Netgear GS724T User manual

GS716T and GS724T Gigabit Smart Switches

Software Administration Manual

350 East Plumeria Drive San Jose, CA 95134 USA

October 2012 202-10484-05 v2.0

GS716T and GS724T Gigabit Smart Switches

No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of NETGEAR, Inc.

NETGEAR, the NETGEAR logo, and Connect with Innovation are trademarks and/or registered trademarks of NETGEAR, Inc. and/or its subsidiaries in the United States and/or other countries. Information is subject to change without notice. Other brand and product names are registered trademarks or trademarks of their respective holders. ©2012 All rights reserved.

Technical Support

Thank you for choosing NETGEAR. To register your product, get the latest product updates, get support online, or for more information about the topics covered in this manual, visit the Support website at

http://support.netgear.com

Phone (US & Canada only): 1-888-NETGEAR

Phone (Other Countries): Check the list of phone numbers at

http://support.netgear.com/app/answers/detail/a_id/984

Statement of Conditions

To improve internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice. NETGEAR does not assume any liability that may occur due to the use, or application of, the product(s) or circuit layout(s) described herein.

Revision History

Publication Part Number Version Publish Date Comments

202-10484-05 v2.0 October 2012 Hardware/Software

Updates

202-10484-03 v1.0 November 2010 First publication

Chapter 1 Switch Information and Setup

GS716T and GS724T Smart Switch Setup . . . . . . . . . . . . . . . . . . . . . . . . 10

Switch Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

Connecting the Switch to the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Switch Discovery in a Network with a DHCP Server . . . . . . . . . . . . . . . . . 12

Switch Discovery in a Network without a DHCP Server . . . . . . . . . . . . . . . 14

Network Settings Configuration on the Administrative System . . . . . . . . .15

Web Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Smart Control Center Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Network Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Configuration Upload and Download . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Firmware Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Viewing and Managing Tasks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

User Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

SNMP Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Interface Naming Convention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Chapter 2 System Information Features

Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

System Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

IPv6 Network Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

IPv6 Network Neighbor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Denial of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47

Green Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Show License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

License Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57

SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

SNMPV1/V2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

Trap Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

SNMP v3 User Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

LLDP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

LLDP Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65

LLDP-MED Network Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

GS716T and GS724T Gigabit Smart Switches

LLDP-MED Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Local Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Neighbors Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Services — DHCP Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

DHCP Filtering Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Chapter 3 Switching Features

Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Port Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82

Link Aggregation Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

LAG Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

LAG Membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

LACP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

LACP Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

VLAN Membership Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Port VLAN ID Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

Voice VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Voice VLAN Properties. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Voice VLAN Port Setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95

Voice VLAN OUI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Auto-VoIP Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

STP Switch Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

CST Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

CST Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103

CST Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Rapid STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

MST Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

MST Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

STP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Auto-Video Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

IGMP Snooping Querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

Address Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

MAC Address Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128

Dynamic Address Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Static MAC Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131

Multiple Registration Protocol Configuration . . . . . . . . . . . . . . . . . . . . . . 132

MRP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

MRP Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

MMRP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

MSRP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

GS716T and GS724T Gigabit Smart Switches

MSRP Reservation Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

Qav Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141

MSRP Streams Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

802.1AS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

802.1AS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145

802.1AS Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147

802.1AS Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149

Chapter 4 Quality of Service Features

Class of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Basic CoS Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152

CoS Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153

Interface Queue Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155

802.1p to Queue Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156

DSCP to Queue Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158

Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159

Defining DiffServ. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159

DiffServ Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160

Class Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161

IPv6 Class Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164

Policy Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167

Service Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170

Service Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171

Chapter 5 Device Security

Management Security Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

Change Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174

RADIUS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .175

Configuring TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181

Authentication List Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

Configuring Management Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

HTTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

Secure HTTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187

Certificate Download. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .188

Access Profile Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

Access Rule Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192

Port Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

802.1X Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

Port Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195

Port Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198

Traffic Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200

MAC Filter Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200

MAC Filter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202

Storm Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203

Port Security Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .204

Port Security Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . . .205

Security MAC Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207

GS716T and GS724T Gigabit Smart Switches

Protected Ports Membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208

Configuring Access Control Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

ACL Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210

MAC ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211

MAC Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212

MAC Binding Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214

MAC Binding Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

IP ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

IP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217

IP Extended Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

IPv6 ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222

IPv6 Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223

IP Binding Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

IP Binding Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

Chapter 6 Monitoring the System

Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Switch Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

Port Detailed Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233

EAP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240

System Logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

Memory Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242

FLASH Log Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244

Server Log Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

Trap Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .248

Event Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249

Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250

Multiple Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250

Chapter 7 Maintenance

Reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

Device Reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

Factory Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254

Upload File From Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

TFTP File Upload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255

HTTP File Upload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

Download File To Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

TFTP File Download. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

HTTP File Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .260

File Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

Dual Image Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

Dual Image Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263

Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264

Ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264

Ping IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266

Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267

GS716T and GS724T Gigabit Smart Switches

Chapter 8 Help

Online Help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269

Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269

User Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .270

Registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .271

Appendix A Hardware Specifications and Default Values

GS716T and GS724T Gigabit Smart Switches Specifications . . . . . . . . . 273

GS716T Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273

GS724T Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273

GS716T and GS724T Switch Performance . . . . . . . . . . . . . . . . . . . . .274

GS716T and GS724T Switch Features and Defaults. . . . . . . . . . . . . . . . 274

Port Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .274

Traffic Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275

Quality Of Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275

Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275

System Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276

Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276

Other Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277

Appendix B Configuration Examples

Virtual Local Area Networks (VLANs). . . . . . . . . . . . . . . . . . . . . . . . . . . . 279

VLAN Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281

Access Control Lists (ACLs). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282

MAC ACL Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . .282

Standard IP ACL Example Configuration . . . . . . . . . . . . . . . . . . . . . . .284

Differentiated Services (DiffServ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285

Class. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286

DiffServ Traffic Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286

Creating Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287

DiffServ Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288

802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290

802.1X Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291

MSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

MSTP Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295

Appendix C Notification of Compliance

Index

GS716T and GS724T Gigabit Smart Switches

1. Switch Information and Setup

The NETGEAR® GS716T and GS724T Smart Switch Software Administration Manual describes how to configure and operate the GS716T and GS724T Gigabit Smart Switches by using the Web-based graphical user interface (GUI). This manual describes the software configuration procedures and explains the options available within those procedures.

Document Organization

The GS716Tv2 and GS724Tv3 Software Administration Manual contains the following chapters:

• Chapter 1, Switch Information and Setup, contains information about performing the

initial system configuration and accessing the user interface.

• Chapter 2, System Information Features, describes how to configure administrative

features such as SNMP, DHCP, and port information.

• Chapter 3, Switching Features, describes how to manage and monitor the layer 2

switching features.

• Chapter 4, Quality of Service Features, describes how to manage the Access Control

Lists (ACLs), and how to configure Differentiated Services and Class of Service features.

• Chapter 5, Device Security, contains information about configuring switch security

information such as port access control and RADIUS server settings.

• Chapter 6, Monitoring the System, describes how to view a variety of information about

the switch and its ports, and to configure how the switch monitors events.

• Chapter 7, Maintenance, describes features to help you manage the switch.

• Chapter 8, Help, describes how to access Online Help resources for the switch.

• Appendix A, Hardware Specifications and Default Values, contains hardware

specifications and default values on the GS716T and GS724T Smart Switches.

• Appendix B, Configuration Examples, contains examples of how to configure various

features on the GS716T and GS724T Smart Switches, such as VLANs and ACLs.

• Appendix C, Notification of Compliance contains regulatory information about the

GS716T and GS724T switch.

GS716T and GS724T Gigabit Smart Switches

Note: Refer to the release notes for the GS716T and GS724T Gigabit

Smart Switches for information about issues and workarounds.

GS716T and GS724T Smart Switch Setup

This chapter provides an overview of starting your NETGEAR GS716T and GS724T Smart Switch and accessing the user interface. It also leads you through the steps to use the Smart Control Center utility. This chapter contains the following sections:

• Switch Management Interface on page 10

• Connecting the Switch to the Network on page 11

• Switch Discovery in a Network with a DHCP Server on page 12

• Switch Discovery in a Network without a DHCP Server on page 14

• Network Settings Configuration on the Administrative System on page 15

• Web Access on page 16

• Smart Control Center Utilities on page 17

• User Interfaces on page 23

• Interface Naming Convention on page 29

Switch Management Interface

The NETGEAR GS716T and GS724T Smart Switches contains an embedded Web server and management software for managing and monitoring switch functions. The GS716T and GS724T functions as a simple switch without the management software. However, you can use the management software to configure more advanced features that can improve switch efficiency and overall network performance.

Web-based management lets you monitor, configure, and control your switch remotely using a standard Web browser instead of using expensive and complicated SNMP software products. From your Web browser, you can monitor the performance of your switch and optimize its configuration for your network. You can configure all switch features, such as VLANs, QoS, and ACLs by using the Web-based management interface.

NETGEAR provides the Smart Control Center utility with this product. This program runs

under Microsoft that discovers the switches on your network segment (L2 broadcast domain). When you power up your switch for the first time, use the Smart Control Center to discover the switch and view the network information that has been automatically assigned to the switch by a DHCP server; or, if no DHCP server is present on the network, use the Smart Control Center to discover the switch and assign static network information.

Windows® XP, Windows 2000, or Windows Vista® and provides a front end

GS716T and GS724T Gigabit Smart Switches

In addition to enabling NETGEAR switch discovery, the Smart Control Center provides several utilities to help you maintain the NETGEAR switches on your network, such as password management, firmware upgrade, and configuration file backup. For more information, see Smart Control Center Utilities on page 17.

Connecting the Switch to the Network

To enable remote management of the switch through a Web browser or SNMP, you must connect the switch to the network and configure it with network information (an IP address, subnet mask, and default gateway). The switch has a default IP address of 192.168.0.239 and a default subnet mask of 255.255.255.0.

Use one of the following three methods to change the default network information on the switch:

• Dynamic assignment through DHCP—DHCP is enabled by default on the switch. If you

connect the switch to a network with a DHCP server, the switch obtains its network information automatically. You can use the Smart Control Center to discover the automatically-assigned network information. For more information, see Switch Discovery

in a Network with a DHCP Server on page 12.

• Static assignment through the Smart Control Center—If you connect the switch to a

network that does not have a DHCP server, you can use the Smart Control Center to assign a static IP address, subnet mask, and default gateway. For more information, see

Switch Discovery in a Network without a DHCP Server on page 14.

• Static assignment by connecting from a local host—If you do not want to use the Smart

Control Center to assign a static address, you can connect to the switch from a host (administrative system) in the 192.168.0.0/24 network and change the settings by using the Web-based management interface on the switch. For information about how to set the IP address on the administrative system so it is in the same subnet as the default IP address of the switch, see Network Settings Configuration on the Administrative System on page 15.

GS716T and GS724T Gigabit Smart Switches

Switch Discovery in a Network with a DHCP Server

This section describes how to set up your switch in a network that has a DHCP server. The DHCP client on the switch is enabled by default. When you connect it to your network, the DHCP server will automatically assign an IP address to your switch. Use the Smart Control Center to discover the IP address automatically assigned to the switch.

To install the switch in a network with a DHCP server, use the following steps:

1. Connect the switch to a network with a DHCP server.

2. Power on the switch by connecting its power cord.

3. Install the Smart Control Center on your computer.

4. Start the Smart Control Center.

5. Click Discover for the Smart Control Center to find your switch. You should see a screen

similar to the one shown in the following figure.

Figure 1. Smart Switch Discovery

GS716T and GS724T Gigabit Smart Switches

6. Make a note of the displayed IP address assigned by the DHCP server. You will need this

value to access the switch directly from a Web browser (without using the Smart Control Center).

7. Select your switch by clicking the line that displays the switch, then click the

Web Browser Access button. The Smart Control Center displays a login window.

Use your Web browser to manage your switch. The default password is password. Then use this page to proceed to management of the switch covered in Web Interface on page 23.

GS716T and GS724T Gigabit Smart Switches

Switch Discovery in a Network without a DHCP Server

This section describes how to use the Smart Control Center to set up your switch in a network without a DHCP server. If your network has no DHCP service, you must assign a static IP address to your switch. If you choose, you can assign it a static IP address, even if your network has DHCP service.

To assign a static IP address:

1. Connect the switch to your existing network.

2. Power on the switch by connecting its power cord.

3. Install the Smart Control Center on your computer.

4. Start the Smart Control Center.

5. Click Discover for the Smart Control Center to find your GS716T and GS724T switch. The

utility broadcasts Layer 2 discovery packets within the broadcast domain to discover the switch. You should see a screen similar to Figure 1 on page 12.

6. Select the switch, then click Configure Device. The page expands to display additional

fields at the bottom of the page, as the following figure shows.

7. Choose the Disabled radio button to disable DHCP.

GS716T and GS724T Gigabit Smart Switches

8. Enter the static switch IP address, gateway IP address, and subnet mask for the switch, and

then type your password.

Tip: You must enter the current password every time you use the Smart

Control Center to update the switch setting. The default password is password.

9. Click Apply to configure the switch with the network settings.

Please ensure that your PC and the switch are in the same subnet. Make a note of these settings for later use.

Network Settings Configuration on the Administrative System

If you choose not to use the Smart Control Center to configure the network information on the switch, you can connect directly to the switch from an administrative system, such as a PC or laptop computer. The IP address of the administrative system must be in the same subnet as the default IP address on the switch. For most networks, this means you must change the IP address of the administrative system to be on the same subnet as the default IP address of the switch (192.168.0.239).

To change the IP address on an administrative system running a Microsoft operating system, open the Internet Protocol (TCP/IP) properties screen that you access from the Local Area Connection properties, as shown in the following figure. You need Windows Administrator privileges to change these settings.

Windows®

GS716T and GS724T Gigabit Smart Switches

WARNING:

When you change the IP address of your administrative system, you will loose your connection to the rest of the network. Be sure to write down your current network address settings before you change them.

To modify the network settings on your administrative system:

1. On your PC, access the MS Windows operating system TCP/IP Properties.

2. Set the IP address of the administrative system to an address in the 192.168.0.0 network,

such as 192.168.0.200. The IP address must be different from that of the switch but within the same subnet.

3. Click OK.

To configure a static address on the switch:

1. Use a straight-through cable to connect the Ethernet port on the administrative system

directly to any port on the GS716T and GS724T.

2. Open a Web browser on your PC and connect to the management interface as described in

Web Access on page 16.

3. Change the network settings on the switch to match those of your network (this procedure is

described in IP Configuration on page 33).

After you change the network settings on the switch, return the network configuration on your administrative system to the original settings.

Web Access

To access the GS716T and GS724T management interface, use one of the following methods:

• From the Smart Control Center, select the switch and click Web Browser Access.

• Open a Web browser and enter the IP address of the switch in the address field.

You must be able to ping the IP address of the GS716T and GS724T management interface from your administrative system for Web access to be available. If you used the Smart Control Center to set up the IP address and subnet mask, either with or without a DHCP server, use that IP address in the address field of your Web browser. If you did not change the IP address of the switch from the default value, enter 192.168.0.239 into the address field.

GS716T and GS724T Gigabit Smart Switches

Clicking Web Browser Access on the Smart Control Center or accessing the switch directly from your Web browser displays the login screen shown in the following figure.

Figure 2. Login Screen

Smart Control Center Utilities

In addition to device discovery and network address assignment, the Smart Control Center includes several maintenance features. This section describes the following Smart Control Center utilities:

• Network Utilities on page 17

• Configuration Upload and Download on page 19

• Firmware Upgrade on page 20

• Viewing and Managing Tasks on page 22

Network Utilities

From the Network tab, you can perform the following functions:

• DHCP Refresh—Forces the switch to release the current bindings and request new

address information from the DHCP server.

• Reboot Device—Reboots the selected device.

• Web Browser Access—Launches a Web browser and connects to the management

interface for the selected device.

GS716T and GS724T Gigabit Smart Switches

• Configure Device—Allows you to modify network information for the switch, including

the IP address, DHCP client mode, system name, and location. For more information about this feature, see Configuring the Device .

• Change Password—Allows you to set a new password for the device. For more

information about this feature, see Changing the Switch Password .

Configuring the Device

To modify switch information:

1. Select the switch.

2. Click Configure Device. Additional fields appear on the screen.

3. To assign or update a static IP address, default gateway, or subnet mask, disable the DHCP

client and enter the new information. You can also specify a system name and location for the switch.

4. Type the password in the Current Password field. You cannot apply the changes without a

valid switch password. The default password for the switch is password.

5. Click Apply to update the switch with the changes to the network information.

Changing the Switch Password

1. Select the switch.

2. Click Change Password. Additional fields appear on the screen.

3. Type the switch password in the Current Password field. The default password for the

switch is password.

4. Type the new password in the New Password and Confirm Password fields. The

password can contain up to 20 ASCII characters.

Click Apply to update the switch with the new password.

GS716T and GS724T Gigabit Smart Switches

Configuration Upload and Download

When you make changes to the switch, the configuration information is stored in a file on the switch. You can backup the configuration by uploading the configuration file from the switch to an administrative system. You can download a saved configuration file from the administrative system to the switch. The configuration file you download to the switch overwrites the running configuration on the switch.

Configuration upload and download is useful if you want to save a copy of the current switch configuration (Upload Configuration) before you make changes. If you do not like the changes, you can use the Download Configuration option to restore the switch to the settings in the saved configuration file.

To save a copy of the current switch configuration on your administrative system:

1. Click the Maintenance tab and select the device with the configuration to save.

2. Click Upload Configuration.

3. From the Browse for Folder window that appears, navigate to and select the folder where

you want to store the configuration file.

4. Click OK.

5. Enter the switch password and click Apply.

The file is uploaded to the administrative computer as a *.cfg file. You can open it and view the contents with a text editor.

GS716T and GS724T Gigabit Smart Switches

To restore the configuration to a previously saved version:

1. Click the Maintenance tab and select the device with the configuration to restore.

2. Click Download Configuration.

3. From the Select a Configuration window that appears, navigate to and select the

configuration file to download to the switch.

4. Click Open.

Optionally, you can schedule a different date and time to download the configuration file. To delay the download process, clear the Run Now? check box and enter a date and time to complete the download.

5. Enter the switch password and click Apply to begin the download process.

Note: Click the Tasks tab to view status information about the

configuration download.

Firmware Upgrade

The application software for the GS716T and GS724T Smart Switches is upgradable, enabling your switch to take advantage of improvements and additional features as they become available. The upgrade procedure and the required equipment are described in this section. This procedure assumes that you have downloaded or otherwise obtained the firmware upgrade and that you have it available as a binary file on your computer. This procedure uses the TFTP protocol to implement the transfer from computer to switch.

Note: You can also upgrade the firmware using the TFTP Download and

HTTP Download features mentioned in this book. See HTTP File

Upload on page 256.

To upgrade your firmware:

1. Click the Maintenance tab, and then click the Firmware link directly below the tabs (see

Figure 1 on page 12).

2. Select the switch to upgrade and click Download Firmware.

GS716T and GS724T Gigabit Smart Switches

By default, the firmware is downloaded to primary storage and will be become the active image after the download completes and the switch reboots. To download firmware to use as a backup image, select the Secondary Storage option. To prevent the switch from using the downloaded firmware as the active image, make sure the Run this FW after

download option is clear.

Note: NETGEAR recommends that you download the same image as the

primary and secondary image for redundancy.

3. From the Select new firmware window that appears, navigate to and select the firmware

image to download to the switch.

4. Click Open.

You can choose to schedule a later time to complete the download and installation by clearing the Run Now? option and selecting a date and time to perform the firmware download and installation. The scheduled firmware download appears in the Tasks list.

5. Enter the switch password to continue downloading the firmware.

6. Click Apply to download the firmware and upgrade the switch with the new image.

7. When the process is complete, the switch automatically reboots.

Note: Click the Tasks tab to view status information about the firmware

upgrade.

WARNING:

It is important that you do not power-off the administrative system or the switch while the firmware upgrade is in progress.

GS716T and GS724T Gigabit Smart Switches

Viewing and Managing Tasks

From the Tasks tab, you can view information about configuration downloads and firmware upgrades that have already occurred, are in progress, or are scheduled to take place at a later time. You can also delete or reschedule selected tasks. Figure 3 shows the Tasks page.

Figure 3. Tasks Page

The following list describes the command buttons that are specific to the Tasks page:

• Delete Task—Remove a completed or schedule task from the list.

• Reschedule—Change the scheduled date and time for a pending firmware upgrade.

• Select Range—Select all tasks that occurred or are scheduled to occur within a certain

period of time.

GS716T and GS724T Gigabit Smart Switches

User Interfaces

The GS716T and GS724T Smart Switches software includes a set of comprehensive management functions for configuring and monitoring the system by using one of the following methods:

• Web user interface

• Simple Network Management Protocol (SNMP)

Each of the standards-based management methods allows you to configure and monitor the components of the GS716T and GS724T Smart Switches software. The method you use to manage the system depends on your network size and requirements, and on your preference.

The GS716Tv2 and GS724Tv3 Software Administration Manual describes how to use the Web-based interface to manage and monitor the system.

Web Interface

To access the switch by using a Web browser, the browser must meet the following software requirements:

• HTML version 4.0, or later

• HTTP version 1.1, or later

• Java Runtime Environment 1.6 or later

Use the following procedures to log on to the Web interface:

1. Open a Web browser and enter the IP address of the switch in the Web browser

address field.

2. The factory default password is password. Type the password into the field on the login

screen, as shown in Figure 2 on page 17, and then click Login. Passwords are case sensitive.

3. After the system authenticates you, the System Information page displays.

Figure 4 on page 24 shows the layout of the GS716T and GS724T switch Web interface.

GS716T and GS724T Gigabit Smart Switches

Navigation Tab Feature Link Logout Button

Page Menu

Help Link

Help Page

Configuration and Status and Options

Figure 4. Administrative Page Layout

Navigation Tabs, Feature Links, and Page Menu

The navigation tabs along the top of the Web interface give you quick access to the various switch functions. The tabs are always available and remain constant, regardless of which feature you configure.

When you select a tab, the features for that tab appear as links directly under the tabs. The feature links in the blue bar change according to the navigation tab that is selected.

The configuration pages for each feature are available as links in the page menu on the left side of the page. Some items in the menu expand to reveal multiple configuration pages, as

Figure 5 on page 25 shows. When you click a menu item that includes multiple configuration

pages, the item becomes preceded by a down arrow symbol and expands to display the additional pages.

GS716T and GS724T Gigabit Smart Switches

Page Link

Configuration

Pages

Figure 5. Menu Hierarchy

Configuration and Status Options

The area directly under the feature links and to the right of the page menu displays the configuration information or status for the page you select. On pages that contain configuration options, you can input information into fields or select options from drop-down menus.

Each page contains access to the HTML-based help that explains the fields and configuration options for the page. Each page also contains command buttons.

The following table shows the command buttons that are used throughout the pages in the Web interface:

Button Function

Add Clicking Add adds the new item configured in the heading row of a table.

Apply Clicking the Apply button sends the updated configuration to the switch. Configuration

changes take effect immediately.

Cancel Clicking Cancel cancels the configuration on the screen and resets the data on the screen

to the latest value of the switch.

Delete Clicking Delete removes the selected item.

Refresh Clicking the Refresh button refreshes the page with the latest information from the device.

Logout Clicking the Logout button ends the session.

GS716T and GS724T Gigabit Smart Switches

Device View

The Device View is a Java® applet that displays the ports on the switch. This graphic provides an alternate way to navigate to configuration and monitoring options. The graphic also provides information about device ports, current configuration and status, table information, and feature components.

The Device View is available from the System

 Device View page.

Depending upon the status of the port, the LED of the port illuminates either red, green, or yellow:

• A red LED indicates that the link is disabled.

• A green LED indicates that the port is enabled and operating at a transfer rate of

1000 Mbps.

• A yellow LED indicates that the port is enabled and operating at a transfer rate of

10 Mbps/100 Mbps.

The following image shows the Device View of the GS716T.

The following image shows the Device View of the GS724T.

GS716T and GS724T Gigabit Smart Switches

Click the port you want to view or configure to see a menu that displays statistics and configuration options. Click the menu option to access the page that contains the configuration or monitoring options.

If you click the graphic, but do not click a specific port, the main menu appears, as the following figure shows. This menu contains the same option as the navigation tabs at the top of the page.

GS716T and GS724T Gigabit Smart Switches

Help Page Access

Every page contains a link to the online help , which contains information to assist in configuring and managing the switch. The online help pages are context sensitive. For example, if the IP Addressing page is open, the help topic for that page displays if you click Help. Figure 4 on page 24 shows the location of the Help link on the Web interface.

User-Defined Fields

User-defined fields can contain 1 to 159 characters, unless otherwise noted on the configuration Web page. All characters may be used except for the following (unless specifically noted in for that feature):

\ <

/ >|

* |

SNMP Management

The GS716T and GS724T Smart Switches software supports the configuration of SNMP groups and users that can manage traps that the SNMP agent generates. The switches use both standard public MIBs for standard functionality and private MIBs that support additional switch functionality. All private MIBs begin with a “-” prefix. The main object for interface configuration is in -SWITCHING-MIB, which is a private MIB. Some interface configurations also involve objects in the public MIB, IF-MIB.

SNMP is enabled by default. The System which is the page that displays after a successful login, displays the information you need to configure an SNMP manager to access the switch.

Any user can connect to the switch using the SNMPv3 protocol, but for authentication and encryption, the switch supports only one user which is admin; therefore there is only one profile that can be created or modified.

To configure authentication and encryption settings for the SNMPv3 admin profile by using the Web interface:

1. Navigate to the System

 SNMP  SNMPv3  User Configuration page.

2. To enable authentication, select an Authentication Protocol option, which is either MD5 or

SHA.

3. To enable encryption, select the DES option in the Encryption Protocol field. Then, enter

an encryption code of eight or more alphanumeric characters in the Encryption Key field.

4. Click Apply.

 Management  System Information Web page,

To access configuration information for SNMPv1 or SNMPv2, click System

SNMPv1/v2 and click the page that contains the information to configure.

 SNMP 

GS716T and GS724T Gigabit Smart Switches

Interface Naming Convention

The GS716T and GS724T Smart Switches supports physical and logical interfaces. Interfaces are identified by their type and the interface number. All the physical ports 1–48 are Gigabit ports and the SFP Ports 47–50 support 1000M Speed fiber modules. Ports 47–48 are Combo ports and ports 49–50 will support dedicated SFP modules. The number of the port is identified on the front panel. You can configure the logical interfaces by using the software. The following table describes the naming convention for all interfaces available on the switch.

Interface Description Example

Physical The physical ports include Gigabit ports and are

numbered sequentially starting from one.

Link Aggregation Group (LAG) LAG interfaces are logical interfaces that are only

used for bridging functions.

CPU Management Interface This is the internal switch interface responsible for the

switch base MAC address. This interface is not configurable and is always listed in the MAC Address Table.

g1, g2, g3

l1, l2, l3

GS716T and GS724T Gigabit Smart Switches

+ 273 hidden pages

Netgear GS724T User manual

GS716T and GS724T Gigabit Smart Switches

Contents

1. Switch Information and Setup

GS716T and GS724T Smart Switch Setup

Switch Management Interface

Connecting the Switch to the Network

Switch Discovery in a Network with a DHCP Server

Switch Discovery in a Network without a DHCP Server

Network Settings Configuration on the Administrative System

Web Access

Smart Control Center Utilities

Network Utilities

Configuration Upload and Download

Firmware Upgrade

Viewing and Managing Tasks

User Interfaces

Web Interface

SNMP Management

Interface Naming Convention