Interlogix NS4750-24S-4T-4X User Manual

NS4750-24S-4T-4X
User Manual
P/N 1702826 • REV 00.01 • ISS 14JUL14
r
Copyright © 2014 United Technologies Corporation
Interlogix is part of UTC Building & Industrial Systems,Inc. a unit of United Technologies Corporation. All rights reserved.
Trademarks and patents The NS4750-24S-4T-4X name and logo are trademarks of United
Technologies.
Other trade names used in this document may be trademarks or registered trademarks of the manufacturers or vendors of the respective products.
Manufacture
Intended use
Certification
FCC compliance
Interlogix
3211 Progress Drive, Lincolnton, NC 28092 USA
Authorized EU manufacturing representative: UTC Climate Controls & Security B.V., Kelvinstraat 7, 6003 DH Weert, Netherlands
Use this product only for the purpose it was designed for; refer to the data
sheet and user documentation for details. For the latest product information,
contact your local supplier or visit us online at www.interlogix.com.
N4131
This equipment has been tested and found to comply with the limits for a
Class A digital device, pursuant to part 15 of the FCC Rules. These limits are
designed to provide reasonable protection against harmful interference when
the equipment is operated in a commercial environment. This equipment
generates, uses, and can radiate radio frequency energy and, if not installed
and used in accordance with the instruction manual, may cause harmful
interference to radio communications.
You are cautioned that any changes or modifications not expressly approved
by the party responsible for compliance could void the user's authority to
operate the equipment.
ACMA compliance Notice! This is a Class A product. In a domestic environment this product
may cause radio interference in which case the user may be required to take
adequate measures.
Canada
European Union
directives
Contact Information For contact information, see www.interlogix.com
This Class A digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe A est conforme á la norme NMB-003du
Canada.
200 4/108/EC (EMC Directive): Hereby, UTC Building & Industrial Systems,
Inc. declares that this device is in compliance with the essential requirements
and other relevant provisions of Directive 2004/108/EC.
or
www.utcfssecurityproducts.eu
.
2
TABLE OF CONTENTS
1. INTRODUCTION.................................................................................................................. 10
1.1 Packet Contents.........................................................................................................................................10
1.2 Product Descriptions.................................................................................................................................11
1.3 How to Use This Manual............................................................................................................................14
1.4 Product Features........................................................................................................................................15
1.5 Product Specifications..............................................................................................................................18
2. INSTALLATION ................................................................................................................... 21
2.1 Hardware Descriptions..............................................................................................................................21
2.1.1 Front Panel..........................................................................................................................................................21
2.1.2 LED Indications ................................................................................................................................................... 23
2.1.3 Wiring the AC Power Input ..................................................................................................................................25
2.1.4 Wiring the DC Power Input .................................................................................................................................. 25
2.1.5 Wiring the Faulty Alarm Contact ..........................................................................................................................26
2.1.6 Wiring the Digital Input / Output........................................................................................................................... 27
2.2 Installing the Managed Switch..................................................................................................................30
2.2.1 Desktop Installation .............................................................................................................................................30
2.2.2 Rack Mounting ....................................................................................................................................................31
2.3 Cabling........................................................................................................................................................33
2.3.1 Installing the SFP Transceiver............................................................................................................................. 34
2.3.2 Removing the Module..........................................................................................................................................37
3. SWITCH MANAGEMENT....................................................................................................38
3.1 Requirements .............................................................................................................................................38
3.2 Management Access Overview.................................................................................................................39
3.3 CLI Mode Management..............................................................................................................................40
3.4 Web Management.......................................................................................................................................41
3.5 SNMP-based Network Management.........................................................................................................42
4. WEB CONFIGURATION...................................................................................................... 43
4.1 Main Web Page...........................................................................................................................................46
3
4.2 System.........................................................................................................................................................48
4.2.1 System Information..............................................................................................................................................48
4.2.2 IP Configuration...................................................................................................................................................49
4.2.3 IP Status ..............................................................................................................................................................52
4.2.4 Users Configuration.............................................................................................................................................53
4.2.5 Privilege Levels ................................................................................................................................................... 55
4.2.6 NTP Configuration ............................................................................................................................................... 58
4.2.7 Time Configuration .............................................................................................................................................. 59
4.2.8 UPnP ................................................................................................................................................................... 60
4.2.9 DHCP Relay ........................................................................................................................................................ 62
4.2.10 DHCP Relay Statistics.......................................................................................................................................64
4.2.11 CPU Load ..........................................................................................................................................................65
4.2.12 System Log .......................................................................................................................................................67
4.2.13 Detailed Log ...................................................................................................................................................... 68
4.2.14 Remote Syslog .................................................................................................................................................. 69
4.2.15 SMTP Configuration ..........................................................................................................................................71
4.2.16 Digital Input/Output............................................................................................................................................72
4.2.17 Faulty Alarm ...................................................................................................................................................... 75
4.2.18 Web Firmware Upgrade .................................................................................................................................... 76
4.2.19 TFTP Firmware Upgrade ................................................................................................................................... 77
4.2.20 Save Startup Config...........................................................................................................................................78
4.2.21 Configuration Download ....................................................................................................................................79
4.2.22 80
4.2.23 Configuration Activate........................................................................................................................................81
4.2.24 Configuration Delete.......................................................................................................................................... 82
4.2.25Image Select ......................................................................................................................................................82
4.2.26 Factory Default ..................................................................................................................................................84
4.2.27 System Reboot..................................................................................................................................................85
4.3 Simple Network Management Protocol ...................................................................................................86
4.3.1 SNMP Overview ..................................................................................................................................................86
4.3.2 SNMP System Configuration...............................................................................................................................87
4.3.3 TRAP Configuration............................................................................................................................................. 88
4.3.4 SNMP System Information ..................................................................................................................................92
4.3.5 SNMPv3 Configuration ........................................................................................................................................ 93
4.3.5.1 SNMPv3 Communities ..............................................................................................................................93
4.3.5.2 SNMPv3 Users.......................................................................................................................................... 94
4.3.5.3 SNMPv3 Groups .......................................................................................................................................95
4.3.5.4 SNMPv3 Views..........................................................................................................................................96
4
4.3.5.5 SNMPv3 Access........................................................................................................................................ 98
4.4 Port Management.....................................................................................................................................100
4.4.1 Port Configuration..............................................................................................................................................100
4.4.2 Port Statistics Overview.....................................................................................................................................103
4.4.3 Detailed Port Statistics.......................................................................................................................................104
4.4.4 SFP Information.................................................................................................................................................106
4.4.5 Port Mirror .........................................................................................................................................................108
4.5 Link Aggregation...................................................................................................................................... 111
4.5.1 Static Aggregation.............................................................................................................................................. 114
4.5.2 LACP Configuration........................................................................................................................................... 116
4.5.3 LACP System Status .........................................................................................................................................118
4.5.4 LACP Port Status............................................................................................................................................... 119
4.5.5 LACP Port Statistics ..........................................................................................................................................121
4.6 VLAN..........................................................................................................................................................123
4.6.1 VLAN Overview .................................................................................................................................................123
4.6.2 IEEE 802.1Q VLAN ...........................................................................................................................................124
4.6.3 VLAN Port Configuration ...................................................................................................................................127
4.6.4VLAN Membership Status................................................................................................................................133
4.6.5 VLAN Port Status............................................................................................................................................... 135
4.6.6 Prvivate VLAN ................................................................................................................................................... 138
4.6.7 Port Isolation .....................................................................................................................................................139
4.6.8 VLAN Setting Example: ..................................................................................................................................... 140
4.6.8.1 Two separate 802.1Q VLANs..................................................................................................................141
4.6.8.2 VLAN Trunking between two 802.1Q aware Switches ............................................................................146
4.6.10.3 Port Isolate ............................................................................................................................................148
4.6.11 MAC-based VLAN ...........................................................................................................................................150
4.6.12 MAC-based VLAN Status ................................................................................................................................ 151
4.6.13 Protocol-based VLAN ...................................................................................................................................... 151
4.6.14 Protocol-based VLAN Mambership .................................................................................................................153
4.7 Spanning Tree Protocol...........................................................................................................................155
4.7.1 Theory ...............................................................................................................................................................155
4.7.2 STP System Configuration ................................................................................................................................162
4.7.3 Bridge Status.....................................................................................................................................................165
4.7.4 CIST Port Configuration ....................................................................................................................................166
4.7.5 MSTI Priorities...................................................................................................................................................170
4.7.6 MSTI Configuration............................................................................................................................................171
4.7.7 MSTI Ports Configuration ..................................................................................................................................173
5
4.7.8 Port Status.........................................................................................................................................................176
4.7.9 Port Statistics.....................................................................................................................................................178
4.8 Multicast....................................................................................................................................................179
4.8.1 IGMP Snooping .................................................................................................................................................179
4.8.2 Profile Table....................................................................................................................................................... 184
4.8.3 Address Entry .................................................................................................................................................... 185
4.8.4 IGMP Snooping Configuration...........................................................................................................................187
4.8.5 IGMP Snooping VLAN Configuration.................................................................................................................189
4.8.6 IGMP Group Port Group Filtering ......................................................................................................................192
4.8.7 IGMP Snooping Status ...................................................................................................................................... 194
4.8.8 IGMP Group Information ...................................................................................................................................196
4.8.9 IGMPv3 Information...........................................................................................................................................197
4.8.10 MLD Snooping Configuration ..........................................................................................................................199
4.8.11 MLD Snooping VLAN Configuration ................................................................................................................201
4.8.12 MLD Snooping Port Group Filtering................................................................................................................. 203
4.8.13 MLD Snooping Status......................................................................................................................................205
4.8.14 MLD Group Information ................................................................................................................................... 207
4.8.15 MLDv2 Information ..........................................................................................................................................208
4.8.16 MVR (Multicaset VLAN Registration)...............................................................................................................209
4.8.17 MVR Status ..................................................................................................................................................... 213
4.8.18 MVR Groups Information.................................................................................................................................214
4.8.19 MVR SFM Information ..................................................................................................................................... 215
4.9 Quality of Service.....................................................................................................................................216
4.9.1 Understand QOS...............................................................................................................................................216
4.9.2 Port Policing ...................................................................................................................................................... 217
4.9.3 Port Shaping......................................................................................................................................................219
4.9.3.1 QoS Egress Port Schedule and Shapers ................................................................................................ 220
4.9.4 Port Classification.............................................................................................................................................. 222
4.9.4.1 QoS Ingress Port Tag Classification ........................................................................................................224
4.9.5 Port Scheduler................................................................................................................................................... 225
4.9.6 Port Tag Remarking...........................................................................................................................................226
4.9.6.1 QoS Egress Port Tag Remarking ............................................................................................................227
4.9.7 Port DSCP.........................................................................................................................................................229
4.9.8 DSCP-Based QoS ............................................................................................................................................. 231
4.9.9 DSCP Translation ..............................................................................................................................................233
4.9.10 DSCP Classification ........................................................................................................................................234
4.9.11 QoS Control List ..............................................................................................................................................235
4.9.11.1 QoS Control Entry Configuration ...........................................................................................................237
6
4.9.12 QoS Status ...................................................................................................................................................... 240
4.9.13 Storm Control Configuration ............................................................................................................................242
4.9.14 WRED .............................................................................................................................................................244
4.9.15 QoS Statistics..................................................................................................................................................246
4.9.16 Voice VLAN Configuration...............................................................................................................................248
4.9.17 Voice VLAN OUI Table ....................................................................................................................................251
4.10 Access Control Lists..............................................................................................................................253
4.10.1 Access Control List Status ............................................................................................................................... 253
4.10.2 Access Control List Configuration....................................................................................................................256
4.10.3 ACE Configuration ...........................................................................................................................................258
4.10.4 ACL Ports Configuration ..................................................................................................................................269
4.10.5 ACL Rate Limiter Configuration ....................................................................................................................... 272
4.11 Authentication ........................................................................................................................................274
4.11.1 Understanding IEEE 802.1X Port-Based Authentication..................................................................................275
4.11.2 Authentication Configuration ............................................................................................................................ 279
4.11.3 Network Access Server Configuration .............................................................................................................280
4.11.4 Network Access Overview ...............................................................................................................................291
4.11.5 Network Access Statistics ................................................................................................................................293
4.11.6 RADIUS ...........................................................................................................................................................301
4.11.7 TACACS+ ........................................................................................................................................................303
4.11.8 RADIUS Overview ...........................................................................................................................................305
4.11.9 RADIUS Details ...............................................................................................................................................306
4.12 Security...................................................................................................................................................314
4.12.1 Port Limit Control............................................................................................................................................. 314
4.12.2 Access Management .......................................................................................................................................318
4.12.3 Access Management Statistics ........................................................................................................................319
4.12.4 HTTPs .............................................................................................................................................................321
4.12.5 SSH ................................................................................................................................................................. 321
4.12.6 Port Security Status......................................................................................................................................... 322
4.12.7 Port Security Detail.......................................................................................................................................... 325
4.12.8 DHCP Snooping ..............................................................................................................................................327
4.12.9 DHCP Snooping Statistics ...............................................................................................................................329
4.12.10 IP Source Guard Configuration......................................................................................................................332
4.12.11 IP Source Guard Static Table .........................................................................................................................333
4.12.12 ARP Inspection ..............................................................................................................................................334
4.12.13 ARP Inspection Static Table ........................................................................................................................... 336
4.13 MAC Address Table................................................................................................................................338
7
4.13.1 MAC Address Table Configuration...................................................................................................................338
4.13.2 MAC Address Table Status..............................................................................................................................341
4.13.3 Dynamic ARP Inspection Table........................................................................................................................ 342
4.13.4 Dynamic IP Source Guard Table .....................................................................................................................343
4.14 LLDP........................................................................................................................................................345
4.14.1 Link Layer Discovery Protocol ......................................................................................................................... 345
4.14.2 LLDP Configuration .........................................................................................................................................345
4.14.3 LLDP-MED Configuration ................................................................................................................................ 349
4.14.4 LLDP-MED Neighbor.......................................................................................................................................357
4.14.5 Neighbor..........................................................................................................................................................362
4.14.6 Port Statistics...................................................................................................................................................363
4.15 Diagnostics.............................................................................................................................................366
4.15.1 Ping .................................................................................................................................................................367
4.15.2 IPv6 Ping ......................................................................................................................................................... 368
4.15.3 Remote IP Ping Test ........................................................................................................................................368
4.15.4 Cable Diagnostics............................................................................................................................................370
4.16 Loop Protection......................................................................................................................................371
4.16.1 Configuration ...................................................................................................................................................371
4.16.2 Status ..............................................................................................................................................................373
4.17 RMON ......................................................................................................................................................375
4.17.1 RMON Alarm Configuration.............................................................................................................................375
4.17.2 RMON Alarm Status ........................................................................................................................................378
4.17.3 RMON Event Configuration .............................................................................................................................379
4.17.4 RMON Event Status ........................................................................................................................................380
4.17.5 RMON History Configuration ........................................................................................................................... 381
4.17.6 RMON History Status ......................................................................................................................................382
4.17.7 RMON Statistics Configuration........................................................................................................................383
4.17.8 RMON Statistics Status ...................................................................................................................................384
4.18 PTP ..........................................................................................................................................................386
4.18.1 PTP Configuration ...........................................................................................................................................386
4.18.2 PTP Status.......................................................................................................................................................387
4.19 Ring .........................................................................................................................................................389
4.19.1 MEP Configuration ..........................................................................................................................................390
4.19.2 Detailed MEP Configuration ............................................................................................................................ 392
4.19.3 Ethernet Ring Protocol Switch.........................................................................................................................395
4.19.4 Ethernet Ring Protocol Switch Configuration...................................................................................................397
8
4.19.5 Ring Wizard.....................................................................................................................................................401
4.19.6 Ring Wizard Example: ..................................................................................................................................... 402
5. SWITCH OPERATION....................................................................................................... 405
5.1 Address Table...........................................................................................................................................405
5.2 Learning....................................................................................................................................................405
5.3 Forwarding & Filtering.............................................................................................................................405
5.4 Store-and-Forward...................................................................................................................................405
5.5 Auto-Negotiation......................................................................................................................................406
6. TROUBLESHOOTING.......................................................................................................407
APPENDIX A .........................................................................................................................409
A.1 Switch's Data RJ-45 Pin Assignments - 1000Mbps, 1000Base-T........................................................409
A.2 10/100Mbps, 10/100Base-TX...................................................................................................................409
APPENDIX B: GLOSSARY................................................................................................... 411
9

1. INTRODUCTION

IFS NS4750-24S-4T-4X is a 24-port 100/1000Base-X SFP + 4-port 10G SFP+ L2/L4 Managed Switch. The NS4750-24S-4T-4X is
all multiple Gigabit SFP mini-GBIC slots switch plus four Gigabit Copper combo ports with connective ability and robust layer 2
features. The description of the NS4750-24S-4T-4X is shown below:
NS4750-24S-4T-4X
Managed Switch” mentioned in this User’s Manual refers to the NS4750-24S-4T-4X.
24-port 100/1000Base-X SFP + 4-port 10G SFP+ L2/L4 Managed Metro Ethernet Switch
(-10~60 degrees C)

1.1 Packet Contents

Open the box of the Managed Switch and carefully unpack it. The box should contain the following items:
The NS4750-24S-4T-4X Quick Installation Guide User’s Manual CD DB9 to RJ-45 Consol Cable Rubber Feet Rack Mount Accessory Kit AC Power Cord Dust Cap
If any of these are missing or damaged, please contact your dealer immediately. If possible, retain the carton including the original
x 1
x 1
x 1
x 1
x 4
x 1
x 1
x 33
packing material, and use them again to repack the product in case there is a need to return it to us for repair.
10

1.2 Product Descriptions

Multiple SFP Fiber Port Switch for Increasing Long-reach Networking of Enterprise, Telecoms and Campus
The NS4750 is equipped with advanced management functions and provides 24 100/1000Mbps dual speed SFP fiber ports, 4 10Gbps dual speed fiber ports and 4 10/100/1000Mbps TP/SFP ports delivered in a rugged strong case. It is capable of providing
non-blocking switch fabric and wire-speed throughput as high as 128Gbps in the temperature range from -10 to 60 degrees C
without any packet loss and CRC error, which greatly simplify the tasks of upgrading the enterprise LAN for catering to increasing bandwidth demands. The NS4750 is specially designed for service provider to deliver profitable Ethernet network. The NS4750
adopts “Front Access” design, making the wiring and maintenance of the NS4750 placed in a cabinet very easy for technicians.
Support for 10Gb Ethernet
10Gb Ethernet which adopts full-duplex technology instead of low-speed, half-duplex CSMA/CD protocol, is a big leap in the evolution of Ethernet. 10Gb Ethernet can be deployed in star or ring topologies. With 10Gb Ethernet, the NS4750 switch provides broad bandwidth and powerful processing capacity. It is suitable for metropolitan networks and wide area networks. Using the NS4750 switch, users can simplify network structures and reduce cost of network construction.
Optimized Design for MAN Redundant Ring, Fast Recovery for Surveillance or Industrial System
The NS4750 supports redundant ring technology and features strong rapid self-recovery capability to prevent interruptions and external intrusions. It incorporates ITU G.8032 Ethernet Ring Protection Switching technology, Spanning Tree Protocol (802.1w RSTP), and redundant power supply system into customer’s industrial automation network to enhance system reliability and uptime in harsh factory environments. The NS4750 also protects customer’s industrial network connectivity with switching recovery capability that is used for implementing fault tolerant ring and mesh network architectures. If the Industrial network is interrupted accidentally, the fault recovery times could be less than 50ms to quickly bring the network back to normal operation.
Cost-effective IPv6 Managed Gigabit Switch Solution for Metro
Nowadays, lots of electronic products or mobile devices can browse the Internet, which means the need of IP address increases. However, the current IPv4 network infrastructure is not capable enough to provide IP address to each single user/client. The situation forces the ISP to come out with the IPv6 (Internet Protocol version 6) network infrastructure. To fulfill the demand, IFS releases the IPv6 management Gigabit Ethernet Switch. It supports both IPv4 and IPv6 management functions. It can work with the original network structure (IPv4) and also support the new network structure (IPv6). With easy and friendly management interfaces and plenty of management functions included, the NS4750 Managed Switch is the best choice for you to build the IPv6 FTTx edge service and for Industries to connect with IPv6 network.
11
Digital Input and Digital Output for External Alarm
IFS NS4750 supports Digital Input, and Digital Output on the front panel. This external alarm offers technicians the ability to use Digital Input to detect, and log external device status (such as door intrusion detector) for the alarm. As Digital Output could be used to alarm if the NS4750 has port link down, link up or power failure.
12
Flexible and Extendable Solution
The 24 mini-GBIC slots built in the NS4750 support dual-speed, 100Base-FX and 1000Base-SX/LX SFP (Small Form-factor
Pluggable) fiber-optic modules, meaning the administrator now can flexibly choose the suitable SFP transceiver according to the
transmission distance or the transmission speed required to extend the network efficiently. The NS4750 supports SFP-DDM (Digital Diagnostic Monitor) function that can easily monitor real-time parameters of the SFP for network administrator, such as
optical output power, optical input power, temperature, laser bias current, and transceiver supply voltage.
AC and DC Redundant Power to Ensure Continuous Operation
IFS NS4750 is equipped with one 100~240V AC power supply unit and one additional 36 ~ 60V DC power supply unit for
redundant power supply installation. A redundant power system is also provided to enhance the reliability with either the
100~240V AC power supply unit or the DC 36 ~ 60V power supply unit. Redundant Power Systems are specifically designed to
handle the demands of high-tech facilities requiring the highest power integrity. Furthermore, with the 36~ 60V DC power supply
implemented, the NS4750 can be applied as the telecom level device that could be located in the electronic room.
Layer 2 / Layer 4 Fully-functioned Managed Switch for Building Automation Networking
The NS4750 is ideal for applications in the factory data centers and distributions. It provides advanced Layer2 to Layer4 data
switching and redundancy, Quality of Service traffic control, network access control and authentication, and Secure Management
features to protect customer’s industrial network connectivity with reliable switching recovery capability that is suitable for
implementing fault tolerant and mesh network architectures.
Powerful Security
The Managed Switch offers comprehensive Access Control List (ACL) for enforcing security to the edge. Its protection
mechanisms also comprise port-based 802.1x and MAC-based user and device authentication. The port-security is effective in
limiting the number of clients that pass through, so that network administrators can now construct highly secured corporate
networks with time and effort considerably less than before.
13

1.3 How to Use This Manual

This User Manual is structured as follows:
Section 2, INSTALLATION
The section explains the functions of the Managed Switch and how to physically install the Managed Switch.
Section 3, SWITCH MANAGEMENT
The section contains the information about the software function of the Managed Switch.
Section 4, WEB CONFIGURATION
The section explains how to manage the Managed Switch by Web interface.
Section 5, COMMAND LINE INTERFACE
The section describes how to use the Command Line interface (CLI).
Section 6, CLI MODE
The section explains how to manage the Managed Switch by Command Line interface.
Section 7, SWITCH OPERATION
The chapter explains how to do the switch operation of the Managed Switch.
Section 8, TROUBLESHOOTING
The chapter explains how to do troubleshooting of the Managed Switch.
Appendix A
The section contains cable information of the Managed Switch.
Appendix B
The section contains glossary information of the Managed Switch.
14

1.4 Product Features

Physical Port
24 100/1000Base-X SFP mini-GBIC slots
4 1/10GBase-SR/LR SFP mini-GBIC slots
4 10/100/1000Base-T Gigabit Ethernet RJ-45 combo ports
One RJ-45 Console Interface for Basic Management and Setup
 Redundant Power System
Redundant Power System: 100V ~ 240V AC / Dual 36V ~ 60V DC
Active Redundant Power Failure Protection
Backup of Catastrophic Power Failure on One Supply
Fault Tolerance and Resilience.
Digital Input / Digital Output
2 Digital Input (DI)
2 Digital Output (DO)
Integrates sensors into Auto Alarm System
Transfer Alarm to IP Network via SNMP Trap
Hardware Design
-10 to 60 degrees C Operating Temperature for DC Power Input only
19-inch Rack-mountable
Relay Alarm for Port Breakdown, Power Failure
2 Thermal Fans Design
Layer 2 Features
Prevents packet loss with back pressure (half-duplex) and IEEE 802.3x pause frame flow control (full-duplex)
High performance of Store-and-Forward architecture and Runt/CRC filtering eliminate erroneous packets to optimize the
network bandwidth
Storm Control Support
Broadcast / Multicast / Unicast
Supports VLAN
IEEE 802.1Q Tagged VLAN
Up to 255 VLAN Groups, Out of 4094 VLAN IDs
Provider Bridging (VLAN Q-in-Q) Support (IEEE 802.1ad)
Private VLAN Edge (PVE)
Protocol-based VLAN
15
MAC-based VLAN
Voice VLAN
Supports Spanning Tree Protocol
STP, IEEE 802.1D Spanning Tree Protocol
RSTP, IEEE 802.1w Rapid Spanning Tree Protocol
MSTP, IEEE 802.1s Multiple Spanning Tree Protocol, Spanning Tree by VLAN
BPDU Guard
Supports Link Aggregation
802.3ad Link Aggregation Control Protocol (LACP)
Cisco Ether-channel (Static Trunk)
Maximum 5 trunk Groups, up to 8 ports per Trunk Group
Up to 16Gbps Bandwidth (Duplex Mode)
Provides Port Mirror (1-to-1)
Port Mirroring to Monitor the Incoming or Outgoing Traffic on a Particular Port
Loop Protection to Avoid Broadcast Loops
Supports G.8032 Ethernet Ring Protection Switching (E.R.P.S.)
Quality of Service
Ingress Shaper and Egress Rate Limit Per Port Bandwidth Control
8 Priority Queues on All Switch Ports
Traffic Classification
- IEEE 802.1p CoS
- IP TOS / DSCP / IP Precedence
- IP TCP/UDP Port Number
- Typical Network Application
Strict Priority and Weighted Round Robin (WRR) CoS Policies
Supports QoS and In/Out bandwidth Control on Each Port
Traffic-Policing Policies on the Switch Port
DSCP Remarking
Multicast
Supports IGMP Snooping v1, v2 and v3
Supports MLD Snooping v1 and v2
Querier Mode Support
IGMP Snooping Port Filtering
MLD Snooping Port Filtering
MVR (Multicast VLAN Registration)
Security
16
IEEE 802.1x Port-based / MAC-based Network Access Authentication
Built-in RADIUS Client to co-operate with the RADIUS Servers
RADIUS / TACACS+ Users Access Authentication
IP-based Access Control List (ACL)
MAC-based Access Control List
Source MAC / IP Address Binding
DHCP Snooping to Filter Untrusted DHCP Messages
Dynamic ARP Inspection discards ARP Packets with Invalid MAC Address to IP Address Binding
IP Source Guard prevents IP spoofing attacks
IP Address Access Management to Prevent Unauthorized Intruder
Management
Switch Management Interfaces
- Console / Telnet Command Line Interface
- Web Switch Management
- SNMP v1 and v2c Switch Management
- SSH / SSL and SNMP v3 Secure Access
Four RMON Groups (History, Statistics, Alarms, and Events) IPv6 IP Address / NTP / DNS Management
Built-in Trivial File Transfer Protocol (TFTP) Client
BOOTP and DHCP for IP Address Assignment
Firmware Upload / Download via HTTP / TFTP
DHCP Relay
DHCP Option 82
User Privilege Levels Control
NTP (Network Time Protocol)
Link Layer Discovery Protocol (LLDP) Protocol SFP-DDM (Digital Diagnostic Monitor)
Cable Diagnostic technology provides the mechanism to detect and report potential cabling issues
Reset Button for System Reboot or Reset to Factory Default
INTERLOGIX Smart Discovery Utility for Deploy Management
17

1.5 Product Specifications

Product NS4750-24S-4T-4X
Hardware Specification
SFP/mini-GBIC Slots
10Gbps Fiber Ports Copper Ports
Console Port
Switch Processing Scheme Switch Throughput@64Bytes
Switch Fabric Address Table Share data Buffer
Flow Control
Jumbo Frame
Reset Button
Dimensions (W x D x H) 440 x 200 x 44.5 mm, 1U high Weight 2.935kg
24 1000Base-SX/LX/BX SFP interfaces
(Compatible with 100Base-FX SFP Transceiver)
4 1/10GBase-SR/LR SFP+ slots
4 10/ 100/1000Base-T TP/SFP combo ports
1 x RS-232 RJ45 serial port (115200, 8, N, 1)
Store-and-Forward
95.2Mpps
128Gbps / non-blocking
16K entries, automatic source address learning and ageing
16Mbits
IEEE 802.3x pause frame for full-duplex
Back pressure for half-duplex
10Kbytes
< 5 seconds: System reboot
> 10 seconds: Factory default
LED Power Consumption Power Requirement – AC Power Requirement – DC
DI/DO
Layer 2 Function
Port Configuration
Port Status
Power, DC1, DC2, Fault, Ring, R.O., Link/Act and speed per Gigabit port
Max. 57 watts / 197.6BTU
AC 100~240V, 50/60Hz 1.5A
-36V DC @ 1.6A, Range: -36V ~ -60V DC
2 Digital Input (DI): Level 0: -24~2.4V (± 0.1V)
Level 1: 2.4~24V (± 0.1V)
Input Load Current: 10mA max.
2 Digital Output (DO): Open collector to 24VDC, 100mA max. load
Port disable / enable
Auto-negotiation 10/100/1000Mbps full and half duplex mode selection
Flow Control disable / enable
Bandwidth control on each port
Power saving mode control
Display each port’s speed duplex mode, link status, flow control status,
auto negotiation status, trunk status
18
VLAN
Port Trunking
QoS
IGMP Snooping
Access Control List
Management
802.1Q Tagged based VLAN
Port-based VLAN
Q-in-Q
Private VLAN Edge (PVE)
Up to 256 VLAN groups, out of 4094 VLAN IDs
IEEE 802.3ad LACP / Static Trunk
12 groups of 16-port trunk support
Traffic classification based, Strict priority and WRR
4-level priority for switching
- Port Number
- 802.1p priority
- 802.1Q VLAN tag
DSCP/TOS field in IP Packet Policy-based QoS
IGMP (v1/v2/v3) Snooping, up to 255 multicast Groups
IGMP Querier and Fast Leave mode support
IP-based ACL / MAC-based ACL
Up to 256 entries
Basic Management Interfaces Secure Management Interface
SNMP MIBs
Standards Conformance
Regulation Compliance
Standards Compliance
Console, Telnet, Web Browser, SNMPv1, v2c and v3
SSH, SSL, SNMP v3
RFC-1213 MIB-II
IF-MIB
RFC-1493 Bridge MIB
RFC-1643 Ethernet MIB
RFC-2863 Interface MIB
RFC-2665 Ether-Like MIB
RFC-2819 RMON MIB (Group 1, 2)
RFC-2737 Entity MIB
RFC-2618 RADIUS Client MIB
RFC3411 SNMP-Frameworks-MIB
IEEE 802.1X PAE
LLDP
MAU-MIB
FCC Part 15 Class A, CE
IEEE 802.3 10Base-T
IEEE 802.3u 100Base-TX/100Base-FX
IEEE 802.3z Gigabit SX/LX
IEEE 802.3ab Gigabit 1000Base-T
IEEE 802.3ae 10 Gigabit Ethernet
IEEE 802.3x Flow Control and back pressure
IEEE 802.3ad Port trunk with LACP
IEEE 802.1D Spanning Tree protocol
IEEE 802.1w Rapid Spanning Tree protocol
IEEE 802.1s Multiple Spanning Tree protocol
19
Environment
Operating
Storage
IEEE 802.1p Class of service
IEEE 802.1Q VLAN tagging
IEEE 802.1x Port Authentication Network Control
IEEE 802.1ab LLDP
ITU G.8032 Ethernet Ring Protection Switching
RFC 768 UDP
RFC 793 TFTP
RFC 791 IP
RFC 792 ICMP
RFC 2068 HTTP
RFC 1112 IGMP version 1
RFC 2236 IGMP version 2
RFC 3376 IGMP version 3
Temperature: -10 ~ 60 degrees C for DC power input
0 ~ 50 degrees C for AC power input
Relative Humidity: 5 ~ 95% (non-condensing)
Temperature: -10 ~ 70 degrees C
Relative Humidity: 5 ~ 95% (non-condensing)
20

2. INSTALLATION

2.1 Hardware Descriptions

The Managed Switch provides four different running speeds – 10Mbps, 100Mbps, 1000Mbps and 10Gbps in the same Switch and
automatically distinguishes the speed of incoming connection. This section describes the hardware features of Managed Switch.
For easier management and control of the Managed Switch, familiarize yourself with its display indicators and ports. Front panel
illustrations in this chapter display the unit LED indicators. Before connecting any network device to the Managed Switch, read this
chapter carefully.
2.1.1 Front Panel
Figure 2-1 shows the front panel of Managed Switch.
Figure 2-1: NS4750-24S-4T-4X Switch Front Panel
Gigabit TP interface
10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters.
Gigabit SFP slots
1000Base-SX/LX mini-GBIC slot, SFP (Small Factor Pluggable) Transceiver Module supports from 550 meters (Multi-mode
Fiber), up to 10/30/50/70/120 kilometers (Single Mode Fiber).
10 Gigabit SFP slots
10GBase-SR/LR mini-GBIC slot, SFP (Small Factor Pluggable) Transceiver Module supports from 300 meters (Multi-mode
Fiber), up to 10 kilometers (Single Mode Fiber)
Console Port
The console port is a RJ-45 port connector. It is an interface for connecting a terminal directly. Through the console port, it
provides rich diagnostic information including IP address setting, factory reset, port management, link status and system
setting. Users can use the attached DB9 to RJ-45 console cable in the package and connect to the console port on the device.
After the connection, users can run any terminal emulation program (Hyper Terminal, ProComm Plus, Telix, Winterm and so
on) to enter the startup screen of the device.
21
Reset button
On the front panel, the reset button is designed for rebooting the Managed Switch without turning off and on the power. The
following is the summary table of reset button functions:
Reset Button (Press and Release) Function
< 5 sec: System Reboot Reboot the Managed Switch
Reset the Managed Switch to Factory Default configuration.
The Managed Switch will then reboot and load the default
settings as shown below:
> 5 sec: Factory Default
Default Username: admin Default Password: admin Default IP address: 192.168.0.100 Subnet mask: 255.255.255.0 Default Gateway: 192.168.0.254
Figure 2-2: Reset button of Managed Switch
1. Press the RESET button once and the Managed Switch will reboot automatically.
2. Press the RESET button for 5 seconds and the Managed Switch will be back to the factory
default mode; the entire configuration will be erased.
AC Power Receptacle
For compatibility with electric service in most areas of the world, the Managed Switch’s power supply automatically adjusts to
line power in the range of 100-240V AC and 50/60 Hz.
22
Plug the female end of the power cord firmly into the receptable on the front panel of the Managed Switch. Plug the other end
of the power cord into an electric service outlet and then the power will be ready.
The device is a power-required device, which means it will not work till it is powered. If your networks
should be active all the time, please consider using UPS (Uninterrupted Power Supply) for your device.
It will prevent you from network data loss or network downtime. In some areas, installing a surge
suppression device may also help to protect your Managed Switch from being damaged by unregulated
surge or current to the Switch or the power adapter.
DC Power Connector
The front panel of the Managed Switch contains a power switch and a DC power connector, which accepts DC power input
voltage from -36V to -60V DC. Connect the power cable to the Managed Switch at the input terminal block. The size of the
two screws in the terminal block is M3.5.
Digital Input
The digitail input of the Managed Switch can be activated by the external sensor that senses physical changes. These
changes can include intrusion detection or certain physical change in the monitored area. For example, the external sensor
can be a door switch or an infrared motion detector.
Digital Output
The digital output main function is to allow the Managed Switch to trigger external devices, either automatically or by remote
control from a human operator or a software application.
2.1.2 LED Indications
System
LED Color Function
Ring Green
Lights
Blinks
Lights
R.O. Green
Off
Indicates that Ring state is in idle mode.
Indicates that the Ring state is in protected mode. Indicates that the switch is set to ring owner.
Indicates that the switch doesn’t set to ring owner.
DC1 Green Lights
DC2 Green
FAN1 Green
Lights
Lights
Indicates that the Switch is powered on by DC1 input.
Indicates that the Switch is powered on by DC2 input.
Indicates that Fan 1 has stopped.
23
FAN2 Green
Fault Green
PWR Green
10/100/1000Base-T interfaces for port1 to port24 SFP slot
LED Color Function
Green
LNK/ACT
Lights
Lights
Lights
Blinks
Lights
Blinks
Off
Lights
Indicates that Fan 2 has stopped.
Indicates that Switch AC/DC or port has failed.
Indicates that the Switch is powered on.
Indicates the system is running under booting procedure.
Indicates the link through that SFP port is successfully established with speed
1000Mbps.
Indicates that the switch is actively sending or receiving data over that port.
Indicates that the SFP port is link down.
Indicates the link through that SFP port is successfully established with speed
10Mbps or 100Mbps.
Orange
10/100/1000Base-T interfaces (Shared Port1~Port4)
LED Color Function
Green
LNK/ACT
Orange
Blinks
Off
Lights
Off
Lights
Off
Indicates that the switch is actively sending or receiving data over that port.
Indicates that the SFP port is link down.
Indicates the link through that port is successfully established with 1Gbps.
Indicates that the port is link down
Indicates the link through that SFP port is successfully established with speed
10Mbps or 100Mbps.
Indicates that the port is link down
24
10Base-SR/LR SFP+ interfaces for port25 to port28
LED Color Function
Green
Lights
Off
LNK/ACT
Lights
Orange
Off
Indicates the link through that SFP port is successfully established with
10Gbps
Indicates that the SFP port is link down
Indicates the link through that SFP port is successfully established with
1Gbps
Indicates that the SFP port is link down
2.1.3 Wiring the AC Power Input
The rear panel of the NS4750 indicates an AC inlet power socket, which accepts input power from 100 to 240V AC, 50/60Hz.
2.1.4 Wiring the DC Power Input
The 6-contact terminal block connector on the front panel of NS4750 is used for two DC redundant power input. Please follow the
steps below to insert the power wire.
1. Insert positive / negative DC power wires into contacts 1 and 2 for DC POWER 1, or 5 and 6 for DC POWER 2.
Figure 2-3: NS4750-24S-4T-4X Upper Panel
2. Tighten the wire-clamp screws for preventing the wires from loosening.
25
1 2 3 4 5 6
DC 1 DC 2
+ - + -
Figure 2-4 6-Pin Terminal Block Power Wiring Input
1. The wire gauge for the terminal block should be in the range of 12 ~ 24 AWG.
2. When performing any of the procedures like inserting the wires or tighten the wire-clamp screws, make sure the power is OFF to prevent from getting an electric shock.
2.1.5 Wiring the Faulty Alarm Contact
The fault alarm contacts are in the middle (3 & 4) of the terminal block connector as the picture shows below. Inserting the wires,
the Managed Switch will detect the fault status of the power failure, or port link failure (available for managed model) when Fault Alarm function has been enabled. The following illustration shows an application example for wiring the fault alarm contacts
Insert the wires into the faulty alarm contacts
1. The wire gauge for the terminal block should be in the range of 12 ~ 24 AWG.
2. When performing any of the procedures like inserting the wires or tighten the wire-clamp screws, make sure the power is OFF to prevent from getting an electric shock.
26
2.1.6 Wiring the Digital Input / Output
The 6-contact terminal block connector on the front panel of NS4750-24S-4T-4X is used for Digital Input and Digital Output.
Please follow the steps below to insert wire.
1. The NS4750-24S-4T-4X offers two DI and DO groups. 1 and 2 are DI groups, 3 and 4 are DO groups and 5 and 6 are GND
(ground).
Figure 2-5 Wiring the Redundant Power Inputs
DI DO GND
27
Tighten the wire-clamp screws for preventing the wires from loosening.
1 2 3 4 5 6
DI0 DI1 DO0 DO1 GND GND
Figure 2-6 6-Pin Terminal Block DI / DO Wiring Input
2. There are two Digital Input groups for you to monitor two different devices. The following topology shows how to wire DI0
and DI1. We use the NS4750-24S-4T-4X to be an example for describing DI application.
Figure 2-7 Wires DI0 and DI1 to Open Detector
28
3. There are two Digital Output groups for you to sense NS4750-24S-4T-4X port failure or power failure and issue a high or low
signal to external device. The following topology shows how to wire DO0 and DO1.
Figure 2-8 Wires DO0 and DO1 to Open Detector
29

2.2 Installing the Managed Switch

This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the following topics and perform the procedures in the order being presented. To install your Managed Switch on a desktop or shelf,
simply complete the following steps.
In this paragraph, we will describe how to install the Managed Switch and the installation points attended to it.

2.2.1 Desktop Installation

To install the Managed Switch on desktop or shelf, please follow these steps:
Step1: Attach the rubber feet to the recessed areas on the bottom of the Managed Switch. Step2: Place the Managed Switch on the desktop or the shelf near an AC/DC power source as shown in Figure 2-4.
Figure 2-4 Place the Managed Switch on the Desktop
Step3: Keep enough ventilation space between the Managed Switch and the surrounding objects. Step4: Connect the Managed Switch to network devices.
Connect one end of a standard network cable to the 10/100/1000 RJ-45 ports on the front of the Managed Switch.
Connect the other end of the cable to the network devices such as printer servers, workstations or routers, etc.
30
Connecting to the Managed Switch requires UTP Category 5 network cabling with RJ-45 tips. For more
information, please see the Cabling Specification in Appendix A.
Step5: Supply power to the Managed Switch.
Connect one end of the power cable to the Managed Switch.
Connect the power plug of the power cable to a standard wall outlet.
When the Managed Switch receives power, the Power LED should remain solid Green.

2.2.2 Rack Mounting

To install the Managed Switch in a 19-inch standard rack, please follow the instructions described below.
Step1: Place the Managed Switch on a hard flat surface, with the front panel positioned towards the front side. Step2: Attach the rack-mount bracket to each side of the Managed Switch with supplied screws attached to the package.
Figure 2-5 shows how to attach brackets to one side of the Managed Switch.
Figure 2-5 Attach Brackets to the Managed Switch.
You must use the screws supplied with the mounting brackets. Damage caused to the parts by
using incorrect screws would invalidate the warranty.
Step3: Secure the brackets tightly. Step4: Follow the same steps to attach the second bracket to the opposite side. Step5: After the brackets are attached to the Managed Switch, use suitable screws to securely attach the brackets to the rack as
shown in Figure 2-6.
31
Figure 2-6 Mounting the Managed Switch on a Rack
Step6: Proceeds with steps 4 and 5 of session 2.2.1 Desktop Installation to connect the network cabling and supply power to the
Managed Switch.
32

2.3 Cabling

10/100/1000Base-T and 100Base-FX / 1000Base-SX/LX
All 10/100/1000Base-T ports come with auto-negotiation capability. They automatically support 1000Base-T, 100Base-TX
and 10Base-T networks. Users only need to plug a working network device into one of the 10/100/1000Base-T ports, and
then turn on the Managed Switch. The port will automatically run in 10Mbps, 20Mbps, 100Mbps or 200Mbps and 1000Mbps
or 2000Mbps after the negotiation with the connected device. The Managed Switch has eight SFP interfaces that support
100/1000Mbps dual speed mode (Optional multi-mode/ single-mode 100Base-FX/1000Base-SX/LX SFP module)
Cabling
Each 10/100/1000Base-T port uses RJ-45 sockets -- similar to phone jacks -- for connection of unshielded twisted-pair cable
(UTP). The IEEE 802.3/802.3u 802.3ab Fast/Gigabit Ethernet standard requires Category 5 UTP for 100Mbps 100Base-TX.
10Base-T networks can use Cat.3, 4, 5 or 1000Base-T use 5/5e/6 UTP (see table below). Maximum distance is 100 meters
(328 feet). The 100Base-FX/1000Base-SX/LX SFP slot is used as LC connector with optional SFP module. Please see table
below and know more about the cable specifications.
Port Type Cable Type Connector
10Base-T Cat 3, 4, 5, 2-pair RJ-45
100Base-TX Cat.5 UTP, 2-pair RJ-45
1000Base-T Cat.5/5e/6 UTP, 2-pair RJ-45
100Base-FX
1000Base-SX/LX
10GBase-SR/LR
Any Ethernet devices like hubs/PCs can be connected to the Managed Switch by using straight-through wires. The two
10/100/1000Mbps ports are auto-MDI/MDI-X, which can be used on straight-through or crossover cable.
50 / 125µm or 62.5 / 125µm multi-mode 9 / 125µm single-mode
50 / 125µm or 62.5 / 125µm multi-mode 9 / 125µm single-mode
50 / 125µm or 62.5 / 125µm multi-mode 9 / 125µm single-mode
LC (multi/single mode)
LC (multi/single mode)
LC (multi/single mode)
33

2.3.1 Installing the SFP Transceiver

The sections describe how to insert an SFP transceiver into an SFP slot. The SFP transceivers are hot-pluggable and
hot-swappable. You can plug in and out the transceiver to/from any SFP port without having to power down the Managed Switch
as Figure 2-9 shows below:
Figure 2-9: Plugging in the SFP Transceiver
Approved INTERLOGIX SFP Transceivers
INTERLOGIX Managed Switch supports 100/1000 dual mode with both single mode and multi-mode SFP transceivers.
The following list of approved INTERLOGIX SFP transceivers is correct at the time of publication:
Gigabit SFP Transceiver Modules
S30-RJ
S30-2MLC
S35-2MLC
S30-2MLC-2
S30-2SLC-10
S35-2SLC-10
SFP-Port 1000Base-T Module – 100M
SFP-Port 1000Base-SX mini-GBIC module – 550M 0~50•C
SFP-Port 1000Base-SX mini-GBIC module – 550M -40~75•C
SFP-Port 1000Base-SX mini-GBIC module – 2KM 0~50•C
SFP-Port 1000Base-LX mini-GBIC module – 10KM 0~50•C
SFP-Port 1000Base-LX mini-GBIC module – 10KM -40~75•C
S30-2SLC-30
S35-2SLC-30
SFP-Port 1000Base-LX mini-GBIC module - 30KM 0~50•C
SFP-Port 1000Base-LX mini-GBIC module - 30KM -40~75•C
34
S30-2SLC-70 SFP-Port 1000Base-LX mini-GBIC module - 70KM 0~50•C
S35-2SLC-70 SFP-Port 1000Base-LX mini-GBIC module - 70KM -40~75•C
S30-1SLC/A-10 SFP-Port 1000Base-BX GBIC module - 10KM 0~50•C
S30-1SLC/B-10 SFP-Port 1000Base-BX GBIC module - 10KM 0~50•C
S30-1SLC/A-20 SFP-Port 1000Base-BX GBIC module - 20KM 0~50•C
S30-1SLC/B-20 SFP-Port 1000Base-BX GBIC module - 20KM 0~50•C
S30-1SLC/A-60
S30-1SLC/B-60
SFP-Port 1000Base-BX GBIC module - 60KM 0~50•C
SFP-Port 1000Base-BX GBIC module - 60KM 0~50•C
Fast Ethernet SFP Transceiver Modules
S20-2SLC-2 SFP-Port 100Base-FX Transceiver (1310nm) - 2KM 0~50•C
S25-2SLC-2 SFP-Port 100Base-FX Transceiver (1310nm) - 2KM -40~75•C
S20-2SLC-20 SFP-Port 100Base-FX Transceiver (1310nm) - 20KM 0~50•C
S25-2SLC-20 SFP-Port 100Base-FX Transceiver (1310nm) - 20KM -40~75•C
S20-ISLC/A-20 SFP-Port 100Base-BX Transceiver (WDM,TX:1310nm) - 20KM 0~50•C
S20-ISLC/B-20 SFP-Port 100Base-BX Transceiver (WDM,TX:1550nm) - 20KM -40~75•C
10 Giga SFP+ Transceiver Modules
S40-2MLC SFP-Port 1G Base-SX Transceiver – 300M* 0~50•C
S40-2SLC-10 SFP-Port 1G Base-SX Transceiver - 10KM 0~50•C
* 62.5/125um fiber only supports 33meter, for 300m use OM3 50/125um.
1000Base-SX/LX:
Before connecting the other switches, workstation or media converter.
1. Make sure both sides of the SFP transceiver are with the same media type, for example, 1000Base-SX to 1000Base-SX, 1000Base-LX to 1000Base-LX.
1. It is recommended to use INTERLOGIX SFPs on the Managed Switch. If you insert an SFP transceiver that is not supported, the Managed Switch will not recognize it.
2. Please choose the SFP transceiver which can be operated under -40~75 degrees C
temperature if the switch device is working in an 0~50 degrees C temperature environment.
35
2. Check the fiber-optic cable type that matches the SFP transceiver model.
To connect to 1000Base-SX SFP transceiver, use the multi-mode fiber cable with one side being the male duplex LC
connector type.
To connect to 1000Base-LX SFP transceiver, use the single-mode fiber cable with one side being the male duplex LC
connector type.
Connecting the fiber cable
1. Insert the duplex LC connector on the network cable into the SFP transceiver.
2. Connect the other end of the cable to a device – switches with SFP installed, fiber NIC on a workstation or a media converter.
3. Check the LNK/ACT LED of the SFP slot on the front of the Managed Switch. Ensure that the SFP transceiver is operating
correctly.
100Base-FX:
Before connecting the other switches, workstation or media converter.
1. Make sure both sides of the SFP transceiver are with the same media type or WDM pair, for example, 100Base-FX to 100Base-FX, 100Base-BX20-U to 100Base-BX20-D.
2. Check the fiber-optic cable type that matches the SFP transceiver model.
To connect to MFB-FX SFP transceiver, use the multi-mode fiber cable with one side being the male duplex LC
connector type.
To connect to MFB-F20/F40/F60/FA20/FB20 SFP transceiver, use the single-mode fiber cable with one side being the
male duplex LC connector type.
Connecting the fiber cable
1. Attach the duplex LC connector on the network cable into the SFP transceiver.
2. Connect the other end of the cable to a device – switches with SFP installed, fiber NIC on a workstation or a media converter.
3. Check the LNK/ACT LED of the SFP slot of the switch/converter. Ensure that the SFP transceiver is operating correctly.
4. Check the Link mode of the SFP port if the link fails. Co works with some fiber-NICs or media converters. Set the Link mode
to “100 Force” when needed.
36

2.3.2 Removing the Module

1. Make sure there is no network activity by checking with the network administrator, or through the management interface of the switch/converter (if available) to disable the port in advance.
2. Remove the Fiber Optic Cable gently.
3. Lift up the lever of the MGB module and turn it to a horizontal position.
4. Pull out the module gently through the lever.
Figure 2-10: How to Pull Out the SFP Transceiver Module
Never pull out the module without lifting up the lever of the module and turning it to a horizontal
position. Directly pulling out the module could damage the module and the SFP module slot of the
Managed Switch.
37

3. SWITCH MANAGEMENT

This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the
types of management applications and the communication and management protocols that deliver data between your
management device (workstation or personal computer) and the system. It also contains information about port connection
options.
This chapter covers the following topics:
Requirements
Management Access Overview
Remote Telnet Access
Web Management Access
SNMP Access
Standards, Protocols, and Related Reading

3.1 Requirements

Workstations of subscribers running Windows XP/2003, Vista, Windows 7, MAC OS X, Linux, Fedora, Ubuntu or
other platform compatible with TCP/IP protocols.
Workstation installed with Ethernet NIC (Network Interface Card)
Ethernet Port connect
Network cables - Use standard network (UTP) cables with RJ45 connectors.
The above Workstation is installed with WEB Browser and JAVA runtime environment Plug-in
It is recommended to use Internet Explore 7.0 or above to access Managed Switch.
38

3.2 Management Access Overview

The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods:
Remote Telnet Interface Web browser Interface  An external SNMP-based network management application
The Remote Telnet and Web browser interface support are embedded in the Managed Switch software and are available for
immediate use. Each of these management methods has their own advantages. Table 3-1 compares the three management
methods.
Method Advantages Disadvantages
Remote Telnet
Web Browser
SNMP Agent
Text-based
Telnet functionality built into Windows
XP/2003, Vista, Windows 7 operating
systems
Can be accesses from any location
Ideal for configuring the switch remotely
Compatible with all popular browsers
Can be accessed from any location
Most visually appealing
Communicates with switch functions at
the MIB level
Based on open standards
Table 3-1: Comparison of Management Methods
Security can be compromised (hackers need
only know the IP address)
Security can be compromised (hackers need
only know the IP address and subnet mask)
May encounter lag times on poor connections
Requires SNMP manager software
Least visually appealing of all three methods
Some settings require calculations
Security can be compromised (hackers need
only know the community name)
39

3.3 CLI Mode Management

There are two ways for CLI mode management, one is remote telnet, and the other is operating from console port. Remote telnet
is an IP-based protocol, and console port is for user to operate the NS4750-24S-4T-4X on local only, however their operation is
the same.
The command line user interface is for performing system administration, such as displaying statistics or changing option settings.
Using this method, you can access the Managed Switch remote telnet interface from personal computer, or workstation in the same Ethernet environment as long as you know the current IP address of the Managed Switch.
Figure 3-1: Remote Telnet and Console Port Interface Management
In Windows system, you may click “Start”, then choose “Accessories”and “Command Prompt”. Please input “telnet
192.168.0.100” and press “enter’ from your keyboard. You will see the following screen (see Figure 3-2) appear.
Figure 3-2: Remote Telnet Interface Main Screen of Managed Switch
For more information about using the Remote Telnet interface, refer to Chapter 5 Remote Telnet Interface Management.
40

3.4 Web Management

The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. After you set up your IP address for the Managed Switch, you can access the Managed Switch’s Web interface applications directly in your Web browser by entering the IP address of the Managed Switch.
Figure 3-3: Web Management
You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location; the Web Management requires Microsoft Internet Explorer 7.0 or later.
Figure 3-4: Web Main Screen of Managed Switch
41

3.5 SNMP-based Network Management

You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMP Network
Manager, HP Openview Network Node Management (NNM) or What’s Up Gold. This management method requires the SNMP
agent on the Managed Switch and the SNMP Network Management Station to use the same community string. This management method, in fact, uses two community strings: the get community string and the set community string. If the SNMP
Net-work management Station only knows the set community string, it can read and write to the MIBs. However, if it only knows
the get community string, it can only read MIBs. The default getting and setting community strings for the Managed Switch is
public.
Figure 3-5: SNMP Management
42

4. WEB CONFIGURATION

This section introduces the configuration and functions of the Web-based management.
About Web-based Management
The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the
network through a standard browser such as Microsoft Internet Explorer.
The Web-Based Management supports Internet Explorer 7.0. It is based on Java Applets with an aim to reduce network
bandwidth consumption, enhance access speed and present an easy viewing screen.
By default, IE8.0 or later version does not allow Java Applets to open sockets. The user has to
explicitly modify the browser setting to enable Java Applets to use network ports.
The Managed Switch can be configured through an Ethernet connection, making sure the manager PC must be set on the same IP subnet address with the Managed Switch.
For example, the default IP address of the Managed Switch is 192.168.0.100, then the manager PC should be set at 192.168.0.x
(where x is a number between 1 and 254, except 100), and the default subnet mask is 255.255.255.0.
If you have changed the default IP address of the Managed Switch to 192.168.1.1 with subnet mask 255.255.255.0 via console,
then the manager PC should be set at 192.168.1.x (where x is a number between 2 and 254) to do the relative configuration on
manager PC.
Figure 4-1-1: Web Management
43
Logging on the Managed Switch
1. Use Internet Explorer 7.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The
factory-default IP Address is shown as follows:
http://192.168.0.100
2. When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch. The login screen in
Figure 4-1-2 appears.
Default User name: admin Default Password: admin
Figure 4-1-2: Login Screen
44
After entering the username and password, the main screen appears as shown in Figure 4-1-3.
Figure 4-1-3: Default Main Page
Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web
interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch
provides.
1. It is recommended to use Internet Explore 7.0 or above to access Managed Switch.
2. The changed IP address take effect immediately after clicking on the Save button, you need
to use the new IP address to access the Web interface.
3. For security reason, please change and memorize the new password after this first setup.
4. Only accept command in lowercase letter under web interface.
45

4.1 Main Web Page

The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s
Web browser interface to configure and manage it.
Main Functions Menu
Copper Port Link Status
SFP Port Link Status
Panel Display
The web agent displays an image of the Managed Switch’s ports. The Mode can be set to display different information for the ports, including Link up or Link down. Clicking on the image of a port opens the Port Statistics page.
The port states are illustrated as follows:
Help Button
Figure 4-1-4: Main Page
State Disabled Link Down Link Up
RJ-45 Ports
SFP Ports
46
Main Screen
Main Menu
Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or monitor network conditions. Via the Web-Management, the administrator can setup the Managed Switch by selecting the
functions those listed in the Main Function. The screen in Figure 4-1-5 appears.
Figure 4-1-5: Managed Switch Main Functions Menu
47

4.2 System

Use the System menu items to display and configure basic administrative details of the Managed Switch. Under the System the
following topics are provided to configure and view the system information.

4.2.1 System Information

The System Info page provides information for the current device information. System Info page helps a switch administrator to
identify the hardware MAC address, software version and system uptime. The screen in Figure 4-2-1 appears.
The page includes the following fields:
Object Description
 Contact
 Name
 Location
 MAC Address
The system contact configured in Configuration | System | Information | System Contact.
The system name configured in Configuration | System | Information | System Name.
The system location configured in Configuration | System | Information | System
Location.
The MAC Address of this Managed Switch.
Figure 4-2-1: System Information Page Screenshot
48
Power
Temperature
 System Date
System Uptime
Software Version
Software Date
Buttons
Auto-refresh
The AC Power, Power 1 and Power 2 ON/OFF Status display.
The temperature shows current of the switch inside temperature status.
The current (GMT) system time and date. The system time is obtained through the
configured SNTP Server, if any.
The period of time the device has been operational.
The software version of the Managed Switch.
The date when the switch software was produced.
: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
: Click to refresh the page.

4.2.2 IP Configuration

The IP Configuration includes the IP Address, Subnet Mask and Gateway. The Configured column is used to view or change the
IP configuration. Fill up the IP Address, Subnet Mask and Gateway for the device. The screen in Figure 4-2-2 appears.
Figure 4-2-2: IP Configuration Page Screenshot
49
The Current column is used to show the active IP configuration.
Object Description IP Configurations
Mode
DNS Server
DNS Proxy
Configure whether the IP stack should act as a Host or a Router. In Host mode, IP traffic between interfaces will not be
routed. In Router mode traffic is routed between all interfaces.
This setting controls the DNS name resolution done by the
switch. The following modes are supported:
From any DHCP interfaces
The first DNS server offered from a DHCP lease to a
DHCP-enabled interface will be used.
No DNS server
No DNS server will be used.
Configured
Explicitly provide the IP address of the DNS Server in
dotted decimal notation.
From this DHCP interface
Specify from which DHCP-enabled interface a provided
DNS server should be preferred.
When DNS proxy is enabled, system will relay DNS requests to
IP Address
Delete VLAN
IPv4 DHCP
IPv4
IPv6 Address
Enabled Fallback Current
Lease Address
Mask Length
the currently configured DNS server, and reply as a DNS
resolver to the client devices on the network.
Select this option to delete an existing IP interface.
The VLAN associated with the IP interface. Only ports in this
VLAN will be able to access the IP interface. This field is only
available for input when creating an new interface.
Enable the DHCP client by checking this box.
The number of seconds for trying to obtain a DHCP lease.
For DHCP interfaces with an active lease, this column show the
current interface address, as provided by the DHCP server.
Provide the IP address of this Managed Switch in dotted decimal
notation.
The IPv4 network mask, in number of bits (prefix length). Valid
values are between 0 and 30 bits for a IPv4 address.
Provide the IP address of this Managed Switch. A IPv6 address
is in 128-bit records represented as eight fields of up to four
hexadecimal digits with a colon separating each field (:).
50
IP Routes
Buttons
Mask Length
Delete Network
Mask Length
Gateway
Next Hop VLAN
: Click to add a new IP interface. A maximum of 128 interfaces is supported.
The IPv6 network mask, in number of bits (prefix length). Valid
values are between 1 and 128 bits for a IPv6 address.
Select this option to delete an existing IP route.
The destination IP network or host address of this route. Valid
format is dotted decimal notationor a valid IPv6 notation. A default route can use the value 0.0.0.0or IPv6 :: notation.
The destination IP network or host mask, in number of bits
(prefix length).
The IP address of the IP gateway. Valid format is dotted decimal
notation or a valid IPv6 notation. Gateway and Network must be
of the same type.
The VLAN ID (VID) of the specific IPv6 interface associated with
the gateway.
: Click to add a new IP route. A maximum of 32 routes is supported.
: Click to apply changes.
: Click to undo any changes made locally and revert to previously saved values.
51

4.2.3 IP Status

IP Status displays the status of the IP protocol layer. The status is defined by the IP interfaces, the IP routes and the neighbour
cache (ARP cache) status. The screen in Figure 4-2-3 appears.
Figure 4-2-3: IPv6 Configuration Page Screenshot
The page includes the following fields:
Object Description
The name of the interface. The address type of the entry. This may be LINK or IPv4.
The current address of the interface (of the given type).
The status flags of the interface (and/or address).
The destination IP network or host address of this route.
The gateway address of this route.
The status flags of the route.
The IP address of the entry.
The Link (MAC) address for which a binding to the IP address given
exist.
IP Interfaces
IP Routes
Neighbor Cache
Interface Type Address Status Network Gateway Status IP Address
Link Address
52
Buttons
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
: Click to renew IPv6 Auto Configuration. This button is only available if IPv6 Auto Configuration is enabled.

4.2.4 Users Configuration

This page provides an overview of the current users. Currently the only way to login as another user on the web server is to close
and reopen the browser. After setup is completed, please press “Save” button to take effect. Please login web interface with new
user name and password, the screen in Figure 4-2-4 appears.
The page includes the following fields:
Object Description
User Name
Privilege Level
Figure 4-2-4: Users Configuration Page Screenshot
The name identifying the user.
The privilege level of the user. The allowed range is 1 to 15. If the privilege level
value is 15, it can access all groups, i.e. that is granted the fully control of the
device. But others value need to refer to each group privilege level. User's
privilege should be same or greater than the group privilege level to have the
access of that group. By default setting, almost group privilege level 5 has the
read-only access and privilege level 10 has the read-write access. And the
system maintenance (software upload, factory defaults and etc.) need user
privilege level 15. Generally, the privilege level 15 can be used for an
administrator account, privilege level 10 for a standard user account and privilege
level 5 for a guest account.
53
Buttons
: Click to add a new user.
Add / Edit User
This page configures a user – add, edit or delete user.
Figure 4-2-5: Add / Edit User Configuration Page Screenshot
The page includes the following fields:
Object Description
User Name
Password
Privilege Level
A string identifying the user name that this entry should belong to. The allowed string length is 1 to 32. The valid user name is a combination of letters, numbers
and underscores. The password of the user. The allowed string length is 0 to 32.
The privilege level of the user. The allowed range is 1 to 15. If the privilege level
value is 15, it can access all groups, i.e. that is granted the fully control of the
device. But others value need to refer to each group privilege level. User's
privilege should be same or greater than the group privilege level to have the
access of that group. By default setting, most groups privilege level 5 has the
read-only access and privilege level 10 has the read-write access. And the
Buttons
system maintenance (software upload, factory defaults and etc.) need user
privilege level 15. Generally, the privilege level 15 can be used for an
administrator account, privilege level 10 for a standard user account and privilege
level 5 for a guest account.
54
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
: Click to undo any changes made locally and return to the Users.
: Delete the current user. This button is not available for new configurations (Add new user)
Figure 4-2-6: User Configuration Page Screenshot
If you forget the new password after changing the default password, please press the “Reset”
button on the front panel of the Managed Switch for over 10 seconds and then release it. The
current setting including VLAN will be lost and the Managed Switch will restore to the default
mode.

4.2.5 Privilege Levels

This page provides an overview of the privilege levels. After setup is completed, please press “Save” button to take effect. Please
login web interface with new user name and password and the screen in Figure 4-2-7 appears.
55
Figure 4-2-7: Privilege Levels Configuration Page Screenshot
56
The page includes the following fields:
Object Description
Group Name
Privilege Level
The name identifying the privilege group. In most cases, a privilege level group
consists of a single module (e.g. LACP, RSTP or QoS), but a few of them
contains more than one. The following description defines these privilege level
groups in details:
System: Contact, Name, Location, Timezone, Log. Security: Authentication, System Access Management, Port (contains
Dot1x port, MAC based and the MAC Address Limit), ACL, HTTPS,
SSH, ARP Inspection and IP source guard.
IP: Everything except 'ping'. Port: Everything except 'VeriPHY'. Diagnostics: 'ping' and 'VeriPHY'. Maintenance: CLI- System Reboot, System Restore Default, System
Password, Configuration Save, Configuration Load and Firmware Load.
Web- Users, Privilege Levels and everything in Maintenance.
Debug: Only present in CLI.
Every group has an authorization Privilege level for the following sub groups:
Buttons
Configuration read-only Configuration/execute read-write Status/statistics read-only Status/statistics read-write (e.g. for clearing of statistics).
User Privilege should be same or greater than the authorization Privilege level to
have the access to that group.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
57

4.2.6 NTP Configuration

Configure NTP on this page.
NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer systems. NTP uses
UDP (data grams) as transport layer. You can specify NTP Servers and set GMT Time zone. The NTP Configuration screen in
Figure 4-2-8 appears.
The page includes the following fields:
Object Description
Mode
Timezone
Server #
Figure 4-2-8: NTP Configuration Page Screenshot
Indicates the NTP mode operation. Possible modes are:
Enabled: Enable NTP mode operation. When NTP mode operation is
enabled, the agent forwards NTP messages between the clients and the
server when they are not on the same subnet domain.
Disabled: Disable NTP mode operation.
Allow select the time zone according to current location of switch.
Provide the NTP IPv4 or IPv6 address of this switch. IPv6 address is in 128-bit
records represented as eight fields of up to four hexadecimal digits with a colon
separating each field (:).
For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that
can be used as a shorthand way of representing multiple 16-bit groups of
Buttons
contiguous zeros; but it can appear only once. It can also represent a legally valid
IPv4 address. For example, '::192.1.2.34'.
58
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.

4.2.7 Time Configuration

Configure Time Zone on this Page. A Time Zone is a region that has a uniform standard time for legal, commercial, and social
purposes. It is convenient for areas in close commercial or other communication to keep the same time, so time zones tend to
follow the boundaries of countries and their subdivisions. The Time Zone Configuration screen in Figure 4-2-9 appears
The Page includes the following fields:
Object Description
Figure 4-2-9: Time
Configuration Page Screenshot
59
Time Zone
Acronym
Daylight Saving Time
Start Time Settings Week - Select the starting week number.
End Time Settings Week - Select the ending week number.
Lists various Time Zones world wide. Select appropriate Time Zone from the drop
down and click Save to set.
User can set the acronym of the time zone. This is a User configurable acronym
to identify the time zone. ( Range : Up to 16 characters )
This is used to set the clock forward or backward according to the configurations
set below for a defined Daylight Saving Time duration. Select 'Disable' to disable
the Daylight Saving Time configuration. Select 'Recurring' and configure the
Daylight Saving Time duration to repeat the configuration every year. Select
'Non-Recurring' and configure the Daylight Saving Time duration for single time
configuration. ( Default : Disabled ).
Day - Select the starting day.  Month - Select the starting month.  Hours - Select the starting hour.  Minutes - Select the starting minute.
Offset Settings
Buttons
: Click to apply changes.
: Click to undo any changes made locally and revert to previously saved values.

4.2.8 UPnP

Day - Select the ending day.  Month - Select the ending month.  Hours - Select the ending hour.  Minutes - Select the ending minute
Enter the number of minutes to add during Daylight Saving Time. ( Range: 1 to
1440 )
Configure UPnP on this page.
UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify
the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for
simplified installation of computer components. The UPnP Configuration screen in Figure 4-2-10 appears.
60
The page includes the following fields:
Object Description
Figure 4-2-10: UPnP
Configuration Page Screenshot
Mode
TTL
Advertising Duration
Indicates the UPnP operation mode. Possible modes are:
Enabled: Enable UPnP mode operation. Disabled: Disable UPnP mode operation.
When the mode is enabled, two ACEs are added automatically to trap UPNP
related packets to CPU. The ACEs are automatically removed when the mode is
disabled.
The TTL value is used by UPnP to send SSDP advertisement messages. Valid
values are in the range of 1 to 255.
The duration, carried in SSDP packets, is used to inform a control point or control
points how often it or they should receive a SSDP advertisement message from
this switch. If a control point does not receive any message within the duration, it
will think that the switch no longer exists. Due to the unreliable nature of UDP, in
the standard it is recommended that such refreshing of advertisements to be
done at less than one-half of the advertising duration. In the implementation, the
switch sends SSDP messages periodically at the interval one-half of the
advertising duration minus 30 seconds. Valid values are in the range 100 to
86400.
Buttons
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
61
Figure 4-2-11: UPnP
Devices shows on Windows My Network Places

4.2.9 DHCP Relay

Configure DHCP Relay on this page. DHCP Relay is used to forward and to transfer DHCP messages between the clients and the
server when they are not on the same subnet domain.
The DHCP option 82 enables a DHCP relay agent to insert specific information into a DHCP request packets when forwarding
client DHCP packets to a DHCP server and remove the specific information from a DHCP reply packets when forwarding server
DHCP packets to a DHCP client. The DHCP server can use this information to implement IP address or other assignment policies.
Specifically the option works by setting two sub-options:
Circuit ID (option 1)
Remote ID (option2).
The Circuit ID sub-option is supposed to include information specific to which circuit the request came in on.
The Remote ID sub-option was designed to carry information relating to the remote host end of the circuit.
The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id" "port_no". The parameter of
"vlan_id" is the first two bytes representing the VLAN ID. The parameter of "module_id" is the third byte for the module ID (in
standalone switch it always equals 0, in stackable switch it means switch ID). The parameter of "port_no" is the fourth byte and it
means the port number.
The Remote ID is 6 bytes in length, and the value is equal the DHCP relay agent’s MAC address. The DHCP Relay Configuration
screen in Figure 4-2-12 appears.
62
Figure 4-2-12: DHCP Relay
The page includes the following fields:
Object Description
Configuration Page Screenshot
Relay Mode
Relay Server
Relay Information
Mode
Indicates the DHCP relay mode operation. Possible modes are:
Enabled: Enable DHCP relay mode operation. When enable DHCP relay
mode operation, the agent forward and to transfer DHCP messages between
the clients and the server when they are not on the same subnet domain.
And the DHCP broadcast message won't flood for security considered.
Disabled: Disable DHCP relay mode operation.
Indicates the DHCP relay server IP address. A DHCP relay agent is used to
forward and to transfer DHCP messages between the clients and the server
when they are not on the same subnet domain.
Indicates the DHCP relay information mode option operation. Possible modes
are:
Enabled: Enable DHCP relay information mode operation. When enable
DHCP relay information mode operation, the agent insert specific information
(option82) into a DHCP message when forwarding to DHCP server and
remove it from a DHCP message when transferring to DHCP client. It only
works under DHCP relay operation mode enabled.
Disabled: Disable DHCP relay information mode operation.
Relay Information
Policy
Indicates the DHCP relay information option policy. When enable DHCP relay
information mode operation, if agent receive a DHCP message that already
contains relay agent information. It will enforce the policy. And it only works under
DHCP relay information operation mode enabled. Possible policies are:
Replace: Replace the original relay information when receiving a DHCP
message that already contains it.
Keep: Keep the original relay information when receiving a DHCP message
63
that already contains it.
Drop: Drop the package when receiving a DHCP message that already
contains relay information.
Buttons
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.

4.2.10 DHCP Relay Statistics

This page provides statistics for DHCP relay. The DHCP Relay Statistics screen in Figure 4-2-13 appears.
Figure 4-2-12: DHCP Relay Statistics Page Screenshot
The page includes the following fields:
Server Statistics
Object Description
Transmit to Server
Transmit Error
Receive form Server
Recei ve Missing Agent
Option
Recei ve Missin g
Circuit ID
Recei ve Missin g
The number of packets that are relayed from client to server.
The number of packets that resulted in errors while being sent to clients.
The number of packets received from server.
The number of packets received without agent information options.
The number of packets received with the Circuit ID option missing.
The number of packets received with the Remote ID option missing.
64
Remote ID
Receive Bad Circuit ID
Receive Bad Remote
ID
Client Statistics
Object Description
Transmit to Client
Transmit Error
Receive form Client
Receive Agent Option
Replace Agent Option
Keep Agent Optin
Drop Agent Option
The number of packets whose Circuit ID option did not match known circuit ID.
The number of packets whose Remote ID option did not match known Remote
ID.
The number of relayed packets from server to client.
The number of packets that resulted in error while being sent to servers.
The number of received packets from server.
The number of received packets with relay agent information option.
The number of packets which were replaced with relay agent information option.
The number of packets whose relay agent information was retained.
The number of packets that were dropped which were received with relay agent
information.
Buttons
Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
: Click to refresh the page immediately.
: Clear all statistics.

4.2.11 CPU Load

This page displays the CPU load, using a SVG graph.
The load is measured as average over the last 100ms, 1sec and 10 seconds intervals. The last 120 samles are graphed, and the
last numbers are displayed as text as well.
In order to display the SVG graph, your browser must support the SVG format. Consult the SVG Wiki for more information on
browser support. Specifically, at the time of writing, Microsoft Internet Explorer will need to have a plugin installed to support SVG.
The CPU Load screen in Figure 4-2-14 appears.
65
Buttons
Auto-refresh
Figure 4-2-13: CPU Load Page Screenshot
: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
If your browser cannot display anything on this page, please download Adobe SVG tool and
install it in your computer.
66

4.2.12 System Log

The switch system log information is provided here. The System Log screen in Figure 4-2-15 appears.
The page includes the following fields:
Object Description
ID
Level
Time
Message
Buttons
Figure 4-2-15: System Log Page Screenshot
The ID (>= 1) of the system log entry.
The level of the system log entry. The following level types are supported:
Info: Information level of the system log. Warning: Warning level of the system log. Error: Error level of the system log. All: All levels.
The time of the system log entry.
The message of the system log entry.
Auto-refresh
: Flushes the selected log entries.
: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
: Click to updates the system log entries, starting from the current entry ID.
67
: Hide system log according to entry page. As default System Log Information shows 20 entries for one page. Hide button
can hide the system log entry that has been over one page.
: Click this button could download system log with CSV format file.
: Updates the system log entries, starting from the first available entry ID.
: Updates the system log entries, ending at the last entry currently displayed.
: Updates the system log entries, starting from the last entry currently displayed.
: Updates the system log entries, ending at the last available entry ID.

4.2.13 Detailed Log

The switch system detailed log information is provided here. The Detailed Log screen in Figure 4-2-16 appears.
The page includes the following fields:
Object Description
ID
Message
Buttons
: Click this button could download system log with CSV format file.
Figure 4-2-16: Detailed Log Page Screenshot
The ID (>= 1) of the system log entry.
The message of the system log entry.
68
: Updates the system log entry to the current entry ID.
: Updates the system log entry to the first available entry ID
: Updates the system log entry to the previous available entry ID.
: Updates the system log entry to the next available entry ID.
: Updates the system log entry to the last available entry ID.
: Click this button to print out system log.

4.2.14 Remote Syslog

Configure remote syslog on this page. The Remote Syslog screen in Figure 4-2-17 appears.
The page includes the following fields:
Object Description
Server Mode
Server Address
Syslog Level
Figure 4-2-17: Remote Syslog Page Screenshot
Indicates the server mode operation. When the mode operation is enabled, the
syslog message will send out to syslog server. The syslog protocol is based on
UDP communication and received on UDP port 514 and the syslog server will not
send acknowledgments back sender since UDP is a connectionless protocol and
it does not provide acknowledgments. The syslog packet will always send out
even if the syslog server does not exist. Possible modes are:
Enabled: Enable server mode operation. Disabled: Disable server mode operation.
Indicates the IPv4 host address of syslog server. If the switch provide DNS
feature, it also can be a host name.
Indicates what kind of message will send to syslog server. Possible modes are:
Info: Send information, warnings and errors.
69
Buttons
Warning: Send warnings and errors. Error: Send errors.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
70

4.2.15 SMTP Configuration

Configure SMTP Configuration on this page. The SMTP Configuration screen in Figure 4-2-18 appears.
The page includes the following fields:
Object Description
SMTP Mode Enabled
SMTP Server
SMTP Port
SMTP Authentication Enabled
Figure 4-2-18: SMTP Configuration Page Screenshot
It is for you to enable SMTP mode function. This mode offers you to configure SMTP server and SMTP account information, system will refer it to send an E-mail for alarm noticing
It is for you to set up a specify SMTP server DNS name or IP address. If it is
inputted a DNS name, please remember to input DNS server IP address at IP
configuration page.
It is for you to input the SMTP server port number. As default is "25".
As usual SMTP server is denied to relay a mail from a different domain, so you have to enable this option and input your mail account and password for SMTP sever authorizing to forward a mail from different domain.
For example, you want a SMTP server which located on mail.123.com send a mail to mail.456.net.com.
If you want to send the mail to a SMTP server which located on the same domain or the same SMTP server, you don't have to enable SMTP authentication.
Authentication User
Name
It is for you to input your mail account name.
71
Authentication
Password
E-mail From
E-mail Subject It is for you to input mail subject.
E-mail 1 To
E-mail 2 To It is for you to input secondary recipient mail address.
Buttons
: Click to test SMTP server address.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
It is for you to input your mail account password.
It is for you to input who send this mail.
It is for you to input recipient mail address.

4.2.16 Digital Input/Output

Digital Input allows user can log external device (such as industrial cooler) dead or alive or something else, system will logs a
user cistomize message into system log, syslog, issue SNMP trap or issue an alarm E-mail.
Digital Output allows user to monitor the switch port and power , and let system issue a high or low signal to an external device
(such as alarm) when the monitor port or power has been failed. The Configuration screen in Figure 4-2-19 appears.
72
The page includes the following fields:
Object Description
 Enable
 Condition
Figure 4-2-19 Windows File Selection Menu Popup
Checks the Enable checkbox will enable Digital Input / output function.
Unchecks the Enable checkbox will disable Digital input / output function.
As Digital Input:
Allows user selecting to High to Low or Low to High. This is means a signal
received by system is from High to Low or From Low to High, it will trigger an
action that logs a customize message or issue the message from the switch.
As Digital Output:
Allows user selecting to High to Low or Low to High. This is means
that when
the switch has power failed or port failed then system will issue a High
or Low signal to an external device (such as an alarm).
 Event Description
 Event
Allows user setting a customize message for Digital Input function alarming.
As Digital Input:
Allows user to record alarm message to System log, syslog or issues out via
SNMP Trap or SMTP.
As default SNMP Trap and SMTP are disabled, please enable them first if you
want to issue alarm message via them.
73
As Digital Output:
Allows user to monitor and alarm from port fail, power fail, Digital Input 0 (DI 0)
and Digital Input 1(DI 1) which means if Digital Output has detected these
event then Digitial Output would be triggered according to the setting of
Condition.
Buttons
Power Alarm
 Port Alarm
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
Allows user to choose which power module want to be monitored.
Allows user to choose which port want to be monitored.
74

4.2.17 Faulty Alarm

The Faulty Relay Alarm function provides the Power Failure and Port Link Down/Broken detection. With both power input 1 and
power input 2 installed and the check boxes of power 1/power 2 ticked, the FAULTY LED indicator will then be possible to light up
when any one of the power failures occurs. As for the Port Link Down/Broken detection, the FAULT LED indicator will light up
when the port failure occurs; certainly the check box beside the port must be ticked first. Please refer to the segment of ‘Wiring the Fault Alarm Contact’ for the failure detection. The Configuration screen in Figure 4-2-20 appears.
The page includes the following fields:
Object Description
 Enable
 Record
 Action
Power Alarm
 Port Alarm
Figure 4-2-20 Windows File Selection Menu Popup
Allows user to enable Fault Alarm function.
Allows user to record alarm message to System log, syslog or issues out via
SNMP Trap or SMTP.
As default SNMP Trap and SMTP are disabled, please enable them first if you
want to issue alarm message via them.
Allows user to monitor and alarm from port fail or power fail.
Allows user to choose which power module want to be monitored.
Allows user to choose which port want to be monitored.
Buttons
75
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.

4.2.18 Web Firmware Upgrade

This page facilitates an update of the firmware controlling the Managed Switch. The Web Firmware Upgrade screen in Figure
4-2-21 appears.
Figure 4-2-21: Web Firmware Upgrade Page Screenshot
To open Firmware Upgrade screen perform the folling:
1. Click System -> Web Firmware Upgrade.
2. The Firmware Upgrade screen is displayed as in Figure 4-2-21.
3. Click the “
4. Select on the firmware and then click “
5. Once the software be loaded to the system successfully, the following screen appears. The system will load the new software
after reboot.
“button of the main page, the system would pop up the file selection menu to choose firmware.
”. The Software Upload Progress would show the file upload status.
Figure 4-2-21: Software successfully Loaded Notice Screen
76
DO NOT Power OFF the Managed Switch until the update progress is complete.
Do not quit the Firmware Upgrade page without pressing the “OK” button after the image is
loaded. Or the system won’t apply the new firmware. User has to repeat the firmware
upgrade processes again.

4.2.19 TFTP Firmware Upgrade

The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP
server in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP
server. The TFTP Firmware Upgrade screen in Figure 4-2-23 appears.
Figure 4-2-23: TFTP Firmware Update Page Screenshot
The page includes the following fields:
Object Description
TFTP Server IP Firmware File Name
Buttons
: Click to upgrade firmware.
DO NOT Power OFF the Managed Switch until the update progress is complete.
Do not quit the Firmware Upgrade page without pressing the “OK” button after the image is
loaded. Or the system won’t apply the new firmware. User has to repeat the firmware
upgrade processes again.
Fill in your TFTP server IP address.
The name of firmware image.
(Maximum length : 24 characters)
77

4.2.20 Save Startup Config

This function allows save the current configuration, thereby ensuring that the current active configuration can be used at the next
reboot screen in Figure 4-2-24 appears. After saving the configuratioin, the screen Figure 4-2-25 will appear.
Figure 4-2-24: Configuration Save Page Screenshot
78
Figure 4-2-25: Finish Saving Page Screenshot

4.2.21 Configuration Download

The switch stores its configuration in a number of text files in CLI format. The files are either virtual (RAM-based) or stored in flash
on the switch.
There are three system files:
running-config: A virtual file that represents the currently active configuration on the switch. This file is volatile.
startup-config: The startup configuration for the switch, read at boot time.
default-config: A read-only file with vendor-specific configuration. This file is read when the system is restored to default
settings.
It is also possible to store up to two other files and apply them to running-config, thereby switching configuration.
Configuration Download page allows the download the running-config, startup-config and default-config on the switch. Please
refer to the Figure 4-2-26 shown below.
Figure 4-2-26: Configuration Download Page Screenshot
79

4.2.22

Configuration Upload page allows the upload the running-config and startup-config on the switch. Please refer to the Figure
4-2-27 shown below:
Figure 4-2-27: Configuration Upload Page Screenshot
If the destination is running-config, the file will be applied to the switch configuration. This can be done in two ways:
Replace mode: The current configuration is fully replaced with the configuration in the uploaded file.
Merge mode: The uploaded file is merged into running-config.
If the file system is full (i.e. contains the three system files mentioned above plus two other files), it is not possible to create new
files, but an existing file must be overwritten or another deleted first.
80

4.2.23 Configuration Activate

Configuration Activate page allows to activate the startup-config and default-config files present on the switch. Please refer to the
Figure 4-2-28 shown below.
Figure 4-2-28: Configuration Activate Page Screenshot
81
It is possible to activate any of the configuration files present on the switch, except for running-config which represents the
currently active configuration.
Select the file to activate and click
configuration with that of the selected file.
. This will initiate the process of completely replacing the existing

4.2.24 Configuration Delete

Configuration Delete page allows to delete the startup-config and default-config files which stored in FLASH. If this is done and the
switch is rebooted without a prior Save operation, this effectively resets the switch to default configuration. Please refer to the
Figure 4-2-29 shown below.
Figure 4-2-29: Configuration Delete Page Screenshot

4.2.25Image Select

This Page provides information about the active and alternate (backup) firmware images in the device, and allows you to revert to
the alternate image. The web Page displays two tables with information about the active and alternate firmware images. The
Image Select screen in Figure 4-2-30 appears.
In case the active firmware image is the alternate image, only the "Active Image" table is shown. In this
case, the Activate Alternate Image button is also disabled.
1. If the alternate image is active (due to a corruption of the primary image or by manual
intervention), uploading a new firmware image to the device will automatically use the primary
image slot and activate this.
2. The firmware version and date information may be empty for older firmware releases. This does
not constitute an error.
82
Figure 4-2-30: Software Image Selection Page Screenshot
The Page includes the following fields:
Object Description
Image
Version Date
Button
: Click to choose Alternate Image as Activate Image.
The flash index name of the firmware image. The name of primary (preferred)
image is image, the alternate image is named image.bk.
The version of the firmware image.
The date where the firmware was produced.
83

4.2.26 Factory Default

You can reset the configuration of the stack switch on this page. Only the IP configuration is retained. The new configuration is
available immediately, which means that no restart is necessary. The Factory Default screen in Figure 4-2-31 appears.
Figure 4-2-31: Factory Default Page Screenshot
Buttons
: Click to reset the configuration to Factory Defaults.
: Click to return to the Port State Page without resetting the configuration.
To reset the Managed Switch to the Factory default setting, you can also press the hardware reset button
at the front panel about 10 seconds. After the device be rebooted. You can login the management WEB
interface within the same subnet of 192.168.0.xx.
84

4.2.27 System Reboot

The Reboot page enables the device to be rebooted from a remote location. Once the Reboot button is pressed, user will
re-access the WEB interface about 60 seconds later, the System Reboot screen in Figure 4-2-32 appears.
Figure 4-2-32: System Reboot Page Screenshot
Buttons
: Click to reboot the system.
: Click to return to the web main page without reboot the system.
85

4.3 Simple Network Management Protocol

4.3.1 SNMP Overview

The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management
information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite.
SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network
growth.
An SNMP-managed network consists of three key components: Network management stations (NMSs), SNMP agents,
Management information base (MIB) and network-management protocol Network management stations (NMSs)Sometimes called consoles, these devices execute management applications
that monitor and control network elements. Physically, NMSs are usually engineering workstation-caliber computers with
fast CPUs, megapixel color displays, substantial memory, and abundant disk space. At least one NMS must be present in
each managed environment.
AgentsAgents are software modules that reside in network elements. They collect and store management information
such as the number of error packets received by a network element.
Management information base (MIB)A MIB is a collection of managed objects residing in a virtual information store.
Collections of related managed objects are defined in specific MIB modules.
network-management protocol A management protocol is used to convey management information between agents and
NMSs. SNMP is the Internet community's de facto standard management protocol.
SNMP Operations
SNMP itself is a simple request/response protocol. NMSs can send multiple requests without receiving a response.
Get -- Allows the NMS to retrieve an object instance from the agent. Set -- Allows the NMS to set values for object instances within an agent. Trap -- Used by the agent to asynchronously inform the NMS of some event. The SNMPv2 trap message is designed to
replace the SNMPv1 trap message.
SNMP community
An SNMP community is the group that devices and management stations running SNMP belong to. It helps define where
information is sent. The community name is used to identify the group. A SNMP device or agent may belong to more than one
SNMP community. It will not respond to requests from management stations that do not belong to one of its communities. SNMP
default communities are:
Write = private Read = public
Use the SNMP Menu to display or configure the Managed Switch's SNMP function. This section has the following items:
System Configuration
Configure SNMP on this page.
86
System Information SNMPv3 Communities SNMPv3 Users SNMPv3 Groups SNMPv3 Views SNMPv3 Accesses
The system information is provided here.
Configure SNMPv3 communities table on this page.
Configure SNMPv3 users table on this page.
Configure SNMPv3 groups table on this page.
Configure SNMPv3 views table on this page.
Configure SNMPv3 accesses table on this page.

4.3.2 SNMP System Configuration

Configure SNMP on this page. The SNMP System Configuration screen in Figure 4-3-1 appears.
Figure 4-3-1: SNMP System Configuration Page Screenshot
The SNMP System Configuration page includes the following fields:
Object Description
Mode
Indicates the SNMP mode operation. Possible modes are:
Enabled: Enable SNMP mode operation. Disabled: Disable SNMP mode operation.
Version
Indicates the SNMP supported version. Possible versions are:
SNMP v1: Set SNMP supported version 1. SNMP v2c: Set SNMP supported version 2c. SNMP v3: Set SNMP supported version 3.
Read Community
Indicates the community read access string to permit access to SNMP agent.
The allowed string length is 0 to 255, and the allowed content is the ASCII
characters from 33 to 126.
The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If
SNMP version is SNMPv3, the community string will be associated with SNMPv3
communities table. It provides more flexibility to configure security name than a
87
SNMPv1 or SNMPv2c community string. In addition to community string, a
particular range of source addresses can be used to restrict source subnet.
 Write Community
 Engine ID
Indicates the community write access string to permit access to SNMP agent.
The allowed string length is 0 to 255, and the allowed content is the ASCII
characters from 33 to 126.
The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If
SNMP version is SNMPv3, the community string will be associated with SNMPv3
communities table. It provides more flexibility to configure security name than a
SNMPv1 or SNMPv2c community string. In addition to community string, a
particular range of source addresses can be used to restrict source subnet.
Indicates the SNMPv3 engine ID. The string must contain an even number(in
hexadecimal format) with number of digits between 10 and 64, but all-zeros and
all-'F's are not allowed. Change of the Engine ID will clear all original local users.

4.3.3 TRAP Configuration

Configure SNMP trap on this page. The SNMP trap configuration screen in Figure 4-3-2 appears.
88
Figure 4-3-2: SNMP Trap Configuration Page Screenshot
The Page includes the following fields:
Object Description
 Trap Config
 Trap Mode
 Trap Version
 Trap Community
Indicates which trap Configuration's name for configuring. The allowed string
length is 0 to 255, and the allowed content is ASCII characters from 33 to 126.
Indicates the SNMP trap mode operation. Possible modes are:
Enabled: Enable SNMP trap mode operation. Disabled: Disable SNMP trap mode operation.
Indicates the SNMP trap supported version. Possible versions are:
SNMP v1: Set SNMP trap supported version 1. SNMP v2c: Set SNMP trap supported version 2c. SNMP v3: Set SNMP trap supported version 3.
Indicates the community access string when send SNMP trap packet. The
allowed string length is 0 to 255, and the allowed content is the ASCII characters
from 33 to 126.
89
Trap Destination
Address
Trap Destination Port
Trap Inform Mode
Trap Inform Timeout
Indicates the SNMP trap destination address. It allow a valid IP address in dotted
decimal notation ('x.y.z.w'). And it also allow a valid hostname. A valid hostname
is a string drawn from the alphabet (A-Za-z), digits (0-9), dot (.), dash (-). Spaces
are not allowed, the first character must be an alpha character, and the first and
last characters must not be a dot or a dash.
Indicates the SNMP trap destination IPv6 address. IPv6 address is in 128-bit
records represented as eight fields of up to four hexadecimal digits with a colon
separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::'
is a special syntax that can be used as a shorthand way of representing multiple
16-bit groups of contiguous zeros; but it can appear only once. It can also
represent a legally valid IPv4 address. For example, '::192.1.2.34'.
Indicates the SNMP trap destination port. SNMP Agent will send SNMP message
via this port, the port range is 1~65535.
Indicates the SNMP trap inform mode operation. Possible modes are:
Enabled: Enable SNMP trap authentication failure. Disabled: Disable SNMP trap authentication failure.
Indicates the SNMP trap inform timeout.
(seconds)
Trap Inform Retry
Times
Trap Probe Security
Engine ID
Trap Security Engine
ID
Trap Security Name
The allowed range is 0 to 2147.
Indicates the SNMP trap inform retry times.
The allowed range is 0 to 255.
Indicates the SNMPv3 trap probe security engine ID mode of operation. Possible
values are:
Enabled: Enable SNMP trap probe security engine ID mode of operation. Disabled: Disable SNMP trap probe security engine ID mode of operation.
Indicates the SNMP trap security engine ID. SNMPv3 sends traps and informs
using USM for authentication and privacy. A unique engine ID for these traps and
informs is needed. When "Trap Probe Security Engine ID" is enabled, the ID will
be probed automatically. Otherwise, the ID specified in this field is used. The
string must contain an even number(in hexadecimal format) with number of digits
between 10 and 64, but all-zeros and all-'F's are not allowed.
Indicates the SNMP trap security name. SNMPv3 traps and informs using USM
for authentication and privacy. A unique security name is needed when traps and
informs are enabled.
System
Enable/disable that the Interface group's traps. Possible traps are:
Warm Start: Enable/disable Warm Start trap. Cold Start: Enable/disable Cold Start trap.
90
Buttons
Interface
Indicates that the Interface group's traps. Possible traps are:
Link Up: Enable/disable Link up trap. Link Down: Enable/disable Link down trap. LLDP: Enable/disable LLDP trap.
AAA
Switch
Indicates that the AAA group's traps. Possible traps are: Authentication Fail : Enable/disable SNMP trap authentication failure trap.
Indicates that the Switch group's traps. Possible traps are:
STP: Enable/disable STP trap. RMON: Enable/disable RMON trap.
: Click to apply changes
: Click to undo any changes made locally and revert to previously saved values.
91

4.3.4 SNMP System Information

The switch system information is provided here. The SNMP System Information screen in Figure 4-3-3 appears.
Figure 4-3-3: System Information Configuration Page Screenshot
The page includes the following fields:
Object Description
 System Contact
 System Name
 System Location
Buttons
The textual identification of the contact person for this managed node, together
with information on how to contact this person. The allowed string length is 0 to
255, and the allowed content is the ASCII characters from 32 to 126.
An administratively assigned name for this managed node. By convention, this is
the node's fully-qualified domain name. A domain name is a text string drawn
from the alphabet (A-Za-z), digits (0-9), minus sign (-). No space characters are
permitted as part of a name. The first character must be an alpha character. And
the first or last character must not be a minus sign. The allowed string length is 0
to 255.
The physical location of this node (e.g., telephone closet, 3rd floor). The allowed
string length is 0 to 255, and the allowed content is the ASCII characters from 32
to 126.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
92

4.3.5 SNMPv3 Configuration

4.3.5.1 SNMPv3 Communities
Configure SNMPv3 communities table on this page. The entry index key is Community. The SNMPv3 Communities screen in
Figure 4-3-4 appears.
Figure 4-3-4: SNMPv3 Communities Configuration Page Screenshot
The page includes the following fields:
Object Description
 Delete
 Community
 Source IP
 Source Mask
Buttons
: Click to add a new community entry.
Check to delete the entry. It will be deleted during the next save.
Indicates the community access string to permit access to SNMPv3 agent. The
allowed string length is 1 to 32, and the allowed content is ASCII characters from
33 to 126. The community string will be treated as security name and map a
SNMPv1 or SNMPv2c community string.
Indicates the SNMP access source address. A particular range of source
addresses can be used to restrict source subnet when combined with source
mask.
Indicates the SNMP access source address mask.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
93
4.3.5.2 SNMPv3 Users
Configure SNMPv3 users table on this page. The entry index keys are Engine ID and User Name. The SNMPv3 Users screen in
Figure 4-3-5 appears.
Figure 4-3-5: SNMPv3 Users Configuration Page Screenshot
The page includes the following fields:
Object Description
 Delete
 Engine ID
 User Name
 Security Level
Check to delete the entry. It will be deleted during the next save.
An octet string identifying the engine ID that this entry should belong to. The
string must contain an even number (in hexadecimal format) with number of
digits between 10 and 64, but all-zeros and all-'F's are not allowed. The SNMPv3
architecture uses the User-based Security Model (USM) for message security
and the View-based Access Control Model (VACM) for access control. For the
USM entry, the usmUserEngineID and usmUserName are the entry's keys. In a
simple agent, usmUserEngineID is always that agent's own snmpEngineID
value. The value can also take the value of the snmpEngineID of a remote SNMP
engine with which this user can communicate. In other words, if user engine ID
equal system engine ID then it is local user; otherwise it's remote user.
A string identifying the user name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is the ASCII characters from 33
to 126.
Indicates the security model that this entry should belong to. Possible security
models are:
NoAuth, NoPriv: None authentication and none privacy. Auth, NoPriv: Authentication and none privacy. Auth, Priv: Authentication and privacy.
The value of security level cannot be modified if entry already exist. That means
must first ensure that the value is set correctly.
Authentication
Indicates the authentication protocol that this entry should belong to. Possible
94
Protocol
Authentication
Password
Privacy Protocol
authentication protocol are:
None: None authentication protocol. MD5: An optional flag to indicate that this user using MD5
authentication protocol.
SHA: An optional flag to indicate that this user using SHA
authentication protocol.
The value of security level cannot be modified if entry already exists.
That means must first ensure that the value is set correctly.
A string identifying the authentication pass phrase. For MD5 authentication
protocol, the allowed string length is 8 to 32. For SHA authentication protocol, the
allowed string length is 8 to 40. The allowed content is the ASCII characters from
33 to 126.
Indicates the privacy protocol that this entry should belong to. Possible privacy
protocol are:
None: None privacy protocol. DES: An optional flag to indicate that this user using DES
authentication protocol.
Privacy Password
Buttons
: Click to add a new user entry.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
A string identifying the privacy pass phrase. The allowed string length is 8 to 32,
and the allowed content is the ASCII characters from 33 to 126.
4.3.5.3 SNMPv3 Groups
Configure SNMPv3 groups table on this page. The entry index keys are Security Model and Security Name. The SNMPv3 Groups
screen in Figure 4-3-6 appears.
95
Figure 4-3-6: SNMPv3 Groups Configuration Page Screenshot
The page includes the following fields:
Object Description
Buttons
 Delete
 Security Model
 Security Name
 Group Name
: Click to add a new group entry.
Check to delete the entry. It will be deleted during the next save.
Indicates the security model that this entry should belong to. Possible security
models are:
v1: Reserved for SNMPv1. v2c: Reserved for SNMPv2c. usm: User-based Security Model (USM).
A string identifying the security name that this entry should belong to.
The allowed string length is 1 to 32, and the allowed content is the ASCII
characters from 33 to 126.
A string identifying the group name that this entry should belong to.
The allowed string length is 1 to 32, and the allowed content is the ASCII
characters from 33 to 126.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
4.3.5.4 SNMPv3 Views
Configure SNMPv3 views table on this page. The entry index keys are View Name and OID Subtree. The SNMPv3 Views screen
96
in Figure 4-3-6 appears.
Figure 4-3-7: SNMPv3 Views Configuration Page Screenshot
The page includes the following fields:
Object Description
Buttons
 Delete
 View Name
 View Type
 OID Subtree
Check to delete the entry. It will be deleted during the next save.
A string identifying the view name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is the ASCII characters from 33
to 126.
Indicates the view type that this entry should belong to. Possible view type are:
included: An optional flag to indicate that this view subtree should be
included.
excluded: An optional flag to indicate that this view subtree should be
excluded.
General, if a view entry's view type is 'excluded', it should be exist another view
entry which view type is 'included' and it's OID subtree overstep the 'excluded'
view entry.
The OID defining the root of the subtree to add to the named view. The allowed
OID length is 1 to 128. The allowed string content is digital number or asterisk(*).
: Click to add a new view entry.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
97
4.3.5.5 SNMPv3 Access
Configure SNMPv3 accesses table on this page. The entry index keys are Group Name, Security Model and Security Level.
The SNMPv3 Access screen in Figure 4-3-8 appears.
Figure 4-3-8: SNMPv3 Accesses Configuration Page Screenshot
The page includes the following fields:
Object Description
 Delete
 Group Name
 Security Model
Check to delete the entry. It will be deleted during the next save.
A string identifying the group name that this entry should belong to. The allowed
string length is 1 to 32, and the allowed content is the ASCII characters from 33
to 126.
Indicates the security model that this entry should belong to. Possible security
models are:
any: Accepted any security model (v1|v2c|usm). v1: Reserved for SNMPv1. v2c: Reserved for SNMPv2c. usm: User-based Security Model (USM)
Security Level
Indicates the security model that this entry should belong to. Possible security
models are:
NoAuth, NoPriv: None authentication and none privacy. Auth, NoPriv: Authentication and none privacy. Auth, Priv: Authentication and privacy.
 Read View Name
Write View Name
The name of the MIB view defining the MIB objects for which this request may
request the current values. The allowed string length is 1 to 32, and the allowed
content is the ASCII characters from 33 to 126.
The name of the MIB view defining the MIB objects for which this request may
potentially SET new values. The allowed string length is 1 to 32, and the allowed
content is the ASCII characters from 33 to 126.
98
Buttons
: Click to add a new access entry.
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
99

4.4 Port Management

Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items:
Port Configuration Port Statistics Overview Port Statistics Detail SFP Information Port Mirror
Configures port connection settings
Lists Ethernet and RMON port statistics
Lists Ethernet and RMON port statistics
Displays SFP information
Sets the source and target ports for mirroring

4.4.1 Port Configuration

This page displays current port configurations. Ports can also be configured here. The Port Configuration screen in Figure 4-4-1
appears.
Figure 4-4-1: Port Configuration Page Screenshot
100
Loading...