NS3500-24T-4C Managed
Switch User Manual
P/N 1073386-EN • REV A • ISS 08FEB18
Copyright
©
Interlogix is part of UTC
Corporation
Trademarks and pat ents
Trade names used in t his document may be trademarks or registered trademarks of the
manufacturers or vendors of the respective products.
Manufacturer
Interlogix
2955 Red Hill Avenue, C osta Mesa, CA 92626
Authorized EU manufacturing representative:
UTC Fire & Security B.V.
Kelvinstraat 7, 6003 D H Weert, The Netherlands
Version
This document applies to
FCC compliance
This device compl ies with part 15 of the FCC R ules. Operation is subject to the fol lowing
two conditions: (1) This device may not cause harmful interference, and (2) this device
must accept any interference received,
operation.
FCC compliance
Class A:
A digital device, pursuant to part 15 of the FCC Rules. These li mits are designed t o
provide
operated in a commercial environment. This equipment gen erates, uses, and can radiate
radio frequency energy and, if not installed and used in accordance with the instruction
manual,
equipment in a residential area is l ikely to cause harmful interference in which case the
user will be required to correct the interference at his own expense.
Canada
This Class A
Cet appareil numérique de la class e A est conforme à la norme CAN IC ES
(A)/NMB
ACMA compliance
Notice!
radio interference in which case the user may be required to take adequate measures.
Certification
EU directives
This product and
comply therefore with the applicable
EMC Directive 2014/ 30/EU, the RoHS Dir ective 2011/65/EU.
2012/19
as unsorted munic ipal waste in the European Union. For proper
product to your local supplier upon the pur chase of equivale nt new equipment, or
dispose of it at des ignated collection points. For more information see:
www.recyclethis.info.
Product warnings and
disclaimers
THESE PRODUCTS ARE
QUALIFIED PROFESSIONALS. UTC FIRE & SECURITY CANNOT PROVIDE ANY
ASSURANCE THAT ANY PERSON OR ENTITY BUYIN G ITS PRODUCTS,
INCLUDING ANY “AUTHORIZED DEALER” OR “AUTHORIZED RESELLER”, IS
PROPERLY TRAINED OR EXPERIENCED
SECURITY RELATED PRODUCTS
For more informat ion on warranty dis claimers and product safety information, please
check
Contact information and
manuals
For contact information go to:
To get translati ons for this and other product manuals go to:
www.firesecurityproducts.com
2018 United Technologies Corporation.
Climate, Controls & Security, a unit of United Technologies
. All rights reserved.
-5923, USA
NS3500-24T-4C.
including interference that may cause undesired
This equipment has been tested and found to comply with the limits for a Cl ass
reasonable pr otection against harmful interference when the equipment i s
may cause harmful interference to radio communicati ons. Operation of this
digital apparatus complies with CAN I C E S -003 (A)/NMB-3 (A).
-003
-3 (A).
This is a Class A product. In a domestic environment this product may cause
- if applicable - t he supplied accessories too are marked with "CE" and
harmonized European standards listed under the
/EU (WEEE directive): Products mark ed with this symbol cannot be disposed of
recycling, return this
INTENDED FOR SALE TO AND INSTALLATION BY
.
www.firesecurityproducts.com/policy/product-warning/ or scan t he following code:
www.interlogix.com or www.firesecurityproducts.com.
.
TO CORRECTLY INSTALL FIRE AND
Content
Important information 3
Chapter 1 Introduction 4
Package contents 4
Product description 5
Product features 8
Product specifications 11
Chapter 2 Installation 14
Hardware description 14
Chapter 3 Switch management 22
Requirements 22
Management access overview 22
Administration console 23
Web management 25
SNMP-based network management 25
Smart discovery utili ty 26
Chapter 4 Web configuration 28
Main web page 29
System 30
DHCP server 57
UDLD 68
Simple Network Management Protocol (SNMP) 70
Port management 82
Link aggregation 91
VLAN 99
Spanning Tree Protocol (STP) 126
Multicast 143
Quality of Service (QoS) 168
Access Control Lists (ACL) 191
Authentication 204
Security 239
Address table 254
LLDP 260
Network diagnostics 274
Loop protection 278
RMON 280
Chapter 5 Switch operation 290
Address table 290
Learning 290
Forwarding and filteri n g 290
NS3500-24T-4C Managed Switch User Manual 1
Store-and-forward 290
Auto-negotiation 291
Chapter 6 Troubleshooting 292
Appendix A Networking connection 293
Glossary 295
2 NS3500-24T-4C Managed Switch User Manual
Important information
Limitation of liability
To the maximum extent permitted by applicable law, in no event will UTCFS be liable
for any lost profits or business opportunities, loss of use, business interruption, loss of
data, or any other indirect, special, incidental, or consequential damages under any
theory of liability, whether based in contract, tort, negligence, product liability, or
otherwise. Because some jurisdictions do not allow the exclusion or limitation of liability
for consequential or incidental damages the preceding limitation may not apply to you.
In any event the total liability of UTCFS shall not exceed the purchase price of the
product. The foregoing limitation will apply to the maximum extent permitted by
applicable law, regardless of whether UTCFS has been advised of the possibility of
such damages and regardless of whether any remedy fails of its essential purpose.
Installation in accordance with this manual, applicable codes, and the instructions of the
authority having jurisdiction is mandatory.
While every precaution has been taken during the preparation of this manual to ensure
the accuracy of its contents, UTCFS assumes no responsibility for errors or omissions.
Advisory messages
Advisory messages alert you to conditions or practices that can cause unwanted
results. The advisory messages used in this document are shown and described below.
WARNING: Warning messages advise you of hazards that could result in injury or loss
of life. They tell you which actions to take or to avoid in order to prevent the injury or
loss of life.
Caution: Caution messages advise you of possible equipment damage. They tell you
which actions to take or to avoid in order to prevent damage.
Note: Note messages advise you of the possible loss of time or effort. They describe
how to avoid the loss. Notes are also used to point out important information that you
should read.
NS3500-24T-4C Managed Switch User Manual 3
Chapter 1
Introduction
The IFS L2+ 24-port 10/100/1000Mbps with four ports shared SFP managed gigabit
switch comes with the multi-port gigabit ethernet switch, SFP fiber optic connectibility,
and robust layer 2 features. The descr i pti on o f this mod el is as follows:
L2+ 24-port 10/100/1000Mbps
+ 4-port shared SFP managed gigabit switch
Unless specified, the term “managed switch” mentioned in this user man ual refers to
the NS3500-24T-4C.
Package contents
Open the box of the managed switch and carefully unpack it. The box should contain
the following items:
The managed switch × 1
DB9 RS232 cable × 1
Rubber feet × 4
Rack mount accessory kit × 1
Power cord × 1
SFP dust-proof cap × 4
If any of these are missing or damaged, contact your dealer immediately. If possible,
retain the carton including the original packing materials for repacking the product in
case there is a need to return it to us for repair.
Note: User manuals and install guides are available for download from
www.interlogix.com.
4 NS3500-24T-4C Managed Switch User Manual
Chapter 1: Introduction
Product description
Cost-effective IPv6 managed Gigabit switch solution for enterprises
NS3500-24T-4C is a Layer 2+ managed Gigabit Switch that features 24-Port
10/100/1000BASE-T with 4-Port Shared 100/1000Bas e-X SFP and supports static
Layer 3 routing for enterprise-level network. The abundant L2 / L4 switching engine
offered by the NS3500-24T-4C performs effective data traffic control for enterprises and
VoIP service providers, video streaming, and multicast applications. Providing userfriendly but advanced IPv6 / IPv4 management interfaces, it is well suited for backbone
and workgroup network applications by providing affordability, high performance, and
stable transmission qu al i ty.
Environment-friendly, variable fan design for silent operation
The managed switch features a 19-inch metal housing, no noise design, and an
effective ventilation system.It is able to operate reliably, stably, and quietly in any
environment without affecting performance.
Solution for IPv6 networking
With the IPv6/IPv4 dual stack and other management functions with user-friendly
interfaces, the NS3500-24T-4C is the best choice for IP surveillance, VoIP, and
wireless service providers to deploy the IPv6 network. More importantly, they help
SMBs upgrade their network infrastructures to the IPv6 era without any monetary
investment.
IPv4/IPv6 VLAN routing for secure and flexible management
To help customers stay on top of their businesses, the managed switch not only
provides ultra high transmission performance and excel lent Layer 2 technologies, but
also a IPv4/IPv6 VLAN routing feature that allows cross over of different VLANs and
NS3500-24T-4C Managed Switch User Manual 5
Chapter 1: Introduction
different IP addresses for the purpose of having a highly secured, flexible management
and simpler networking application.
Robust Layer 2 feature
The managed switch can be progra mmed f or advanced switch manag ement functions
such as dynamic port link aggregation, Q-in-Q VLAN, private VLAN, Multiple Spanning
Tree Protocol (MSTP), Layer 2 to Layer 4 QoS, bandwidth control, and IGMP / MLD
snooping. Via aggregation of supporting ports, the managed switch allows the
operation of a high-speed trunk combining multiple ports. It consist s o f a maximu m o f
14 trunk groups with four ports for each group, and also supports fai l -over.
Powerful security
The managed switch offers a comprehensive Layer 2 to Layer 4 Access Control List
(ACL) for enforcing security to the edge. It can be used to restrict network access by
denying packets based on source and destination IP address, TCP/UDP ports, or
defined typical network applications. Its protection mechanism also comprises 802.1x
port-based and MAC-b as ed user and device authentication. With the private VLAN
function, communication between edge ports can be prevented to ensure user privacy.
Enhanced security and traffic control
The managed switch also provides DHCP Snooping, IP Source Guard, and Dynamic
ARP Inspection functions to prevent IP snooping from attack and discard ARP packets
with invalid MAC addresses. The network administrator can now construct highlysecure corporate networks using considerably less time and effort than before.
User-friendly secure management
For efficient management, the managed switch is equipped with console, web, and
SNMP management interfaces. With the built-in web-based managemen t int erface, the
managed switch offers an easy-to-use, platform-independent manag eme nt and
configuration facility. The managed switch supports standard Simple Network
Management Protocol (S NM P) and can be managed by any management software
based on the standard SNMP v1 or v2 protocol. For reducing product learning time, the
managed switch offers Cisco-like command via Telnet or console port, and the
customer doesn’t need to learn new commands from these switches. Moreover, the
managed switch offers secure management remotely by supporting SSH, SSL, and
SNMP v3 connections where the packet content can be encry pted a t each sessi o n.
6 NS3500-24T-4C Managed Switch User Manual
Chapter 1: Introduction
Intelligent SFP diagnostic mechanism
The managed switch series supports a SFP-DDM (Digital Diagnostic Monitor) function
that can easily monitor real-time para me ter s o f the SFP and SFP+ transceivers, such
as optical output power, optical input power, temperature, laser bias current, and
transceiver supply voltage.
NS3500-24T-4C Managed Switch User Manual 7
Chapter 1: Introduction
Applications
Layer 2+ VLAN static routing application
The managed switch features a built-in, robust IPv4/IPv6 Layer 3 traffic static routing
protocol to ensure reliable routing between VLANs and network segments. The routing
protocols can be applied by VLAN interface with up to 128 routing entries.
Multiple Spanning Tree Protocol for SMBs and workgroups
The managed switch features strong, rapid self-recovery capability to prevent
interruptions and external intrusions. It incorporates Multiple Spanning Tree Protocol
(802.1s MSTP) into the customer’s automation network to enhance system reliability
and uptime. The managed switch can easily help enterprises with the available network
infrastructure to build wireless AP, IP camera, and VoIP.
Product features
• 24-port 10/100/1000B ASE-T gigabit Ethernet RJ45.
• Four 100/1000BASE-X SFP slots, shared with port 21 to port 24 compatible with
100Base-FX SFP.
• RS-232 DB9 console interface for basic switch management and setup.
Layer 2 features
• Prevents packet loss with back pressure (half-duplex) and IEEE 802.3x pause
frame flow control (full-duplex).
• High performance of Store-and-Forward architecture and runt/CRC filtering
eliminates erroneous packets to optimize the network bandwidth.
Storm control support:
• Broadcast / Multicast / Unknown-Unicast
Supports VLAN
• IEEE 802.1Q tagged VLAN
• Provider Bridging (VLAN Q-in-Q) support (IEEE 802.1ad)
• Private VLAN Edge (PVE)
• Protocol-based VLAN
• MAC-based VLAN
• Up to 255 VLANs groups, out of 4095 VLAN IDs
• IP Subnet-based VLAN
• Voice VLAN
• Management VLAN
8 NS3500-24T-4C Managed Switch User Manual
Chapter 1: Introduction
Supports STP
• STP, IEEE 802.1D Spanning Tree Pr otocol
• RSTP, IEEE 802.1w Rapid Spanning Tree Pr otoc ol
• MSTP, IEEE 802.1s Multiple Spanning Tree Protocol, spanning tree by VLAN
• STP BPDU Guard and BPDU Filterin g
Supports link aggregation
• IEEE 802.3ad Link Aggregation Control Protocol (LACP)
• Cisco ether-chann el (S t ati c Trunk )
• Maximum 12 trunk groups, up to eight ports per trunk group
• Up to 16 Gbps bandwidth (full dupl ex mode).
Provides port mirror (many-to-1)
Port mirroring to monitor the incoming or outgoing traffic on a particular por t
Loop protection to avoid broadcast loops
Layer 3 IP routing features
• Supports a maximum of 32 software static routes and route summarization.
Quality of Service
• Ingress shaper and egress rate limit per port ban dwidth control
• Eight priority queues on all switch ports
• Traffic classification:
- IEEE 802.1p CoS
- TOS / DSCP / IP Precedence of IPv4/IPv6 packets
- IP TCP/UDP port number
- Typical network application
• Strict priority and Weighted Round Robin (WRR) CoS policies
• Traffic-policing policies on the switch port
• DSCP remarking
Multicast
• Supports IGMP snooping v1, v2, and v3 for IPv4 multicasting networks
• Supports MLD snooping v1 and v2 for IPv6 multicasting networks
• Querier mode support
• IGMP snooping port filter i ng
• MLD snooping port filtering
NS3500-24T-4C Managed Switch User Manual 9
Chapter 1: Introduction
• Multicast VLAN Registration (MVR) support
Security
• Authentication
− IEEE 802.1x Port-Based / MAC-Based network access authentication
− Built-in RADIUS client to co-operate with the RADIUS servers
− TACACS+ login users access authentication
− RADIUS / TACACS+ users access authentication
• Access Control List (ACL)
− IPv4 / IPv6 IP-based ACL
− MAC-based ACL
• Source MAC / IP address binding
• Port security for source MAC address entries filtering
• DHCP snooping to filter distrusted DHCP messages
• Dynamic ARP inspection discards ARP packets with invalid MAC addresses to IP
address binding
• IP source guard prevents IP spoofing attacks
• IP address access managem ent to pr event unauthorized intruder
Management
• IPv4 and IPv6 dual stack management
• Switch management interfaces:
- Console / Telnet Command Line Interface
- Web switch management
- SNMP v1, v2c, and v3 switch management
- SSH / SSL secure access
• User privilege levels control
• System maintenance
- Firmware upload/download via HTTP / TFTP
- Configuration upload / download through the web interface
- Dual images
- Reset button for system reboot or reset to factory default
- Built-in Trivial File Transfer Protocol (TFTP) client
• Four RMON groups (history, statistics, alarms, and events)
• IPv6 IP address / NTP / DNS management and ICMPv6
• BOOTP and DHCP for IP address assi g nme nt
10 NS3500-24T-4C Managed Switch User Manual
Chapter 1: Introduction
Hardware Specification
Copper
24
SFP
Four
Supports
Console Port
1 x RS
Switch Architecture
Store
Switch
48
Throughput
35.7
Address Table
8K
Share
1392
Flow Control
IEEE 802.3x
Back pressure for
Jumbo Frame
9
Reset Button
< 5 seconds: System reboot
>
LED
Power
Ethernet Interfaces (Port
10/100 LNK/ACT (
Dimensions (W x D x H)
440 x 200 x 445
Weight
2.74
Power Consumption
Max. 2
Power Requirement
AC
Layer 2
Port
Po
Auto
Flow
• DHCP relay
• DHCP Option 82
• NTP (Network Time Protocol)
• Link Layer Discovery Protocol (LLDP) and LLDP-MED
• Cable diagnostic technology provides the mechanism to detect and report potential
cabling issues
• Smart discovery utility for deploy management
Product specifications
s
Ports
+ Slots
Fabric
d Data Buffer
10/ 100/1000BASE-T RJ45 Auto-MDI/MDI-X ports
1000BASE-SX/LX/BX SFP interfaces, shared with port 21 to port 24
100/1000 Mbps dual mode and DDM
-232 DB9 serial port (115200, 8, N, 1)
-and-Forward
Gbps / non-blocking
Mpps @ 64 bytes
entries, automatic source address learning and aging
kilobytes
pause frame for full-duplex
half-duplex
K bytes
5 seconds: Factory Default
: PWR Alert (Green)
-1 to Port-24): 1000 LNK/ACT (Green),
Orange)
Management Functions
Configuration
NS3500-24T-4C Managed Switch User Manual 11
kg
0.3 W / 69365 BTU
100~240 V, 50/60 Hz, 0.4 A
rt disable / enable
-negotiation 10/100/1000Mbps full and half duplex mode selection
control disable / enable
mm, 1U high
Chapter 1: Introduction
Port Status
Display each port’s
negotiation status, trunk
Port Mirroring
TX / RX / both
Many
VLAN
802.1Q tagged
Q
Private VLAN
MAC
Protocol
Voice
IP Subnet
MVR (Multicast VLAN Registration)
U
Link Aggregation
IEEE 802.3ad LACP / Static Trunk
12 groups with eight
Spanning Tree Protocol
IEEE 802.1D Spanning Tree Protocol
IEEE 802.1w Rapid Spanning Tree Protocol
IEEE 802.1s Multiple Spanning Tree Protocol
QoS
Traffic classification based,
8
–
–
–
–
IGMP Snooping
IGMP (v1/v2
IGMP
MLD Snooping
MLD (v1/v2)
MLD
Access Control List
IP
Up to
Bandwidth Control
Per port bandwidth control
–
–
Layer 3 Functions
IP Interfaces
Max
Routing Table
Max
Routing Protocols
IPv4
IPv6 software
Management
Basic Management Interfaces
Consol
Secure Management
SSH, SSL, SNMP v3
-to-1 monitor
speed duplex mode, link status, flow control status, auto-
status
-based VLAN
-in-Q tunneling
Edge (PVE)
-based VLAN
-based VLAN
VLAN
-based VLAN
p to 255 VLAN groups, out of 4095 VLAN I Ds
ports per trunk
(STP)
(RSTP)
(MSTP)
strict priority and WRR
-level priority for switching
Port Number
802.1p priority
802.1Q VLAN tag
DSCP/ToS field in IP packet
querier mode support
-based ACL / MAC-based ACL
/v3) snooping, up to 255 multicast groups
querier mode support
snooping, up to 255 multicast groups
256 entries
Ingress: 100 Kbps~1000 Mbps
Egress: 100 Kbps~1000 Mbps
imum of eight VLAN interfaces
12 NS3500-24T-4C Managed Switch User Manual
imum of 32 routing entries
software static routing
static routing
e, Telnet, web browser, SNMP v1, v2c
Chapter 1: Introduction
Interfaces
SNMP MIBs
RFC
RFC
RFC
RFC
RFC
RFC
RFC
Standards Conformance
Regulation Compliance
FCC Part 15 Class A, CE
Standards Compliance
IEEE
IEEE
IEEE
IEE
IEEE 802.3x flow control and back pressure
IEEE 802.3ad port trunk with LACP
IEEE 802.1D Spanning Tree Protocol
IEEE 802.1w Rapid Spanning Tree Protocol
IEEE 802.1s Multiple Spanning Tree Protocol
IEEE 802.1p Class of Service
Environment
Operating
Temperature:
Relative Humidity:
Storage
Temperature:
Relative Humidity:
-1213 MIB-II
-1493 Bridge MIB
-1643 Ethernet MIB
-2863 Interface MIB
-2665 Ether-Like MIB
-2819 RMON MIB (Group 1, 2, 3 and 9)
-2737 Entity MIB
802.3 10BASE-T
802.3u 100BASE-TX/100BASE-FX
802.3z Gigabit SX/LX
E 802.3ab Gigabit 1000T
0 to 50°C
5 to 95% (non-condensing)
-10 to 70°C
5 to 95% (non-condensing)
NS3500-24T-4C Managed Switch User Manual 13
Chapter 2
Installation
This section describes the hardware features and installation of the managed switch on
the desktop or rack mount. For easier management and control of the managed switch,
familiarize yourself with its display indicators, and ports. Front panel illustrations in this
chapter display the unit LED indicators. Before connecting any network device to the
managed switch, please read this chapter completely.
Hardware description
Switch front panel
Gigabit TP interface
10/100/1000BASE-T copper, RJ45 twisted-pair: Up to 100 meters.
SFP slots
100/1000BASE-X mini-GBIC slot, SFP (Small Factor Pluggable) transceiver module:
supports from 550 meters (multi-mode fiber), up to 10/30/50/70 kilometers (single-mode
fiber).
Console port
The console port is a DB9 connector and an interface for directly connecting a terminal.
Through the console port, the managed switch provides diagnostic information
including the IP address setting, factory reset, port management, link status, and
system setting. The included DB9 console cable connects to the console port on the
device. After making the connection, users can run any terminal emulation program
(Hyper Terminal, ProComm Plus, Telix, Winterm, and so on) to enter the startup screen
of the device
14 NS3500-24T-4C Managed Switch User Manual
Chapter 2: Installation
Reset button pressed and released
< 5 seconds: S
> 5 seconds: F
LED
P
Reset button
Located on the left of the front panel, the reset button is designed to reboot the
managed switch without turning the power off and on. The following is the summary
table of the reset button funct ions:
Function
ystem reboot Reboots the managed switch
actory default Resets the managed switch to factory default
configuration. The managed switch then
reboots and loads the default settings as
shown below:
Default Username: admin
Default Password: admin
Default IP address: 192.168.0.100
Subnet mask: 255.255.255.0
Default Gateway: 192.168.0.254
LED indicators
The front panel LEDs indicate port link status, data activity, and system power.
System
Color Function
WR Green Lit: indicates that the managed switch has power.
10/100/1000 Mbps port
LED Color Function
1000 LNK/ACT Green Lit: indicates the port has successfully connected to the
network at 1000 Mbps.
Blinking: indicates that the switch is actively sending or
receiving data over that port.
10/100
LNK/ACT
Orange Lit: indicates the port has successfully connected to the
network at 100 Mbps or 10 Mbps.
Blinking: indicates that the switch is actively sending or
receiving data over that port.
100/1000BASE-X SFP interfaces
LED Color Function
1000 Green Lit: indicates that the link through that port is established.
LNK/ACT Orange Lit: indicates that the link through that port is established.
NS3500-24T-4C Managed Switch User Manual 15
Blinking: indicates that the switch is actively sending or
receiving data over that port.
Blinking: indicates that the port is actively sending or
receiving data over that port.
Chapter 2: Installation
Switch rear panel
The rear panel of the managed switch contains an AC inlet power socket that accepts
input power from 100 to 240 VAC, 50-60 Hz.
AC power receptacle
For compatibility with electrical supplies in most areas of the world, the managed
switch’s power supply automatically adjusts to line power in the range of 100-240 VAC
and 50/60 Hz.
Plug the female end of the power cord firmly into the receptacle on the rear panel of the
managed switch and the other end of the power cord into an electrical outlet and then
power it on.
Note: The device is a power-required device, meaning it will not work until it is powered
on. If your network needs to be active at all times, consider using a UPS (Uninterrupted
Power Supply) for the dev ic e to help to prevent network data loss or network downtime.
In some areas, installing a surge suppression device may also help to protect the
managed switch from an unregulated surge or current to the switch or the power
adapter.
Installing the switch
This section describes how to install and make connections to the managed switch.
Read the following topics and perform the procedures in the order presented.
To install the managed switch on a desktop or shelf:
1. Attach the rubber feet to the recessed areas on the bottom of the managed switch.
2. Place the managed switch on the desktop or the shelf near an AC power source, as
shown below:
16 NS3500-24T-4C Managed Switch User Manual
Chapter 2: Installation
3. Keep enough ventilation space between the managed switch and the surrounding
objects.
Note: When choosing a location, please keep in mind the environmental restrictions
indicated in “Product specifications” on page 11.
4. Connect one end of a standard network cable to the 10/100/1000 RJ45 ports on the
front of the managed switch and the other end of the cable to the network devices
such as printer servers, workstations or routers.
Note: Connection to the managed switch requires UTP Category 5 network cabling
with RJ45 tips. For more information, see Appendix A “Networking connection” on
page 293.
5. Connect one end of the power cable to the managed switch.
6. Connect the power plug of the power cable to a standard wall outlet.
7. When the managed switch receives power, the power LED illuminates solid green.
Rack mounting
To install the managed switch in a 19-inch standard rack:
1. Place the managed switch on a hard, flat surface with the front panel positioned
towards the front side.
2. Attach the rack-mount bracket to each side of the managed switch with the supplied
screws as shown below.
Caution: You must use the screws supplied with the mounting brackets. Damage
caused to the parts by using incorrect screws will invalidate the warranty.
3. Secure the brackets tightly.
4. Follow the same steps to attach the second bracket to the opposite side.
5. After the brackets are attac hed to the managed switch, use suitable screws to
securely attach the brackets to the rack, as shown below.
NS3500-24T-4C Managed Switch User Manual 17
Chapter 2: Installation
6. Follow steps 4 through 7 under “To install the managed switch on a desktop or
shelf” in this section to connect the network cabling and supply power to the
managed switch.
Installing the SFP transceiver
SFP transceivers are hot-pluggable and hot-sw appable. They can be plugged in and
removed to/from any SFP port without having to power down the managed switch (see
below).
18 NS3500-24T-4C Managed Switch User Manual
Chapter 2: Installation
Approved Interlogix SFP transceivers
The managed switch supports both single mode and multi-mode SFP transceivers. The
following list of approved Interlogix SFP transceivers is valid as of the time of
publication:
Part #
Twisted Pair SFP 1000Base TX
Fiber
Connector
# of
Fibers
Fiber
Type
Max
Distance
Wave
Length
Optical
Budget
(dBm)
Optical
Power
(dBm)
Receiver
Sensitivity
(dBm)
Operating
Temperature
S30-RJ RJ 45 1 Cat5e
Fast Ethernet 100Base FX
S20-2MLC2 LC 2
S25-2MLC2 LC 2
Fast Ethernet 100Base LX
S20-2SLC20 LC 2
S25-2SLC20 LC 2
Fast Ethernet 100Base BX
S20-1SLC/A20
S25-1SLC/B20
LC 1
LC 1
Multimode
Multimode
Single
Mode
Single
Mode
Single
Mode
Single
Mode
100M
(328 ft.)
2 km
(1.2 mi.)
2 km
(1.2 mi.)
20 km
(12 mi.)
20 km
(12 mi.)
20 km
(12 mi.)
20 km
(12 mi.)
1310 nm 12 -20 ~ -14 -32
1310 nm 12 -20 ~ -14 -32
1310 nm 19 -15 ~ -8 -34
1310 nm 19 -15 ~ -8 -34
1310 /
1550 nm
1550 /
1310 nm
18 -14 ~ -8 -32
18 -14 ~ -8 -32
0 to +50°C
(32 to 122°F)
0 to +50°C
(32 to 122°F)
-40 to +75°C
(-40 to
167°F)
0 to +50°C
(32 to 122°F)
-40 to +75°C
(-40 to 167°F)
0 to +50°C
(32 to 122°F)
-40 to +75°C
(-40 to 167°F)
Gigabit Ethernet 1000Base SX
S30-2MLC LC 2
S35-2MLC LC 2
OM1 Multimode fiber @ 200/500 MHz-km
OM2 Multimode fiber @ 500.500 MHZ-km Laser Rated for GbE LANs
S30-2MLC-2 LC 2
OM3 Multimode fiber @ 2000/500MHz-km Optimized got 850 nm VCSELs
Gigabit Ethernet 1000 Base LX
S30-2SLC10
NS3500-24T-4C Managed Switch User Manual 19
LC 2
Multimode
Multimode
Multimode
Single
Mode
220/550 m
(720 /
1800 ft.)
220/550 m
(720 /
1800 ft.)
2 km
(1.2 mi.)
10 km
(6.2 mi.)
850 nm 7.5 -9.5 ~ -1 -17
850 nm 7.5 -14 ~ -8 -17
1310 nm 10 -9 ~ -1 -19
1310 nm 18 -9.5 ~ -3 -20
0 to +50°C
(32 to 122°F
-40 to +75°C
(-40 to 167°F)
0 to +50°C
(32 to 122°F)
0 to +50°C
(32 to 122°F)
Chapter 2: Installation
Part #
S35-2SLC10
S30-2SLC30
S35-2SLC30
Gigabit Ethernet 1000 Base ZX
S30-2SLC70
S35-2SLC70
Gigabit Ethernet 1000 Base BX
S30-1SLC/A10
Fiber
Connector
LC 2
LC 2
LC 2
LC 2
LC 2
LC 1
# of
Fibers
Fiber
Type
Single
Mode
Single
Mode
Single
Mode
Single
Mode
Single
Mode
Single
Mode
Max
Distance
10 km
(6.2 mi.)
30 km
(18.6 mi.)
30 km
(18.6 mi.)
70 km
(43 mi.)
70 km
(43 mi.)
10 km
(6.2 mi.)
Wave
Length
1310 nm 18 -9.5 ~ -3 -20
1310 nm 18 -2 ~ +3 -23
1310 nm 18 -2 ~ +3 -23
1550 nm 19* -15 ~ -8 -34
1550 nm 19* -15 ~ -8 -34
1310 /
1490 nm
Optical
Budget
(dBm)
11 -9 ~ -3 -20
Optical
Power
(dBm)
Receiver
Sensitivity
(dBm)
Operating
Temperature
-40 to +75°C
(-40 to 167°F)
0 to +50°C
(32 to 122°F)
-40 to +75°C
(-40 to 167°F)
0 to +50°C
(32 to 122°F)
-40 to +75°C
(-40 to 167°F)
0 to +50°C
(32 to 122°F)
S30-1SLC/B10
S30-1SLC/A20
S30-1SLC/B20
Gigabit Ethernet 1000 Base BX
S30-1SLC/A60
S30-1SLC/B60
* Note: High Power Optic. There must be a minimum of 5 dB of optical loss to the fiber for proper operation.
LC 1
LC 1
LC 1
LC 1
LC 1
Single
Mode
Single
Mode
Single
Mode
Single
Mode
Single
Mode
10 km
(6.2 mi.)
20 km
(12 mi.)
20 km
(12 mi.)
60 km
(37 mi.)
60 km
(37 mi.)
1490 /
1310 nm
1310 /
1490 nm
1490 /
1310 nm
1310 /
1490 nm
1490 /
1310 nm
11 -9 ~ -3 -20
15 -8 ~ -2 -23
15 -8 ~ -2 -23
24 0 ~ +5 -24
24 0 ~ +5 -24
Note: We recommend the use of Interlogix SFPs on the managed switch. If you insert
an SFP transceiver that is not supported, the managed switch will not recognize it.
Before connecting the other managed switches, workstat ion, or media converter:
0 to +50°C
(32 to 122°F)
0 to +50°C
(32 to 122°F)
0 to +50°C
(32 to 122°F)
0 to +50°C
(32 to 122°F)
0 to +50°C
(32 to 122°F)
1. Make sure both sides of the SFP transceiver are with the same media type. For
example, 1000BASE-SX to 1000BASE-SX, 1000BASE-LX to 1000BASE-LX.
2. Check if the fiber-optic cable type matches the SFP tr ansc ei v er requirement.
• To connect to 1000BASE-SX SFP transceiver, use the multi-mod e fi ber cabl e
with one side being male duplex LC connector type.
20 NS3500-24T-4C Managed Switch User Manual
Chapter 2: Installation
• To connect to 1000BASE-LX SFP transceiver, use the single-mod e fib er cable
with one side being male duplex LC connector type.
To connect the fiber cable:
1. Attach the duplex LC connector on the network cable to the SFP transceiver.
2. Connect the other end of the cable to a device with a SFP transceiver installed.
3. Check the LNK/ACT LED of the SFP slot on the front of the managed switch.
Ensure that the SFP transceiver is operating correctly.
4. Check the link mode of the SFP port if the link fails. Set the link mode to “1000-X” or
“100-X” so that it can work with certain fiber-NICs or media converters if required.
The defaul t setting is SFP Auto-AMS mode.
To remove the transceiver module:
1. Make sure there is no network activity by checking with the network administrator.
Or, through the management interface of the switch/converter (if available), disable
the port in advance.
2. Carefully remove the fiber optic cable.
3. Turn the lever of the transceiver module to a horizontal position.
4. Pull out the module gently through the lever.
Note: Never pull out the module without making use of the lever or the push bolts on
the module. Removing the module with force could damage the mo d ul e and the SFP
module sl ot of the managed switch.
NS3500-24T-4C Managed Switch User Manual 21
Chapter 3
Switch management
This chapter explains the methods that can be used to configure management access
to the managed switch. It describes the types of management applications and the
communication and management protocols that deliver data between the management
device (workstation or personal computer) and the system. It also contains information
about port connection options.
Requirements
• Workstations must have Windows XP or later, Mac OS9 or later, Linux, UNIX , or
other platforms compatible with TCP/IP protocols.
• Workstations must have an Ethernet NIC (Network Interface Card) installed.
• Serial Port connection (Terminal). The workstation must have a COM Port (DB9 /
RS-232) or USB-to-RS-232 converter.
• Ethernet port connection. Use standard network (UTP) cables with RJ45
connectors.
• Workstations must have a web browser and Java runtime environment plug-in
installed.
Note: We recommend the use of Internet Explorer 11.0 or later to ac ces s the managed
switch.
Management access ov erview
The managed switch provides the flexibility to access and manage it using any or all of
the following methods:
• An administration console
• Web browser interface
• An external SNMP-based network management application
NS3500-24T-4C Managed Switch User Manual 22
Chapter 3: Switch management
Method
Console
• Secure
web browser
• Most visually appealing.
SNMP agent
name).
The administration console and web browser interface support are embedded in the
managed switch software and are available for immediate use. The advantages of
these management me thods are described below:
Advantages Disadvantages
• No IP address or subnet needed.
• Text-based
• Telnet functionality and
HyperTerminal built into Windows
operating systems.
• Ideal for configuring the switch
remotely.
• Compatible with all popular
browsers.
• Can be accessed from any
location.
• Communicates with switch
functions at the MIB level.
• Based on open standards.
• Must be near the switch or use dial-up
connection.
• Not convenient for remote users.
• Modem connection may prove to be
unreliable or slow.
• Security can be compromised (hackers
need only know the IP address and
subnet mask).
• May encounter lag times on poor
connections.
• Requires SNMP manager software
• Least visually appealing of all three
methods.
• Some settings require calculations.
• Security can be compromised (hackers
need to only know the community
Administration console
The administration console is an internal, character-oriented, and command line user
interface for performing system administration such as displaying statistics or changing
option settings. Using this method, you can view the administration console from a
terminal, a computer, or workstation connected to the managed switch's console
(serial) port.
NS3500-24T-4C Managed Switch User Manual 23
Chapter 3: Switch management
Direct access
Direct access to the administration console is achieved by directly connecting a
terminal or a computer equipped with a terminal-emulation program (such as
HyperTerminal) to the managed switch console (serial) port. When using this
management method, a straight DB9 RS-232 cable is required to connect the switch to
the computer. After making this connection, configure the terminal-emulation program
to use the following parameters:
These settings can be changed after log on, if required. This management method is
often preferred because the user can remain connected and monitor the system during
system reboots. Also, certain error messages are sent to the serial port, regardless of
the interface through which the associated action was initiated. A computer attachment
can use any terminal emulation program for connecting to the terminal serial port. A
workstation attachment under UNIX can use an emulator such as TIP.
24 NS3500-24T-4C Managed Switch User Manual
Chapter 3: Switch management
Web management
The managed switch provides features that allow users to manage it from anywhere on
the network through a stand ard browser such as Microsoft Internet Explorer. After
setting up the IP address for the switch, you can access the managed switch's web
interface applications directly in the web browser by entering the IP address of the
managed switch.
You can use a web browser to list and manage the managed switch configuration
parameters from one central location, just as if you were directly connected to the
managed switch's console port. Web management requires Microsoft Internet Explorer
11.0 or later.
SNMP-based network management
Use an external SNMP-based application to c on fig ur e and ma nag e the managed
switch, such as SNMP Network Manager, HP Openview Network Node Management
(NNM), or What’s Up Gold. This manag e me nt method requires the SNMP agent on the
switch and the SNMP Network Management Station to use the same community string.
This management method uses two community strings: the get community string and
the set community string. If the SNMP Network Management Station only knows the set
community string, it can read and write to the MIBs. However, if it only knows the get
community string, it can only read MIBs. The default get and set community strings for
the managed switch are public.
NS3500-24T-4C Managed Switch User Manual 25
Chapter 3: Switch management
Smart discovery utility
For easily listing the managed switch in your Ethernet env i r onme nt, the S mar t
Discovery utility included on the CD-ROM is an ideal solution.
To run the smart discovery utility:
1. Install the Smart Discovery Utility in the administrator PC.
2. Run the utility.
Note: If there are two or more LAN cards in the same administrator computer,
choose a different LAN card by using the “Select Adapter” tool.
3. Click the Refresh button for the currently connected devices in the discovery list:
4. This utility shows all necessary information from the devices, such as MAC address,
device name, firmware version and device IP subnet address. It can also assign
new password, IP Subnet address and description for the devices. After setup is
complete, click the Update Device, Update Multi, or Update All button:
• Update Device: Use the current setting on one single device.
• Update Multi: Use the current setting on multi-devices.
• Update All: Use the current setting on all devices in the list.
26 NS3500-24T-4C Managed Switch User Manual
Chapter 3: Switch management
The same functions mentioned above also can be found in Option menu.
5. Selecting the Control Packet Force Broadcast check box allows you to assign a
new setting value to the Web Smart Switch under a different IP subnet address.
6. Click the Connect to Device button and the web login screen appears.
7. Click the Exit button to shut down the Smart Discovery Utility.
NS3500-24T-4C Managed Switch User Manual 27
Chapter 4
Web configuration
This section introduces the configuration and functions of the web-based management
interface for the managed switch.
About Web-based management
Web-based management of the managed switch supports Internet Explorer 7.0 or later,
and can be performed from any location on the network. It is based on Java Applets
with an aim to reduce network bandwidth consumption, enhance access speed, and
present an easy viewing screen.
Note: By default, IE 11.0 and above does not allow Java Applets to open sockets. The
user has to explicitly modify the browser setting to enable Java Applets to use network
ports.
The managed switch can be configured through an Ethernet connection when the
manager computer is set to the same IP subnet address as the managed switch.
For example, if the default IP address of the managed switch is 192.168.0.100, then the
administrator computer should be set at 192.168.0.x (where x is a number between 1
and 254, except 100), and the defaul t s ub net mas k is 255 . 25 5.2 55.0.
If the default IP address of the managed switch has been changed to 192.168.1.1 with
subnet mask 255.255.255.0 via the console, then the administrator computer should be
set at 192.168.1.x (where x is a number between 2 and 254) to do the relative
configuration on a manager computer.
NS3500-24T-4C Managed Switch User Manual 28
Chapter 4: Web configuration
1. Main menu
2.
3. SFP port link status
4. Help
5.
To log into the managed switch:
1. Launch the Internet Expl or er 7.0 or later web browser and type the factory default IP
address http://192.168.0.100 to access the web interface.
2. When the following login screen appears, type the default username "admin" with
password “admin” (or the username and password you have changed via console)
to log into the main screen of the managed switch.
3. After typing the username and password, the main UI screen appears. The main
menu on the left side of the web page permits access to all the functions and status
provided by the managed switch.
Note: For security purposes, change and memorize the new password after this first
setup.
Main web page
This section describes how to use the managed switch’s web browser interface for
configuration and management.
Copper port link status
NS3500-24T-4C Managed Switch User Manual 29
Main screen
Chapter 4: Web configuration
Panel display
The web interface displays an image of the managed switch’s ports. The mode can be
set to display different information for the ports, including Link up or Link down. Clicking
on the image of a port opens the Port Statistics page.
Port status is indicated as follows:
State Disabled Down Link
RJ45 Ports
SFP Ports
Main menu
Using the web interface, you can define system parameters, manage, and control the
managed switch and all its ports, or monitor network conditions. The administrator can
set up the managed switch by making selections fro m the main functions menu.
Clicking on a main menu item opens sub menus.
System
Use the System menu items to display and configure basic administrative details of the
managed switch. Under the System list, the following topics are provided to configure
and view the system information. This list contains the following items:
Item Function
System Information The managed switch system information is provided here.
30 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
Item Function
IP Configuration Configures the managed switch-managed IPv4/IPv6 interface and IP routes
on this page.
IP Status This page displays the status of the IP protocol layer. The status is defined
by the IP interfaces, the IP routes and the neighbour cache (ARP cache)
status.
Users Configuration This page provides an overview of the current users. Currently the only way
to log in as another user on the web server is to close and reopen the
browser.
Privilege Levels This page provides an overview of the privilege levels.
NTP Configuration Configure NTP server on this page.
Time Configuration Configure time parameter on this page.
UPnP Configure UPnP on this page.
DHCP Relay Configure DHCP Relay on this page.
DHCP Relay Statistics This page provides statistics for DHCP relay.
CPU Load This page displays the CPU load using an SVG gr aph.
System Log The managed switch system log information is provided here.
Detailed Log The managed switch system detailed log information is provided here.
Remote Syslog Configure remote syslog on this page.
SMTP Configuration Configure SMTP parameters on this page.
Web Firmware
Upgrade
TFTP Firmware
Upgrade
Save Startup Config This copies running-config to startup-config, thereby ensuring that the
Configuration
Download
Configuration Upload Upload files to the switch.
Configuration
Activate
Configuration Delete Delete the writable files stored in flash.
Image Select Configure active or alternate firmware on this page.
Factory Default Reset the configuration of the managed switch on this page. Only the IP
This page facilitates an update of the firmware controlling the managed
switch.
Upgrade the firmware via TFTP server
currently active configuration will be used at the next reboot.
Download the files to the switch.
Activate the configuration file present on the switch.
configuration is retained.
System Reboot You can restart the managed switch on this page. After restarting, the
managed switch will boot normally.
System information
The System Infomation page provides information on the current device such as the
hardware MAC address, software version, and system uptime.
NS3500-24T-4C Managed Switch User Manual 31
Chapter 4: Web configuration
The page includes the following fields:
Item Function
Contact The system contact configured in SNMP > System Information.
Name The system name configured in SNMP > System Information.
Location The system location configured in SNMP > System Information.
MAC Address The MAC Address of this managed switch.
Power Status Indicated the type of power applied to the managed switch.
Temperature Indicates chipset temperature.
System Date The current (GMT) system time and date. The system time is obtained through the
configured NTP server, if present.
System Uptime The period of time the device has been operational.
Software Version The software version of the managed switch.
Software Date The date when the managed switch software was produced.
• Select the Auto-refresh check box to refresh the page automatically. Automatic
refresh occurs every three seconds.
• Click Refresh to refresh the page automatically. This will undo any changes made
locally.
IP configuration
This page includes the IP Configuration, IP Interface, and IP Routes. The configured
column is used to view or change the IP configuration. The maximum number of
interfaces supported is 128 and the maximum number of routes is 32.
32 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The current column is used to show the active IP configuration.
Object Description
IP
Configurations
Mode
Domain Name
Set the IP stack to act as a Host or a Router. In Host
mode, IP traffic between interfaces will not be routed. In
Router mode traffic is routed between all interfaces.
The name string of local domain where the device
belongs. Most queries for names within this domain can
use short names relative to the local domain. The
system then appends the domain name as a suffix to
unqualified names.
For example, if the domain name is set as
'example.com' and you specify the PING destination by
the unqualified name as 'test', then the system will
qualify the name to be 'test.example.com'.
The following modes are supported:
No Domain Name – No domain name will be used.
Configured Domain Name – Explicitly specify the name
of local domain. Make sure the configured domain name
meets your organization's g iven domain.
From any DHCPv6 interfaces – The first domain name
offered from a DHCPv6 lease to a DHCPv6-enabled
interface will be used.
From this DHCPv6 interface – Specify from which
DHCPv6-enabled interface a provided domain name
should be preferred.
DNS Server
This setting controls the DNS name resolution done by
the switch. There are four servers available for
configuration, and the index of the server presents the
preference (less index has higher priority) in doing DNS
name resolution. The following modes are supported:
No DNS server – No DNS server will be used.
NS3500-24T-4C Managed Switch User Manual 33
Chapter 4: Web configuration
Configured IPv4 – Explicitly provide the valid IPv4
Valid values are between 0 and 30 bits for a IPv4
Object Description
unicast address of the DNS Server in dotted decimal
notation. Make sure the configured DNS server is
reachable (e.g., via PING) for activating DNS service.
Configured IPv6 – Explicitly provide the valid IPv6
unicast (except linklocal) address of the DNS Server.
Make sure the configured DNS server is reachable (e.g.,
via PING6) for activating DNS service.
From any DHCPv4 interfaces – The first DNS server
offered from a DHCPv4 lease to a DHCPv4-enabled
interface will be used.
From this DHCPv4 interface – Specify from which
DHCPv4-enabled interface a provided DNS server
should be preferred.
From any DHCPv6 interfaces – The first DNS server
offered from a DHCPv6 lease to a DHCPv6-enabled
interface will be used.
From this DHCPv6 interface – Specify from which
DHCPv6-enabled interface a provided DNS server
should be preferred.
DNS Proxy
IP Address
Delete
VLAN
DHCPv4 Enabled
Fallback
Current
Lease
When DNS proxy is enabled, the system will relay DNS
requests to the currently configured DNS server, and
reply as a DNS resolver to the client devices on the
network.
Select this option to delete an existing IP interface.
The VLAN associated with the IP interface. Only ports in
this VLAN will be able to access the IP interface. This
field is only available for input when creating an new
interface.
Enable the DHCP client by selecting this check box. If
this option is enabled, the system will configure the IPv4
address and mask of the interface using the DHCPv4
protocol. The DHCPv4 client will announce the
configured System Name as hostname to provide DNS
lookup
The number of seconds for trying to obtain a DHCP
lease. If this option is enabled, the system will configure
the IPv4 address and mask of the interface using the
DHCPv4 protocol. The DHCPv4 client will announce the
configured System Name as hostname to provide DNS
lookup.
For DHCP interfaces with an active lease, this column
shows the current interface address, as provided by the
DHCP server.
IPv4 Address
Mask Length
34 NS3500-24T-4C Managed Switch User Manual
Provides the IP address of this managed switch in
dotted decimal notation. If DHCP is enabled, this field
configures the fallback address. The field may be left
blank if IPv4 operation on the interface is not required, or
if no DHCP fallback address is required
The IPv4 network mask, in number of bits (prefix length).
Chapter 4: Web configuration
address. If DHCP is enabled, this field configures the
If the IPv6 gateway address is link-local, it must specify
Object Description
fallback address network mask. The field may be left
blank if IPv4 operation on the interface is not required, or
if no DHCP fallback address is required.
DHCPv6
Enable Enable the DHCPv6 client by selecting this check box. If
Rapid
Commit
Current
Lease
IPv6 Address
this option is enabled, the system configures the IPv6
address of the interface using the DHCPv6 protocol.
Enable the DHCPv6 Rapid-Commit option by selecting
this check box. If this option is enabled, the DHCPv6
client terminates the waiting process as soon as a Reply
message with a Rapid Commit option is received. This
option is only manageable when the DHCPv 6 client is
enabled.
For DHCPv6 interface with an active lease, this column
shows the interface address provided by the DHCPv6
server.
Provides the IP address of this managed switch. A IPv6
address is in 128-bit records represented as eight fields
of up to four hexadecimal digits with a colon separating
each field (:).For example, fe80::215:c5ff:fe03:4dc7. The
symbol :: is a special syntax that can be used as a
shorthand way of representing multiple 16-bit groups of
contiguous zeros; but it can appear only once.
The system accepts the valid IPv6 unicast address only,
except the IPv4-Compatible address and IPv4-Mapped
address. The field may be left blank if IPv6 operation on
the interface is not required.
IP Routes
Mask Length
Delete
Network
Mask Length
Gateway
Next Hop VLAN
The IPv6 network mask, in number of bits (prefix length).
Valid values are between 1 and 128 bits for a IPv6
address.
The field may be left blank if IPv6 operation on the
interface is not required.
Select this option to delete an existing IP route.
The destination IP network or host address of this route.
Valid format is dotted decimal notationor a valid IPv6
notation. A default route can use the value 0.0.0.0 or
IPv6 :: notation.
The destination IP network or host mask, in number of
bits (prefix length). It defines how much of a network
address that must match in order to qualify for this route.
Valid values are between 0 and 32 bits resp ec ti vel y 128
for IPv6 routes. Only a default route will have a mask
length of 0 as it will match anything.
The IP address of the IP gateway. Valid format is dotted
decimal notation or a valid IPv6 notation. Gateway and
Network must be of the same type.
The VLAN ID (VID) of the specific IPv6 interface
associated with the gateway. The given VID ranges from
1 to 4095 and will be effective only when the
corresponding IPv6 interface is valid.
NS3500-24T-4C Managed Switch User Manual 35
Chapter 4: Web configuration
the next hop VLAN for the gateway. If the IPv6 gateway
Object Description
address is not link-local, the system ignores the next hop
VLAN for the gateway.
Buttons
• Click Add Interface to add a new IP interface. A maximum of 128 interfaces is
supported.
• Click Add Route to add a new IP route. A maximum of 32 routes is supported.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
IP status
IP status displays the status of the IP protocol layer. The status is defined by the IP
interfaces, the IP routes, and the neighbour cache (ARP cache) status.
36 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
By default, most groups’ privilege level 5 has read-only access and privilege level
The page includes the following fields:
Object Description
IP Interfaces Interface The name of the interface.
Type
Address The current address of the interface (of the given type).
Status The status flags of the interface (and/or address).
IP Routes
Neighbor Cache IP Address The IP address of the entry.
Network
Gateway The gateway address of this route.
Status The status flags of the route.
Link Address
The address type of the entry. This may be LINK or
IPv4.
The destination IP network or host address of this
route.
The link (MAC) address for which a binding to the IP
address given exists.
• Select the Auto-refresh check box to refresh the page automatically. Automatic
refresh occurs every three seconds.
• Click Refresh to refresh the page automatically. This will undo any changes made
locally.
Users configuration
This page provides an overview of the current users. Close and reopen the browser to
log in as another user on the web server. After setup is complete, click the Apply
button and log in to the web interface with the new user name and password. The
following appears:
This page includes the following fields:
Object Description
User Name The name identifying the user. This is also a link to Add/Edit User.
Privilege Level The privilege level of the user.
The allowed range is 1 to 15. If the privilege level value is 15, it can access all
groups (i.e., it is granted full control of the device). Other values need to refer to
each group privilege level. User privileges should be the same or greater than the
group privilege level to have access to that group.
NS3500-24T-4C Managed Switch User Manual 37
Chapter 4: Web configuration
10 has read-write access. System maintenance (software upload, factory
Object Description
defaults, etc.) requires user privilege level 15.
Generally, privilege level 15 can be used for an administrator account, privilege
level 10 for a standard user account, and privilege level 5 for a guest account.
Buttons:
• Click Add New U ser to add a new user
Add/edit user
Add, edit, or delete a user in this page.
This page includes the following fields:
Object Description
User Name A string identifies the user name that this entry should belong to. The allowed
string length is 1 to 31. The valid user name is a combination of letters,
numbers, and underscores.
Password The password of the user. The allowed string length is 1 to 31.
Password (again) Type the user password again for confirmation.
Privilege Level The privilege level of the user.
The allowed range is 1 to 15. If the privilege level value is 15, it can access all
groups (i.e., it is granted full control of the device). But other values need to
refer to each group privilege level. User privileges should be the same or
greater than the group privilege level to have access to that group .
By default, most groups’ privilege level 5 has read-only access and privilege
level 10 has read-write access. Sy stem maintenance (software upload, factory
defaults, etc.) requires user privilege level 15.
Generally, privilege level 15 can be used for an administrator account,
privilege level 10 for a standard user account, and privilege level 5 for a guest
account.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
38 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
• Click Cancel to undo changes and return to the Users Configuration page.
• Click Delete User to delete the curr ent user. This f unction is not available for new
configurations (i.e., add new user).
After a new user is added, the new user entry appears in the Users Configuration page.
Note: If a password is forgotten after changing the default password, press the reset
button on the front panel of the managed switch for over 10 seconds and then release
it. The current settings, including VLAN, will be erased and the managed switch
restores to def ault mode.
Privilege levels
This page provides an overview of the privilege levels. After setup is complete, click the
Apply button and log in to the web interface with the new user name and password.
The following appears:
NS3500-24T-4C Managed Switch User Manual 39
Chapter 4: Web configuration
This page includes the following fields:
Object Description
Group name The name identifies the privilege group. In most cases, a privilege level group
consists of a single module (e.g., LACP, RSTP, or QoS), but a few of them
contain more than one. The following description defines these privilege level
groups in detail:
System: Contact, Name, Location, Timezone, Log.
Security: Authentication, System Access Management, Port (contains Dot1x
port, MAC based and the MAC Address Limit), ACL, HTTPS, SSH, ARP
Inspection, and IP source guard.
IP: Everything except 'ping'.
Port: Everything except 'VeriPHY'.
Diagnostics: 'ping' and 'VeriPHY'.
Maintenance: CLI- System Reboot, System Restore Default, System
Password, Configuration Save, Configuration Load and Firmware Load. WebUsers, Privilege Levels and everything in Maintenance.
Debug: Only present in CLI.
Privilege Level Every privilege level group has an authorization level for the following sub
groups:
Configuration read-only
Configuration/execute read-write
Status/statistics read-only
Status/statistics read-write (e.g., for clearing of statistics)
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
NTP configuration
Configure NTP on this page. NTP is an acronym for Network Time Protocol, a network
protocol for synchronizing the clocks of computer systems. NTP uses UDP (data
grams) as a transport layer. You can specify NTP servers in this page.
40 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
This page includes the following fields:
Object Description
Mode Indicates the NTP mode operation. Possible modes are:
Enabled: Enable NTP mode operation. When enabling NTP mode operation,
the agent forwards and transfers NTP messages between the clients and the
server when they are not on the same subnet domain.
Disabled: Disable NTP mode operation.
Server# Provides the NTP IPv4 or IPv6 address of this switch. IPv6 address is in 128-
bit records represented as eight fields of up to four hexadecimal digits with a
colon separating each field (:).
Example: 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that
can be used as a shorthand way of representing multiple 16-bit groups of
contiguous zeros; but it can only appear once. It also us es an IPv4 address
(for example, '::192.1.2.34').
NS3500-24T-4C Managed Switch User Manual 41
Chapter 4: Web configuration
Object Description
User Manually Allows the user to enable set up system time manually. System time will be
lost after system reboot since there is no battery to keep time running.
Year Allows the user to input year value. (it supports from 1970 to 2037 only)
Month Allows the user to input month value. (1 to 12 month).
Day Allows the user to input day value. (1 to 31 days).
Hour Allows the user to input hour value. (00 to 23 hours).
Minute Allows the user to input minute value. (0 to 59 minutes).
Second Allows the user to input second value. (0 to 59 seconds).
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
Time configuration
A time zone is a region that has a uniform standard time for legal, commercial, and
social purposes. It is convenient for areas in close commercial or other communication
to maintain the same time, so time zones tend to follow the boundaries of countries and
their subdivisions. Configure the time zone on the Time Zone Configuration page.
42 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
This page includes the following fields:
Object Description
Time Zone Lists various Time Zones worldwide. Select the appropriate Time Zone from
the drop-down list and click Save.
Acronym This is a user configurable acronym (up to 16 characters) used to identify the
time zone.
Daylight Saving
Time
Start Time Settings Week - Select the starting week number.
End Time Settings Week - Select the ending week number.
Offset Settings Enter the number of minutes (1 to 1440) to add during Daylight Saving Time.
This is used to set the clock forward or backward according to the
configurations set below for a defined Daylight Saving Time duration. Select
Disable to disable the Daylight Saving Time configuration. Select Recurring
and configure the Daylight Saving Time duration to repeat the configuration
every year. Select Non-Recurring and configure the Daylight Sa ving T ime
duration for single time configuration. (Default: Disabled).
Day - Select the starting day.
Month - Select the starting month.
Hours - Select the starting hour.
Minutes - Select the starting minute.
Day - Select the ending day.
Month - Select the ending month.
Hours - Select the ending hour.
Minutes - Select the ending minute
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
UPnP
UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow
devices to connect seamlessly and to simplify the implementation of networks in home
(data sharing, communications, and entertainment) and corporate environments for
easy installation of computer components. Configure UPnP on the UPnP Configuration
page.
NS3500-24T-4C Managed Switch User Manual 43
Chapter 4: Web configuration
This page includes the following fields:
Object Description
Mode Indicates the UPnP operation mode. Possible modes are:
Enabled: Enable UPnP mode operation.
Disabled: Disable UPnP mode operation.
When the mode is enabled, two ACEs are added automatically to trap UPnP
related packets to the CPU. The ACEs are automatically removed when the
mode is disabled.
Advertising
Duration
IP Address Mode IP addressing mode provides two ways to determine IP address assignment:
Static VLAN
Interface ID
The duration, carried in SSDP packets, is used to inform a control point or
control points how often it or they should receive a SSDP advertisement
message from this switch. If a control point does not receive any message
within the duration, it will think that the switch no longer exists. Due to the
unreliable nature of UDP, in the standard it is recommended that such
refreshing of advertisements to be done at less than one-half of the advertising
duration. In the implementation, the switch sends SSDP messages periodically
at the interval one-half of the advertising duration minus 30 seconds. Valid
values are in the range 100 to 86400.
Dynamic: Default selection for UPnP. UPnP module helps users choosing the
IP address of the switch device. It finds the first available system IP address.
Static: The user specifies the IP interface VLAN for choosing the IP address of
the switch device.
The index of the specific IP VLAN interface. It will only be applied when IP
Addressing Mode is static. Valid configurable values ranges from 1 to 4095.
Default value is 1.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
44 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
An example of how UPnP devices appear in My Network Places:
DHCP relay
DHCP Relay is used to forward and to transfer DHCP messages between the clients
and the server when they are not on the same subnet domain.
The DHCP option 82 enables a DHCP relay agent to insert specific information into a
DHCP request packets when forwarding client DHCP packets to a DHCP server and
remove the specific information from a DHCP reply packets when forwarding server
DHCP packets to a DHCP client. The DHCP server can use this information to
implement IP address or other assignment policies. Specifically, the option works by
setting two sub-options:
• Circuit ID (option 1). This sub-option should include information specific to which
circuit the request came in on.
• Remote ID (option 2). This sub-option is designed to carry information relating to the
remote host end of the circuit.
The definition of Circuit ID in the switch is four bytes in length and the format is
"vlan_id" "module_id " " por t_no". The parameter of "v l an_i d" is the fir st tw o by tes
representing the VLAN ID. The parameter of "module_id" is the third byte for the
module ID (in a standalone switch it always equals 0; in the switch it means switch ID).
The parameter of "port_no" is the fourth byte and it means the port number.
The remote ID is six bytes in length, and the value equals the DHCP relay agent’s MAC
address. Configure DHCP relay in the DHCP Relay Configuration page.
NS3500-24T-4C Managed Switch User Manual 45
Chapter 4: Web configuration
This page includes the following fields:
Object Description
Relay Mode Indicates the DHCP relay mode operation. Possible modes are:
Enabled: Enable DHCP relay mode operation. When enabling DHCP relay
mode operation, the agent forwards and transfers DHCP messages between
the clients and the server when they are not on the same subnet domain and
the DHCP broadcast message won't flood due to security settings.
Disabled: Disable DHCP relay mode operation.
Relay Server Indicates the DHCP relay server IP address. A DHCP relay agent is used to
forward and transfer DHCP messages between the clients and the server
when they are not on the same subnet domain.
Relay Information
Mode
Relay Information
Policy
Indicates the DHCP relay information mode option operation. Possible modes
are:
Enabled: Enable DHCP relay information mode operation. When enabling
DHCP relay information mode operation, the agent inserts specific information
(option82) into a DHCP message when forwarding to DHCP server and
removes it from a DHCP message when transferring to DHCP client. It only
works when DHCP relay operation mode is enabled.
Disabled: Disable DHCP relay information mode operation.
Indicates the DHCP relay information option policy. When enabling DHCP
relay information mode operation, if the agent receives a DHCP message that
already contains relay agent information, it will enforce the policy. This only
works when DHCP relay information operation mode is enabled. Options are:
Replace: Replace the original relay information when receiving a DHCP
message that already contains it.
Keep: Keep the original relay information when receiving a DHCP message
that already contains it.
Drop: Drop the package when receiving a DHCP message that already
contains relay information.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
DHCP relay statistics
This page provides statistics for DHCP relay.
46 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
Server statistics:
Object Description
Transmit to Server The number of packets relayed from client to server.
Transmit Error The number of packets erroneously sent to clients.
Receive from Server The number of packets received from the server.
Receive Missing Agent
Option
Receive Missing Circuit ID The number of packets received with the Circuit ID option missing.
Receive Missing Remote ID The number of packets received with the Remote ID option missing.
Receive Bad Circuit ID The number of packets in which the Circuit ID option does not match
Receive Bad Remote ID The number of packets in which the Remote ID option does not
The number of packets received without agent information options.
with the known circuit ID.
match with the known Remote ID.
Client statistics:
Object Description
Transmit to Client The number of packets relayed from server to client.
Transmit Error The number of packets erroneously sent to servers.
Receive from Client The number of packets received from the server.
Receive Agent Option The number of packets received with the r ela y agent i nf ormation
option.
Replace Agent Option The number of packets received is rep lac ed with the relay agent
information option.
Keep Agent Option The number of packets received is kept with the rela y agent
information option.
Drop Agent Option The number of packets received is droppe d with the relay agent
information option.
Buttons
• Select the Auto-refresh check box to refresh the page automatically. Automatic
refresh occurs every three seconds.
• Click Refresh to immediately refresh the page.
NS3500-24T-4C Managed Switch User Manual 47
Chapter 4: Web configuration
• Click Clear to clear all statistics.
CPU load
This page displays the CPU load using an SVG graph. The load is measured as
average over the last 100 ms, 1 second, and 10 second intervals. The last 120 samples
are graphed, and the last numbers are displayed as text as well. To display the SVG
graph, the browser must support the SVG format. Consult the SVG Wiki for more
information on browser support as a plugin may be required.
Buttons
• Select the Auto-refresh check box to refresh the page automatically. Automatic
refresh occurs every three seconds.
Note: If the browser does not display anything on this page, download the Adobe SVG
tool and install it in the computer.
System log
The System Log Information page shows the managed switch system log information.
48 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
ID The ID (>= 1) of the system log entry.
Level The level of the system log entry. The following level types are
supported:
Info: Information level of the system log.
Warning: Warning level of the system log.
Error: Error level of the system log.
All: All levels.
Clear Level Clears the system log entry level. The following level types are
supported:
Info: Information level of the system log.
Warning: Warning level of the system log.
Error: Error level of the system log.
All: All levels.
Time The time of the system log entry.
Message The message of the system log entry.
Buttons
• Select the Auto-refresh check box to refresh the page automatically. Automatic
refresh occurs every three seconds.
• Click Refresh to immediately refresh the page.
• Click Clear to clear all statistics.
• Click Hide to hide the selected log entries.
• Click Download to download the selected log entries.
• Click I<< to update the system log entries, starting from the first available entry ID.
• Click << to update the system log entries, ending at the last entry currently
displayed.
• Click >> to update the system log entries, starting from the last entry currently
displayed.
NS3500-24T-4C Managed Switch User Manual 49
Chapter 4: Web configuration
• Click >>I to update the system log entries, ending at the last available entry ID.
Detailed log
The Detailed System Log Information page displays the managed switch system log
information details .
The page includes the following fields:
Object Description
ID The ID (>= 1) of the system log entry.
Message The message of the system log entry.
Buttons
• Click Download to download the system log entry to the current entry ID.
• Click Refresh to update the system log entry to the current entry ID.
• Click I<< to update the system log entries, starting from the first available entry ID.
• Click << to update the system log entries, ending at the last entry currently
displayed.
• Click >> to update the system log entries, starting from the last entry currently
displayed.
• Click >>I to update the system log entries, ending at the last available entry ID.
• Click Print to print the system log entry to the current entry ID.
Remote syslog
The System Log Configuration page displays the managed switch remote system log
information details .
50 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Mode Indicates the server mode operation. When the mode operation is
enabled, the syslog message is sent to the syslog server. The syslog
protocol is based on UDP communication and received on UDP port
514. The syslog server will not send acknowledgments back to
sender since UDP is a connectionless protocol and it does not
provide acknowledgments. The syslog packet is always sent out even
if the syslog server does not exist. Selections include:
Enabled: Enable remote syslog mode operation.
Disabled: Disable remote syslog mode operation.
Syslog Server IP Indicates the IPv4 host address of syslog server. If the switch
provides the DNS feature, it also can be a host name.
Syslog Level Indicates what kind of message is sent to the syslog server.
Selections include:
Info: Send information, warnings, and errors.
Warning: Send warnings and errors.
Error: Send errors.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
SMTP configuration
The SMTP Configuration page displays the managed switch SMTP configuration
details.
NS3500-24T-4C Managed Switch User Manual 51
Chapter 4: Web configuration
The page includes the following fields:
Object Description
SMTP Mode Controls whether or not SMTP is enabled on the switch.
SMTP Server Type the SMTP server name or the IP address of the SMTP server.
SMTP Port Set the port number of SMTP service.
SMTP Authentication SMTP authentication is enabled if selected. Authentication is required
when an email is sent.
Authentication User Name Type the user name for the SMTP server if Authentication is Enable.
Authentication Password Type the password for the SMTP server if Authentication is Enable.
E-mail From Type the sender’s email address. This address is used for reply
emails.
E-mail Subject Type the subject/title of the email.
E-mail 1 To / E-mail 2 To Type the receiver’s email address.
Buttons
• Click test to send a test mail to the mail server to indicate if the account is available.
• Click Save to save changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
Web firmware upgrade
Update the managed switch firmware using the Firmware Upload page.
52 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
To open the Firmware Upload page:
1. Click System > W eb Firmware Upgrade. The Firmware Upload page appears.
2. Click the Browse button on the main page. The file selection menu to choose
firmware appears.
3. Select the firmware file and then click Upload. The Software Upload Pr og r es s
displays the file with upload status.
4. After the software is uploaded to the system successfully, the following screen
appears. The system loads the new software after reboot.
Note: DO NOT Power OFF the managed switch until the update progress is
completed.
Note: Do not quit the Firmware Upgrade page without clicking the OK button after the
image is loaded. Otherwise, the system won’t apply the new firmware and the user has
to repeat the firmwar e upgr ade pr oces s.
Save startup configur ati on
This function ensures that the current active configuration can be used after the next
reboot.
After clicking Save Configuration, the following screen appears.
NS3500-24T-4C Managed Switch User Manual 53
Chapter 4: Web configuration
Configuration download
The managed switch stores its configuration in a number of text files in CLI format. The
files are either virtual (RAM-based) or st or ed in flas h on the sw i tc h.
There are three system files:
• running-config: A virtual file that represents the currently activ e con fig ur ati on on
the switch. This file is volatile.
• startup-config: The startup configuration for the switch, read at boot time.
• default-config: A read-only file with vendor-specific configuration. This file is read
when the system is restored to default settings.
It is also possible to store up to two other files and apply them to running-config,
thereby switching configuration.
The Download Configuration page permits the download of the running-config, startupconfig, a nd default-config system files to the switch.
Configuration upload
The Upload Configuration page permits the upload of the running-config and startupconfig to the switch.
54 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
If the destination is running-config, the file will be applied to the switch configuration.
This can be done in two ways:
• Replace mode: The current configuration is fully replaced with the configuration in
the uploaded file.
• Merge mode: The uploaded file is merged into running-config.
If the file system is full (i.e., it contains the system files mentioned above plus two other
files), it is not possible to create new files unless an exi s ti ng file is overwritten or
another is deleted first.
Configuration activate
The Activate Configuration page permits activation of the startup-config and defaultconfig files on the switch.
It is possible to activate any of the configuration files present on the switch, except for
running-config which represents the currently active configuration.
Select the file to activate and click Activate Configuration. This initiates the process of
completely replacing the existing configuration with that of the selected file.
NS3500-24T-4C Managed Switch User Manual 55
Chapter 4: Web configuration
Configuration delete
The Delete Configuration page permits the deleti on o f the startup-config and defaul tconfig files which are stored in Flash memor y . If this is performed and the switch is
rebooted without a prior save operation, it effectively resets the switch to default
configuration.
Image select
This page provides information about the active and alternate (backup) firmware
images in the device, and allows you to revert to the alternate image. The web page
displays two tables with information about the active and alternate firmware images.
Note: If the active firmware image is the alternate image, only the "Active Image" table
is shown. In this case, the Activate Alternate Image button is also disabled.
Note:
1. If the alternate image is active (due to a corruption of the primary image or by
manual intervention), uploading a new firmware image to the device will activate
the primary image slot and use it instead.
2. The firmware version and date information may be empty for older firmware
releases. This does not constitute an error.
56 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web co nfiguration
The page includes the following fields:
Object Description
Image The flash index name of the firmware image. The name of primary
(preferred) image is image, the alternate image is named image.bk.
Version The version of the firmware image.
Date The date when the firmware was produced.
Buttons
• Click Activate Alternate Image to use the alternate im ag e. This butt on may be
disabled depending on the system state.
System reboot
The Restart Device page permits the device to be r ebo ot e d fro m a remote location.
After clicking the Yes button to restart, log in to the web interface about 60 secon ds
later.
Buttons
• Click Yes to reboot the system.
• Click No to return to the Port State page without rebooting the system.
Note: You can also check the SYS LED on the front panel to identify whether of not the
system is loaded completely. If the SYS LED is blinking, then it is in the firmware load
stage; if the SYS LED light is on, you can use the web browser to log in to the managed
switch.
DHCP server
Mode
The DHCP Server Excluded IP Configuration page offers permits excl us ion of IP
addresses for static IP address devices, suc h as servers or routesr. The DHCP server
will not allocate these excluded IP addresses to the DHCP client.
NS3500-24T-4C Managed Switch User Manual 57
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Delete Permits deletion of an IP range.
IP Range Defines the IP address range to be excluded. The first excluded IP
must be smaller than or equal to the second excluded IP. If the IP
range contains only 1 excluded IP, input it to either one of the first
and second excluded IPs or both.
Buttons
• Click Add IP Range to add an IP range.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
Pool
The DHCP Server Pool Configuration page manages DHCP pools. Ac cor di ng to the
DHCP pool, the DHCP server will allocate IP addresses and deliver con fig urat ion
parameters to the DHCP client. Adding a pool and giving it a name creates a new pool
with a default configuration. If you want to configure all settings including type, IP
subnet mask, and lease time, click the pool name to go into the configuration page.
58 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Delete Permits deletion of pool settings.
Name Configure the pool name that accepts all printable characters, except
white space. If you want to configure the detail settings, click the pool
name to go into the configuration page.
Type Indicates the pool type.
Network: The pool defines a pool of IP addresses to service more
than one DHCP client.
Host: the pool services for a specific DHCP client identified by client
identifier or hardware address.
If "-" appears, it means not defined.
IP Indicates the network number of the DHCP address pool.
If "-" appears, it means not defined.
Subnet Mask Indicates the subnet mask of the DHCP address pool.
If "-" appears, it means not defined.
Lease Time Indicates the lease time of the pool.
Buttons
• Click Add New Pool to add a new DHCP pool.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
Click a pool name to configure DHCP pool settings on the DHCP Pool Configuration
page.
NS3500-24T-4C Managed Switch User Manual 59
Chapter 4: Web configuration
60 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Name Select a pool by pool name.
Pool Name Indicates the selected pool name.
Type Specifies the pool type.
Network: the pool defines a pool of IP addresses to service more
than one DHCP client.
Host: the pool services for a specific DHCP client identified by client
identifier or hardware address.
IP Indicates the specific network number of the DHCP address pool.
Subnet Mask DHCP option 1.
Specifies the subnet mask of the DHCP address pool.
Lease Time DHCP option 51, 58 and 59.
Specifies the lease time that allows the client to request a lease time
for the IP address. If all are 0's, then it means the lease time is
infinite.
NS3500-24T-4C Managed Switch User Manual 61
Chapter 4: Web configuration
Specifies the vendor specific information according to the option 60
Object Description
Domain Name DHCP option 15.
Specifies a domain name that the client should use when resolving a
hostname via DNS.
Broadcast Address DHCP option 28.
Specifies the broadcast address in use on the client's subnet.
Default Router DHCP option 3.
Specifies a list of IP addresses for routers on the client's subnet.
DNS Server DHCP option 6.
Specifies a list of Domain Name System name servers available to
the client.
NTP Server DHCP option 42.
Specifies a list of IP addresses indicating NTP servers available to
the client.
NetBIOS Node Type DHCP option 46.
Specifies NetBIOS node type option to allow Netbios over TCP/IP
clients which are configurable as described in RFC 1001/1002.
NetBIOS Scope DHCP option 47.
Specifies the NetBIOS over TCP/IP scope parameter for the client as
specified in RFC 1001/1002.
NetBIOS Name Server DHCP option 44.
Specifies a list of NBNS name servers listed in order of preference.
NIS Domain Name DHCP option 40.
Specifies the name of the client's NIS domain.
NIS Server DHCP option 41.
Specifies a list of IP addresses indicating NIS servers available to the
client.
Client Identifier DHCP option 61.
Specifies the client's unique identifier to be used when the pool is the
type of host. Select the type of client identifier at first.
None: client identifier is not specified yet.
Name: the type of client identifier is other than hardware.
MAC: the type of client identifier is MAC address.
Hardware Address Specifies the client's hardware (MAC) address to be used when the
pool is the type of host.
Client Name DHCP option 12.
Specifies the name of client to be used when the pool is the type of
host.
Vendor 1 Class Identifier DHCP option 60.
Specifies the identifier to be used by the DHCP client to optionally
identify the vendor type and configuration of a DHCP client. The
DHCP server delivers the corresponding option 43 specific
information to the client that sends an option 60 vendor class
identifier.
Vendor 1 Specific
DHCP option 43.
Information
62 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
vendor class identifier.
Object Description
Vendor 2 Class identifier DHCP option 60.
Specifies the identifier to be used by the DHCP client to optionally
identify the vendor type and configuration of a DHCP client. The
DHCP server delivers the corresponding option 43 specific
information to the client that sends the option 60 vendor class
identifier.
Vendor 2 Specific
Information
Vendor 3 Class Identifier DHCP option 60.
Vendor 3 Specific
Information
Vendor 4 Class Identifier DHCP option 60.
Vendor 4 Specific
Information
DHCP option 43.
Specifies vendor specific information according to the opti on 60
vendor class identifier.
Specifies the identifier to be used by the DHCP client to optionally
identify the vendor type and configuration of a DHCP client. The
DHCP server delivers the corresponding option 43 specific
information to the client that sends the option 60 vendor class
identifier.
DHCP option 43.
Specifies vendor specific information according to the opti on 60
vendor class identifier.
Specifies the identifier to be used by the DHCP client to optionally
identify the vendor type and configuration of a DHCP client. The
DHCP server delivers the corresponding option 43 specific
information to the client that sends the option 60 vendor class
identifier.
DHCP option 43.
Specify vendor specific information according to the option 60 vendor
class identifier.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
Statistics
The DHCP Server Statistics page displays the database counters and the number of
DHCP messages sent and received by the DHCP server.
NS3500-24T-4C Managed Switch User Manual 63
Chapter 4: Web configuration
The page includes the following fields:
Database counters
Displays the counters of various databases.
Object Description
Automatic Binding Number of bindings with network-type pools.
Manual Binding Number of bindings that the administrator assigns an IP address to a
client (host pool type).
Expired Binding Number of bindings in which the lease time expired or they are
cleared from Automatic/Manual type bindings.
Binding counters
Displays the counters of various bindings.
Object Description
Automatic Binding Number of bindings with network-type pools.
Manual Binding Number of bindings that the administrator assigns an IP address to a
client (host pool type).
Expired Binding Number of bindings in which the lease time expired or they are
cleared from Automatic/Manual type bindings.
64 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
DHCP message received counters
Displays the counters of DHCP messages received by the DHCP server.
Object Description
Discover Number of DHCP DISCOVER messages received.
Request Number of DHCP REQUEST messages received.
Decline Number of DHCP DECLINE messages received.
Release Number of DHCP RELEASE messages received.
Inform Number of DHCP INFORM messages received.
DHCP message sent counters
Displays the counters of DHCP messages sent by the DHCP server.
Object Description
Offer Number of DHCP OFFER messages sent.
Ack Number of DHCP ACK messages sent.
Nak Number of DHCP NAK messages sent.
Buttons
• Select the Auto-refresh check box to refresh the page automati c all y. Autom ati c
refresh occurs every three seconds.
• Click Refresh to refresh the page immediately.
• Click Clear to clear DHCP message received and sent counters.
Binding
The DHCP Server Binding IP page displays bindings generated for D H CP client s.
The page includes the following fields:
Binding IP address
Displays all bindings.
NS3500-24T-4C Managed Switch User Manual 65
Chapter 4: Web configuration
Object Description
IP IP address allocated to the DHCP client.
Type Type of binding. Possible types are Automatic, Manual, Expired.
State State of binding. Possible states are Committed, Allocated, Expired.
Pool Name The pool that generates the binding.
Server ID Server IP address that services the binding.
Buttons
• Select the Auto-refresh check box to refres h the page automatically. Aut om ati c
refresh occurs every three seconds.
• Click Refresh to refresh the page immediately.
• Click Clear Selected to clear the selected bindings. If the selected binding is
Automatic or Manual, then it is changed to Expired. If the selected binding is
Expired, then it is freed.
• Click Clear Automatic to clear all automatic bindings and change them to Expired
bindings.
• Click Clear Manual to clear all manual bindings and change them to Expired
bindings.
• Click Clear Expired to clear all expired bindings and free them.
Declined IP
The DHCP Server Declined IP page displays declined IP addresses.
The page includes the following fields:
Declined IP address
Displays IP addresses declined by DHCP clients.
Object Description
Declined IP List of IP addresses declined.
66 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
Buttons
• Select the Auto-refresh check box to refres h the page automatically. Aut om ati c
refresh occurs every three seconds.
• Click Refresh to refresh the page immediately.
Detailed statistics
The DHCP Detailed Statistics page provides statistics for DHCP snooping. Note that
the normal forward per-port TX statistics are not increased if the incoming DHCP
packet is done by a L3 forwarding mechanism. Clearing the statistics on a specific port
may not affect global statistics since it gathers a different layer overview.
The page includes the following fields:
Object Description
RX and TX Discover The number of discover (option 53 with value 1) packets received and
transmitted.
RX and TX Offer The number of offer (option 53 with value 2) packets received and
transmitted.
RX and TX request The number of request (option 53 with value 3) packets received and
transmitted.
RX and TX Decline The number of decline (option 53 with value 4) packets received and
transmitted.
RX and TX ACK The number of ACK (option 53 with value 5) packets received and
transmitted.
RX amd TX NAK The number of NAK (option 53 with value 6) packets received and
transmitted.
RX and TX Release The number of release (option 53 with value 7) packets received and
transmitted.
RX and TX Inform The number of inform (option 53 with value 8) packets received and
transmitted.
NS3500-24T-4C Managed Switch User Manual 67
Chapter 4: Web configuration
Object Description
RX and TX Lease Query The number of lease query (option 53 with value 10) packets
received and transmitted.
RX and TX Lease
Unassigned
RX and TX Lease Unknown The number of lease unknown (option 53 with value 12) packets
RX and TX lease Active The number of lease active (option 53 with value 13) packets
RX Discarded Checksum
Error
RX Discarded from
Untrused
The number of lease unassigned (option 53 with value 11) packets
received and transmitted.
received and transmitted.
received and transmitted.
The number of discarded packets where IP/UDP checksum is in
error.
The number of discarded packets that are coming from an untrusted
port.
Buttons
• Select the Auto-refresh check box to refres h the page automatically. Aut om ati c
refresh occurs every three seconds.
• Click Refresh to refresh the page immediately.
• Click Clear to clear the counters for the selected port.
UDLD
The UDLD Port Configuration page permits the user to inspect and change the current
Unidirectional Link Detection (UDLD) configurations.
68 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Port Port number of the switch.
UDLD Mode Configures the UDLD mode on a port. Selections inlcude Disable,
Normal and Aggressive. Default mode is Disable.
Disable – In disabled mode, UDLD functionality doesn't exist on the
port.
Normal – In normal mode, if the link state of the port was determined
to be unidirectional, it will not affect the port state.
Aggressive – In aggressive mode, unidirectional detected ports will
get shut down. To bring back the ports up, disable UDLD on the
ports.
Message Interval Configures the period of time between UDLD probe messages on
ports that are in the advertisement phase and are determined to be
bidirectional. The range is from 7 to 90 seconds (default value is 7
seconds). Currently, the default time interval is supported due to lack
of detailed information in RFC 5171.
Buttons
• Click Save to save changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
UDLD status
The Detailed UDLD Status/Neighbor Status page displays the UDLD status of the
ports.
NS3500-24T-4C Managed Switch User Manual 69
Chapter 4: Web configuration
UDLD port status
The page includes the following fields:
Object Description
UDLD Admin State The current port state of the logical port, Enabled if any of
state(Normal,Aggressive) is Enabled.
Device ID (Local) The ID of Device.
Device Name (Local) Name of the Device.
Bidirectional State The current state of the port.
Neighbor status
The page includes the following fields:
Object Description
Port The current port of the neighbor device.
Device ID The current ID of the neighbor device.
Link Status The current link status of the neighbor port.
Device Name Name of the neighbor device.
Buttons
• Select the Auto-refresh check box to refres h the page automatically. Aut om ati c
refresh occurs every three seconds.
• Click Refresh to refresh the page immediately.
Simple Network Management Protocol (SNMP)
SNMP overview
The Simple Network Management Protocol (SNMP) is an application layer protocol that
facilitates the exchange of management information between network devices. It is part
of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP
permits network administrators to manage network performance, find and solve network
problems, and plan for netw or k gr ow th.
An SNMP-managed network consists of the following:
• Network management stations (NMSs): Sometimes called consoles, these
devices execute management applications that monitor and control network
elements. Physically, NMSs are usually engineering workstation-caliber computers
with fast CPUs, megapixel color displays, substantial memory, and abundant disk
space. At least one NMS must be present in each managed environment.
70 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
• Agents: Agents are software modules that reside in network elements. They collect
and store management information such as the number of error packets received by
a network element.
• Management information base (MIB): An MIB is a collection of managed objects
residing in a virtual information store. Collections of related managed objects are
defined in specific MIB modules.
• Network-management protocol: A management protocol is used to convey
management information between agents and NMSs. SNMP is the Internet
community's de facto stand ar d man ag em ent protocol.
SNMP operations
SNMP itself is a simple request/response protocol. NMSs can send multiple requests
without receiving a response.
• Get – Allows the NMS to retrieve an object instance from the agent.
• Set – Allows the NMS to set values for object instances within an agent.
• Trap – Used by the agent to asynchronously inform the NMS of some event. The
SNMPv2 trap message is designed to replace the SNMPv1 trap message.
SNMP community
An SNMP community is the group that devices and management stations running
SNMP belong to. It helps define where information is sent. The community name is
used to identify the group. An SNMP device or agent may belong to more than one
SNMP community. It will not respond to requests from management stations that do not
belong to one of its communities. SNMP default communities are:
• Write (private)
• Read (public)
Use the SNMP Menu to display or configure the managed switch's SNMP function. This
section has the following items:
System Configuration Configure SNMP on this page.
Trap Destination
Configuration
NS3500-24T-4C Managed Switch User Manual 71
Configure SNMP trap on this page.
Chapter 4: Web configuration
Trap Source Configuration Configure SNMP trap source on this page.
System Information The system information is provided here.
SNMPv3 Communities Configure SNMPv3 communities table on this page.
SNMPv3 Users Configure SNMPv3 users table on this page.
SNMPv3 Groups
SNMPv3 Views Configure SNMPv3 views table on this page.
SNMPv3 Access Configure SNMPv3 accesses table on this page.
Configure SNMPv3 groups table on this page.
SNMP System Configuration
Configure SNMP on the SNMP System Configuration page.
The page includes the following fields:
Object Description
Mode Indicates the SNMP mode operation. Selections include:
Enabled: Enable SNMP mode operatio n.
Disabled: Disable SNMP mode operation.
Engine ID Indicates the SNMPv3 engine ID. The string must contain an even
number between 10 and 64 hexadecimal digits, but all-zeros and all'F's are not allowed. Change of the Engine ID will clear all original
local users.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
72 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
SNMP trap configuration
Configure the SNMP trap on the SNMP Trap Configuration page.
The page includes the following fields:
Object Description
Trap Config Indicates the trap configuration name. The allowed string length is 0
to 255, and the allowed content is ASCII characters from 33 to 126.
Trap Mode Indicates the SNMP trap mode operation. Selections include:
Enabled: Enable SNMP trap mode operation.
Disabled: Disable SNMP trap mode operation.
Trap Version Indicates the SNMP trap supported version. Selections include:
SNMP v1: Set SNMP trap supported version 1.
SNMP v2c: Set SNMP trap supported version 2c.
SNMP v3: Set SNMP trap supported version 3.
Write Community Indicates the community write access string to permit access to the
SNMP agent. The allowed string length is 0 to 255, and the allowed
content is the ASCII characters from 33 to 126.
The field is applicable only when the SNMP version is SNMPv1 or
SNMPv2c. If the SNMP version is SNMPv3, the com munity string will
be associated with the SNMPv3 communities table. It provides more
flexibility to configure a security name than a SNMPv1 or SNMPv2c
community string. In addition to the community string, a particular
range of source addresses can be used to restrict the source subnet.
Trap Community Indicates the community access string when sending the SNMP trap
packet. The allowed string length is 0 to 255, and the allowed content
is the ASCII characters from 33 to 126.
NS3500-24T-4C Managed Switch User Manual 73
Chapter 4: Web configuration
Object Description
Trap Destination Address Indicates the SNMP trap destination address. It allows a valid IP
address in dotted decimal notation ('x.y.z.w') as well a s a valid
hostname. A valid hostname is a string drawn from the alphabet (AZa-z), digits (0-9), dot (.), dash (-). Spaces are not allowed, the first
character must be an alpha character, and the first and last
characters must not be a dot or a dash.
Indicates the SNMP trap destination IPv6 address. IPv6 address is in
128-bit records represented as eight fields of up to four hexadecimal
digits with a colon separating each field (:). For example,
'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can
be used as a shorthand way of representing multiple 16-bit gr oups of
contiguous zeros; but it can appear only once. It can also represent a
legally valid IPv4 address. For example, '::192.1.2.34'.
Trap Destination Port Indicates the SNMP trap destination port. The SNMP a gent sends an
SNMP message via this port. The port range is 1~65535.
Trap Inform Mode Indicates the SNMP trap inform mode operation. Selections inc lude:
Enabled: Enable SNMP trap authentication failure.
Disabled: Disable SNMP trap authentication failure.
Trap Inform Timeout
(seconds)
Trap Inform Retry Times Indicates the SNMP trap inform retry times. The allowed range is 0 to
Trap Probe Security Engine
ID
Trap Security Engine ID Indicates the SNMP trap security engine ID. SNMPv3 sends traps
Trap Security Name Indicates the SNMP trap security name. SNMPv3 traps and informs
Indicates the SNMP trap inform timeout. The allowed range is 0 to
2147.
255.
Indicates the SNMPv3 trap probe security engine ID mode of
operation. Selections include:
Enabled: Enable SNMP trap probe security engine ID mode of
operation.
Disabled: Disable SNMP trap probe security engine ID mode of
operation.
and informs using USM for authentication and privacy. A unique
engine ID for these traps and informs is needed. When Trap Probe
Security Engine ID is enabled, the ID will be probed automaticall y.
Otherwise, the ID specified in this field is used. The string must
contain an even number (in hexadecimal format) with number of
digits between 10 and 64, but all zeros and all-'F's are not allowed.
using USM for authentication and privacy. A unique security name is
needed when traps and informs are enabled.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
SNMP system information
The switch system information is provided in the System Information Configuration
page.
74 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
System Contact The textual identification of the contact person for this managed node
and information on how to contact this person. The allowed string
length is 0 to 255, and the allowed content is the ASCII characters
from 32 to 126.
System Name An administratively assigned name for this managed n ode. By
convention, this is the node's fully-qualified domain name. A domain
name is a text string drawn from the alphabet (A-Za-z), digits (0-9),
minus sign (-). No space characters are permitted as part of a name.
The first character must be an alpha character. And the first or last
character must not be a minus sign. The allowed string length is 0 to
255.
System Location The physical location of this node (e.g., telephone closet, 3rd floor).
The allowed string length is 0 to 255, and the allowed content is the
ASCII characters from 32 to 126.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
Trap source configuration
Configure SNMP trap source configuration on the Trap Configuration page. You don’t
need to configure the subset OID if you want to apply this trap to the whole SNMP OID.
For example, if you want to apply a trap for any port “link down” or “link up,” then
configure them like as in the screen below. If you want to apply link up or link down to
one of ports, input the SNMP OID to the subset OID column. For example, if you want
apply a link down trap to port1, input “10000001” in the linkDown entry.
NS3500-24T-4C Managed Switch User Manual 75
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Delete Select the check box to delete the entry. It will be deleted during the
next save.
Name Indicates the name for the entry.
Type The filter type for the entry. Selections include:
included: An optional flag to indicate a trap is sent for the given trap
source is matched.
excluded: An optional flag to indicate a trap is not sent for the given
trap source is matched.
Subset OID The subset OID for the entry. The value depends on the trap name
type. For example, the ifIdex is the subset OID of linkUp and
linkDown. A valid subset OID is one or more digital numbers (0-
4294967295) or asterisk(*) which are separated by dots(.). The first
character must not begin with an asterisk (*) and the maximum of
OID count must not exceed 128.
Buttons
• Click Add New Entry to add a new community entry.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
76 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
SNMPv3 configuration
SNMPv3 communities
Configure SNMPv3 communities in the SNMPv3 Community Configuration page. The
entry index key is Community.
The page includes the following fields:
Object Description
Delete Select the check box to delete the entry. It will be deleted during the
next save.
Community Name Indicates the security name to map the community to the SNMP
Groups configuration. The allowed string length is 1 to 32, and the
allowed content is ASCII characters from 33 to 126.
Community Secret Indicates the community secret (access string) to permit access using
SNMPv1 and SNMPv2c to the SNMP agent. The allowed string
length is 1 to 32, and the allowed content is ASCII characters from 33
to 126.
Source IP Indicates the SNMP access source address. A particular range of
source addresses can be used to restrict the source subnet when
combined with the source mask.
Source Mask Indicates the SNMP access source address mask.
Buttons
• Click Add New Entry to add a new community entry.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
SNMPv3 users
Configure SNMPv3 users on the SNMPv3 User Configuration page. The entry index
keys are Engine ID and User Name.
NS3500-24T-4C Managed Switch User Manual 77
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Delete Select Delete to delete the entry. It will be deleted during the next
save.
Engine ID An octet string identifying the engine ID that this entry should belong
to. The string must contain an even number (in hexadecimal format)
with a number of digits between 10 and 64, but all zeros and all 'F's
are not allowed. The SNMPv3 architecture uses the User-based
Security Model (USM) for message security and the View-based
Access Control Model (VACM) for access control. For the USM entry,
the usmUserEngineID and usmUserName are the entry's keys.
In a simple agent, usmUserEngineID is always the same as the
snmpEngineID value. The value can also take the value of the
snmpEngineID of a remote SNMP engine with which this user can
communicate. In other words, if user engine ID equal system engine
ID then it is local user, otherwise it is a remote user.
User Name A string identifying the user name that this entry should belong to.
The allowed string length is 1 to 32, and the allowed content is ASCII
characters from 33 to 126.
Security Level Indicates the security model that this entry should belong to.
Selections include:
NoAuth, NoPriv: None authentication and none privac y.
Auth, NoPriv: Auth ent ic ati on and none privacy.
Auth, Priv: Authent icati on and pr ivacy.
The value of the security level cannot be modified if the entry already
exists. Ensure that the value is set correctly.
Authentication Protocol Indicates the authentication protocol that this entry should belong to.
Selections include:
None: None authentication protocol.
MD5: An optional flag to indicate that this user using MD5
authentication protocol.
SHA: An optional flag to indicate that this user using SHA
authentication protocol.
The value of security level cannot be modified if the entry already
exists. Ensure that the value is set correctly.
Authentication Password A string identifying the authentication pass phrase. For MD5
authentication protocol, the allowed string length is 8 to 32. For SHA
authentication protocol, the allowed string length is 8 to 40. The
allowed content is the ASCII characters from 33 to 126.
Privacy Protocol Indicates the privacy protocol that this entry should belong to.
Selections include:
None: None privacy protocol.
78 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
DES: An optional flag to indicate that this user using DES
Object Description
authentication protocol.
AES: An optional flag to indicate that this user uses AES
authentication protocol.
Privacy Password A string identifying the privacy pass phrase. The allowed string length
is 8 to 32, and the allowed content is the ASCII characters from 33 to
126.
Buttons
• Click Add New Entry to add a new user entry.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
SNMPv3 groups
Configure SNMPv3 groups on the SMNPv3 Group Configuration page. The entry index
keys are Security Model and Security Name.
NS3500-24T-4C Managed Switch User Manual 79
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Delete Select Delete to delete the entry. It will be deleted during the next
save.
Security Model Indicates the security model that this entry should belong to.
Selections include:
v1: Reserved for SNMPv1.
v2c: Reserved for SNMPv2c.
usm: User-based Security Model (USM).
Security Name A string identifying the security name that this entry should belong to.
The allowed string length is 1 to 32, and the allowed content is the
ASCII characters from 33 to 126.
Group Name A string identifying the group name that this entry should belong to.
The allowed string length is 1 to 32, and the allowed content is the
ASCII characters from 33 to 126.
Buttons
• Click Add New Entry to add a new group entry.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
SNMPv3 views
Configure SNMPv3 views table in the SNMPv3 View Configuration page. The entry
index keys are View Name and OID Subtree.
The page includes the following fields:
Object Description
Delete Select Delete to delete the entry. It will be deleted during the next
save.
View Name A string identifies the view name that this entry should belong to. The
allowed string length is 1 to 32, and the allowed content is the ASCII
characters from 33 to 126.
View Type Indicates the view type that this entry should belong to. Selections
include:
included: An optional flag to indicate that this view subtree should be
included.
80 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
excluded: An optional flag to indicate that this view subtree should
Object Description
be excluded.
In general, if a view entry's view type is excluded, it should exist in
another view entry in which the view type is included and it's OID
subtree overrides the excluded view entry.
OID Subtree The OID defining the root of the subtree to add to the named view.
The allowed OID length is 1 to 128. The allowed string content is
digital number or asterisk (*).
Buttons
• Click Add New Entry to add a new view entry.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
SNMPv3 access
Configure SNMPv3 access on the SNMPv3 Access Configuration page. The entry
index keys are Group Name, Security Model, and Security Level.
The page includes the following fields:
Object Description
Delete Select Delete to delete the entry. It will be deleted during the next
save.
Group Name A string identifies the group name that this entry should belong to.
The allowed string length is 1 to 32, and the allowed content is the
ASCII characters from 33 to 126.
Security Model Indicates the security model that this entry should belong to.
Selections include:
any: Accepted any security model (v1, v2c, usm).
v1: Reserved for SNMPv1.
v2c: Reserved for SNMPv2c.
usm: User-based Security Model (USM)
Security Level Indicates the security model that this entry should belong to.
Selections include:
NoAuth, NoPriv: None authentication and none privac y.
Auth, NoPriv: Authentication and none privacy.
Auth, Priv: Authentic ation and pr ivacy.
NS3500-24T-4C Managed Switch User Manual 81
Chapter 4: Web configuration
Object Description
Read View Name The name of the MIB view defining the MIB objects for which this
request may request the current values. The allowed string lengt h is 1
to 32, and the allowed content is the ASCII characters from 33 to 126.
Write View Name The name of the MIB view defining the MIB objects for which this
request may potentially SET new values. The allowed string length is
1 to 32, and the allowed content is the ASCII characters from 33 to
126.
Buttons
• Click Add New Entry to add a new access entry.
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
Port management
Use the Port menu to display or configure the managed switch ports. This section has
the following items:
Port Configuration Configures port con nec ti on set tings
Port Statistics Overview Lists Ethernet and RMON port statistics
Port Statistics Detail Lists Ethernet and RMON port statistics
SFP Module Information Displays SFP information
Port Mirror Sets the source and target ports for mirroring
Port configuration
Ports can be configured on the Port Configuration page.
82 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Port This is the logical port number for this row.
Port Description Indicates the per port description.
Link The current link state is displayed graphically. Green indicates the
link is up and red is down.
Current Link Speed Provides the current link speed of the port.
Configured Link Speed Select any available link speed for the given switch port. Draw the
menu bar to select the mode.
Auto: Setup Auto negotiation for copper interface.
10Mbps HDX: Force sets 10Mbps/Half-Duplex mode.
10Mbps FDX: Force sets 10Mbps/Full-Duplex mode.
100Mbps HDX: Force sets 100Mbps/Half-Duplex mode.
100Mbps FDX: Force sets 100Mbps/Full-Duplex mode.
1Gbps FDX: Force sets 10000Mbps/Full-Duplex mode.
Disable: Shutdown the port manually.
Flow Control When Auto Speed is selected on a port, this section indicates the
flow control capability that is advertised to the link partner. When a
fixed-speed setting is selected, that is what is used. The Current Rx
column indicates if pause frames on the port are obeyed, and the
Current Tx column indicates whether pause frames on the port are
transmitted. The Rx and Tx settings are determined by the result of
the last Auto-Negotiation.
Check the configured column to use flow control. This setting is
related to the setting for Configured Link Speed.
Maximum Frame Size Enter the maximum frame size allowed for the switch port, including
FCS. The allowed range is 1518 bytes to 9600 bytes.
NS3500-24T-4C Managed Switch User Manual 83
Chapter 4: Web configuration
Object Description
Excessive Collision Mode Configure port transmit collision behavior.
Discard: Discard frame after 16 collisions (default).
Restart: Restart back off algorithm after 16 collisions.
Note: If setting each port to run at 100M full-, 100M half-, 10M full-, and 10M half-speed
modes, the auto-MDIX function will be disabled.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
• Click Refresh to refresh the page and undo all local changes.
Port statistics overview
The Port Statistics Overview page provides an overview of general traffic statistics for
all switch ports.
84 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The displayed counters are:
Object Description
Port The logical port for the settings contained in the same row.
Packets The number of received and transmitted packets per port.
Bytes The number of received and transmitted bytes per port.
Errors The number of frames received in error and the number of incomplete
transmissions per port.
Drops The number of frames discarded due to ingress or egress congestion.
Filtered The number of received frames filtered by the forwarding process.
Buttons
• Click Download to download the Port Statistics Overview result as an Excel file.
• Click Refresh to refresh the page immediately.
• Click Clear to clear the counters for all ports.
• Click Print to print the Port Statistics Overview result.
• Select the Auto-refresh check box to enable an automatic refresh of the page at
regular intervals.
Port statistics detail
The Port Statistics Detail page provides detailed traffic statistics for a specific switch
port. Use the port select box to select which switch port details to display. The selected
port belongs to the current unit, as reflected by the page header. The displayed
counters are the totals for receive and transmit, the size counters for receive and
transmit, and the error counters for receive and transmit.
NS3500-24T-4C Managed Switch User Manual 85
Chapter 4: Web configuration
The page includes the following fields:
Receive total and transmit total
Object Description
Rx and Tx Packets The number of received and transmitted (good and bad) packets
Rx and Tx Octets The number of received and transmitted (good and bad) bytes,
including FCS, but excluding framing bits.
Rx and Tx Unicast The number of received and transmitted (good and bad) unicast
packets.
Rx and Tx Multicast The number of received and transmitted (good and bad) multicast
packets.
Rx and Tx Broadcast The number of received and transmitted (good and bad) broadcast
packets.
Rx and Tx Pause A count of the MAC Control frames received or transmitted on this
port that has an opcode indicating a PAUSE operation.
Receive and transmit size counters
The number of received and transmitted (good and bad) packets split into categories
based on their respective frame sizes.
Receive and transmit queue counters
The number of received and transmitted packets per input and output queue.
86 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
Receive error counters
Object Description
Rx Drops The number of frames dropped due to lack of receive buffers or
egress congestion.
Rx CRC/Alignment The number of frames received with CRC or alignm ent errors .
Rx Undersize The number of short 1 frames received with valid CRC.
Rx Oversize The number of long 2 frames received with valid CRC.
Rx Fragments The number of short 1 frames received with invalid CRC.
Rx Jabber The number of long 2 frames received with invalid CRC.
Rx Filtered The number of received frames filtered by the forwarding process.
1
Short frames are frames that are smaller than 64 bytes.
2
Long frames are frames that are longer than the configured maximum frame length for this port.
Transmit error counters
Object Description
Tx Drops The number of frames dropped due to output buffer congestion.
Tx Late/Exc. Coll. The number of frames dropped due to excessive or late collisions.
Buttons
• Click Refresh to refresh the page immediately.
• Click Clear to clear the counters for all ports.
• Select the Auto-refresh check box to enable an automatic refresh of the page at
regular intervals.
SFP module information
The managed switch supports SFP modules with the digital diagnostics monitoring
(DDM) function, which is also known as digital optical monitoring (DOM). You can
check the physical or operational status of an SFP module via the SFP Module
Information page. This page shows the operational status such as the transceiver type,
speed, wavelength, optical output power, optical input power, temperature, laser bias
current, and transceiver supply voltage in real time. You can also use the port number
hyperlinks to check the statistics on a specific interface.
NS3500-24T-4C Managed Switch User Manual 87
Chapter 4: Web configuration
• 100Base-FX
The page includes the following fields:
Object Description
Type Displays the type of current SFP module. The possible types are:
• 1000Base-SX
• 1000Base-LX
Speed Displays the speed of the current SFP module. Different vendors’
SFP modules might show different speed information.
Wave Length(nm) Displays the wavelength of current SFP module. Use this column to
check if the wavelength values of two nodes are matched when the
fiber connection fails.
Distance(m) Displays the supported distance of the current SFP module.
Temperature(C)
– SFP DDM Module Only
Voltage(V)
– SFP DDM Module Only
Current(mA)
– SFP DDM Module Only
TX power(dBm)
– SFP DDM Module Only
RX power(dBm)
– SFP DDM Module Only
Displays the temperature of the current SFP DDM module.
Displays the voltage of the current SFP DDM module.
Displays the Ampere of the current SFP DDM module.
Displays the TX power of the current SFP DDM module.
Displays the RX power of the current SFP DDM module.
Buttons
• Select the SFP Monitor Event Alert check box. The switch will be in accordance
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
88 NS3500-24T-4C Managed Switch User Manual
with the Warning Temperature setting and allows users to record message out via
SNMP Trap.
values.
Chapter 4: Web configuration
• Click Refresh to refresh the page immediately.
• Select the Auto-refresh check box to enable an automatic refresh of the page at
regular intervals.
Port mirror
Configure port mirroring on the Mirror & RMirror Configuration Table page. This function
provides the monitoring of network traffic that forwards a copy of each incoming or
outgoing packet from one port of a network switch to another port where the packet can
be studied. It enables the manager to keep close track of switch performance and alter
it if necessary.
• To debug network problems, selected traffic can be copied, or mirrored, to a mirror
port where a frame analyzer can be attached to analyze the frame flow.
• The managed switch can unobtrusively mirror traffic from any port to a monitor port.
You can then attach a protocol analyzer or RMON probe to this port to perform
traffic analysis and verify connection integrity.
The traffic to be copied to the mirror port is selected as follows:
• All frames received on a given port (also known as ingress or source mirroring).
• All frames transmitted on a given port (also known as egress or destination
mirroring).
NS3500-24T-4C Managed Switch User Manual 89
Chapter 4: Web configuration
Mirror port configuration
The page includes the following fields:
Object Description
Session ID Select a Session ID hyperlink to configure it.
Mode Enable/Disable the mirror or remote mirroring function.
Type Select the switch type.
VLAN ID The VLAN ID indicates where the monitor packet will copy to. The
default VLAN ID is 200.
Reflector Port The reflector port is a method to redirect the traffic to Remote
Mirroring VLAN. Any device connected to a port set as a reflector port
loses connectivity until the remote mirroring is disabled.
In the stacking mode, you need to select the switch ID to select the
correct device.
If you shut down a port, it cannot be a candidate for a reflector port.
If you shut down the port which is a reflector port, the remote mirror
function will not work.
Note1: The reflector port needs to select o nly on Source switch
type.
Note2: The reflector port needs to disable MAC Table learning
and STP.
Note3: The reflector port only supports on pure copper ports.
Note: For a given port, a frame is only transmitted once. It is therefore not possible to
mirror Tx frames on the mirror port. Because of this, the mode for the selected mirror
port is limited to Disabled or Rx only.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
90 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
Link aggregation
Port Aggregation optimizes port usage by linking a group of ports together to form a
single Link Aggregated Group (LAG). Port aggregation multiplies the bandwidth
between the devices, increases port flexibility, and provides link redundancy.
Each LAG is composed of ports of the same speed, set to full-duplex operations. Ports
in a LAG can be of different media types (UTP/Fiber, or different fiber types), provided
they operate at the same speed.
Aggregated links can be assigned manually (Port Trunk) or automatically by enabling
Link Aggregation Control Protocol (LACP) on the relevant links.
Aggregated links are treated by the system as a single logical port. Specifically, the
aggregated link has similar port attributes to a non-aggregated port, including autonegotiation, speed, duplex setting, etc.
The managed switch supports the following aggregation links :
• Static LAGs (Port Trunk) – Force aggregated selected ports to be a trunk group.
• Link Aggregation Control Protocol (LACP) LAGs – LACP LAGs negotiate
aggregated port links with other LACP ports located on a different device. If the
other device ports are also LACP ports, the devices establish a LAG between them.
The Link Aggregation Control Protocol (LACP) provides a standardized means for
exchanging information between partner systems that require high speed redundant
links. Link aggregation permits grouping up to eight consecutive ports into a single
NS3500-24T-4C Managed Switch User Manual 91
Chapter 4: Web configuration
dedicated connection. This feature can expand bandwidth to a device on the network.
LACP operation requires full-duplex mode (refer to the IEEE 802.3ad standard for
further details).
Port link aggregations can be used to increase the bandwidth of a network connection
or to ensure fault recovery. Link aggregation permits grouping up to four consecutive
ports into a single dedicated connection between any two managed switches or other
Layer 2 switches. However, before making any physical connections between devices,
use the link aggregation configuration menu to specify the link aggregation on the
devices at both ends. When using a port link aggregation, note that:
• The ports used in a link aggregation must all be of the same media type (RJ45, 100
Mbps fiber).
• The ports that can be assigned to the same link aggregation have certain other
restrictions (see below).
• Ports can only be assigned to one link aggregation.
• The ports at both ends of a connection must be configured as link aggregation
ports.
• None of the ports in a link aggregation can be configured as a mirror source port
or a mirror target port.
• All of the ports in a link aggregation have to be treated as a whole when moved
from/to, added or delet ed fro m a VLAN.
• The Spanning Tree Protocol will treat all the ports in a link aggregation as a
whole.
• Enable the link aggregation prior to connecting any cable between the switches
to avoid creating a data loop.
• Disconnect all link aggregation port cables or disable the link aggregation ports
before removing a port link aggregation to avoid creating a data loop.
It allows a maximum of 10 ports to be aggregated at the same time. The managed
switch supports Gigabit Ethernet ports (up to five groups). If the group is defined as a
LACP static link aggregationing group, then any extra ports selected are placed in a
standby mode for redundancy if one of the other ports fails. If the group is defined as a
local static link aggregationing group, then the number of ports must be the same as
the group member ports.
The aggregation code ensures tha t fra mes be l ong i ng to the same fr a me fl ow (for
example, a TCP connection) are always forwarded on the same link aggregation
member port. Reording of frames within a flow is therefore not possible. The
aggregation code is based on the following information:
• Source MAC
• Destination MAC
• Source and destination IPv4 address.
• Source and destination TCP/UDP ports for IPv4 packets
92 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
Normally, all five contributions to the aggregation code should be enabled to obtain the
best traffic distribution among the link aggregation member ports. Each link aggregation
may consist of up to 10 member ports. Any quantity of link aggregations may be
configured for the device (they are only limited by the quantity of ports on the device).
To configure a proper traffic distribution, the ports within a link aggregation must use
the same link speed.
Static aggregation
The Aggregation Mode Configuration page is used to configure the aggregation hash
mode and the aggregation group. The aggregation hash mode settings are global,
whereas the aggregation group relate to the current device, as reflected by the page
header.
The page includes the following fields:
Object Description
Source MAC Address The Source MAC address can be used to calculate the destination
port for the frame. Select the check box to enable the use of the
Source MAC address, or uncheck it to disabl e. B y default , the Source
MAC Address is enabled.
Destination MAC Address The Destination MAC Address can be used to calculate the
destination port for the frame. Select the check box to enable the use
of the Destination MAC Address, or uncheck it to disable. By default,
the Destination MAC Address is disabled.
IP Address The IP address can be used to calculate the destination port for the
frame. Select the check box to enable the use of the IP Address, or
uncheck it to disable. By default, IP Address is enabled.
TCP/UDP Port Number The TCP/UDP port number can be used to calculate the destination
port for the frame. Select the check box to enable the use of the
TCP/UDP Port Number, or uncheck it to disable. By default, the
TCP/UDP Port Number is enabled.
NS3500-24T-4C Managed Switch User Manual 93
Chapter 4: Web configuration
Static aggregation group configuration
The page includes the following fields:
Object Description
Group ID Indicates the group ID for the settings contained in the same row.
Group ID "Normal" indicates there is no aggregation. Only one group
ID is valid per port.
Port Members Each switch port is listed for each group ID. Select a radio button to
include a port in an aggregation, or clear the radio button to remove
the port from the aggregation. By default, no ports belong to any
aggregation group.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
Static aggregation status
The Aggregation Status page shows static aggregation status.
94 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Aggr ID The aggregation ID associated with this aggregation instance.
Name Name of the aggregation group ID.
Type Type of the aggregation group (static or LACP).
Speed Speed of the aggregation group.
Configured Ports Configured member ports of the aggregation group.
Aggregated Ports Aggregated member ports of the aggregation group.
Aggr ID The aggregation ID associated with this aggregation instance.
Buttons
• Click Refresh to refresh the page immediately.
LACP configuration
LACP LAG negotiates aggregated port links with other LACP ports located on a
different device. LACP allows switches connected to each other to discover
automatically whether any ports are member of the same LAG.
This page allows the user to inspect and change the current LACP port configurations.
The LACP port settings relate to the current device, as reflected by the page header.
NS3500-24T-4C Managed Switch User Manual 95
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Port The switch port number.
LACP Enabled Controls whether or not LACP is enabled on this switch port. LACP
will form an aggregation when two or more ports are connected to the
same partner.
Key The Key value incurred by the port, range 1-65535. Se lec ting Auto
(default setting) sets the key as appropriate by the physical link
speed: 10Mb = 1, 100Mb = 2, 1Gb = 3. Using the Specific setti ng, a
user-defined value can be entered. Ports with the same key value
can participate in the same aggregation group, while ports with
different keys cannot.
Role The Role shows the LACP activity status. The Active selection
transmits LACP packets each second, while the Passive setting
waits for a LACP packet from a partner (speak if spoken to).
Timeout The Timeout controls the period between BPDU transmissions. Fast
transmits LACP packets each second, while the Slow selection
provides a wait for 30 seconds before sending a LACP packet.
Priority The Priority controls the priority of the port. If the LACP partner wants
to form a larger group than is supported by this device, then this
parameter controls which ports will be active and which ports will be
in a backup role. Lower number means greater priority.
Buttons
• Click Apply to apply changes.
• Click Reset to undo any changes made locally and revert to previously saved
values.
LACP system status
The LACP System Status page provides a status overview of all LACP instances. This
page displays the current LACP aggregation groups and LACP port status.
96 NS3500-24T-4C Managed Switch User Manual
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Aggr ID The Aggregation ID associated with this aggregation instance.
For LLAG the ID is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id'
Partner System ID The system ID (MAC address) of the aggregati on partn er .
Partner Key The key that the partner has assigned to this aggregation ID.
Partner Priority The priority of the aggregation partner.
Last changed The time since this aggregation changed.
Local Ports Shows which ports are a part of this aggregation for this switch.
The format is: "Switch ID:Port".
Buttons
• Click Refresh to to refresh the page immediately.
• Select the Auto-refresh check box to automatically refresh the page every three
seconds.
LACP port status
The LACP Status page provides a LACP status overview of all ports. This page
displays the current LACP aggregation groups and LACP port status.
NS3500-24T-4C Managed Switch User Manual 97
Chapter 4: Web configuration
The page includes the following fields:
Object Description
Port The switch port number.
LACP 'Yes' means that LACP is enabled and the port link is up. 'No' means
that LACP is not enabled or that the port link is down. 'Backup' means
that the port could not join the aggregation group but will join if other
ports leave. Until that occurs, its LACP status is disabled.
Key The key is assigned to this port. Only ports with the same key can
aggregate together.
Aggregation ID The aggregation ID assigned to this aggregation group.
Partner System ID The partner’s system ID (MAC address).
Partner Port The partner’s port number connect e d to this port.
Partner Priority The partner's port priority.
Buttons
• Click Refresh to to refresh the page immediately.
• Select the Auto-refresh check box to automatically refresh the page every three
seconds.
LACP port statistics
The LACP Statistics page provides an overview of LACP statistics for all ports.
98 NS3500-24T-4C Managed Switch User Manual
Loading...