Interlogix NS3500-28T-4S User Manual User Manual

NS3500-28T-4S User Manual P/N 1072835 • REV 00.01 • ISS 14JUL14

10 1. INTRODUCTION Thank you for purchasing NS3500-28P-4S -- 28-Port 10/100/1000Mbps with 4 Shared SFP Managed Gigabit Switch, NS3500-28T-4S. “Manag

100 4.4.2 LAG Management This page is used to configure the LAG management. The LAG Management screens in Figure 4-4-4 & Figure 4-4-5 appear. F

101 Figure 4-4-5 LAG Management Information Page Screenshot The page includes the following fields: Object Description  LAG The LAG for the sett

102 4.4.3 LAG Port Setting This page allows setting configuration for per LAG. The LAG Port setting screens in Figure 4-4-6 & Figure 4-4-7 appea

103 Current Rx column indicates whether pause frames on the port are obeyed. Current Tx column indicates whether pause frames on the port are transmi

104 4.4.4 LACP Setting This page is used to configure the LACP system priority setting. The LACP Setting screens in Figure 4-4-8 & Figure 4-4-9 a

105 4.4.5 LACP Port Setting This page is used to configure the LACP port setting. The LACP Port Setting screen in Figure 4-4-10 & Figure 4-4-11

106 Figure 4-4-11 LACP Port Information Page Screenshot The page includes the following fields: Object Description  Port Name The switch port nu

107 The page includes the following fields: Object Description  LAG Display the current trunk entry.  Name Display the current LAG name.  Typ

108  “DSTRBT” means distributing state  Receive LACP receive state machine status of the port.  “INIT” means the port is in initialize state 

109 4.5 VLAN 4.5.1 VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the p

11 1.2 Product description The NS3500-28T-4S is a 28-Port 10/100/1000Mbps with 4 Shared SFP Managed Gigabit Switch specially designed to build a ful

110 1. No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLAN without a net

111 VLANs help to simplify network management by allowing you to move devices to a new VLAN without having to change any physical connections. VLANs

112 0x8100, the packet carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following two octets and consists of 3 bits of user priority,

113 Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the switch. If no VLAN are defined on the switc

114 VLAN-tagged frames can pass through VLAN-aware or VLAN-unaware network interconnection devices, but the VLAN tags should be stripped off before

115 Buttons : Click to apply changes. Figure 4-5-2 Management VLAN State Page Screenshot The page includes the following fields: Object Descri

116 The page includes the following fields: Object Description  VLAN List Indicates the ID of this particular VLAN.  VLAN Action This column all

117 IEEE 802.1Q Tagged and Untagged Every port on an 802.1Q compliant switch can be configured as tagged or untagged.  Tagged: Ports with taggi

118 The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge, aggregating traffic from nume

119 Object Description  Port Select Select port number for this drop down list to set VLAN port setting.  Interface VLAN Mode Set the port in ac

12 Form-factor Pluggable) fiber transceiver and then to backbone switch and monitoring center over a long distance. The distance can be extended from

120 Figure 4-5-6 Edit Interface Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port number

121 4.5.6 Port to VLAN Use the VLAN Static Table to configure port members for the selected VLAN index. This Page allows for adding and deleting po

122 the port will be untagged, that is, not carry a tag and therefore not carry VLAN or CoS information. Note that an interface must be assigned to a

123 4.5.8 Protocol VLAN Group Setting The network devices required to support multiple protocols cannot be easily grouped into a common VLAN. This m

124 The page includes the following fields: Object Description  Group ID Protocol Group ID assigned to the Special Protocol VLAN Group.  Frame T

125 4.5.9 Protocol VLAN Port Setting This Page allows you to map a already configured Group Name to a VLAN/port for the switch. The Protocol VLAN Por

126  VLAN ID Display the current VLAN ID  Delete Click to delete the group ID entry. 4.5.10 GVRP Setting GARP VLAN Registration Protocol (GV

127 Figure 4-5-13 GVRP Global Setting Page Screenshot The page includes the following fields: Object Description  GVRP Controls whether GVRP is

128 Buttons : Click to apply changes. Figure 4-5-14 GVRP Global Setting Page Screenshot The page includes the following fields: Object Descriptio

129 The page includes the following fields: Object Description  Port Select Select port for this drop down list to assign protocol VLAN port. 

13 1.4 Product Features Physical Ports 28-Port 10/100/1000Base-T Gigabit RJ-45 copper 4 100/1000Base-X mini-GBIC/SFP slots, shared with Port-

130 Object Description  Port The switch port number of the logical port.  Enable Status Display the current GVRP port staste.  Registration Mo

131 Figure 4-5-18 GVRP Port Statistics Page Screenshot The page includes the following fields: Object Description  Port The switch port number o

132 Figure 4-5-19 GVRP Port Error Statistics Page Screenshot The page includes the following fields: Object Description  Port The switch port num

133 Figure 4-5-20 Two Separate VLAN Diagrams VLAN Group VID Untagged Members Tagged Members VLAN Group 1 1 Port-7~Port-8 N/A VLAN Group 2 2

134  Tagged packet entering VLAN 2 1. While [PC-3] transmit a tagged packet with VLAN Tag=2 enters Port-3, [PC-1] and [PC-2] will received the pac

135 3. Assign Tagged/Untagged for each port: VLAN ID = 2: Port-1 & 2 = Untagged, Port-3 = Tagged, Port -4~6 = Excluded. VLAN ID = 3: P

136 4.5.14.2 VLAN Trunking between two 802.1Q aware switch The most cases are used for “Uplink” to other switches. VLANs are separated at differe

137 1. Create VLAN Group 2 and 3 Add VLAN group 2 and group 3 2. Assign VLAN mode and PVID for each port: Port-1,Port-2 and Port-3 : VLAN Mode

138 Port -7 = Excluded. VLAN ID = 2: Port-1 & 2 = Untagged, Port-3 & 7 = Tagged, Port -4~6 = Excluded. VLAN ID = 3: Port-4 & 5

139 4.6 Spanning Tree Protocol 4.6.1 Theory The Spanning Tree Protocol can be used to detect and disable network loops, and to provide backup links

14 Quality of Service Ingress / Egress Rate Limit per port bandwidth control Storm Control support  Broadcast / Unknown-Unicast / Unknown

140  The path cost to the root associated with each switch port  The port identifier STP communicates between switches on the network using Brid

141 after a topology change. Each port on a switch using STP exists is in one of the following five states:  Blocking – the port is blocked from fo

142 You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the bloc

143 blocking state. The following are the user-configurable STP parameters for the port or port group level: Variable Description Default Value Po

144 become the Root Bridge. If it turns out that your Switch has the lowest Bridge Identifier, it will become the Root Bridge. Forward Delay Timer –

145 Figure 4-6-2 Before Applying the STA Rules In this example, only the default STP values are used.

146 Figure 4-6-3 After Applying the STA Rules The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were select

147 4.6.2 STP Global Settings This page allows you to configure STP system settings. The settings are used by all STP Bridge instances in the Switch.

148  Force Version The STP protocol version setting. Valid values are STP-Compatible, RSTP-Operation and MSTP-Operation.  Configuration Name Iden

149 4.6.3 STP Port Setting This page allows you to configure per port STP settings. The STP Port Setting screens in Figure 4-6-6 & Figure 4-6-7

15 Management IPv4 and IPv6 dual stack management Switch Management Interface - Web switch management - Telnet Command Line Interface

150 (This applies to physical ports only. Aggregations are always forced Point2Point).  Migrate If at any time the switch detects STP BPDUs, includ

151 Port Type Link Type IEEE 802.1w-2001 Ethernet Half Duplex Full Duplex Trunk 2,000,000 1,000,000 500,000 Fast Ethernet Half Duplex Fu

152 4.6.4 CIST Instance Setting This Page allows you to configure CIST instance settings. The CIST Instance Setting and Information screens in Figur

153  Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge. Valid values are in the range 6 to 40 seconds

154  Max Age Display the current Max. age.  Tx Hold Count Display the current Tx hold count.  Hello Time Display the current hello time.

155 4.6.5 CIST Port Setting This page allows you to configure per port CIST priority and cost. The CIST Port Setting and Status screens in Figure 4-6

156 Figure 4-6-11 CIST Port Status Page Screenshot The page includes the following fields: Object Description  Port The switch port number of th

157  Edge Port Conf/Oper Display the current edge port conf/oper  P2P MAC Conf/Oper Display the current P2P MAC conf/oper  Port Role Display th

158 Figure 4-6-13 MSTI Instance Setting Information Page Screenshot The page includes the following fields: Object Description  MSTI Display the

159  Regional Root Bridge Display the current designated root bridge.  Internal Root Cost Display the current internal root cost.  Designated B

16 1.5 Product Specifications Product NS3500-28T-4S Hardware Specifications Copper Ports 28 10/ 100/1000Base-T RJ-45 Auto-MDI/MDI-X ports SFP/mi

160 4.6.7 MST Port Setting This page allows the user to inspect the current STP MSTI port configurations, and possibly change them as well. A MSTI po

161 : Click to apply changes. Figure 4-6-16 MST Port Status Page Screenshot The page includes the following fields: Object Description  MSTI ID

162 4.6.8 STP Statistics This page displays STP statistics. The STP statistics screen in Figure 4-6-17 appears. Figure 4-6-17 STP Statistics Page Sc

163 4.7 Multicast This section has the following items:  Properties Configures multicast properties.  IGMP Snooping Configures IGMP snooping sett

164 : Click to apply changes. Figure 4-7-2 Properties Information Page Screenshot The page includes the following fields: Object Description  U

165 network or not. The router can check, using IGMP, to see if there is at least one member of a multicast group on a given subnet work. If there ar

166 Figure 4-7-4 Multicast Flooding

167 Figure 4-7-5 IGMP Snooping Multicast Stream Control IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP pro

168 The IGMP Type codes are shown below: Type Meaning 0x11 Membership Query (if Group Address is 0.0.0.0) 0x11 Specific Group Membership Query (if Gr

169 Figure 4-7-6 IGMP State Transitions  IGMP Querier – A router, or multicast-enabled switch, can periodically ask their hosts if they want to

17 Voice VLAN Protocol VLAN Private VLAN (Protected port) GVRP Link Aggregation IEEE 802.3ad LACP and static trunk Supports 8 groups of 8-port trunk

170 Figure 4-7-7 IGMP Snooping Page Screenshot The page includes the following fields: Object Description  IGMP Snooping Status Enable or disabl

171 Object Description  IGMP Snooping Status Dipaly the current IGMP snooping status.  IGMP Snooping Version Display the current IGMP snooping v

172 4.7.2.2 IGMP Querier Setting This page provides IGMP Querier Setting. The IGMP Querier Setting screens in Figure 4-7-10 & Figure 4-7-11 appea

173 The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID.  Querier State Display the current querier

174 The page includes the following fields: Object Description  VLAN ID Select VLAN ID for this drop down list.  Group IP Address The IP address

175 4.7.2.4 IGMP Group Table This page provides Multicast Database. The IGMP Group Table screen in Figure 4-7-14 appears. Figure 4-7-14 IGMP Group

176 Figure 4-7-15 Add Router Port Page Screenshot The page includes the following fields: Object Description  VLAN ID Selects the VLAN to propag

177  Forbidden Ports Display the current forbidden ports  Modify Click to edit parameter. Click to delete the group ID entry. 4.7.2.6 IGMP

178  Port Mask Display the current port mask. Figure 4-7-19 Forbidden Router Table Page Screenshot The page includes the following fields: Objec

179  VLAN ID Select VLAN ID for this drop down list to assign IGMP membership.  Port The switch port number of the logical port. Select IGMP memb

18 RFC 1493 Bridge MIB Standards Conformance Regulation Compliance FCC Part 15 Class A, CE Standards Compliance IEEE 802.3 10Base-T IEEE 802.

180 The page includes the following fields: Object Description  Total RX Display current total RX  Valid RX Display current valid RX  Invalid

181 4.7.4 MLD Snooping 4.7.4.1 MLD Setting This page provides MLD Snooping related configuration. Most of the settings are global, whereas the Router

182 Figure 4-7-22 MLD Snooping information Page Screenshot The page includes the following fields: Object Description  MLD Snooping Status Displ

183  Query Interval (sec.) Display the current query interval.  Query Max Response Interval (sec.) Display the current query max response interva

184 Figure 4-7-25 MLD Static Groups Page Screenshot The page includes the following fields: Object Description  VLAN ID Display the current VLA

185  Type Member types displayed include Static or Dynamic, depending on selected options.  Life(Sec) Display the current life. 4.7.4.4 MLD Rou

186 : Click to add MLD router port entry. Figure 4-7-28 Router Port Status Page Screenshot The page includes the following fields: Object Descrip

187  Port Display the current dynamic router ports  Expiry Time (Sec) Display the current expiry time Figure 4-7-30 Static Router Table Page Sc

188 Figure 4-7-32 Forward All Setting Page Screenshot The page includes the following fields: Object Description  VLAN ID Select VLAN ID for thi

189 4.7.5 MLD Snooping Statics This page provides MLD Snooping Statics. The MLD Snooping Statics screen in Figure 4-7-33 appears. Figure 4-7-33 Forw

19 2. INSTALLATION This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For easier manag

190  Special Group Query RX Display current special group query RX  Special Group & Source Query RX Display current special group & sourc

191 4.7.6 Multicast Throttling Setting Multicast throttling sets a maximum number of multicast groups that a port can join at the same time. When the

192 Buttons : Click to apply changes. Figure 4-7-35 IGMP Port Max Groups Information Page Screenshot The page includes the following fields: Objec

193 access mode. Command Usage  Each profile has only one access mode; either permit or deny.  When the access mode is set to permit, multic

194 - Deny When the access mode is set to, multicast join reports are only processed when the multicast group is not in the controlled range. Button

195 Figure 4-7-38 Filter Setting Page Screenshot The page includes the following fields: Object Description  Port Select Select port number for

196 4.7.7.3 MLD Filter Setting The Filter Setting and Status screens in Figure 4-7-40 & Figure 4-7-41 appear. Figure 4-7-40 Filter Setting Page

197  Action Click to display detail profile parameter. Click to delete the MLD filter profile entry. 4.8 Quality of Service 4.8.1 Underst

198 The QoS page of the Managed Switch contains three types of QoS mode - the 802.1p mode, DSCP mode or Port-base mode can be selected. Both the thr

199 Figure 4-8-2 QoS Information Page Screenshot The page includes the following fields: Object Description  QoS Mode Display the current QoS mo

2 Copyright © 2014 United Technologies Corporation Interlogix is part of UTC Building & Industrial Systems, Inc. a unit of United Technologies C

20 The console port is a RJ-45 port connector. It is an interface for connecting a terminal directly. Through the console port, it provides rich diag

200  Remark IP Precedence Disable or enable remark IP Precedence Buttons : Click to apply changes. Figure 4-8-3 QoS Port Status Page Screenshot

201 Figure 4-8-4 Queue Table Page Screenshot The page includes the following fields: Object Description  Queue Display the current queue ID. 

202 Figure 4-8-5 Queue Information Page Screenshot The page includes the following fields: Object Description  Information Name Display the curr

203 : Click to apply changes. Figure 4-8-7 CoS Mapping Page Screenshot The page includes the following fields: Object Description  CoS Display

204 4.8.2.5 DSCP Mapping The DSCP to Queue and Queue to DSCP Mapping screens in Figure 4-8-8 & Figure 4-8-9 appear. Figure 4-8-8 DSCP to Queue

205 Figure 4-8-9 DSCP Mapping Page Screenshot The page includes the following fields: Object Description  DSCP Display the current CoS value 

206 4.8.2.6 IP Precedence Mapping The IP Precedence to Queue and Queue to IP Precedence Mapping screens in Figure 4-8-10 & Figure 4-8-11 appear.

207 Figure 4-8-11 IP Precedence Mapping Page Screenshot The page includes the following fields: Object Description  IP Precedence Display the cu

208 4.8.3 QoS Basic Mode 4.8.3.1 Global Settings The Basic Mode Global Settings and QoS Information screen in Figure 4-8-12 & Figu

209 Figure 4-8-13 QoS Information Page Screenshot The page includes the following fields: Object Description  Trust Mode Display the current QoS

21 System LED Color Function PWR Green Lights to indicate that the Switch has power. SYS Green Lights to indicate the system is working. Blink

210 Buttons : Click to apply changes. Figure 4-8-15 QoS Port Status Page Screenshot The page includes the following fields: Object Description 

211 4.8.4.1 Ingress Bandwidth Control This page provides to select the ingress bandwidth preamble. The Ingress Bandwidth Control Setting and Status s

212 The page includes the following fields: Object Description  Port The switch port number of the logical port.  Ingress Rate Limit (Kbps) Dis

213 Buttons : Click to apply changes. Figure 4-8-19 Egress Bandwidth Control Status Page Screenshot The page includes the following fields: Objec

214 4.8.4.3 Egress Queue The Egress Queue Badwidth Control Settings and Status screens in Figure 4-8-20 & Figure 4-8-21 appear. Figure 4-8-20 Eg

215 The page includes the following fields: Object Description  Queue ID Display the current queue ID  Rate Limit (Kbps) Display the current ra

216 Before connecting the IP device to the switch, the IP phone should configure the voice VLAN ID correctly. It should be configured through its own

217 The allowed range is 1 to 4095.  Remark CoS/802.1p Select 802.1p value for this drop down list.  1p remark Enable or disable 802.1p remark. 

218 4.8.5.3 Telephony OUI MAC Setting Configure VOICE VLAN OUI table on this Page. The Telephony OUI MAC Setting screens in Figure 4-8-24 & Figur

219 The page includes the following fields: Object Description  OUI Address Display the current OUI address  Description Display the current des

22 AC Power Receptacle For compatibility with electric service in most areas of the world, the Managed Switch’s power supply automatically adjusts

220 Figure 4-8-27 Voice VLAN Port State Page Screenshot The page includes the following fields: Object Description  Port The switch port number

221  DoS  Strom Control 4.9.1 802.1X Overview of 802.1X (Port-based) Authentication In the 802.1X-world, the user is called the supplicant, the

222 LAN. Until the client is authenticated, 802.1X access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through th

223  Authentication server—performs the actual authentication of the client. The authentication server validates the identity of the client and no

224 When the client supplies its identity, the switch begins its role as the intermediary, passing EAP frames between the client and the authenticat

225 initiates the authentication process by sending the EAPOL-start frame. When no response is received, the client sends the request for a fixed num

226 Buttons : Click to apply changes. Figure 4-9-4 802.1X Information Page Screenshot The page includes the following fields: Object Description

227 Figure 4-9-5 802.1X Port Setting Page Screenshot The page includes the following fields: Object Description  Port Select port for this drop

228 switch port or if a supplicant is no longer attached.  Reauthentication Period Determines the period, in seconds, after which a connected cli

229 The page includes the following fields: Object Description  Port The switch port number of the logical port.  Mode (pps) Display the current

23 2.2 Installing the Switch This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the fo

230 immediately takes the port out of the Guest VLAN and starts authenticating the supplicant according to the port mode. If an EAPOL frame is receiv

231  Guest VLAN Port Setting When Guest VLAN is both globally enabled and enabled (checked) for a given port, the switch considers moving the port

232 Figure 4-9-9 Authenticated Host Table Page Screenshot The page includes the following fields: Object Description  User Name Display the curr

233 a RADIUS server before retransmitting the request.  Timeout for Reply Retransmit is the number of times, in the range 1 to 30, a RADIUS request

234 The page includes the following fields: Object Description  Server Definition Set the server definition.  Server IP Address of the Radius s

235 Buttons : Click to add Radius server setting. Figure 4-9-12 Login Authentication List Page Screenshot The page includes the following fields:

236 Figure 4-9-13 Guest VLAN Setting Page Screenshot The page includes the following fields: Object Description  Key String The secret key - up

237 Object Description  Server Definition Set the server definition.  Server IP Address of the TACACS+ server IP/name.  Server Port Network (T

238  Modify Click to edit login authentication list parameter. Click to delete login authentication list entry. 4.9.4 AAA Authentication, aut

239 This guide assumes that RADIUS and TACACS+ servers have already been configured to support AAA. The configuration of RADIUS and TACACS+ server s

24 Connect one end of the power cable to the Managed Switch. Connect the power plug of the power cable to a standard wall outlet. When the Managed Sw

240 The page includes the following fields: Object Description  List Name Display the current list name.  Method List Display the current method

241 Figure 4-9-20 Login Authentication List Screenshot The page includes the following fields: Object Description  List Name Display the current

242 Figure 4-9-21 Telnet Settings Page Screenshot The page includes the following fields: Object Description  Telnet Service Disable or enable t

243 Figure 4-9-21 Telnet Information Page Screenshot The page includes the following fields: Object Description  Telnet Service Display the curr

244 enabled port security on a port, the port is set-up for software-based learning. In this mode, frames from unknown MAC addresses are passed on to

245 Figure 4-9-24 SSH Information Page Screenshot The page includes the following fields: Object Description  SSH Service Display the current SSH

246 Figure 4-9-25 HTTP Settings Page Screenshot The page includes the following fields: Object Description  HTTP Service Disable or enable HTTP

247 The page includes the following fields: Object Description  HTTP Service Display the current HTTP service.  Login Authentication List Displa

248 Figure 4-9-28 HTTPs Information Page Screenshot The page includes the following fields: Object Description  HTTPs Service Display the curren

249 The page includes the following fields: Object Description  Access Profile Name (1-32 charaters) Indicates the access profile name.  Priorit

25 Figure 2-1-6 Mounting Managed Switch in a Rack Step6: Proceeds with Steps 4 and 5 of session 2.2.1 Desktop Installation to connect the network ca

250  Action Display the current action  Port Display the current port list  Source IPv4 Display the current source IPv4 address  Source IPv4

251 The page includes the following fields: Object Description  Access Profile Display the current access profile.  Delete Click to delete a

252 4.9.7 DHCP Snooping 4.9.7.1 DHCP Snooping Overview The addresses assigned to DHCP clients on unsecure ports can be carefully controlled using the

253  When DHCP snooping is enabled, DHCP messages entering an untrusted interface are filtered based upon dynamic entries learned via DHCP snooping

254 4.9.7.2 Global Setting DHCP Snooping is used to block intruder on the untrusted ports of switch when it tries to intervene by injecting a bogus D

255 The page includes the following fields: Object Description  DHCP Snooping Display the current DHCP snooping status

256 4.9.7.3 VLAN Setting Command Usage  When DHCP snooping is enabled globally on the switch, and enabled on the specified VLAN, DHCP packet filt

257 Figure 4-9-36 DHCP Snooping VLAN Setting Page Screenshot The page includes the following fields: Object Description  VLAN List Display the c

258 Figure 4-9-37 DHCP Snooping Port Setting Page Screenshot The page includes the following fields: Object Description  Port Select port for th

259 Object Description  Port The switch port number of the logical port.  Type Display the current type  Chaddr Check Display the current chad

26 Fast Ethernet Transceiver (100Base-X SFP) Gigabit Ethernet Transceiver (1000Base-X SFP) It is recommended to use INTERLOGIX SFP on the Mana

260 Buttons : Click to clear the statistics. : Click to refresh the statistics.

261 4.9.7.6 Database Agent Overview of the DHCP Snooping Database Agent When DHCP snooping is enabled, the switch uses the DHCP snooping binding d

262 The page includes the following fields: Object Description  Database Type Select database type.  File Name The name of file image.  Remot

263  Write Delay Display the current write delay.  Timeout Display the current timeout. 4.9.7.7 Rate Limit After enabling DHCP snooping, the sw

264 Figure 4-9-43 DHCP Rate Limit Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port numbe

265 The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id" "port_no".

266 The page includes the following fields: Object Description  Option82 Remote ID Display the current option82 remite ID. 4.9.7.9 Option82 Port

267 Figure 4-9-47 Option82 Global Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port numb

268 The page includes the following fields: Object Description  Port Select port for this drop down list.  VLAN Indicates the ID of this particu

269 A Dynamic ARP prevents the untrust ARP packets based on the DHCP Snooping Database. 4.9.8.1 Global Setting DAI Setting and Information screens

27 1. Before you connect Managed Switch to the other network device, you have to make sure both sides of the SFP transceivers are with the same m

270 The page includes the following fields: Object Description  DAI Display the current DAI status. 4.9.8.2 VLAN Setting DAI VLAN Setting screens

271 The page includes the following fields: Object Description  VLAN List Display the current VLAN list.  Status Display the current status. 4

272 classified as invalid and are dropped.  IP Chk Enable or disable to checks the source and destination IP addresses of ARP packets. The all-zero

273 4.9.8.4 Statistics Configures switch ports as DAI trusted or untrusted and check mode. DAI Port Setting screen in Figure 4-9-56 appears. Figure

274 Buttons : Click to clear the statistics. : Click to refresh the statistics. 4.9.8.5 Rate Limit The ARP Rate Limit Setting and Config screens in

275 Figure 4-9-58 ARP Rate Limit Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port number

276 4.9.9.1 Port Settings IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic ba

277 The page includes the following fields: Object Description  Port Select port for this drop down list.  Status Enable or disable the IP sourc

278  Verify Source Display the current verify source  Max Binding Entry Display the current max binding entry.  Current Binding Entry Display t

279 The page includes the following fields: Object Description  Port Display the current port  VLAN ID Display the current VLAN  MAC Address

28 Figure 2-1-8 How to Pull Out the SFP Transceiver Never pull out the module without lifting up the lever of the module and turning it to a horiz

280 The page includes the following fields: Object Description  Port Select port for this drop down list.  Security Enable or disable the port s

281 Figure 4-9-65 Port Security Status Page Screenshot The page includes the following fields: Object Description  Port Name The switch port num

282 Figure 4-9-66 Global DoS Setting Page Screenshot

283 The page includes the following fields: Object Description  DMAC = SMAC Enable or disable DoS check mode by DMAC = SMAC  Land Enable or disa

284 Figure 4-9-67 DoS Information Page Screenshot The page includes the following fields: Object Description  DMAC = SMAC Display the current DM

285  TCP SYN-RST Attack Display the current TCP syn-rst attack status  TCP Fragment (Offset = 1) Display the TCP fragment (offset = 1) status 4

286 Figure 4-9-68 Port Security Setting Page Screenshot The page includes the following fields: Object Description  Port The switch port number

287 The page includes the following fields: Object Description  Unit Controls the unit of measure for the storm control rate as "pps" or

288 Figure 4-9-71 Storm Control Setting Page Screenshot The page includes the following fields: Object Description  Port Select port for this dr

289 Figure 4-9-72 Storm Control Information Page Screenshot The page includes the following fields: Object Description  Port The switch port num

29 3. SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the typ

290 4.10 ACL ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual users

291 Figure 4-10-1 MAC-based ACL Page Screenshot The page includes the following fields: Object Description  ACL Name Create a named MAC-based ACL

292 Figure 4-10-3 MAC-based ACE Page Screenshot The page includes the following fields: Object Description  ACL Name Select ACL name for this dro

293 this ACE, choose this value. A field for entering a DA MAC value appears.  DA MAC Value When "User Defined" is selected for the DA MA

294 Figure 4-10-4 MAC-based ACE Table Page Screenshot The page includes the following fields: Object Description  ACL Name Display the current A

295 Figure 4-10-6 appear. Figure 4-10-5 IPv4-based ACL Page Screenshot The page includes the following fields: Object Description  ACL Name Crea

296

297 Figure 4-10-7 IP-based ACE Page Screenshot The page includes the following fields: Object Description  ACL Name Select ACL name for this drop

298 frame that hits this ACE matches this destination IP address value.  Destination IP Wildcard Mask When "User Defined" is selected for

299 to match this entry.  Don’t Care: Any value is allowed ("don't-care"). PSH Specify the TCP "Push Function" (PSH) va

3 TABLE OF CONTENTS 1.INTRODUCTION ...

30 3.2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods:  A

300  IP Recedence: If you want to filter a specific IP recedence with this ACE, you can enter a specific IP recedence value. A field for entering a

301 The page includes the following fields: Object Description  ACL Name Display the current ACL name  Sepuence Display the current sequence 

302 Figure 4-10-9 IPv6-based ACL Page Screenshot The page includes the following fields: Object Description  ACL Name Create a named IPv6-based

303

304 Figure 4-10-11 IP-based ACE Page Screenshot The page includes the following fields: Object Description  ACL Name Select ACL name for this dro

305 this destination IP address value.  Destination IP Prefix Length When "User Defined" is selected for the destination IP filter, you c

306 to match this entry.  Don’t Care: Any value is allowed ("don't-care"). PSH Specify the TCP "Push Function" (PSH) va

307 you can enter a specific IP recedence value. A field for entering a IP recedence value appears. The allowed range is 0 to 7. A frame that hits th

308  Sepuence Display the current sequence  Action Display the current action  Protocol Display the current protocol  Source IP Address Displ

309 4.10.7 ACL Binding This page allows you to bind the Policy content to the appropriate ACLs. The ACL Policy screens in Figure 4-10-13 & Figure

31 3.3 Administration Console The administration console is an internal, character-oriented, and command line user interface for performing system ad

310  IPv6 ACL Display the current IPv6 ACL  Modify Click to edit ACL binding table parameter. Click to delete ACL binding entry. 4.11 MAC Add

311  VLAN Select VLAN for this drop down list.  Port Select port for this drop down list. Buttons : Click to add new static MAC address. Figure

312 The page includes the following fields: Object Description  MAC Address Physical address associated with this interface.  VLAN (1~4096) Ind

313 Figure 4-11-5 Dynamic Addresses Setting Page Screenshot The page includes the following fields: Object Description  Aging Time The time afte

314 address. The Dynamic Learned screens in Figure 4-11-6 & Figure 4-11-7 appear. Figure 4-11-6 Dynamic Learned Page Screenshot The page includ

315  VLAN The VLAN ID of the entry.  Type Indicates whether the entry is a static or dynamic entry.  Port The ports that are members of the ent

316 4.12 LLDP 4.12.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring dev

317 Object Description  Enable Globally enable or disable LLDP function  LLDP PDU Disable Action Set LLDP PDU disable action: include “Filtering

318 (4 * Delay Interval) ≤Transmission Interval  LLDP-MED Fast Start Repeat Count Configures the amount of LLDP MED Fast Start LLDPDUs to transmi

319  Holdtime Multiplier Display the current holdtime multiplier  Reinitialization Delay Display the current reinitialization delay  Transmit D

32  115200 bps  8 data bits  No parity  1 stop bit Figure 3-1-2: Terminal Parameter Settings You can change these settings, if desired, after

320  Rx only  TxRx  Disabled  Port Select Select port for this drop down list.  Optional TLV Select Configures the information included in

321 Figure 4-12-4 LLDP Port Status Page Screenshot The page includes the following fields: Object Description  Port The switch port number of th

322 The page includes the following fields: Object Description  Port Select Select port for this drop down list.  VLAN Select Select VLAN for th

323 Figure 4-12-7 Local Device Summary Page Screenshot The page includes the following fields: Object Description  Chassis ID Subtype Display

324 Figure 4-12-8 Port Status Page Screenshot The page includes the following fields: Object Description  Interface The switch port number of the

325 The page includes the following fields: Object Description  Local Port Display the current local port  Chassis ID Subtype Display the curren

326 given port. The application types specifically addressed are: 1. Voice 2. Guest Voice 3. Softphone Voice 4. Video Conferencing 5. Streaming Video

327 The page includes the following fields: Object Description  LLDP MED Policy for Voice Application Set the LLDP MED policy for voice applicatio

328 Video Signaling - for use in network topologies that require a separate policy for the video signaling than for the video media. This application

329 The page includes the following fields: Object Description  Network Policy Number Display the current network policy number  Application Dis

33 You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location, just as if you were d

330 messages. -Network Policy – This option advertises network policy configuration information, aiding in the discovery and diagnosis of VLAN config

331  Application Display the current application  Location Display the current location  Inventory Display the current inventory The MED Locat

332 Figure 4-12-15 LLDP MED Port Location Table Page Screenshot The page includes the following fields: Object Description  Port The switch port

333 4.12.8 LLDP Overloading The LLDP Port Overloading screen in Figure 4-12-16 appears. Figure 4-12-16 LLDP Port Overloading Table Page Screenshot

334  MED Network Policy Displays if the network policies packets were transmitted or overloaded.  MED Extended Power via MDI Displays if the exte

335 : Click to clear the statistics. : Click to refresh the statistics. Figure 4-12-18 LLDP Port Statistics Page Screenshot The page includes the

336  RX TLVs – Unrecognized The number of well-formed TLVs, but with an unknown type value.  RX Ageout - Total The number of organizationally TLV

337 4.13.1 Cable Diagnistics The Cable Diagnostics performs tests on copper cables. These functions have the ability to identify the cable length and

338 The Copper test and test result screens in Figure 4-13-1 & Figure 4-13-2 appear. Figure 4-13-1 Copper Test Page Screenshot The page include

339 4.13.2 Ping The ping and IPv6 ping allow you to issue ICMP PING packets to troubleshoot IP connectivity issues. The Managed Switch transmits ICMP

34 4. WEB CONFIGURATION This section introduces the configuration and functions of the Web-based management. About Web-based Management The Managed

340 The page includes the following fields: Object Description  IP Address The destination IP Address.  Count Number of echo requests to send. 

341 Figure 4-13-4 ICMPv6 Ping Page Screenshot The page includes the following fields: Object Description  IP Address The destination IPv6 Addres

342 4.14 RMON RMON is the most important expansion of the standard SNMP. RMON is a set of MIB definitions, used to define standard network monitor fu

343 Figure 4-14-1: RMON Statistics Detail Page Screenshot The Page includes the following fields: Object Description  Port Select port for this d

344  CRC/Alignment Errors The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 a

345 Figure 4-14-2: RMON Event Configuration Page Screenshot The Page includes the following fields: Object Description  Select Index Select inde

346 Buttons : Click to apply changes. Figure 4-14-3: RMON Event Status Page Screenshot The Page includes the following fields: Object Descripti

347 4.14.3 RMON Event Log This Page provides an overview of RMON Event Log. The RMON Event Log Table screen in Figure 4-14-4 appears. Figure 4-14-4:

348 4.14.4 RMON Alarm Configure RMON Alarm table on this Page. The RMON Alarm screens in Figure 4-14-5 & Figure 4-14-6 appear. Figure 4-14-5: R

349 Includes FCS, but excludes framing bits.  Pkts: The total number of frames (bad, broadcast and multicast) received and transmitted.  Broadcas

35 factory-default IP Address as following: http://192.168.0.100 2. When the following login screen appears, please enter the default username

350 specified range (excluding framing bits but including FCS octets).  Pkts512to1023Octets: The total number of frames (including bad packets) rec

351 The Page includes the following fields: Object Description  Index Indicates the index of Alarm control entry.  Sample Port Display the curre

352 The Page includes the following fields: Object Description  Select Index Select index for this drop down list to create the new index or modi

353 4.14.6 RMON History Log This Page provides a detail of RMON history entries; screen in Figure 4-14-9 appears. Figure 4-14-9: RMON History Stat

354 Figure 4-15-1 Factory Default Page Screenshot After the “Factory” button is pressed and rebooted, the system will load the default IP settings

355 4.15.3 Backup Manager This function allows backup of the current image or configuration of the Managed Switch to the local management station. T

356 Figure 4-15-4 Upgrade Manager Page Screenshot The page includes the following fields: Object Description  Upgrade Method Select upgrade meth

357 5. SWITCH OPERATION 5.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is

358 incoming and outgoing packet are stored in a routing table. This information is subsequently used to filter packets whose destination address is

359 6. TROUBLESHOOTING This chapter contains information to help you solve your issue. If the Managed Switch is not functioning properly, make sure t

36 interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides.  It is recom

360 Solution: 1. AC power cord not inserted or faulty 2. Check whether the AC power cord is inserted correctly 3. Replace the power cord if the co

361 APPENDIX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI MDI-X 1 BI_DA+ BI_DB+ 2 BI_DA- BI_DB- 3 BI_DB+ BI_DA+ 4 BI_

362 3 Rx + (receive) Tx + (transmit) 4, 5 Not used 6 Rx - (receive) Tx - (transmit) 7, 8 Not used The standard cable, RJ-45 pin assignment T

363 SIDE 1 1234567812345678 SIDE 2 1 = White / Orange 2 = Orange 3 = White / Green 4 = Blue 5 = White / Blue 6 = Green 7 = White / Brown 8 = Brown 1

37 4.1 Main Web Page The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access t

38 Main Menu Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or monitor ne

39 4-1-6 appears. Figure 4-1-6 Save Button screenshot The page includes the following fields: Object Description  Save Configuration to FLASH Cl

4 4.2.5.1SystemTime...

40 up configuration file, which is called configuration save. To prevent illicit file upload and easier configuration, switch mandates the name of ru

41 3. Press the “Apply” button to save running configuration to startup configuration.

42 4.2 System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the following topic

43  System Contact Display the current system contact  MAC Address The MAC Address of this Managed Switch.  IP Address The IP Address of this M

44 The page includes the following fields: Object Description  Mode Indicates the IP address mode operation. Possible modes are: Static: Enable

45 Object Description  DHCP State Display the current DHCP state.  IP Address Display the current IP address.  Subnet Mask Display the current

46 representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It also used a following legally IPv4 address. For example,

47  IPv6 In Use Router Display the current in-use gateway  IPv6 Static Address Display the current IPv6 static address  IPv6 Static Router Disp

48 4.2.4 User Configuration This page provides an overview of the current users and privilege type. Currently the only way to login as another user o

49 The page includes the following fields: Object Description  Username Display the current username.  Password Type Display the current passwor

5 4.5.1VLANOverview ...

50 The page includes the following fields: Object Description  Enable SNTP Enabled: Enable SNTP mode operation. When enable SNTP mode operation,

51  Day - Select the starting day.  Month - Select the starting month.  Hours - Select the starting hour.  Minutes - Select the startin

52  Daylight Saving Time Offset Display the current daylight saving time offset state.  From Display the current daylight saving time from.  To

53 The page includes the following fields: Object Description  SNTP Server Address Display the current SNTP server address.  Server Port Displa

54 4.2.6 Log Management The Managed Switch log management is provided here. The local logs allow you to configure and limit system messages that are

55 : Click to apply changes. Figure 4-2-13 Logging Information Page Screenshot The page includes the following fields: Object Description  Logg

56  Severity The severity of the local log entry. The following severity types are supported:  emerg: Emergency level of the system unusable for

57 The Remote Syslog screens in Figure 4-2-16 & Figure 4-2-17 appear. Figure 4-2-16 Remote Log Target Page Screenshot The page includes the

58  notice: Notice level of the normal but significant conditions for local log.  info: Informational level of the informational messages for loc

59 The page includes the following fields: Object Description  Target The target of the log view entry. The following target types are support

6 4.7.4MLDSnooping...

60 The page includes the following fields: Object Description  Target Display the current log target.  Severity Display the current log se

61 4.2.7 SNMP Management 4.2.7.1 SNMP Overview The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the ex

62 4.2.7.2 SNMP System Information Configure SNMP setting on this page. The SNMP System global setting screens in Figure 4-2-21 & Figure 4-2-22 a

63 4.2.7.3 SNMP View Configure SNMPv3 view table on this page. The entry index keys are View Name and OID Subtree. The SNMPv3 View Table Setting scre

64 Figure 4-2-24 SNMP View Table Status Page Screenshot The page includes the following fields: Object Description  View Name Display the curre

65 Object Description  Group Name A string identifying the group name that this entry should belong to. The allowed string length is 1 to 16. 

66 The page includes the following fields: Object Description  Group Name Display the current SNMP access group name  Security Model Display the

67 4.2.7.5 SNMP Community Configure SNMP Community on this page. The SNMP Community screens in Figure 4-2-27 & Figure 4-2-28 appear. Figure 4-

68 Figure 4-2-28 Community Status Page Screenshot The page includes the following fields: Object Description  Community Name Display the current

69 should belong to.  Privilege Mode Indicates the security model that this entry should belong to. Possible security models are:  NoAuth: None

7 4.9.1.2802.1XSetting ...

70 Figure 4-2-30 SNMPv3 Users Status Page Screenshot The page includes the following fields: Object Description  User Name Display the current u

71 The page includes the following fields: Object Description  Server Address Indicates the SNMP trap destination address. It allows a valid IP ad

72  UDP Port Display the current UDP port.  Time Out Display the current time out.  Retries Display the current retry times.  Action : Delete

73 : Click to add a new SNMPv3 host entry. Figure 4-2-34 SNMPv3 Host Status Page Screenshot The page includes the following fields: Object Descrip

74 Object Description  Engine ID An octet string identifying the engine ID that this entry should belong to. The string must contain an even numbe

75 The page includes the following fields: Object Description  Remote IP Address Indicates the SNMP remote engine ID address. It allows a valid IP

76 4.3 Port Management Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items:  Port Confi

77  Port Select Select port number for this drop down list.  Enabled Indicates the port state operation. Possible state are: Enabled - Start up

78 Figure 4-3-2 Port Status Page Screenshot The page includes the following fields: Object Description  Port This is the logical port number for

79 4.3.2 Port Counters This page provides an overview of traffic and trunk statistics for all switch ports. The Port Statistics screens in Figure 4

8 4.9.9.2BindingTable...

80 Figure 4-3-4 Interface Counters Page Screenshot Object Description  Received Octets The total number of octets received on the interface, incl

81 Figure 4-3-5 Ethernet link Counters Page Screenshot Object Description  Alignment Errors The number of alignment errors (miss synchronized d

82  Symbol Errors The number of received and transmitted symbol errors.  Control In Unknown Opcodes The number of received control unknown opcode

83 address. Note that this does not include multicast packets.  Multicast Packets The total number of good frames received that were directed to th

84 4.3.3 Bandwidth Utilization The Bandwidth Utilization page displays the percentage of the total available bandwidth being used on the ports. Bandw

85 4.3.4 Port Mirroring Configure port Mirroring on this page. This function provide to monitoring network traffic that forwards a copy of each incom

86 Figure 4-3-9 Port Mirroring Settings Page Screenshot The page includes the following fields: Object Description  Session ID Set the port mirr

87 Figure 4-3-10 Mirroring Status Page Screenshot The page includes the following fields: Object Description  Session ID Display the session ID.

88 Buttons : Click to apply changes. Figure 4-3-12 Jumbo Frame Information Page Screenshot The page includes the following fields: Object Descrip

89 The page includes the following fields: Object Description  Recovery Interval The period (in seconds) for which a port will be kept disabled

9 4.14RMON ...

90 Figure 4-3-14 Error Disabled Information Page Screenshot The page includes the following fields: Object Description  Recovery Interval Displa

91 appears. Figure 4-3-15 Port Error Disable Page Screenshot The displayed counters are: Object Description  Port Name Display the port for erro

92 For protected port group to be applied, the Managed switch must first be configured for standard VLAN operation. Ports in a protected port group

93 The port settings relate to the currently unit, as reflected by the page header. The Port Isolation Configuration screens in Figure 4-3-16 &

94 The page includes the following fields: Object Description  Protected Ports Display the current protected ports.  Unprotected Ports Display

95 The page includes the following fields: Object Description  Port Select port number for this drop down list.  Enable Enable or disable t

96 4.4 Link Aggregation Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Groups (LAGs). Po

97 Figure 4-4-1 Link Aggregation The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partn

98  None of the ports in a link aggregation can be configured as a mirror source port or a mirror target port.  All of the ports in a link aggreg

99 4.4.1 LAG Setting This page allows configuring load balance algorithm configuration settings. The LAG Setting screens in Figure 4-4-2 & Figure