 6 3 DHCP Snooping VLAN Port Configure 246 26 7 ARP Inspection Status 248 26 8 ARP Inspection VLAN Status...

Страница 14: ...Error Disable Recovery Overview 274 30 1 3 What You Can Do 274 30 2 Error Disable Screen 275 30 3 Error Disable Status 275 30 4 CPU Protection Configuration 277 30 5 Error Disable Detect Configuratio...

Страница 15: ...Loopback 314 Cha pte r 35 Static Route 316 35 1 Static Routing Overview 316 35 1 1 What You Can Do 316 35 2 Static Routing 316 35 3 IPv4 Static Route 317 Cha pte r 36 Diffe re ntiate d Se rvic e s 319...

Страница 16: ...Overview 339 39 1 1 What You Can Do 339 39 2 The Maintenance Screen 339 39 2 1 Erase Running Configuration 340 39 2 2 Save Configuration 341 39 2 3 Reboot System 341 39 3 Firmware Upgrade 342 39 4 Re...

Страница 17: ...te r 42 Syste m L og 371 42 1 Overview 371 42 2 System Log 371 Cha pte r 43 Syslog Se tup 372 43 1 Syslog Overview 372 43 1 1 What You Can Do 372 43 2 Syslog Setup 372 Cha pte r 44 Cluste r Manage me...

Страница 18: ...e Clone 387 Cha pte r 49 IPv6 Ne ighbor T able 390 49 1 IPv6 Neighbor Table Overview 390 49 2 Viewing the IPv6 Neighbor Table 390 Cha pte r 50 Port Status 392 50 1 Overview 392 50 2 Port Status 392 50...

Страница 19: ...19 PA RT I Use r s Guide...

Страница 20: ...r direct standalone or cloud mode not both at the same time The Nebula Control Center NCC is an alternative cloud based network management system that allows you to remotely manage and monitor the Swi...

Страница 21: ...fferences between standalone and Nebula cloud management modes You can find the Switch s datasheet at the Zyxel website See the NCC Nebula Control Center User s Guide for how to configure the Switch u...

Страница 22: ...e Status screen or the device back label on the Switch Use the Zyxe l Ne bula Mobile App to Re giste r the Switc h 1 Download and open the Zyxel Nebula Mobile app in your mobile device Click Sign Up t...

Страница 23: ...S1920 48HPv2 where 4 50 is the firmware trunk version ABMK identifies the GS1920 48HPv2 and 0 is the first release of trunk version 4 50 1 1 4 PoE The GS1920 8HPv2 GS1920 24HPv2 and GS1920 48HPv2 come...

Страница 24: ...the network simply add more networking devices such as switches routers computers print servers etc Figure 1 Backbone Application 1 2 2 Bridg ing Exa mple In this example the Switch connects different...

Страница 25: ...an provide the same bandwidth as ATM at much lower cost while still being able to use existing adapters and switches Moreover the current LAN structure can be retained as all ports can freely communic...

Страница 26: ...d for everyday management of the Switch using a supported web browser See Chapter 4 on page 44 FTP Use FTP for firmware upgrades and configuration backup restore See Section 39 7 1 on page 346 SNMP Th...

Страница 27: ...pes of characters such as numbers and letters Write down the password and put it in a safe place Back up the configuration and make sure you know how to restore it Restoring an earlier working configu...

Страница 28: ...o use the prope r sc re ws may damage the unit See Table 1 on page 20 for the comparison table of the hardware installation methods for each model To start using the Switch simply connect the power ca...

Страница 29: ...and the power cord Note Make sure that you meet the requirements of clearance when you use the Switch for stacking It s recommended to only use the Switch with Fans in a stack See Table 1 on page 20 t...

Страница 30: ...side of the Switch Figure 6 Attaching the Mounting Brackets 2 Using a 2 Philips screwdriver install the M3 flat head screws through the mounting bracket holes into the Switch 3 Repeat steps 1 and 2 t...

Страница 31: ...ilips screwdriver Two screw anchors optional 1 Select a position free of obstructions on a wall strong enough to hold the weight of the Switch 2 Mark two holes on the wall at the appropriate distance...

Страница 32: ...allow ventilation WARNING T he Switc h should be wall mounte d horizontally and make sure the front pane l is fac ing down T he Switc h s side pane ls with ve ntilation slots should not be fac ing up...

Страница 33: ...securely before installing the unit 2 5 3 Attac hing the Mounting Bra c ke ts to the Switc h 1 Position a mounting bracket on one side of the Switch lining up the four screw holes on the bracket with...

Страница 34: ...h on a Rack 2 Using a 2 Philips screwdriver install the M5 flat head screws through the mounting bracket holes into the rack Note Make sure you tighten all the four screws to prevent the Switch from g...

Страница 35: ...0 Front Panel GS1920 8HPv2 Figure 11 Front Panel GS1920 24v2 Figure 12 Front Panel GS1920 24HPv2 Figure 13 Front Panel GS1920 48v2 Figure 14 Front Panel GS1920 48HPv2 3 1 1 Gigabit Ethe rne t Ports Th...

Страница 36: ...lt negotiation settings for the Gigabit ports on the Switch are Speed Auto Duplex Auto Flow control Off Link Aggregation Disabled 3 1 1 2 Auto c rossove r All ports are auto crossover that is auto MDI...

Страница 37: ...cally detects the installed transceiver Check the LEDs to verify that it is functioning properly 4 Close the transceiver s latch latch styles vary 5 Connect the fiber optic cables to the transceiver F...

Страница 38: ...w the L ink ACTLED works Each Ethernet port s LED is changed to act as a PoE Mode LED by pushing the PoE MODE button on the front panel Each Ethernet port s LED is changed back to act as a L ink ACTLE...

Страница 39: ...ur ZyXEL Device which may not be covered by it s warranty 1 Remove the M4 ground screw from the Switch s rear panel 2 Secure a green yellow ground cable 16 AWG or smaller to the Switch s rear panel us...

Страница 40: ...om the power module in the power slot SYS Green On The Switch is on and functioning properly Blinking The Switch is rebooting and performing self diagnostic tests Red On The Switch is functioning abno...

Страница 41: ...ent power supplied budget Ethernet Ports and PoE LNK ACT 1 8 GS1920 8HPv2 1 24 GS1920 24v2 24HPv2 and 1 48 GS1920 48v2 48HPv2 Green Blinking The Switch is transmitting receiving to from a 1000 Mbps Et...

Страница 42: ...inking The Switch is transmitting receiving data 100 Mbps Off There is no link or port the uplink port is shut down SFP Slots 49 50 GS1920 48v2 48HPv2 Green On The uplink port is linking at 1000 Mbps...

Страница 43: ...43 PA RT II T e c hnic al Re fe re nc e...

Страница 44: ...w Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permissions enabled by default 4 2 Syste m L...

Страница 45: ...enter NCC login page in a new tab or window The NCC is an alternative cloud based network management system that allows you to remotely manage and monitor the Switch see Section 1 1 1 on page 20 Figur...

Страница 46: ...e app from the Google Play store for Android devices or the App Store for iOS devices and create an organization and site at NCC Figure 29 Web Configurator Message You may also access this screen at B...

Страница 47: ...d 1234 is the default password when shipped New Password Enter your new system password Retype to confirm Retype your new system password for confirmation General Setting Use this section to specify t...

Страница 48: ...ng which is the password for the incoming Set requests from the management station The Se t Community string is only used by SNMP managers using SNMP version 2c or lower Trap Community Enter the T ra...

Страница 49: ...ration of your Switch that stays the same even if the Switch s power is turned off D Click this link to go to the status page of the Switch E Click this link to log out of the web configurator F Click...

Страница 50: ...itch Setup This link takes you to a screen where you can set up global Switch parameters such as VLAN type GARP and priority queues IP Setup This link takes you to a screen where you can configure the...

Страница 51: ...to another port in order that you can examine the traffic from the first port without interference Link Aggregation This link takes you to screens where you can logically aggregate physical links to...

Страница 52: ...e the DHCP settings ARP Setup This link takes you to screens where you can configure the ARP learning settings for each port Management Maintenance This link takes you to screens where you can perform...

Страница 53: ...ation to nonvolatile memory Nonvolatile memory refers to the Switch s storage that remains even if the Switch s power is turned off Note Use the Sa ve link when you are done with a configuration sessi...

Страница 54: ...tomatically reboot and restore the factory default file See Section 3 3 on page 40 for more information about the LED behavior 4 6 2 Re store Custom De fault Press the REST ORE button for three to sev...

Страница 55: ...ries User s Guide 55 4 8 He lp The web configurator s online help has descriptions of individual screens and some supplementary information Click the He lp link from a web configurator screen to view...

Страница 56: ...g Port VID Configuring Switch Management IP Address 5 1 1 Cre a ting a VL AN VLANs confine broadcast frames to the VLAN group in which the port s belongs You can do this with port based VLAN or tagged...

Страница 57: ...nent member of the VLAN only 4 To ensure that VLAN unaware devices such as computers and hubs can receive frames properly clear the T X T agging check box to set the Switch to remove VLAN tags before...

Страница 58: ...in the PVID field for port 2 and click Apply to save your changes back to the run time memory Settings in the run time memory are lost when the Switch s power is turned off 5 1 3 Config uring Switc h...

Страница 59: ...n 4 2 on page 44 for more information 3 Click Basic Se tting IP Se tup in the navigation panel 4 Configure the related fields in the IP Se tup screen 5 For the VL AN2 network enter 192 168 2 1 as the...

Страница 60: ...network V Create a VLAN containing ports 5 6 and 7 Connect a computer M to the Switch for management Figure 38 Tutorial DHCP Snooping Tutorial Overview Note For related information about DHCP snoopin...

Страница 61: ...in the Control field as shown Deselect T x T agging because you don t want outgoing traffic to contain this VLAN tag Click Add Figure 39 Tutorial Create a VLAN and Add Ports to It 3 Go to Advanc e d...

Страница 62: ...shown Click Apply Figure 41 Tutorial Specify DHCP VLAN 5 Click the Port link at the top right corner 6 The DHCP Snooping Port Configure screen appears Select T ruste d in the Se rve rT ruste d state f...

Страница 63: ...o either port 6 or 7 The computer should be able to get an IP address from the DHCP server If you put the DHCP server on port 6 or 7 the computer will not able to get an IP address 10 To check if DHCP...

Страница 64: ...e VLAN ID and port number in the DHCP request Client A connects to the Switch s port 2 in VLAN 102 Figure 45 Tutorial DHCP Relay Scenario 6 3 2 Cre a ting a VL AN Follow the steps below to configure p...

Страница 65: ...gs before sending 7 Click Add to save the settings to the run time memory Settings in the run time memory are lost when the Switch s power is turned off Figure 47 Tutorial Create a Static VLAN 8 Click...

Страница 66: ...P Applic ation DHCP DHCPv4 and then the Global link to open the DHCP Re lay screen 2 Select the Ac tive check box 3 Enter the DHCP server s IP address 192 168 2 3 in this example in the Re mote DHCP S...

Страница 67: ...it did not receive the IP address 172 16 1 18 make sure 1 Client A is connected to the Switch s port 2 in VLAN 102 2 You configured the correct VLAN ID port number and system name for DHCP relay on b...

Страница 68: ...ation system status and IP addresses You can also display other status screens for more information Use the ZON Utility screen Section 7 3 on page 70 to deploy and manage network devices Use the Ne ig...

Страница 69: ...in the UAG The format is mm dd yyyy hh mm ss Hardware Version This field displays the hardware version number of the Switch The integer is the model version and the decimal is the version of the hardw...

Страница 70: ...play Disc onne c te d or Unre g iste re d In c loud mode the status will display Conne c te d or Disc onne c te d Conne c te d The Switch is registered with and connected to the NCC Disc onne c te d T...

Страница 71: ...ur Windows operating system version right click on My Compute r Prope rtie s You should see this information in the Ge ne ra l tab Hardware Here are the minimum hardware requirements to use the ZON Ut...

Страница 72: ...information about ZON icon in the upper right hand corner of the screen Then select the Supporte d mode l and firmware ve rsion link If your device is not listed here see the device release notes for...

Страница 73: ...twork Figure 55 Discovery 5 The ZON Utility screen shows the devices discovered Figure 56 ZON Utility Screen 6 Select a device and then use the icons to perform actions Some functions may not be avail...

Страница 74: ...the Zyxel website to your computer and unzipped it in advance 8 Change Password Use this icon to change the admin password of the selected device You must know the current admin password before chang...

Страница 75: ...device have been done successfully As the Switch does not support IP Configura tion Re ne w IP a ddre ss and Fla sh L oc a tor L ED this field displays Update failed Not support Renew IP address and...

Страница 76: ...Click the Cyc le button to turn OFF the power of the neighbor device and turn it back ON again A count down button from 5 to 0 starts Note The Switch must support power sourcing PSE or the network dev...

Страница 77: ...reen Section 8 7 on page 85 to configure Switch port settings Use the PoEStatus screens Section 8 8 on page 87 to view the current amount of power that PDs are receiving from the Switch and set the pr...

Страница 78: ...hernet MAC Media Access Control address of the Switch CPU Utilization CPU utilization quantifies how busy the system is Curre nt displays the current percentage of CPU utilization Memory Utilization M...

Страница 79: ...an speed falls below the threshold shown Current This field displays this fan s current speed in Revolutions Per Minute RPM MAX This field displays this fan s maximum speed measured in Revolutions Per...

Страница 80: ...is recommended that you use a Daytime timeserver within your geographical time zone T ime RFC 868 format displays a 4 byte integer giving the total number of seconds since 2016 1 1 at 0 0 0 NT P RFC 1...

Страница 81: ...e United States on the second Sunday of March Each time zone in the United States starts using Daylight Saving Time at 2 A M local time So in the United States you would select Se c ond Sunda y Ma rc...

Страница 82: ...60 to 1000000 seconds This is how long dynamically learned ARP entries remain in the ARP table before they age out and must be relearned The setting here applies to ARP entries which are newly added i...

Страница 83: ...queues is dropped if the network is congested Priority Level The following descriptions are based on the traffic types defined in the IEEE 802 1d standard which incorporates the 802 1p To map a prior...

Страница 84: ...witch in dotted decimal notation for example 255 255 255 0 Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation for example 192 168 1 254 VID Enter the VLAN...

Страница 85: ...insert the entry to the summary table below and save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top nav...

Страница 86: ...field displays the capacity that the port can support Speed Duplex Select the speed and the duplex mode of the Ethernet connection on this port The choices are 10M Ha lf Duple x 100M Ha lf Duple x 10...

Страница 87: ...me losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The Switch uses IEEE802 3x flow control in full duplex mode and backpressure flow contro...

Страница 88: ...PoE Sta tus Sc re e n To view the current amount of power that PDs are receiving from the Switch click Basic Se tting PoE Se tup Figure 65 Basic Setting PoE Setup Table 18 Temperature and Action T EM...

Страница 89: ...ber State This field shows which ports can receive power from the Switch You can set this in Section 8 8 3 on page 90 Disa ble The PD connected to this port cannot get power supply Ena ble The PD conn...

Страница 90: ...Click the PoE Se tup link in the Basic Se tting PoE Se tup screen The following screen opens Table 20 Basic Setting PoE Setup PoE Time Range Status L ABEL DESCRIPT ION Port This is the number of the p...

Страница 91: ...ect this to have the Switch pre allocate power to each port based on the classification of the PD device Dual Detection Select this to have the Switch run another detecting procedure between the detec...

Страница 92: ...PD is NOT performing Layer 2 power classification using Link Layer Discovery Protocol LLDP 802 3a t the Switch supports the IEEE 802 3at High Power over Ethernet standard and can supply power of up t...

Страница 93: ...properly you should configure a static VLAN with the same ID number in the Adva nc e d Applic a tion VL AN screens Add Click this to create a new entry This saves your changes to the Switch s run time...

Страница 94: ...tion Click an interface index number in the Basic Se tting IPv6 screen The following screen opens Figure 70 Basic Setting IPv6 IPv6 Interface Status Table 23 Basic Setting IPv6 L ABEL DESCRIPT ION Ind...

Страница 95: ...Discovery ND Duplicate Address Detection DAD is enabled on the interface Number of DAD Attempts This field displays the number of consecutive neighbor solicitations the Switch sends for this interfac...

Страница 96: ...r Preferred Lifetime This field displays how long in seconds that the global address remains preferred Valid Lifetime This field displays how long in seconds that the global address is valid DNS This...

Страница 97: ...EL DESCRIPT ION Table 26 Basic Setting IPv6 IPv6 Configuration IPv6 Global Setup L ABEL DESCRIPT ION IPv6 Hop Limit Specify the maximum number of hops from 1 to 255 in router advertisements This is th...

Страница 98: ...n screen to display the screen as shown next Table 27 Basic Setting IPv6 IPv6 Configuration IPv6 Interface Setup L ABEL DESCRIPT ION Interface Select the IPv6 interface you want to configure Active Se...

Страница 99: ...the interface Default Gateway Set the default gateway IPv6 address for the interface When an interface cannot find a routing information for a frame s destination it forwards the packet to the default...

Страница 100: ...ically using the EUI 64 format Add Click Add to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top nav...

Страница 101: ...this interface Enter 0 to turn off DAD NS Interval Specify the time interval from 1000 to 3600000 milliseconds at which neighbor solicitations are re sent for this interface Reachable Time Specify how...

Страница 102: ...an be reached through the interface MAC Specify the MAC address of the neighboring device which can be reached through the interface Add Click this to create a new entry or to update an existing one T...

Страница 103: ...967295 seconds at which the Switch exchanges other configuration information with a DHCPv6 server again Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these ch...

Страница 104: ...has been registered in the NCC Table 33 Basic Setting DNS L ABEL DESCRIPT ION Static Domain Name Server Preference This is the priority of the DNS server address Server Address Enter a domain name ser...

Страница 105: ...e Switch If the Switch has Internet access and has been registered in the NCC it will go into cloud management mode In cloud management mode then NCC will first check if the firmware on the Switch nee...

Страница 106: ...witch Registration This screen has a QR code containing the Switch s serial number and MAC address for handy NCC registration of the Switch using the Nebula Mobile app First download the app from the...

Страница 107: ...voice traffic separately from data traffic to ensure the sound quality does not deteriorate Use the MAC Base d VL AN Se tup screen Section 9 9 on page 121 to set up VLANs that allow you to group untag...

Страница 108: ...cides where to forward the frame and then inserts a VLAN tag reflecting the ingress port s default VID The default PVID is VLAN 1 for all ports but this can be changed A broadcast frame or a multicast...

Страница 109: ...rt s Figure 83 Port VLAN Trunking 9 1 2 3 Se le c t the VL AN T ype Select a VLAN type in the Basic Se tting Switc h Se tup screen Table 34 IEEE 802 1Q VLAN Terminology VL AN PARAMET ER T ERM DESCRIPT...

Страница 110: ...m the navigation panel to display the VL AN Status screen as shown next Figure 85 Advanced Application VLAN VLAN Status The following table describes the labels in this screen Table 35 Advanced Applic...

Страница 111: ...on MAC ba se d manually added as MAC based VLAN Change Pages Click Pre vious or Ne xt to show the previous next screen if all status information cannot be seen in one screen Table 35 Advanced Applicat...

Страница 112: ...k in the VL AN Configuration screen to display the screen as shown next Table 37 Advanced Application VLAN VLAN Configuration L ABEL DESCRIPT ION Static VLAN Setup Click Clic k He re to configure the...

Страница 113: ...e is between 1 and 4094 Port The port number identifies the port you are configuring Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports...

Страница 114: ...ne configuring Cancel Click Ca nc e l to change the fields back to their last saved values Clear Click Cle a r to start configuring the screen again VID This field displays the ID number of the VLAN g...

Страница 115: ...you make them Ingress Check If this check box is selected the Switch discards incoming frames on a port for VLANs that do not include this port in its member set Clear this check box to disable ingres...

Страница 116: ...1 0 24 video services Lastly you configure VLAN with priority 3 and VID of 300 for traffic received from IP subnet 10 1 1 0 24 data services All untagged incoming frames will be classified based on th...

Страница 117: ...a numeric characters to identify this subnet based VLAN IP Enter the IP address of the subnet for which you want to configure this subnet based VLAN Mask Bits Enter the bit number of the subnet mask T...

Страница 118: ...pstream ARP traffic from port 1 2 and 3 will be grouped together and all upstream Apple Talk traffic from port 6 and 7 will be in another group and have higher priority than ARP traffic when they go t...

Страница 119: ...down list box to select a predefined protocol to be included in this protocol based VLAN or select Othe rs and type the protocol number in hexadecimal notation For example the IP protocol in hexadecim...

Страница 120: ...ation screen as shown Figure 94 Advanced Application VLAN VLAN Configuration Voice VLAN Setup Port This field shows which port belongs to this protocol based VLAN Name This field shows the name the pr...

Страница 121: ...ault setting is 5 The higher the numeric value you assign the higher the priority for this Voice VLAN Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these chan...

Страница 122: ...entry This is the source MAC address of the data packet that is looked up when untagged packets arrive at the Switch VID Type an ID from 1 to 4094 for the VLAN ID that is associated with the MAC based...

Страница 123: ...d Filte ring that require a VID you must enter 1 as the VID The port based VLAN setup screen is shown next The CPU management port forms a VLAN with all Ethernet ports 9 10 1 Configure a Port Ba se d...

Страница 124: ...Chapter 9 VLAN GS1920v2 Series User s Guide 124 Figure 97 Advanced Application VLAN Port Based VLAN Setup Port Isolation...

Страница 125: ...secure After you make your selection click Apply top right of screen to display the screens as mentioned above You can still customize these settings by adding deleting incoming or outgoing ports but...

Страница 126: ...Figure 98 Protocol Based VLAN Configuration Example To add more ports to this protocol based VLAN 1 Click the index number of the protocol based VLAN entry Click 1 2 Change the value in the Port fiel...

Страница 127: ...0 2 Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table Static MAC addresses do not age out When you set up static MAC address...

Страница 128: ...anel to save your changes to the non volatile memory when you are done configuring Cancel Click Ca nc e l to reset the fields to their last saved values Clear Click Cle a r to begin configuring this s...

Страница 129: ...a member of a multicast group A static multicast address is a multicast MAC address that has been manually entered in the multicast table Static multicast addresses do not age out Static multicast fo...

Страница 130: ...cast Forwarding to Multiple Ports 11 2 Configuring Static Multic ast Forwarding Use this screen to configure rules to forward specific multicast frames such as streaming or control frames to specific...

Страница 131: ...iple ports separated by no space comma or hyphen For example enter 3 5 for ports 3 4 and 5 Enter 3 5 7 for ports 3 5 and 7 Add Click Add to save your rule to the Switch s run time memory The Switch lo...

Страница 132: ...1920v2 Series User s Guide 132 Delete Click De le te to remove the selected entry from the summary table Cancel Click Ca nc e l to clear the check boxes Table 46 Advanced Application Static Multicast...

Страница 133: ...destination MAC addresses and VLAN group ID 12 1 1 Wha t You Ca n Do Use the Filte ring screen Section 12 2 on page 133 to create rules for traffic going through the Switch 12 2 Configure a Filte rin...

Страница 134: ...ur changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile...

Страница 135: ...s screen Section 13 5 on page 141 to view the RSTP status Use the Multiple Rapid Spanning T re e Protoc ol screen Section 13 6 on page 142 to configure MRSTP Use the Multiple Rapid Spanning T re e Pro...

Страница 136: ...e lowest cost to the root among the bridges connected to the LAN How ST P Works After a bridge determines the lowest cost spanning tree with STP it enables the root port and the ports that are the des...

Страница 137: ...P Multiple Spanning Tree Protocol IEEE 802 1s is backward compatible with STP RSTP and addresses the limitations of existing spanning tree protocols STP and RSTP in networks to include the following...

Страница 138: ...n Figure 106 Advanced Application Spanning Tree Protocol This screen differs depending on which STP mode RSTP MRSTP or MSTP you configure on the Switch This screen is described in detail in the sectio...

Страница 139: ...Application Spanning Tree Protocol Configuration L ABEL DESCRIPT ION Spanning Tree Mode You can activate one of the STP modes on the Switch Select Ra pid Spa nning T re e Multiple Ra pid Spanning T r...

Страница 140: ...range is 6 to 40 seconds Forwarding Delay This is the maximum time in seconds the Switch will wait before changing states This delay is required because every switch must receive information about to...

Страница 141: ...uration Click Config ura tion to specify which STP mode you want to activate Click RST P to edit RSTP settings on the Switch Bridge Root refers to the base of the spanning tree the root bridge Our Bri...

Страница 142: ...d bridge has the lowest path cost to the root bridge among the bridges connected to the LAN segment All the ports on a root bridge root switch are designated ports Alte rna te A blocked port which has...

Страница 143: ...ic value becomes the STP root switch If all switches have the same priority the switch with the lowest MAC address will then become the root switch Select a value from the drop down list box The lower...

Страница 144: ...ge Select this check box to configure a port as an edge port when it is directly attached to a computer An edge port changes its initial STP port state from blocking state to forwarding state immediat...

Страница 145: ...second This is the maximum time in seconds the Switch can wait without receiving a configuration message before attempting to reconfigure Forwarding Delay second This is the time in seconds the root...

Страница 146: ...forwarding state when the designated port for the LAN segment fails Bac kup A blocked port which has a backup redundant path to a LAN segment where a designated port is already connected when a switc...

Страница 147: ...Chapter 13 Spanning Tree Protocol GS1920v2 Series User s Guide 147 Figure 112 Advanced Application Spanning Tree Protocol MSTP...

Страница 148: ...orward Delay 1 Max Age 2 Hello Time 1 Maximum hops Enter the number of hops between 1 and 255 in an MSTP region before the BPDU is discarded and the port information is aged Configuration Name Enter a...

Страница 149: ...The allowed range is between 0 and 255 and the default value is 128 Path Cost Path cost is the cost of transmitting a frame on to a LAN through that port It is recommended to assign this value accordi...

Страница 150: ...first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Edge Select this check box to configur...

Страница 151: ...e for Root and Our Bridg e if the Switch is the root switch Hello Time second This is the time interval in seconds at which the root switch transmits a configuration message The root bridge determines...

Страница 152: ...erating normally It learns MAC addresses processes BPDUs and forwards received frames Port Role This field displays the role of the port in STP Root A forwarding port on a non root bridge which has th...

Страница 153: ...are configured on the two switches If the switches are using STP or RSTP the link for VLAN 2 will be blocked as STP and RSTP allow only one link in the network and block the redundant link Figure 115...

Страница 154: ...stance mapping 13 10 3 MSTInstanc e An MST Instance MSTI is a spanning tree instance VLANs can be configured to run on a specific MSTI Each created MSTI is identified by a unique number known as an MS...

Страница 155: ...Chapter 13 Spanning Tree Protocol GS1920v2 Series User s Guide 155 Figure 118 MSTP and Legacy RSTP Network Example...

Страница 156: ...ining a maximum allowable bandwidth for incoming and or out going traffic flows on a port 14 1 1 Wha t You Ca n Do Use the Bandwidth Control screen Section 14 2 on page 156 to limit the bandwidth for...

Страница 157: ...as you make them Active Select this check box to activate ingress rate limits on this port Ingress Rate Specify the maximum bandwidth allowed in kilobits per second Kbps for the incoming traffic flow...

Страница 158: ...multicast and or DLF packets is reached per second the subsequent packets are discarded Enable this feature to reduce broadcast multicast and or DLF packets in your network You can specify limits for...

Страница 159: ...settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Broadcast pkt s Select this option and specify how many broadca...

Страница 160: ...c from the monitor port without interference 16 1 1 Wha t You Ca n Do Use the Mirroring screen Section 16 2 on page 160 to select a monitor port and specify the traffic flow to be copied to the monito...

Страница 161: ...ts Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row a...

Страница 162: ...L ink Aggre gation Se tting screen Section 17 3 on page 164 to configure to enable static link aggregation Use the L ink Aggre gation Control Protoc ol screen Section 17 3 1 on page 166 to enable Link...

Страница 163: ...of the following information1 17 2 L ink Aggre gation Status Click Advanc e d Applic ation L ink Aggre gation in the navigation panel The L ink Aggre gation Status screen displays by default See Secti...

Страница 164: ...Link Aggregation ID on page 163 for more information on this field The ID displays only when there is a port belonging to this trunk group and LACP is also enabled for this group Criteria This shows...

Страница 165: ...s in this screen Table 64 Advanced Application Link Aggregation Link Aggregation Setting L ABEL DESCRIPT ION Link Aggregation Setting This is the only screen you need to configure to enable static lin...

Страница 166: ...ination MAC address Select src dst ma c to distribute traffic based on a combination of the packet s source and destination MAC addresses Select src ip to distribute traffic based on the packet s sour...

Страница 167: ...following table describes the labels in this screen Table 65 Advanced Application Link Aggregation Link Aggregation Setting LACP L ABEL DESCRIPT ION Link Aggregation Control Protocol Note Do not confi...

Страница 168: ...LACP Active Select this option to enable LACP for a trunk Port This field displays the port number Settings in this row apply to all ports Use this row only if you want to make some settings the same...

Страница 169: ...nk Aggre gation Se tting In this screen activate trunk group T 1 select the traffic distribution algorithm used by this group and select the ports that should belong to this group as shown in the figu...

Страница 170: ...EEE 802 1x authentication first If a user fails to authenticate via the IEEE 802 1x method then access to the port is denied 18 1 1 Wha t You Ca n Do Use the Port Authe ntic ation screen Section 18 2...

Страница 171: ...ials The login credentials are based on the source MAC address of the client connecting to a port on the Switch along with a password configured specifically for MAC authentication on the Switch Figur...

Страница 172: ...own Select a port authentication method s link in the screen that appears Figure 129 Advanced Application Port Authentication 18 3 Ac tivate IEEE 802 1x Se c urity Use this screen to activate IEEE 802...

Страница 173: ...mit 802 1x authentication on this port You must first allow 802 1x authentication on the Switch before configuring it on each port Max Req Specify the number of times the Switch tries to authenticate...

Страница 174: ...uthentication 802 1x Guest VLAN The following table describes the labels in this screen Table 67 Advanced Application Port Authentication 802 1x Guest VLAN L ABEL DESCRIPT ION Port This field displays...

Страница 175: ...ulti Host to authenticate only the first user that connects to this port If the first user enters the correct credential any other users are allowed to access the port without authentication If the fi...

Страница 176: ...ed to the RADIUS server Password Type the password the Switch sends along with the MAC address of a client for authentication with the RADIUS server You can enter up to 32 printable ASCII characters T...

Страница 177: ...erver The RADIUS server handles the following tasks Authentication Determines the identity of the users Authorization Determines the network services available to authenticated users once they are con...

Страница 178: ...know The key is not sent over the network In addition to the shared key password information exchanged is also encrypted to protect the network from unauthorized access 18 5 3 EAP Exte nsible Authe nt...

Страница 179: ...server The exchange of certificates is done in the open before a secured tunnel is created This makes user identity vulnerable to passive attacks A digital certificate is an electronic ID card that au...

Страница 180: ...um port security enable this feature disable MAC address learning and configure static MAC address es for a port It is not recommended you disable port security together with MAC address learning as t...

Страница 181: ...ck boxes and clear the Addre ss L e a rning check boxes only for the ports specified in the Port list Active Select this option to enable port security on the Switch Port This field displays the port...

Страница 182: ...ccess port 2 at any one time A sixth device would have to wait until one of the five learned MAC addresses aged out MAC address aging out time can be set in the Switc h Se tup screen The valid range i...

Страница 183: ...dules One time schedules are effective only once while recurring schedules usually repeat Both types of schedules are based on the current date and time in the Switch 20 1 1 Wha t You Ca n Do Use the...

Страница 184: ...d minute when the schedule begins and ends respectively Select the second option if you want to define a recurring schedule for multiple non consecutive time periods You need to select each day of the...

Страница 185: ...ha t You Ne e d to Know Quality of Service QoS refers to both a network s ability to deliver data with minimum delay and the networking methods used to control the use of bandwidth Without QoS all tra...

Страница 186: ...s shown Table 71 Advanced Application Classifier Classifier Status L ABEL DESCRIPT ION Index This field displays the index number of the rule Click an index number to edit the rule Active This field d...

Страница 187: ...Chapter 21 Classifier GS1920v2 Series User s Guide 187 Figure 137 Advanced Application Classifier Classifier Configuration...

Страница 188: ...ion and specify a priority level in the field provided Ethernet Type Select an Ethernet type or select Othe r and enter the Ethernet type number in hexadecimal value Refer to Table 74 on page 190 for...

Страница 189: ...source IP address in dotted decimal notation Specify the address prefix by entering the number of ones in the subnet mask A subnet mask can be represented in a 32 bit notation For example the subnet m...

Страница 190: ...CRIPT ION Table 73 Advanced Application Classifier Classifier Configuration Summary Table L ABEL DESCRIPT ION Index This field displays the index number of the rule Click an index number to edit the r...

Страница 191: ...Se tting Use this screen to configure the match order and enable logging on the Switch In the Cla ssifie r Config ura tion screen click Cla ssifie r Globa l Se tting to display the configuration scree...

Страница 192: ...g to the layer of the item configured in the rule Layer 4 items have the highest priority and layer 2 items has the lowest priority For example you configure a layer 2 item VLAN ID in classifier A and...

Страница 193: ...GS1920v2 Series User s Guide 193 Figure 140 Classifier Example...

Страница 194: ...cy rule ensures that a traffic flow gets the requested treatment in the network 22 1 1 Wha t You Ca n Do Use the Polic y Rule screen Section 22 2 on page 194 to enable the policy and display the activ...

Страница 195: ...oses Classifier s This field displays the active classifier s you configure in the Cla ssifie r screen Select the classifier s to which this policy rule applies To select more than one classifier pres...

Страница 196: ...rop the packets Policy 2 applies to Class 2 and the action is to enable bandwidth limitation the Switch will discard the packets immediately If Policy 1 applies to Class 1 and the action is to forward...

Страница 197: ...to limit bandwidth on a traffic flow classified using the Example classifier refer to Section 21 5 on page 192 Figure 142 Policy Example Delete Click De le te to remove the selected entry from the su...

Страница 198: ...smitted first When that queue empties traffic on the next highest priority queue Q6 is transmitted until Q6 empties and then traffic is transmitted on Q5 and so on If higher priority queues never empt...

Страница 199: ...rather than a fixed amount of bandwidth WRR is activated only when a port has more traffic than it can handle Queues with larger weights get more service than queues with smaller weights This queuing...

Страница 200: ...field Queues with larger weights get more guaranteed bandwidth than queues with smaller weights Weighted Round Robin Scheduling services queues on a rotating basis based on their queue weight the numb...

Страница 201: ...reen Section 24 3 1 on page 206 to enable IGMP snooping to forward group multicast traffic only to ports that are members of that group Use the IPv6 Multic ast Status screen Section 24 4 on page 211 t...

Страница 202: ...VLANs that IGMP snooping should be performed on This is referred to as fixed mode In fixed mode the Switch does not learn multicast group membership of any VLANs other than those explicitly added as...

Страница 203: ...ain in the group MVR Ove rvie w Multicast VLAN Registration MVR is designed for applications such as Media on Demand MoD that use multicast traffic across an Ethernet ring based service provider netwo...

Страница 204: ...lowing figure shows a multicast television example where a subscriber device such as a computer in VLAN 1 receives multicast traffic from the streaming media server S via the Switch Multiple subscribe...

Страница 205: ...e d Applic ation Multic a st IPv4 Multic ast to display the screen as shown This screen shows the IPv4 multicast group information See Section 24 1 on page 201 for more information on multicasting Fig...

Страница 206: ...Multicast IPv4 Multicast L ABEL DESCRIPT ION Index This is the index number of the entry VID This field displays the multicast VLAN ID Port This field displays the port number that belongs to the mult...

Страница 207: ...nd then make adjustments on a port by port basis Changes in this row are copied to all the ports as soon as you make them Immed Leave Select this option to set the Switch to remove this port from the...

Страница 208: ...fault to prohibit the port from joining any multicast group You can create IGMP filtering profiles in the Multic a st IPv4 Multic a st IGMP Snooping IGMP Filte ring Profile screen IGMP Querier Mode Th...

Страница 209: ...changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile mem...

Страница 210: ...D This field displays the ID number of the VLAN group Select an entry s check box to select a specific entry Otherwise select the check box in the table heading row to select all entries Delete Check...

Страница 211: ...lticast address range End Address This field displays the end of the multicast address range Delete Profile Select a profile s check box to select a specific profile Otherwise select the check box in...

Страница 212: ...ced Application Multicast IPv6 Multicast MLD Snooping proxy L ABEL DESCRIPT ION MLD Snooping proxy Use these settings to configure MLD snooping proxy Active Select Active to enable MLD snooping proxy...

Страница 213: ...ria ble Robustness Variable Enter the number of queries A multicast address entry learned only on an upstream port by snooping is removed from the forwarding table when there is no response to the co...

Страница 214: ...D Snooping proxy Port Role Setting Index This is the index number of the MLD snooping proxy VLAN entry in the table Click on an index number to view more details or change the settings VID This field...

Страница 215: ...ulticast router Otherwise select None if the port is not joining a multicast group or does not belong to this VLAN Leave Mode Select the leave mode for the specified downstream port s in this VLAN Thi...

Страница 216: ...his option to limit the number of multicast groups this port is allowed to join Max Group Num Enter the number of multicast groups this port is allowed to join Once a port is registered in the specifi...

Страница 217: ...specify a different IP multicast address range Start Address Type the starting multicast IPv6 address for a range of multicast IPv6 addresses that you want to belong to the MLD filtering profile End...

Страница 218: ...c VLAN with the same VID when you create a multicast VLAN in this screen To delete the profile s and all the accompanying rules select the profile s that you want to remove then click the De le te but...

Страница 219: ...up to 32 printable ASCII characters for identification purposes Multicast VLAN ID Enter the VLAN ID 1 to 4094 of the multicast VLAN 802 1p Priority Select a priority level 0 7 with which the Switch r...

Страница 220: ...is sent or received on this port Tagging Select this checkbox if you want the port to tag the VLAN ID in all outgoing frames transmitted Add Click this to create a new entry or to update an existing o...

Страница 221: ...cast group Refer to IP Multicast Addresses on page 201 for more information on IP multicast addresses Add Click this to create a new entry This saves your changes to the Switch s run time memory The S...

Страница 222: ...VLAN 1 are able to receive the traffic Figure 159 MVR Configuration Example To configure the MVR settings on the Switch create a multicast VLAN in the MVR screen and set the receiver and source ports...

Страница 223: ...forward the multicast group traffic to the subscribers configure multicast group settings in the Group Configuration screen The following figure shows an example where two IPv4 multicast groups Ne ws...

Страница 224: ...Chapter 24 Multicast GS1920v2 Series User s Guide 224 Figure 162 MVR Group Configuration Example 2 EXAMPLE...

Страница 225: ...Se rve r Se tup screen Section 25 4 on page 228 to configure your TACACS authentication settings Use the AAA Se tup screen Section 25 5 on page 230 to configure authentication authorization and accou...

Страница 226: ...ber of users from a central location The following table describes some key differences between RADIUS and TACACS 25 2 AAA Sc re e ns The AAA screens allow you to enable authentication and authorizati...

Страница 227: ...ts for an authentication request response from the RADIUS server If you are using inde x priority for your authentication and you are using two RADIUS servers then the timeout value is divided between...

Страница 228: ...decimal notation UDP Port The default port of a RADIUS accounting server for accounting is 1813 You need not change this value unless your network administrator instructs you to do so Shared Secret S...

Страница 229: ...its for an authentication request response from the TACACS server If you are using inde x priority for your authentication and you are using two TACACS servers then the timeout value is divided betwee...

Страница 230: ...l notation TCP Port The default port of a TACACS accounting server is 49 You need not change this value unless your network administrator instructs you to do so Shared Secret Specify a password up to...

Страница 231: ...ent access privilege level assigned via the external server Dot1x Allow an IEEE 802 1x client to have different bandwidth limit or VLAN ID assigned via the external server Active Select this to activa...

Страница 232: ...ng you want to modify Ve ndor data A value you want to assign to the setting Note Refer to the documentation that comes with your RADIUS server on how to configure VSAs for users authenticating via th...

Страница 233: ...for authentication This section lists the attributes used by authentication functions on the Switch In cases where the attribute has a specific format associated with it the format is specified Table...

Страница 234: ...s User Name The format of the User Name attribute is e nab where is the privilege level 1 14 User Password NAS Identifier NAS IP Address 25 6 3 2 Attribute s Use d to L ogin Use rs User Name User Pass...

Страница 235: ...Guard Static Binding screen Section 26 4 on page 237 to manage static bindings for DHCP snooping and ARP inspection Use the DHCP Snooping screen Section 26 5 on page 239 to look at various statistics...

Страница 236: ...Know The Switch builds the binding table by snooping DHCP packets dynamic bindings and from information provided manually by administrators static bindings IP source guard consists of the following fe...

Страница 237: ...C address and VLAN ID as an existing static binding the new static binding replaces the original one To open this screen click Advanc e d Applic ation IP Sourc e Guard IPv4 Sourc e Guard Se tup Static...

Страница 238: ...ct this and enter the number of the port s separated by a comma ARP entries learned on the specified port s are added to the static bindings table after you click ARP Fre e ze VL AN L ist Select this...

Страница 239: ...id Type This field displays how the Switch learned the binding sta tic This binding was learned from information provided manually by an administrator VLAN This field displays the source VLAN ID in th...

Страница 240: ...rce Guard Setup DHCP Snooping L ABEL DESCRIPT ION Database Status This section displays the current settings for the DHCP snooping database You can configure them in the DHCP Snooping Config ure scree...

Страница 241: ...mber of times the Switch successfully or unsuccessfully read or updated the DHCP snooping database Total attempts This field displays the number of times the Switch has tried to access the DHCP snoopi...

Страница 242: ...red Unsupported vlans This field displays the number of bindings the Switch ignored because the VLAN ID does not exist anymore Last ignored time This field displays the last time the Switch ignored an...

Страница 243: ...HCP requests from different VLAN Select Disa ble if you do not want the Switch to forward DHCP packets to a specific VLAN Database If T ime out inte rva l is greater than Write de la y inte rva l it i...

Страница 244: ...u want the Switch to load it You can use this to load dynamic bindings from a different DHCP snooping database than the one specified in Ag e nt URL When the Switch loads dynamic bindings from a DHCP...

Страница 245: ...a trusted port T ruste d or an untrusted port Untruste d Trusted ports are connected to DHCP servers or other switches and the Switch discards DHCP packets from trusted ports only if the rate at which...

Страница 246: ...This field displays the VLAN ID of each VLAN in the range specified above If you configure the VLAN the settings are applied to all VLANs Enabled Select Ye s to enable DHCP snooping on the VLAN You st...

Страница 247: ...nfig ure screen see Section 26 6 on page 242 The profile you select here has priority over the one you select in the DHCP Snooping Config ure VL AN screen Add Click this to create a new entry or to up...

Страница 248: ...l number for each MAC address filter MAC Address This field displays the source MAC address in the MAC address filter VID This field displays the source VLAN ID in the MAC address filter Port This fie...

Страница 249: ...Ns you want to look at in the section below Enabled VLAN Select this to look at all the VLANs on which ARP inspection is enabled in the section below Selected VLAN Select this to look at all the VLANs...

Страница 250: ...acket Sender IP This field displays the source IP address of the ARP packet Num Pkts This field displays the number of ARP packets that were consolidated into this log message The Switch consolidates...

Страница 251: ...fic VLAN and specify trusted ports Filter Aging Time Filter aging time This setting has no effect on existing MAC address filters Enter how long 1 2147483647 seconds the MAC address filter remains in...

Страница 252: ...syslog server The relationship between Syslog rate and L og inte rva l is illustrated in the following examples 4 invalid ARP packets per second Syslog ra te is 5 L og inte rva l is 1 the Switch sends...

Страница 253: ...Switch discards ARP packets on untrusted ports in the following situations The sender s information in the ARP packet does not match any of the current bindings The rate at which ARP packets arrive is...

Страница 254: ...elow Apply Click this to display the specified range of VLANs in the section below VID This field displays the VLAN ID of each VLAN in the range specified above If you configure the VLAN the settings...

Страница 255: ...gs The rate at which DHCP packets arrive is too high 26 11 1 2 DHCP Snooping Database The Switch stores the binding table in volatile memory If the Switch restarts it loads static bindings from perman...

Страница 256: ...each source VLAN This setting is independent of the DHCP relay settings Chapter 37 on page 323 26 11 1 4 Configuring DHCP Snooping Follow these steps to configure DHCP snooping on the Switch 1 Enable...

Страница 257: ...rt for ARP inspection This setting is independent of the trusted untrusted setting for DHCP snooping You can also specify the maximum rate at which the Switch receives ARP packets on untrusted ports T...

Страница 258: ...Wha t You Ca n Do Use the L oop Guard screen Section 27 2 on page 260 to enable loop guard on the Switch and in specific ports 27 1 2 Wha t You Ne e d to Know Loop guard is designed to handle loop pro...

Страница 259: ...guard enabled port N on switch A sending a probe packet P to switch B Since switch B is in loop state the probe packet P returns to port N on A The Switch then shuts down port N to ensure that the re...

Страница 260: ...nal log messages as well as SNMP traps when it shuts down a port via the loop guard feature Port This field displays the port number Settings in this row apply to all ports Use this row only if you wa...

Страница 261: ...he Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel...

Страница 262: ...used on the service provider s edge devices L2PT allows edge switches 1 and 2 in the following figure to tunnel layer 2 STP Spanning Tree Protocol CDP Cisco Discovery Protocol and VTP VLAN Trunking Pr...

Страница 263: ...c e ss port is an ingress port on the service provider s edge device 1 or 2 in Figure 190 on page 263 and connected to a customer switch A or B Incoming layer 2 protocol packets received on an access...

Страница 264: ...exist in the address table of a switch on the service provider s network Note All the edge switches in the service provider s network should be set to use the same MAC address for encapsulation Port...

Страница 265: ...e the Switch send UDLD packets to a peer s port it connected to monitor the physical status of a link Mode Select Ac c e ss to have the Switch encapsulate the incoming layer 2 protocol packets and for...

Страница 266: ...he PPPoE Intermediate Agent on the Switch Use the PPPoE IA Pe r Port screen Section 29 3 1 on page 270 to set the port state and configure PPPoE intermediate agent sub options on a per port basis Use...

Страница 267: ...ds the user defined identifier string and variables into the Agent Circuit ID Sub option The variables can be the slot ID of the PPPoE client the port number of the PPPoE client and or the VLAN ID on...

Страница 268: ...on a trusted port the Switch forwards it to other trusted port s Note The Switch will drop all PPPoE discovery packets if you enable the PPPoE intermediate agent and there are no trusted ports Untrust...

Страница 269: ...or for a specific VLAN on a port in the Adva nc e d Applic a tion PPPoE Inte rme dia te Ag e nt Port VL AN screen has priority over this That means if you also want to configure PPPoE IA Per Port or P...

Страница 270: ...describes the labels in this screen Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the...

Страница 271: ...packets which are sent from a PPPoE server but received on an untrusted port Circuit id Enter a string of up to 63 ASCII characters that the Switch adds into the Agent Circuit ID sub option for PPPoE...

Страница 272: ...This field displays the VLAN ID of each VLAN in the range specified above If you configure the VLAN the settings are applied to all VLANs Use this row to make the setting the same for all VLANs Use th...

Страница 273: ...ettings are applied to all VLANs Use this row to make the setting the same for all VLANs Use this row first and then make adjustments on a VLAN by VLAN basis Changes in this row are copied to all the...

Страница 274: ...ures such as loop guard or CPU protection allow the Switch to shut down a port or discard specific packets on a port when an error is detected on the port For example if the Switch detects that packet...

Страница 275: ...Status in the Advanc e d Applic ation Errdisable screen to display the screen as shown Table 124 Advanced Application Errdisable L ABEL DESCRIPT ION Errdisable Status Click this link to view whether...

Страница 276: ...port on which you want to configure Errdisable Status Cause This displays the type of the control packet received on the port or the feature enabled on the port and causing the Switch to take the spec...

Страница 277: ...e c t screen Figure 199 Advanced Application Errdisable CPU protection Status This field displays the errdisable status Forwa rding The Switch is forwarding packets Rate limitation mode is always in F...

Страница 278: ...oon as you make them Rate Limit pkt s Enter a number from 0 to 256 to specify how many control packets this port can receive or transmit per second 0 means no rate limit You can configure the action t...

Страница 279: ...loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Ca n...

Страница 280: ...loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Ca...

Страница 281: ...ds other ports in this VLAN to the isolated port list and blocks traffic between the isolated ports A promiscuous port can communicate with any port in the same VLAN An isolated port can communicate w...

Страница 282: ...le below and save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes t...

Страница 283: ...e sent a WAKE signal is sent to the link partner to return the link to active mode Auto Powe r Down Auto Powe r Down turns off almost all functions of the port s physical layer functions when the link...

Страница 284: ...e same for all ports Use this row first and then make adjustments to each port if necessary Changes in this row are copied to all the ports as soon as you make them EEE Select this to activate Energy...

Страница 285: ...nits in the form of TLV Type Length Value Device information carried in the received LLDPDUs is stored in the standard MIB The Switch supports these basic management TLVs End of LLDPDU mandatory Chass...

Страница 286: ...s and easy trouble shooting for misconfigured IP addresses There are three classes of endpoint devices that the LLDP MED supports Class I IP Communications Controllers or other communication related s...

Страница 287: ...vanced Application LLDP The following table describes the labels in this screen Table 131 Advanced Application LLDP L ABEL DESCRIPT ION LLDP LLDP Local Status Click here to show a screen with the Swit...

Страница 288: ...LLDP MED LLDP MED Configuration Click here to show a screen to configure LLDP MED Link Layer Discovery Protocol for Media Endpoint Devices parameters LLDP MED Network Policy Click here to show a scree...

Страница 289: ...Syste m Ca pa bilitie s Supporte d Bridge Syste m Ca pa bilitie s Ena ble d Bridge Management Address TLV The Management Address TLV identifies an address associated with the local LLDP agent that may...

Страница 290: ...Chapter 33 Link Layer Discovery Protocol LLDP GS1920v2 Series User s Guide 290 Figure 209 Advanced Application LLDP LLDP Local Status LLDP Local Port Status Detail...

Страница 291: ...es not support auto negotiation AN Ena ble d The current auto negotiation status of the port AN Adve rtise d Ca pa bility The auto negotiation capabilities of the port Ope r MAU T ype The current Medi...

Страница 292: ...EL IN Emergency Location Identifier Number Table 133 Advanced Application LLDP LLDP Local Status LLDP Local Port Status Detail L ABEL DESCRIPT ION Table 134 Advanced Application LLDP LLDP Remote Stat...

Страница 293: ...next Figure 211 Advanced Application LLDP LLDP Remote Status LLDP Remote Port Status Detail Basic TLV The following table describes the labels in Basic TLV part of the screen Table 135 Advanced Appli...

Страница 294: ...This displays the remote port description System Name TLV This displays the system name of the remote device System Description TLV This displays the system description of the remote device System Ca...

Страница 295: ...lication LLDP LLDP Remote Status LLDP Remote Port Status Detail Dot1 and Dot3 TLV L ABEL DESCRIPT ION Dot1 TLV Port VLAN ID TLV This displays the VLAN ID of this port on the remote device Port Protoco...

Страница 296: ...gotiation capabilities of the port Ope r MAU T ype The current Medium Attachment Unit MAU type of the port Link Aggregation TLV The Link Aggregation TLV indicates whether the link is capable of being...

Страница 297: ...Chapter 33 Link Layer Discovery Protocol LLDP GS1920v2 Series User s Guide 297 Figure 213 Advanced Application LLDP LLDP Remote Status LLDP Remote Port Status Detail MED TLV...

Страница 298: ...a te ba se L CI latitude and longitude coordinates of the Location Configuration Information LCI Civic L CI IETF Geopriv Civic Address based Location Configuration Information EL IN Emergency Location...

Страница 299: ...mit Hold Enter the time to live TTL multiplier of LLDP frames The device information on the neighboring devices ages out and is discarded when its corresponding TTL expires The TTL value is to multipl...

Страница 300: ...eption is allowed on this port Disable not allowed Tx Only transmit only Rx Only receive only Tx Rx transmit and receive Notification Select whether LLDP notification is enabled on this port Apply Cli...

Страница 301: ...the sending of System Description TLVs on the port s System Name Select the check box es to enable or to disable the sending of System Name TLVs on the port s Apply Click Apply to save your changes t...

Страница 302: ...the port s All check boxes in this column are enabled by default Max Frame Size Select the check box es to enable or disable the sending of IEEE 802 3 Max Frame Size TLVs on the port s Power Via MDI...

Страница 303: ...etting the same for all ports Use this row first and then make adjustments to each port if necessary Changes in this row are copied to all the ports as soon as you make them Notification Topology Chan...

Страница 304: ...hrough 63 with the 0 representing use of the default DSCP value Priority Enter the priority value for the network policy Add Click Add after finish entering the network policy information A summary ta...

Страница 305: ...Location Coordinates The LLDP MED uses geographical coordinates and Civic Address to set the location information of the remote device Geographical based coordinates includes latitude longitude altitu...

Страница 306: ...ber Enter a numerical digit string corresponding to the ELIN identifier which is used during emergency call setup to a traditional CAMA or ISDN trunk based PSAP The valid length is from 10 to 25 chara...

Страница 307: ...lect a specific entry Otherwise select the check box in the table heading row to select all entries Delete Check the locations that you want to remove then click the De le te button Cancel Click Ca nc...

Страница 308: ...t network connection problems The Switch supports the following IEEE 802 3ah features Discovery this identifies the devices on each end of the Ethernet link and their OAM configuration Remote Loopback...

Страница 309: ...ch Mode This field displays the operational state of the port when OAM is enabled on the port Ac tive Allows the port to issue and respond to Ethernet OAM commands Pa ssive Allows the port to respond...

Страница 310: ...e following table describes the labels in this screen Table 145 Advanced Application OAM Status OAM Details L ABEL DESCRIPT ION Discovery This section displays OAM configuration details and operationa...

Страница 311: ...are sent in event notification PDUs and indicate when the number of errors in a given interval time number of frames number of symbols or number of errored frame seconds exceeds a specified threshold...

Страница 312: ...ernet device that is connected to the Switch Vendor oui This field displays the Organizationally Unique Identifiers OUI representing the vendor of the IEEE 802 3ah enabled remote Ethernet device that...

Страница 313: ...AMPDU Rx This field displays the number of unsupported OAM PDUs received on the port Table 145 Advanced Application OAM Status OAM Details continued L ABEL DESCRIPT ION Table 146 Advanced Application...

Страница 314: ...ore Rx Select this check box to set the Switch to process loopback commands received on the port Otherwise clear the check box to have the Switch ignore loopback commands received on the port Apply Cl...

Страница 315: ...ends loopback control PDUs to initiate or terminate a remote loopack test Start Click Sta rt to initiate a remote loopback test from the specified port by sending Enable Loopback Control PDUs to the r...

Страница 316: ...ending SNMP traps or using ping to test IP connectivity This figure shows a T e lne t session coming in from network N1 The Switch sends reply traffic to default gateway R1 which routes it back to the...

Страница 317: ...L DESCRIPT ION Active This field allows you to activate deactivate this static route Name Enter a descriptive name up to 10 printable ASCII characters for identification purposes Destination IP Addres...

Страница 318: ...s field displays the index number of the route Click a number to edit the static route entry Active This field displays Ye s when the static route is activated and NO when it is deactivated Name This...

Страница 319: ...Do Use the DiffSe rv screen Section 36 2 on page 320 to activate DiffServ to apply marking rules or IEEE 802 1p priority mapping on the Switch Use the DSCP Se tting screen Section 36 3 1 on page 322...

Страница 320: ...ed marking rules A network administrator can then apply various traffic policies to the traffic flows An example traffic policy is to give higher drop precedence to one traffic flow over others In our...

Страница 321: ...e index number of a port on the switch Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings...

Страница 322: ...apping DSCP VALUE 0 7 8 15 16 23 24 31 32 39 40 47 48 55 56 63 IEEE 802 1p 0 1 2 3 4 5 6 7 Table 151 IP Application DiffServ DSCP Setting L ABEL DESCRIPT ION 0 63 This is the DSCP classification ident...

Страница 323: ...ed on the VLAN domain of the DHCPv4 clients Use the DHCPv6 Re lay screen Section 37 5 on page 333 to enable and configure DHCPv6 relay 37 1 2 Wha t You Ne e d to Know Read on for concepts on DHCP that...

Страница 324: ...on the Switch if the DHCP clients and the DHCP server are not in the same broadcast domain During the initial IP address leasing the Switch helps to relay network information such as the IP address a...

Страница 325: ...is option You can change the Syste m Name in Basic Se ttings Ge ne ra l Se tup The following describes the DHCP relay agent information that the Switch sends to the DHCP server 37 4 1 1 DHCPv4 Re lay...

Страница 326: ...157 IP Application DHCP DHCPv4 Option 82 Profile L ABEL DESCRIPT ION Name Enter a descriptive name for the profile for identification purposes You can use up to 32 ASCII characters Spaces are allowed...

Страница 327: ...e This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to th...

Страница 328: ...off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Canc e l to begin configuring this scree...

Страница 329: ...AN ID Cancel Click this to reset the values above based on the last selected entry or if not applicable to clear the fields above Clear Click Cle a r to reset the fields to the factory defaults Index...

Страница 330: ...the Switch See Section 5 1 3 on page 58 for information on how to do this Figure 238 IP Application DHCP DHCPv4 VLAN The following table describes the labels in this screen EXAMPLE Table 160 IP Appli...

Страница 331: ...the VLAN group to which this DHCP settings apply Type This field displays Re la y for the DHCP mode DHCP Status For DHCP server configuration this field displays the starting IP address and the size...

Страница 332: ...sting one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your change...

Страница 333: ...tion and the interface ID option to the Relay Forward DHCPv6 messages The remote ID option carries a user defined string such as the system name The interface ID option provides slot number port infor...

Страница 334: ...ves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non vola...

Страница 335: ...adcasts the request to all the devices on the LAN The Switch fills in its own MAC and IP address in the sender address fields and puts the known IP address of the target in the target IP address field...

Страница 336: ...ous ARP A gratuitous ARP is an ARP request in which both the source and destination IP address fields are set to the IP address of the device that sends this request and the destination MAC address fi...

Страница 337: ...and ICMP reply 38 2 ARP Se tup Click IP Applic a tion ARP Se tup in the navigation panel to display the screen as shown Click the link next to ARP L e arning to open a screen where you can set the ARP...

Страница 338: ...arning Mode Select the ARP learning mode the Switch uses on the port Select ARP Re ply to have the Switch update the ARP table only with the ARP replies to the ARP requests sent by the Switch Select G...

Страница 339: ...firmware Use the Re store Config ura tion screen Section 39 4 on page 343 to upload a stored device configuration file Use the Bac kup Configuration screen Section 39 5 on page 344 to save your confi...

Страница 340: ...Configuration Click Clic k He re to reset the configuration to the Zyxel default configuration settings Save Configuration Click Config 1 to save the current configuration settings to Config ura tion...

Страница 341: ...l unsaved changes are erased after you reboot the Switch 39 2 3 Re boot Syste m Re boot Syste m allows you to restart the Switch without physically turning the power off It also allows you to load con...

Страница 342: ...Switch You should see V2 x in the Hardware Ve rsion field The integer 2 identifies the GS1920v2 Series See Section 7 2 on page 68 for more information about the Hardware Ve rsion field Go to the Zyxe...

Страница 343: ...a re 1 shows its version number and model code and MM DD YYYY creation date Firmwa re 2 shows its version number and model code and MM DD YYYY creation date Current Boot Image This displays which firm...

Страница 344: ...dialog box pops up asking whether you want to open or save the file click Save or Save File to download it to the default downloads folder on your computer If a Save As screen displays after you click...

Страница 345: ...he Mbuf log report is stored in flash permanent memory For example Mbuf 50 means a log will be created when the Mbuf utilization is over 50 The higher the Mbuf threshold number the fewer logs will be...

Страница 346: ...file firmware bin to the Switch ftp get config config cfg This is a sample FTP session saving the current configuration to a file called config cfg on your computer If your T FTP client does not allo...

Страница 347: ...ion on filename conventions 7 Enter quit to exit the ftp prompt 39 7 4 GUI ba se d FT P Clie nts The following table describes some of the commands that you may see in GUI based FTP clients 39 7 5 FT...

Страница 348: ...ach SNMP manager Use the Use r Information screen Section 40 3 3 on page 352 to create SNMP users for authentication with managers using SNMP v3 and associate them to SNMP groups Use the L ogins scree...

Страница 349: ...253 Management Access Control SNMP Table 169 Management Access Control L ABEL DESCRIPT ION SNMP Click this link to configure your SNMP settings Logins Click this link to assign which users can access...

Страница 350: ...r the Se t Community which is the password for incoming Set requests from the management station The Se t Community string is only used by SNMP managers using SNMP version 2c or lower Trap Community E...

Страница 351: ...h sends to that SNMP manager Type Select the categories of SNMP traps that the Switch is to send to the SNMP manager Options Select the individual SNMP traps that the Switch is to send to the SNMP sta...

Страница 352: ...same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Changes in this row are copied to all the ports as soon as you make them Active Selec...

Страница 353: ...ich SNMP group this user is a dmin Members of this group can perform all types of system configuration including the management of administrator accounts re a dwrite Members of this group have read an...

Страница 354: ...age me nt Ac c e ss Control L ogins to view the screen as shown Figure 257 Management Access Control Logins The following table describes the labels in this screen Table 174 Management Access Control...

Страница 355: ...login accounts SNMP user accounts the authentication method sequence and authorization settings multiple logins and administrator and enable passwords and display configuration information Users can...

Страница 356: ...e port by typing the new port number in the Se rvic e Port field If you change the default port number then you will have to let people who wish to use the service know the new port number for that se...

Страница 357: ...nt L ABEL DESCRIPT ION Entry This is the client set index number A client set is a group of one or more trusted computers from which an administrator may use a service to manage the Switch Active Sele...

Страница 358: ...ement SNMP managers can be required to authenticate with agents before conducting SNMP management sessions Security can be further enhanced by encrypting the SNMP messages sent from the managers Encry...

Страница 359: ...rap is sent when the usage power is above the usage indication threshold pethMainPowerUsageOffNo tification 1 3 6 1 2 1 105 0 3 This trap is sent when the usage power is below the usage indication thr...

Страница 360: ...iled 1 3 6 1 2 1 80 0 2 This trap is sent when a ping test consisting of a series of ping probes fails pingTestCompleted 1 3 6 1 2 1 80 0 3 This trap is sent when a ping test is completed traceroute t...

Страница 361: ...yption Method Once the identification is verified both the client and server must agree on the type of encryption method to use 3 Authentication and Data Transmission After the identification is verif...

Страница 362: ...itch must always authenticate itself to the SSL client the computer which requests the HTTPS connection with the Switch whereas the SSL client only should authenticate itself when the SSL server requi...

Страница 363: ...access is blocked Figure 264 Security Alert Dialog Box Internet Explorer 6 Inte rne t Explore r 7 or 8 When you attempt to access the Switch HTTPS server a screen with the message There is a problem w...

Страница 364: ...n screen instructions to install the certificate in your browser Figure 267 Certificate Internet Explorer 7 or 8 Mozilla Fire fox Warning Me ssage s When you attempt to access the Switch HTTPS server...

Страница 365: ...eries User s Guide 365 Figure 268 Security Alert Mozilla Firefox Confirm the HTTPS server URL matches Click Confirm Se c urity Exc e ption to proceed to the web configurator login screen Figure 269 Se...

Страница 366: ...e case click Advanc e d and then Proc e e d to x x x x unsafe to proceed to the web configurator login screen Figure 270 Security Alert Google Chrome 58 0 3029 110 40 7 4 1 T he Main Sc re e n After y...

Страница 367: ...Chapter 40 Access Control GS1920v2 Series User s Guide 367 Figure 271 Example Lock Denoting a Secure Connection EXAMPLE...

Страница 368: ...the Diagnostic screen You can use this screen to help you identify problems 41 2 Diagnostic Click Manage me nt Diagnostic in the navigation panel to open this screen Use this screen to ping IP address...

Страница 369: ...the Switch perform the traceroute function This determines the path a packet takes to the specified device TTL Enter the Time To Live TTL value for the ICMP Echo Request packets This is to set the ma...

Страница 370: ...to show the cable length Distance to fault This displays the distance between the port and the location where the cable is open or shorted This shows N A if the Pa ir sta tus is Ok This shows Unsuppo...

Страница 371: ...g reaches the maximum number of log messages new log messages automatically overwrite existing log messages starting with the oldest existing log message first Figure 273 Management System Log The sum...

Страница 372: ...g severity levels 43 1 1 Wha t You Ca n Do Use the Syslog Se tup screen Section 43 2 on page 372 to configure the device s system logging settings and configure a list of external syslog servers 43 2...

Страница 373: ...tation of your syslog program for more details Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save...

Страница 374: ...ex This is the index number of a syslog server entry Click this number to edit the entry Active This field displays Ye s if the device is to send logs to the syslog server No displays if the device is...

Страница 375: ...the other switches on the upper floors of the building are cluster members Figure 275 Clustering Application Example 44 1 1 Wha t You Ca n Do Use the Cluste r Manage me nt screen Section 44 2 on page...

Страница 376: ...not via the cluster manager None neither a manager nor a member of a cluster Manager This field displays the cluster manager switch s hardware MAC address The Number of Member This field displays the...

Страница 377: ...mber is later set to become a cluster manager then its Sta tus is displayed as Error in the Cluste rMa na g e me nt Sta tus screen and a warning icon appears in the member summary list below Name Type...

Страница 378: ...r changes the web configurator password afterwards then it cannot be managed from the Cluste r Ma na g e r Its Sta tus is displayed as Error in the Cluste r Ma na g e me nt Sta tus screen If multiple...

Страница 379: ...gure 278 Cluster Management Cluster Member Web Configurator Screen 44 4 1 1 Uploading Firmware to a Cluste r Me mbe r Switc h You can use FTP to upload firmware to a cluster member switch through the...

Страница 380: ...ftp 297 bytes received in 0 00Seconds 297000 00Kbytes sec ftp bin 200 Type I OK ftp put 430AAHW0 bin fw 00 a0 c5 01 23 46 200 Port command okay 150 Opening data connection for STOR fw 00 a0 c5 01 23 4...

Страница 381: ...hether the MAC address is dynamic or static 45 1 2 Wha t You Ne e d to Know The Switch uses the MAC table to determine how to forward frames See the following figure 1 The Switch examines a received f...

Страница 382: ...82 Figure 280 MAC Table Flowchart 45 2 Vie wing the MAC T able Use this screen to check whether the MAC address is dynamic or static Click Manage me nt MAC T able in the navigation panel to display th...

Страница 383: ...data according to port number Transfer Type Select Dyna mic to MAC forwa rding and click the T ra nsfe r button to change all dynamically learned MAC address entries in the summary table below into s...

Страница 384: ...if it finds the address it sends it to the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The Switch fills in its own MAC and IP address in th...

Страница 385: ...you specified Cancel Click Ca nc e l to return the fields to the factory defaults Index This is the ARP table entry number IP Address This is the IP address of a device connected to a Switch port with...

Страница 386: ...able Use this screen to view IPv6 path MTU information on the Switch Click Manage me nt Path MT U T able in the navigation panel to display the screen as shown Figure 283 Management Path MTU Table The...

Страница 387: ...w This chapter shows you how you can copy the settings of one port onto other ports 48 2 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination...

Страница 388: ...Chapter 48 Configure Clone GS1920v2 Series User s Guide 388 Figure 284 Management Configure Clone...

Страница 389: ...that ports 2 4 and 6 are the destination ports 2 6 indicates that ports 2 through 6 are the destination ports Basic Setting Select which port settings you configured in the Ba sic Se tting menus shou...

Страница 390: ...ind an entry in the neighbor table or the state for the neighbor is not reachable it starts the address resolution process This helps reduce the number of IPv6 solicitation and advertisement messages...

Страница 391: ...o determine reachability probe P The Switch is sending request packets and waiting for the neighbor s response invalid IV The neighbor address is with an invalid IPv6 address unknown The status of the...

Страница 392: ...tatus to see the following screen Figure 286 Port Status for PoE model s The following table describes the labels in this screen Table 195 Port Status L ABEL DESCRIPT ION Port This identifies the Ethe...

Страница 393: ...ered device PD is allowed to receive power from the Switch on this port LACP This fields displays whether LACP Link Aggregation Control Protocol has been enabled on the port TxPkts This field shows th...

Страница 394: ...nfo Port NO This field displays the port number you are viewing Name This field displays the name of the port Link This field displays the speed either 10M for 10Mbps 100M for 100Mbps 1000M for 1000Mb...

Страница 395: ...f good broadcast packets transmitted Pause This field shows the number of 802 3x Pause packets transmitted Rx Packet The following fields display detailed information about packets received Unicast Th...

Страница 396: ...27 This field shows the number of packets including bad packets received that were between 65 and 127 octets in length 128 255 This field shows the number of packets including bad packets received tha...

Страница 397: ...the cable type Coppe r or Fibe r for the combo ports This field displays Down if the port is not connected to any device Tx kB s This field shows the transmission speed of data sent on this port in ki...

Страница 398: ...itch 2 Make sure the power adaptor or cord is connected to the Switch and plugged in to an appropriate power source Make sure the power source is turned on 3 Disconnect and re connect the power adapto...

Страница 399: ...username is admin and the default password is 1234 2 If this does not work you have to reset the device to its factory defaults See Section 4 6 on page 54 I cannot see or access the L og in screen in...

Страница 400: ...witch 4 If this does not work you have to reset the device to its factory defaults See Section 4 6 on page 54 Pop up Windows JavaScripts and Java Permissions In order to use the web configurator you n...

Страница 401: ...e web configurator to save the configuration permanently See also Section 39 2 2 on page 341 for more information about how to save your configuration I accidentally unplugged the Switch I m not sure...

Страница 402: ...st information Please have the following information ready when you contact an office Re quire d Information Product model and serial number Warranty Information Date that you received your device Bri...

Страница 403: ...om pk Philippine s Zyxel Philippines http www zyxel com ph Singapore Zyxel Singapore Pte Ltd http www zyxel com sg T aiwan Zyxel Communications Corporation http www zyxel com tw zh T hailand Zyxel Tha...

Страница 404: ...Re public Zyxel Communications Czech s r o http www zyxel cz De nmark Zyxel Communications A S http www zyxel dk Estonia Zyxel Estonia http www zyxel com ee et Finland Zyxel Communications http www z...

Страница 405: ...nelux http www zyxel nl Norwa y Zyxel Communications http www zyxel no Poland Zyxel Communications Poland http www zyxel pl Romania Zyxel Romania http www zyxel com ro ro Russia Zyxel Russia http www...

Страница 406: ...ine http www ua zyxel com L atin Ame ric a Arge ntina Zyxel Communication Corporation http www zyxel com ec es Bra zil Zyxel Communications Brasil Ltda https www zyxel com br pt Ec uador Zyxel Communi...

Страница 407: ...r s Guide 407 North Ame ric a USA Zyxel Communications Inc North America Headquarters http www zyxel com us en Oc e ania Australia Zyxel Communications Corporation http www zyxel com au en Afric a Sou...

Страница 408: ...situations in which this service is used Table 198 Commonly Used Services NAME PROT OCOL PORT S DESCRIPT ION AH IPSEC_TUNNEL User Defined 51 The IPSEC AH Authentication Header tunneling protocol uses...

Страница 409: ...t sends out ICMP echo requests to test whether or not a remote host is reachable POP3 TCP 110 Post Office Protocol version 3 lets a client computer get e mail from a POP3 server through a temporary co...

Страница 410: ...UDP 49 Login Host Protocol used for Terminal Access Controller Access Control System TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments...

Страница 411: ...a2f 0015 2001 db8 1a2f 0 0 15 or 2001 db8 0 0 1a2f 15 Pre fix and Pre fix L e ngth Similar to an IPv4 subnet mask IPv6 uses an address prefix to represent the network address An IPv6 prefix length spe...

Страница 412: ...llowing table describes some of the predefined multicast addresses The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group Table 200 Prede...

Страница 413: ...uely and automatically generated Unlike DHCPv6 Dynamic Host Configuration Protocol version six which is used in IPv6 stateful autoconfiguration the owner and status of addresses don t need to be maint...

Страница 414: ...ble server S2 For an IA_TA the client may send a Renew or Rebind message at the client s discretion DHCP Re lay Age nt A DHCP relay agent is on the same network as the DHCP clients and helps forward m...

Страница 415: ...tes its IPv6 caches constantly using the information from response messages In IPv6 the Switch configures a link local address automatically and then sends a neighbor solicitation message to check if...

Страница 416: ...for IP address assignment you have to additionally install a DHCPv6 client software on your Windows XP Note If you use static IP addresses or Router Advertisement for IPv6 address assignment in your n...

Страница 417: ...le Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer To enable IPv6 in Windows 7 1 Select Control Pane l Ne twork and Sh...

Страница 418: ...ck your dynamic IPv6 address This example shows a global address 2001 b021 2d 1000 obtained from a DHCP server C ipconfig Windows IP Configuration Ethernet adapter Local Area Connection Connection spe...

Страница 419: ...ct to the following two conditions 1 This device may not cause harmful interference 2 This device must accept any interference received including interference that may cause undesired operations Chang...

Страница 420: ...n incorrect type dispose of used batteries according to the instruction Dispose them at the applicable collection point for the recycling of electrical and electronic device For detailed information a...

Страница 421: ...l ll velo a un punto limpio Cuando llegue el momento de desechar el producto la recogida por separado ste y o su bater a ayudar a salvar los recursos naturales y a proteger la salud humana y medioambi...

Страница 422: ...not apply if the product has been modified misused tampered with damaged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the...

Страница 423: ...ks 335 learning mode 335 overview 335 setup 337 ARP Address Resolution Protocol 384 ARP inspection 236 256 ARP Reply 335 ARP Request 336 authentication setup 230 authentication authorization and accou...

Страница 424: ...nt port 123 CPU protection 274 current date 80 current time 80 customer support 402 D daylight saving time 81 default Ethernet settings 36 default IP 83 DHCP configuration options 323 Dynamic Host Con...

Страница 425: ...ng 133 rules 133 filtering database MAC table 381 firmware 78 upgrade 342 379 flow control back pressure 87 IEEE802 3x 87 forwarding delay 148 frames tagged 115 untagged 115 front panel 35 FTP 346 fil...

Страница 426: ...y Protocol 411 neighbor table 390 ping 411 prefix 411 prefix length 411 stateless autoconfiguration 413 unspecified address 412 IPv6 interface 93 DHCPv6 client 102 enable 98 global address 99 global u...

Страница 427: ...ng 382 MAC based VLAN 121 maintanence configuration backup 344 firmware 342 restoring configuration 343 maintenance 339 current configuration 340 main screen 340 Management Information Base MIB 358 ma...

Страница 428: ...me schedule 183 Operations Administration and Maintenance 308 Option 82 325 P PAGP 265 password 52 administrator 47 354 Path MTU 386 Path MTU Discovery 386 Per Hop Behavior 319 PHB 319 ping test conne...

Страница 429: ...118 and IEEE 802 1Q tagging 118 application example 118 configuration example 125 isolate traffic 118 priority 119 setup 119 un tagged packets 118 PVID 108 Q QoS 319 and classifier 185 Quality of Serv...

Страница 430: ...c bindings 236 static MAC address 127 static MAC forwarding 127 static multicast address 129 static multicast forwarding 129 static route enable 317 metric 318 static routes 316 static VLAN 112 contro...

Страница 431: ...g 255 PPPoE IA 268 user name 45 default 45 user profiles 226 V Vendor Specific Attribute See VSA 232 ventilation holes 29 VID 111 number of possible VIDs 108 priority frame 108 VID VLAN Identifier 108...

Страница 432: ...55 home 48 login 44 logout 54 navigation panel 49 weight queuing 199 Weighted Round Robin Scheduling WRR 199 WRR Weighted Round Robin Scheduling 198 Z ZDP 70 ZON neighbor management 75 ZON Utility 70...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды