Comnet CNGE20FX4TX16MS, CNGE28FX4TX24MS2, CNGE28FX4TX24MSPOE2/48 Installation And Operation Manual
Page 1
INSTALLATION AND OPERATION MANUAL
CNGE20FX4TX16MS
All Gigabit Managed Ethernet Switch
with (16) 10/100/1000TX + (4) 100/1000FX SFP Ports
This manual serves the following
ComNet Model Numbers:
CNGE20FX4TX16MS
The ComNet CNGE20FX4TX16MS Managed Ethernet Switch provides robust
transmission of (16) 10/100/1000BASE-TX and (4) 100/1000FX SFP ports, of gigabit
Ethernet data. Unlike most Ethernet switches, these environmentally hardened units
are designed for direct deployment in difficult out-of-plant or roadside operating
environments, and are available for use with either conventional CAT-5e copper or
optical transmission media. Diverse media selection allows for easy implementation
of point-to-point, linear add-drop, drop-and-repeat, star, or true self-healing ring and
mesh network system architectures. The 16 electrical ports support the 10/100/1000
Mbps Ethernet IEEE 802.3 protocol, and auto-negotiating and auto-MDI/ MDIX features
are provided for simplicity and ease of installation. All SFP ports utilize ComNet SFP
modules for fiber and connector type and distance. These network managed layer 2
switches are optically (100/1000 BASE-FX) and electrically compatible with any IEEE
802.3 compliant Ethernet devices. Plug-and-play design ensures ease of installation,
and no electrical or optical adjustments are ever required. The CNGE20FX4TX16MS
incorporates LED indicators for monitoring the operating status of the managed
switch and network. These units are DIN-rail or wall mountable.
Page 2
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Contents
Regulatory Compliance Statement 4
Warranty 4
Disclaimer 4
Safety Indications 4
Federal Communication Commission Interference Statement 5
Declaration of Conformity 5
Safety Instructions 6
1.0 Product Overview 7
1.1 Specifications 7
1.2. Hardware Views 8
1.4. Packing List 10
2.0 Installation Guidelines 11
2.1. Warnings 11
2.2. Installation Guidelines 12
2.4. Verifying Switch Operation 13
2.5. Hardware Installation 14
2.6. Installing and Removing SFP Modules 17
2.7. Connecting the Switch to Ethernet Ports 20
2.8. Connecting the Switch to Console Port 21
2.10. Reset Button 22
3.0 Setup 23
3.1. First Time Setup 23
3.2. Command Line Interface Configuration 27
3.3. Web Browser Configuration 28
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 2
Page 3
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.0. Switch Management 29
4.1. Log In 29
4.2. Recommended Practices 30
4.3. Monitoring 31
4.4. System 37
4.5. L2 Switching 44
4.6. MAC Address Table 79
4.7. Security 82
4.8. QoS 96
4.9. Management 108
4.10 Diagnostics 130
4.11. Tools 140
APPENDIX 146
Troubleshooting 146
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 3
Page 4
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Regulatory Compliance Statement
Product(s) associated with this publication complies/comply with all applicable regulations. Please
refer to the Technical Specifications section for more details.
Warranty
ComNet warrants that all ComNet products are free from defects in material and workmanship
for a specified warranty period from the invoice date for the life of the installation. ComNet will
repair or replace products found by ComNet to be defective within this warranty period, with
shipment expenses apportioned by ComNet and the distributor. This warranty does not cover
product modifications or repairs done by persons other than ComNet-approved personnel, and
this warranty does not apply to ComNet products that are misused, abused, improperly installed,
or damaged by accidents.
Please refer to the Technical Specifications section for the actual warranty period(s) of the
product(s) associated with this publication.
Disclaimer
Information in this publication is intended to be accurate. ComNet shall not be responsible for its
use or infringements on third-parties as a result of its use. There may occasionally be unintentional
errors on this publication. ComNet reserves the right to revise the contents of this publication
without notice.
Note. The PoE port may be considered SELV circuits, if:
» Not likely to require connection to an Ethernet network with outside plant routing including
campus environment; and
» The installation instructions clearly state that the ITE is to be connected only to PoE Networks
without routing to the outside plant.
Safety Indications
» The equipment can only be accessed by a service person or users who have been instructed.
» The equipment should be installed in the location that needs a tool or lock and key, or other
means of security, and controlled by a person of authority.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 4
Page 5
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Federal Communication Commission Interference Statement
For further certification information, please go to www.comnet.net
Declaration of Conformity
CE
This product has passed the CE test for environmental specifications when shielded cables are
used for external wiring. We recommend the use of shielded cables. Please contact your local
supplier for ordering information.
This product has passed the CE test for environmental specifications. Test conditions for passing
included the equipment being operated within an industrial enclosure. In order to protect the
product from being damaged by ESD (Electrostatic Discharge) and EMI leakage, we strongly
recommend the use of CE-compliant industrial enclosure products.
FCC Class A
This equipment has been tested and found to comply with the limits for a Class A digital device,
pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection
against harmful interference when the equipment is operated in a commercial environment.
This equipment generates, uses, and can radiate radio frequency energy and, if not installed
and used in accordance with the instruction manual, may cause harmful interference to radio
communications. Operation of this equipment in a residential area is likely to cause harmful
interference in which case the user will be required to correct the interference at their own
expense.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 5
Page 6
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Safety Instructions
Read these safety instructions carefully.
» Keep this user manual for later reference.
» Disconnect this equipment from any AC outlet before cleaning. Use damp cloth. Do not use
liquid or spray detergents for cleaning.
» For plug-in equipment, the power outlet socket must be located near the equipment and must
be easily accessible.
» Keep this equipment away from humidity.
» Put this equipment on a stable surface during installation. Dropping it or letting it fall may
cause damage.
» The openings on the enclosure allow for air convection. Protect the equipment from over-
heating. DO NOT COVER THE OPENINGS.
» Make sure the voltage of the power source is correct before connecting the equipment to the
power outlet.
» Position the power cord so that people cannot step on it. Do not place anything over the
power cord.
» All cautions and warning on the equipment should be noted.
» If the equipment is not used for a long time, disconnect it from the power source to avoid
damage by transient over voltage.
» Never pour any liquid into an opening. This may cause fire or electrical shock.
» Never open the equipment. For safety reasons, the equipment should be opened only by
qualified service personnel.
» If one of the following situations arises, get the equipment checked by service person nel:
› The power cord or plug is damaged.
› Liquid has penetrated into the equipment.
› The equipment has been exposed to moisture.
› The equipment does not work well, or you cannot get it to work according to the user manual
› The equipment has been dropped and damaged.
› The equipment has obvious signs of breakage.
» PoE requirements: The equipment is to be connected only to PoE networks without routing to
the outside plant.
» Do not leave this equipment in an environment where the storage temperature may go below
-40°C (-40°F) or above 75°C (167°F) this could damage the equipment. The equipment should
be in a controlled environment.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 6
Page 7
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
1.0 Product Overview
1.1 Specifications
Specifications Description
Interface I/O Port 16 × 10/100/1000BaseT(X) +
4 × 100/1000Base-X SFP Port
Power Connector 4-pin screw terminal
Relay Connector 2-pin screw terminal
Physical Enclosure Metal Shell
Protection Class IP30
Installation Rack mounting
Dimensions (W x H x D) 2.91 × 4.13 × 5.98 in (7.4 × 10.5 × 15.2 cm)
LED Display System LED R.M., SYS, Alarm, Power 1, Power 2
Port LED Link/Activity/Speed
Environment Operating Temperature -40°C ~ 75°C (-40°F ~ 167°F)
Storage Temperature -40°C ~ 85°C (-40°F ~ 185°F)
Ambient Relative Humidity 10 ~ 95% (non-condensing)
Switch Properties MAC Address 8K-entry
Switching Bandwidth 56 Gbps
Power Power Consumption 15 W
Power Input 12 - 48VDC, Redundant power
Certifications Safety IEC EN60950, EN61010
EMC CE, FCC
EMI EN55022 Class A
EMS EN 61000-4-2 (ESD) Level 3
EN 61000-4-3 (RS) Level 3
EN 61000-4-4 (EFT) Level 3
EN 61000-4-5 (Surge) Level 3
EN 61000-4-6 (CS) Level 3
EN 61000-4-8 (Magnetic Field) Level 3
Shock IEC 60068-2-27
Freefall IEC 60068-2-32
Vibration IEC 60068-2-6
Railway Track Side EN 50121- 4
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 7
Page 8
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
1.2. Hardware Views
1.2.1 Front View
1
2
3
4
5
13
8
9
12
11
10
6
7
Front View
No. Item Description
1 Terminal Strip Power Supply Connector
2 SYS System Indicating LED
3 R.M. Ring Master Indicating LED
4 PWR1 Power 1 Indicating LED
5 PWR2 Power 2 Indicating LED
6 Alarm Alarm Indicating LED
7 Reset Allows for system soft reset or factory default reset
8 Console Port Use RS-232 to RJ-45 connecter to manage switch.
9 LNK /ACT Link activity LED for SFP ports
10 SFP FX Ports 100/1000BASE-X SFP ports
11 Speed 100/1000BASE-TX on RJ-45 port
12 LNK/AC T Link activity for RJ-45 Ports
13 RJ-45 TX Ports 10/100/1000BASE-T(X) Gigabit ports
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 8
Page 9
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
System LED Panel
Table 1-3. System LED Panel (Continued)
No. LED Name LED Color Description
2 SYS Green System is operational
Off System is powered down / powering up
3 R.M. Solid Green System is serving as Ring Master
4 PWR1 Solid Green Powered Up
Off Powered Down or Not Installed
5 PWR2 Solid Green Powered Up
Off Powered Down or Not Installed
6 Alarm Solid Red Defined Major Policies are Detected
Blinking Red Defined Minor Policies are detected
Off Powered Off or No Defined Policies Detected
SFP
9 LNK /ACT Orange 100 Mbps Speed over port
Green 1 Gbps Speed over port
RJ45
11 Speed Orange 100 Mbps Speed over port
Green 1 Gbps Speed over port
12 LNK/ACT Orange 100 Mbps Speed over port
Green 1 Gbps Speed over port
TECH SUPPORT: 1.888.678.9427
Multi View of Switch
INS_CNGE20FX4TX16MS
04/30/18 PAGE 9
Page 10
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
1.4. Packing List
The product package you have received should contain the following items. If any of them are not
included or are damaged, please contact your local vendor for support.
» 1 × Industrial Ethernet Switch
» 1 × DIN Rail Mount Kit
» 1 × Wall Mount Kit
» 1 × Quick Start Guide
» 1 × Serial Console Cable
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 10
Page 11
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.0 Installation Guidelines
2.1. War nin gs
Warning: Before working on equipment that is connected to power lines, remove any jewelry
(including rings, necklaces, and watches). Metal objects can heat up when connected to power
and ground, which can cause serious burns or weld the metal object to the terminals.
» Exposure to chemicals can degrade the sealing properties of materials used in the sealed relay
device.
» It is not recommended to work on the system or connect or disconnect cables dur ing periods
of lightning activity.
» Before performing any of the following procedures, disconnect the power source from the DC
circuit.
» Read the installation instructions before connecting the system to its power source.
» This unit is intended for installation in restricted access areas. A restricted access area is
defined as an area that can be accessed only through the use of a special tool, lock and key, or
other means of security.
» The device must be grounded. Never defeat the ground conductor or operate the equipment
in the absence of a suitably installed ground conductor.
» This unit may have more than one power supply connection. All connections must be removed
to de-energize the unit.
» If the switch is to be installed in a hazardous location, ensure that the DC power source is
located away from the vicinity of the switch.
» The installation of the equipment must comply with all national and local electrical codes.
» Explosion Hazard - The area must be known to be nonhazardous before servicing or replacing
any components.
» Airflow Around The Switch Must Be Unrestricted.
To Prevent The Switch From Overheating, There Must Be The Following Minimum Clearances:
› Top and Bottom: 2.0 in (50.8 mm)
› Sides: 2.0 in (50.8 mm)
› Front: 2.0 in (50.8 mm)
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 11
Page 12
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.2. Installation Guidelines
» The following guidelines are provided to optimize the device performance. Review the
guidelines before installing the device.
» Make sure cabling is away from sources of electrical noise. Radios, power lines, and flu orescent
lighting fixtures can interference with the device performance.
» Make sure the cabling is positioned away from equipment that can damage the cables.
» Operating environment is within the ranges listed range, see “Specifications” on page 1.
» Relative humidity around the switch does not exceed 95 percent (non-condensing).
» Altitude at the installation site is not higher than 10,000 feet.
» In 10/100 and 10/100/1000 fixed port devices, the cable length from the switch to con nected
devices can not exceed 100 meters (328 feet).
» Make sure airflow around the switch and respective vents is unrestricted. Without proper
airflow the switch can overheat. To prevent performance degradation and dam age to the
switch, make sure there is clearance at the top and bottom and around the exhaust vents.
2.3. Environment and Enclosure Guidelines
Review these environmental and enclosure guidelines before installation:
This equipment is intended for use in a Pollution Degree 2 industrial environment, in over-voltage
Category II applications (as defined in IEC publication 60664-1), at altitudes up to 3 km (9842 ft)
without derating.
This equipment is considered Group 1, Class A industrial equipment, according to IEC/ CISPR
Publication 11. Without appropriate precautions, there may be potential difficulties ensuring
electromagnetic compatibility in other environments due to conducted as well as radiated
disturbance.
This equipment is supplied as open-type equipment. It must be mounted within an enclo sure
that is suitably designed for those specific environmental conditions that will be present and
appropriately designed to prevent personal injury resulting from accessibility to live parts. The
enclosure must have suitable flame-retardant properties to prevent or minimize the spread of
flame, complying with a flame-spread rating of 5VA, V2, V1, V0 (or equivalent) if nonmetallic. The
interior of the enclosure must be accessible only by the use of a tool. Subsequent sections of this
publication might contain additional information regarding spe cific enclosure-type ratings that are
required to comply with certain product safety certifica tions.
2.3.1 Connecting Hardware
In this instruction, it will explain how to find a proper location for your Modbus Gateways, and how
to connect to the network, hock up the power cable, and connect to the managed Ethernet switch.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 12
Page 13
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.4. Verifying Switch Operation
Before installing the device in a rack or on a wall, power on the switch to verify that the switch
passes the power-on self-test (POST). To connect the cabling to the power source see “Power
Supply Installation” on page 15.
At startup (POST), the System LED blinks green, while the remaining LEDs are a solid green. Once
the switch passes POST self-test, the System LED turns green. The other LEDs turn off and return to
their operating status. If the switch fails POST, the System LED switches to an amber state.
After a successful self-test, power down the switch and disconnect the power cabling. The switch
is now ready for installation on its final location.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 13
Page 14
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.5. Hardware Installation
2.5.1 Installing Switch on DIN-Rail
Each switch has a DIN-Rail kit on the rear panel. The DIN-Rail kit affixes the switch to the DIN-Rail.
It is easy to install the switch on the DIN-Rail:
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 14
Page 15
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.5.2 Mount Switch on DIN-Rail
Step 1: Tilt the switch and mount the metal spring to DIN-Rail.
Step 2: Push the switch toward the DIN-Rail until you hear the spring snap into place
.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 15
Page 16
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.5.3 Wall Mounting Installation
Each switch has another installation method for users to install the switch. A wall mount kit can be
found in the package. The following steps show how to mount the switch on the wall:
Mounting the switch on a Wall
Step 1: Remove Din-Rail kit if it is attached to the switch.
Step 2: Use the 6 included screws to attach the wall mount panel as shown in the diagram below.
In order to prevent switches from being damaged, use only the screws included with the mounting
kit for the switch.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 16
Page 17
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.6. Installing and Removing SFP Modules
Up to two fiber optic ports are available (dependent on model) for use in the switch. Refer to the
technical specifications for details.
The Gigabit Ethernet ports on the switch are 100/1000Base SFP Fiber ports, which require using
the 100M or 1G mini-GBIC fiber transceivers to work properly. ComNet provides completed
transceiver models for different distance requirement.
The concept behind the LC port and cable is quite straight forward. Suppose that you are
connecting devices I and II; contrary to electrical signals, optical signals do not require a cir cuit in
order to transmit data. Consequently, one of the optical lines is used to transmit data from device
I to device II, and the other optical line is used transmit data from device II to device I, for fullduplex transmission.
Remember to connect the Tx (transmit) port of device I to the Rx (receive) port of device II, and
the Rx (receive) port of device I to the Tx (transmit) port of device II. If you make your own cable,
we suggest labeling the two sides of the same line with the same letter (A-to-A and B-to-B, or
A1-to-A2 and B1-to-B2).
2.6.1 Installing SFP Modules
To connect the fiber transceiver and LC cable, use the following guidelines:
1. Remove the dust plug from the fiber optic slot chosen for the SFP transceiver.
Figure 2-3. Removing the Dust Plug from an SFP Slot
Do not remove the dust plug from the SFP slot if you are not installing the trans ceiver at this time.
The dust plug protects hardware from dust contamination.
2. Position the SFP transceiver with the handle on top, see the following figure.
3. Locate the triangular marking in the slot and align it with the bottom of the transceiver.
4. Insert the SFP transceiver into the slot until it clicks into place.
5. Make sure the module is seated correctly before sliding the module into the slot. A click sounds
when it is locked in place.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 17
Page 18
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Handle
Figure 2-4. Installing an SFP Transceiver
If you are attaching fiber optic cables to the transceiver, continue with the following step.
Otherwise, repeat the previous steps to install the remaining SFP transceivers in the device.
6. Remove the protective plug from the SFP transceiver.
Do not remove the dust plug from the transceiver if you are not installing the fiber optic cable at
this time. The dust plug protects hardware from dust contamination.
7. Insert the fiber cable into the transceiver. The connector snaps into place and locks.
Figure 2-5. Attaching a Fiber Optic Cable to a Transceiver
8. Repeat the previous procedures to install any additional SFP transceivers in the switch. The fiber
port is now setup.
2.6.2 Removing SFP Modules
To disconnect an LC connector, use the following guidelines:
1. Press down and hold the locking clips on the upper side of the optic cable.
2. Pull the optic cable out to release it from the transceiver.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 18
Page 19
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Figure 2-6. Removing a Fiber Optic Cable to a Transceiver
3. Hold the handle on the transceiver and pull the transceiver out of the slot.
Handle
Figure 2-7. Removing an SFP Transceiver
Replace the dust plug on the slot if you are not installing a transceiver. The dust plug protects
hardware from dust contamination.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 19
Page 20
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.7. Connecting the Switch to Ethernet Ports
2.7.1 RJ45 Ethernet Cable Wiring
For RJ45 connectors, data-quality, twisted pair cabling (rated CAT5 or better) is recom mended.
The connector bodies on the RJ45 Ethernet ports are metallic and connected to the GND
terminal. For best performance, use shielded cabling. Shielded cabling may be used to provide
further protection.
Table 2-1. RJ45 Ethernet Wiring for Reference
Straight-thru Cable Wiring Cross-over Cable Wiring
Pin 1 Pin 1 Pin 1 Pin 3
Pin 2 Pin 2 Pin 2 Pin 6
Pin 3 Pin 3 Pin 3 Pin 1
Pin 6 Pin 6 Pin 6 Pin 2
Figure 2-8. Ethernet Plug & Connector Pin Position
Maximum cable length: 100 meters (328 ft) for 10/100/1000Base-T
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 20
Page 21
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.8. Connecting the Switch to Console Port
The industrial switch supports a secondary means of management. By connecting the RJ45 to
RS232 serial cable between a COM port on your PC (9-pin D-sub female) and the switch’s RJ45
(RJ45) port, a wired connection for management can be established.
To terminal or PC To console port
Figure 2-9. Serial Console Cable
5
9
Figure 2-10. DB 9 Pin Position
Table 2-2. Pin Assignment
DB9 Connector RJ45 Connector
NC 1 Orange/White
NC 2 Orange
2 3 Green/White
NC 4 Blue
5 5 Blue/White
3 6 Green
NC 7 Brown/White
NC 8 Brown
1
6
TECH SUPPORT: 1.888.678.9427
Figure 2-11. Pin Assignment
INS_CNGE20FX4TX16MS
04/30/18 PAGE 21
Page 22
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
2.10. Reset Button
Reset configuration to factory default
Press and hold Reset button for 5 seconds.
System reboot
Press and hold Reset button for 2 seconds.
Do NOT power off the Ethernet switch when loading default settings.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 22
Page 23
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
3.0 Setup
3.1. First Time Setup
3.1.1 Ove r view
The Industrial Ethernet Managed Switch is a configurable device that facilitates the intercon nection of
Ethernet devices on an Ethernet network. This includes computers, operator interfaces, I/O, controllers,
RTUs, PLCs, other switches/hubs or any device that supports the standard IEEE 802.3 protocol.
This switch has all the capabilities of a store and forward Ethernet switch plus advanced management
features such as SNMP, RSTP and port mirroring. This manual details how to configure the various
management parameters in this easy to use switch.
3.1.2 Introduction
To take full advantage of all the features and resources available from the switch, it must be
configured for your network.
The switch implements Rapid Spanning Tree Protocol (RSTP) and Simple Network Man agement
Protocol (SNMP) to provide most of the services offered by the switch. Rapid Spanning Tree Protocol
allows managed switches to communicate with each other to ensure that there exists only one active
route between each pair of network nodes and pro vides automatic failover to the next available
redundant route. A brief explanation of how RSTP works is given in the Spanning Tree section.
The switch is capable of communicating with other SNMP capable devices on the network to
exchange management information. This statistical/derived information from the network is saved
in the Management Information Base (MIB) of the switch. The MIB is divided into several different
information storage groups. These groups will be elaborated in detail in the Management and
SNMP information section of this document. The switch implements Inter net Group Management
Protocol (IGMP) to optimize the flow of multicast traffic on your net work.
The switch supports both port-based and tag-based Virtual LANs for flexible integration with
VLAN-aware networks with support for VLAN-unaware devices.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 23
Page 24
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
3.1.3 Administrative Interface Access
There are several administrative interfaces to the switch:
1. A graphical web interface accessible via the switch’s built-in web server. Both HTTP and secure
HTTPS with SSL are supported.
This is the recommended method for managing the switch.
2. A terminal interface via the RS232/USB port or over the network using telnet or Secure Shell
(SSH).
3. An SNMP interface can be used to read/write many settings.
4. Command Line Interface (CLI) can be used to read/write most settings. Initial setup must be
done using an Ethernet connection (recommended) or the serial port.
3.1.4 Using the Graphical (Web) Interface
The graphical interface is provided via a web server in the switch and can be accessed via a web
browser such as Opera, Mozilla, or Internet Explorer.
JavaScript must be supported and enabled in your browser for the graphical inter face to work
correctly.
HTTP and HTTPS (secure HTTP) are supported for access to the web server. By default, both
protocols are enabled. Either or both may be disabled to secure the switch. (See the Remote
Access Security topic in this section.)
To access the graphical interface, enter a URL like HTTP://192.168.10.1 in your browser’s address
bar. Replace “http” with “https” to use secure http and replace “192.168.10.1” with your switch’s IP
address if you’ve changed it from the factory default.
The web server in the switch uses a signed security certificate. When you access the server via
https, you may see a warning dialog indicating that the certificate was signed by an unknown
authority. This is expected and to avoid this message in the future you can choose to install the
certificate on your computer.
This manual describes and depicts the web user interface in detail. The terminal interface is not
specifically shown but is basically the same.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 24
Page 25
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
3.1.5 Configuring the Switch for Network Access
To control and monitor the switch via the network, it must be configured with basic network
settings, including an IP address and subnet mask. Refer to the quick start guide in Section 1 for
how to initially access your switch.
To configure the switch for network access, select [Add Menu Address Here] to reach the System
Settings menu. The settings in this menu control the switch’s general network con figuration.
» DHCP Enabled/Disabled: The switch can automatically obtain an IP address from a server
using the Dynamic Host Configuration Protocol (DHCP). This can speed up initial set up, as the
network administrator does not have to find an open IP address.
» IP Address and subnet mask configuration: The IP address for the switch can be changed to a
user-defined address along with a customized subnet mask to separate subnets.
Advanced users can set the IP address to 0.0.0.0 to disable the use of an IP address for additional
security. However, any features requiring an IP address (i.e., web interface, etc.) will no longer be
available.
» Default Gateway Selection: A Gateway Address is chosen to be the address of a router that
connects two different networks. This can be an IP address or a Fully Qualified Domain Name
(FQDN) such as “domainname.org”.
» NTP Server: The IP address or domain name of an NTP (Network Time Protocol) server from
which the switch may retrieve the current time at startup. Please note that using a domain
name requires that at least one domain name server be configured.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 25
Page 26
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
3.1.6 Configuring the Ethernet Ports
The switch comes with default port settings that should allow you to connect to the Ethernet Ports
with out any necessary configuration. Should there be a need to change the name of the ports,
negotiation settings or flow control settings, you can do this in the Port Configura tion menu.
Access this menu by selecting Setup from the Main menu, and then selecting Main Settings.
» Port Name: Each port in the managed switch can be identified with a custom name. Specify a
name for each port here.
» Admin: Ports can be enabled or disabled in the managed switch. For ports that are dis abled,
they are virtually non-existent (not visible in terms of switch operation or spanning tree algorithm).
Choose to enable or disable a port by selecting Enabled or Disabled, respectively.
» Negotiation: All copper ports and gigabit fiber ports in the managed switch are capable of
autonegotiation such that the fastest bandwidth is selected. Choose to enable auto-negotiation
or use fixed settings. 100Mbps Fiber ports are Fixed speed only.
» Speed/Duplex/Flow Control: The managed switch accepts three local area network Ethernet
Standards. The first standard, 10BASE-T, runs 10Mbps with twisted pair Ether net cable
between network interfaces. The second local area network standard is 100BASE-T, which
runs at 100Mbps over the same twisted pair Ethernet cable. Lastly, there is 100BASE-F, which
enables fast Ethernet (100Mbps) over fiber.
These options are available:
» 10h–10 Mbps, Half Duplex
» 10f –10 Mbps, Full Duplex
» 100h–100 Mbps, Half Duplex
» 100f –100 Mbps, Full Duplex
» 1000f–1000 Mbps, Full Duplex
On managed switches with gigabit combination ports, those ports with have two rows, a standard
row of check boxes and a row labeled “SFP” with radio buttons. The SFP setting independently
sets the speed at which a transceiver will operate if one is plugged in. Other wise, the switch will
use the fixed Ethernet port and the corresponding settings for it.
When 100f is selected for the SFP of a gigabit combination port, the corresponding fixed
Ethernet jack will be disabled unless it is changed back to 1000F.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 26
Page 27
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
3.2. Command Line Interface Configuration
3.2.1 Introduction to Command-Line Interface (CLI)
The command-line interface (CLI) is constructed with an eye toward automation of CLI-based
configuration. The interaction is modeled on that used in many Internet protocols such as Telnet,
FTP, and SMTP. After each command is entered and processed, the switch will issue a reply that
consists of a numeric status code and a human-readable explanation of the status.
The general format of commands is:
» section parameter [value]
where:
» section is used to group parameters.
» parameter will specify the parameter within the section. For example, the network section will
have parameters for DHCP, IP address, subnet mask, and default gate way.
» value is the new value of the parameter. If value is omitted, the current value is dis played.
Please note that new values will not take effect until explicitly committed.
Sections and parameter names are case sensitive (e.g., “Network” is not the same as “net work”).
Any commands in the CLI Commands section of this chapter, with the exception of the global
commands, must be prefaced with the name of the section they are in. For example, to change
the IP address of the switch, you would type: network address <newIP>
3.2.2 Accessing the CLI
To access the CLI interface, establish Ethernet or serial connectivity to the switch. To connect by
Ethernet, open a command prompt window and type:
» telnet <switchip> (where <switchip> is the IP address of the switch)
At the login prompt, type “cli” for the username and “admin” for the password. The switch will
respond with “Managed switch configuration CLI ready”.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 27
Page 28
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
3.3. Web Browser Configuration
The switch has an HTML based user interface embedded in the flash memory. The interface offers
an easy to use means to manage basic and advanced switch functions. The interface allows for
local or remote switch configuration anywhere on the network.
The interface is designed for use with [Internet Explorer (6.0), Chrome, Firefox].
3.3.1 Preparing for Web Configuration
The interface requires the installation and connection of the switch to the existing network. A
PC also connected to the network is required to connect to the switch and access the inter face
through a web browser. The required networking information is provided as follows:
» IP a ddre ss: 192.16 8.10.1
» Subnet mask: 255.255.255.0
» Default gateway: 192.168.10.254
» User name: admin
» Password: admin
3.3.2 System Login
Once the switch is installed and connected, power on the switch. The following information guides
you through the logging in process.
1. Launch your web browser on the PC.
2. In the browser’s address bar, type the switch’s default IP address (192.168.10.1). The login screen
displays.
3. Enter the user default name and password (admin / admin).
4. Click OK on the login screen to log in. The main interface displays.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 28
Page 29
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.0. Switch Management
4.1. Log In
To access the login window, connect the device to the network, see “Connecting the Switch to
Ethernet Ports” on page 13. Once the switch is installed and connected, power on the switch see
the following procedures to log into your switch.
When the switch is first installed, the default network configuration is set to DHCP enabled. You
will need to make sure your network environment supports the switch setup before connecting it
to the network.
1. Launch your web browser on a computer.
2. In the browser’s address bar type in the switch’s default IP address (192.168.10.1). The login
screen displays.
3. Enter the default user name and password (admin/admin) to log into the management interface.
You can change the default password after you have successfully logged in.
4. Click Login to enter the management interface.
Figure 4-1. Login Screen
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 29
Page 30
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.2. Recommended Practices
One of the easiest things to do to help increase the security posture of the network infrastructure
is to implement a policy and standard for secure management. This practice is an easy way to
maintain a healthy and secure network.
After you have performed the basic configurations on your switches, the following is a
recommendation which is considered best practice policy.
4.2.1 Changing Default Password
In keeping with good management and security practices, it is recommended that you change the
default password as soon as the device is functioning and setup correctly. The following details
the necessary steps to change the default password.
To change the password:
1. Navigate to Tools > User Account.
2. From the User drop-down menu, select the Admin (default) account.
3. In the User Name field, enter admin for this account. It is not necessary to change the user
name, however, a change in the default settings increases the security settings.
4. In the Password field, type in the new password. Re-type the same password in the Retype
Password field.
5. Click Apply to change the current account settings.
After saving all the desired settings, perform a system save (Tools > Save Configura tion). The
changes are saved.
TECH SUPPORT: 1.888.678.9427
Figure 4-2. Changing a Default Password
INS_CNGE20FX4TX16MS
04/30/18 PAGE 30
Page 31
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.3. Monitoring
4.3.1 Device Information
The Device Information menu lists information, such as: System Name, System Location, MAC
Address, Firmware version, and more, pertaining to the system. The information is for review only.
To modify the device information, see the respective item within the user interface.
To access this page, click Monitoring > Device Information.
Figure 4-3. Monitoring > Device Information
Table 4-1. Monitoring > Device Information
Item Description
System Name Click Switch to enter the system name: up to 128 alphanumeric characters (default is
Switch).
System Location Click Default to enter the location: up to 256 alphanumeric characters (default is Default).
System Contact Click Default to enter the contact person: up to 128 alphanumeric characters (default is
Default).
MAC Address Displays the MAC address of the switch.
IP Address Displays the assigned IP address of the switch.
Subnet Mask Displays the assigned subnet mask of the switch.
Gateway Displays the assigned gateway of the switch.
Loader Version Displays the current loader version of the switch.
Loader Date Displays the current loader build date of the switch.
Firmware Version Displays the current firmware version of the switch.
Firmware Date Displays the current firmware build date of the switch.
System Object ID Displays the base object ID of the switch.
System Up Time Displays the time since the last switch reboot.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 31
Page 32
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.3.2 Logging Message
The Logging Message Filter page allows you to enable the display of logging message filter. To
access this page, click Monitoring > Logging Message.
Figure 4-4. Monitoring > Logging Message
Table 4-2. Monitoring > Logging Message
Item Description
Target Click the drop-down menu to select a target to store the log messages.
Buffered: Store log messages in RAM. All log messages are cleared after system reboot.
File: Store log messages in a file.
Severity The setting allows you to designate a severity level for the Logging Message Filter function.
Click the drop-down menu to select the severity level target setting.
The level options are:
emerg: Indicates system is unusable. It is the highest level of severity.
alert: Indicates action must be taken immediately.
crit: Indicates critical conditions.
error: Indicates error conditions.
warning: Indicates warning conditions.
notice: Indicates normal but significant conditions.
info: Indicates informational messages.
debug: Indicates debug-level messages.
Category Click the drop-down menu to select the category level target setting.
View Click View to display all Logging Information and Logging Message information.
Refresh Click Refresh to update the screen.
Clear
Click Clear buffered messages to clear the logging buffer history list.
buffered
messages
The ensuing table for Logging Information table settings are informational only: Target, Severity
and Category.
The ensuing table for Logging Message table settings are informational only: No., Time Stamp,
Category, Severity and Message.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 32
Page 33
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.3.3 Port Monitoring
Port Network Monitor is a bandwidth and network monitoring tool for the purpose of capturing
network traffic and measuring of network throughput. The monitoring functionality includes listing
of port statistics as well as port utilization.
Port Statistics
To access this page, click Monitoring > Port Monitoring > Port Statistics.
Figure 4-5. Monitoring > Port Monitoring > Port Statistics
Table 4-3. Monitoring > Port Monitoring > Port Statistics
Item Description
Port Click the drop-down menu to select a port and its captured statistical setting values.
Clear Click Clear to clear the counter selections.
The ensuing table for IF MIB Counters settings are informational only: ifInOctets, ifInUcast-Pkts,
ifInNUcastPkts, ifInDiscards, ifOutOctets, ifOutUcastPkts, ifOutNUcastPkts, ifOutDis-cards,
ifInMulticastPkts, ifInBroadcastPkts, ifOutMulticastPkts and ifOutBroadcastPkts.
The ensuing table for Ether-Like MIB Counters settings are informational only:
dot3StatsAlignmentErrors, dot3StatsFCSErrors, dot3StatsSingleCollisionFrames,
dot3StatsMultipleCollisionFrames, dot3StatsDeferredTransmissions, dot3StatsLateCollisions,
dot3StatsExcessiveCollisions, dot3StatsFrameTooLongs, dot3StatsSymbolErrors,
dot3ControlInUnknownOpcodes, dot3InPauseFrames and dot3OutPauseFrames.
The ensuing table for Rmon MIB Counters settings are informational only: etherStatsDropEvents, etherStatsOctets, etherStatsPkts, etherStatsBroadcastPkts, etherStatsMulti-castPkts,
etherStatsCRCAlignErrors, etherStatsUnderSizePkts, etherStatsOverSizePkts, etherStatsFragments,
etherStatsJabbers, etherStatsCollisions, etherStatsPkts64Octets, etherStatsPkts65to127Octets,
etherStatsPkts128to255Octets, etherStatsPkts256to511Octets, etherStatsPkts512to1023Octets and
etherStatsPkts1024to1518Octets.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 33
Page 34
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Port Utilization
To access this page, click Monitoring > Port Monitoring > Port Utilization.
Figure 4-6. Monitoring > Port Monitoring > Port Utilization
Table 4-4. Monitoring > Port Monitoring > Port Utilization
Item Description
Refresh period Click the drop-down menu to select and designate a period (second intervals) to refresh
the information (TX and RX) listings.
IFG Click the drop-down menu to enable or disable the Interframe Gap (IFG) statistic.
4.3.4 Link Aggregation
The Link Aggregation function provides LAG information for each trunk. It displays membership
status, link state and membership type for each port.
To access this page, click Monitoring > Link Aggregation.
The ensuing table for Link Aggregation Group Status settings are informational only: LAG, Name,
Type, Link State, Active Member and Standby Member.
The ensuing table for LACP Information settings are informational only: LAG, Port, Partner-SysId,
PnKey, AtKey, Sel, Mux, Receiv, PrdTx, AtState and PnState.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 34
Page 35
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.3.5 LLDP Statistics
The LLDP Statistics page displays the LLDP statistics.
To access this page, click Monitoring > LLDP Statistics.
Figure 4-7. Monitoring > LLDP Statistics
Table 4-5. Monitoring > LLDP Statistics
Item Description
Clear Click Clear to reset LLDP Statistics of all the interfaces.
Refresh Click Refresh to update the data on the screen with the present state of the data in the switch.
The ensuing table for LLDP Global Statistics settings are informational only: Insertions, Deletions,
Drops and Age Outs.
The ensuing table for LLDP Port Statistics settings are informational only: Port, TX Frames (Total), RX
Frames (Total, Discarded and Errors), RX TLVs (Discarded and Unrecognized) and RX Ageouts (Total).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 35
Page 36
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.3.6 IGMP Statistics
The IGMP Statistics function displays statistical package information for IP multicasting. To access
this page, click Monitoring > IGMP Statistics.
Figure 4-8. Monitoring > IGMP Statistics
Table 4-6. Monitoring > IGMP Statistics
Item Description
Clear Click Clear to refresh IGMP Statistics of all the interfaces.
Refresh Click Refresh to update the data on the screen with the present state of the data in the
switch.
The ensuing table for IGMP Statistics settings are informational only: Total RX, Valid RX, Invalid
RX, Other RX, Leave RX, Report RX, General Query RX, Special Group Query RX, Special Group &
Source Query RX, Leave TX, Report TX, General Query TX, Special Group Query TX and Special
Group & Source Query TX.
INS_CNGE20FX4TX16MS
TECH SUPPORT: 1.888.678.9427
04/30/18 PAGE 36
Page 37
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.4. System
4.4.1 IP Settings
The IP Settings menu allows you to select a static or DHCP network configuration. The Static
displays the configurable settings for the static option.
To access this page, click System > IP Settings.
Figure 4-9. System > IP Settings
Table 4-7. System > IP Settings
Item Description
Mode Click the radio button to select the IP Address Setting mode: Static or DHCP.
IP Address Enter a value to specify the IP address of the interface. The default is 192.168.10.1.
Subnet Mask Enter a value to specify the IP subnet mask for the interface. The default is
255.255.255.0.
Gateway Enter a value to specify the default gateway for the interface. The default is 192.168.1.254.
DNS Server 1 Enter a value to specify the DNS server 1 for the interface. The default is 168.95.1.1.
DNS Server 2 Enter a value to specify the DNS server 2 for the interface. The default is 168.95.192.1.
Apply Click Apply to save the values and update the screen.
The ensuing table for IP Address Information settings are informational only: DHCP State, Static IP
Address, Static Subnet Mask, Static Gateway, Static DNS Server 1 and Static DNS Server 2.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 37
Page 38
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.4.2 DHCP Client Option 82
The DHCP Client Option 82 configurable Circuit ID and Remote ID feature enhances validation
security by allowing you to select naming choices suboptions. You can select a switch-configured
hostname or specify an ASCII test string for the remote ID. You can also configure an ASCII text
string to override the circuit ID.
To access this page, click System > DHCP Client Option 82.
Figure 4-10. System > DHCP Client Option 82
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 38
Page 39
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-8. System > DHCP Client Option 82
Item Description
Mode Click the radio button to enable or disable the DHCP Client Option 82 mode.
Circuit ID Format Click the drop-down menu to set the ID format: String, Hex, User Definition.
Circuit ID String Enter the string ID of the corresponding class.
Circuit ID Hex Enter the hex string of the corresponding class.
Circuit ID UserDefine
Remote ID Format Click the drop-down menu to set the Remote ID format: String, Hex, User Definition.
Remote ID String Enter the remote string ID of the corresponding class.
Enter the user definition of the corresponding class.
Remote ID Hex Enter the remote hex string of the corresponding class.
Remote ID User-
Enter the remote user definition of the corresponding class.
Define
Apply Click Apply to save the values and update the screen.
The ensuing table for DHCP Client Option 82 Information table settings are informational only:
Status, Circuit ID Format, Circuit ID String, Circuit ID Hex, Circuit ID User-Define, Remote ID
Format, Remote ID String, Remote ID Hex and Remote ID User-Define.
4.4.3 DHCP Auto Provision
The DHCP Auto Provision feature allows you to load configurations using a server with DHCP
options. Through the remote connection, the switch obtains information from a configuration file
available through the TFTP server.
To access this page, click System > DHCP Auto Provision.
Item Description
Status Select the radio button to enable or disable the DHCP Auto Provisioning Setting.
Apply Click Apply to save the values and update the screen.
The ensuing table for DHCP Auto Provision Information settings are informational only: Status
TECH SUPPORT: 1.888.678.9427
Figure 4-11. System > DHCP Auto Provision
Table 4-9. System > DHCP Auto Provision
INS_CNGE20FX4TX16MS
04/30/18 PAGE 39
Page 40
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.4.4 IPv6 Settings
To access this page, click System > IPv6 Settings.
Figure 4-12. System > IPv6 Settings
Table 4-10. System > IPv6 Settings
Item Description
Auto Configuration Select the radio button to enable or disable the IPv6.
IPv6 Address Enter the IPv6 address for the system.
Gateway Enter the gateway address for the system.
DHCPv6 Client Enter the DHCPv6 address for the system
Apply Click Apply to save the values and update the screen.
The ensuing table for IPv6 Information settings are informational only: Auto Configuration, IPv6 In
Use Address, IPv6 In Use Router, IPv6 Static Address, IPv6 Static Router and DHCPv6 Client.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 40
Page 41
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.4.5 Management VLAN
By default the VLAN is the management VLAN providing communication with the switch
management interface.
To access this page, click System > Management VLAN.
Figure 4-13. System > Management VLAN
Table 4-11. System > Management VLAN
Item Description
Management VLAN Click the drop-down menu to select a defined VLAN.
Apply Click Apply to save the values and update the screen.
The ensuing table for Management VLAN State are informational only: Management VLAN.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 41
Page 42
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.4.6 System Time
To access this page, click System > System Time.
TECH SUPPORT: 1.888.678.9427
Figure 4-14. System > System Time
INS_CNGE20FX4TX16MS
04/30/18 PAGE 42
Page 43
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-12. System > System Time
Item Description
Enable SNTP Click the radio button to enable or disable the SNTP.
SNTP/NTP Server
Address
Enter the address of the SNTP server. This is a text string of up to 64 characters
containing the encoded unicast IP address or hostname of a SNTP server. Unicast
SNTP requests will be sent to this address. If this address is a DNS hostname,
then that hostname should be resolved into an IP address each time a SNTP
request is sent to it.
SNTP Port Enter the port on the server to which SNTP requests are to be sent. Allowed
range is 1 to 65535 (default: 123).
Manual Time Click the drop-down menus to set local date and time of the system.
Time Zone Click the drop-down menu to select a system time zone.
Daylight Saving Time Click the drop-down menu to enable or disable the daylight saving time settings.
Daylight Saving Time
Enter the offsetting variable in seconds to adjust for daylight saving time.
Offset
Recurring From Click the drop-down menu to designate the start date and time for daylight
saving time.
Recurring To Click the drop-down menu to designate the end date and time for daylight saving
time.
Non-Recurring From Click the drop-down menu to designate a start date and time for a non recurring
daylight saving time event.
Non-Recurring To Click the drop-down menu to designate the end date and time for a non recurring
daylight saving time event.
Apply Click Apply to save the values and update the screen.
The ensuing table for System Time Information settings are informational only: Current Date/Time,
SNTP, SNTP Server Address, SNTP Server Port, Time zone, Daylight Saving Time, Daylight Saving
Time Offset, From and To.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 43
Page 44
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5. L2 Switching
4.5.1 Port Configuration
Port Configuration describes how to use the user interface to configure LAN ports on the switch.
To access this page, click L2 Switching > Port Configuration.
Figure 4-15. L2 Switching > Port Configuration
Table 4-13. L2 Switching > Port Configuration
Item Description
Port Click the drop-down menu to select the port for the L2 Switch setting.
Enabled Click the radio-button to enable or disable the Port Setting function.
Speed Click the drop-down menu to select the port speed: Auto, Auto-10M, Auto-100M, Auto-
1000M, Auto-10/100M, 10M, 100M, or 1000M.
Duplex Click the drop-down menu to select the duplex setting: Half or Full.
Flow Control Click the radio button to enable or disable the flow control function.
Apply Click Apply to save the values and update the screen.
The ensuing table for Port Status settings are informational only: Port, Edit (click to enter
description), Enable State, Link Status, Speed, Duplex, FlowCtrl Config and FlowCtrl Status.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 44
Page 45
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5.2 Port Mirror
Port mirroring function allows the sending of a copy of network packets seen on one switch port
to a network monitoring connection on another switch port. Port mirroring can be used to analyze
and debug data or diagnose errors on a network or to mirror either inbound or outbound traffic
(or both).
There are no preset values in the Port Mirror. The displayed values do not represent the actual
setting values.
To access this page, click L2 Switching > Port Mirror.
TECH SUPPORT: 1.888.678.9427
Figure 4-16. L2 Switching > Port Mirror
INS_CNGE20FX4TX16MS
04/30/18 PAGE 45
Page 46
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-14. L2 Switching > Port Mirror
Item Description
Session ID Click the drop-down menu to select a port mirroring session from the list. The
number of sessions allowed is platform specific.
Monitor session state Click the drop-down menu to enable or disable the session mode for a selected
session ID.
Destination Port Click the drop-down menu to select the destination port and receive all the traffic
from configured mirrored port(s).
Allow-ingress Click the drop-down menu to enable or disable the Allow-ingress function.
Sniffer RX Ports Enter the variable to define the RX port.
Sniffer TX Ports Enter the variable to define the TX port.
Apply Click Apply to save the values and update the screen.
The ensuing table for Mirror Status settings are informational only: Session ID, Destination Port,
Ingress State, Source TX Port and Source RX Port.
4.5.3 Link Aggregation
Link Aggregation is a method for combining multiple network connections in parallel in order to
increase throughput beyond the capability of a single connection, and to provide redundancy in
case one of the links should fail.
Load Balance
The Load Balancing page allows you to select between a MAC Address or IP/MAC Address
algorithm for the even distribution of IP traffic across two or more links.
To access this page, click L2 Switching > Link Aggregation > Load Balance.
Figure 4-17. L2 Switching > Link Aggregation > Load Balance
Table 4-15. L2 Switching > Link Aggregation > Load Balance
Item Description
Load Balance
Algorithm
Select the radio button to select the Load Balance Setting: MAC Address or IP/MAC
Address.
Apply Click Apply to save the values and update the screen.
The ensuing table for Load Balance Information settings are informational only: Load Balance
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 46
Page 47
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Algorithm.
LAG Management
Link aggregation is also known as trunking. It is a feature available on the Ethernet gateway and is
used with Layer 2 Bridging. Link aggregation allows for the logical merging of multiple ports into a
single link.
To access this page, click L2 Switching > Link Aggregation > LAG Management.
Figure 4-18. L2 Switching > Link Aggregation > LAG Management
Table 4-16. L2 Switching > Link Aggregation > LAG Management
Item Description
LAG Click the drop-down menu to select the designated trunk group: Trunk 1 ~8.
Name Enter an entry to specify the LAG name.
Type Click the radio button to specify the type mode: Static or LACP.
Ports Click the drop-down menu to select designated ports: FE1-8 or GE1-2.
Apply Click Apply to save the values and update the screen.
The ensuing table for LAG Management Information settings are informational only: LAG, Name,
Type, Link State, Active Member, Standby Member, Edit (click to modify the settings) and Clear
(click to load default settings).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 47
Page 48
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
LAG Port Settings
The LAG Port Settings page allows you to enable or disable, set LAG status, speed and flow
control functions.
In this example we will configure a LAG between the following switches:
To access this page, click L2 Switching > Link Aggregation > LAG Port Settings.
Figure 4-19. L2 Switching > Link Aggregation > LAG Port Settings
Table 4-17. L2 Switching > Link Aggregation > LAG Port Settings
Item Description
LAG Select Click the drop-down menu to select a predefined LAG trunk definition: LAG 1-8.
Enabled Click the radio button to enable or disable the LAG Port.
Speed Click the drop-down menu to select the port speed: Auto, Auto-10M, Auto-100M, Auto-
1000M, Auto-10/100M, 10M, 100M, or 1000M.
Flow Control Click the radio button to enable or disable the Flow Control for the LAG Port.
Apply Click Apply to save the values and update the screen.
The ensuing table for LAG Port Status settings are informational only: LAG, Description, Port Type,
Enable State, Link Status, Speed, Duplex, FlowCtrl Config and FlowCtrl Status.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 48
Page 49
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
LACP Priority Settings
The LACP Priority Settings page allows you to configure the system priority for LACP.
To access this page, click L2 Switching > Link Aggregation > LACP Priority Settings.
Figure 4-20. L2 Switching > Link Aggregation > LACP Priority Settings
Table 4-18. L2 Switching > Link Aggregation > LACP Priority Settings
Item Description
System Priority Enter the value (1-65535) to designate the LACP system priority.
Apply Click Apply to save the values and update the screen.
The ensuing table for LACP Information settings are informational only: System Priority.
LACP Port Settings
Link Aggregation Control Protocol (LACP) provides a method to control the bundling of several
physical ports together to form a single logical channel. By configuring the LACP function, the
switch can negotiate an automatic bundling of links by sending LACP packets to the peer device
(also implementing LACP).
To access this page, click L2 Switching > Link Aggregation > LACP Port Settings.
Figure 4-21. L2 Switching > Link Aggregation > LACP Port Settings
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 49
Page 50
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-19. L2 Switching > Link Aggregation > LACP Port Settings
Item Description
Port Select Select a port for the LACP Port Settings. The listed available settings are: FE1-FE8, GE1-GE2.
However, the available settings are dependent on the connected LACP device and may not
be listed as displayed in the current figure.
Priority Enter a variable (1 to 65535) to assign a priority to the defined port selec tion.
Timeout Click the radio button to select a long or short timeout period.
Mode Click the radio button to select the setting mode: Active or Passive.
Active: Enables LACP unconditionally.
Passive: Enables LACP only when an LACP device is detected (default state).
Apply Click Apply to save the values and update the screen.
The ensuing table for LACP Port Information settings are informational only: Port Name, Priority,
Timeout and Mode.
4.5.4 802.1Q VLAN
The 802.1Q VLAN feature allows for a single VLAN to support multiple VLANs. With the 802.1Q
feature you can preserve VLAN IDs and segregate different VLAN traffic.
The 802.1Q VLAN tag feature encapsulates the 802.1Q VLAN tagging within another 802.1Q
VLAN tag. The outer tag is assigned following the AP group, while the inner VLAN ID is assigned
dynamically by the AAA server.
VLAN Management
The management of VLANs is available through the VLAN Settings page. Through this page you
can add or delete VLAN listings and add a prefix name to an added entry.
To access this page, click L2 Switching > 802.1Q VLAN > VLAN Management.
Figure 4-22. L2 Switching > 802.1Q VLAN > VLAN Management
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 50
Page 51
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-20. L2 Switching > 802.1Q VLAN > VLAN Management
Item Description
VLAN list Enter the name of the VLAN entry to setup.
VLAN Action Click the radio button to add or delete the VLAN entry shown in the previous field.
VLAN Name Prefix Enter the prefix to be used by the VLAN list entry in the previous field.
Apply Click Apply to save the values and update the screen.
The ensuing table for VLAN Table settings are informational only: VLAN ID, VLAN Name, VLAN
Type and Edit (click to enter VLAN name).
PVID Settings
The PVID Settings page allows you to designate a PVID for a selected port, define the accepted
type and enable/disable the ingress filtering.
To access this page, click L2 Switching > 802.1Q VLAN > PVID Settings.
Figure 4-23. L2 Switching > 802.1Q VLAN > PVID Settings
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 51
Page 52
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-21. L2 Switching > 802.1Q VLAN > PVID Settings
Item Description
Port Select Click the drop-down menu to select a port and edit its settings: FE1-FE8, GE1-GE2, or
Trunk1 - Trunk8.
PVID Enter the VLAN ID you want assigned to untagged or priority tagged frames received
on this port. The value ranges 1 to 4094. The default is 1.
Accepted Type Click the radio button to specify which frames to forward. Tag Only discards any
untagged or priority tagged frames. Untag Only discards any tagged frames.
All accepts all untagged and tagged frames.
Whichever you select, VLAN tagged frames are forwarded in accordance with the IEEE
802.1Q VLAN standard. The default is All.
Ingress Filtering Click the radio button to specify how you want the port to handle tagged frames. If you
enable Ingress Filtering, a tagged frame will be discarded if this port is not a member
of the VLAN identified by the VLAN ID in the tag. If you select Disabled, all tagged
frames will be accepted. The default is Disabled.
Apply Click Apply to save the values and update the screen.
The ensuing table for Port VLAN Status settings are informational only: Port, Interface VLAN
Mode, PVID, Accept Frame Type and Ingress Filtering.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 52
Page 53
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Port to VLAN
The Port to VLAN page allows you to add a port to a VLAN and select the related parameters.
To access this page, click L2 Switching > 802.1Q VLAN > Port to VLAN.
Figure 4-24. L2 Switching > 802.1Q VLAN > Port to VLAN
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 53
Page 54
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-22. L2 Switching > 802.1Q VLAN > Port to VLAN
Item Description
Port Displays the assigned port to the entry.
Interface VLAN
Mode
Membership Displays the assigned membership status of the port entry, options include: Forbidden,
Apply Click Apply to save the values and update the screen.
Displays the assigned mode to the listed VLAN port.
Hybrid: Port hybrid model.
Access: Port hybrid model.
Trunk: Port hybrid model.
Tunnel: Port hybrid model.
Excluded Tagged or Untagged.
Port-VLAN Mapping
To access this page, click L2 Switching > 802.1Q VLAN > Port-VLAN Mapping.
The ensuing table for Port-VLAN Mapping Table settings are informational only: Port, Mode,
Administrative VLANs and Operational VLANs.
4.5.5 Q-in-Q
Q-in-Q is commonly referred as VLAN stacking in which VLANs are nested by adding two tags to
each frame instead of one. Network service provider and users both can use VLANs and makes it
possible to have more than the 4094 separate VLANs allowed by 802.1Q.
There are three ways in which a machine can be connected to a network carrying double-tagged
802.1ad tr af f ic :
» via a untagged port, where both inner and outer VLANs are handled by the switch or switches
(so the attached machine sees ordinary Ethernet frames);
» via a single-tagged (tunnel) port, where the outer VLAN only is handled by the switch (so the
attached machine sees single-tagged 802.1Q VLAN frames); or
» via a double-tagged (trunk) port, where both inner and outer VLANs are handled by the
attached machine (which sees double-tagged 802.1ad VLAN frames).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 54
Page 55
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Global Settings
The Global Settings page allows you to set the outer VLAN Ethertype setting. To access this page,
click L2 Switching > Q-in-Q > Global Settings.
Figure 4-25. L2 Switching > Q-in-Q > Global Settings
Table 4-23. L2 Switching > Q-in-Q > Global Settings
Item Description
Outer VLAN Ethertype Enter the outer VLAN handled by the switch giving the attached machine a
single-tagged 802.1Q VLAN frame.
Apply Click Apply to save the values and update the screen.
The ensuing table for QinQ Global Information settings are informational only: Outer VLAN
Ethertype.
Port Settings
The Port Settings page allows you to define the outer PVID and outer mode for a selected port.
To access this page, click L2 Switching > Q-in-Q > Port Settings.
Figure 4-26. L2 Switching > Q-in-Q > Port Settings
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 55
Page 56
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-24. L2 Switching > Q-in-Q > Port Settings
Item Description
Port Select Enter the switch port (part of VLAN configuration) to configure the selection as a tunnel
port.
Outer PVID Enter the Port VLAN ID (PVID) to assigned the native VLAN ID. All untagged traffic coming
in or out of the 802.1Q port is forwarded based on the PVID value
Outer Mode Click the drop-down menu to select between UNI or NNI role.
UNI: Selects a user-network interface which specifies communication between the
specified user and a specified network.
NNI: Selects a network-to-network interface which specifies communication between two
specified networks.
Apply Click Apply to save the values and update the screen.
The ensuing table for QinQ Port Information settings are informational only: Port, Outer PVID and
Outer Mode.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 56
Page 57
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5.6 GARP
The Generic Attribute Registration Protocol (GARP) is a local area network (LAN) protocol. The
protocol defines procedures for the registration and de-registration of attributes (network
identifiers or addresses) by end stations and switches with each other.
GARP Settings
To access this page, click L2 Switching > GARP > GARP Settings.
Figure 4-27. L2 Switching > GARP > GARP Settings
Table 4-25. L2 Switching > GARP > GARP Settings
Item Description
Join Time Enter a value to specify the time between the transmission of GARP PDUs registering
(or re-registering) membership for a VLAN or multicast group in centiseconds. Enter a
number between 6 and 600. An instance of this timer exists for each GARP participant for
each port.
Leave Time Enter a value to specify the time to wait after receiving an unregister request for a VLAN
or multicast group before deleting the associated entry, in centiseconds. This allows
time for another station to assert registration for the same attribute in order to maintain
uninterrupted service. Enter a number between 12 and 3000. An instance of this timer
exists for each GARP participant for each port.
Leave All Time Enter a value to specify the Leave All Time controls how frequently Leave All PDUs are
generated. A LeaveAll PDU indicates that all registrations will shortly be deregistered.
Participants will need to rejoin in order to maintain registration. The Leave All Period
Timer is set to a random value in the range of LeaveAllTime to 1.5*LeaveAllTime. The
timer is specified in centiseconds. Enter a number between 12 and 12000. An instance of
this timer exists for each GARP participant for each port.
Apply Click Apply to save the values and update the screen.
The ensuing table for GARP Information settings are informational only: Join Time, Leave
Time and Leave All Time.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 57
Page 58
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
GVRP Settings
The GVRP Settings page allows you to enable or disable the GVRP (GARP VLAN Registration
Protocol or Generic VLAN Registration Protocol) protocol which facilitates control of virtual local
area networks (VLANs) within a larger network.
To access this page, click L2 Switching > GARP > GVRP Settings.
Figure 4-28. L2 Switching > GARP > GVRP Settings
Table 4-26. L2 Switching > GARP > GVRP Settings
Item Description
Status Click to enable or disable the GARP VLAN Registration Protocol administrative mode for the
switch. The factory default is Disable.
Apply Click Apply to save the values and update the screen.
The ensuing table for GVRP Information settings are informational only: GVRP.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 58
Page 59
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5.7 802.3az EEE
The 802.3az Energy Efficient Ethernet (EEE) innovative green feature reduces energy consumption
through intelligent functionality:
» Traffic detection — Energy Efficient Ethernet (EEE) compliance
» Inactive link detection
Inactive link detection function automatically reduces power usage when inactive links or devices
are detected.
To access this page, click L2 Switching > 802.3az EEE.
Figure 4-29. L2 Switching > 802.3az EEE
Table 4-27. L2 Switching > 802.3az EEE
Item Description
Port Select Enter the port to setup the EEE function.
State Click Enabled or Disabled to set the state mode of the port select setting.
Apply Click Apply to save the values and update the screen.
The ensuing table for EEE Enable Status settings are informational only: Port and EEE State.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 59
Page 60
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5.8 Multicast
Multicast forwarding allows a single packet to be forwarded to multiple destinations. The service is
based on L2 switch receiving a single packet addressed to a specific Multicast address. Multicast
forwarding creates copies of the packet, and transmits the packets to the relevant ports.
Multicast Filtering
The Multicast Filtering page allows for the definition of action settings when an unknown multicast
request is received. The options include: Drop, Flood, or Router Port.
To access this page, click L2 Switching > Multicast > Multicast Filtering.
Figure 4-30. L2 Switching > Multicast > Multicast Filtering
Table 4-28. L2 Switching > Multicast > Multicast Filtering
Item Description
Unknown
Multicast Action
Apply Click Apply to save the values and update the screen.
Select the configuration protocol: Drop, Flood, or Router Port, to apply for any unknown
multicast event.
The ensuing table for Properties Information settings are informational only: Unknown Multicast
Action.
IGMP Snooping
IGMP Snooping is defined as the process of listening to Internet Group Management Protocol
(IGMP) network traffic. IGMP Snooping allows a network switch to listen in on the IGMP
conversation between hosts and routers and maintain a map of which links need which IP
multicast streams. Multicasts can be filtered from the links which do not need them in turn
controlling which ports receive specific multicast traffic.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 60
Page 61
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
IGMP Settings
To access this page, click L2 Switching > Multicast > IGMP Snooping > IGMP Settings.
Figure 4-31. L2 Switching > Multicast > IGMP Snooping > IGMP Settings
Table 4-29. L2 Switching > Multicast > IGMP Snooping > IGMP Settings
Item Description
IGMP Snooping
Select Enable or Disable to designate the IGMP Snooping State.
State
IGMP Snooping
Select designate the IGMP Snooping Version: V2 or V3.
Version
IGMP Snooping
Select Enable or Disable to setup the report suppression for IGMP Snooping.
Report Suppression
Apply Click Apply to save the values and update the screen.
The ensuing table for IGMP Snooping Information settings are informational only: IGMP Snooping
State, IGMP Snooping Version and IGMP Snooping V2 Report Suppression.
The ensuing table for IGMP Snooping Table settings are informational only: Entry No., VLAN ID,
IGMP Snooping Operation State, Router Ports Auto Learn, Query Robustness, Query Interval (sec.),
Query Max Response Interval (sec.), Last Member Query count, Last Member Query Interval (sec),
Immediate Leave and Edit (click to modify the settings).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 61
Page 62
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
IGMP Querier
IGMP Querier allows snooping to function by creating the tables for snooping. General queries
must be unconditionally forwarded by all switches involved in IGMP snooping.
To access this page, click L2 Switching > Multicast > IGMP Snooping > IGMP Querier.
Figure 4-32. L2 Switching > Multicast > IGMP Snooping > IGMP Querier
Table 4-30. L2 Switching > Multicast > IGMP Snooping > IGMP Querier
Item Description
VLAN ID Select the VLAN ID to define the local IGMP querier.
Querier State Select Disable or Enable to configure the VLAN ID (IGMP Querier).
Querier Version Select the querier version (V2 or V3) designated to the selected VLAN ID.
Apply Click Apply to save the values and update the screen.
The ensuing table for IGMP Querier Status settings are informational only: VLAN ID, Querier State,
Querier Status, Querier Version and Querier IP.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 62
Page 63
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
IGMP Static Groups
To access this page, click L2 Switching > Multicast > IGMP Snooping > IGMP Static Groups.
Figure 4-33. L2 Switching > Multicast > IGMP Snooping > IGMP Static Groups
Table 4-31. L2 Switching > Multicast > IGMP Snooping > IGMP Static Groups
Item Description
VLAN ID Select the VLAN ID to define IGMP static group.
Group IP Address Enter the IP address assigned to the VLAN ID.
Member Ports Enter the port numbers to associate with the static group.
Add Click Add to add an IGMP group.
The ensuing table for IGMP Static Groups Status settings are informational only: VLAN ID, Group
IP Address, Member Ports and Modify.
Multicast Groups
To access this page, click L2 Switching > Multicast > IGMP Snooping > Multicast Groups.
The ensuing table for Multicast Groups settings are informational only: VLAN ID, Group IP
Address, Member Ports, Type and Life (Sec).
Router Ports
To access this page, click L2 Switching > Multicast > IGMP Snooping > Router Ports.
The ensuing table for Router Ports settings are informational only: VLAN ID, Port and Expiry Time
(Sec).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 63
Page 64
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
MLD Snooping
The MLD Snooping page allows you to select the snooping status (enable or disable), the version
(v1 or v2) and the enabling/disabling of the report suppression for the MLD querier, which sends
out periodic general MLD queries and are forwarded through all ports in the VLAN.
MLD Settings
To access this page, click L2 Switching > Multicast > MLD Snooping > MLD Settings.
Figure 4-34. L2 Switching > Multicast > MLD Snooping > MLD Settings
Table 4-32. L2 Switching > Multicast > MLD Snooping > MLD Settings
Item Description
MLD Snooping State Select Enable or Disable to setup the MLD Snooping State.
MLD Snooping Version Select the querier version (V1 or V2) designated to the MLD Snooping Version.
MLD Snooping Report
Suppression
Apply Click Apply to save the values and update the screen.
Select Enable or Disable to designate the status of the report suppression.
The ensuing table for MLD Snooping Information settings are informational only: MLD Snooping
State, MLD Snooping Version and MLD Snooping V2 Report Suppression.
The ensuing table for MLD Snooping Table settings are informational only: Entry No., VLAN ID,
MLD Snooping Operation State, Router Ports Auto Learn, Query Robustness, Query Interval (sec.),
Query Max Response Interval (sec.), Last Member Query count, Last Member Query Interval (sec),
Immediate Leave and Edit (click to modify the settings).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 64
Page 65
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
MLD Querier
The MLD Querier page allows you to select and enable/disable the MLD querier and define the
version (IGMPv1 or IGMPv2) when enabled.
To access this page, click L2 Switching > Multicast > MLD Snooping > MLD Querier.
Figure 4-35. L2 Switching > Multicast > MLD Snooping > MLD Querier
Table 4-33. L2 Switching > Multicast > MLD Snooping > MLD Querier
Item Description
VLAN ID Enter the VLAN ID to configure.
Querier State Select Enable or Disable status on the selected VLAN. Enable: Enable IGMP Querier
Election. Disable: Disable IGMP Querier Election.
Querier Version Select the querier version (IGMPV1 or IGMPV2) designated to the MLD Querier function.
Apply Click Apply to save the values and update the screen.
The ensuing table for MLD Querier Status settings are informational only: VLAN ID, Querier State,
Querier Status, Querier Version and Querier IP.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 65
Page 66
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
MLD Static Group
The MLD Static Group page allows you to configure specified ports as static member ports.
To access this page, click L2 Switching > Multicast > MLD Snooping > MLD Static Group.
Figure 4-36. L2 Switching > Multicast > MLD Snooping > MLD Static Group
Table 4-34. L2 Switching > Multicast > MLD Snooping > MLD Static Group
Item Description
VLAN ID Enter the VLAN ID to define the local MLD Static Group.
Group IP Address Enter the IP address associated with the static group.
Member Ports Enter the ports designated with the static group.
Add Click Add to add a MLD static group.
The ensuing table for MLD Static Groups Status settings are informational only: VLAN ID, Group IP
Address, Member Ports and Modify.
Multicast Groups
To access this page, click L2 Switching > Multicast > MLD Snooping > Multicast Groups.
The ensuing table for Multicast Groups settings are informational only: ID, Group IP Address,
Member Ports, Type and Life (Sec).
Router Ports
To access this page, click L2 Switching > Multicast > MLD Snooping > Router Ports.
The ensuing table for Router Ports settings are informational only: VLAN ID, Port and Expiry Time
(Sec).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 66
Page 67
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5.9 Jumbo Frame
Jumbo frames are frames larger than the standard Ethernet frame size of 1518 bytes. The Jumbo
Frame function allows the configuration of Ethernet frame size.
To access this page, click L2 Switching > Jumbo Frame.
Figure 4-37. L2 Switching > Jumbo Frame
Table 4-35. L2 Switching > Jumbo Frame
Item Description
Jumbo Frame
Enter the variable in bytes (1518 to 9216) to define the jumbo frame size.
(Bytes)
Apply Click Apply to save the values and update the screen.
The ensuing table for Jumbo Frame Config settings are informational only: Jumbo Frame (Bytes).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 67
Page 68
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5.10 Spanning Tree
The Spanning Tree Protocol (STP) is a network protocol to ensure loop-free topology for any
bridged Ethernet local area network.
STP Global Settings
The STP Global Settings page allows you to set the STP status, select the configuration for a BPDU
packet, choose the path overhead, force version and set the configuration revision range.
To access this page, click L2 Switching > Spanning Tree > STP Global Settings.
Figure 4-38. L2 Switching > Spanning Tree > STP Global Settings
Table 4-36. L2 Switching > Spanning Tree > STP Global Settings
Item Description
Enabled Click the radio-button to enable or disable the STP status.
BPDU Forward Select flooding or filtering to designate the type of BPDU packet.
PathCost Method Select short or long to define the method of used for path cost calculations.
Force Version Click the drop-down menu to select the operating mode for STP.
STP-Compatible: 802.1D STP operation.
RSTP-Operation: 802.1w operation.
MSTP-Operation: 802.1s operation.
Apply Click Apply to save the values and update the screen.
The ensuing table for STP Information settings are informational only: STP, BPDU Forward,
PathCost Method and Force Version.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 68
Page 69
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
STP Port Settings
The STP Port Settings page allows you to configure the ports for the setting, port’s contribution,
configure edge port, and set the status of the BPDU filter.
To access this page, click L2 Switching > Spanning Tree > STP Port Settings.
Figure 4-39. L2 Switching > Spanning Tree > STP Port Settings
Table 4-37. L2 Switching > Spanning Tree > STP Port Settings
Item Description
Port Select Select the port list to specify the ports that apply to this setting.
Admin Enable Select Enabled or Disabled to setup the admin profile for the STP port.
Path Cost (0 = Auto) Set the port’s cost contribution. For a root port, the root path cost for the bridge.
(0 means Auto).
Edge Port Click the drop-down menu to set the edge port configuration.
No: Force to false state (as link to a bridge).
Yes: Force to true state (as link to a host).
P2P MAC Click the drop-down menu to set the Point-to-Point port configuration.
No: Force to false state.
Yes: Force to true state.
Migrate Click the check box to enable the migrate function.
Forces the port to use the new MST/RST BPDUs, requiring the switch to test
on the LAN segment. for the presence of legacy devices, which are not able to
understand the new BPDU formats.
Apply Click Apply to save the values and update the screen.
The ensuing table for STP Port Status settings are informational only: Port, Admin Enable, Path
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 69
Page 70
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Cost, Edge Port and P2P MAC.
STP Bridge Settings
The STP Bridge Settings page allows you to configure the priority, forward delay, maximum age,
Tx hold count, and the hello time for the bridge.
To access this page, click L2 Switching > Spanning Tree > STP Bridge Settings.
Figure 4-40. L2 Switching > Spanning Tree > STP Bridge Settings
Table 4-38. L2 Switching > Spanning Tree > STP Bridge Settings
Item Description
Priority Click the drop-down menu to select the STP bridge priority.
Forward Delay Enter the variable (4 to 30) to set the forward delay for STP bridge settings.
Max Age Enter the variable (6 to 40) to set the Max age for STP bridge settings.
Tx Hold Count Enter the variable (1 to 10) to designate the TX hold count for STP bridge settings.
Hello Time Enter the variable (1 to 10) to designate the Hello Time for STP bridge settings.
Apply Click Apply to save the values and update the screen.
The ensuing table for STP Bridge Information settings are informational only: Priority, Forward
Delay, Max Age, Tx Hold Count and Hello Time.
The ensuing table for STP Bridge Status settings are informational only: Bridge Identifier,
Designated Root Bridge, Root Path Cost, Designated Bridge, Root Port and Last Topology
Change.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 70
Page 71
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
STP Port Advanced Settings
The STP Port Advanced Settings page allows you to select the port list to apply this setting. To
access this page, click L2 Switching > Spanning Tree > STP Port Advanced Settings.
Figure 4-41. L2 Switching > Spanning Tree > STP Port Advanced Settings
Table 4-39. L2 Switching > Spanning Tree > STP Port Advanced Settings
Item Description
Port Select Select the port to designate the STP settings.
Priority Click the drop-down menu to designate a priority.
Apply Click Apply to save the values and update the screen.
The ensuing table for STP Port Status settings are informational only: Port, Identifier (Priority / Port
Id), Path Cost Conf/Oper, Designated Root Bridge, Root Path Cost, Designated Bridge, Edge Port
Conf/Oper, P2P MAC Conf/Oper, Port Role and Port State.
MST Config Identification
The MST Config Identification page allows you to configure the identification setting name and
the identification range.
To access this page, click L2 Switching > Spanning Tree > MST Config Identification.
Figure 4-42. L2 Switching > Spanning Tree > MST Config Identification
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 71
Page 72
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-40. L2 Switching > Spanning Tree > MST Config Identification
Item Description
Configuration Name Enter the identifier used to identify the configuration currently being
used. It may be up to 32 characters.
Revision Level Enter the identifier for the Revision Configuration, range: 0 to 65535
(default: 0).
Apply Click Apply to save the values and update the screen.
The ensuing table for MST Configuration Identification Information settings are informational only:
Configuration Name and Revision Level.
MST Instance ID Settings
The MST Instance ID Settings page allows you to edit the MSTI ID and VID List settings. To access
this page, click L2 Switching > Spanning Tree > MST Instance ID Settings.
Figure 4-43. L2 Switching > Spanning Tree > MST Instance ID Settings
Table 4-41. L2 Switching > Spanning Tree > MST Instance ID Settings
Item Description
MSTI ID Enter the MST instance ID (0-15).
VID List Enter the pre-configured VID list.
Move Click Move to save the values and update the screen.
The ensuing table for MST Instance ID Information settings are informational only: MSTI ID and
VID List.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 72
Page 73
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
MST Instance Priority Settings
The MST Instance Priority Settings allows you to specify the MST instance and the bridge priority
in that instance.
To access this page, click L2 Switching > Spanning Tree > MST Instance Priority Set tings.
Figure 4-44. L2 Switching > Spanning Tree > MST Instance Priority Settings
Table 4-42. L2 Switching > Spanning Tree > MST Instance Priority Settings
Item Description
MSTI ID Click the drop-down menu to specify the MST instance.
Priority Click the drop-down menu set the bridge priority in the specified MST instance
Apply Click Apply to save the values and update the screen.
The ensuing table for MST Instance Priority Information settings are informational only: MSTI ID,
Priority and Action.
MST Instance Info
To access this page, click L2 Switching > Spanning Tree > MST Instance Info.
The ensuing table for STP Bridge Status settings are informational only: Bridge Identifier,
Designated Root Bridge, Root Path Cost, Designated Bridge, Root Port and TCNLast Topology
Change.
The ensuing table for STP Port Status settings are informational only: Port, Identifier
(Priority / Port Id), Path Cost Conf/Oper, Designated Root Bridge, Root Path Cost, Designated
Bridge, Edge Port Conf/Oper, P2P MAC Conf/Oper, Port Role and Port State.
STP Statistics
To access this page, click L2 Switching > Spanning Tree > STP Statistics.
The ensuing table for STP Statistics settings are informational only: Port, Configuration BPDUs
Received, TCN BPDUs Received, Configuration BPDUs Transmitted and TCN BPDUs Transmitted.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 73
Page 74
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5.11 X-Ring Elite
The X-Ring Elite function provides an improvement over Spanning Tree and Rapid Spanning
Tree and a rapid auto recovery in the event that the network suffers a corrupt or broken link and
prevents network loops.
X-Ring Elite Settings
The X-Ring Elite Settings allows you to enable or disable the state of the X-Ring settings.
To access this page, click L2 Switching > X-Ring Elite > X-Ring Elite Settings.
Figure 4-45. L2 Switching > X-Ring Elite > X-Ring Elite Settings
Table 4-43. L2 Switching > X-Ring Elite > X-Ring Elite Settings
Item Description
State Select Enabled or Disabled to setup the X-Ring Elite mode.
Apply Click Apply to save the values and update the screen.
The ensuing table for Information settings are informational only: X-Ring Elite State.
X-Ring Elite Groups
The X-Ring Elite Groups page allows you to select the function and role for each device and the
connected ports.
To access this page, click L2 Switching > X-Ring Elite > X-Ring Elite Groups.
Figure 4-46. L2 Switching > X-Ring Elite > X-Ring Elite Groups
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 74
Page 75
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-44. L2 Switching > X-Ring Elite > X-Ring Elite Groups
Item Description
Ring ID Enter a number to specifies a ranging from 1 to 255 to identify a given X-Ring Elite group.
Role Click the drop-down menu to select the ring role.
Port 1 Click the drop-down menu to define the port designation.
Port 2 Click the drop-down menu to define the port designation.
Add Click Add to save the values and update the screen.
The ensuing table for Information settings are informational only: Ring ID, Role, Port 1, Port 2 and
Delete (click to delete the desired Ring ID).
4.5.12 X-Ring Pro
The X-Ring Pro function provides an improvement over Spanning Tree and Rapid Spanning Tree
and a rapid auto recovery in the event that the network suffers a corrupt or broken link and
prevents network loops.
X-Ring Pro Settings
The X-Ring Pro Settings page allows you to configure the status (enabled or disabled) of the
function.
To access this page, click L2 Switching > X-Ring Pro > X-Ring Pro Settings.
Figure 4-47. L2 Switching > X-Ring Pro > X-Ring Pro Settings
Table 4-45. L2 Switching > X-Ring Pro > X-Ring Pro Settings
Item Description
State Select Enabled or Disabled to setup the X-Ring Pro mode.
Apply Click Apply to save the values and update the screen.
The ensuing table for Information settings are informational only: X-Ring Pro State.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 75
Page 76
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
X-Ring Pro Groups
The X-Ring Pro Groups page allows you to select the function and role for each ring ID and its
connected ports.
To access this page, click L2 Switching > X-Ring Pro > X-Ring Pro Groups.
Figure 4-48. L2 Switching > X-Ring Pro > X-Ring Pro Groups > X-Ring Pro Groups Settings
Table 4-46. L2 Switching > X-Ring Pro > X-Ring Pro Groups > X-Ring Pro Groups Settings
Item Description
Ring ID Enter a number to specifies a ranging from 1 to 255 to identify a given X-Ring Pro group.
Port 1 Click the drop-down menu to define the port designation.
Port 2 Click the drop-down menu to define the port designation.
Add Click Add to save the values and update the screen.
Figure 4-49. L2 Switching > X-Ring Pro > X-Ring Pro Groups > Couple Setting
Table 4-47. L2 Switching > X-Ring Pro > X-Ring Pro Groups > Couple Setting
Item Description
Couple Ring ID Enter a number to specifies a ranging from 1 to 255 to identify a given XRing group.
Port Enter the port to assign to define the couple setting.
Master Ring ID Click the drop-down menu to designate the master ring.
Add Click Add to save the values and update the screen.
The ensuing table for Information settings are informational only: Ring ID, Mode, Operation State,
Port 1, Forwarding State, Port 2, Forwarding State and Delete (click to delete the desired Ring ID).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 76
Page 77
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.5.13 Loopback Detection
The Loopback Detection function is used to detect looped links. By sending detection frames
and then checking to see if the frames returned to any port on the device, the function is used to
detect loops.
Global Settings
The Global Settings page allows you to configure the state (enabled or disabled) of the function,
select the interval at which frames are transmitted and the delay before recovery.
To access this page, click L2 Switching > Loopback Detection > Global Settings.
Figure 4-50. L2 Switching > Loopback Detection > Global Settings
Table 4-48. L2 Switching > Loopback Detection > Global Settings
Item Description
State Select Enabled or Disabled to setup the loopback mode.
Interval Enter the variable in seconds (1 to 32767) to set the interval at which frames are
transmitted.
Recover Time Enter the variable in seconds (60 to 1000000) to define the delay before recovery.
Apply Click Apply to save the values and update the screen.
The ensuing table for Loopback Detection Global Information settings are informational only:
State, Interval and Recover Time.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 77
Page 78
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Port Settings
The Port Settings page allows you to select ports that are detected by the loopback detection
function and configure their status (enabled or disabled).
To access this page, click L2 Switching > Loopback Detection > Port Settings.
Figure 4-51. L2 Switching > Loopback Detection > Port Settings
Table 4-49. L2 Switching > Loopback Detection > Port Settings
Item Description
Port Select Enter the port to define the local loopback detection setting.
Enabled Select Enabled or Disabled to setup the Loopback Detection function.
Apply Click Apply to save the values and update the screen.
The ensuing table for Loopback Detection Port Information settings are informational only: Port,
Enable State and Loop Status.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 78
Page 79
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.6. MAC Address Table
The MAC Address Table provides access to the Static MAC Settings, MAC Aging Time, and
Dynamic Forwarding.
4.6.1 Static MAC
The Static MAC page allows you to configure the address for forwarding of packets, the VLAN ID
of the listed MAC address and the designated Port.
To access this page, click MAC Address Table > Static MAC.
Figure 4-52. MAC Address Table > Static MAC
Table 4-50. MAC Address Table > Static MAC
Item Description
MAC Address Enter the MAC address to which packets are statically forwarded.
VLAN Click the drop-down menu to select the VLAN ID number of the VLAN for which the
MAC address is residing.
Port Click the drop-down menu to select the port number.
Apply Click Apply to save the values and update the screen.
The ensuing table for Static MAC Status settings are informational only: No., MAC Address, VLAN,
Port and Delete (click to delete the desired MAC address).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 79
Page 80
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.6.2 MAC Aging Time
The MAC Aging Time page allows you to set the MAC address of the aging time to study. To
access this page, click MAC Address Table > MAC Aging Time.
Figure 4-53. MAC Address Table > MAC Aging Time
Table 4-51. MAC Address Table > MAC Aging Time
Item Description
Aging Time Enter the variable (10 to 630) to define the time required for aging.
Apply Click Apply to save the values and update the screen.
The ensuing table for Dynamic Address Status settings are informational only: Aging time.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 80
Page 81
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.6.3 Dynamic Forwarding Table
The Dynamic Forwarding function allows you to configure an address tables, which contain the
following:
» The port each hardware address is associated with
» The VLAN to show or clear dynamic MAC entries
» The MAC address selection
To access this page, click MAC Address Table > Dynamic Forwarding Table.
Figure 4-54. MAC Address Table > Dynamic Forwarding Table
Table 4-52. MAC Address Table > Dynamic Forwarding Table
Item Description
Port Click the drop-down menu to select the port number to show or clear dynamic MAC
entries. If a port, VLAN or MAC address is not selected the whole dynamic MAC table is
displayed or cleared.
VLAN Click the drop-down menu to select the VLAN to show or clear dynamic MAC entries.
MAC Address Enter the MAC address to show or clear dynamic MAC entries. If a port, VLAN or MAC
address is not selected the whole dynamic MAC table is displayed or cleared.
View Click View to display the MAC address information.
Clear Click Clear to clear the MAC Address Information table.
The ensuing table for MAC Address Information settings are informational only: MAC Address,
VLAN, Type, Port and Add to Static MAC (click to add the MAC address to static MAC address list).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 81
Page 82
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.7. S ecu r it y
The Security function allows for the configuration of Storm Control, Port Security, Protected Ports,
DoS Prevention, Applications, 802.1x, and IP Security.
4.7.1 Storm Control
The Storm Control page allows you to setup the units and Preamble/IFG to manage the
occurrence of packet flooding on the LAN and consequent traffic to prevent the degrading of
network performance.
Global Settings
To access this page, click Security > Storm Control > Global Settings.
Figure 4-55. Security > Storm Control > Global Settings
Table 4-53. Security > Storm Control > Global Settings
Item Description
Unit Select pps or bps control units for the Storm Control function.
Preamble & IFG Select Excluded or Included to setup the Storm Control Global settings.
Excluded: exclude preamble & IFG (20 bytes) when count ingress storm control rate.
Included: include preamble & IFG (20 bytes) when count ingress storm control rate.
Apply Click Apply to save the values and update the screen.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 82
Page 83
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Port Settings
The Port Settings page allows you to configure the port and the type of storm control association
along with the value of the storm rate for the selected port.
To access this page, click Security > Storm Control > Port Settings.
Figure 4-56. Security > Storm Control > Port Settings
Table 4-54. Security > Storm Control > Port Settings
Item Description
Port Enter the port number to designate the local port for the Storm Control function.
Port State Select Disabled or Enabled to define the port state
Action Click the drop-down menu to select the type of action to designate for the selected port
during a Storm Control incident. The options are Drop and Shutdown.
Type Enable Click the radio button to enable Broadcast, Unknown Multicast, or Unknown Unicast
Broadcast: Select the variable in Kbps to define the broadcast bandwidth.
Unknown Multicast: Select the variable in Kbps to define the multicast setting.
Broadcast: Select the variable in Kbps to define the unknown unicast setting.
Apply Click Apply to save the values and update the screen.
The ensuing table for Storm Control Port Information settings are informational only: Port, Port
State, Broadcast (Kbps), Unknown Multicast (Kbps), Unknown Unicast (Kbps) and Action.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 83
Page 84
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.7.2 Port Security
The Port Security page allows you to configure port isolation behavior. To access this page, click
Security > Port Security.
Figure 4-57. Security > Port Security
Table 4-55. Security > Port Security
Item Description
Port Select Enter a single or multiple port numbers to configure.
Enabled Select Enabled or Disabled to define the selected Port.
FDB Learn Limit (0-64) Enter the variable (0 to 64) to set the learn limit for the FDB setting.
Violation MAC
Select Enabled or Disabled to define the selected Port.
Notification
Apply Click Apply to save the values and update the screen.
The ensuing table for Port Security Information settings are informational only: Port, Enabled, FDB
Learn Limit and Violation MAC Notification.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 84
Page 85
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.7.3 Protected Ports
The Protected Port page allows you to configure a single or multiple ports as a protected or
unprotected type.
To access this page, click Security > Protected Ports.
Figure 4-58. Security > Protected Ports
Table 4-56. Security > Protected Ports
Item Description
Port List Enter the port number to designate for the Protected Port setting.
Port Type Select Unprotected or Protected to define the port type.
Apply Click Apply to save the values and update the screen.
The ensuing table for Protected Ports Status settings are informational only: Protected Ports and
Unprotected Ports.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 85
Page 86
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.7.4 DoS Prevention
DoS Global Settings
The DoS Global Settings page allows you to enabled or disable the setting for each function.
To access this page, click Security > DoS Prevention > DoS Global Settings.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 86
Page 87
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Figure 4-59. Security > DoS Prevention > DoS Global Settings
Table 4-57. Security > DoS Prevention > DoS Global Settings
Item Description
DMAC = SMAC Click Enabled or Disabled to define DMAC-SMAC for the DoS Global settings.
LAND Click Enabled or Disabled to define LAND for the DoS Global settings.
UDP Blat Click Enabled or Disabled to define UDP Blat for the DoS Global settings.
TCP Blat Click Enabled or Disabled to define TCP Blat for the DoS Global settings.
POD Click Enabled or Disabled to define POD for the DoS Global settings.
IPv6 Min Fragment Click Enabled or Disabled to define minimum fragment size for the IPv6
protocol.
Enter the variable in bytes (0 to 65535) to set the minimum fragment size when
the function is enabled.
ICMP Fragments Click Enabled or Disabled to define the ICMP Fragments function.
IPv4 Ping Max Size Click Enabled or Disabled to set the maximum ping size for the IPv4 protocol.
IPv6 Ping Max Size Click Enabled or Disabled to set a maximum ping size for the IPv6 protocol.
Ping Max Size Setting Enter the variable in bytes (0 to 65535) to set the maximum ping size.
Smurf Attack Click Enabled or Disabled to set the Smurf Attack function.
TCP Min Hdr Size Click Enabled or Disabled to set the minimum header size.
Enter the variable in bytes (0 to 31) to set the minimum header size.
TCP-SYN (SPORT < 1024) Click Enabled or Disabled to set the TCP synchronization function (sport < 1021).
Null Scan Attack Click Enabled or Disabled to set the Null Scan Attack function.
X-Mas Scan Attack Click Enabled or Disabled to set the X-Mas Scan function.
TCP SYN-FIN Attack Click Enabled or Disabled to set the TCP synchronization termination attack
function.
TCP SYN-RST Attack Click Enabled or Disabled to set the TCP synchronization reset attack function.
TCP Fragment (Offset = 1)Click Enabled or Disabled to set the TCP fragment function (offset =1).
Apply Click Apply to save the values and update the screen.
The ensuing table for DoS Global Information settings are informational only: DMAC = SMAC,
Land Attack, UDP Blat, TCP Blat, POD (Ping of Death), IPv6 Min Fragment Size, ICMP Fragment
Packets, IPv4 Ping Max Packet Size, IPv6 Ping Max Packet Size, Smurf Attack, TCP Min Header
Length, TCP Syn (SPORT < 1024), Null Scan Attack, X-Mas Scan Attack, TCP SYN-FIN Attack, TCP
SYN-RST Attack and TCP Fragment (Offset = 1).
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 87
Page 88
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
DoS Port Settings
The DoS Port Settings page allow you to configure DoS security (enabled or disabled) for the
selected port.
To access this page, click Security > DoS Prevention > DoS Port Settings.
Figure 4-60. Security > DoS Prevention > DoS Port Settings
Table 4-58. Security > DoS Prevention > DoS Port Settings
Item Description
Port Select the port to configure for the DoS prevention function.
DoS Protection Click Enabled or Disabled to set the DoS Port security function state.
Apply Click Apply to save the values and update the screen.
The ensuing table for DoS Port Status settings are informational only: Port and DoS Protection.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 88
Page 89
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.7.5 Applications
The Applications function allows you to configure various types of AAA lists.
TELNET
The TELNET page allows you to combine all kinds of AAA lists with the Telnet line. To access this
page, click Security > Applications > TELNET.
Figure 4-61. Security > Applications > TELNET
Table 4-59. Security > Applications > TELNET
Item Description
Telnet Service Click Enabled or Disabled to set remote access through the Telnet Service function.
Apply Click Apply to save the values and update the screen.
Disconnect Click Disconnect to disable the current Telnet service.
The ensuing table for Telnet Information settings are informational only: Telnet Service and
Current Telnet Sessions Count.
SSH
Secure Shell (SSH) is a protocol providing secure (encrypted) management connection to a remote
device.
To access this page, click Security > Applications > SSH.
TECH SUPPORT: 1.888.678.9427
Figure 4-62. Security > Applications > SSH
INS_CNGE20FX4TX16MS
04/30/18 PAGE 89
Page 90
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-60. Security > Applications > SSH
Item Description
SSH Service Click Enabled or Disabled to set up Ethernet encapsulation (remote access) through the
Secure Shell (SSH) function.
Apply Click Apply to save the values and update the screen.
The ensuing table for SSH Information settings are informational only: SSH.
HTTP
The HTTP page allows you to combine all kinds of AAA lists to the HTTP line. Attempts to access
the switch’s Web UI from HTTP are first authenticated.
To access this page, click Security > Applications > HTTP.
Figure 4-63. Security > Applications > HTTP
Table 4-61. Security > Applications > HTTP
Item Description
HTTP Service Click Enabled or Disabled to set up Ethernet encapsulation (remote access) through
HTTP function.
Session Timeout Enter the variable in minutes (0 to 86400) to define the timeout period for the HTTP
session.
Apply Click Apply to save the values and update the screen.
The ensuing table for HTTP Information settings are informational only: HTTP Service and Session
Timeout.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 90
Page 91
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
HTTPS
The HTTPS page allows you to combine all kinds of AAA lists on the HTTPS line. Attempts to
access the switch’s Web UI from HTTPS are first authenticated.
To access this page, click Security > Applications > HTTPS.
Figure 4-64. Security > Applications > HT TPS
Table 4-62. Security > Applications > HTTPS
Item Description
HTTPS Service Click Enabled or Disabled to set up Ethernet encapsulation over HTTPS.
Session Timeout Enter the variable in minutes (0 to 86400) to define the timeout period for the HTTP
session.
Apply Click Apply to save the values and update the screen.
The ensuing table for HTTPS Information settings are informational only: HTTPS Service and
Session Timeout.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 91
Page 92
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.7. 6 802 .1x
The 802.1x function provides port-based authentication to prevent unauthorized devices (clients)
from gaining access to the network.
802.1x Settings
The 802.1x Settings page allows you to set the state (enabled or disabled) for the selected IP
server address, port, accounting port and associated password, including a reauthentication
period.
To access this page, click Security > 802.1x > 802.1x Settings.
Figure 4-65. Security > 802.1x > 802.1x Settings
Table 4-63. Security > 802.1x > 802.1x Settings
Item Description
State Click Enabled or Disabled to set up 802.1x Setting function.
Server IP Enter the IP address of the local server providing authentication function.
Server Port Enter the port number (1 to 65535) assigned to the listed Server IP.
Accounting Port Enter the port number (1 to 65535) assigned to the listed server IP configured to
provide authorization and authentication for network access.
Security Key Enter the variable to define the network security key used in authentication.
Reauth Period Enter the variable in seconds to define the period of time between authentication
attempts.
Apply Click Apply to save the values and update the screen.
INS_CNGE20FX4TX16MS
TECH SUPPORT: 1.888.678.9427
04/30/18 PAGE 92
Page 93
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
802.1x Port Configuration
The 802.1x Port Configuration page allows you to identify the authorization state for a port by
using a MAC or Port authentication base.
To access this page, click Security > 802.1x > 802.1x Port Configuration.
Figure 4-66. Security > 802.1x > 802.1x Port Configuration
Table 4-64. Security > 802.1x > 802.1x Port Configuration
Item Description
Authentication
Click Port or Mac to designate the type of configuration for the 802.1x Port setting.
based
Port Select Enter the port number associated with the configuration setting.
State Click Authorize or Disabled to define the listed port’s state mode.
Apply Click Apply to save the values and update the screen.
The ensuing table for 802.1x Port Authorization settings are informational only: Port and Port State.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 93
Page 94
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.7.7 IP Security
This section provides you a means to configure the IP Security settings.
Global Settings
The Global Settings page allows you to set the IP Security status (enabled or disabled). To access
this page, click Security > IP Security > Global Settings.
Figure 4-67. Security > IP Security > Global Settings
Table 4-65. Security > IP Security > Global Settings
Item Description
Status Click Enabled or Disabled to define the global setting for the IP security function.
Apply Click Apply to save the values and update the screen.
The ensuing table for IP Security Status settings are informational only: IP Security.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 94
Page 95
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Entry Settings
Once the Global Setting is enabled, use the Entry Settings to define an IP Security entry. To access
this page, click Security > IP Security > Entry Settings.
Figure 4-68. Security > IP Security > Entry Settings
Table 4-66. Security > IP Security > Entry Settings
Item Description
IP Address Enter the source IP address to apply the IP Security function.
IP Mask Enter the IP address for use in masking the previous IP Address.
Services Enter the type of services to associate with the entry setting.
Apply Click Apply to save the values and update the screen.
The ensuing table for IP Security Entry Information settings are informational only: IP Address, IP
Mask, Services and Action.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 95
Page 96
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
4.8. QoS
The QoS function allows you to configure settings for the switch QoS interface and how the switch
connects to a remote server to get services.
4.8.1 General
Traditionally, networks operate on a best-effort delivery basis, all traffic has equal priority and an
equal chance of being delivered in a timely manner. When there is congestion, all traffic has an
equal chance of being dropped.
The QoS feature can be configured for congestion-management and congestion-avoidance to
specifically manage the priority of the traffic delivery. Implementing QoS in the network makes
performance predictable and bandwidth utilization much more effective.
The QoS implementation is based on the prioritization values in Layer 2 frames.
QoS Properties
The QoS Properties allows you to set the QoS mode.
To access this page, click QoS > General > QoS Properties.
Figure 4-69. QoS > General > QoS Properties
Table 4-67. QoS > General > QoS Properties
Item Description
QoS Mode Select Disabled or Basic to setup the QoS function.
Apply Click Apply to save the values and update the screen.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 96
Page 97
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
QoS Settings
Once the QoS function is enabled, you can configure the available settings. To access this page,
click QoS > General > QoS Settings.
Figure 4-70. QoS > General > QoS Settings
Table 4-68. QoS > General > QoS Settings
Item Description
Port Enter the port number to associate with the QoS setting.
CoS Value Click the drop-down menu to designate the Class of Service (CoS) value (0 to 7) for
the Port entry.
Remark CoS Click Disabled or Enabled to setup the Remark CoS function. When enabled the LAN
(preassigned priority values) is marked at Layer 2 boundary to CoS values.
Remark DSCP Click Disabled or Enabled to setup the DSCP remark option for the QoS function.
Remark IP
Click Disabled or Enabled to setup the Remark IP Precedence for the QoS function.
Precedence
Apply Click Apply to save the values and update the screen.
The ensuing table for QoS Status settings are informational only: Port, CoS value, Remark CoS,
Remark DSCP and Remark IP Precedence.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 97
Page 98
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Queue Scheduling
The switch support eight CoS queues for each egress port. For each of the eight queues, two
types of scheduling can be configured: Strict Priority and Weighted Round Robin (WRR).
Strict Priority scheduling is based on the priority of queues. Packets in a high-priority queue are
always sent first and packets in a low-priority queue are only sent after all the high priority queues
are empty.
Weighted RoundRobin (WRR) scheduling is based on the user priority specification to indicate the
importance (weight) of the queue relative to the other CoS queues. WRR scheduling prevents lowpriority queues from being completely ignored during periods of high priority traffic. The WRR
scheduler sends some packets from each queue in turn.
To access this page, click QoS > General > QoS Scheduling.
Figure 4-71. QoS > General > QoS Scheduling
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 98
Page 99
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
Table 4-69. QoS > General > QoS Scheduling
Item Description
Queue Queue entry for egress port.
Strict Select Strict to assign the scheduling designation to the selected queue.
WRR Select WRR to assign the scheduling designation to the selected queue.
Weight Enter a queue priority (weight) relative to the defined entries (WRR only).
% of WRR
Displays the allotted bandwidth for the queue entry in percentage values.
Bandwidth
Apply Click Apply to save the values and update the screen.
The ensuing table for Queue Information settings are informational only: Strict Priority Queue
Number.
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 99
Page 100
INSTALLATION AND OPERATION MANUAL CNGE20FX4TX16MS
CoS Mapping
The CoS Mapping allows you to apply CoS mapping.
To access this page, click QoS > General > CoS Mapping.
Figure 4-72. QoS > General > CoS Mapping
TECH SUPPORT: 1.888.678.9427
INS_CNGE20FX4TX16MS
04/30/18 PAGE 100
Loading...