NS3500-28T-4S User Manual P/N 1072835 • REV 00.01 • ISS 14JUL14
10 1. INTRODUCTION Thank you for purchasing NS3500-28P-4S -- 28-Port 10/100/1000Mbps with 4 Shared SFP Managed Gigabit Switch, NS3500-28T-4S. “Manag
100 4.4.2 LAG Management This page is used to configure the LAG management. The LAG Management screens in Figure 4-4-4 & Figure 4-4-5 appear. F
101 Figure 4-4-5 LAG Management Information Page Screenshot The page includes the following fields: Object Description LAG The LAG for the sett
102 4.4.3 LAG Port Setting This page allows setting configuration for per LAG. The LAG Port setting screens in Figure 4-4-6 & Figure 4-4-7 appea
103 Current Rx column indicates whether pause frames on the port are obeyed. Current Tx column indicates whether pause frames on the port are transmi
104 4.4.4 LACP Setting This page is used to configure the LACP system priority setting. The LACP Setting screens in Figure 4-4-8 & Figure 4-4-9 a
105 4.4.5 LACP Port Setting This page is used to configure the LACP port setting. The LACP Port Setting screen in Figure 4-4-10 & Figure 4-4-11
106 Figure 4-4-11 LACP Port Information Page Screenshot The page includes the following fields: Object Description Port Name The switch port nu
107 The page includes the following fields: Object Description LAG Display the current trunk entry. Name Display the current LAG name. Typ
108 “DSTRBT” means distributing state Receive LACP receive state machine status of the port. “INIT” means the port is in initialize state
109 4.5 VLAN 4.5.1 VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the p
11 1.2 Product description The NS3500-28T-4S is a 28-Port 10/100/1000Mbps with 4 Shared SFP Managed Gigabit Switch specially designed to build a ful
110 1. No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLAN without a net
111 VLANs help to simplify network management by allowing you to move devices to a new VLAN without having to change any physical connections. VLANs
112 0x8100, the packet carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following two octets and consists of 3 bits of user priority,
113 Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the switch. If no VLAN are defined on the switc
114 VLAN-tagged frames can pass through VLAN-aware or VLAN-unaware network interconnection devices, but the VLAN tags should be stripped off before
115 Buttons : Click to apply changes. Figure 4-5-2 Management VLAN State Page Screenshot The page includes the following fields: Object Descri
116 The page includes the following fields: Object Description VLAN List Indicates the ID of this particular VLAN. VLAN Action This column all
117 IEEE 802.1Q Tagged and Untagged Every port on an 802.1Q compliant switch can be configured as tagged or untagged. Tagged: Ports with taggi
118 The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge, aggregating traffic from nume
119 Object Description Port Select Select port number for this drop down list to set VLAN port setting. Interface VLAN Mode Set the port in ac
12 Form-factor Pluggable) fiber transceiver and then to backbone switch and monitoring center over a long distance. The distance can be extended from
120 Figure 4-5-6 Edit Interface Setting Page Screenshot The page includes the following fields: Object Description Port The switch port number
121 4.5.6 Port to VLAN Use the VLAN Static Table to configure port members for the selected VLAN index. This Page allows for adding and deleting po
122 the port will be untagged, that is, not carry a tag and therefore not carry VLAN or CoS information. Note that an interface must be assigned to a
123 4.5.8 Protocol VLAN Group Setting The network devices required to support multiple protocols cannot be easily grouped into a common VLAN. This m
124 The page includes the following fields: Object Description Group ID Protocol Group ID assigned to the Special Protocol VLAN Group. Frame T
125 4.5.9 Protocol VLAN Port Setting This Page allows you to map a already configured Group Name to a VLAN/port for the switch. The Protocol VLAN Por
126 VLAN ID Display the current VLAN ID Delete Click to delete the group ID entry. 4.5.10 GVRP Setting GARP VLAN Registration Protocol (GV
127 Figure 4-5-13 GVRP Global Setting Page Screenshot The page includes the following fields: Object Description GVRP Controls whether GVRP is
128 Buttons : Click to apply changes. Figure 4-5-14 GVRP Global Setting Page Screenshot The page includes the following fields: Object Descriptio
129 The page includes the following fields: Object Description Port Select Select port for this drop down list to assign protocol VLAN port.
13 1.4 Product Features Physical Ports 28-Port 10/100/1000Base-T Gigabit RJ-45 copper 4 100/1000Base-X mini-GBIC/SFP slots, shared with Port-
130 Object Description Port The switch port number of the logical port. Enable Status Display the current GVRP port staste. Registration Mo
131 Figure 4-5-18 GVRP Port Statistics Page Screenshot The page includes the following fields: Object Description Port The switch port number o
132 Figure 4-5-19 GVRP Port Error Statistics Page Screenshot The page includes the following fields: Object Description Port The switch port num
133 Figure 4-5-20 Two Separate VLAN Diagrams VLAN Group VID Untagged Members Tagged Members VLAN Group 1 1 Port-7~Port-8 N/A VLAN Group 2 2
134 Tagged packet entering VLAN 2 1. While [PC-3] transmit a tagged packet with VLAN Tag=2 enters Port-3, [PC-1] and [PC-2] will received the pac
135 3. Assign Tagged/Untagged for each port: VLAN ID = 2: Port-1 & 2 = Untagged, Port-3 = Tagged, Port -4~6 = Excluded. VLAN ID = 3: P
136 4.5.14.2 VLAN Trunking between two 802.1Q aware switch The most cases are used for “Uplink” to other switches. VLANs are separated at differe
137 1. Create VLAN Group 2 and 3 Add VLAN group 2 and group 3 2. Assign VLAN mode and PVID for each port: Port-1,Port-2 and Port-3 : VLAN Mode
138 Port -7 = Excluded. VLAN ID = 2: Port-1 & 2 = Untagged, Port-3 & 7 = Tagged, Port -4~6 = Excluded. VLAN ID = 3: Port-4 & 5
139 4.6 Spanning Tree Protocol 4.6.1 Theory The Spanning Tree Protocol can be used to detect and disable network loops, and to provide backup links
14 Quality of Service Ingress / Egress Rate Limit per port bandwidth control Storm Control support Broadcast / Unknown-Unicast / Unknown
140 The path cost to the root associated with each switch port The port identifier STP communicates between switches on the network using Brid
141 after a topology change. Each port on a switch using STP exists is in one of the following five states: Blocking – the port is blocked from fo
142 You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the bloc
143 blocking state. The following are the user-configurable STP parameters for the port or port group level: Variable Description Default Value Po
144 become the Root Bridge. If it turns out that your Switch has the lowest Bridge Identifier, it will become the Root Bridge. Forward Delay Timer –
145 Figure 4-6-2 Before Applying the STA Rules In this example, only the default STP values are used.
146 Figure 4-6-3 After Applying the STA Rules The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were select
147 4.6.2 STP Global Settings This page allows you to configure STP system settings. The settings are used by all STP Bridge instances in the Switch.
148 Force Version The STP protocol version setting. Valid values are STP-Compatible, RSTP-Operation and MSTP-Operation. Configuration Name Iden
149 4.6.3 STP Port Setting This page allows you to configure per port STP settings. The STP Port Setting screens in Figure 4-6-6 & Figure 4-6-7
15 Management IPv4 and IPv6 dual stack management Switch Management Interface - Web switch management - Telnet Command Line Interface
150 (This applies to physical ports only. Aggregations are always forced Point2Point). Migrate If at any time the switch detects STP BPDUs, includ
151 Port Type Link Type IEEE 802.1w-2001 Ethernet Half Duplex Full Duplex Trunk 2,000,000 1,000,000 500,000 Fast Ethernet Half Duplex Fu
152 4.6.4 CIST Instance Setting This Page allows you to configure CIST instance settings. The CIST Instance Setting and Information screens in Figur
153 Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge. Valid values are in the range 6 to 40 seconds
154 Max Age Display the current Max. age. Tx Hold Count Display the current Tx hold count. Hello Time Display the current hello time.
155 4.6.5 CIST Port Setting This page allows you to configure per port CIST priority and cost. The CIST Port Setting and Status screens in Figure 4-6
156 Figure 4-6-11 CIST Port Status Page Screenshot The page includes the following fields: Object Description Port The switch port number of th
157 Edge Port Conf/Oper Display the current edge port conf/oper P2P MAC Conf/Oper Display the current P2P MAC conf/oper Port Role Display th
158 Figure 4-6-13 MSTI Instance Setting Information Page Screenshot The page includes the following fields: Object Description MSTI Display the
159 Regional Root Bridge Display the current designated root bridge. Internal Root Cost Display the current internal root cost. Designated B
16 1.5 Product Specifications Product NS3500-28T-4S Hardware Specifications Copper Ports 28 10/ 100/1000Base-T RJ-45 Auto-MDI/MDI-X ports SFP/mi
160 4.6.7 MST Port Setting This page allows the user to inspect the current STP MSTI port configurations, and possibly change them as well. A MSTI po
161 : Click to apply changes. Figure 4-6-16 MST Port Status Page Screenshot The page includes the following fields: Object Description MSTI ID
162 4.6.8 STP Statistics This page displays STP statistics. The STP statistics screen in Figure 4-6-17 appears. Figure 4-6-17 STP Statistics Page Sc
163 4.7 Multicast This section has the following items: Properties Configures multicast properties. IGMP Snooping Configures IGMP snooping sett
164 : Click to apply changes. Figure 4-7-2 Properties Information Page Screenshot The page includes the following fields: Object Description U
165 network or not. The router can check, using IGMP, to see if there is at least one member of a multicast group on a given subnet work. If there ar
166 Figure 4-7-4 Multicast Flooding
167 Figure 4-7-5 IGMP Snooping Multicast Stream Control IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP pro
168 The IGMP Type codes are shown below: Type Meaning 0x11 Membership Query (if Group Address is 0.0.0.0) 0x11 Specific Group Membership Query (if Gr
169 Figure 4-7-6 IGMP State Transitions IGMP Querier – A router, or multicast-enabled switch, can periodically ask their hosts if they want to
17 Voice VLAN Protocol VLAN Private VLAN (Protected port) GVRP Link Aggregation IEEE 802.3ad LACP and static trunk Supports 8 groups of 8-port trunk
170 Figure 4-7-7 IGMP Snooping Page Screenshot The page includes the following fields: Object Description IGMP Snooping Status Enable or disabl
171 Object Description IGMP Snooping Status Dipaly the current IGMP snooping status. IGMP Snooping Version Display the current IGMP snooping v
172 4.7.2.2 IGMP Querier Setting This page provides IGMP Querier Setting. The IGMP Querier Setting screens in Figure 4-7-10 & Figure 4-7-11 appea
173 The page includes the following fields: Object Description VLAN ID Display the current VLAN ID. Querier State Display the current querier
174 The page includes the following fields: Object Description VLAN ID Select VLAN ID for this drop down list. Group IP Address The IP address
175 4.7.2.4 IGMP Group Table This page provides Multicast Database. The IGMP Group Table screen in Figure 4-7-14 appears. Figure 4-7-14 IGMP Group
176 Figure 4-7-15 Add Router Port Page Screenshot The page includes the following fields: Object Description VLAN ID Selects the VLAN to propag
177 Forbidden Ports Display the current forbidden ports Modify Click to edit parameter. Click to delete the group ID entry. 4.7.2.6 IGMP
178 Port Mask Display the current port mask. Figure 4-7-19 Forbidden Router Table Page Screenshot The page includes the following fields: Objec
179 VLAN ID Select VLAN ID for this drop down list to assign IGMP membership. Port The switch port number of the logical port. Select IGMP memb
18 RFC 1493 Bridge MIB Standards Conformance Regulation Compliance FCC Part 15 Class A, CE Standards Compliance IEEE 802.3 10Base-T IEEE 802.
180 The page includes the following fields: Object Description Total RX Display current total RX Valid RX Display current valid RX Invalid
181 4.7.4 MLD Snooping 4.7.4.1 MLD Setting This page provides MLD Snooping related configuration. Most of the settings are global, whereas the Router
182 Figure 4-7-22 MLD Snooping information Page Screenshot The page includes the following fields: Object Description MLD Snooping Status Displ
183 Query Interval (sec.) Display the current query interval. Query Max Response Interval (sec.) Display the current query max response interva
184 Figure 4-7-25 MLD Static Groups Page Screenshot The page includes the following fields: Object Description VLAN ID Display the current VLA
185 Type Member types displayed include Static or Dynamic, depending on selected options. Life(Sec) Display the current life. 4.7.4.4 MLD Rou
186 : Click to add MLD router port entry. Figure 4-7-28 Router Port Status Page Screenshot The page includes the following fields: Object Descrip
187 Port Display the current dynamic router ports Expiry Time (Sec) Display the current expiry time Figure 4-7-30 Static Router Table Page Sc
188 Figure 4-7-32 Forward All Setting Page Screenshot The page includes the following fields: Object Description VLAN ID Select VLAN ID for thi
189 4.7.5 MLD Snooping Statics This page provides MLD Snooping Statics. The MLD Snooping Statics screen in Figure 4-7-33 appears. Figure 4-7-33 Forw
19 2. INSTALLATION This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For easier manag
190 Special Group Query RX Display current special group query RX Special Group & Source Query RX Display current special group & sourc
191 4.7.6 Multicast Throttling Setting Multicast throttling sets a maximum number of multicast groups that a port can join at the same time. When the
192 Buttons : Click to apply changes. Figure 4-7-35 IGMP Port Max Groups Information Page Screenshot The page includes the following fields: Objec
193 access mode. Command Usage Each profile has only one access mode; either permit or deny. When the access mode is set to permit, multic
194 - Deny When the access mode is set to, multicast join reports are only processed when the multicast group is not in the controlled range. Button
195 Figure 4-7-38 Filter Setting Page Screenshot The page includes the following fields: Object Description Port Select Select port number for
196 4.7.7.3 MLD Filter Setting The Filter Setting and Status screens in Figure 4-7-40 & Figure 4-7-41 appear. Figure 4-7-40 Filter Setting Page
197 Action Click to display detail profile parameter. Click to delete the MLD filter profile entry. 4.8 Quality of Service 4.8.1 Underst
198 The QoS page of the Managed Switch contains three types of QoS mode - the 802.1p mode, DSCP mode or Port-base mode can be selected. Both the thr
199 Figure 4-8-2 QoS Information Page Screenshot The page includes the following fields: Object Description QoS Mode Display the current QoS mo
2 Copyright © 2014 United Technologies Corporation Interlogix is part of UTC Building & Industrial Systems, Inc. a unit of United Technologies C
20 The console port is a RJ-45 port connector. It is an interface for connecting a terminal directly. Through the console port, it provides rich diag
200 Remark IP Precedence Disable or enable remark IP Precedence Buttons : Click to apply changes. Figure 4-8-3 QoS Port Status Page Screenshot
201 Figure 4-8-4 Queue Table Page Screenshot The page includes the following fields: Object Description Queue Display the current queue ID.
202 Figure 4-8-5 Queue Information Page Screenshot The page includes the following fields: Object Description Information Name Display the curr
203 : Click to apply changes. Figure 4-8-7 CoS Mapping Page Screenshot The page includes the following fields: Object Description CoS Display
204 4.8.2.5 DSCP Mapping The DSCP to Queue and Queue to DSCP Mapping screens in Figure 4-8-8 & Figure 4-8-9 appear. Figure 4-8-8 DSCP to Queue
205 Figure 4-8-9 DSCP Mapping Page Screenshot The page includes the following fields: Object Description DSCP Display the current CoS value
206 4.8.2.6 IP Precedence Mapping The IP Precedence to Queue and Queue to IP Precedence Mapping screens in Figure 4-8-10 & Figure 4-8-11 appear.
207 Figure 4-8-11 IP Precedence Mapping Page Screenshot The page includes the following fields: Object Description IP Precedence Display the cu
208 4.8.3 QoS Basic Mode 4.8.3.1 Global Settings The Basic Mode Global Settings and QoS Information screen in Figure 4-8-12 & Figu
209 Figure 4-8-13 QoS Information Page Screenshot The page includes the following fields: Object Description Trust Mode Display the current QoS
21 System LED Color Function PWR Green Lights to indicate that the Switch has power. SYS Green Lights to indicate the system is working. Blink
210 Buttons : Click to apply changes. Figure 4-8-15 QoS Port Status Page Screenshot The page includes the following fields: Object Description
211 4.8.4.1 Ingress Bandwidth Control This page provides to select the ingress bandwidth preamble. The Ingress Bandwidth Control Setting and Status s
212 The page includes the following fields: Object Description Port The switch port number of the logical port. Ingress Rate Limit (Kbps) Dis
213 Buttons : Click to apply changes. Figure 4-8-19 Egress Bandwidth Control Status Page Screenshot The page includes the following fields: Objec
214 4.8.4.3 Egress Queue The Egress Queue Badwidth Control Settings and Status screens in Figure 4-8-20 & Figure 4-8-21 appear. Figure 4-8-20 Eg
215 The page includes the following fields: Object Description Queue ID Display the current queue ID Rate Limit (Kbps) Display the current ra
216 Before connecting the IP device to the switch, the IP phone should configure the voice VLAN ID correctly. It should be configured through its own
217 The allowed range is 1 to 4095. Remark CoS/802.1p Select 802.1p value for this drop down list. 1p remark Enable or disable 802.1p remark.
218 4.8.5.3 Telephony OUI MAC Setting Configure VOICE VLAN OUI table on this Page. The Telephony OUI MAC Setting screens in Figure 4-8-24 & Figur
219 The page includes the following fields: Object Description OUI Address Display the current OUI address Description Display the current des
22 AC Power Receptacle For compatibility with electric service in most areas of the world, the Managed Switch’s power supply automatically adjusts
220 Figure 4-8-27 Voice VLAN Port State Page Screenshot The page includes the following fields: Object Description Port The switch port number
221 DoS Strom Control 4.9.1 802.1X Overview of 802.1X (Port-based) Authentication In the 802.1X-world, the user is called the supplicant, the
222 LAN. Until the client is authenticated, 802.1X access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through th
223 Authentication server—performs the actual authentication of the client. The authentication server validates the identity of the client and no
224 When the client supplies its identity, the switch begins its role as the intermediary, passing EAP frames between the client and the authenticat
225 initiates the authentication process by sending the EAPOL-start frame. When no response is received, the client sends the request for a fixed num
226 Buttons : Click to apply changes. Figure 4-9-4 802.1X Information Page Screenshot The page includes the following fields: Object Description
227 Figure 4-9-5 802.1X Port Setting Page Screenshot The page includes the following fields: Object Description Port Select port for this drop
228 switch port or if a supplicant is no longer attached. Reauthentication Period Determines the period, in seconds, after which a connected cli
229 The page includes the following fields: Object Description Port The switch port number of the logical port. Mode (pps) Display the current
23 2.2 Installing the Switch This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the fo
230 immediately takes the port out of the Guest VLAN and starts authenticating the supplicant according to the port mode. If an EAPOL frame is receiv
231 Guest VLAN Port Setting When Guest VLAN is both globally enabled and enabled (checked) for a given port, the switch considers moving the port
232 Figure 4-9-9 Authenticated Host Table Page Screenshot The page includes the following fields: Object Description User Name Display the curr
233 a RADIUS server before retransmitting the request. Timeout for Reply Retransmit is the number of times, in the range 1 to 30, a RADIUS request
234 The page includes the following fields: Object Description Server Definition Set the server definition. Server IP Address of the Radius s
235 Buttons : Click to add Radius server setting. Figure 4-9-12 Login Authentication List Page Screenshot The page includes the following fields:
236 Figure 4-9-13 Guest VLAN Setting Page Screenshot The page includes the following fields: Object Description Key String The secret key - up
237 Object Description Server Definition Set the server definition. Server IP Address of the TACACS+ server IP/name. Server Port Network (T
238 Modify Click to edit login authentication list parameter. Click to delete login authentication list entry. 4.9.4 AAA Authentication, aut
239 This guide assumes that RADIUS and TACACS+ servers have already been configured to support AAA. The configuration of RADIUS and TACACS+ server s
24 Connect one end of the power cable to the Managed Switch. Connect the power plug of the power cable to a standard wall outlet. When the Managed Sw
240 The page includes the following fields: Object Description List Name Display the current list name. Method List Display the current method
241 Figure 4-9-20 Login Authentication List Screenshot The page includes the following fields: Object Description List Name Display the current
242 Figure 4-9-21 Telnet Settings Page Screenshot The page includes the following fields: Object Description Telnet Service Disable or enable t
243 Figure 4-9-21 Telnet Information Page Screenshot The page includes the following fields: Object Description Telnet Service Display the curr
244 enabled port security on a port, the port is set-up for software-based learning. In this mode, frames from unknown MAC addresses are passed on to
245 Figure 4-9-24 SSH Information Page Screenshot The page includes the following fields: Object Description SSH Service Display the current SSH
246 Figure 4-9-25 HTTP Settings Page Screenshot The page includes the following fields: Object Description HTTP Service Disable or enable HTTP
247 The page includes the following fields: Object Description HTTP Service Display the current HTTP service. Login Authentication List Displa
248 Figure 4-9-28 HTTPs Information Page Screenshot The page includes the following fields: Object Description HTTPs Service Display the curren
249 The page includes the following fields: Object Description Access Profile Name (1-32 charaters) Indicates the access profile name. Priorit
25 Figure 2-1-6 Mounting Managed Switch in a Rack Step6: Proceeds with Steps 4 and 5 of session 2.2.1 Desktop Installation to connect the network ca
250 Action Display the current action Port Display the current port list Source IPv4 Display the current source IPv4 address Source IPv4
251 The page includes the following fields: Object Description Access Profile Display the current access profile. Delete Click to delete a
252 4.9.7 DHCP Snooping 4.9.7.1 DHCP Snooping Overview The addresses assigned to DHCP clients on unsecure ports can be carefully controlled using the
253 When DHCP snooping is enabled, DHCP messages entering an untrusted interface are filtered based upon dynamic entries learned via DHCP snooping
254 4.9.7.2 Global Setting DHCP Snooping is used to block intruder on the untrusted ports of switch when it tries to intervene by injecting a bogus D
255 The page includes the following fields: Object Description DHCP Snooping Display the current DHCP snooping status
256 4.9.7.3 VLAN Setting Command Usage When DHCP snooping is enabled globally on the switch, and enabled on the specified VLAN, DHCP packet filt
257 Figure 4-9-36 DHCP Snooping VLAN Setting Page Screenshot The page includes the following fields: Object Description VLAN List Display the c
258 Figure 4-9-37 DHCP Snooping Port Setting Page Screenshot The page includes the following fields: Object Description Port Select port for th
259 Object Description Port The switch port number of the logical port. Type Display the current type Chaddr Check Display the current chad
26 Fast Ethernet Transceiver (100Base-X SFP) Gigabit Ethernet Transceiver (1000Base-X SFP) It is recommended to use INTERLOGIX SFP on the Mana
260 Buttons : Click to clear the statistics. : Click to refresh the statistics.
261 4.9.7.6 Database Agent Overview of the DHCP Snooping Database Agent When DHCP snooping is enabled, the switch uses the DHCP snooping binding d
262 The page includes the following fields: Object Description Database Type Select database type. File Name The name of file image. Remot
263 Write Delay Display the current write delay. Timeout Display the current timeout. 4.9.7.7 Rate Limit After enabling DHCP snooping, the sw
264 Figure 4-9-43 DHCP Rate Limit Setting Page Screenshot The page includes the following fields: Object Description Port The switch port numbe
265 The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id" "port_no".
266 The page includes the following fields: Object Description Option82 Remote ID Display the current option82 remite ID. 4.9.7.9 Option82 Port
267 Figure 4-9-47 Option82 Global Setting Page Screenshot The page includes the following fields: Object Description Port The switch port numb
268 The page includes the following fields: Object Description Port Select port for this drop down list. VLAN Indicates the ID of this particu
269 A Dynamic ARP prevents the untrust ARP packets based on the DHCP Snooping Database. 4.9.8.1 Global Setting DAI Setting and Information screens
27 1. Before you connect Managed Switch to the other network device, you have to make sure both sides of the SFP transceivers are with the same m
270 The page includes the following fields: Object Description DAI Display the current DAI status. 4.9.8.2 VLAN Setting DAI VLAN Setting screens
271 The page includes the following fields: Object Description VLAN List Display the current VLAN list. Status Display the current status. 4
272 classified as invalid and are dropped. IP Chk Enable or disable to checks the source and destination IP addresses of ARP packets. The all-zero
273 4.9.8.4 Statistics Configures switch ports as DAI trusted or untrusted and check mode. DAI Port Setting screen in Figure 4-9-56 appears. Figure
274 Buttons : Click to clear the statistics. : Click to refresh the statistics. 4.9.8.5 Rate Limit The ARP Rate Limit Setting and Config screens in
275 Figure 4-9-58 ARP Rate Limit Setting Page Screenshot The page includes the following fields: Object Description Port The switch port number
276 4.9.9.1 Port Settings IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic ba
277 The page includes the following fields: Object Description Port Select port for this drop down list. Status Enable or disable the IP sourc
278 Verify Source Display the current verify source Max Binding Entry Display the current max binding entry. Current Binding Entry Display t
279 The page includes the following fields: Object Description Port Display the current port VLAN ID Display the current VLAN MAC Address
28 Figure 2-1-8 How to Pull Out the SFP Transceiver Never pull out the module without lifting up the lever of the module and turning it to a horiz
280 The page includes the following fields: Object Description Port Select port for this drop down list. Security Enable or disable the port s
281 Figure 4-9-65 Port Security Status Page Screenshot The page includes the following fields: Object Description Port Name The switch port num
282 Figure 4-9-66 Global DoS Setting Page Screenshot
283 The page includes the following fields: Object Description DMAC = SMAC Enable or disable DoS check mode by DMAC = SMAC Land Enable or disa
284 Figure 4-9-67 DoS Information Page Screenshot The page includes the following fields: Object Description DMAC = SMAC Display the current DM
285 TCP SYN-RST Attack Display the current TCP syn-rst attack status TCP Fragment (Offset = 1) Display the TCP fragment (offset = 1) status 4
286 Figure 4-9-68 Port Security Setting Page Screenshot The page includes the following fields: Object Description Port The switch port number
287 The page includes the following fields: Object Description Unit Controls the unit of measure for the storm control rate as "pps" or
288 Figure 4-9-71 Storm Control Setting Page Screenshot The page includes the following fields: Object Description Port Select port for this dr
289 Figure 4-9-72 Storm Control Information Page Screenshot The page includes the following fields: Object Description Port The switch port num
29 3. SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the typ
290 4.10 ACL ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual users
291 Figure 4-10-1 MAC-based ACL Page Screenshot The page includes the following fields: Object Description ACL Name Create a named MAC-based ACL
292 Figure 4-10-3 MAC-based ACE Page Screenshot The page includes the following fields: Object Description ACL Name Select ACL name for this dro
293 this ACE, choose this value. A field for entering a DA MAC value appears. DA MAC Value When "User Defined" is selected for the DA MA
294 Figure 4-10-4 MAC-based ACE Table Page Screenshot The page includes the following fields: Object Description ACL Name Display the current A
295 Figure 4-10-6 appear. Figure 4-10-5 IPv4-based ACL Page Screenshot The page includes the following fields: Object Description ACL Name Crea
296
297 Figure 4-10-7 IP-based ACE Page Screenshot The page includes the following fields: Object Description ACL Name Select ACL name for this drop
298 frame that hits this ACE matches this destination IP address value. Destination IP Wildcard Mask When "User Defined" is selected for
299 to match this entry. Don’t Care: Any value is allowed ("don't-care"). PSH Specify the TCP "Push Function" (PSH) va
3 TABLE OF CONTENTS 1.INTRODUCTION ...
30 3.2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods: A
300 IP Recedence: If you want to filter a specific IP recedence with this ACE, you can enter a specific IP recedence value. A field for entering a
301 The page includes the following fields: Object Description ACL Name Display the current ACL name Sepuence Display the current sequence
302 Figure 4-10-9 IPv6-based ACL Page Screenshot The page includes the following fields: Object Description ACL Name Create a named IPv6-based
303
304 Figure 4-10-11 IP-based ACE Page Screenshot The page includes the following fields: Object Description ACL Name Select ACL name for this dro
305 this destination IP address value. Destination IP Prefix Length When "User Defined" is selected for the destination IP filter, you c
306 to match this entry. Don’t Care: Any value is allowed ("don't-care"). PSH Specify the TCP "Push Function" (PSH) va
307 you can enter a specific IP recedence value. A field for entering a IP recedence value appears. The allowed range is 0 to 7. A frame that hits th
308 Sepuence Display the current sequence Action Display the current action Protocol Display the current protocol Source IP Address Displ
309 4.10.7 ACL Binding This page allows you to bind the Policy content to the appropriate ACLs. The ACL Policy screens in Figure 4-10-13 & Figure
31 3.3 Administration Console The administration console is an internal, character-oriented, and command line user interface for performing system ad
310 IPv6 ACL Display the current IPv6 ACL Modify Click to edit ACL binding table parameter. Click to delete ACL binding entry. 4.11 MAC Add
311 VLAN Select VLAN for this drop down list. Port Select port for this drop down list. Buttons : Click to add new static MAC address. Figure
312 The page includes the following fields: Object Description MAC Address Physical address associated with this interface. VLAN (1~4096) Ind
313 Figure 4-11-5 Dynamic Addresses Setting Page Screenshot The page includes the following fields: Object Description Aging Time The time afte
314 address. The Dynamic Learned screens in Figure 4-11-6 & Figure 4-11-7 appear. Figure 4-11-6 Dynamic Learned Page Screenshot The page includ
315 VLAN The VLAN ID of the entry. Type Indicates whether the entry is a static or dynamic entry. Port The ports that are members of the ent
316 4.12 LLDP 4.12.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring dev
317 Object Description Enable Globally enable or disable LLDP function LLDP PDU Disable Action Set LLDP PDU disable action: include “Filtering
318 (4 * Delay Interval) ≤Transmission Interval LLDP-MED Fast Start Repeat Count Configures the amount of LLDP MED Fast Start LLDPDUs to transmi
319 Holdtime Multiplier Display the current holdtime multiplier Reinitialization Delay Display the current reinitialization delay Transmit D
32 115200 bps 8 data bits No parity 1 stop bit Figure 3-1-2: Terminal Parameter Settings You can change these settings, if desired, after
320 Rx only TxRx Disabled Port Select Select port for this drop down list. Optional TLV Select Configures the information included in
321 Figure 4-12-4 LLDP Port Status Page Screenshot The page includes the following fields: Object Description Port The switch port number of th
322 The page includes the following fields: Object Description Port Select Select port for this drop down list. VLAN Select Select VLAN for th
323 Figure 4-12-7 Local Device Summary Page Screenshot The page includes the following fields: Object Description Chassis ID Subtype Display
324 Figure 4-12-8 Port Status Page Screenshot The page includes the following fields: Object Description Interface The switch port number of the
325 The page includes the following fields: Object Description Local Port Display the current local port Chassis ID Subtype Display the curren
326 given port. The application types specifically addressed are: 1. Voice 2. Guest Voice 3. Softphone Voice 4. Video Conferencing 5. Streaming Video
327 The page includes the following fields: Object Description LLDP MED Policy for Voice Application Set the LLDP MED policy for voice applicatio
328 Video Signaling - for use in network topologies that require a separate policy for the video signaling than for the video media. This application
329 The page includes the following fields: Object Description Network Policy Number Display the current network policy number Application Dis
33 You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location, just as if you were d
330 messages. -Network Policy – This option advertises network policy configuration information, aiding in the discovery and diagnosis of VLAN config
331 Application Display the current application Location Display the current location Inventory Display the current inventory The MED Locat
332 Figure 4-12-15 LLDP MED Port Location Table Page Screenshot The page includes the following fields: Object Description Port The switch port
333 4.12.8 LLDP Overloading The LLDP Port Overloading screen in Figure 4-12-16 appears. Figure 4-12-16 LLDP Port Overloading Table Page Screenshot
334 MED Network Policy Displays if the network policies packets were transmitted or overloaded. MED Extended Power via MDI Displays if the exte
335 : Click to clear the statistics. : Click to refresh the statistics. Figure 4-12-18 LLDP Port Statistics Page Screenshot The page includes the
336 RX TLVs – Unrecognized The number of well-formed TLVs, but with an unknown type value. RX Ageout - Total The number of organizationally TLV
337 4.13.1 Cable Diagnistics The Cable Diagnostics performs tests on copper cables. These functions have the ability to identify the cable length and
338 The Copper test and test result screens in Figure 4-13-1 & Figure 4-13-2 appear. Figure 4-13-1 Copper Test Page Screenshot The page include
339 4.13.2 Ping The ping and IPv6 ping allow you to issue ICMP PING packets to troubleshoot IP connectivity issues. The Managed Switch transmits ICMP
34 4. WEB CONFIGURATION This section introduces the configuration and functions of the Web-based management. About Web-based Management The Managed
340 The page includes the following fields: Object Description IP Address The destination IP Address. Count Number of echo requests to send.
341 Figure 4-13-4 ICMPv6 Ping Page Screenshot The page includes the following fields: Object Description IP Address The destination IPv6 Addres
342 4.14 RMON RMON is the most important expansion of the standard SNMP. RMON is a set of MIB definitions, used to define standard network monitor fu
343 Figure 4-14-1: RMON Statistics Detail Page Screenshot The Page includes the following fields: Object Description Port Select port for this d
344 CRC/Alignment Errors The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 a
345 Figure 4-14-2: RMON Event Configuration Page Screenshot The Page includes the following fields: Object Description Select Index Select inde
346 Buttons : Click to apply changes. Figure 4-14-3: RMON Event Status Page Screenshot The Page includes the following fields: Object Descripti
347 4.14.3 RMON Event Log This Page provides an overview of RMON Event Log. The RMON Event Log Table screen in Figure 4-14-4 appears. Figure 4-14-4:
348 4.14.4 RMON Alarm Configure RMON Alarm table on this Page. The RMON Alarm screens in Figure 4-14-5 & Figure 4-14-6 appear. Figure 4-14-5: R
349 Includes FCS, but excludes framing bits. Pkts: The total number of frames (bad, broadcast and multicast) received and transmitted. Broadcas
35 factory-default IP Address as following: http://192.168.0.100 2. When the following login screen appears, please enter the default username
350 specified range (excluding framing bits but including FCS octets). Pkts512to1023Octets: The total number of frames (including bad packets) rec
351 The Page includes the following fields: Object Description Index Indicates the index of Alarm control entry. Sample Port Display the curre
352 The Page includes the following fields: Object Description Select Index Select index for this drop down list to create the new index or modi
353 4.14.6 RMON History Log This Page provides a detail of RMON history entries; screen in Figure 4-14-9 appears. Figure 4-14-9: RMON History Stat
354 Figure 4-15-1 Factory Default Page Screenshot After the “Factory” button is pressed and rebooted, the system will load the default IP settings
355 4.15.3 Backup Manager This function allows backup of the current image or configuration of the Managed Switch to the local management station. T
356 Figure 4-15-4 Upgrade Manager Page Screenshot The page includes the following fields: Object Description Upgrade Method Select upgrade meth
357 5. SWITCH OPERATION 5.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is
358 incoming and outgoing packet are stored in a routing table. This information is subsequently used to filter packets whose destination address is
359 6. TROUBLESHOOTING This chapter contains information to help you solve your issue. If the Managed Switch is not functioning properly, make sure t
36 interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides. It is recom
360 Solution: 1. AC power cord not inserted or faulty 2. Check whether the AC power cord is inserted correctly 3. Replace the power cord if the co
361 APPENDIX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI MDI-X 1 BI_DA+ BI_DB+ 2 BI_DA- BI_DB- 3 BI_DB+ BI_DA+ 4 BI_
362 3 Rx + (receive) Tx + (transmit) 4, 5 Not used 6 Rx - (receive) Tx - (transmit) 7, 8 Not used The standard cable, RJ-45 pin assignment T
363 SIDE 1 1234567812345678 SIDE 2 1 = White / Orange 2 = Orange 3 = White / Green 4 = Blue 5 = White / Blue 6 = Green 7 = White / Brown 8 = Brown 1
37 4.1 Main Web Page The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access t
38 Main Menu Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or monitor ne
39 4-1-6 appears. Figure 4-1-6 Save Button screenshot The page includes the following fields: Object Description Save Configuration to FLASH Cl
4 4.2.5.1SystemTime...
40 up configuration file, which is called configuration save. To prevent illicit file upload and easier configuration, switch mandates the name of ru
41 3. Press the “Apply” button to save running configuration to startup configuration.
42 4.2 System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the following topic
43 System Contact Display the current system contact MAC Address The MAC Address of this Managed Switch. IP Address The IP Address of this M
44 The page includes the following fields: Object Description Mode Indicates the IP address mode operation. Possible modes are: Static: Enable
45 Object Description DHCP State Display the current DHCP state. IP Address Display the current IP address. Subnet Mask Display the current
46 representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It also used a following legally IPv4 address. For example,
47 IPv6 In Use Router Display the current in-use gateway IPv6 Static Address Display the current IPv6 static address IPv6 Static Router Disp
48 4.2.4 User Configuration This page provides an overview of the current users and privilege type. Currently the only way to login as another user o
49 The page includes the following fields: Object Description Username Display the current username. Password Type Display the current passwor
5 4.5.1VLANOverview ...
50 The page includes the following fields: Object Description Enable SNTP Enabled: Enable SNTP mode operation. When enable SNTP mode operation,
51 Day - Select the starting day. Month - Select the starting month. Hours - Select the starting hour. Minutes - Select the startin
52 Daylight Saving Time Offset Display the current daylight saving time offset state. From Display the current daylight saving time from. To
53 The page includes the following fields: Object Description SNTP Server Address Display the current SNTP server address. Server Port Displa
54 4.2.6 Log Management The Managed Switch log management is provided here. The local logs allow you to configure and limit system messages that are
55 : Click to apply changes. Figure 4-2-13 Logging Information Page Screenshot The page includes the following fields: Object Description Logg
56 Severity The severity of the local log entry. The following severity types are supported: emerg: Emergency level of the system unusable for
57 The Remote Syslog screens in Figure 4-2-16 & Figure 4-2-17 appear. Figure 4-2-16 Remote Log Target Page Screenshot The page includes the
58 notice: Notice level of the normal but significant conditions for local log. info: Informational level of the informational messages for loc
59 The page includes the following fields: Object Description Target The target of the log view entry. The following target types are support
6 4.7.4MLDSnooping...
60 The page includes the following fields: Object Description Target Display the current log target. Severity Display the current log se
61 4.2.7 SNMP Management 4.2.7.1 SNMP Overview The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the ex
62 4.2.7.2 SNMP System Information Configure SNMP setting on this page. The SNMP System global setting screens in Figure 4-2-21 & Figure 4-2-22 a
63 4.2.7.3 SNMP View Configure SNMPv3 view table on this page. The entry index keys are View Name and OID Subtree. The SNMPv3 View Table Setting scre
64 Figure 4-2-24 SNMP View Table Status Page Screenshot The page includes the following fields: Object Description View Name Display the curre
65 Object Description Group Name A string identifying the group name that this entry should belong to. The allowed string length is 1 to 16.
66 The page includes the following fields: Object Description Group Name Display the current SNMP access group name Security Model Display the
67 4.2.7.5 SNMP Community Configure SNMP Community on this page. The SNMP Community screens in Figure 4-2-27 & Figure 4-2-28 appear. Figure 4-
68 Figure 4-2-28 Community Status Page Screenshot The page includes the following fields: Object Description Community Name Display the current
69 should belong to. Privilege Mode Indicates the security model that this entry should belong to. Possible security models are: NoAuth: None
7 4.9.1.2802.1XSetting ...
70 Figure 4-2-30 SNMPv3 Users Status Page Screenshot The page includes the following fields: Object Description User Name Display the current u
71 The page includes the following fields: Object Description Server Address Indicates the SNMP trap destination address. It allows a valid IP ad
72 UDP Port Display the current UDP port. Time Out Display the current time out. Retries Display the current retry times. Action : Delete
73 : Click to add a new SNMPv3 host entry. Figure 4-2-34 SNMPv3 Host Status Page Screenshot The page includes the following fields: Object Descrip
74 Object Description Engine ID An octet string identifying the engine ID that this entry should belong to. The string must contain an even numbe
75 The page includes the following fields: Object Description Remote IP Address Indicates the SNMP remote engine ID address. It allows a valid IP
76 4.3 Port Management Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items: Port Confi
77 Port Select Select port number for this drop down list. Enabled Indicates the port state operation. Possible state are: Enabled - Start up
78 Figure 4-3-2 Port Status Page Screenshot The page includes the following fields: Object Description Port This is the logical port number for
79 4.3.2 Port Counters This page provides an overview of traffic and trunk statistics for all switch ports. The Port Statistics screens in Figure 4
8 4.9.9.2BindingTable...
80 Figure 4-3-4 Interface Counters Page Screenshot Object Description Received Octets The total number of octets received on the interface, incl
81 Figure 4-3-5 Ethernet link Counters Page Screenshot Object Description Alignment Errors The number of alignment errors (miss synchronized d
82 Symbol Errors The number of received and transmitted symbol errors. Control In Unknown Opcodes The number of received control unknown opcode
83 address. Note that this does not include multicast packets. Multicast Packets The total number of good frames received that were directed to th
84 4.3.3 Bandwidth Utilization The Bandwidth Utilization page displays the percentage of the total available bandwidth being used on the ports. Bandw
85 4.3.4 Port Mirroring Configure port Mirroring on this page. This function provide to monitoring network traffic that forwards a copy of each incom
86 Figure 4-3-9 Port Mirroring Settings Page Screenshot The page includes the following fields: Object Description Session ID Set the port mirr
87 Figure 4-3-10 Mirroring Status Page Screenshot The page includes the following fields: Object Description Session ID Display the session ID.
88 Buttons : Click to apply changes. Figure 4-3-12 Jumbo Frame Information Page Screenshot The page includes the following fields: Object Descrip
89 The page includes the following fields: Object Description Recovery Interval The period (in seconds) for which a port will be kept disabled
9 4.14RMON ...
90 Figure 4-3-14 Error Disabled Information Page Screenshot The page includes the following fields: Object Description Recovery Interval Displa
91 appears. Figure 4-3-15 Port Error Disable Page Screenshot The displayed counters are: Object Description Port Name Display the port for erro
92 For protected port group to be applied, the Managed switch must first be configured for standard VLAN operation. Ports in a protected port group
93 The port settings relate to the currently unit, as reflected by the page header. The Port Isolation Configuration screens in Figure 4-3-16 &
94 The page includes the following fields: Object Description Protected Ports Display the current protected ports. Unprotected Ports Display
95 The page includes the following fields: Object Description Port Select port number for this drop down list. Enable Enable or disable t
96 4.4 Link Aggregation Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Groups (LAGs). Po
97 Figure 4-4-1 Link Aggregation The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partn
98 None of the ports in a link aggregation can be configured as a mirror source port or a mirror target port. All of the ports in a link aggreg
99 4.4.1 LAG Setting This page allows configuring load balance algorithm configuration settings. The LAG Setting screens in Figure 4-4-2 & Figure
Comments to this Manuals