NS4702-24P-4S-4X
User Manual
P/N 1072829 • REV 00.01 • ISS 14JUL14
Copyright © 2014 United Technologies Corporation
r
r
Interlogix is part of UTC Building & Industrial Systems,Inc. a unit of United Technologies
Corporation. All rights reserved.
Trademarks and patents The NS4702-24P-4S-4X name and logo are trademarks of United Technologies.
Other trade names used in this document may be trademarks or registered trademarks
of the manufacturers or vendors of the respective products.
Manufacture
Intended use
Certification
FCC compliance
Interlogix
3211 Progress Drive, Lincolnton, NC 28092 USA
Authorized EU manufacturing representative:
UTC Climate Controls & Security B.V., Kelvinstraat
7, 6003 DH Weert, Netherlands
Use this product only for the purpose it was designed for; refer to the data sheet and use
documentation for details. For the latest product information, contact your local supplier
or visit us online at www.interlogix.com.
N4131
This equipment has been tested and found to comply with the limits for a Class A digital
device, pursuant to part 15 of the FCC Rules. These limits are designed to provide
reasonable protection against harmful interference when the equipment is operated in a
commercial environment. This equipment generates, uses, and can radiate radio
frequency energy and, if not installed and used in accordance with the instruction
manual, may cause harmful interference to radio communications.
You are cautioned that any changes or modifications not expressly approved by the
party responsible for compliance could void the user's authority to operate the
equipment.
ACMA compliance Notice! This is a Class A product. In a domestic environment this product may cause
radio interference in which case the user may be required to take adequate measures.
Canada
European Union
directives
Contact Information For contact information, see www.interlogix.com
This Class A digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe A est conforme á la norme NMB-003du Canada.
2004/108/EC (EMC Directive): Hereby, UTC Building & Industrial Systems, Inc.
declares that this device is in compliance with the essential requirements and other
relevant provisions of Directive 2004/108/EC.
or www.utcfssecurityproducts.eu.
2
TABLE OF CONTENTS
1. INTRODUCTION..................................................................................................................10
1.1 Packet Contents .........................................................................................................................................10
1.2 Product Description...................................................................................................................................11
1.3 How to Use This Manual............................................................................................................................16
1.4 Product Features........................................................................................................................................17
1.5 Product Specifications ..............................................................................................................................20
2. INSTALLATION ...................................................................................................................24
2.1 Hardware Description................................................................................................................................24
2.1.1 Switch Front Panel ..............................................................................................................................................24
2.1.2 LED Indications ...................................................................................................................................................25
2.1.3 Switch Rear Panel ...............................................................................................................................................27
2.2 Installing the Switch...................................................................................................................................28
2.2.1 Desktop Installation .............................................................................................................................................28
2.2.2 Rack Mounting.....................................................................................................................................................29
2.2.3 Installing the SFP/SFP+ Transceiver ...................................................................................................................30
3. SWITCH MANAGEMENT.................................................................................................... 34
3.1 Requirements..............................................................................................................................................34
3.2 Management Access Overview.................................................................................................................35
3.3 Administration Console.............................................................................................................................36
3.4 Web Management.......................................................................................................................................37
3.5 SNMP-based Network Management.........................................................................................................38
4. WEB CONFIGURATION...................................................................................................... 39
4.1 Main Web Page...........................................................................................................................................42
4.2 System.........................................................................................................................................................44
4.2.1 System Information..............................................................................................................................................45
3
4.2.2 IP Configuration...................................................................................................................................................46
4.2.3 IP Status ..............................................................................................................................................................48
4.2.4 Users Configuration .............................................................................................................................................49
4.2.5 Privilege Levels ...................................................................................................................................................52
4.2.6 NTP Configuration ...............................................................................................................................................54
4.2.7 Time Configuration ..............................................................................................................................................55
4.2.8 UPnP ...................................................................................................................................................................57
4.2.9 DHCP Relay ........................................................................................................................................................59
4.2.10 DHCP Relay Statistics .......................................................................................................................................61
4.2.11 CPU Load ..........................................................................................................................................................63
4.2.12 System Log........................................................................................................................................................64
4.2.13 Detailed Log ......................................................................................................................................................66
4.2.14 Remote Syslog ..................................................................................................................................................67
4.2.15 SMTP Configuration ..........................................................................................................................................68
4.2.16 Web Firmware Upgrade.....................................................................................................................................69
4.2.17 TFTP Firmware Upgrade ...................................................................................................................................70
4.2.17 Save Startup Config...........................................................................................................................................71
4.2.18 Configuration Download ....................................................................................................................................71
4.2.20 Configuration Upload.........................................................................................................................................72
4.2.21 Configuration Activate........................................................................................................................................73
4.2.22 Configuration Delete..........................................................................................................................................73
4.2.23 Image Select......................................................................................................................................................74
4.2.24 Factory Default ..................................................................................................................................................75
4.2.25 System Reboot ..................................................................................................................................................76
4.3 Simple Network Management Protocol....................................................................................................77
4.3.1 SNMP Overview ..................................................................................................................................................77
4.3.2 SNMP System Configuration ...............................................................................................................................79
4.3.3 SNMP Trap Configuration....................................................................................................................................81
4.3.4 SNMP System Information ..................................................................................................................................84
4.3.5 SNMPv3 Configuration ........................................................................................................................................85
4.3.5.1 SNMPv3 Communities ..............................................................................................................................85
4.3.5.2 SNMPv3 Users..........................................................................................................................................86
4.3.5.3 SNMPv3 Groups........................................................................................................................................88
4.3.5.4 SNMPv3 Views..........................................................................................................................................89
4.3.5.5 SNMPv3 Access........................................................................................................................................90
4.4 Port Management .......................................................................................................................................92
4
4.4.1 Port Configuration................................................................................................................................................92
4.4.2 Port Statistics Overview.......................................................................................................................................94
4.4.3 Port Statistics Detail.............................................................................................................................................95
4.4.4 SFP Module Information ......................................................................................................................................98
4.4.5 Port Mirror..........................................................................................................................................................100
4.5 Link Aggregation......................................................................................................................................102
4.5.1 Static Aggregation..............................................................................................................................................105
4.5.2 LACP Configuration...........................................................................................................................................107
4.5.3 LACP System Status .........................................................................................................................................109
4.5.4 LACP Port Status............................................................................................................................................... 110
4.5.5 LACP Port Statistics........................................................................................................................................... 111
4.6 VLAN..........................................................................................................................................................113
4.6.1 VLAN Overview ................................................................................................................................................. 113
4.6.2 IEEE 802.1Q VLAN ........................................................................................................................................... 11 4
4.6.3 VLAN Port Configuration ...................................................................................................................................11 7
4.6.4 VLAN Membership Status..................................................................................................................................123
4.6.7 VLAN Port Status...............................................................................................................................................126
4.6.8 Port Isolation......................................................................................................................................................128
4.6.10 VLAN setting example: ....................................................................................................................................130
4.6.10.1 Two Separate 802.1Q VLANs................................................................................................................130
4.6.10.2 VLAN Trunking between two 802.1Q aware switches ...........................................................................133
4.6.10.3 Port Isolate ............................................................................................................................................135
4.6.11 MAC-based VLAN............................................................................................................................................137
4.6.12 MAC-based VLAN Status ................................................................................................................................138
4.6.13 Protocol-based VLAN ......................................................................................................................................139
4.6.14 Protocol-based VLAN Membership .................................................................................................................141
4.7 Spanning Tree Protocol...........................................................................................................................143
4.7.1 Theory ...............................................................................................................................................................143
4.7.2 STP System Configuration ................................................................................................................................149
4.7.3 Bridge Status .....................................................................................................................................................152
4.7.4 CIST Port Configuration.....................................................................................................................................152
4.7.5 MSTI Priorities ...................................................................................................................................................155
4.7.6 MSTI Configuration............................................................................................................................................157
4.7.7 MSTI Ports Configuration ..................................................................................................................................158
4.7.8 Port Status.........................................................................................................................................................160
4.7.9 Port Statistics.....................................................................................................................................................161
5
4.8 Multicast..................................................................................................................
4.8.1 IGMP Snooping .................................................................................................................................................163
4.8.2 Profile Table.......................................................................................................................................................168
4.8.3 Address Entry ....................................................................................................................................................169
4.8.4 IGMP Snooping Configuration ...........................................................................................................................171
4.8.5 IGMP Snooping VLAN Configuration.................................................................................................................173
4.8.6 IGMP Snooping Port Group Filtering .................................................................................................................175
4.8.7 IGMP Snooping Status ......................................................................................................................................176
4.8.8 IGMP Group Information....................................................................................................................................178
4.8.9 IGMPv3 Information...........................................................................................................................................179
4.8.10 MLD Snooping Configuration...........................................................................................................................181
4.8.11 MLD Snooping VLAN Configuration.................................................................................................................182
4.8.12 MLD Snooping Port Group Filtering................................................................................................................. 185
4.8.13 MLD Snooping Status......................................................................................................................................187
4.8.14 MLD Group Information ...................................................................................................................................188
4.8.15 MLDv2 Information ..........................................................................................................................................190
4.8.16 MVR (Multicaset VLAN Registration)...............................................................................................................192
..................................163
4.8.17 MVR Status......................................................................................................................................................195
4.8.18 MVR Groups Information .................................................................................................................................196
4.8.19 MVR SFM Information .....................................................................................................................................197
4.9 Quality of Service.....................................................................................................................................199
4.9.1 Understanding QoS ...........................................................................................................................................199
4.9.2 Port Policing ......................................................................................................................................................200
4.9.3 Port Classification..............................................................................................................................................201
4.9.4 Port Scheduler...................................................................................................................................................204
4.9.5 Port Shaping......................................................................................................................................................205
4.9.5.1 QoS Egress Port Schedule and Shapers ................................................................................................206
4.9.6 Port Tag Remarking...........................................................................................................................................207
4.9.6.1 QoS Egress Port Tag Remarking.............................................................................................................209
4.9.7 Port DSCP .........................................................................................................................................................210
4.9.8 DSCP-based QoS .............................................................................................................................................212
4.9.9 DSCP Translation ..............................................................................................................................................214
4.9.10 DSCP Classification.........................................................................................................................................215
4.9.11 QoS Control List...............................................................................................................................................216
4.9.11.1 QoS Control Entry Configuration ...........................................................................................................219
4.9.12 QCL Status ......................................................................................................................................................221
4.9.13 Storm Control Configuration ............................................................................................................................223
6
4.9.15 WRED..............................................................................................................................................................224
4.9.14 QoS Statistics ..................................................................................................................................................227
4.9.15 Voice VLAN Configuration ...............................................................................................................................228
4.9.16 Voice VLAN OUI Table.....................................................................................................................................232
4.10 Access Control Lists..............................................................................................................................234
4.10.1 Access Control List Status ...............................................................................................................................234
4.10.2 Access Control List Configuration ....................................................................................................................236
4.10.3 ACE Configuration ...........................................................................................................................................238
4.10.4 ACL Ports Configuration ..................................................................................................................................249
4.10.5 ACL Rate Limiter Configuration .......................................................................................................................251
4.11 Authentication.........................................................................................................................................253
4.11.1 Understanding IEEE 802.1X Port-Based Authentication..................................................................................254
4.11.2 Authentication Configuration ............................................................................................................................258
4.11.3 Network Access Server Configuration..............................................................................................................259
4.11.4 Network Access Overview ...............................................................................................................................271
4.11.5 Network Access Statistics ................................................................................................................................272
4.11.6 RADIUS ...........................................................................................................................................................279
4.11.7 TACACS+ ........................................................................................................................................................282
4.11.8 RADIUS Overview ...........................................................................................................................................284
4.11.9 RADIUS Details ...............................................................................................................................................287
4.11.10 Windows Platform RADIUS Server Configuration..........................................................................................295
4.11.11 802.1X Client Configuration ...........................................................................................................................300
4.12 Security ...................................................................................................................................................303
4.12.1 Port Limit Control.............................................................................................................................................303
4.12.2 Access Management .......................................................................................................................................307
4.12.3 Access Management Statistics ........................................................................................................................308
4.12.4 HTTPs .............................................................................................................................................................310
4.12.5 SSH .................................................................................................................................................................310
4.12.6 Port Security Status......................................................................................................................................... 311
4.12.7 Port Security Detail..........................................................................................................................................314
4.12.8 DHCP Snooping ..............................................................................................................................................315
4.12.9 Snooping Table................................................................................................................................................317
4.12.10 IP Source Guard Configuration......................................................................................................................317
4.12.11 IP Source Guard Static Table.........................................................................................................................319
4.12.12 ARP Inspection ..............................................................................................................................................321
4.12.13 ARP Inspection Static Table ...........................................................................................................................323
7
4.13 Address Ta
4.13.1 MAC Table Configuration.................................................................................................................................324
4.13.2 MAC Address Table Status .............................................................................................................................. 326
4.13.3 Dynamic ARP Inspection Table........................................................................................................................327
4.13.4 Dynamic IP Source Guard Table......................................................................................................................328
ble.........................................................................................................................................324
4.14 LLDP........................................................................................................................................................331
4.14.1 Link Layer Discovery Protocol .........................................................................................................................331
4.14.2 LLDP Configuration .........................................................................................................................................331
4.14.3 LLDP MED Configuration ................................................................................................................................335
4.14.4 LLDP-MED Neighbor.......................................................................................................................................344
4.14.5 Neighbor ..........................................................................................................................................................348
4.14.6 Port Statistics...................................................................................................................................................349
4.15 Network Diagnostics..............................................................................................................................352
4.15.1 Ping .................................................................................................................................................................353
4.15.2 IPv6 Ping .........................................................................................................................................................354
4.15.3 Remote IP Ping Test ........................................................................................................................................355
4.15.4 Cable Diagnostics............................................................................................................................................356
4.16 Power over Ethernet ..............................................................................................................................359
4.16.1 Power over Ethernet Powered Device.............................................................................................................359
4.16.2 System Configuration ......................................................................................................................................360
4.16.3 Power Over Ethernet Configuration.................................................................................................................361
4.16.4 Port Sequential ................................................................................................................................................363
4.16.5 Port Configuration............................................................................................................................................364
4.16.6 PoE Status.......................................................................................................................................................366
4.16.7 PoE Schedule..................................................................................................................................................369
4.16.8 LLDP PoE Neighbours.....................................................................................................................................372
4.16.9 PoE Alive Check Configuration........................................................................................................................372
4.16.10 Port Power Consumption...............................................................................................................................374
4.17 Loop Protection......................................................................................................................................376
4.17.1 Configuration ...................................................................................................................................................376
4.17.2 Loop Protection Status.....................................................................................................................................378
4.18 RMON.......................................................................................................................................................379
4.18.1 RMON Alarm Configuration .............................................................................................................................379
4.18.2 RMON Alarm Status.........................................................................................................................................381
4.18.3 RMON Event Configuration .............................................................................................................................382
8
4.18.4 RMON Event Status.........................................................................................................................................383
4.18.5 RMON History Configuration ...........................................................................................................................384
4.18.6 RMON History Status.......................................................................................................................................386
4.18.7 RMON Statistics Configuration ........................................................................................................................387
4.18.8 RMON Statistics Status....................................................................................................................................388
4.19 Ring..........................................................................................................................................................390
4.19.1 MEP Configuration...........................................................................................................................................392
4.19.2 Detailed MEP Configuration ............................................................................................................................394
4.19.3 Ethernet Ring Protocol Switch .........................................................................................................................397
4.19.4 Ethernet Ring Protocol Switch Configuration...................................................................................................400
4.19.5 Ring Wizard .....................................................................................................................................................403
4.19.6 Ring Wizard Example: .....................................................................................................................................404
5. SWITCH OPERATION.......................................................................................................407
5.1 Address Table...........................................................................................................................................407
5.2 Learning ....................................................................................................................................................407
5.3 Forwarding & Filtering.............................................................................................................................407
5.4 Store-and-Forward...................................................................................................................................407
5.5 Auto-Negotiation ......................................................................................................................................408
6. Power over Ethernet Overview........................................................................................409
7. TROUBLESHOOTING....................................................................................................... 411
APPENDIX A: Networking Connection ............................................................................... 412
A.1 PoE RJ-45 Port Pin Assignments...........................................................................................................412
A.2 Switch's Data RJ-45 Pin Assignments - 1000Mbps, 1000Base-T........................................................412
A.3 10/100Mbps, 10/100Base-TX...................................................................................................................412
APPENDIX B : GLOSSARY .................................................................................................. 414
9
1. INTRODUCTION
NS4702-24P-4S-4X is a 24-Port 10/100/1000Mbps 802.3at PoE + 4-Port 10G SFP+ Managed Switch with Hardware Layer3
IPv4/IPv6 Static Routing, NS4702-24P-4S-4X, comes with the multi-port Gigabit Ethernet Switch and SFP fiber optic connectibility
and robust layer 2 features. The description of this model is shown below:
NS4702-24P-4S-4X
“Managed Switch” is used as an alternative name in this user’s manual.
1.1 Packet Contents
Open the box of the Managed Switch and carefully unpack it. The box should contain the following items:
Managed Switch
24-Port 10/100/1000Mbps 802.3at PoE +, 4 Shared Gigabit Ports (RJ45 and SFP) and 4-Port 10G SFP+
Managed Switch with Hardware Layer3 IPv4/IPv6 Static Routing,
x 1
User’s Manual CD
Quick Installation Guide
RJ-45 to RS232 Cable
SFP Dusty Cap
Rubber Feet
Rack-mount Accessory Kit
Power Cord
If any of these are missing or damaged, please contact your dealer immediately; if possible, retain the carton including the original
packing material, and use them again to repack the product in case there is a need to return it to us for repair.
x 1
x 1
x 1
x 8
x 4
x 1
x 1
10
1.2 Product Description
Cost-effective 10Gbps Uplink Capacitated Managed High Power PoE Switch for Large Surveillance Applications
The NS4702 is the latest generation of Interlogix Managed Gigabit PoE Switches featuring Interlogix intelligent PoE functions to
improve the availability of critical business applications. It provides IPv6/IPv4 Layer 3 static routing and built-in L2/L4 Gigabit
Switching engine along with 24 10/100/1000Base-T ports featuring 30-watt 802.3at PoE+, 4 Gigabit SFP fiber slots and 4 10Gbps
SFP+ fiber slots. With total shared power budget up to 440 watts for different kinds of PoE applications, it provides a quick safe and
cost-effective Power over Ethernet network solution to IP security surveillance for small businesses and enterprises.
Flexible and Extendable 10Gbps Ethernet Solution
10G Ethernet is a big leap in the evolution of Ethernet. Each of the SFP+ slot supports Dual-Speed, 10GBase-SR/LR or
1000Base-SX/LX, meaning the administrator now can flexibly choose the suitable SFP/SFP+ transceiver according to the
transmission distance or the transmission speed required to extend the network efficiently. With its 4-port, 10G Ethernet link
capability, the NS4702 provides broad bandwidth and powerful processing capacity.
Centralized Power Management for Gigabit Ethernet PoE Networking
To fulfill the needs of higher power required PoE network applications with Gigabit speed transmission, the NS4702 features
high-performance Gigabit IEEE 802.3af PoE (up to 15.4 watts) and IEEE 802.3at PoE+ (up to 30 watts) on all ports. It perfectly
meets the power requirement of PoE VoIP phone and all kinds of PoE IP cameras such as IR, PTZ, speed dome cameras or even
box type IP cameras with built-in fan and heater for high power consumption.
The NS4702 PoE capabilities also help to reduce deployment costs for network devices as a result of freeing from restrictions of
power outlet locations. Power and data switching are integrated into one unit, delivered over a single cable and managed centrally. It
thus eliminates cost for additional AC wiring and reduces installation time.
Built-in Unique PoE Functions for Surveillance Management
As a managed PoE Switch for surveillance network, the NS4702 features intelligent PoE Management functions:
PD ALIVE Check
Schedule Power Recycle
SMTP/SNMP Trap Event Alert
PoE Schedule
11
Intelligent Powered Device Alive Check
The NS4702 can be configured to monitor connected PD (Powered Device) status in real-time via ping action. Once the PD stops
working and it is without response, the NS4702 will resume the PoE port power and bring the PD back to work. It will greatly
enhance the network reliability through the PoE port resetting the PD’s power source and reduce administrator management
burden.
Schedule Power Recycle
The NS4702 allows each of the connected PD (Powered Device) to reboot in a specific time each week. Therefore, it will reduce the
chance of PD (Powered Device) crash resulting from buffer overflow.
SMTP/SNMP Trap Event alert
Though most NVR or camera management software offers SMTP email alert function, the NS4702 further provides event alert
function to help to diagnose the abnormal device owing to whether or not there is a break of the network connection, loss of PoE
power or the rebooting response by PD Alive Check process.
12
PoE Schedule for Energy Saving
Besides being used for IP surveillance, theNS4702 is certainly applicable to construct any PoE network including VoIP and wireless
LAN. Under the trend of energy saving worldwide and contributing to the environmental protection on the Earth, the NS4702 can
effectively control the power supply besides its capability of giving high watts power. The “PoE schedule” function helps you to
enable or disable PoE power feeding for each PoE port during specified time intervals and it is a powerful function to help SMB or
Enterprise save power and money.
Solution for IPv6 Networking
Faced with the increasingly large number of IP cameras and Wireless APs installed and deployed in all kinds of applications, more
and more network facilities start to support the IPv6 protocol for the next-generation networking. By supporting both the IPv4 and
IPv6 and plenty of management functions with easy and friendly management interfaces, the NS4702 is the best choice for IP
surveillance and wireless service providers to connect with the IPv6 network.
IPv6 / IPv4 Dual St ack
By supporting IPv6 management features and also backward compatible with IPv4, the NS4702 helps the SMB to step in the IPv6
era with the lowest investment but not need to replace the network facilities while the ISP constructs the IPv6 FTTx edge network.
13
IPv4 and IPv6 VLAN Routing for Secure and Flexible Management
To help customers stay on top of their businesses, the NS4702 switch not only provides ultra high transmission performance and
excellent layer 2 technologies, but also offers IPv4/IPv6 VLAN routing feature which allows to cross over different VLANs and
different IP addresses for the purpose of having a highly secured, flexible management and simpler networking application.
Enhanced Security
The NS4702 offers a comprehensive Layer 2 to Layer 4 Access Control List (ACL) for enforcing security to the edge. It can be
used to restrict network access by denying packets based on source and destination IP address, TCP/UDP ports or defined typical
network applications. Its protection mechanism also comprises 802.1X Port-based and MAC-based user and device authentication.
With the private VLAN function, communication between edge ports can be prevented to ensure user privacy. Furthermore, the
NS4702 provides DHCP Snooping, IP Source Guard and Dynamic ARP Inspection functions to prevent IP snooping from attack
and discard ARP packets with invalid MAC address. The network administrators can now construct highly secured corporate
networks with considerably less time and effort than before.
Robust Layer 2 Features
The NS4702 can be programmed for advanced switch management functions such as dynamic port link aggregation, Q-in-Q VLAN,
private VLAN, Multiple Spanning Tree Protocol (MSTP), Layer 2/4 QoS, bandwidth control and IGMP/MLD Snooping. The
NS4702 also provides 802.1Q Tagged VLAN, and the VLAN groups allowed will be maximally up to 256. Via aggregation of
supporting ports, the NS4702 allows the operation of a high-speed trunk combining multiple ports. It enables up to 14 groups of 8
ports for trunk maximum and supports connection fail-over as well.
Excellent Traffic Control
The NS4702 is loaded with powerful traffic management and QoS features to enhance connection services by SMBs. The QoS
features include wire-speed Layer 4 traffic classifiers and bandwidth limiting that are particular useful for multi-tenant unit, multi
business unit, Telco, or Network Service Provide applications. It also empowers the enterprises to take full advantages of the limited
network resources and guarantees the best performance in VoIP and Video conferencing transmission.
Efficient and Secure Management
The NS4702 Managed Switch is equipped with console, WEB and SNMP management interfaces. With the built-in Web-based
management interface, the NS4702 offers an easy-to-use, platform-independent management and configuration facility. The
NS4702 supports standard Simple Network Management Protocol (SNMP) and can be managed via any management software that
supports SNMP protocol. For text-based management, the NS4702 can be accessed via Telnet and the console port. Moreover, the
NS4702 offers secure remote management by supporting SSH, SSL and SNMPv3 connection which encrypt the packet content at
each session.
Flexibility and Extension Solution
The NS4702 provides 4 extra Gigabit TP/SFP combo interfaces supporting 10/100/1000Base-T RJ-45 copper to connect with
surveillance network devices such as NVR, Video Streaming Server or NAS to facilitate surveillance management. Or through these
dual-speed fiber SFP slots, it can also connect with the 100Base-FX / 1000Base-SX/LX SFP (Small Form-factor Pluggable) fiber
transceiver to backbone switch and monitoring center in long distance. The distance can be extended from 550 meters to 2
kilometers (multi-mode fiber) and up to above 10/20/30/40/50/70/120 kilometers (single-mode fiber or WDM fiber). They are well
suited for applications within the enterprise data centers and distributions.
14
Intelligent SFP Diagnosis Mechanism
The NS4702 supports SFP-DDM (Digital Diagnostic Monitor) function that greatly helps network administrator to easily monitor
real-time parameters of the SFP, such as optical output power, optical input power, temperature, laser bias current, and transceiver
supply voltage.
15
1.3 How to Use This Manual
This User’s Manual is structured as follows:
Section 2, INSTALLATION
The section explains the functions of the Managed Switch and how to physically install the Managed Switch.
Section 3, SWITCH MANAGEMENT
The section contains the information about the software function of the Managed Switch.
Section 4, WEB CONFIGURATION
The section explains how to manage the Managed Switch by Web interface.
Section 5, SWITCH OPERATION
The chapter explains how to do the switch operation of the Managed Switch.
Section 6, POWER over ETHERNET OVERVIEW
The chapter introduces the IEEE 802.3af / 802.3at PoE standard and PoE provision of the Managed Switch.
Section 7, TROUBLESHOOTING
The chapter explains how to do troubleshooting of the Managed Switch.
Appendix A
The section contains cable information of the Managed Switch.
16
1.4 Product Features
Physical Port
24-Port 10/100/1000Base-T RJ-45 copper with IEEE 802.3at / 802.3af Power over Ethernet Injector function
4 100/1000Base-X mini-GBIC/SFP slot, shared with Port-21 to Port-24 compatible with 100Base-FX SFP
4 10GBase-SR/LR SFP+ slot, compatible with 1000Base-SX/LX/BX SFP
RJ45 to RS-232 DB9 console interface for basic management and setup
Power over Ethernet
■ Complies with IEEE 802.3at High Power over Ethernet End-Span PSE
■ Complies with IEEE 802.3af Power over Ethernet End-Span PSE
■ Up to 24 ports of IEEE 802.3af / 802.3at devices powered
■ Supports PoE Power up to 30.8 Watts for each PoE ports
■ Auto detects powered device (PD)
■ Circuit protection prevents power interference between ports
■ Remote power feeding up to 100 meters
■ PoE Management
Total PoE power budget control
Per port PoE function enable/disable
PoE Port Power feeding priority
Per PoE port power limitation
PD classification detection
PD alive-check
PoE schedule
PD power recycling schedule
Layer 2 Features
Prevents packet loss with back pressure (half-duplex) and IEEE 802.3x pause frame flow control (full-duplex)
High performance of Store-and-Forward architecture and runt/CRC filtering eliminates erroneous packets to optimize the
network bandwidth
Storm Control support
Broadcast / Unicast / Unknown-unicast
Supports VLAN
IEEE 802.1Q Tagged VLAN
Up to 255 VLANs groups, out of 4095 VLAN IDs
Provider Bridging (VLAN Q-in-Q) support (IEEE 802.1ad)
Private VLAN Edge (PVE)
Protocol-based VLAN
MAC-based VLAN
IP Subnet-based VLAN
Voice VLAN
17
Supports Spanning Tree Protocol
STP, IEEE 802.1D Spanning Tree Protocol
RSTP, IEEE 802.1w Rapid Spanning Tree Protocol
MSTP, IEEE 802.1s Multiple Spanning Tree Protocol, spanning tree by VLAN
BPDU Guard
Supports Link Aggregation
802.3ad Link Aggregation Control Protocol (LACP)
Cisco ether-channel (Static Trunk)
Maximum 14 trunk groups, up to 8 ports per trunk group
Up to 16Gbps bandwidth (full duplex mode)
Provides Port Mirror (many-to-1)
Port Mirroring to monitor the incoming or outgoing traffic on a particular port
Loop protection to avoid broadcast loops
Layer 3 IP Routing Features
Supports maximum 128 static routes and route summarization
Quality of Service
Ingress Shaper and Egress Rate Limit per port bandwidth control
8 priority queues on all switch ports
Traffic classification
- IEEE 802.1p CoS
- TOS / DSCP / IP Precedence of IPv4/IPv6 packets
- IP TCP/UDP port number
- Typical network application
Strict priority and Weighted Round Robin (WRR) CoS policies
Traffic-policing policies on the switch port
DSCP remarking
Multicast
Supports IGMP Snooping v1, v2 and v3
Supports MLD Snooping v1 and v2
Querier mode support
IGMP Snooping port filtering
MLD Snooping port filtering
MVR (Multicast VLAN Registration)
Security
18
IEEE 802.1X Port-based / MAC-based network access authentication
IEEE 802.1X Authentication with Guest VLAN
Built-in RADIUS client to cooperate with the RADIUS servers
RADIUS / TACACS+ users access authentication
IP-based Access Control List (ACL)
MAC-based Access Control List (ACL)
Source MAC / IP address binding
DHCP Snooping to filter distrusted DHCP messages
Dynamic ARP Inspection discards ARP packets with invalid MAC address to IP address binding
IP Source Guard prevents IP spoofing attacks
IP address access management to prevent unauthorized intruder
Management
Switch Management Interfaces
- Console / Telnet Command Line Interface
- Web switch management
- SNMP v1, v2c, and v3 switch management
- SSH / SSL secure access
Four RMON groups (history, statistics, alarms and events)
IPv6 Address / NTP management
Built-in Trivial File Transfer Protocol (TFTP) client
BOOTP and DHCP for IP address assignment
Firmware upload / download via HTTP / TFTP
DHCP Relay and Option 82
User Privilege levels control
NTP (Network Time Protocol)
Link Layer Discovery Protocol (LLDP)
SFP-DDM (Digital Diagnostic Monitor)
Cable Diagnostic technology provides the mechanism to detect and report potential cabling issues
ICMPv6 / ICMPv4 Remote Ping
Reset button for system reboot or reset to factory default
SMTP / Syslog / SNMP Trap remote alarm
System Log
Interlogix Smart Discovery Utility for deploy management
Redundant Data Protection
ITU-T G.8032 Ethernet Ring Protection Switching
19
1.5 Product Specifications
Product
Hardware Specifications
Copper Ports
SFP/mini-GBIC Slots
SFP+ Slots
Console
Switch Architecture
Switch Fabric
Throughput
Address Table
Share Data Buffer
Flow Control
Jumbo Frame
Reset Button
Dimensions (W x D x H)
NS4702-24P-4S-4X
24 10/100/1000Base-T RJ-45 auto-MDI/MDI-X ports
4 100/1000Base-X SFP interfaces, shared with Port-21 to Port-24
Compatible with 100Base-FX SFP transceiver
4 10GBase-SR/LR SFP+ interface (Port-25 to Port-28)
Compatible with 1000Base-SX/LX/BX SFP transceiver
1 x RS-232-to-RJ45 serial port (115200, 8, N, 1)
Store-and-Forward
128Gbps / non-blocking
95Mpps@64Bytes
16K entries, automatic source address learning and ageing
32M bits
IEEE 802.3x pause frame for full-duplex
Back pressure for half-duplex
10K bytes
< 5 sec: System reboot
> 5 sec: Factory default
440 x 300 x 44.5 mm, 1U height
Weight
LED
Power Requirements
Power Consumption
ESD Protection
Power over Ethernet
PoE Standard
PoE Power Supply Type
PoE Power Output
Power Pin Assignment
PoE Power Budget
4887g
System:
PWR (Green), SYS (Green), Ring (Green), R.O. (Green)
PWR1 (Green), PWR2 (Green), FAN1 (Green), FAN2 (Green)
10/100/1000T RJ45 Interfaces (Port 1 to Port 24):
10/100/1000Mbps LNK/ACT (Green)
PoE In-Use (Orange)
100/1000Mbps SFP Combo Interfaces (Port 21 to Port 24):
1000Mbps (Green), LNK/ACT (Orange)
1/10Gbps SFP+ Interfaces (Port 25 to Port 28):
10Gbps LNK/ACT (Green), 1Gbps LNK/ACT (Orange)
100~240V AC, 50/60Hz
502 watts / 1712.8 BTU Max.
6KV DC
IEEE 802.3af / 802.3at PoE / PSE
End-span
Per Port 56V DC, Max. 30.8 watts
1/2(+), 3/6(-)
440 watts (max.) @ 25 degrees C
380 watts (max.) @ 50 degrees C
20
PD @ 7 watts
24 units
PoE Ability
Layer 2 Functions
Port Configuration
Port Status
Port Mirroring
VLAN
Link Aggregation
Spanning Tree Protocol
QoS
IGMP Snooping
MLD Snooping
Access Control List
Bandwidth Control
Layer 3 Functions
PD @ 15.4 watts
PD @ 30.8 watts
24 units
14 units
Port disable / enable
Auto-negotiation 10/100/1000Mbps full and half duplex mode selection
Flow control disable / enable
Display each port’s speed duplex mode, link status, flow control status,
auto-negotiation status, trunk status
TX / RX / Both
Many-to-1 monitor
802.1Q Tagged based VLAN
Q-in-Q tunneling
Private VLAN Edge (PVE)
MAC-based VLAN
Protocol-based VLAN
Voice VLAN
IP Subnet-based VLAN
MVR (Multicast VLAN Registration)
Up to 255 VLAN groups, out of 4094 VLAN IDs
IEEE 802.3ad LACP / Static Trunk
16 groups of 8-Port trunk supported
STP, IEEE 802.1D Spanning Tree Protocol
RSTP, IEEE 802.1w Rapid Spanning Tree Protocol
MSTP, IEEE 802.1s Multiple Spanning Tree Protocol
Traffic classification based, Strict priority and WRR
8-Level priority for switching
- Port Number
- 802.1p priority
- 802.1Q VLAN tag
- DSCP/TOS field in IP packet
IGMP (v1/v2/v3) Snooping, up to 255 multicast groups
IGMP Querier mode support
MLD (v1/v2) Snooping, up to 255 multicast groups
MLD Querier mode support
IP-based ACL / MAC-based ACL
Up to 256 entries
Per port bandwidth control
Ingress: 100Kbps~1000Mbps
Egress: 100Kbps~1000Mbps
IP Interfaces
Routing Table
Routing Protocols
Management
Basic Management Interfaces
Max. 128 VLAN interfaces
Max. 32 routing entries
IPv4 hardware Static Routing
IPv6 hardware Static Routing
Console / Telnet / Web browser / SNMP v1, v2c
21
Secure Management
Interfaces
SNMP MIBs
Standards Conformance
SSH, SSL, SNMP v3
RFC-1213 MIB-II
RFC-1493 Bridge MIB
RFC-1643 Ethernet MIB
RFC-2863 Interface MIB
RFC-2665 Ether-Like MIB
RFC-2819 RMON MIB (Group 1, 2, 3 and 9)
RFC-2737 Entity MIB
RFC-2618 RADIUS Client MIB
RFC-2863 IF-MIB
RFC-2933 IGMP-STD-MIB
RFC-3411 SNMP-Frameworks-MIB
RFC-4292 IP Forward MIB
RFC-4293 IP MIB
RFC-4836 MAU-MIB
IEEE 802.1X PAE
LLDP
Power over Ethernet MIB
Regulation Compliance
Standards Compliance
Environment
Operating
FCC Part 15 Class A, CE
IEEE 802.3 10Base-T
IEEE 802.3u 100Base-TX/100Base-FX
IEEE 802.3z Gigabit SX/LX
IEEE 802.3ab Gigabit 1000T
IEEE 802.3ae 10Gb/s Ethernet
IEEE 802.3x Flow Control and Back pressure
IEEE 802.3ad Port trunk with LACP
IEEE 802.1D Spanning tree protocol
IEEE 802.1w Rapid spanning tree protocol
IEEE 802.1s Multiple spanning tree protocol
IEEE 802.1p Class of service
IEEE 802.1Q VLAN Tagging
IEEE 802.1X Port Authentication Network Control
IEEE 802.3af Power over Ethernet
IEEE 802.3at Power over Ethernet PLUS
IEEE 802.1ab LLDP
RFC 768 UDP
RFC 793 TFTP
RFC 791 IP
RFC 792 ICMP
RFC 2068 HTTP
RFC 1112 IGMP version 1
RFC 2236 IGMP version 2
RFC 3376 IGMP version 3
RFC 2710 MLD version 1
FRC 3810 MLD version 2
Temperature: 0 ~ 50 degrees C
Relative Humidity: 5 ~ 95% (non-condensing)
22
Storage
Temperature: -10 ~ 70 degrees C
Relative Humidity: 5 ~ 95% (non-condensing)
23
2. INSTALLATION
This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For easier
management and control of the Managed Switch, familiarize yourself with its display indicators, and ports. Front panel illustrations in
this chapter display the unit LED indicators. Before connecting any network device to the Managed Switch, please read this chapter
completely.
2.1 Hardware Description
2.1.1 Switch Front Panel
The front panel provides a simple interface monitoring the Managed Switch. Figure 2-1-1 shows the front panel of the Managed
Switch.
NS47 02-24P-4S-4X Front Panel
Figure 2-1-1: Front Panels of NS4702-24P-4S-4X
■ Gigabit TP interface
10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters.
■ SFP slot
100/1000Base-X mini-GBIC slot, SFP (Small Factor Pluggable) transceiver module: From 550 meters to 2km (multi-mode fiber),
up to above 10/20/30/40/50/70/120 kilometers (single-mode fiber).
■ 10 Gigab it SFP slot
10GBase-SR/LR mini-GBIC slot, SFP (Small Factor Pluggable) Transceiver Module supports from 300 meters (Multi-mode
Fiber), up to 10 kilometers (Single Mode Fiber)
■ Console Port
The console port is a RJ-45 port connector. It is an interface for connecting a terminal directly. Through the console port, it
provides rich diagnostic information including IP Address setting, factory reset, port management, link status and system setting.
Users can use the attached DB9 to RJ-45 console cable in the package and connect to the console port on the device. After the
24
connection, users can run any terminal emulation program (Hyper Terminal, ProComm Plus, Telix, Winterm and so on) to enter
the startup screen of the device.
■ Reset button
At the right of the front panel, the reset button is designed for rebooting the Managed Switch without turning off and on the
power. The following is the summary table of reset button functions:
Reset Button Pressed and Released Function
< 5 sec: System Reboot Reboot the Managed Switch.
Reset the Managed Switch to Factory Default configuration.
The Managed Switch will then reboot and load the default
settings as shown below:
> 5 sec: Factory Default
。 Default Username: admin
。 Default Password: admin
。 Default IP address: 192.168.0.100
。 Subnet mask: 255.255.255.0
。 Default Gateway: 192.168.0.254
2.1.2 LED Indications
The front panel LEDs indicate instant status of power and system status, fan status, port links / PoE in-use and data activity; they
help monitor and troubleshoot when needed. Figure 2-1-2 shows the LED indications of the Managed Switch.
NS4702-24P-4S-4X LED Indication
Figure 2-1-2: NS4702-24P-4S-4X LED at Front Panel
NS4702-24P-4S-4X LED Indication Table
LED definition
System
LED Color Function
SYS Green
PWR Green Lights to indicate that the Switch has power.
Lights to indicate the system is working.
25
Ring
R.O.
Alert
LED Color Function
FAN1~2 Green
PWR1~2 Green
Per 10/100/1000Mbps RJ45 port (Port-1 to Port-24)
LED Color Function
Green
Green
Lights Indicates that ring state is in idle.
Blink Indicates that ring state is in protected.
Lights Indicates that the switch is set to ring owner.
Off Indicates that the switch doesn’t set to ring owner.
Lights to indicate fan1~2 failure.
Lights to indicate power1~2 failure.
1000
LNK/ACT
10/100
LNK/ACT
Per 100/1000Base-X SFP Interface (Port-23 to Port-24)
LED Color Function
1000
LNK/ACT
100
LNK/ACT
Per 10G SFP+ interface (Port-25 to Port-28)
LED Color Function
10G
LNK/ACT
1G
LNK/ACT
Green
Orange
Green
Orange
Green
Orange
Lights: To indicate the port is running in 1000Mbps speed and successfully established.
Blink: To indicate that the switch is actively sending or receiving data over that port.
Lights: To indicate the port is running in 10/100Mbps speed and successfully established.
Blink: To indicate that the switch is actively sending or receiving data over that port.
Lights. To indicate the port is successfully established at 1000Mbps.
Blink: To indicate that the Switch is actively sending or receiving data over that port.
Lights: To indicate the port is successfully established at 100Mbps.
Blink: To indicate that the Switch is actively sending or receiving data over that port.
Lights to indicate the port is running in 10Gbps speed and successfully established.
Blink: indicate that the switch is actively sending or receiving data over that port.
Lights to indicate the port is running in 1Gbps speed and successfully established.
Blink: indicate that the switch is actively sending or receiving data over that port.
26
2.1.3 Switch Rear Panel
The rear panel of the Managed Switch indicates an AC inlet power socket, which accepts input power from 100 to 240V AC,
50-60Hz. Figure 2-1-3 shows the rear panel of the Managed Switch.
NS47 02-24P-4S-4X Rear Panel
Figure 2-1-3: Rear Panel of NS4702-24P-4S-4X
■ AC Power Receptacle
For compatibility with electric service in most areas of the world, the Managed Switch’s power supply automatically adjusts
line power in the range of 100-240V AC and 50/60 Hz.
Plug the female end of the power cord firmly into the receptalbe on the rear panel of the Managed Switch. Plug the other end of
the power cord into an electric service outlet and the power will be ready.
Power Notice:
The device is a power-required device, which means it will not work till it is powered. If your networks
should be active all the time, please consider using UPS (Uninterrupted Power Supply) for your device.
It will prevent you from network data loss or network downtime. In some areas, installing a surge
suppression device may also help to protect your Managed Switch from being damaged by unregulated
surge or current to the Switch or the power adapter.
27
2.2 Installing the Switch
This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the following
topics and perform the procedures in the order being presented. To install your Managed Switch on a desktop or shelf, simply
complete the following steps.
2.2.1 Desktop Installation
To install the Managed Switch on desktop or shelf, please follow these steps:
Step 1: Attach the rubber feet to the recessed areas on the bottom of the Managed Switch.
Step 2: Place the Managed Switch on the desktop or the shelf near an AC power source, as shown in Figure 2-2-1.
Figure 2-2-1: Place the Managed Switch on the Desktop
Step 3: Keep enough ventilation space between the Managed Switch and the surrounding objects.
When choosing a location, please keep in mind the environmental restrictions discussed in Chapter 1,
Section 4, and specifications.
Step 4: Connect the Managed Switch to network devices.
Connect one end of a standard network cable to the 10/100/1000 RJ-45 ports on the front of the Managed Switch.
Connect the other end of the cable to the network devices such as printer server, workstation or router.
28
Connection to the Managed Switch requires UTP Category 5e network cabling with RJ-45 tips. For
more information, please see the Cabling Specification in Appendix A.
Step 5: Supply power to the Managed Switch.
Connect one end of the power cable to the Managed Switch.
Connect the power plug of the power cable to a standard wall outlet.
When the Managed Switch receives power, the Power LED should remain solid Green.
2.2.2 Rack Mounting
To install the Managed Switch in a 19-inch standard rack, please follow the instructions described below.
Step 1: Place the Managed Switch on a hard flat surface, with the front panel positioned towards the front side.
Step 2: Attach the rack-mount bracket to each side of the Managed Switch with supplied screws attached to the package.
Figure 2-2-2 shows how to attach brackets to one side of the Managed Switch.
Figure 2-2-2: Attach Brackets to the Managed Switch.
You must use the screws supplied with the mounting brackets. Damage caused to the parts by
using incorrect screws would invalidate the warranty.
Step 3: Secure the brackets tightly.
Step 4: Follow the same steps to attach the second bracket to the opposite side.
Step 5: After the brackets are attached to the Managed Switch, use suitable screws to securely attach the brackets to the rack, as
shown in Figure 2-2-3.
29
Figure 2-2-3: Mounting Managed Switch in a Rack
Step 6: Proceed with Steps 4 and 5 of session 2.2.1 Desktop Installation to connect the network cabling and supply power to the
Managed Switch.
2.2.3 Installing the SFP/SFP+ Transceiver
The sections describe how to insert an SFP/SFP+ transceiver into an SFP/SFP+ slot. The SFP/SFP+ transceivers are hot-pluggable
and hot-swappable. You can plug in and out the transceiver to/from any SFP/SFP+ port without having to power down the Managed
Switch, as the Figure 2-2-4 shows..
Figure 2-2-4: Plug-in the SFP/SFP+ Transceiver
30
Approved Interlogix SFP/SFP+ Transceivers
Interlogix Managed Switch supports both single mode and multi-mode SFP/SFP+ transceiver. The following list of approved
Interlogix SFP/SFP+ transceivers is correct at the time of publication:
Fast Ethernet Transceiver (100Base-X SFP)
S20-2MLC-2 SFP-Port 100Base-FX Transceiver (1310nm) - 2KM 0~50•C
S25-2MLC-2 SFP-Port 100Base-FX Transceiver (1310nm) - 2KM -40~75•C
S20-2SLC-20 SFP-Port 100Base-FX Transceiver (1310nm) - 20KM 0~50•C
S25-2SLC-20 SFP-Port 100Base-FX Transceiver (1310nm) - 20KM -40~75•C
S20-ISLC/A-20 SFP-Port 100Base-BX Transceiver (WDM,TX:1310nm) - 20KM 0~50•C
S20-ISLC/B-20 SFP-Port 100Base-BX Transceiver (WDM,TX:1550nm) - 20KM -40~75•C
Gigabit Ethernet Transceiver (1000Base-X SFP)
S30-RJ
S30-2MLC
S35-2MLC
S30-2MLC-2
S30-2SLC-10
S35-2SLC-10
S30-2SLC-30
S35-2SLC-30
S30-2SLC-70 SFP-Port 1000Base-LX mini-GBIC module - 70KM 0~50•C
S35-2SLC-70 SFP-Port 1000Base-LX mini-GBIC module - 70KM -40~75•C
S30-1SLC/A-10
SFP-Port 1000Base-T Module – 100M
SFP-Port 1000Base-SX mini-GBIC module – 550M 0~50•C
SFP-Port 1000Base-SX mini-GBIC module – 550M -40~75•C
SFP-Port 1000Base-SX mini-GBIC module – 2KM 0~50•C
SFP-Port 1000Base-LX mini-GBIC module – 10KM 0~50•C
SFP-Port 1000Base-LX mini-GBIC module – 10KM -40~75•C
SFP-Port 1000Base-LX mini-GBIC module - 30KM 0~50•C
SFP-Port 1000Base-LX mini-GBIC module - 30KM -40~75•C
SFP-Port 1000Base-BX GBIC module - 10KM 0~50•C
S30-1SLC/B-10
S30-1SLC/A-20
S30-1SLC/B-20
SFP-Port 1000Base-BX GBIC module - 10KM 0~50•C
SFP-Port 1000Base-BX GBIC module - 20KM 0~50•C
SFP-Port 1000Base-BX GBIC module - 20KM 0~50•C
31
S30-1SLC/A-60
SFP-Port 1000Base-BX GBIC module - 60KM 0~50•C
S30-1SLC/B-60
10Gigabit Ethernet Transceiver (10GBase-X SFP+)
S40-2MLC SFP-Port 1G Base-SX Transceiver – 300M 0~50•C
S40-2SLC-10 SFP-Port 1G Base-SX Transceiver - 10KM 0~50•C
SFP-Port 1000Base-BX GBIC module - 60KM 0~50•C
1. It is recommended to use Interlogix SFP on the Managed Switch. If you insert an SFP transceiver
that is not supported, the Managed Switch will not recognize it.
2. Port 21 to Port 24 are a shared SFP slot that supports the Gigabit and Fast Ethernet SFP
transceiver.
3. Port 25 to Port 28 are a shared SFP+ slot that supports the 10 Gigabit SFP+ transceiver and
Gigabit SFP transceiver.
1. Before we connect the NS4702-24P-4S-4X to the other network device, we have to make sure both sides of the SFP
transceivers are with the same media type, for example: 1000Base-SX to 1000Base-SX, 1000Bas-LX to 1000Base-LX.
2. Check whether the fiber-optic cable type matches with the SFP transceiver requirement.
To connect to 1000Base-SX SFP transceiver, please use the multi-mode fiber cable with one side being the male duplex
LC connector type.
To connect to 1000Base-LX SFP transceiver, please use the single-mode fiber cable with one side being the male duplex
LC connector type.
Connect the Fiber Cable
1. Insert the duplex LC connector into the SFP/SFP+ transceiver.
2. Connect the other end of the cable to a device with SFP/SFP+ transceiver installed.
3. Check the LNK/ACT LED of the SFP/SFP+ slot on the front of the Managed Switch. Ensure that the SFP/SFP+ transceiver is
operating correctly.
4. Check the Link mode of the SFP/SFP+ port if the link fails. To function with some fiber-NICs or Media Converters, user has to
set the port Link mode to “10GForce”, “1000 Force” or “100 Force”.
32
Remove the Transceiver Module
1. Make sure there is no network activity anymore.
2. Remove the Fiber-Optic Cable gently.
3. Lift up the lever of the MGB module and turn it to a horizontal position.
4. Pull out the module gently through the lever.
Figure 2-2-5: How to Pull Out the SFP/SFP+ Transceiver
Never pull out the module without lifting up the lever of the module and turning it to a horizontal
position. Directly pulling out the module could damage the module and the SFP/SFP+ module
slot of the Managed Switch.
33
3. SWITCH MANAGEMENT
This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types
of management applications and the communication and management protocols that deliver data between your management
device (workstation or personal computer) and the system. It also contains information about port connection options.
This chapter covers the following topics:
Requirements
Management Access Overview
Administration Console Access
Web Management Access
SNMP Access
Standards, Protocols, and Related Reading
3.1 Requirements
Workstations running Windows 2000/XP, 2003, Vista/7/8, 2008, MAC OS9 or later, or Linux, UNIX , or other platforms
compatible with TCP/IP protocols.
Workstation is installed with Ethernet NIC (Network Interface Card)
Serial Port connect (Terminal)
The above PC with COM Port (DB9 / RS-232) or USB-to-RS-232 converter
Ethernet Port connect
Network cables - Use standard network (UTP) cables with RJ45 connectors.
The above workstation is installed with WEB Browser and JAVA runtime environment Plug-in
It is recommended to use Internet Explore 7.0 or above to access Managed Switch.
34
3.2 Management Access Overview
The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods:
An administration console
Web browser interface
An external SNMP-based network management application
The administration console and Web browser interface support are embedded in the Managed Switch software and are available for
immediate use. Each of these management methods has their own advantages. Table 3-1 compares the three management
methods.
Method Advantages Disadvantages
Console
Web Browser
SNMP Agent
No IP address or subnet needed
Text-based
Telnet functionality and HyperTerminal
built into Windows
95/98/NT/2000/ME/XP operating
systems or higher.
Secure
Ideal for configuring the switch remotely
Compatible with all popular browsers
Can be accessed from any location
Most visually appealing
Communicates with switch functions at
the MIB level
Based on open standards
Must be near the switch or use dial-up
connection
Not convenient for remote users
Modem connection may prove to be unreliable
or slow
Security can be compromised (hackers need
only know the IP address and subnet mask)
May encounter lag times on poor connections
Requires SNMP manager software
Least visually appealing of all three methods
Some settings require calculations
Security can be compromised (hackers need
only know the community name)
Table 3-1 Comparison of Management Methods
35
3.3 Administration Console
The administration console is an internal, character-oriented, and command line user interface for performing system administration
such as displaying statistics or changing option settings. Using this method, you can view the administration console from a terminal,
personal computer, Apple Macintosh, or workstation connected to the Managed Switch's console (serial) port.
Figure 3-1-1: Console Management
Direct Access
Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal-emulation
program (such as HyperTerminal) to the Managed Switch console (serial) port. When using this management method, a straight
DB9 RS-232 cable is required to connect the switch to the PC. After making this connection, configure the terminal-emulation
program to use the following parameters:
The default parameters are:
115200 bps
8 data bits
No parity
1 stop bit
Figure 3-1-2: Terminal Parameter Settings
You can change these settings, if desired, after you log on. This management method is often preferred because you can remain
36
connected and monitor the system during system reboots. Also, certain error messages are sent to the serial port, regardless of the
interface through which the associated action was initiated. A Macintosh or PC attachment can use any terminal-emulation program
for connecting to the terminal serial port. A workstation attachment under UNIX can use an emulator such as TIP.
3.4 Web Management
The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network
through a standard browser such as Microsoft Internet Explorer. After you set up your IP address for the switch, you can access the
Managed Switch's Web interface applications directly in your Web browser by entering the IP address of the Managed Switch.
Figure 3-1-3: Web Management
You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location, just
as if you were directly connected to the Managed Switch's console port. Web Management requires either Microsoft Internet
Explorer 7.0 or later, Safari or Mozilla Firefox 1.5 or later.
Figure 3-1-4: Web Main Screen of Managed Switch
37
3.5 SNMP-based Network Management
You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMP Network Manager,
HP Openview Network Node Management (NNM) or What’s Up Gold. This management method requires the SNMP agent on the
switch and the SNMP Network Management Station to use the same community string. This management method, in fact, uses
two community strings: the get community string and the set community string. If the SNMP Net-work management Station only
knows the set community string, it can read and write to the MIBs. However, if it only knows the get community string, it can only
read MIBs. The default getting and setting community strings for the Managed Switch is public.
Figure 3-1-5: SNMP Management
38
4. WEB CONFIGURATION
This section introduces the configuration and functions of the Web-based management from Managed Switch.
About Web-based Management
The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network
through a standard browser such as Microsoft Internet Explorer.
The Web-based Management supports Internet Explorer 7.0. It is based on Java Applets with an aim to reduce network bandwidth
consumption, enhance access speed and present an easy viewing screen.
By default, IE7.0 or later version does not allow Java Applets to open sockets. The user has to explicitly
modify the browser setting to enable Java Applets to use network ports.
The Managed Switch can be configured through an Ethernet connection, making sure the manager PC must be set on the same IP
subnet address with the Managed Switch.
For example, the default IP address of the Managed Switch is 192.168.0.100, then the manager PC should be set at 192.168.0.x
(where x is a number between 1 and 254, except 100), and the default subnet mask is 255.255.255.0.
If you have changed the default IP address of the Managed Switch to 192.168.1.1 with subnet mask 255.255.255.0 via console,
then the manager PC should be set at 192.168.1.x (where x is a number between 2 and 254) to do the relative configuration on
manager PC.
Figure 4-1-1: Web Management
Logging on the Managed Switch
1. Use Internet Explorer 7.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The
factory-default IP Address is shown as follows:
http://192.168.0.100
2. When the following login screen appears, please enter the default username "admin" with password “admin” (or the
39
username/password you have changed via console) to login the main screen of Managed Switch. The login screen in Figure
4-1-2 appears.
Figure 4-1-2: Login Screen
Default User name: admin
Default Password: admin
After entering the username and password, the main screen appears as shown in Figure 4-1-3.
Figure 4-1-3: Web Main Page
40
Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web
interface. The Switch Menu on the left of the web Page lets you access all the commands and statistics the Managed Switch
provides.
1. It is recommended to use Internet Explore 7.0 or above to access Managed Switch.
2. The changed IP address takes effect immediately after clicking on the Save button. You need to
use the new IP address to access the Web interface.
3. For security reason, please change and memorize the new password after this first setup.
4. Only accept command in lowercase letter under web interface.
41
4.1 Main Web Page
The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access
the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s Web browser
interface to configure and manage it.
Main Functions Menu
Copper Port Link Status
SFP/SFP+ Port Link
Help Button Main Screen
Panel Display
The web agent displays an image of the Managed Switch’s ports. The Mode can be set to display different information for the ports,
including Link up or Link down. Clicking on the image of a port opens the Port Statistics Page.
The port status are illustrated as follows:
State Disabled Down Link
RJ-45 Ports
SFP Ports
Main Menu
Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or
Figure 4-1-4: Web Main Page
42
monitor network conditions. Via the Web-Management, the administrator can set up the Managed Switch by selecting the functions
those listed in the Main Function. The screen in Figure 4-1-5 appears.
Figure 4-1-5: Managed Switch Main Functions Menu
43
4.2 System
Use the System menu items to display and configure basic administrative details of the Managed Switch. Under the System, the
following topics are provided to configure and view the system information. This section has the following items:
■ System Information The Managed Switch system information is provided here.
■ IP Configuration Configures the Managed Switch-managed IPv4/IPv6 interface and IP routes
on this Page.
■ IP Status This page displays the status of the IP protocol layer. The status is defined
by the IP interfaces, the IP routes and the neighbour cache (ARP cache)
status.
■ Users Configuration
This Page provides an overview of the current users. Currently the only way
to login as another user on the web server is to close and reopen the
browser.
■ Privilege Levels
■ NTP Configuration Configure NTP server on this Page.
■ Time Configuration Configure time parameter on this Page.
■ UPnP Configure UPnP on this Page.
■ DHCP Relay Configure DHCP Relay on this Page.
■ DHCP Relay Statistics This Page provides statistics for DHCP relay.
■ CPU Load This Page displays the CPU load, using an SVG graph.
■ System Log The Managed Switch system log information is provided here.
■ Detailed Log The Managed Switch system detailed log information is provided here.
■ Remote Syslog Configure remote syslog on this Page.
■ SMTP Configuration Configuration SMTP parameters on this Page.
■ Web Firmware Upgrade This Page facilitates an update of the firmware controlling the Managed
■ TFTP Firmware Upgrade Upgrade the firmware via TFTP server
■ Save Startup Config
■ Configuration Download
This Page provides an overview of the privilege levels.
Switch.
This copies running-config to startup-config, thereby ensuring that the
currently active configuration will be used at the next reboot.
You can download the files on the switch.
■ Configuration Upload
■ Configuration Activate
■ Configuration Delete
■ Image Select
■ Factory Default
■ System Reboot You can restart the Managed Switch on this Page. After restarting, the
You can upload the files to the switch.
You can activate the configuration file present on the switch.
You can delete the writable files which stored in flash.
Configuration active or alternate firmware on this Page.
You can reset the configuration of the Managed Switch on this Page. Only
the IP configuration is retained.
Managed Switch will boot normally.
44
4.2.1 System Information
The System Infomation Page provides information for the current device information. System Information Page helps a switch
administrator to identify the hardware MAC address, software version and system uptime. The screen in Figure 4-2-1 appears.
The Page includes the following fields:
Object Description
Contact
Name
Location
MAC Address
Temperature
System Date
System Up time
Software Version
Software Date
The system contact configured in SNMP | System Information | System Contact.
The system name configured in SNMP | System Information | System Name.
The system location configured in SNMP | System Information | System Location.
The MAC Address of this Managed Switch.
Indicates chipset temperature.
The current (GMT) system time and date. The system time is obtained through the
configured NTP Server, if any.
The period of time the device has been operational.
The software version of the Managed Switch.
The date when the Managed Switch software was produced.
Figure 4-2-1: System Information Page Screenshot
Buttons
Auto-refresh
: Check this box to refresh the Page automatically. Automatic refresh occurs every 3 seconds.
45
: Click to refresh the Page; any changes made locally will be undone.
4.2.2 IP Configuration
The IP Configuration includes the IP Configuration, IP Interface and IP Routes. The configured column is used to view or change the
IP configuration. The maximum number of interfaces supported is 128 and the maximum number of routes is 32.
The screen in Figure 4-2-2 appears.
Figure 4-2-2: IP Configuration Page Screenshot
The current column is used to show the active IP configuration.
Object Description
IP Configurations
Mode
DNS Server
Configure whether the IP stack should act as a Host or a Router. In
Host mode, IP traffic between interfaces will not be routed. In Router
mode traffic is routed between all interfaces.
This setting controls the DNS name resolution done by the switch. The
following modes are supported:
From any DHCP interfaces
The first DNS server offered from a DHCP lease to a DHCP-enabled
interface will be used.
46
No DNS server
No DNS server will be used.
Configured
Explicitly provide the IP address of the DNS Server in dotted decimal
notation.
From this DHCP interface
Specify from which DHCP-enabled interface a provided DNS server
should be preferred.
IP Address
DNS Proxy
Delete
VLAN
IPv4
DHCP
IPv4
IPv6
Enabled
Fallback
Current Lease
Address
Mask Length
Address
When DNS proxy is enabled, system will relay DNS requests to the
currently configured DNS server, and reply as a DNS resolver to the client
devices on the network.
Select this option to delete an existing IP interface.
The VLAN associated with the IP interface. Only ports in this VLAN will be
able to access the IP interface. This field is only available for input when
creating an new interface.
Enable the DHCP client by checking this box.
The number of seconds for trying to obtain a DHCP lease.
For DHCP interfaces with an active lease, this column show the current
interface address, as provided by the DHCP server.
Provide the IP address of this Managed Switch in dotted decimal notation.
The IPv4 network mask, in number of bits (prefix length). Valid values are
between 0 and 30 bits for a IPv4 address.
Provide the IP address of this Managed Switch. A IPv6 address is in
128-bit records represented as eight fields of up to four hexadecimal
IP Routes
Mask Length
Delete
Network
Mask Length
Gateway
Next Hop VLAN
digits with a colon separating each field (:).
The IPv6 network mask, in number of bits (prefix length). Valid values are
between 1 and 128 bits for a IPv6 address.
Select this option to delete an existing IP route.
The destination IP network or host address of this route. Valid format is
dotted decimal notationor a valid IPv6 notation. A default route can use
the value 0.0.0.0or IPv6 :: notation.
The destination IP network or host mask, in number of bits (prefix length).
The IP address of the IP gateway. Valid format is dotted decimal notation
or a valid IPv6 notation. Gateway and Network must be of the same type.
The VLAN ID (VID) of the specific IPv6 interface associated with the
gateway.
47
Buttons
: Click to add a new IP interface. A maximum of 128 interfaces is supported.
: Click to add a new IP route. A maximum of 32 routes is supported.
: Click to apply changes.
: Click to undo any changes made locally and revert to previously saved values.
4.2.3 IP Status
IP Status displays the status of the IP protocol layer. The status is defined by the IP interfaces, the IP routes and the neighbour
cache (ARP cache) status. The screen in Figure 4-2-3 appears.
Figure 4-2-3: IP Status Page Screenshot
The Page includes the following fields:
Object Description
IP Interfaces
Interface
Type
Address
The name of the interface.
The address type of the entry. This may be LINK or IPv4.
The current address of the interface (of the given type).
48
Status
The status flags of the interface (and/or address).
IP Routes
Neighbor Cache
Buttons
Auto-refresh
: Click to refresh the Page.
Network
Gateway
Status
IP Address
Link Address
: Check this box to refresh the Page automatically. Automatic refresh occurs every 3 seconds.
The destination IP network or host address of this route.
The gateway address of this route.
The status flags of the route.
The IP address of the entry.
The Link (MAC) address for which a binding to the IP address given exist.
4.2.4 Users Configuration
This Page provides an overview of the current users. Currently the only way to login as another user on the web server is to close
and reopen the browser. After setup is completed, press “Apply” button to take effect. Please login web interface with new user
name and password, the screen in Figure 4-2-4 appears.
The Page includes the following fields:
Object Description
User Name
Privilege Level
Figure 4-2-4: Users Configuration Page Screenshot
The name identifying the user. This is also a link to Add/Edit User.
The privilege level of the user.
The allowed range is 1 to 15. If the privilege level value is 15, it can access all
groups, i.e. that is granted the fully control of the device. But others value need to
refer to each group privilege level. User's privilege should be same or greater
than the group privilege level to have the access of that group.
By default setting, most groups privilege level 5 has the read-only access and
privilege level 10 has the read-write access. And the system maintenance
(software upload, factory defaults and etc.) need user privilege level 15.
49
Generally, the privilege level 15 can be used for an administrator account,
privilege level 10 for a standard user account and privilege level 5 for a guest
account.
Buttons
: Click to add a new user.
Add / Edit User
This Page configures a user – add, edit or delete user.
Figure 4-2-5: Add / Edit User Configuration Page Screenshot
The Page includes the following fields:
Object Description
Username
Password
Password (again)
Privilege Level
A string identifying the user name that this entry should belong to. The allowed
string length is 1 to 31. The valid user name is a combination of letters, numbers
and underscores.
The password of the user. The allowed string length is 1 to 31.
Please enter the user’s new password here again to confirm.
The privilege level of the user.
The allowed range is 1 to 15. If the privilege level value is 15, it can access all
groups, i.e. that is granted the fully control of the device. But others value need to
refer to each group privilege level. User's privilege should be same or greater
than the group privilege level to have the access of that group.
50
By default setting, most groups privilege level 5 has the read-only access and
privilege level 10 has the read-write access. And the system maintenance
(software upload, factory defaults and etc.) need user privilege level 15.
Generally, the privilege level 15 can be used for an administrator account,
privilege level 10 for a standard user account and privilege level 5 for a guest
account.
Buttons
: Click to apply changes.
: Click to undo any changes made locally and revert to previously saved values.
: Click to undo any changes made locally and return to the Users.
: Delete the current user. This button is not available for new configurations (Add new user)
Once the new user is added, the new user entry shown in the Users Configuration Page.
Figure 4-2-6: User Configuration Page Screenshot
If you forget the new password after changing the default password, please press the “Reset”
button on the front panel of the Managed Switch for over 10 seconds and then release it. The
current setting including VLAN will be lost and the Managed Switch will restore to the default
mode.
51
4.2.5 Privilege Levels
This Page provides an overview of the privilege levels. After setup is completed, please press “Apply” button to take effect. Please
login web interface with new user name and password and the screen in Figure 4-2-7 appears.
Figure 4-2-7: Privilege Levels Configuration Page Screenshot
52
The Page includes the following fields:
Object Description
Group Name
Privilege Level
The name identifying the privilege group. In most cases, a privilege level group
consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contain
more than one. The following description defines these privilege level groups in
details:
System: Contact, Name, Location, Timezone, Log.
Security: Authentication, System Access Management, Port (contains Dot1x
port, MAC based and the MAC Address Limit), ACL, HTTPS, SSH, ARP
Inspection and IP source guard.
IP: Everything except 'ping'.
Port: Everything except 'VeriPHY'.
Diagnostics: 'ping' and 'VeriPHY'.
Maintenance: CLI- System Reboot, System Restore Default, System
Password, Configuration Save, Configuration Load and Firmware Load.
Web- Users, Privilege Levels and everything in Maintenance.
Debug: Only present in CLI.
Every privilege level group has an authorization level for the following sub
groups:
Buttons
Configuration read-only
Configuration/execute read-write
Status/statistics read-only
Status/statistics read-write (e.g. for clearing of statistics).
: Click to apply changes.
: Click to undo any changes made locally and revert to previously saved values.
53
4.2.6 NTP Configuration
Configure NTP on this Page. NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of
computer systems. NTP uses UDP (data grams) as transport layer. You can specify NTP Servers. The NTP Configuration screen in
Figure 4-2-8 appears.
Figure 4-2-8: NTP Configuration Page Screenshot
The Page includes the following fields:
Buttons
Object Description
Mode
Indicates the NTP mode operation. Possible modes are:
Enabled: Enable NTP mode operation. When enable NTP mode operation,
the agent forward and to transfer NTP messages between the clients and the
server when they are not on the same subnet domain.
Disabled: Disable NTP mode operation.
Server #
: Click to apply changes.
Provide the NTP IPv4 or IPv6 address of this switch. IPv6 address is in 128-bit
records represented as eight fields of up to four hexadecimal digits with a colon
separates each field (:).
For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that
can be used as a shorthand way of representing multiple 16-bit groups of
contiguous zeros; but it can only appear once. It also used a following legally
IPv4 address. For example, '::192.1.2.34'.
: Click to undo any changes made locally and revert to previously saved values.
54
4.2.7 Time Configuration
Configure Time Zone on this Page. A Time Zone is a region that has a uniform standard time for legal, commercial, and social
purposes. It is convenient for areas in close commercial or other communication to keep the same time, so time zones tend to follow
the boundaries of countries and their subdivisions. The Time Zone Configuration screen in Figure 4-2-9 appears
The Page includes the following fields:
Object Description
Time Zone
Acronym
Figure 4-2-9: Time
Lists various Time Zones world wide. Select appropriate Time Zone from the drop
down and click Save to set.
User can set the acronym of the time zone. This is a User configurable acronym
Configuration Page Screenshot
55
to identify the time zone. ( Range : Up to 16 characters )
Daylight Saving Time
Start Time Settings Week - Select the starting week number.
End Time Settings Week - Select the ending week number.
Offset Settings
This is used to set the clock forward or backward according to the configurations
set below for a defined Daylight Saving Time duration. Select 'Disable' to disable
the Daylight Saving Time configuration. Select 'Recurring' and configure the
Daylight Saving Time duration to repeat the configuration every year. Select
'Non-Recurring' and configure the Daylight Saving Time duration for single time
configuration. ( Default : Disabled ).
Day - Select the starting day.
Month - Select the starting month.
Hours - Select the starting hour.
Minutes - Select the starting minute.
Day - Select the ending day.
Month - Select the ending month.
Hours - Select the ending hour.
Minutes - Select the ending minute
Enter the number of minutes to add during Daylight Saving Time. ( Range: 1 to
Buttons
1440 )
: Click to apply changes.
: Click to undo any changes made locally and revert to previously saved values.
56
4.2.8 UPnP
Configure UPnP on this Page. UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect
seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in
corporate environments for simplified installation of computer components. The UPnP Configuration screen in Figure 4-2-10
appears.
Figure 4-2-10: UPnP
The Page includes the following fields:
Object Description
Configuration Page Screenshot
Mode
TTL
Advertising Duration
Indicates the UPnP operation mode. Possible modes are:
Enabled: Enable UPnP mode operation.
Disabled: Disable UPnP mode operation.
When the mode is enabled, two ACEs are added automatically to trap UPnP
related packets to CPU. The ACEs are automatically removed when the mode is
disabled.
The TTL value is used by UPnP to send SSDP advertisement messages.
Valid values are in the range of 1 to 255.
The duration, carried in SSDP packets, is used to inform a control point or control
points how often it or they should receive a SSDP advertisement message from
this switch. If a control point does not receive any message within the duration, it
will think that the switch no longer exists. Due to the unreliable nature of UDP, in
the standard it is recommended that such refreshing of advertisements to be
done at less than one-half of the advertising duration. In the implementation, the
switch sends SSDP messages periodically at the interval one-half of the
advertising duration minus 30 seconds. Valid values are in the range 100 to
86400.
Buttons
: Click to apply changes
57
: Click to undo any changes made locally and revert to previously saved values.
Figure 4-2-11: UPnP
devices show on Windows My Network Place
58
4.2.9 DHCP Relay
Configure DHCP Relay on this Page. DHCP Relay is used to forward and to transfer DHCP messages between the clients and the
server when they are not on the same subnet domain.
The DHCP option 82 enables a DHCP relay agent to insert specific information into a DHCP request packets when forwarding client
DHCP packets to a DHCP server and remove the specific information from a DHCP reply packets when forwarding server DHCP
packets to a DHCP client. The DHCP server can use this information to implement IP address or other assignment policies.
Specifically the option works by setting two sub-options:
Circuit ID (option 1)
Remote ID (option2).
The Circuit ID sub-option is supposed to include information specific to which circuit the request came in on.
The Remote ID sub-option was designed to carry information relating to the remote host end of the circuit.
The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id" "port_no". The parameter of
"vlan_id" is the first two bytes representing the VLAN ID. The parameter of "module_id" is the third byte for the module ID (in
standalone switch it always equals 0; in stackable switch it means switch ID). The parameter of "port_no" is the fourth byte and it
means the port number.
The Remote ID is 6 bytes in length, and the value equals the DHCP relay agent’s MAC address. The DHCP Relay Configuration
screen in Figure 4-2-12 appears.
Figure 4-2-12 DHCP Relay
The Page includes the following fields:
Object Description
Relay Mode
Indicates the DHCP relay mode operation. Possible modes are:
Configuration Page Screenshot
Enabled: Enable DHCP relay mode operation. When enabling DHCP relay
mode operation, the agent forwards and transfers DHCP messages between
the clients and the server when they are not on the same subnet domain.
And the DHCP broadcast message won't flood for security considered.
Disabled: Disable DHCP relay mode operation.
59
Relay Server
Indicates the DHCP relay server IP address. A DHCP relay agent is used to
forward and transfer DHCP messages between the clients and the server when
they are not on the same subnet domain.
Relay Information
Mode
Relay Information
Policy
Indicates the DHCP relay information mode option operation. Possible modes
are:
Enabled: Enable DHCP relay information mode operation. When enabling
DHCP relay information mode operation, the agent inserts specific
information (option82) into a DHCP message when forwarding to DHCP
server and removing it from a DHCP message when transferring to DHCP
client. It only works under DHCP relay operation mode enabled.
Disabled: Disable DHCP relay information mode operation.
Indicates the DHCP relay information option policy. When enabling DHCP relay
information mode operation, if agent receives a DHCP message that already
contains relay agent information. It will enforce the policy. And it only works under
DHCP relay information operation mode enabled. Possible policies are:
Replace: Replace the original relay information when receiving a DHCP
message that already contains it.
Keep: Keep the original relay information when receiving a DHCP message
that already contains it.
Drop: Drop the package when receiving a DHCP message that already
Buttons
contains relay information.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
60
4.2.10 DHCP Relay Statistics
This Page provides statistics for DHCP relay. The DHCP Relay Statistics screen in Figure 4-2-13 appears.
The Page includes the following fields:
Server Statistics
Object Description
Transmit to Server
Transmit Error
Receive from Server
Receive Missing Agent
Option
Rec eive Missing
Circuit ID
Rec eive Missing
Remote ID
Receive Bad Circuit ID
Figure 4-2-13: DHCP Relay
The packets number that relayed from client to server.
The packets number that errors sending packets to clients.
The packets number that received packets from server.
The packets number that received packets without agent information options.
The packets number that received packets which the Circuit ID option was
missing.
The packets number that received packets which Remote ID option was missing.
The packets number that the Circuit ID option did not match known circuit ID.
Statistics Page Screenshot
Receive Bad Remote ID
The packets number that the Remote ID option did not match known Remote ID.
61
Client Statistics
Object Description
Transmit to Client
Transmit Error
Receive from Client
Receive Agent Option
Replace Agent Option
Keep Agent Option
Drop Agent Option
Buttons
Auto-refresh : Check this box to refresh the Page automatically. Automatic refresh occurs every 3 seconds.
: Click to refresh the Page immediately.
The packets number that relayed packets from server to client.
The packets number that erroneously sent packets to servers.
The packets number that received packets from server.
The packets number that received packets with relay agent information option.
The packets number that replaced received packets with relay agent information
option.
The packets number that kept received packets with relay agent information
option.
The packets number that dropped received packets with relay agent information
option.
: Clears all statistics.
62
4.2.11 CPU Load
This Page displays the CPU load, using a SVG graph. The load is measured as average over the last 100ms, 1sec and 10 seconds
intervals. The last 120 samles are graphed, and the last numbers are displayed as text as well. In order to display the SVG graph,
your browser must support the SVG format. Consult the SVG Wiki for more information on browser support.
Specifically, at the time of writing, Microsoft Internet Explorer will need to have a plugin installed to support SVG. The CPU Load
screen in Figure 4-2-14 appears.
Buttons
Auto-refresh
Figure 4-2-14: CPU Load Page Screenshot
: Check this box to refresh the Page automatically. Automatic refresh occurs every 3 seconds.
If your browser cannot display anything on this Page, please download Adobe SVG tool and
install it in your computer.
63
4.2.12 System Log
The Managed Switch system log information is provided here. The System Log screen in Figure 4-2-15 appears.
Figure 4-2-15: System Log Page Screenshot
The Page includes the following fields:
Object Description
ID
Level
The ID (>= 1) of the system log entry.
The level of the system log entry. The following level types are supported:
Info: Information level of the system log.
Warning: Warning level of the system log.
Error: Error level of the system log.
All: All levels.
Clear Level
To clear the system log entry level. The following level types are supported:
Info: Information level of the system log.
Warning: Warning level of the system log.
Error: Error level of the system log.
All: All levels.
Time
Message
The time of the system log entry.
The message of the system log entry.
64
Buttons
Auto-refresh
: Check this box to refresh the Page automatically. Automatic refresh occurs every 3 seconds.
: Updates the system log entries, starting from the current entry ID.
: Flushes the selected log entries.
: Hides the selected log entries.
: Downloads the selected log entries.
: Updates the system log entries, starting from the first available entry ID.
: Updates the system log entries, ending at the last entry currently displayed.
: Updates the system log entries, starting from the last entry currently displayed.
: Updates the system log entries, ending at the last available entry ID.
65
4.2.13 Detailed Log
The Managed Switch system detailed log information is provided here. The Detailed Log screen in Figure 4-2-16 appears.
Figure 4-2-15: Detailed Log Page Screenshot
The Page includes the following fields:
Buttons
Object Description
ID
Message
: Download the system log entry to the current entry ID.
: Updates the system log entry to the current entry ID.
: Updates the system log entry to the first available entry ID.
: Updates the system log entry to the previous available entry ID.
: Updates the system log entry to the next available entry ID.
: Updates the system log entry to the last available entry ID.
: Print the system log entry to the current entry ID.
The ID (>= 1) of the system log entry.
The message of the system log entry.
66
4.2.14 Remote Syslog
Configure remote syslog on this Page. The Remote Syslog screen in Figure 4-2-17 appears.
Figure 4-2-17: Remote Syslog Page Screenshot
The Page includes the following fields:
Object Description
Buttons
Mode
Syslog Server IP
Syslog Level
Indicates the server mode operation. When the mode operation is enabled, the
syslog message will send out to syslog server. The syslog protocol is based on
UDP communication and received on UDP port 514 and the syslog server will not
send acknowledgments back sender since UDP is a connectionless protocol and
it does not provide acknowledgments. The syslog packet will always send out
even if the syslog server does not exist. Possible modes are:
Enabled: Enable remote syslog mode operation.
Disabled: Disable remote syslog mode operation.
Indicates the IPv4 host address of syslog server. If the switch provides DNS
feature, it also can be a host name.
Indicates what kind of message will send to syslog server. Possible modes are:
Info: Send information, warnings and errors.
Warning: Send warnings and errors.
Error: Send errors.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
67
4.2.15 SMTP Configuration
This Page facilitates an SMTP Configuration on the switch. The SMTP Configure screen in Figure 4-2-18 appears.
Figure 4-2-18: SMTP Configuration Page Screenshot
The Page includes the following fields:
Object Description
SMTP Mode
SMTP Server
SMTP Port
SMTP Authentication
Authentication User
Name
Authentication
Password
E-mail From
E-mail Subject
E-mail 1 To
E-mail 2 To
Controls whether SMTP is enabled on this switch.
Type the SMTP server name or the IP address of the SMTP server.
Set port number of SMTP service.
Controls whether SMTP authentication is enabled If authentication is required
when an e-mail is sent.
Type the user name for the SMTP server if Authentication is Enable.
Type the password for the SMTP server if Authentication is Enable.
Type the sender’s E-mail address. This address is used for reply e-mails.
Type the subject/title of the e-mail.
Type the receiver’s e-mail address.
Buttons
: Send a test mail to mail server to check this account is available or not.
: Click to save changes.
68
: Click to undo any changes made locally and revert to previously saved values.
4.2.16 Web Firmware Upgrade
This Page facilitates an update of the firmware controlling the switch. The Web Firmware Upgrade screen in Figure 4-2-19 appears.
Figure 4-2-19: Web Firmware Upgrade Page Screenshot
To open Firmware Upgrade screen, perform the following:
1. Click System -> Web Firmware Upgrade.
2. The Firmware Upgrade screen is displayed as in Figure 4-2-19.
3. Click the “
4. Select on the firmware then click “
5. Once the software is loaded to the system successfully, the following screen appears. The system will load the new software
after reboot.
“button of the Main Page, the system would pop up the file selection menu to choose firmware.
”, the Software Upload Progress would show the file with upload status.
Figure 4-2-20: Software Successfully Loaded Notice Screen
DO NOT Power OFF the Managed Switch until the update progress is complete.
69
Do not quit the Firmware Upgrade Page without pressing the “OK” button after the image is
loaded. Or the system won’t apply the new firmware. User has to repeat the firmware
upgrade processes.
4.2.17 TFTP Firmware Upgrade
The Firmware Upgrade Page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server
in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server. The
TFTP Firmware Upgrade screen in Figure 4-2-21 appears.
Figure 4-2-20: TFTP Firmware Update Page Screenshot
The Page includes the following fields:
Object Description
TFTP Server IP
Firmware File Name
Buttons
: Click to upgrade firmware.
DO NOT Power OFF the Managed Switch until the update progress is complete.
Fill in your TFTP server IP address.
The name of firmware image.
(Maximum length : 24 characters)
Do not quit the Firmware Upgrade Page without pressing the “OK” button after the image is
loaded. Or the system won’t apply the new firmware. User has to repeat the firmware
upgrade processes.
70
4.2.17 Save Startup Config
This function allows save the current configuration, thereby ensuring that the current active configuration can be used at the next
reboot screen in Figure 4-2-22 appears. After saving the configuratioin, the screen Figure 4-2-23 will appear.
Figure 4-2-22: Configuration Save Page Screenshot
Figure 4-2-23: Finish Saving Page Screenshot
4.2.18 Configuration Download
The switch stores its configuration in a number of text files in CLI format. The files are either virtual (RAM-based) or stored in flash
on the switch.
There are three system files:
running-config: A virtual file that represents the currently active configuration on the switch. This file is volatile.
startup-config: The startup configuration for the switch, read at boot time.
default-config: A read-only file with vendor-specific configuration. This file is read when the system is restored to default
settings.
It is also possible to store up to two other files and apply them to running-config, thereby switching configuration.
Configuration Download page allows the download the running-config, startup-config and default-config on the switch. Please refer
to the Figure 4-2-24 shown below.
71
Figure 4-2-24: Configuration Download Page Screenshot
4.2.20 Configuration Upload
Configuration Upload page allows the upload the running-config and startup-config on the switch. Please refer to the Figure 4-2-25
shown below.
Figure 4-2-25: Configuration Upload Page Screenshot
If the destination is running-config, the file will be applied to the switch configuration. This can be done in two ways:
Replace mode: The current configuration is fully replaced with the configuration in the uploaded file.
Merge mode: The uploaded file is merged into running-config.
If the file system is full (i.e. contains the three system files mentioned above plus two other files), it is not possible to create new files,
but an existing file must be overwritten or another deleted first.
72
4.2.21 Configuration Activate
Configuration Activate page allows to activate the startup-config and default-config files present on the switch. Please refer to the
Figure 4-2-26 shown below.
Figure 4-2-26: Configuration Activate Page Screenshot
It is possible to activate any of the configuration files present on the switch, except for running-config which represents the currently
active configuration.
Select the file to activate and click . This will initiate the process of completely replacing the existing
configuration with that of the selected file.
4.2.22 Configuration Delete
Configuration Delete page allows to delete the startup-config and default-config files which stored in FLASH. If this is done and the
switch is rebooted without a prior Save operation, this effectively resets the switch to default configuration. Please refer to the Figure
4-2-27 shown below.
Figure 4-2-27: Configuration Delete Page Screenshot
73
4.2.23 Image Select
This Page provides information about the active and alternate (backup) firmware images in the device, and allows you to revert to
the alternate image. The web Page displays two tables with information about the active and alternate firmware images. The Image
Select screen in Figure 4-2-28 appears.
1. In case the active firmware image is the alternate image, only the "Active Image" table is shown.
In this case, the Activate Alternate Image button is also disabled.
2. If the alternate image is active (due to a corruption of the primary image or by manual
intervention), uploading a new firmware image to the device will automatically use the primary
image slot and activate this.
3. The firmware version and date information may be empty for older firmware releases. This does
not constitute an error.
Figure 4-2-28: Software Image Selection Page Screenshot
The Page includes the following fields:
Object Description
Image
Version
Date
The flash index name of the firmware image. The name of primary (preferred)
image is image, the alternate image is named image.bk.
The version of the firmware image.
The date where the firmware was produced.
74
Buttons
: Click to use the alternate image. This button may be disabled depending on system state.
4.2.24 Factory Default
You can reset the configuration of the Managed Switch on this Page. Only the IP configuration is retained. The new configuration is
available immediately, which means that no restart is necessary. The Factory Default screen in Figure 4-2-29 appears.
Buttons
Figure 4-2-29: Factory Default Page Screenshot
: Click to reset the configuration to Factory Defaults.
: Click to return to the Port State Page without resetting the configuration.
To reset the Managed Switch to the Factory default setting, you can also press the hardware reset button
at the front panel about 10 seconds. After the device be rebooted. You can login the management WEB
interface within the same subnet of 192.168.0.xx.
75
4.2.25 System Reboot
The Reboot Page enables the device to be rebooted from a remote location. Once the Reboot button is pressed, user have to
re-login the WEB interface about 60 seconds later, the System Reboot screen in Figure 4-2-30 appears.
Figure 4-2-30: System Reboot Page Screenshot
Buttons
: Click to reboot the system.
: Click to return to the Port State Page without rebooting the system.
You can also check the SYS LED at the front panel to identify whether the System is loaded completely or
not. If the SYS LED is blinking, then it is in the firmware load stage; if the SYS LED light is on, you can use
the WEB browser to login the Managed Switch.
76
4.3 Simple Network Management Protocol
4.3.1 SNMP Overview
The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management
information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP
enables network administrators to manage network performance, find and solve network problems, and plan for network growth.
An SNMP-managed network consists of three key components: Network management stations (NMSs), SNMP agents,
Management information base (MIB) and network-management protocol:
■ Network management stations (NMSs):Sometimes called consoles, these devices execute management applications that
monitor and control network elements. Physically, NMSs are usually engineering workstation-caliber computers with fast
CPUs, megapixel color displays, substantial memory, and abundant disk space. At least one NMS must be present in each
managed environment.
■ Agents:Agents are software modules that reside in network elements. They collect and store management information such
as the number of error packets received by a network element.
■ Management information base (MIB):A MIB is a collection of managed objects residing in a virtual information store.
Collections of related managed objects are defined in specific MIB modules.
■ Network-management protocol:A management protocol is used to convey management information between agents and
NMSs. SNMP is the Internet community's de facto standard management protocol.
SNMP Operations
SNMP itself is a simple request/response protocol. NMSs can send multiple requests without receiving a response.
■ Get -- Allows the NMS to retrieve an object instance from the agent.
■ Set -- Allows the NMS to set values for object instances within an agent.
■ Tr ap - - Used by the agent to asynchronously inform the NMS of some event. The SNMPv2 trap message is designed to
replace the SNMPv1 trap message.
77
SNMP community
An SNMP community is the group that devices and management stations running SNMP belong to. It helps define where information
is sent. The community name is used to identify the group. A SNMP device or agent may belong to more than one SNMP community.
It will not respond to requests from management stations that do not belong to one of its communities. SNMP default communities
are:
。 Write = private
。 Read = public
Use the SNMP Menu to display or configure the Managed Switch's SNMP function. This section has the following items:
System Configuration
Trap Configuration
System Information
SNMPv3 Communities
SNMPv3 Users
SNMPv3 Groups
SNMPv3 Views
SNMPv3 Access
Configure SNMP on this Page.
Configure SNMP trap on this Page.
The system information is provided here.
Configure SNMPv3 communities table on this Page.
Configure SNMPv3 users table on this Page.
Configure SNMPv3 groups table on this Page.
Configure SNMPv3 views table on this Page.
Configure SNMPv3 accesses table on this Page.
78
4.3.2 SNMP System Configuration
Configure SNMP on this Page. The SNMP System Configuration screen in Figure 4-3-1 appears.
Figure 4-3-1: SNMP System Configuration Page Screenshot
The Page includes the following fields:
Object Description
Mode
Version
Read Community
Write Community
Indicates the SNMP mode operation. Possible modes are:
Enabled: Enable SNMP mode operation.
Disabled: Disable SNMP mode operation.
Indicates the SNMP supported version. Possible versions are:
SNMP v1: Set SNMP supported version 1.
SNMP v2c: Set SNMP supported version 2c.
SNMP v3: Set SNMP supported version 3.
Indicates the community read access string to permit access to SNMP agent.
The allowed string length is 0 to 255, and the allowed content is the ASCII
characters from 33 to 126.
The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If
SNMP version is SNMPv3, the community string will be associated with SNMPv3
communities table. It provides more flexibility to configure security name than a
SNMPv1 or SNMPv2c community string. In addition to community string, a
particular range of source addresses can be used to restrict source subnet.
Indicates the community write access string to permit access to SNMP agent.
The allowed string length is 0 to 255, and the allowed content is the ASCII
characters from 33 to 126.
The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If
79
SNMP version is SNMPv3, the community string will be associated with SNMPv3
communities table. It provides more flexibility to configure security name than a
SNMPv1 or SNMPv2c community string. In addition to community string, a
particular range of source addresses can be used to restrict source subnet.
Buttons
Engine ID
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
Indicates the SNMPv3 engine ID. The string must contain an even number
between 10 and 64 hexadecimal digits, but all-zeros and all-'F's are not allowed.
Change of the Engine ID will clear all original local users.
80
4.3.3 SNMP Trap Configuration
Configure SNMP trap on this Page. The SNMP Trap Configuration screen in Figure 4-3-2 appears.
Figure 4-3-2: SNMP Trap Configuration Page Screenshot
The Page includes the following fields:
Object Description
Trap Config
Trap Mode
Trap Version
Indicates which trap Configuration's name for configuring. The allowed string
length is 0 to 255, and the allowed content is ASCII characters from 33 to 126.
Indicates the SNMP trap mode operation. Possible modes are:
Enabled: Enable SNMP trap mode operation.
Disabled: Disable SNMP trap mode operation.
Indicates the SNMP trap supported version. Possible versions are:
SNMP v1: Set SNMP trap supported version 1.
SNMP v2c: Set SNMP trap supported version 2c.
SNMP v3: Set SNMP trap supported version 3.
81
Trap Community
Indicates the community access string when send SNMP trap packet. The
allowed string length is 0 to 255, and the allowed content is the ASCII characters
from 33 to 126.
Trap Destination
Address
Trap Destination Port
Trap Inform Mode
Trap Inform Timeout
Indicates the SNMP trap destination address. It allow a valid IP address in dotted
decimal notation ('x.y.z.w'). And it also allow a valid hostname. A valid hostname
is a string drawn from the alphabet (A-Za-z), digits (0-9), dot (.), dash (-). Spaces
are not allowed, the first character must be an alpha character, and the first and
last characters must not be a dot or a dash.
Indicates the SNMP trap destination IPv6 address. IPv6 address is in 128-bit
records represented as eight fields of up to four hexadecimal digits with a colon
separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::'
is a special syntax that can be used as a shorthand way of representing multiple
16-bit groups of contiguous zeros; but it can appear only once. It can also
represent a legally valid IPv4 address. For example, '::192.1.2.34'.
Indicates the SNMP trap destination port. SNMP Agent will send SNMP message
via this port, the port range is 1~65535.
Indicates the SNMP trap inform mode operation. Possible modes are:
Enabled: Enable SNMP trap authentication failure.
Disabled: Disable SNMP trap authentication failure.
Indicates the SNMP trap inform timeout. The allowed range is 0 to 2147.
(seconds)
Trap Inform Retry
Times
Trap Probe Security
Engine ID
Trap Security Engine
ID
Trap Security Name
Indicates the SNMP trap inform retry times. The allowed range is 0 to 255.
Indicates the SNMPv3 trap probe security engine ID mode of operation. Possible
values are:
Enabled: Enable SNMP trap probe security engine ID mode of operation.
Disabled: Disable SNMP trap probe security engine ID mode of operation.
Indicates the SNMP trap security engine ID. SNMPv3 sends traps and informs
using USM for authentication and privacy. A unique engine ID for these traps and
informs is needed. When "Trap Probe Security Engine ID" is enabled, the ID will
be probed automatically. Otherwise, the ID specified in this field is used. The
string must contain an even number(in hexadecimal format) with number of digits
between 10 and 64, but all-zeros and all-'F's are not allowed.
Indicates the SNMP trap security name. SNMPv3 traps and informs using USM
for authentication and privacy. A unique security name is needed when traps and
informs are enabled.
82
System
Enable/disable that the Interface group's traps. Possible traps are:
Warm Start: Enable/disable Warm Start trap.
Cold Start: Enable/disable Cold Start trap.
Buttons
Interface
Indicates that the Interface group's traps. Possible traps are:
Link Up: Enable/disable Link up trap.
Link Down: Enable/disable Link down trap.
LLDP: Enable/disable LLDP trap.
AAA
Switch
Indicates that the AAA group's traps. Possible traps are:
Authentication Fail : Enable/disable SNMP trap authentication failure trap.
Indicates that the Switch group's traps. Possible traps are:
STP: Enable/disable STP trap.
RMON: Enable/disable RMON trap.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
83
4.3.4 SNMP System Information
The switch system information is provided here. The SNMP System Information screen in Figure 4-3-3 appears.
Figure 4-3-3: System Information Configuration Page Screenshot
The Page includes the following fields:
Object Description
Buttons
System Contact
System Name
System Location
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
The textual identification of the contact person for this managed node, together
with information on how to contact this person. The allowed string length is 0 to
255, and the allowed content is the ASCII characters from 32 to 126.
An administratively assigned name for this managed node. By convention, this is
the node's fully-qualified domain name. A domain name is a text string drawn
from the alphabet (A-Za-z), digits (0-9), minus sign (-). No space characters are
permitted as part of a name. The first character must be an alpha character. And
the first or last character must not be a minus sign. The allowed string length is 0
to 255.
The physical location of this node(e.g., telephone closet, 3rd floor). The allowed
string length is 0 to 255, and the allowed content is the ASCII characters from 32
to 126.
84
4.3.5 SNMPv3 Configuration
4.3.5.1 SNMPv3 Communities
Configure SNMPv3 communities table on this Page. The entry index key is Community. The SNMPv3 Communities screen in Figure
4-3-4 appears.
Figure 4-3-4: SNMPv3 Communities Configuration Page Screenshot
The Page includes the following fields:
Object Description
Buttons
Delete
Community
Source IP
Source Mask
: Click to add a new community entry.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
Check to delete the entry. It will be deleted during the next save.
Indicates the community access string to permit access to SNMPv3 agent. The
allowed string length is 1 to 32, and the allowed content is ASCII characters from
33 to 126. The community string will be treated as security name and map a
SNMPv1 or SNMPv2c community string.
Indicates the SNMP access source address. A particular range of source
addresses can be used to restrict source subnet when combined with source
mask.
Indicates the SNMP access source address mask.
85
4.3.5.2 SNMPv3 Users
Configure SNMPv3 users table on this Page. The entry index keys are Engine ID and User Name. The SNMPv3 Users screen in
Figure 4-3-5 appears.
Figure 4-3-5: SNMPv3 Users Configuration Page Screenshot
The Page includes the following fields:
Object Description
Delete
Engine ID
User Name
Security Level
Check to delete the entry. It will be deleted during the next save.
An octet string identifying the engine ID that this entry should belong to. The
string must contain an even number(in hexadecimal format) with number of digits
between 10 and 64, but all-zeros and all-'F's are not allowed. The SNMPv3
architecture uses the User-based Security Model (USM) for message security
and the View-based Access Control Model (VACM) for access control. For the
USM entry, the usmUserEngineID and usmUserName are the entry's keys.
In a simple agent, usmUserEngineID is always that agent's own snmpEngineID
value. The value can also take the value of the snmpEngineID of a remote SNMP
engine with which this user can communicate. In other words, if user engine ID
equal system engine ID then it is local user; otherwise it's remote user.
A string identifying the user name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is ASCII characters from 33 to
126.
Indicates the security model that this entry should belong to. Possible security
models are:
NoAuth, NoPriv: None authentication and none privacy.
Auth, NoPriv: Authentication and none privacy.
Auth, Priv: Authentication and privacy.
The value of security level cannot be modified if entry already exist. That means
must first ensure that the value is set correctly.
86
Authentication
Indicates the authentication protocol that this entry should belong to. Possible
Protocol
Authentication
Password
Privacy Protocol
authentication protocol are:
None: None authentication protocol.
MD5: An optional flag to indicate that this user using MD5 authentication
protocol.
SHA: An optional flag to indicate that this user using SHA authentication
protocol.
The value of security level cannot be modified if entry already exist. That means
must first ensure that the value is set correctly.
A string identifying the authentication pass phrase. For MD5 authentication
protocol, the allowed string length is 8 to 32. For SHA authentication protocol, the
allowed string length is 8 to 40. The allowed content is the ASCII characters from
33 to 126.
Indicates the privacy protocol that this entry should belong to. Possible privacy
protocol are:
None: None privacy protocol.
DES: An optional flag to indicate that this user using DES authentication
protocol.
Buttons
AES: An optional flag to indicate that this user uses AES authentication
protocol.
Pri vacy Password
: Click to add a new user entry.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
A string identifying the privacy pass phrase. The allowed string length is 8 to 32,
and the allowed content is the ASCII characters from 33 to 126.
87
4.3.5.3 SNMPv3 Groups
Configure SNMPv3 groups table on this Page. The entry index keys are Security Model and Security Name. The SNMPv3 Groups
screen in Figure 4-3-6 appears.
Figure 4-3-6: SNMPv3 Groups Configuration Page Screenshot
The Page includes the following fields:
Object Description
Buttons
Delete
Security Model
Security Name
Group Name
: Click to add a new group entry.
Check to delete the entry. It will be deleted during the next save.
Indicates the security model that this entry should belong to. Possible security
models are:
v1: Reserved for SNMPv1.
v2c: Reserved for SNMPv2c.
usm: User-based Security Model (USM).
A string identifying the security name that this entry should belong to.
The allowed string length is 1 to 32, and the allowed content is the ASCII
characters from 33 to 126.
A string identifying the group name that this entry should belong to.
The allowed string length is 1 to 32, and the allowed content is the ASCII
characters from 33 to 126.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
88
4.3.5.4 SNMPv3 Views
Configure SNMPv3 views table on this Page. The entry index keys are View Name and OID Subtree. The SNMPv3 Views screen in
Figure 4-3-7 appears.
Figure 4-3-7: SNMPv3 Views Configuration Page Screenshot
The Page includes the following fields:
Object Description
Buttons
Delete
View Name
View Type
OID Subtree
Check to delete the entry. It will be deleted during the next save.
A string identifying the view name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is the ASCII characters from 33
to 126.
Indicates the view type that this entry should belong to. Possible view type are:
included: An optional flag to indicate that this view subtree should be
included.
excluded: An optional flag to indicate that this view subtree should be
excluded.
In general, if a view entry's view type is 'excluded', it should be exist another view
entry which view type is 'included' and it's OID subtree overstep the 'excluded'
view entry.
The OID defining the root of the subtree to add to the named view. The allowed
OID length is 1 to 128. The allowed string content is digital number or asterisk(*).
: Click to add a new view entry.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
89
4.3.5.5 SNMPv3 Access
Configure SNMPv3 accesses table on this Page. The entry index keys are Group Name, Security Model and Security Level.
The SNMPv3 Access screen in Figure 4-3-8 appears.
Figure 4-3-8: SNMPv3 Accesses Configuration Page Screenshot
The Page includes the following fields:
Object Description
Delete
Group Name
Security Model
Security Level
Read View Name
Check to delete the entry. It will be deleted during the next save.
A string identifying the group name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is the ASCII characters from 33 to
126.
Indicates the security model that this entry should belong to. Possible security
models are:
any: Accepted any security model (v1|v2c|usm).
v1: Reserved for SNMPv1.
v2c: Reserved for SNMPv2c.
usm: User-based Security Model (USM)
Indicates the security model that this entry should belong to. Possible security
models are:
NoAuth, NoPriv: None authentication and none privacy.
Auth, NoPriv: Authentication and none privacy.
Auth, Priv: Authentication and privacy.
The name of the MIB view defining the MIB objects for which this request may
request the current values. The allowed string length is 1 to 32, and the allowed
content is the ASCII characters from 33 to 126.
Write View Name
The name of the MIB view defining the MIB objects for which this request may
potentially SET new values. The allowed string length is 1 to 32, and the allowed
content is the ASCII characters from 33 to 126.
90
Buttons
: Click to add a new access entry.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
91
4.4 Port Management
Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items:
Port Configuration
Port Statistics Overview
Port Statistics Detail
SFP Module Information
Port Mirror
Configures port connection settings
Lists Ethernet and RMON port statistics
Lists Ethernet and RMON port statistics
Display SFP information
Sets the source and target ports for mirroring
4.4.1 Port Configuration
This Page displays current port configurations. Ports can also be configured here. The Port Configuration screen in Figure 4-4-1
appears.
The Page includes the following fields:
Object Description
Port
Figure 4-4-1: Port Configuration Page Screenshot
This is the logical port number for this row.
92
Port Description
Indicates the per port description.
Link
Current Link Speed
Configured Link Speed
Flow Control
The current link state is displayed graphically. Green indicates the link is up and
red that it is down.
Provides the current link speed of the port.
Select any available link speed for the given switch port. Draw the menu bar to
select the mode.
Auto - Setup Auto negotiation for copper interface.
10Mbps HDX - Force sets 10Mbps/Half-Duplex mode.
10Mbps FDX - Force sets 10Mbps/Full-Duplex mode.
100Mbps HDX - Force sets 100Mbps/Half-Duplex mode.
100Mbps FDX - Force sets 100Mbps/Full-Duplex mode.
1Gbps FDX - Force sets 10000Mbps/Full-Duplex mode.
Auto Fiber (10G) – Setup 10G firber port for negotiation
automatically.
Disable - Shutdown the port manually.
When Auto Speed is selected on a port, this section indicates the flow control
capability that is advertised to the link partner.
Buttons
Maximum Frame Size
Excessive Collision
Mode
When set each port to run at 100M Full, 100M Half, 10M Full, and 10M Half-speed modes. The
Auto-MDIX function will disable.
When a fixed-speed setting is selected, that is what is used. The Current Rx
column indicates whether pause frames on the port are obeyed, and the Current
Tx column indicates whether pause frames on the port are transmitted. The Rx
and Tx settings are determined by the result of the last Auto-Negotiation.
Check the configured column to use flow control. This setting is related to the
setting for Configured Link Speed.
Enter the maximum frame size allowed for the switch port, including FCS. The
allowed range is 1518 bytes to 10056 bytes.
Configure port transmit collision behavior.
Discard: Discard frame after 16 collisions (default).
Restart: Restart back off algorithm after 16 collisions.
: Click to apply changes
93
: Click to undo any changes made locally and revert to previously saved values.
: Click to refresh the Page. Any changes made locally will be undone.
4.4.2 Port Statistics Overview
This Page provides an overview of general traffic statistics for all switch ports. The Port Statistics Overview screen in Figure 4-4-2
appears.
The displayed counters are:
Object Description
Port
Packets
Bytes
Errors
Drops
Filtered
Figure 4-4-2: Port Statistics Overview Page Screenshot
The logical port for the settings contained in the same row.
The number of received and transmitted packets per port.
The number of received and transmitted bytes per port.
The number of frames received in error and the number of incomplete
transmissions per port.
The number of frames discarded due to ingress or egress congestion.
The number of received frames filtered by the forwarding process.
94
Buttons
: Download the Port Statistics Overview result as EXECL file.
: Click to refresh the Page immediately.
: Clears the counters for all ports.
: Print the Port Statistics Overview result.
Auto-refresh : Check this box to enable an automatic refresh of the Page at regular intervals.
4.4.3 Port Statistics Detail
This Page provides detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to
display. The selected port belong to the currently selected stack unit, as reflected by the Page header. The displayed counters are
the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit. The
Port Statistics Detail screen in Figure 4-4-3 appears.
Figure 4-4-3: Detailed Port Statistics Port 1 Page Screenshot
95
The Page includes the following fields:
Receive Total and Transmit Total
Object Description
Rx and Tx Packets
Rx and Tx Octets
The number of received and transmitted (good and bad) packets
The number of received and transmitted (good and bad) bytes, including FCS,
but excluding framing bits.
Rx and Tx Unicast
Rx and Tx Multicast
Rx and Tx Broadcast
Rx and Tx Pause
The number of received and transmitted (good and bad) unicast packets.
The number of received and transmitted (good and bad) multicast packets.
The number of received and transmitted (good and bad) broadcast packets.
A count of the MAC Control frames received or transmitted on this port that has
an opcode indicating a PAUSE operation.
Receive and Transmit Size Counters
The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes.
Receive and Transmit Queue Counters
The number of received and transmitted packets per input and output queue.
Receive Error Counters
Object Description
Rx Drops
Rx CRC/Alignment
Rx Undersize
Rx Oversize
Rx Fragments
Rx Jabber
Rx Filtered
The number of frames dropped due to lack of receive buffers or egress
congestion.
The number of frames received with CRC or alignment errors.
1
The number of short
The number of long
The number of short
The number of long
frames received with valid CRC.
2
frames received with valid CRC.
1
frames received with invalid CRC.
2
frames received with invalid CRC.
The number of received frames filtered by the forwarding process.
Short frames are frames that are smaller than 64 bytes.
Long frames are frames that are longer than the configured maximum
frame length for this port.
96
1 Short frames are frames that are smaller than 64 bytes.
2 Long frames are frames that are longer than the configured maximum frame length for this port.
Transmit Error Counters
Object Description
Tx Drops
Tx Late/Exc. Coll.
Buttons
: Click to refresh the Page immediately.
: Clears the counters for all ports.
Auto-refresh : Check this box to enable an automatic refresh of the Page at regular intervals.
The number of frames dropped due to output buffer congestion.
The number of frames dropped due to excessive or late collisions.
97
4.4.4 SFP Module Information
The WGSW-48040HP has supported the SFP module with digital diagnostics monitoring (DDM) function, this feature is also
known as digital optical monitoring (DOM). You can check the physical or operational status of an SFP module via the SFP Module
Information Page. This Page shows the operational status, such as the transceiver type, speed, wavelength, optical output power,
optical input power, temperature, laser bias current and transceiver supply voltage in real time. You can also use the hyperlink of
port no. to check the statistics on a speficic interface. The SFP Module Information screen in Figure 4-4-4 appears.
Figure 4-4-4: SFP Module Information for Switch Page Screenshot
The Page includes the following fields:
Object Description
Type
Speed
Wave Length(nm)
Display the type of current SFP module, the possible types are:
10GBase-SR
10GBase-LR
1000Base-SX
1000Base-LX
100Base-FX
Display the spedd of current SFP module, the speed value or description is get
from the SFP module. Different vendors SFP modules might shows different
speed information.
Display the wavelength of current SFP module, the wavelength value is get from
the SFP module. Use this column to check if the wavelength values of two nodes
are the matched while the fiber connection is failed.
Distance(m)
Display the supports distance of current SFP module, the distance value is get
from the SFP module.
98
Temperature(C)
Display the temperature of current SFP DDM module, the temperature value is
– SFP DDM Module Only
Voltage(V)
– SFP DDM Module Only
Current(mA)
– SFP DDM Module Only
TX power(dBm)
– SFP DDM Module Only
RX power(dBm)
– SFP DDM Module Only
Buttons
SFP Monitor Event Alert:
Warning Temperature:
Check SFP Monitor Event Alert box; it will be in accordance with your warning temperature setting and allows users to record
message out via SNMP Trap.
get from the SFP DDM module.
Display the voltage of current SFP DDM module, the voltage value is get from the
SFP DDM module.
Display the Ampere of current SFP DDM module, the Ampere value is get from
the SFP DDM module.
Display the TX power of current SFP DDM module, the TX power value is get
from the SFP DDM module.
Display the RX power of current SFP DDM module, the RX power value is get
from the SFP DDM module.
send trap
degrees C
Auto-refresh
: Check this box to enable an automatic refresh of the Page at regular intervals.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
: Click to refresh the Page immediately.
99
4.4.5 Port Mirror
Configure port Mirroring on this Page. This function provide to monitoring network traffic that forwards a copy of each incoming or
outgoing packet from one port of a network Switch to another port where the packet can be studied. It enables the manager to keep
close track of switch performance and alter it if necessary.
To debug network problems, selected traffic can be copied, or mirrored, to a mirror port where a frame analyzer can be
attached to analyze the frame flow.
The Managed Switch can unobtrusively mirror traffic from any port to a monitor port. You can then attach a protocol analyzer or
RMON probe to this port to perform traffic analysis and verify connection integrity.
Figure 4-4-7: Port Mirror Application
The traffic to be copied to the mirror port is selected as follows:
All frames received on a given port (also known as ingress or source mirroring).
All frames transmitted on a given port (also known as egress or destination mirroring).
100
Loading...