HP FlexNetwork NJ5000 5G PoE+ Walljack User Manual

HPE FlexNetwork NJ5000 5G PoE+ Walljack Switch

User Guide

Part number: 5998-7332R Software version: Release 1108 Document version: 6W101-20161012

Enterprise products and services are set forth in the express warranty statements acco mpanying such products and services. Nothing herein should be construe d as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions co ntained herein.

Confidential computer software. V alid license from Hewlett Packard Enterprise required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and T e chnical Data for Commercial Items are licensed to the U.S. Government under vendor’s standard commercial license.

Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise website.

Acknowledgments

Intel®, Itanium®, Pentium®, Intel Inside®, and the Intel Inside logo are trademarks of Intel Corporation in the United States and other countries.

Microsoft® and Windows® are trademarks of the Microsoft group of companies. Adobe® and Acrobat® are trademarks of Adobe Systems In corporated. Java and Oracle are registered trademarks of Oracle and/or its affiliates. UNIX® is a registered trademark of The Open Group.

Overview ········································································································· 1

Accessing the Web interface ····························································································································· 1

Restrictions and guidelines for Web-based login ······················································································· 1 Logging in to the Web interface for the first time ························································································ 4 Logging out of the Web interface ··············································································································· 5

Using the Web interface ····································································································································· 6

Icons and buttons ······································································································································· 6 Page display function ································································································································· 7 Search function ·········································································································································· 7 Sort function ··············································································································································· 9

Feature summary ·························································································· 10

Feature menu navigators for the Web interface ······························································································· 10

Wizard menu ············································································································································ 10 Summary menu ········································································································································ 10 Device menu ············································································································································ 11 Network menu ·········································································································································· 13 Authentication menu ································································································································ 16 Security menu ·········································································································································· 17 QoS menu ················································································································································ 17 PoE menu ················································································································································ 19

Features configurable from the CLI ················································································································· 19

manage-mode ·········································································································································· 20 poe force-power ······································································································································· 20 poe legacy enable ···································································································································· 21

Configuration wizard ····················································································· 23

Basic service setup ·································································································································· 23 Entering the configuration wizard homepage ··························································································· 23 Configuring system parameters ··············································································································· 23 Configuring management IP address ······································································································· 24 Finishing configuration wizard ·················································································································· 26

Displaying system and device information ···················································· 28

Displaying system information ························································································································· 28

Displaying basic system information ········································································································ 28 Displaying the system resource state ······································································································ 29 Displaying recent system logs ·················································································································· 29 Setting the refresh period ························································································································· 29

Displaying device information ·························································································································· 29

Configuring basic device settings ································································· 31

Configuring system name ································································································································ 31 Configuring idle timeout period ························································································································ 31

Maintaining devices ······················································································ 32

Software upgrade ············································································································································· 32 Device reboot ··················································································································································· 33 Electronic label ················································································································································· 33 Diagnostic information ····································································································································· 34

Configuring system time ··············································································· 35

Overview ·························································································································································· 35 Displaying the current system time ·················································································································· 35 Manually configuring the system time ·············································································································· 35 Configuring system time by using NTP ············································································································ 36 Configuring the time zone and daylight saving time ························································································ 37

System time configuration example ················································································································· 38

Network requirements ······························································································································ 38 Configuring the system time ····················································································································· 38 Verifying the configuration ························································································································ 39

Configuring syslog ························································································ 40

Displaying syslogs ··········································································································································· 40 Setting the log host ·········································································································································· 41 Setting buffer capacity and refresh interval ······································································································ 42

Managing the configuration ··········································································· 43

Backing up the configuration ···························································································································· 43 Restoring the configuration ······························································································································ 43 Saving the configuration ·································································································································· 44 Resetting the configuration ······························································································································ 45

Managing files ······························································································· 46

Displaying files ················································································································································· 46 Downloading a file ············································································································································ 46 Uploading a file ················································································································································ 47 Removing a file ················································································································································ 47 Specifying the main boot file ···························································································································· 47

Managing ports ····························································································· 48

Setting operation parameters for a port ··········································································································· 48 Displaying port operation parameters ·············································································································· 51

Displaying a specified operation parameter for all ports ·········································································· 51 Displaying all the operation parameters for a port ··················································································· 51

Port management configuration example ········································································································ 52

Network requirements ······························································································································ 52 Configuring the switch ······························································································································ 53

Configuring port mirroring ············································································· 56

Terminology ····················································································································································· 56

Mirroring source ······································································································································· 56 Mirroring destination ································································································································· 56 Mirroring direction ···································································································································· 56

Mirroring group ········································································································································· 56 Local port mirroring ·········································································································································· 56 Configuration restrictions and guidelines ········································································································· 57 Recommended configuration procedures ········································································································ 57 Configuring a mirroring group ·························································································································· 58 Configuring ports for the mirroring group ········································································································· 58 Local port mirroring configuration example ······································································································ 59

Network requirements ······························································································································ 59

Configuration procedure ··························································································································· 60

Managing users ···························································································· 62

Adding a local user ·········································································································································· 62 Setting the super password ····························································································································· 63 Switching to the management level ················································································································· 64

Configuring a loopback test ·········································································· 65

Configuration guidelines ·································································································································· 65 Configuration procedure ·································································································································· 65

Configuring VCT ··························································································· 67

Configuring the flow interval ·········································································· 68

Viewing port traffic statistics ····························································································································· 68

Configuring RMON ························································································ 69

Working mechanism ································································································································· 69

RMON groups ·········································································································································· 69 RMON configuration task list ··························································································································· 70

Configuring a statistics entry ···················································································································· 72

Configuring a history entry ······················································································································· 73

Configuring an event entry ······················································································································· 74

Configuring an alarm entry ······················································································································· 75

Displaying RMON statistics ······················································································································ 77

Displaying RMON history sampling information ······················································································· 78

Displaying RMON event logs ··················································································································· 80 RMON configuration example ·························································································································· 80

Configuring energy saving ············································································ 84

Configuring energy saving on a port ················································································································ 84

Configuring SNMP ························································································ 85

SNMP mechanism ··································································································································· 85

SNMP protocol versions ··························································································································· 86 Recommended configuration procedure ·········································································································· 86

Enabling SNMP agent ······························································································································ 87 Configuring an SNMP view ······························································································································ 89

Creating an SNMP view ··························································································································· 89

Adding rules to an SNMP view ················································································································· 90 Configuring an SNMP community ···················································································································· 91 Configuring an SNMP group ···························································································································· 92 Configuring an SNMP user ······························································································································ 93 Configuring SNMP trap function ······················································································································ 95 Displaying SNMP packet statistics ··················································································································· 96 SNMPv1/v2c configuration example ················································································································ 97 SNMPv3 configuration example ····················································································································· 100

Displaying interface statistics ······································································ 105

Configuring VLANs ····················································································· 106

VLAN fundamentals ······························································································································· 106

VLAN types ············································································································································ 107

Port-based VLAN ··································································································································· 107 Restrictions and guidelines ···························································································································· 109 Recommended VLAN configuration procedures ···························································································· 109

Recommended configuration procedure for assigning an access port to a VLAN ································· 109

Recommended configuration procedure for assigning a trunk port to a VLAN ······································ 110

Recommended configuration procedure for assigning a hybrid port to a VLAN ···································· 111 Creating VLANs ············································································································································· 112 Configuring the link type of a port ·················································································································· 112 Setting the PVID for a port ····························································································································· 113 Selecting VLANs ············································································································································ 114 Modifying a VLAN ·········································································································································· 115 Modifying ports ··············································································································································· 116 VLAN configuration example ························································································································· 117

Network requirements ···························································································································· 117

Configuring Switch A ······························································································································ 117

Configuring Switch B ······························································································································ 121 Configuration guidelines ································································································································ 121

iii

Configuring VLAN interfaces ······································································· 122

Overview ························································································································································ 122 Creating a VLAN interface ····························································································································· 122 Modifying a VLAN interface ··························································································································· 123 Deleting a VLAN interface ······························································································································ 125 Configuration guidelines ································································································································ 126

Configuring a voice VLAN ··········································································· 127

OUI addresses ······································································································································· 127

Voice VLAN assignment modes ············································································································· 127

Security mode and normal mode of voice VLANs ·················································································· 129 Recommended voice VLAN configuration procedure ···················································································· 130 Configuring voice VLAN globally ···················································································································· 131 Configuring voice VLAN on ports ··················································································································· 132 Adding OUI addresses to the OUI list ············································································································ 132 Voice VLAN configuration examples ·············································································································· 133

Configuring voice VLAN on a port in automatic voice VLAN assignment mode ···································· 133

Configuring a voice VLAN on a port in manual voice VLAN assignment mode ····································· 137 Configuration guidelines ································································································································ 142

Configuring the MAC address table ···························································· 143

How a MAC address entry is created ····································································································· 143

Types of MAC address entries ··············································································································· 143 Displaying and configuring MAC address entries ·························································································· 144 Setting the aging time of MAC address entries ······························································································ 145 MAC address table configuration example ···································································································· 145

Network requirements ···························································································································· 145

Creating a static MAC address entry ····································································································· 145

Configuring MSTP ······················································································· 147

STP protocol packets ····························································································································· 147

Basic concepts in STP ··························································································································· 148

Calculation process of the STP algorithm ······························································································ 149 Introduction to RSTP ······································································································································ 154 Introduction to MSTP ····································································································································· 154

MSTP features ······································································································································· 154

MSTP basic concepts ···························································································································· 154

How MSTP works ··································································································································· 158

MSTP implementation on devices ·········································································································· 158

Protocols and standards ························································································································ 159 Configuration guidelines ································································································································ 159 Recommended MSTP configuration procedure ····························································································· 159 Configuring an MST region ···························································································································· 159 Configuring MSTP globally ···························································································································· 160 Configuring MSTP on a port ·························································································································· 163 Displaying MSTP information of a port ·········································································································· 164 MSTP configuration example ························································································································· 166

Network requirements ···························································································································· 166

Configuration procedure ························································································································· 167

Configuring LLDP ························································································ 172

Basic concepts ······································································································································· 172

LLDP operating modes ·························································································································· 176

Working mechanism ······························································································································· 176 Protocols and standards ································································································································ 176 Recommended LLDP configuration procedure ······························································································ 177

Enabling LLDP on ports ································································································································· 177 Setting LLDP parameters on ports ················································································································· 178

Setting LLDP parameters for a single port ····························································································· 178

Setting LLDP parameters for ports in batch ··························································································· 180 Configuring LLDP globally ····························································································································· 181 Displaying LLDP information for a port ·········································································································· 183 Displaying global LLDP information ··············································································································· 187 Displaying LLDP information received from LLDP neighbors ········································································ 188 LLDP configuration example ·························································································································· 189

Network requirements ···························································································································· 189

Configuring Switch A ······························································································································ 189

Configuring Switch B ······························································································································ 191

Verifying the configuration ······················································································································ 192 LLDP configuration guidelines ······················································································································· 193

Configuring ARP ························································································· 194

ARP message format ····························································································································· 194

ARP operating mechanism ···················································································································· 194

ARP table ··············································································································································· 195

Gratuitous ARP ······································································································································ 196 Configuring ARP entries ································································································································ 196

Displaying ARP entries ·························································································································· 196

Creating a static ARP entry ···················································································································· 196 Removing ARP entries ··································································································································· 197 Configuring gratuitous ARP ··························································································································· 197

Static ARP configuration example ·········································································································· 198

Configuring ARP attack protection ······························································ 202

User validity check ································································································································· 202

ARP packet validity check ······················································································································ 202 Configuring ARP detection ····························································································································· 202

Configuring IGMP snooping ········································································ 204

Basic IGMP snooping concepts ············································································································· 204

How IGMP snooping works ···················································································································· 206

Protocols and standards ························································································································ 207 Recommended configuration procedure ········································································································ 207 Enabling IGMP snooping globally ·················································································································· 208 Enabling dropping unknown multicast data globally ······················································································ 208 Configuring IGMP snooping in a VLAN ·········································································································· 209 Configuring IGMP snooping port functions ···································································································· 210 Displaying IGMP snooping multicast forwarding entries ················································································ 211 IGMP snooping configuration example ·········································································································· 212

Network requirements ···························································································································· 212

Configuration procedure ························································································································· 213

Verifying the configuration ······················································································································ 215

Configuring MLD snooping ········································································· 216

Basic MLD snooping concepts ··············································································································· 216

How MLD snooping works ····················································································································· 218

Protocols and standards ························································································································ 219 Recommended configuration procedure ········································································································ 219

Enabling MLD snooping globally ············································································································ 220

Enabling dropping unknown IPv6 multicast data globally ······································································ 220

Configuring MLD snooping in a VLAN ··································································································· 221

Configuring MLD snooping port functions ······························································································ 222

Displaying MLD snooping multicast forwarding entries ·········································································· 223 MLD snooping configuration example ············································································································ 224

Network requirements ···························································································································· 224

Configuration procedure ························································································································· 225

Verifying the configuration ······················································································································ 227

Configuring IPv4 or IPv6 static routes ························································· 228

Creating an IPv4 static route ·························································································································· 228 Displaying the IPv4 active route table ············································································································ 229 Creating an IPv6 static route ·························································································································· 229 Displaying the IPv6 active route table ············································································································ 230

DHCP overview ··························································································· 232

DHCP address allocation ······························································································································· 232

Allocation mechanisms ·························································································································· 232

IP address allocation process ················································································································ 233

IP address lease extension ···················································································································· 233 DHCP message format ·································································································································· 234 DHCP options ················································································································································ 234

Common DHCP options ························································································································· 235

Option 82 ················································································································································ 235 Protocols and standards ································································································································ 236

Configuring DHCP snooping ······································································· 237

Application of trusted ports ····················································································································· 237

DHCP snooping support for Option 82 ··································································································· 238 Recommended configuration procedure ········································································································ 239 Enabling DHCP snooping ······························································································································ 239 Configuring DHCP snooping functions on an interface ·················································································· 240 Displaying clients' IP-to-MAC bindings ·········································································································· 240 DHCP snooping configuration example ········································································································· 241

Managing services ······················································································ 244

Using diagnostic tools ················································································· 247

Ping ································································································································································ 247 Traceroute ······················································································································································ 247 Ping operation ················································································································································ 248

Configuring IPv4 Ping ···························································································································· 248

Configuring IPv6 Ping ···························································································································· 249 Traceroute operation ······································································································································ 249

Configuring IPv4 traceroute ··················································································································· 249

Configuring IPv6 traceroute ··················································································································· 250

Configuring 802.1X ····················································································· 252

802.1X overview ············································································································································ 252

802.1X architecture ································································································································ 252

Access control methods ························································································································· 252

Controlled/uncontrolled port and port authorization status ····································································· 253

Packet formats ······································································································································· 253

EAP over RADIUS ································································································································· 254

Initiating 802.1X authentication ·············································································································· 255

802.1X authentication procedures ········································································································· 255

802.1X timers ········································································································································· 259

Using 802.1X authentication with other features ···················································································· 259 Configuration prerequisites ···························································································································· 261 Recommended configuration procedure ········································································································ 262 Configuring 802.1X globally ··························································································································· 262 Configuring 802.1X on a port ························································································································· 263

Configuring an 802.1X guest VLAN ······································································································· 265

Configuring an Auth-Fail VLAN ·············································································································· 266

802.1X configuration examples ······················································································································ 266

MAC-based 802.1X configuration example ···························································································· 266

802.X with ACL assignment configuration example ··············································································· 273

Configuring AAA ························································································· 282

AAA application ······································································································································ 282

Domain-based user management ·········································································································· 283 Configuration prerequisites ···························································································································· 283

Recommended configuration procedure ································································································ 283

Configuring an ISP domain ···················································································································· 284

Configuring authentication methods for the ISP domain ········································································ 284

Configuring authorization methods for the ISP domain ·········································································· 286

Configuring accounting methods for the ISP domain ············································································· 287 AAA configuration example ···························································································································· 288

Configuring RADIUS ··················································································· 293

Client/server model ································································································································ 293

Security and authentication mechanisms ······························································································· 293

Basic RADIUS message exchange process ·························································································· 294

RADIUS packet format ··························································································································· 294

Extended RADIUS attributes ·················································································································· 297

Protocols and standards ························································································································ 297 Configuring a RADIUS scheme ····················································································································· 298

Configuring common parameters ··········································································································· 299

Adding RADIUS servers ························································································································· 302 RADIUS configuration example ····················································································································· 303 Configuration guidelines ································································································································ 307

Configuring HWTACACS ············································································ 309

Recommended configuration procedure ········································································································ 309 Creating the HWTACACS scheme system ···································································································· 309 Configuring HWTACACS servers for the scheme ························································································· 310 Configuring HWTACACS communication parameters for the scheme ·························································· 311 HWTACACS configuration example ·············································································································· 314

Network requirements ···························································································································· 314

Configuring the HWTACACS server ······································································································ 314

Configuring the HPE NJ5000 5G PoE+ switch ······················································································ 314

Verifying the configuration ······················································································································ 319 Configuration guidelines ································································································································ 319

Configuring users ························································································ 321

Configuring a local user ································································································································· 321 Configuring a user group ······························································································································· 323

Managing certificates ·················································································· 325

PKI terms ··············································································································································· 325

PKI architecture ······································································································································ 325

How PKI works ······································································································································· 326

PKI applications ····································································································································· 327 Recommended configuration procedures ······································································································ 327

Recommended configuration procedure for manual request ································································· 327

Recommended configuration procedure for automatic request ····························································· 329 Creating a PKI entity ······································································································································ 329 Creating a PKI domain ··································································································································· 330 Generating an RSA key pair ·························································································································· 333 Destroying the RSA key pair ·························································································································· 334 Retrieving and displaying a certificate ··········································································································· 334 Requesting a local certificate ························································································································· 336 Retrieving and displaying a CRL ···················································································································· 337

vii

PKI configuration example ····························································································································· 338 Configuration guidelines ································································································································ 342

Configuring MAC authentication ································································· 343

User account policies ····························································································································· 343

Authentication methods ·························································································································· 343

MAC authentication timers ····················································································································· 343 Using MAC authentication with other features ······························································································· 344

VLAN assignment ·································································································································· 344

ACL assignment ····································································································································· 344

Auth-Fail VLAN ······································································································································ 344 Configuration prerequisites ···························································································································· 344 Recommended configuration procedure ········································································································ 345 Configuring MAC authentication globally ······································································································· 345

Configuring MAC authentication on a port ····························································································· 346 MAC authentication configuration examples ·································································································· 347

Local MAC authentication configuration example ·················································································· 347

ACL assignment configuration example································································································· 350

Configuring port security ············································································· 358

Port security features ····························································································································· 358

Port security modes ······························································································································· 358 Configuration guidelines ································································································································ 360 Recommended configuration procedure ········································································································ 360 Configuring global settings for port security ··································································································· 361 Configuring basic port security control ··········································································································· 362 Configuring secure MAC addresses ·············································································································· 363 Configuring advanced port security control ···································································································· 364 Configuring permitted OUIs ··························································································································· 366 Port security configuration examples ············································································································· 366

Basic port security mode configuration example ···················································································· 366

Advanced port security mode configuration example ············································································ 369

Configuring port isolation ············································································ 375

Configuring the isolation group ······················································································································ 375 Port isolation configuration example ·············································································································· 376

Configuring authorized IP ··········································································· 378

Configuration procedure ································································································································ 378 Authorized IP configuration example ············································································································· 379

Network requirements ···························································································································· 379

Configuration procedure ························································································································· 379

Configuring loopback detection ··································································· 381

Recommended configuration procedure ········································································································ 381 Configuring loopback detection globally ········································································································ 381 Configuring loopback detection on a port ······································································································ 382

Configuring ACLs ························································································ 383

ACL categories ······································································································································· 383

Match order ············································································································································ 383

Implementing time-based ACL rules ······································································································ 384

IPv4 fragments filtering with ACLs ········································································································· 385 Configuration guidelines ································································································································ 385 Recommend ACL configuration procedures ·································································································· 385

Recommended IPv4 ACL configuration procedure ················································································ 385

Recommended IPv6 ACL configuration procedure ················································································ 385

Configuring a time range ························································································································ 386

Adding an IPv4 ACL ······························································································································· 387

viii

Configuring a rule for a basic IPv4 ACL ································································································· 387

Configuring a rule for an advanced IPv4 ACL ························································································ 389

Configuring a rule for an Ethernet frame header ACL ············································································ 391

Adding an IPv6 ACL ······························································································································· 393

Configuring a rule for a basic IPv6 ACL ································································································· 394

Configuring a rule for an advanced IPv6 ACL ························································································ 395

Configuring QoS ························································································· 398

Networks without QoS guarantee ·········································································································· 398

QoS requirements of new applications ·································································································· 398

Congestion: causes, impacts, and countermeasures ············································································ 398

End-to-end QoS ····································································································································· 400

Traffic classification ································································································································ 400

Packet precedences ······························································································································· 401

Queue scheduling ·································································································································· 403

Rate limit ················································································································································ 405

Priority mapping ····································································································································· 406

Introduction to priority mapping tables ··································································································· 407 Configuration guidelines ································································································································ 408 Recommended QoS configuration procedures ······························································································ 408 Adding a class ················································································································································ 409 Configuring classification rules ······················································································································ 410 Adding a traffic behavior ································································································································ 412 Configuring traffic mirroring and traffic redirecting for a traffic behavior ························································ 412 Configuring other actions for a traffic behavior ······························································································ 413 Adding a policy ··············································································································································· 415 Configuring classifier-behavior associations for the policy ············································································ 415 Applying a policy to a port ······························································································································ 416 Configuring queue scheduling on a port ········································································································ 417 Configuring GTS on ports ······························································································································ 418 Configuring rate limit on a port ······················································································································· 418 Configuring priority mapping tables ··············································································································· 419 Configuring priority trust mode on a port ········································································································ 420

ACL and QoS configuration example ·························································· 422

Network requirements ···································································································································· 422 Configuring Switch ········································································································································· 422

Configuring PoE ·························································································· 430

PoE system ············································································································································ 430

Power supplying modes ························································································································· 430

Protocols and standards ························································································································ 431 Configuring PoE ············································································································································· 431

Configuring PoE ports ···························································································································· 431

Configuring non-standard PD detection ································································································· 432

Displaying information about PSE and PoE ports ·················································································· 432 PoE configuration example ···························································································································· 433

Document conventions and icons ······························································· 435

Conventions ··················································································································································· 435 Network topology icons ·································································································································· 436

Support and other resources ······································································ 437

Accessing Hewlett Packard Enterprise Support ···························································································· 437 Accessing updates ········································································································································· 437

Websites ················································································································································ 438

Customer self repair ······························································································································· 438

Remote support ······································································································································ 438

Documentation feedback ······················································································································· 438

Index ··········································································································· 440

Overview

The HPE FlexNetwork NJ5000 5G PoE+ Walljack Switch provides a Web interface for visual configuration and management. The device also provides a command line interface (CLI) for device management when the Web interface is not available.

This book focuses on configuring the switch from the Web interface, and does not provide information about accessing the CLI. For information about accessing the CLI, see the quick start guide or getting started guide for the switch.

Accessing the Web interface

This section provides information about logging in to or logging out of the Web interface.

Restrictions and guidelines for Web-based login

To ensure a successful login, verify that your operating system and Web browser meet the requirements, and follow the guidelines in this section.

Operating system requirements

The device supports the following operating systems:

• Windows XP.

• Windows 2000.

• Windows Server 2003 Enterprise Edition.

• Windows Server 2003 Standard Edition.

• Windows Vista.

• Windows 7.

• Linux.

• MAC OS.

The Windows firewall limits the number of TCP connections. When the limit is reached, you cannot log in to the Web interface.

Web browser requirements

Use one of the following Web browsers to log in:

• Internet Explorer 6 SP2 or higher.

• Mozilla Firefox 3 or higher.

• Google Chrome 2.0.174.0 or higher.

To access the Web interface, you must use the following browser settings:

• If you are using a Microsoft Internet Explorer browser, you must enable the security settings (see "Enabling security settings in a Microsoft Internet Explorer browser"), including Run

eX controls and plug-ins, Script ActiveX controls marked safe for scripting, and

Activ Active scripting.

• If you are using a Mozilla Firefox browser, you must enable JavaScript (see "Enabling

JavaScript in

a Firefox browserEnabling JavaScript in a Firefox browser").

Enabling security settings in a Microsoft Internet Explorer browser

1. Launch the Internet Explorer, and select Tools > Internet Options from the main menu.

2. Select the Security tab, and select the content zone where the target Website resides, as

shown in Figure 1.

Figure 1

Internet Explorer settings (1)

3. Click Custom Level.

4. In the Security Settings dialog box, enable Run ActiveX controls and plug-ins, Script ActiveX controls marked safe for scripting, and Active scripting.

Figure 2 Internet Explorer settings (2)

5. Click OK to save your settings.

Enabling JavaScript in a Firefox browser

1. Launch the Firefox browser, and select Tools > Options.

2. In the Options dialog box, click the Content icon, and select Enable JavaScript.

Figure 3 Firefox browser settings

3. Click OK to save your settings.

Miscellaneous

• The Web interface does not support the Back, Next, or Refresh button provided by the browser.

Using these buttons might result in abnormal display of Web pages.

• To ensure correct display of Web page contents after software upgrade or downgrade, clear

data cached by the browser before you log in.

• If you click the verification code displayed on the Web login page, you can obtain a new

verification code.

• The Web interface allows a maximum of 5 concurrent accesses. If this limit is reached, login

attempts will fail.

• A list can contain a maximum of 20000 entries if displayed in pages.

Logging in to the Web interface for the first time

At the first login, you can use the following default settings to access the Web interface through HTTP:

• Username—admin.

• Password—None.

• User level—Management.

• IP address of VLAN-interface 1 on the device—IP address of the device.

{ If the device is not connected to the network, or no DHCP server exists in the subnet where

the device resides, you can get the IP address of the device on the label on the device. IP address is 169.254.xxx.xxx. If the MAC address is 08004E000102, the IP address would be

169.254.1.2.

{ If a DHCP server exists in the subnet where the device resides, the device will dynamically

obtain its IP address through the DHCP server.

You can log in to the device through the console port, and execute the display ip interface brief

command to view information about its IP address.

<HPE> display ip interface brief *down: administratively down (s): spoofing Interface Physical Protocol IP Address Description Vlan1 up up 169.254.1.2 Vlan-interface1

For example, the IP address of the device is 169.254.1.2. To log in to the Web interface of the device from a PC:

1. Connect the Ethernet interface of the device to a PC by using an Ethernet cable. By default, all

interfaces belong to VLAN 1.

2. Configure an IP address for the PC and make sure that the PC and device can reach each

other.

For example, assign the PC an IP address (for example, 169.254.1.27) within 169.254.0.0/16 (except for the IP address of the device).

3. Open the browser, and input the login information. a. Type the IP address http:// 169.254.1.2 in the address bar and press Enter. b. On the login page, enter the username admin and the verification code, leave the

Password field blank, and then click Login.

Figure 4 Login page of the Web interface

Logging out of the Web interface

IMPORTANT:

• For security purposes, log out of the Web interface immediately after you finish your tasks.

• You cannot log out by closing the browser.

• The device does not automatically save the configuration when you log out of the Web interface.

To prevent the loss of configuration when the device reboots, you must save the configuration.

To log out of the Web interface:

1. Save the configuration.

2. Click Logout in the upper-right corner of the Web interface.

Using the Web interface

The Web interface contains a navigation tree, a title area, and a body area, as shown in Figure 5.

Figure 5 Web interface layout

(1) Navigation tree (2) Body area (3) Title area

• Navigation tree—Organizes the Web-based NM functions as a navigation tree, where you can

select and configure functions as needed. The result is displayed in the body area.

• Body area—Allows you to configure and display features.

• Title area—On the left, displays the path of the current configuration interface in the navigation

area; on the right, provides the Save button to quickly save the current configuration, the Help button to display the Web-related help information, and the Logout button to log out of the Web

interface.

Icons and buttons

Table 1 describes icons and buttons you can use to configure and manage the device.

Table 1 Icons and buttons

Icon/button Function

Applies the configuration on the current page.

Cancels the configuration on the current page.

Refreshes the current page.

Clears all entries in a list or all statistics.

Adds an item.

Removes the selected items.

Selects all the entries in a list.

Icon/button Function

Page display function

The Web interface can display contents in pages, as shown in Figure 6. You can set the number of entries displayed per page, and view the contents on the first, previous, next, and last pages, or go to any page that you want to check.

Figure 6 Content display in pages

Clears selection of all entries in a list.

Buffers but does not apply the configuration of the current step, and enters the next configuration step.

Buffers but does not apply the configuration of the current step, and returns to the previous configuration step.

Applies the configurations of all configuration steps.

Enters the modification page of an item so that you can modify the configurations of the item.

Deletes the item corresponding to this icon.

Search function

The Web interface provides basic and advanced searching functions to display entries that match specific searching criteria.

• Basic search—As shown in Figure 6, type the sea then click Search to display the matching entries.

Figure 7 Basic search function example

• Advanced search—As shown in Figure 8, click the Advanced Search link to open the advanced search area. Specify the search criteria, and then click Apply to display the matching

entries.

rch keyword, select a search criterion, and

Figure 8 Advanced search

For example, to search the LLDP table for the LLDP entries with LLDP Work Mode TxRx, and LLDP Status Disabled:

1. Click the Advanced Search link, specify the search criteria on the advanced search page as

shown in Figure 9, and th

en click Apply. The LLDP entries with LLDP Work Mode being TxRx

are displayed.

Figure 9 Advanced search function example (1)

2. Click the Advanced Search link, specify the search criteria on the advanced search page as

shown in Figure 10,

and then click Apply. The LLDP entries with LLDP Work Mode being TxRx

and LLDP Status being Disabled are displayed as shown in Figure 11.

Figure 10

Advanced search function example (2)

Figure 11 Advanced search function example (3)

Sort function

The Web interface provides the sorting function on some list pages to display the entries in a certain order.

On a list page, you can click the name of a column header in blue to sort the entries. An arrow will be displayed next to the column header you clicked, as shown in Figure 12. the ascending order, and a downward arrow indicates the descending order.

Figure 12 Sort display

An upward arrow indicates

Feature summary

This chapter provides the following information:

• Feature menu navigators for the Web interface.

• Information about features configurable from the CLI.

Features configurable from the Web interface are also configurable from the CLI.

Feature menu navigators for the Web interface

This section summarizes features available from each menu on the Web interface.

The Web interface controls access to features based on user levels. Tasks you can perform depend on the user level with which you are logged in with.

Web user levels, from low to high, are visitor, monitor, configure, and management. A user with a

higher level has all the operating rights of a user with a lower level.

• Visitor—Users of this level can only use the network diagnostic tools ping and Trace Route.

They cannot access the device data or configure the device.

• Monitor—Users of this level can access the device data, but they cannot configure the device.

• Configure—Users of this level can access device data and configure the device, but they

cannot perform the following tasks:

{ Upgrade the host software.

{ Add, delete, or modify users.

{ Back up or restore configuration files.

• Management—Users of this level can use all features available on the device.

Wizard menu

Use Table 2 to navigate to the tasks you can perform from the Device menu.

Table 2 Wizard menu navigator

Menus Tasks User level

IP Setup Perform quick configuration of the device. Management

Summary menu

Use Table 3 to navigate to the tasks you can perform from the Summary menu.

Table 3 Summary menu navigator

Menus Tasks User level

System Information

Device Information Display the port information about the device. Monitor

Display the basic system information, system resource state, and recent system operation logs.

Monitor

Device menu

Use Table 4 to navigate to the tasks you can perform from the Device menu.

Table 4 Device menu navigator

Menus Tasks User level

Basic

System Name Display and configure the system name. Configure

Web Idle Timeout

Device Maintenance

Software Upgrade

Reboot Reboot the device. Management

Electronic Label Display the electronic label of the device. Monitor

Diagnostic Information

System Time

System Time Display and configure the system date and time. Configure

Time Zone

Network Time Protocol

Syslog

Loglist

Loghost Display and configure the loghost. Configure

Display and configure the idle timeout period for logged-in users.

Upload upgrade file from local host, and upgrade the system software.

Generate diagnostic information file and view or save the file to local host.

Display and configure the system time zone and daylight saving time.

Display the synchronization status of the system clock and configure the network time.

Display and refresh system logs. Monitor

Clear system logs. Configure

Configure

Management

Configure

Log Setup

Configuration

Backup

Restore

Save

Initialize Restore the factory default settings. Management

File Management

Port Management

Summary Display port information by features. Monitor

Detail Display feature information by ports. Monitor

Display and configure the buffer capacity and interval for refreshing system logs.

Back up the configuration file to be used at the next startup from the device to the host of the current user.

Upload the configuration file to be used at the next startup from the host of the current user to the device.

Save the current configuration to the configuration file to be used at the next startup.

Manage files on the device, such as displaying the file list, downloading a file, uploading a file, and removing a file.

Configure

Management

Configure

Management

Menus Tasks User level

Setup

Create, modify, delete, and enable/disable a port, and clear port statistics.

Configure

Port Mirroring

Summary

Add Create a port mirroring group. Configure

Remove Remove a port mirroring group. Configure

Modify Port Configure ports for a mirroring group. Configure

Users

Summary Display the brief information about FTP and Telnet users. Monitor

Super Password

Create Create an FTP or Telnet user. Management

Modify Modify FTP or Telnet user information. Management

Remove Remove an FTP or a Telnet user. Management

Switch To Management

Loopback

Loopback Perform loopback tests on Ethernet interfaces. Configure

VCT

Display the configuration information about a port mirroring group.

Configure a password for a lower-level user to switch from the current access level to the management level.

Switch the current user level to the management level.

Monitor

Management

Monitor

VCT

Flow Interval

Port Traffic Statistics

RMON

Statistics Display, create, modify, and clear RMON statistics. Configure

History

Alarm Display, create, modify, and clear alarm entries. Configure

Event Display, create, modify, and clear event entries. Configure

Log Display log information about RMON events. Configure

Energy Saving

SNMP

Setup

Check the status of the cables connected to Ethernet ports.

Display the average rate at which the interface receives and sends packets within a specified time interval.

Display, create, modify, and clear RMON history sampling information.

Display and configure the energy saving settings of an interface.

Display and refresh SNMP configuration and statistics information.

Configure SNMP. Management

Configure

Monitor

Configure

Management

Community Display SNMP community information. Management

Menus Tasks User level

Create, modify, and delete an SNMP community. Management

Group

User

Trap

View

Interface Statistics

Network menu

Use Table 5 to navigate to the tasks you can perform from the Network menu.

Table 5 Network menu navigator

Display SNMP group information. Management

Create, modify, and delete an SNMP group. Management

Display SNMP user information. Management

Create, modify, and delete an SNMP user. Management

Display the status of the SNMP trap function and information about target hosts.

Enable or disable the SNMP trap function; create, modify, and delete a target host.

Display SNMP view information. Management

Create, modify, and delete an SNMP view. Management

Display and clear the statistics information about an interface.

Management

Configure

Menus Tasks User level

VLAN

Select VLAN Select a VLAN range. Monitor

Create Create VLANs. Configure

Port Detail Display the VLAN-related details of a port. Monitor

Detail Display the member port information about a VLAN. Monitor

Modify VLAN Modify the description and member ports of a VLAN. Configure

Modify Port Change the VLAN to which a port belongs. Configure

Remove Remove VLANs. Configure

VLAN Interface

Summary

Create

Modify Modify the IP address and status of the VLAN interface. Configure

Remove Remove the VLAN interface. Configure

Voice VLAN

Display information about VLAN interfaces by address type.

Create a VLAN interface and assign an IP address to the interface.

Monitor

Configure

Menus Tasks User level

Summary Display voice VLAN information globally or on a port. Monitor

Setup Configure the global voice VLAN. Configure

Port Setup Configure a voice VLAN on a port. Configure

OUI Summary

OUI Add

OUI Remove

MAC

Setup Display and configure MAC address aging time. Configure

MSTP

Region

Global Set global MSTP parameters. Configure

Port Summary Display the MSTP information about ports. Monitor

Port Setup Set MSTP parameters on ports. Configure

LLDP

Port Setup

Display the addresses of the OUIs that can be identified by voice VLAN.

Add the address of an OUI that can be identified by voice VLAN.

Remove the address of an OUI that can be identified by voice VLAN.

Display MAC address information. Monitor

Create and remove MAC addresses. Configure

Display information about MST regions. Monitor

Modify MST regions. Configure

Display the LLDP configuration information, local information, neighbor information, statistics information, and status information about a port.

Monitor

Configure

Monitor

Modify LLDP configuration on a port. Configure

Global Setup

Global Summary Display global LLDP local information and statistics. Monitor

Neighbor Summary Display global LLDP neighbor information. Monitor

ARP Management

ARP Table

Gratuitous ARP

ARP Anti-Attack

ARP Detection

IGMP Snooping

Basic

Display global LLDP configuration information. Monitor

Configure global LLDP parameters. Configure

Display ARP table information. Monitor

Add, modify, and remove ARP entries. Configure

Display the configuration information about gratuitous ARP.

Configure gratuitous ARP. Configure

Display ARP detection configuration information. Monitor

Configure ARP detection. Configure

Display global IGMP snooping configuration information or the IGMP snooping configuration information in a VLAN,

Monitor

Menus Tasks User level

and the IGMP snooping multicast entry information.

Configure IGMP snooping globally or in a VLAN. Configure

Display the IGMP snooping configuration information on a

Advanced

MLD Snooping

Basic

Advanced

IPv4 Routing

Summary Display the IPv4 active route table. Monitor

Create

Remove Delete the selected IPv4 static routes. Configure

port.

Configure IGMP snooping on a port. Configure

Display global MLD snooping configuration information or the MLD snooping configuration information in a VLAN, and the MLD snooping multicast entry information.

Configure MLD snooping globally or in a VLAN. Configure

Display the MLD snooping configuration information on a port.

Configure MLD snooping on a port. Configure

Create an IPv4 static route.

NOTE:

The switch does not provide Layer 3 forwarding service. The IPv4 routing feature only ensures that the switch is accessible on an IPv4 network. Use this feature only if you want to manage the switch from a different subnet than the switch.

Monitor

Configure

IPv6 Routing

Summary Display the IPv6 active route table. Monitor

Create

Remove Delete the selected IPv6 static routes. Configure

DHCP

DHCP Snooping

Service

Diagnostic Tools

IPv4 Ping Ping an IPv4 address or host name. Visitor

Create an IPv6 static route.

NOTE:

The switch does not provide Layer 3 forwarding service. The IPv6 routing feature only ensures that the switch is accessible on an IPv6 network. Use this feature only if you want to manage the switch from a different subnet than the switch.

Display the status, trusted and untrusted ports and DHCP client information about DHCP snooping.

Enable/disable DHCP snooping, and configure DHCP snooping trusted and untrusted ports.

Display the states of services: enabled or disabled. Configure

Enable/disable services, and set related parameters. Management

Configure

Monitor

Configure

IPv6 Ping Ping an IPv6 address or host name. Visitor

Menus Tasks User level

IPv4 Trace Route Perform IPv4 trace route operations. Visitor

IPv6 Trace Route Perform IPv6 trace route operations. Visitor

Authentication menu

Use Table 6 to navigate to the tasks you can perform from the Authentication menu.

Table 6 Authentication menu navigator

Menus Tasks User level

MAC Authentication

802.1X

Port Security

AAA

Domain Setup

Authentication

Authorization

Display MAC authentication configuration information. Monitor

Configure MAC authentication. Configure

Display 802.1X configuration information globally or on a port.

Configure 802.1X globally or on a port. Configure

Display port security configuration information. Monitor

Configure port security. Configure

Display ISP domain configuration information. Monitor

Add and remove ISP domains. Management

Display the authentication configuration information about an ISP domain.

Specify authentication methods for an ISP domain. Management

Display the authorization method configuration information about an ISP domain.

Specify authorization methods for an ISP domain. Management

Monitor

Display the accounting method configuration information

Accounting

RADIUS

HWTACACS

HWTACACS Scheme Create HWTACACS schemes. Management

HWTACACS Server Configure HWTACACS server information. Management

Users

Local User

about an ISP domain.

Specify accounting methods for an ISP domain. Management

Create RADIUS schemes and configure RADIUS server information.

Display configuration information about local users. Monitor

Create, modify, and remove a local user. Management

Monitor

Management

Menus Tasks User level

User Group

Display configuration information about user groups. Monitor

Create, modify, and remove a user group. Management

Certificate Management

Entity

Domain

Certificate

CRL

Security menu

Use Table 7 to navigate to the tasks you can perform from the Security menu.

Table 7 Security menu navigator

Menus Tasks User level

Port Isolate Group

Display information about PKI entities. Monitor

Add, modify, and delete a PKI entity. Configure

Display information about PKI domains. Monitor

Add, modify, and delete a PKI domain. Configure

Display the certificate information about PKI domains and the contents of a certificate.

Generate a key pair, destroy a key pair, retrieve a certificate, request a certificate, and delete a certificate.

Display the contents of the CRL. Monitor

Receive the CRL of a domain. Configure

Monitor

Configure

Summary Display port isolation group information. Monitor

Port Setup Configure the ports in an isolation group. Configure

Authorized IP

Summary

Setup Configure authorized IP. Management

Loopback Detection

QoS menu

Use Table 8 to navigate to the tasks you can perform from the QoS menu.

Table 8 QoS menu navigator

Menus Tasks User level

Time Range

Display the configurations of authorized IP, the associated IPv4 ACL list, and the associated IPv6 ACL list.

Display and configure system loopback detection parameters and port loopback detection parameters.

Management

Configure

Menus Tasks User level

Summary Display time range configuration information. Monitor

Add Create a time range. Configure

Remove Delete a time range. Configure

ACL IPv4

Summary Display IPv4 ACL configuration information. Monitor

Add Create an IPv4 ACL. Configure

Basic Setup Configure a rule for a basic IPv4 ACL. Configure

Advanced Setup Configure a rule for an advanced IPv4 ACL. Configure

Link Layer Setup Create a rule for a link layer ACL. Configure

Remove Delete an IPv4 ACL or its rules. Configure

ACL IPv6

Summary Display IPv6 ACL configuration information. Monitor

Add Create an IPv6 ACL. Configure

Basic Setup Configure a rule for a basic IPv6 ACL. Configure

Advanced Setup Configure a rule for an advanced IPv6 ACL. Configure

Remove Delete an IPv6 ACL or its rules. Configure

Queue

Summary Display the queue information about a port. Monitor

Setup Configure a queue on a port. Configure

GTS

Summary Display port GTS information Monitor

Setup Configure port GTS Configure

Line Rate

Summary Display line rate configuration information. Monitor

Setup Configure the line rate. Configure

Classifier

Summary Display classifier configuration information. Monitor

Create Create a class. Configure

Setup Configure the classification rules for a class. Configure

Remove Delete a class or its classification rules. Configure

Behavior

Summary Display traffic behavior configuration information. Monitor

Add Create a traffic behavior. Configure

Setup Configure actions for a traffic behavior. Configure

Port Setup

Remove Delete a traffic behavior. Configure

Configure traffic mirroring and traffic redirecting for a traffic behavior

Configure

+ 419 hidden pages

HP FlexNetwork NJ5000 5G PoE+ Walljack User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Overview

Accessing the Web interface

Restrictions and guidelines for Web-based login

Operating system requirements

Web browser requirements

Enabling security settings in a Microsoft Internet Explorer browser

Enabling JavaScript in a Firefox browser

Miscellaneous

Logging in to the Web interface for the first time

Logging out of the Web interface

Using the Web interface

Icons and buttons

Page display function

Search function

Sort function

Feature summary

Feature menu navigators for the Web interface

Wizard menu

Summary menu

Device menu

Network menu

Authentication menu

Security menu

QoS menu