Hardened Managed Ethernet Switch
Quick Start Guide
This quick start guide describes how to install and use the
Hardened Managed Ethernet Switch. This is the switch of
choice for harsh environments constrained by space.
Physical Description
The Port Status LEDs and Power Inputs
User’s Manual 1
Hardened Managed Ethernet Switch
LED State Indication
Power 2
Power 3
10/100Base-TX, 100Base-FX/BX
LINK/ACT
100 Steady
10/100/1000Base-TX, 1000Base-SX/LX/BX
LINK/ACT
1000 Steady
Steady Power on Power 1
Off Power off
Steady A valid network connection established
Transmitting or receiving data
Flashing
ACT stands for ACTIVITY
Connection at 100Mbps speed
Steady A valid network connection established
Transmitting or receiving data
Flashing
ACT stands for ACTIVITY
Connection at 1000Mbps speed
Power Input Assignment
Power3 12VDC DC Jack
+
Power2
Power1
-
+
-
12-48VDC
Power Ground
12-48VDC
Power Ground
Terminal
Block
Relay Output Rating 1A @ 24VDC
Relay Alarm Assignment
FAULT
Earth Ground
*Warning signal disable for following:
The relay contact closes if Power1 and Power2
are both failed but Power3 on.
The relay contact closes if Power3 is failed but
Power1 and Power2 are both on.
Functional Description
z Complies with EN50121-4 environmental requirements for railway
applications.
z Meets NEMA TS1/TS2 Environmental requirements such as
temperature, shock, and vibration for traffic control equipment.
z Meets EN61000-6-2 & EN61000-6-3 EMC Generic Standard Immunity
for industrial environment.
z Manageable via SNMP, Web-based, Telnet, and RS-232 console port.
z Supports IEEE802.3/802.3u/802.3ab/802.3z/802.3x. Auto-negotiation:
1000Mbps-full-duplex; 10/100Mbps-full/half-duplex; Auto MDI/MDIX.
2 User’s Manual
Hardened Managed Ethernet Switch
z 100Base-FX: Multi mode SC or ST type, Single mode SC or ST type.
100Base-BX: WDM Single mode SC type.
z 1000Base-SX/LX: Multi mode SC type, Single mode SC type.
1000Base-BX: WDM Single mode SC type.
z Supports 8192 MAC addresses. Provides 2M bits memory buffer.
z Store-and-forward mechanism.
z Full wire-speed forwarding rate.
z Alarms for power and port link failure by relay output.
z Power Supply: Redundant DC Terminal Block power inputs and
12VDC DC JACK with 100-240VAC external power supply.
z Operating voltage and Max. current consumption: 0.92A @ 12VDC,
0.46A @ 24VDC, 0.23A @ 48VDC. Power consumption: 11W Max.
z -40℃ to 75℃ (-40℉ to 167℉) operating temperature range. Tested for
functional operation @ -40℃ to 85℃ (-40℉ to 185℉).
z Supports DIN-Rail and Panel Mounting installation.
Console Configuration
z Connect to the switch console:
Connect the DB9 straight cable to the RS-232 serial port of the device
and the RS-232 serial port of the terminal or computer running the
terminal emulation application. Direct access to the administration
console is achieved by directly connecting a terminal or a PC equipped
with a terminal-emulation program (such as HyperTerminal) to the
switch console port.
z Configuration settings of the terminal-emulation program:
Baud rate: 115,200bps
Data bits: 8
Parity: none
Stop bit: 1
Flow control: none.
z Press the “Enter” key. The Command Line Interface (CLI) screen should
appear as below:
z Logon to Exec Mode (View Mode):
At the “switch_a login:” prompt just type in “root” and press <Enter> to
logon to Exec Mode (or View Mode). And the “switch_a>” prompt will
show on the screen.
User’s Manual 3
Hardened Managed Ethernet Switch
z Logon to Privileged Exec Mode (Enable Mode):
At the “switch_a>” prompt just type in “enable” and press <Enter> to
logon to Privileged Exec Mode (or Enable Mode). And the “switch_a#”
prompt will show on the screen.
z Logon to Configure Mode (Configure Terminal Mode):
At the “switch_a#” prompt just type in “configure terminal” and press
<Enter> to logon to Configure Mode (or Configure Terminal Mode). And
the “switch_a(config)#” prompt will show on the screen.
4 User’s Manual
Hardened Managed Ethernet Switch
Web Configuration
z Login the switch:
Specify the default IP address (192.168.1.10) of the switch in the web
browser. A login window will be shown as below:
z Enter the factory default login ID: root.
Enter the factory default password (no password).
Then click on the “Login” button to log on to the switch.
User’s Manual 5
Hardened Managed Ethernet Switch
6 User’s Manual
Hardened Managed Ethernet Switch
Preface
This manual describes how to install and use the Hardened
Managed Ethernet Switch. This switch introduced here is
designed to deliver full scalability with SNMP/RMON
web-based management functions by providing:
To get the most out of this manual, you should have an
understanding of Ethernet networking concepts.
In this manual, you will find:
Features on the Hardened Managed Ethernet Switch
z Illustrative LED functions
z Installation instructions
z Management Configuration
z SNMP, DHCP, IGMP…
z Specifications
User’s Manual 7
Hardened Managed Ethernet Switch
Table of Contents
Quick Start Guide 1
PHYSICAL DESCRIPTION 1
The Port Status LEDs and Power Inputs 1
FUNCTIONAL DESCRIPTION 2
CONSOLE CONFIGURATION 3
WEB CONFIGURATION 5
Preface 7
Table of Contents 8
Product Overview 10
HARDENED MANAGED ETHERNET SWITCH 10
PACKAGE CONTENTS 10
PRODUCT HIGHLIGHTS 11
Basic Features 11
Management Support 11
FRONT PANEL DISPLAY 13
PHYSICAL PORTS 14
SWITCH MANAGEMENT 16
Web-based browser interface 16
Administration console via RS-232 serial port (CLI) 16
External SNMP-based network management application 16
Installation 17
SELECTING A SITE FOR THE SWITCH 17
CONNECTING TO POWER 18
12VDC DC Jack 18
Redundant DC Terminal Block Power Inputs 18
Alarms for Power Failure 18
CONNECTING TO YOUR NETWORK 19
Cable Type & Length 19
Cabling 20
Switch Management 22
MANAGEMENT ACCESS OVERVIEW 22
ADMINISTRATION CONSOLE (CLI) 23
Direct Access 23
Modem Access 24
WEB MANAGEMENT 24
SNMP-BASED NETWORK MANAGEMENT 24
PROTOCOLS 25
MANAGEMENT ARCHITECTURE 25
Web-Based Browser Management 26
8 User’s Manual
Hardened Managed Ethernet Switch
SNMP & RMON Management 27
OVERVIEW 27
SNMP AGENT AND MIB-2 (RFC 1213) 27
RMON MIB (RFC 2819) AND BRIDGE MIB (RFC 1493) 28
RMON Groups Supported 28
Bridge Groups Supported 29
Web-Based Browser Management 30
LOGGING ON TO THE SWITCH 30
UNDERSTANDING THE BROWSER INTERFACE 32
SYSTEM 34
PORT 46
SWITCHING 51
TRUNKING 54
STP / RING 55
VLAN 65
QOS 71
SNMP 74
802.1X 80
OTHER PROTOCOLS 85
Command Line Console Management 91
ADMINISTRATION CONSOLE 91
Exec Mode (View Mode) 92
Privileged Exec Mode (Enable Mode) 96
Configure Mode (Configure Terminal Mode) 100
SYSTEM 104
PORT 112
SWITCHING 117
TRUNKING 122
STP / RING 123
VLAN 137
QOS 143
SNMP 146
802.1X 155
OTHER PROTOCOLS 160
Specifications 171
Appendix A 173
Appendix B 174
User’s Manual 9
Hardened Managed Ethernet Switch
Product Overview
Hardened Managed Ethernet Switch
Front and Bottom View
Package Contents
When you unpack the product package, you shall find the
items listed below. Please inspect the contents, and report
any apparent damage or missing items immediately to your
authorized reseller.
•
The Hardened Managed Ethernet Switch
User’s Manual
•
RS232 cable
•
10 User’s Manual
Hardened Managed Ethernet Switch
Product Highlights
Basic Features
z Complies with EN50121-4 environmental requirements for railway
applications.
z Meets NEMA TS1/TS2 Environmental requirements such as
temperature, shock, and vibration for traffic control equipment.
z Meets EN61000-6-2 & EN61000-6-3 EMC Generic Standard Immunity
for industrial environment.
z Manageable via SNMP, Web-based, Telnet, and RS-232 console port.
z Supports IEEE802.3/802.3u/802.3ab/802.3z/802.3x. Auto-negotiation:
1000Mbps-full-duplex; 10/100Mbps-full/half-duplex; Auto MDI/MDIX.
z 100Base-FX: Multi mode SC or ST type, Single mode SC or ST type.
100Base-BX: WDM Single mode SC type.
z 1000Base-SX/LX: Multi mode SC type, Single mode SC type.
1000Base-BX: WDM Single mode SC type.
z Supports 8192 MAC addresses. Provides 2M bits memory buffer.
z Store-and-forward mechanism.
z Full wire-speed forwarding rate.
z Alarms for power and port link failure by relay output.
z Power Supply: Redundant DC Terminal Block power inputs and
12VDC DC JACK with 100-240VAC external power supply.
z Operating voltage and Max. current consumption: 0.92A @ 12VDC,
0.46A @ 24VDC, 0.23A @ 48VDC. Power consumption: 11W Max.
z -40℃ to 75℃ (-40℉ to 167℉) operating temperature range. Tested
for functional operation @ -40℃ to 85℃ (-40℉ to 185℉).
z Supports DIN-Rail and Panel Mounting installation.
Management Support
VLAN
z Port-based VLAN
z IEEE802.1Q tagged VLAN
TRUNKING
z MAC-based Trunking with automatic link fail-over
PORT-SECURITY
z Per-port programmable MAC address locking
z Up to 24 Static Secure MAC addresses per port
z IEEE802.1x Port-based Network Access Control
User’s Manual 11
Hardened Managed Ethernet Switch
PORT-MIRRORING
z Port-mirroring
QOS (IEEE802.1p Quality of Service)
z 4 priority queues
INTERNETWORKING PROTOCOLS
z Bridging:
z IP Multicast:
z Rate Control
z NTP
NETWORK MANAGEMENT METHODS
z Console port access via RS-232 cable (CLI, Command Line Interface)
z Telnet remote access
z SNMP agent:
z Web browser
z TFTP software-upgrade capability
IEEE802.1s Multiple Spanning Tree
IEEE802.1w Rapid Spanning Tree
IEEE802.1D Spanning Tree compatible
IEEE802.1Q – GVRP
Ring
IGMP Snooping
MIB-2 (RFC1213)
Bridge MIB (RFC1493)
RMON MIB (RFC2819) – statistics, history, alarm and events
VLAN MIB (IEEE802.1Q/RFC2674)
Private MIB
12 User’s Manual
Front Panel Display
Hardened Managed Ethernet Switch
z POWER
This LED comes on when the switch is properly connected to power and
turned on.
z Port Status LEDs
The LEDs are located on the front panel, displaying status for each
respective port. Please refer to the following table for more details.
User’s Manual 13
Hardened Managed Ethernet Switch
LED State Indication
Power 2
Power 3
10/100Base-TX, 100Base-FX/BX
LINK/ACT
100 Steady
10/100/1000Base-TX, 1000Base-SX/LX/BX
LINK/ACT
1000 Steady
Steady Power on Power 1
Off Power off
Steady A valid network connection established
Transmitting or receiving data
Flashing
ACT stands for ACTIVITY
Connection at 100Mbps speed
Steady A valid network connection established
Transmitting or receiving data
Flashing
ACT stands for ACTIVITY
Connection at 1000Mbps speed
Physical Ports
The Hardened Managed Ethernet Switch provides:
Number of ports
10/100Base-TX 100Base-FX/BX
100Base SFP
8 0 0, 1, 2
6 2 0, 1, 2
4 2 0, 1, 2
4 4 0
CONNECTIVITY
RJ-45 connectors on TX ports
z
z ST or SC connector on 100Base-FX fiber port
z SC connector on 100Base-BX fiber port
z Duplex LC connector on SFP 100Base-FX/BX fiber
transceiver
z SC connector on 1000Base-SX/LX/BX fiber port
z Duplex LC connector on SFP 1000Base-SX/LX/BX fiber
transceiver
MODE SELECTION
10Base-T full-duplex mode
z
Gigabit:
10/100/1000Base-TX
1000Base-SX/LX/BX
1000Base SFP
14 User’s Manual
Hardened Managed Ethernet Switch
z 10Base-T half-duplex mode
z 100Base-TX full-duplex mode
z 100Base-TX half-duplex mode
z 100Base-FX full-duplex mode
z 1000Base-T/SX/LX full-duplex mode
z Auto-negotiating mode
User’s Manual 15
Hardened Managed Ethernet Switch
Switch Management
Web-based browser interface
The switch also boasts a point-and-click browser-based interface that
lets user access full switch configuration and functionality from a
Netscape or Internet Explorer browser.
Administration console via RS-232 serial port (CLI)
The switch provides an onboard serial port, which allows the switch to be
configured via a directly connected terminal.
External SNMP-based network management
application
The switch can also be configured via SNMP.
16 User’s Manual
Hardened Managed Ethernet Switch
Installation
This chapter gives step-by-step instructions about how to
install the switch:
Selecting a Site for the Switch
As with any electric device, you should place the switch
where it will not be subjected to extreme temperatures,
humidity, or electromagnetic interference. Specifically, the
site you select should meet the following requirements:
-The ambient temperature should be between -40°C to 75 ℃ (-40℉ to
167℉).
-The relative humidity should be less than 95 percent, non-condensing.
-Surrounding electrical devices should not exceed the electromagnetic field
(RFC) standards.
-Make sure that the switch receives adequate ventilation. Do not block the
ventilation holes on each side of the switch.
User’s Manual 17
Hardened Managed Ethernet Switch
Connecting to Power
Redundant DC Terminal Block Power Inputs or 12VDC DC
Jack:
12VDC DC Jack
Step 1: Connect the supplied AC to DC power adapter to the receptacle on
Step 2: Connect the power cord to the AC to DC power adapter and attach
the topside of the switch.
the plug into a standard AC outlet with the appropriate AC voltage.
Redundant DC Terminal Block Power Inputs
There are two pairs of power inputs for use with redundant
power sources. You only need to have one power input
connected to run the switch.
Step 1: Connect the DC power cord to the plug-able terminal block on the
Step 2: Disconnect the power cord if you want to shut down the switch.
Top View
switch, and then plug it into a standard DC outlet.
Alarms for Power Failure
Step 1: There are two pins on the terminal block used for power failure
18 User’s Manual
detection. It provides the normally closed output when the power
source is active. Use this as a dry contact application to send a
Hardened Managed Ethernet Switch
signal for power failure detection.
Power Input Assignment
Power3 12VDC DC Jack
+
Power2
Power1
Relay Output Rating 1A @ 24VDC
Relay Alarm Assignment
FAULT
12-48VDC
-
Power Ground
+
12-48VDC
-
Power Ground
Earth Ground
*Warning signal disable for following:
The relay contact closes if Power1 and Power2
are both failed but Power3 on.
The relay contact closes if Power3 is failed but
Power1 and Power2 are both on.
Terminal
Block
Special note:
The relay output is normal open position when there is no pow er to the
switch. Please do not connect any power source to this terminal to
prevent shorting your power supply.
Connecting to Your Network
Cable Type & Length
It is necessary to follow the cable specifications below when connecting
the switch to your network. Use appropriate cables that meet your speed
and cabling requirements.
Cable Specifications
User’s Manual 19
Hardened Managed Ethernet Switch
Speed Connector
Port
Speed
Cable Max.
Distance
Half/Full
Duplex
10Base-T RJ-45 10/20 Mbps 2-pair
100Base-TX RJ-45 100/200
Mbps
1000Base-T RJ-45 2000 Mbps 4-pair
100Base-FX ST, SC 200 Mbps MMF
100Base-FX ST, SC 200 Mbps SMF (10µm) 20, 40, 75,
100Base-BX SC 200 Mbps MMF
100Base-BX SC 200 Mbps SMF (10µm) 20, 40 km
1000Base-SX SC 2000 Mbps MMF
1000Base-SX SC 2000 Mbps MMF
1000Base-LX SC 2000 Mbps SMF (10µm) 10, 20, 50
1000Base-BX SC 2000 Mbps SMF (10µm) 20, 40 km
UTP/STP
Cat. 3, 4, 5
2-pair
UTP/STP
Cat. 5
UTP/STP
Cat. 5
(62.5µm)
(62.5µm)
(62.5µm)
(50µm)
100 m
100 m
100 m
2 km
100 km
2, 5 km
220 m
2 km
550 m
km
SFP
1000Base-SX Duplex LC 2000 Mbps MMF
(62.5µm)
1000Base-LX Duplex LC 2000 Mbps SMF (9µm) 10, 40, 60
1000Base-BX Duplex LC 2000 Mbps SMF (9µm) 70 km
550 m
2 km
km
Cabling
Step 1: First, ensure the power of the switch and end devices are turned off.
20 User’s Manual
Hardened Managed Ethernet Switch
<Note> Always ensure that the power is off before any installation.
Step 2: Prepare cable with corresponding connectors for each type of port
in use.
Step 3: Consult Cable Specifications Table on previous page for cabling
requirements based on connectors and speed.
Step 4: Connect one end of the cable to the switch and the other end to a
desired device.
Step 5: Once the connections between two end devices are made
successfully, turn on the power and the switch is operational.
User’s Manual 21
Hardened Managed Ethernet Switch
Switch Management
This chapter explains the methods that you can use to
configure management access to the switch. It describes the
types of management applications and the communication
and management protocols that deliver data between your
management device (workstation or personal computer) and
the system. It also contains information about port connection
options.
This chapter covers the following topics:
• Management Access Overview
• Key Concepts
• Key Guidelines for Implementation
• Web Management Access
• Administration Console Access
• SNMP Access
• Standards, Protocols, and Related Reading
Management Access Overview
The switch gives you the flexibility to access and manage the
switch using any or all of the following methods.
The web browser interface and administration console (CLI)
support are embedded in the switch software and are
available for immediate use.
22 User’s Manual
Hardened Managed Ethernet Switch
Administration Console (CLI)
The administration console is an internal, character-oriented,
Command Line Interface (CLI) for performing system
administration such as displaying statistics or changing option
settings.
Using this method, you can view the administration console
from a terminal, personal computer, Apple Macintosh, or
workstation connected to the switch’s console port.
There are two ways to use this management method: direct
access or modem access. The following sections describe
these methods.
Direct Access
Direct access to the administration console is achieved by directly
connecting a terminal or a PC equipped with a terminal-emulation
program (such as HyperTerminal) to the switch console port.
When using the management method, configure the terminal-emulation
program to use the following parameters (you can change these settings
after login):
[DEFAULT PARAMETERS]
♦ 115,200bps
♦ 8 data bits
♦ No parity
♦ 1 stop bit
This management method is often preferred because you can remain
connected and monitor the system during system reboots. Also, certain
error messages are sent to the serial port, regardless of the interface
through which the associated action was initiated. A Macintosh or PC
attachment can use any terminal-emulation program for connecting to
the terminal serial port. A workstation attachment under UNIX can use
an emulator such as TIP.
User’s Manual 23
Hardened Managed Ethernet Switch
Modem Access
You can access the switch’s administration console from a PC or
Macintosh using an external modem attached to the console port. The
switch management program provides Console Port screen, accessible
from the Basic Management screen that lets you configure parameters
for modem access.
When you have configured the external modem from the administration
console, the switch transmits characters that you have entered as output
on the modem port. The switch echoes characters that it receives as
input on the modem port to the current administration console session.
The console appears to be directly connected to the external modem.
Web Management
The switch provides a browser interface that lets you
configure and manage the switch remotely.
After you set up your IP address for the switch, you can
access the switch’s web interface applications directly in your
web browser by entering the IP address of the switch. You
can then use your web browser to list and manage switch
configuration parameters from one central location, just as if
you were directly connected to the switch’s console port.
SNMP-Based Network Management
You can use an external SNMP-based application to
configure and manage the switch. This management method
requires the SNMP agent on the switch and the SNMP
Network Management Station to use the same community
string. This management method, in fact, uses two
community strings: the get community string and the set
community string. If the SNMP Network management station
only knows the set community string, it can read and write to
the MIBs. However, if it only knows the get community string,
it can only read MIBs. The default get and set community
strings for the switch are public.
24 User’s Manual
Hardened Managed Ethernet Switch
Protocols
The switch supports the following protocols:
VIRTUAL TERMINAL PROTOCOLS, SUCH AS TELNET
A virtual terminal protocol is a software program, such as Telnet, that allows
you to establish a management session from a Macintosh, a PC, or a UNIX
workstation. Because Telnet runs over TCP/IP, you must have at least one IP
address configured on the switch before you can establish access to it with a
virtual terminal protocol.
<Note> Terminal emulation is different from a virtual terminal protocol in that you
SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)
SNMP is the standard management protocol for multivendor IP networks.
SNMP supports transaction-based queries that allow the protocol to format
messages and to transmit information between reporting devices and
data-collection programs. SNMP runs on top of the User Datagram Protocol
(UDP), offering a connectionless-mode service.
must connect a terminal directly to the console port.
Management Architecture
All of the management application modules use the same
Messaging Application Programming Interface (MAPI). By
unifying management methods with a single MAPI,
configuration parameters set using one method (e.g. console
port) are immediately displayed the other management
methods (e.g. SNMP agent of web browser).
The management architecture of the switch adheres to the
IEEE open standard. This compliance assures customers that
the switch is compatible with, and will interoperate with other
solutions that adhere to the same open standard.
User’s Manual 25
Hardened Managed Ethernet Switch
Web-Based Browser Management
The switch provides a web-based browser interface for
configuring and managing the switch. This interface allows
you to access the switch using a preferred web browser.
This chapter describes how to configure the switch using its
web-based browser interface.
26 User’s Manual
Hardened Managed Ethernet Switch
SNMP & RMON Management
This chapter describes the switch’s Simple Network
Management Protocol (SNMP) and Remote Monitoring
(RMON) capabilities.
Overview
RMON is an abbreviation for the Remote Monitoring MIB
(Management Information Base). RMON is a system defined
by the Internet Engineering Task Force (IETF) document RFC
2819, which defines how networks can be monitored
remotely.
RMONs typically consist of two components: an RMON probe
and a management workstation:
- The RMON probe is an intelligent device or software agent that continually
collects statistics about a LAN segment or VLAN. The RMON probe
transfers the collected data to a management workstation on request or
when a pre-defined threshold is reached.
- The management workstation collects the statistics that the RMON probe
gathers. The workstation can reside on the same network as the probe, or it
can have an in-band or out-of-band connection to the probe.
The switch provides RMON capabilities that allow network
administrators to set parameters and view statistical counters
defined in MIB-II, Bridge MIB, and RMON MIB. RMON
activities are performed at a Network Management Station
running an SNMP network management application with
graphical user interface.
SNMP Agent and MIB-2 (RFC 1213)
The SNMP Agent running on the switch manager CPU is
responsible for:
User’s Manual 27
Hardened Managed Ethernet Switch
- Retrieving MIB counters from various layers of software modules according
to the SNMP GET/GET NEXT frame messages.
- Setting MIB variables according to the SNMP SET frame message.
- Generating an SNMP TRAP frame message to the Network Management
Station if the threshold of a certain MIB counter is reached or if other trap
conditions (such as the following) are met:
WARM START
COLD START
LINK UP
LINK DOWN
AUTHENTICATION FAILURE
RISING ALARM
FALLING ALARM
TOPOLOGY ALARM
MIB-II defines a set of manageable objects in various layers
of the TCP/IP protocol suites. MIB-II covers all manageable
objects from layer 1 to layer 4, and, as a result, is the major
SNMP MIB supported by all vendors in the networking
industry. The switch supports a complete implementation of
SNMP Agent and MIB-II.
RMON MIB (RFC 2819) and Bridge MIB (RFC
1493)
The switch provides hardware-based RMON counters in the
switch chipset. The switch manager CPU polls these counters
periodically to collect the statistics in a format that complies
with the RMON MIB definition.
RMON Groups Supported
The switch supports the following RMON MIB groups defined in RFC 2819:
- RMON Statistics Group – maintains utilization and error statistics for the
switch port being monitored.
28 User’s Manual
Hardened Managed Ethernet Switch
- RMON History Group – gathers and stores periodic statistical samples from
the previous Statistics Group.
- RMON Alarm Group – allows a network administrator to define alarm
thresholds for any MIB variable. An alarm can be associated with Low
Threshold, High Threshold, or both. A trigger can trigger an alarm when the
value of a specific MIB variable exceeds a threshold, falls below a threshold,
or exceeds or falls below a threshold.
- RMON Event Group – allows a network administrator to define actions
based on alarms. SNMP Traps are generated when RMON Alarms are
triggered. The action taken in the Network Management Station depends
on the specific network management application.
Bridge Groups Supported
The switch supports the following four groups of Bridge MIB (RFC 1493):
- The dot1dBase Group – a mandatory group that contains the objects
applicable to all types of bridges.
- The dot1dStp Group – contains objects that denote the bridge’s state with
respect to the Spanning Tree Protocol. If a node does not implement the
Spanning Tree Protocol, this group will not be implemented. This group is
applicable to any transparent only, source route, or SRT bridge that
implements the Spanning Tree Protocol.
- The dot1dTp Group – contains objects that describe the entity’s transparent
bridging status. This group is applicable to transparent operation only and
SRT bridges.
- The dot1dStatic Group – contains objects that describe the entity’s
destination-address filtering status. This group is applicable to any type of
bridge which performs destination-address filtering.
User’s Manual 29
Hardened Managed Ethernet Switch
Web-Based Browser Management
The switch provides a web-based browser interface for
configuring and managing the switch. This interface allows
you to access the switch using a preferred web browser.
This chapter describes how to configure the switch using its
web-based browser interface.
Logging on to the switch
SWITCH IP ADDRESS
In your web browser, specify the IP address of the switch. Default IP address
30 User’s Manual
Hardened Managed Ethernet Switch
is 192.168.1.10.
LOGIN
Enter the factory default login ID: root.
PASSWORD
Enter the factory default password (no password).
Or enter a user-defined password if you followed the instructions later and
changed the factory default password.
Then click on the “Login” button to log on to the switch.
User’s Manual 31
Hardened Managed Ethernet Switch
Understanding the Browser Interface
The web browser interface provides groups of point-and-click
buttons at the left field of the screen for configuring and
managing the switch.
SYSTEM
System Information, System Name/Password, IP Address, Save
Configuration, Firmware Upgrade, Alarm Setting, Reboot, Logout
PORT
Configuration, Port Status, Rate Control, RMON Statistics, Per Port Vlan
Activities
SWITCHING
Bridging, Static MAC Entry, Port Mirroring
TRUNKING
Port Trunking
32 User’s Manual
Hardened Managed Ethernet Switch
STP / RING
Global Configuration, RSTP Port Setting, MSTP Properties, MSTP Instance
Setting, MSTP Port Setting, Ring Setting
VLAN
VLAN Mode Setting, 802.1Q VLAN Setting, 802.1Q Port Setting, Port Based
VLAN
QOS
Global Configuration, 802.1p Priority, DSCP
SNMP
SNMP General Setting, SNMP v1/v2c, SNMP v3
802.1X
Radius Configuration, Port-Based Authentication
OTHER PROTOCOLS
GVRP, IGMP Snooping, NTP
User’s Manual 33
Hardened Managed Ethernet Switch
System
System Information
View System information, VLAN ID, IP Address, and IP Subnet Mask of the
Switch.
34 User’s Manual
Hardened Managed Ethernet Switch
System Name/Password
1. System Name: Click in “System Name” text box. Type a system name if
it is blank, or replace the current system name with a new one.
2. Updating setting: Click “Updating setting” button to update your settings.
3. Password: Click in “Password” text box. Type a password.
4. Retype Password: Click in “Retype Password” text box. Type the same
password in “Password” text box again to verify it.
5. Updating setting: Click “Updating setting” button to update your settings.
User’s Manual 35
Hardened Managed Ethernet Switch
IP Address
1. IP Address: Click in “IP Address” text box and type a new address to
change the IP Address.
2. IP Subnet Mask: Click in “IP Subnet Mask” text box and type a new
address to change the IP Subnet Mask.
3. Submit: Click “Submit” button when you finished these selections.
4. You need to enter the new IP address on the browser and reconnect to
the switch after IP or subnet mask are changed.
5. Default Gateway: Click “Default Gateway” drop-down menu to choose
“Disable” or “Enable” from the “Default Gateway” drop-down list to
disable or enable Default Gateway Setting for the switch.
Click the text box and type a new address to change the Default
Gateway. (Need to choose “Enable” from the “Default Gateway”
drop-down menu.)
6. Submit: Click “Submit” button when you finished Default Gateway.
7. DNS Server: Click “DNS Server” drop-down menu to choose “Disable”
or “Enable” from the “DNS Server” drop-down list to disable or enable
DNS Server Setting for the switch.
Click the text box and type a new address to change the DNS Server.
36 User’s Manual
Hardened Managed Ethernet Switch
(Need to choose “Enable” from the “DNS Server” drop-down menu.)
8. Submit: Click “Submit” button when you finished DNS Server.
Save Configuration
1. Load config from TFTP server:
Click in “TFTP Server” text box and type the TFTP server IP address
from where the file will be obtained.
Click in “FILE” text box and type the name of the file that will be
obtained.
Click “Load” button to load the file from the TFTP server.
2. Backup config to TFTP server:
Click in “TFTP Server” text box and type the TFTP server IP address to
where the file will be back upped.
Click in “FILE” text box and type the name of the file that will be back
upped.
Click “Backup” button to backup the file to the TFTP server.
3. Save Configuration: Click “Save Configuration” button to save your
configuration settings.
4. Restore Default: Click “Restore Default” button to restore the default
settings of the switch.
5. Auto save: Click “Auto save” drop-down menu to choose “Disable” or
“Enable” from the “Auto save” drop-down list to disable or enable Auto
save for the switch.
6. Auto save interval (5~65536 sec): Click in “Auto save interval” text box
and type a decimal number between 5 and 65536.
7. Submit: Click “Submit” button when you finished Auto save
configuration.
User’s Manual 37
Hardened Managed Ethernet Switch
Firmware Upgrade
1. Filename: Click in “Filename” text box and type the name of the file that
you intend to upgrade it to the switch.
2. TFTP server IP: Click in “TFTP server IP” text box and type the TFTP
server IP address from where the file will be obtained.
3. Upgrade: Click “upgrade” button to upgrade firmware to the switch.
Please follow the message on the screen during the firmware upgrade
process. Do not turn off the power or perform other functions during this
period of time. Reboot the switch after completing the upgrade process.
38 User’s Manual
Hardened Managed Ethernet Switch
Please follow the message on the screen during the firmware upgrade
process. Do not turn off the power or perform other functions during this
period of time.
User’s Manual 39
Hardened Managed Ethernet Switch
40 User’s Manual
Hardened Managed Ethernet Switch
Firmware has been upgraded successfully to the switch. Reboot the switch
after completing the upgrade process.
User’s Manual 41
Hardened Managed Ethernet Switch
42 User’s Manual
Hardened Managed Ethernet Switch
Alarm Setting
1. Name: Click “Name” drop-down menu to choose “fe1~fe8”, “ge1~ge2”,
or “Power1~Power3” from the “Name” drop-down list.
2. Trigger Enabled: Click “Trigger Enabled” drop-down menu to choose
“YES” or “NO” from the “Trigger Enabled” drop-down list to enable or
disable Trigger.
3. Update Setting: Click “Update Setting” button to update settings to the
switch.
User’s Manual 43
Hardened Managed Ethernet Switch
Reboot
Reboot: Click “Reboot” button to restart the switch.
44 User’s Manual
Hardened Managed Ethernet Switch
Logout
Logout: Click “Logout” button to logout of the switch.
User’s Manual 45
Hardened Managed Ethernet Switch
Port
Configuration
1. Admin Setting: Click “Admin Setting” drop-down menu to choose “Link
down” or “Link up” from the “Admin Setting” drop-down list to disable or
enable Admin Setting for the port.
2. Speed: Click “Speed” drop-down menu to change the line speed and
duplex settings from the “Speed” drop-down list for the port.
3. Flow control: Click “Flow control” drop-down menu to choose “Disable”
or “Enable” from the “Flow control” drop-down list to disable or enable
Flow control for the port.
4. Submit: Click “Submit” button when you finished configurations.
46 User’s Manual
Hardened Managed Ethernet Switch
Port Status
View the Link Status, Speed, Duplex, and Flow control status for all ports.
User’s Manual 47
Hardened Managed Ethernet Switch
Rate Control
1. Ingress: Click in “Ingress” text box and type a new Rate to change the
Ingress Rate Control for the port.
Rate Values: 64kbps, 128kbps, 192kbps, … , 1792kbps.
2Mbps, 3Mbps, 4Mbps, … , 100Mbps.
104Mbps, 112Mbps, 120Mbps, … , 1000Mbps.
<Note>: M = 1024k.
2. Egress: Click in “Egress” text box and type a new Rate to change the
Egress Rate Control for the port.
Rate Values: 64kbps, 128kbps, 192kbps, … , 1792kbps.
2Mbps, 3Mbps, 4Mbps, … , 100Mbps.
104Mbps, 112Mbps, 120Mbps, … , 1000Mbps.
<Note>: M = 1024k.
3. Update setting: Click “Update setting” button when you finished these
Rate Control settings.
48 User’s Manual
Hardened Managed Ethernet Switch
RMON Statistics
Click Port 1 ~ Port 10 to view corresponding RMON Statistics.
User’s Manual 49
Hardened Managed Ethernet Switch
Per port vlan activities
Click Port 1 ~ Port 10 to view corresponding vlan activities.
50 User’s Manual
Switching
Hardened Managed Ethernet Switch
Bridging
1. Aging Time (seconds): Click the text box and type a decimal number as
Bridging Aging Time in seconds.
2. Update setting: Click “update setting” button when you finished Aging
Time settings.
3. Threshold level (0-100): Click in “Level” text box and type a decimal
number for the port. Need to choose “Broadcast” and/or
“DFL-Multicast“ from “Storm-control enabled type” for the port. DLF
(Destination Lookup Failure).
4. Storm-control enabled type: Choose “Broadcast” and/or “DLF-Multicast”
from “Storm-control enabled type” for the port.
5. Update Setting: Click “Update Setting” button when you finished
Threshold level and Storm-control enabled type settings.
User’s Manual 51
Hardened Managed Ethernet Switch
Static MAC Entry
Static-MAC-Entry Forward:
1. Add MAC address: Click in “Add MAC address” text box and type a
locked forwarding MAC address for the port.
2. VLAN ID: Click “VLAN ID” drop-down menu and choose a VLAN ID from
the “VLAN ID” drop-down list.
3. Delete MAC address: Click “Delete MAC address” drop-down menu and
choose a locked forwarding MAC address from the “Delete MAC
address” drop-down list to be deleted from the port.
4. Submit: Click “Submit” button when you finished Static-MAC-Entry
Forward settings.
Static-MAC-Entry Discard:
1. Add MAC address: Click in “Add MAC address” text box and type a
MAC address to be discarded for the port.
2. VLAN ID: VLAN ID: Click “VLAN ID” drop-down menu and choose a
VLAN ID from the “VLAN ID” drop-down list.
3. Delete MAC address: Click “Delete MAC address” drop-down menu and
choose a MAC address from the “Delete MAC address” drop-down list
to be discarded from the port.
4. Submit: Click “Submit” button when you finished Static-MAC-Entry
Discard settings.
52 User’s Manual
Hardened Managed Ethernet Switch
Port Mirroring
1. Mirror From: Choose Mirror From port from Port 1 ~ Port 10.
2. Mirror To: Click “Mirror To” drop-down menu to Choose Mirror To port
(Port 1 ~ Port 10) from “Mirror To” drop-down list.
3. Mirror Mode: Click “Mirror Mode” drop-down menu to Choose “Tx/Rx”,
“Tx”, or “Rx” from “Mirror Mode” drop-down list.
4. Submit: Click “Submit” button when you finished Port Mirroring settings.
User’s Manual 53
Hardened Managed Ethernet Switch
Trunking
Port Trunking
Static Channel Group:
1. Trunk 1: Click Port 1 ~ Port 8 to assign ports to Trunk 1. (Maximum 4
ports in Trunk 1.)
GE Trunking:
1. Trunk 3: Click “Static” or “Disable” for Trunk 3.
2. Submit: Click “Submit” button when you finished Port Trunking settings.
54 User’s Manual
STP / Ring
Hardened Managed Ethernet Switch
Global Configuration
1. Spanning Tree Protocol: Click “Spanning Tree Protocol” drop-down
menu to Choose “Enable” or “Disable” from “Spanning Tree Protocol”
drop-down list to enable or disable Spanning Tree Protocol.
2. Bridge Priority (0..61440): Click in “Bridge Priority” text box and type a
decimal number between 0 and 61440.
3. Hello Time (sec) (1..9): Click in “Hello Time” text box and type a decimal
number between 1 and 9.
4. Max Age (sec) (6..28): Click in “Max Age” text box and type a decimal
number between 6 and 28.
5. Forward Delay (sec) (4..30): Click in “Forward Delay” text box and type
a decimal number between 4 and 30.
6. STP Version: Click “STP Version” drop-down menu to choose “MSTP”,
User’s Manual 55
Hardened Managed Ethernet Switch
“RSTP”, or “STP compatible” from “STP Version” drop-down list.
7. Update setting: Click “Update setting” button when you finished Global
Configuration.
RSTP Port Setting
1. STP Version: Click “STP Version” drop-down menu to choose “RSTP”
from “STP Version” drop-down list.
2. Port: Click “Port” drop-down menu to Choose Port 1 ~ Port 10 from
“Port” drop-down list.
3. Priority(Granularity 16): Click in “Priority” text box and enter a value
between 0 and 240 to set the priority for the port. A higher priority will
designate the port to forward packets first. A lower number denotes a
higher priority. This entry must be divisible by 16. The default priority
setting is 128.
4. Admin. Path Cost: Click in “Admin. Path Cost” text box and enter a value
between 0 and 2000000 to set the Admin. Path Cost for the port. 0 (auto)
- Setting 0 for the Admin. Path Cost will automatically set the speed for
forwarding packets to the port for optimal efficiency. Default port cost:
100Mbps port = 200000. Gigabit port = 20000.
5. Point to Point Link: Click “Point to Point Link” drop-down menu to
Choose “Enable” or “Disable” from “Point to Point Link” drop-down list to
enable or disable Point to Point Link for the port.
6. Edge Port: Click “Edge Port” drop-down menu to Choose “Enable”,
“Disable”, or “Auto” from “Edge Port” drop-down list to set Enable,
Disable, or Auto Edge Port for the port.
7. Update setting: Click “Update setting” button when you finished RSTP
56 User’s Manual
Port Setting.
Hardened Managed Ethernet Switch
User’s Manual 57
Hardened Managed Ethernet Switch
MSTP Properties
1. STP Version: Click “STP Version” drop-down menu to choose “MSTP”
from “STP Version” drop-down list.
2. Region Name: Click in “Region Name” text box to create an MST region
and specify a name to it. MST bridges of a region form different
spanning trees for different VLANs. By default, each MST bridge starts
with the region name as its bridge address. This means each MST
bridge is a region by itself, unless specifically added to one.
3. Revision Level: Click in “Revision Level” text box to specify the number
for configuration information. The default value of revision number is 0.
4. Max Hops: Click in “Max Hops” text box to specify the maximum allowed
hops for BPDU in an MST region. This parameter is used by all the
instances of the MST. Specifying the max hops for a BPDU prevents the
messages from looping indefinetely in the network. When a bridge
receives a MST BPDU that has exceeded the allowed max-hops, it
discards the BPDU.
5. Update setting: Click “Update setting” button when you finished MSTP
Properties setting.
58 User’s Manual
Hardened Managed Ethernet Switch
User’s Manual 59
Hardened Managed Ethernet Switch
MSTP Instance Setting
VLAN Instance Configuration
1. VLAN Instance Configuration: Click “VLAN Instance Configuration”
button. The “VLAN Instance Configuration” window appears.
2. VLAN ID: Click “VLAN ID” drop-down menu to choose VLAN from
“VLAN ID” drop-down list to simultaneously add multiple VLANs for the
corresponding instance of a bridge.
3. Instance ID (1..15): Click in “Instance ID” text box to specify the instance
ID.
4. Update setting: Click “Update setting” button when you finished VLAN
Instance Configuration.
Included VLANs
1. Instance ID: Click “Instance ID” drop-down menu to choose instance ID
from “Instance ID” drop-down list.
2. Included VLAN: Click “Included VLAN” drop-down menu to choose
VLAN from “Included VLAN” drop-down list.
Instance Setting
1. Bridge Priority (0..61440): Click in “Bridge Priority” text box to set the
bridge priority for an MST instance to the value specified. The lower the
priority of the bridge, the better the chances are the bridge becoming a
root bridge or a designated bridge for the LAN.
2. Update setting: Click “Update setting” button when you finished VLAN
60 User’s Manual
Instance Configuration.
Hardened Managed Ethernet Switch
User’s Manual 61
Hardened Managed Ethernet Switch
MSTP Port Setting
Port Instance Configuration
1. Instance ID: Click “Instance ID” drop-down menu to choose instance ID
from “Instance ID” drop-down list.
2. Click Port 1 ~ Port 10 to assign ports to the corresponding instance ID.
3. Update setting: Click “Update setting” button when you finished Port
Instance Configuration.
Instance ID
1. Instance ID: Click “Instance ID” drop-down menu to choose instance ID
from “Instance ID” drop-down list.
MSTP Port Configuration
1. Port: Click “Port” drop-down menu to choose port from “Port” drop-down
list.
2. Priority(Granularity 16): Click in “Priority” text box to set the port priority
for a bridge group. The Multiple Spanning Tree Protocol uses port
priority as a tiebreaker to determine which port should forward frames
for a particular instance on a LAN, or which port should be the root port
for an instance. A lower value implies a better priority. In the case of the
62 User’s Manual
Hardened Managed Ethernet Switch
same priority, the interface index will serve as the tiebreaker, with the
lower-numbered interface being preferred over others. The permitted
range is 0-240. The priority values can only be set in increments of 16.
3. Admin. Path Cost: Click in “Admin. Path Cost” text box to set the cost of
a path associated with an interface.
4. Update setting: Click “Update setting” button when you finished MSTP
Port Setting.
Ring Setting
Ring state
1. Click “Ring state” drop-down menu from “Ring state” drop-down list to
choose “Enable” or “Disable” to enable or disable Ring state.
2. Update setting: Click “Update setting” button when you finished Ring
state setting.
Set ring port
1. Ring port 1: Click “Ring port 1” drop-down menu to choose Ring port 1
from “Ring port 1” drop-down list.
2. Ring port 2: Click “Ring port 2” drop-down menu to choose Ring port 2
from “Ring port 2” drop-down list.
User’s Manual 63
Hardened Managed Ethernet Switch
3. Update setting: Click “Update setting” button when you finished Set ring
port.
64 User’s Manual
VLAN
Hardened Managed Ethernet Switch
VLAN Mode Setting
1. VLAN Mode Setting: Click “VLAN Mode Setting” drop-down menu to
choose “Tag-based VLAN” or “Port-based VLAN” from “VLAN Mode
Setting” drop-down list.
2. Update Setting: Click “Update Setting” button when you finished VLAN
Mode Setting.
User’s Manual 65
Hardened Managed Ethernet Switch
66 User’s Manual
Hardened Managed Ethernet Switch
802.1Q VLAN setting
Add VLAN:
1. VLAN setting: Click “VLAN setting”. The “VLAN Setting” window
appears.
2. Add VLAN: Click “Add VLAN” button to create a new VLAN from “VLAN
Setting” window.
3. VLAN ID(2-4094): Click in the “VLAN ID” textbox and specify a new
VLAN ID number from 2 ~ 4094.
4. VLAN Name: Click in the “VLAN Name” textbox and type a name for this
newly created VLAN.
Add port to or delete port from VLAN:
1. VLAN Member: Choose the port to be added to or deleted from the
VLAN.
2. Tag or Untag: Click “Tag or Untag” drop-down menu to Choose “Tag” or
“Untag” from “Tag or Untag” drop-down list for a “Hybrid” port.
3. Submit: Click “Submit” button when you finished VLAN setting.
Delete VLAN:
1. VLAN setting: Click “VLAN setting”. The “VLAN Setting” window
appears.
2. Delete VLAN: Click “Delete VLAN” button.
User’s Manual 67
Hardened Managed Ethernet Switch
3. Select a VLAN ID: Click “Select a VLAN ID” drop-down menu from
“Select a VLAN ID” drop-down list to choose the VLAN to be deleted.
4. Submit: Click “Submit” button when you finished VLAN setting.
802.1Q Port Setting
1. VLAN Port Setting: Click “VLAN Port Setting”. The “VLAN Port Setting”
window appears.
2. Mode: Click “Mode” drop-down menu to choose “Access”, “Trunk”, or
“Hybrid” from “Mode” drop-down list for the port. The port will be Tag port
if you choose “Trunk” Mode for the port. And the port will be Tag or
Untag port if you choose “Hybrid” Mode for the port.
3. PVID: Click in the “PVID” textbox and specify a new PVID number for
the port.
4. Update Setting: Click “Update Setting” button when you finished VLAN
Port Setting.
68 User’s Manual
Hardened Managed Ethernet Switch
User’s Manual 69
Hardened Managed Ethernet Switch
Port Based VLAN
1. VLAN: Choose the port to be added to or deleted from the VLAN.
2. Select all: Click “select all” button to choose Port 1 ~ Port 10 all to be
added to the VLAN.
3. Delete all: Click “delete all” button to choose Port 1 ~ Port 10 all to be
deleted from the VLAN.
4. Submit: Click “Submit” button when you finished Port Based VLAN
setting.
70 User’s Manual
QoS
Hardened Managed Ethernet Switch
Global Configuration
1. QoS: Click “QoS” drop-down menu from “QoS” drop-down list to choose
“Enable” or “Disable” to enable or disable QoS.
2. Trust: Enable or disable the switch port to trust the CoS (Class of
Service) labels of all traffic received on that port. Enable or disable a
routed port to trust the DSCP (Differentiated Service Code Point) labels
of all traffic received on that port.
3. Policy: Choose “Strict Priority(Queue3) + WRR(Queue0-2)” or
“WRR(Queue0-3)”. A strict priority queue is always emptied first. The
queues that are used in the WRR (Weighted Round Robin) are emptied
in a round−robin fashion, and you can configure the weight for each
queue.
4. Weighted Round Robin: Click in the “Weight(1~55)” textbox and specify
a new number from 1 ~ 55 for Queue 0 ~ 3.
5. Submit: Click “Submit” button when you finished Global Configuration.
User’s Manual 71
Hardened Managed Ethernet Switch
802.1p Priority
1. Priority: Click “Priority” drop-down menu from “Priority” drop-down list to
choose 0 ~ 3 for VLAN Priority 0 ~ 7.
2. Submit: Click “Submit” button when you finished 802.1p priority.
72 User’s Manual
Hardened Managed Ethernet Switch
DSCP
1. Priority: Click “Priority” drop-down menu from “Priority” drop-down list to
choose 0 ~ 3 for DSCP Priority 0 ~ 63.
2. Submit: Click “Submit” button when you finished DSCP.
User’s Manual 73
Hardened Managed Ethernet Switch
SNMP
SNMP General Setting
1. SNMP Status: Click “SNMP Status” drop-down menu from “SNMP
Status” drop-down list to choose “Enable” or “Disable” to enable or
disable SNMP.
2. Description: Click in the “Description” textbox and specify a new
description for SNMP.
3. Location: Click in the “Location” textbox and specify a new location for
SNMP.
4. Contact: Click in the “Contact” textbox and specify a new contact for
SNMP.
74 User’s Manual
Hardened Managed Ethernet Switch
5. Trap Community Name: For each “Trap Community Name”, Click in the
“Trap Community Name” textbox and specify a trap community name.
6. Trap Host IP Address: For each “Trap Host IP Address”, Click in the
“Trap Host IP Address” textbox and specify a trap host IP address.
7. Cold Start Trap: Click “Cold Start Trap” drop-down menu from “Cold
Start Trap” drop-down list to choose “Enable” or “Disable” to enable or
disable cold start trap.
8. Warm Start Trap: Click “Warm Start Trap” drop-down menu from “Warm
Start Trap” drop-down list to choose “Enable” or “Disable” to enable or
disable warm start trap.
9. Link Down Trap: Click “Link Down Trap” drop-down menu from “Link
Down Trap” drop-down list to choose “Enable” or “Disable” to enable or
disable link down trap.
10. Link Up Trap: Click “Link Up Trap” drop-down menu from “Link Up Trap”
drop-down list to choose “Enable” or “Disable” to enable or disable link
up trap.
11. Authentication Failure Trap: Click “Authentication Failure Trap”
drop-down menu from “Authentication Failure Trap” drop-down list to
choose “Enable” or “Disable” to enable or disable authentication failure
trap.
12. Topology Change Trap: Click “Topology Change Trap” drop-down menu
from “Topology Change Trap” drop-down list to choose “Enable” or
“Disable” to enable or disable topology change trap.
13. Update Setting: Click “Update Setting” button when you finished SNMP
General Setting.
User’s Manual 75
Hardened Managed Ethernet Switch
SNMP v1/v2c
1. Get Community Name: Click in the “Get Community Name” textbox and
specify a get community name.
2. Set Community Name: Click in the “Set Community Name” textbox and
specify a set community name.
3. Update Setting: Click “Update Setting” button when you finished SNMP
V1/V2c Setting.
76 User’s Manual
Hardened Managed Ethernet Switch
User’s Manual 77
Hardened Managed Ethernet Switch
SNMP v3
Add User:
1. Add User: Click “Add User” button. The “SNMP V3 Setting” window
appears.
2. SNMP Version: Click “SNMP Version” drop-down menu from “SNMP
Version” drop-down list to choose “SNMPv3 No-Auth”, “SNMPv3
Auth-MD5”, “SNMPv3 Auth-SHA”, “SNMPv3 Priv Auth-MD5”, or
“SNMPv3 Priv Auth-SHA”.
y SNMPv3 No-Auth: Add a user using SNMP v3 without authentication.
y SNMPv3 Auth-MD5: Add a user using SNMP v3 with authentication.
Click in the “Auth. Password” textbox and specify an authentication
password.
y SNMPv3 Auth-SHA: Add a user using SNMP v3 with authentication.
Click in the “Auth. Password” textbox and specify an authentication
password.
y SNMPv3 Priv Auth-MD5: Add a user using SNMP v3 with
authentication and privacy. Click in the “Auth. Password” textbox and
specify an authentication password. Click in the “Privacy
PassPhrase” textbox and specify a privacy pass phrase.
y SNMPv3 Priv Auth-SHA: Add a user using SNMP v3 with
authentication and privacy. Click in the “Auth. Password” textbox and
specify an authentication password. Click in the “Privacy
PassPhrase” textbox and specify a privacy pass phrase.
78 User’s Manual
Hardened Managed Ethernet Switch
3. User Name: Click in the “User Name” textbox and specify a user name
for user using SNMP v3.
4. Access Mode: Click “Access Mode” drop-down menu from “Access
Mode” drop-down list to choose “Read Only” or “Read/Write”.
y Read Only: Add a user using SNMP v3 with read-only access mode.
y Read/Write: Add an user using SNMP v3 with read-write access
mode
5. Sumit: Click “Sumit” button when you finished SNMP V3 Setting.
Delete User:
1. Delete User: Click “Delete User” button. The “Select User Name”
window appears.
2. Select User Name: Click “Select User Name” drop-down menu from
“Select User Name” drop-down list to choose the user to be deleted
from using SNMP v3.
3. Sumit: Click “Sumit” button when you finished user deletion.
User’s Manual 79
Hardened Managed Ethernet Switch
802.1x
Radius Configuration
1. Radius Status: Click “Radius Status” drop-down menu from “Radius
Status” drop-down list to choose “Enable” or “Disable” to globally enable
or disable authentication.
2. Update Setting: Click “Update Setting” button when you finished Radius
Status Setting.
80 User’s Manual
Hardened Managed Ethernet Switch
Add Radius:
1. Add Radius: Click “Add Radius” button. The “Radius Server Setting”
window appears.
2. Radius Server IP: Click in the “Radius Server IP” textbox and specify the
IP address of the remote radius server host.
3. Radius Server Port: Click in the “Radius Server Port” textbox and
specify the UDP destination port for authentication requests. The host is
not used for authentication if set to 0.
4. Secret Key: Click in the “Secret Key” textbox and specify the
authentication and encryption key for all radius communications
between the Switch and radius server. This key must match the
encryption used on the radius daemon. All leading spaces are ignored,
but spaces within and at the end of the key are used. If spaces are used
in the key, do not enclose the key in quotaion marks unless the
quotation marks themselves are part of the key.
5. Timeout <1-1000>: Click in the “Timeout” textbox and specify the time
interval (in seconds) that the Switch waits for the radius server to reply
before retransmitting. Enter a value in the range 1 to 1000.
6. Retransmit <1-100>: Click in the “Retransmit” textbox and specify the
number of times a radius request is resent to a server if that server is not
responding or responding slowly. Enter a value in the range 1 to 100.
7. Sumit: Click “Sumit” button when you finished Radius Server Setting.
User’s Manual 81
Hardened Managed Ethernet Switch
Delete Radius:
1. Delete Radius: Click “Delete Radius” button. The “Select Radius Server
IP” window appears.
2. Select Radius Server IP: Click “Select Radius Server IP” drop-down
menu from “Select Radius Server IP” drop-down list to choose the IP
address of the remote radius server host to be deleted.
3. Sumit: Click “Sumit” button when you finished radius server deletion.
82 User’s Manual
Hardened Managed Ethernet Switch
Port Authentication
1. Interface: Click “Interface” drop-down menu from “Interface” drop-down
list to choose the port to be set port-based authentication.
2. Authentication State: Click “Authentication State” drop-down menu from
“Authentication State” drop-down list to choose “Enable” or “Disable” to
enable or disable authentication state.
3. Port Control: Click “Port Control” drop-down menu from “Port Control”
drop-down list to choose “Auto”, “Force Authorized”, or “Force
Unauthorized” to force a port state. “Auto” specifies to enable
authentication on port. “Force Authorized” specifies to force a port to
always be in an authorized state. “Force Unauthorized” specifies to
force a port to always be in an unauthorized state.
4. Periodic Reauthentication: Click “Periodic Reauthentication” drop-down
menu from “Periodic Reauthentication” drop-down list to choose
User’s Manual 83
Hardened Managed Ethernet Switch
“Enable” or “Disable” to enable or disable periodic reauthentication.
5. Reauthentication Period <1-4294967295>: Click in the
“Reauthentication Period” textbox and specify the seconds between
reauthorization attempts. The default time is 3600 seconds.
6. Update Setting: Click “Update Setting” button when you finished
port-based authentication setting.
84 User’s Manual
Other Protocols
Hardened Managed Ethernet Switch
GVRP
GVRP Global Setting:
1. GVRP: Click “GVRP” drop-down menu from “GVRP” drop-down list to
choose “Enable” or “Disable” to enable or disable GVRP (GARP VLAN
Registration Protocol).
User’s Manual 85
Hardened Managed Ethernet Switch
2. Dynamic VLAN creation: Click “Dynamic VLAN creation” drop-down
menu from “Dynamic VLAN creation” drop-down list to choose “Enable”
or “Disable” to enable or disable Dynamic VLAN creation. GARP
(Generic Attribute Registration Protocol) provides IEEE802.1Q
compliant VLAN pruning and dynamic VLAN creation on IEEE802.1Q
trunk ports.
3. Update Setting: Click “Update Setting” button when you finished GVRP
Global Setting.
Per port setting (include LAG):
1. GVRP: Click “GVRP” drop-down menu from “GVRP” drop-down list to
choose “Enable” or “Disable” to enable or disable GVRP for the port.
2. GVRP applicant: Click “GVRP applicant” drop-down menu from “GVRP
applicant” drop-down list to choose “Active” or “Normal” to the port.
Ports in the GVRP active applicant state send GVRP VLAN declarations
when they are in the STP (Spanning Tree Protocol) blocking state,
which prevents the STP bridge protocol data units (BPDUs) from being
pruned from the other port. Ports in the GVRP normal applicant state do
not declare GVRP VLANs when in the STP blocking state.
3. GVRP registration: Click “GVRP registration” drop-down menu from
“GVRP registration” drop-down list to choose “Enable” or “Disable” to
enable or disable GVRP registration to the port. Configuring an
IEEE802.1Q trunk port in registration mode allows dynamic creation (if
dynamic VLAN creation is enabled), registration, and deregistration of
VLANs on the trunk port.
4. Update Setting: Click “Update Setting” button when you finished Per
port setting.
86 User’s Manual
Hardened Managed Ethernet Switch
IGMP Snooping
1. IGMP mode: Click “IGMP mode” drop-down menu from “IGMP mode”
drop-down list to choose “Disable”, “Passive”, or “querier” for the switch.
Disable: Disable IGMP on the switch. Passive: The switch with only
multicast-data-forwarding capability. Querier: The switch acts as the
querier for the network. There is only one querier on a network at any
time.
2. Update Setting: Click “Update Setting” button when you finished IGMP
mode settings.
3. VLAN ID: Click “VLAN ID” drop-down menu from “VLAN ID” drop-down
list to choose the VLAN under configuration for the switch.
4. IGMP version: Click “IGMP version” drop-down menu from “IGMP
version” drop-down list to choose “1”, “2”, or “3” for the switch.
5. Fast-leave: Click “fast-leave” drop-down menu from “fast-leave”
drop-down list to choose “Enable” or “Disable” for the switch. Enable this
function will allow members of a multicast group to leave the group
immediately when an IGMP Leave Report Packet is received by the
Switch.
IGMP querier:
1. Query-interval: Click in the “query-interval” textbox and specify a new
number from 1 ~ 18000. The query-interval field is used to set the time
(in seconds) between transmitting IGMP queries. Entries between 1 and
18000 seconds are allowed. Default = 125.
User’s Manual 87
Hardened Managed Ethernet Switch
2. Max-response-time: Click in the “max-response-time” textbox and
specify a new number from 1 ~ 124. This determines the maximum
amount of time in seconds allowed before sending an IGMP response
report. The max-response-time field allows an entry between 1 and 124
(seconds). Default = 10.
IGMP passive snooping:
1. Report suppression: Click “report suppression” drop-down menu from
“report suppression” drop-down list to choose “Enable” or “Disable” for
the switch. Use this command to enable report suppression for IGMP
version 1 and version 2. Report suppression does not apply to IGMP
version 3, and is turned off by default for IGMP versionn1 and IGMP
version 2 reports. The switch uses IGMP report suppression to forward
only one IGMP report per multicast router query to multicast devices.
When IGMP router suppression is enabled, the switch sends the first
IGMP report from all hosts for a group to all the multicast routers. The
switch does not send the remaining IGMP reports for the group to the
multicast routers. This feature prevents duplicate reports from being
sent to the multicast devices.
2. Update Setting: Click “Update Setting” button when you finished IGMP
Snooping.
88 User’s Manual
Hardened Managed Ethernet Switch
NTP
NTP Setting:
1. NTP Status: Click “NTP Status” drop-down menu from “NTP Status”
drop-down list to choose “Enable” or “Disable” to enable or disable NTP
for the Switch.
2. NTP Server (IP Address or Domain name): Click in the “NTP Server”
textbox and specify the IP address or Domain name of NTP server.
3. Sync Time: Click “Sync Time” button to synchronize time with NTP
server.
4. Time Zone: Click “Tmie Zone” drop-down menu from “Tmie Zone”
drop-down list to set time zone.
5. Polling Interval (1-10080 min): Click in the “Polling Interval” textbox and
specify the polling interval.
6. Update Setting: Click “Update Setting” button when you finished NTP
Setting.
Daylight Saving Setting:
User’s Manual 89
Hardened Managed Ethernet Switch
1. Daylight Saving Mode: Click "Daylight Saving Mode" drop-down menu
from "Daylight Saving Mode" drop-down list to choose "Disable",
"Weekday", or "Date" to choose disable, weekday, or date daylight
saving for the Switch.
2. Time Set Offset (1-1440 min): Click in the "Time Set Offset" textbox and
specify the offset time of daylight saving. For example enter 60 for one
hour offset.
3. Daylight Saving Tmiezone: Click in the "Daylight Saving Tmiezone"
textbox and specify the daylight saving timezone. This can be any given
name in 14-character alpha-numericals. Enter the Daylight-Saving time
zone using the following example:
EDT - East Daylight Saving Time Zone.
CDT - Central Daylight-Saving Time Zone.
MDT - Mountain Daylight-Saving Time Zone.
PDT - Pacific Daylight-Saving Time Zone.
ADT - Alaska Daylight-Saving Time Zone.
4. Weekday: Click in the textboxes and specify the daylight saving period.
• Month: Click "Month" drop-down menu from "Month" drop-down
list to choose from January to December.
• Week: <1-5> Specifies weekdays from Monday to Friday.
• Day: Click "Day" drop-down menu from "Day" drop-down list to
choose from Sunday to Saturday.
• Hour: <0-23> Specifies from 0 to 23.
• Minute: <0-59> Specifies from 0 to 59.
5. Date: Click in the textboxes and specify the daylight saving period.
• Month: Click "Month" drop-down menu from "Month" drop-down
list to choose from January to December.
• Day: <1-31> Specifies from 1 to 31.
• Hour: <0-23> Specifies from 0 to 23.
• Minute: <0-59> Specifies from 0 to 59.
6. Update Setting: Click "Update Setting" button when you finished
Daylight Saving Setting.
<Note> The “Week”, “Hour”, “Minute”, and “Day” fields would not
accept the alphabetic characters (Like Jan, Fe b, sun, mon). They only
accept the two digit numbers (0 throught 9).
90 User’s Manual
Hardened Managed Ethernet Switch
Command Line Console Management
The switch provides a command line console interface for
configuration purposes. The switch can be configured either
locally through its RS-232 port or remotely via a Telnet
session. For the later, you must specify an IP address for the
switch first.
This chapter describes how to configure the switch using its
console by Commend Line.
Administration Console
Connect the DB9 straight cable to the RS-232 serial port of the device to the
RS-232 serial port of the terminal or computer running the terminal emulation
application.
Direct access to the administration console is achieved by directly connecting
a terminal or a PC equipped with a terminal-emulation program (such as
HyperTerminal) to the switch console port.
When using the management method, configure the terminal-emulation
program to use the following parameters (you can change these settings after
login):
[Default parameters]
115,200bps
8 data bits
No parity
1 stop bit
User’s Manual 91
Hardened Managed Ethernet Switch
Exec Mode (View Mode)
Logon to Exec Mode (View Mode)
At the switch_a login: prompt just type in “root” and press <Enter> to logon
to Exec Mode (or View Mode).
switch_a login: root
92 User’s Manual
Hardened Managed Ethernet Switch
Basic commands
Exec Mode (or View Mode) is the base mode from where users can perform
basic commands like:
clear, debug, disable, enable, exit, help, logout, no, quit, show, terminal
The CLI contains a text-based help facility. Access this help by typing in the
full or partial command string then typing a question mark “?”. The CLI
displays the command keywords or parameters along with a short
description.
At the switch_a> prompt just press <?> to list the above basic commands.
switch_a>?
At the switch_a> prompt just type in the full or partial command string then
typing a question mark “?” to display the command keywords or parameters
along with a short description.
switch_a>show ?
User’s Manual 93
Hardened Managed Ethernet Switch
Login timed out
The login session to Exec Mode (or View Mode) has timed out due to an
extended period of inactivity (60 seconds) to indicate authentication attempt
timed out. And the switch_a login: prompt will show on the screen.
Logon back to Exec Mode (View Mode)
At the switch_a login: prompt just type in “root” and press <Enter> to logon
94 User’s Manual
back to Exec Mode (or View Mode).
switch_a login: root
Hardened Managed Ethernet Switch
Exit from Exec Mode (View Mode)
At the switch_a> prompt just type in “exit” and press <Enter> to exit from
Exec Mode (or View Mode).
switch_a>exit
User’s Manual 95
Hardened Managed Ethernet Switch
Privileged Exec Mode (Enable Mode)
Logon to Privileged Exec Mode (Enable Mode)
At the switch_a> prompt just type in “enable” and press <Enter> to logon to
Privileged Exec Mode (or Enable Mode). And the switch_a# prompt will
show on the screen.
switch_a>enable
Commands
Privileged Exec Mode (or Enable Mode) allows users to run commands as
following.
At the switch_a# prompt just press <?> to list the commands.
switch_a#?
96 User’s Manual
Hardened Managed Ethernet Switch
At the switch_a# prompt just type in the full or partial command string then
typing a question mark “?” to display the command keywords or parameters
along with a short description.
switch_a#show ?
User’s Manual 97
Hardened Managed Ethernet Switch
Login timed out
The login session to Privileged Exec Mode (or Enable Mode) has timed out
due to an extended period of inactivity (60 seconds) to indicate authentication
attempt timed out. And the switch_a login: prompt will show on the screen.
Logon back to Exec Mode (View Mode)
At the switch_a login: prompt just type in “root” and press <Enter> to logon
98 User’s Manual
back to Exec Mode (or View Mode).
switch_a login: root
Hardened Managed Ethernet Switch
Exit from Privileged Exec Mode (or Enable Mode)
At the switch_a# prompt just type in “exit” and press <Enter> to exit from
Privileged Exec Mode (or Enable Mode).
switch_a#exit
User’s Manual 99
Hardened Managed Ethernet Switch
Configure Mode (Configure Terminal Mode)
Logon to Configure Mode (Configure Terminal Mode)
At the switch_a# prompt just type in “configure terminal” and press <Enter>
to logon to Configure Mode (or Configure Terminal Mode). And the
switch_a(config)# prompt will show on the screen.
switch_a#configure terminal
Commands
Configure Mode (or Configure Terminal Mode) serves as a gateway into the
modes as following.
At the switch_a(config)# prompt just press <?> to list the commands.
switch_a(config)#?
100 User’s Manual
Loading...