Westermo RedFox User Manual

RedFox Series
WeOS
Wolverine Series
Lynx Series
Falcon Series
Viper Series
Westermo OS
Management Guide
©
Westermo Teleindustri AB
www.westermo.com
Westermo OS Management Guide
Version 4.17.0-0

Legal information

The contents of this document are provided ”as is”. Except as required by appli­cable law, no warranties of any kind, either express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose, are made in relation to the accuracy and reliability or contents of this document. Westermo reserves the right to revise this document or withdraw it at any time without prior notice.
Under no circumstances shall Westermo be responsible for any loss of data or income or any special, incidental, and consequential or indirect damages how­soever caused. More information about Westermo can be found at the following Internet address: http://www.westermo.com
2
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
Contents
Legal information 2

Table of Contents 3

I Introduction to WeOS and its Management Methods 9
1 Introduction 10
1.1 Westermo and its WeOS products . . . . . . . . . . . . . . . . . . . . . 10
1.2 Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.3 Introduction to WeOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.4 How to read this document . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.5 Westermo products running WeOS . . . . . . . . . . . . . . . . . . . . 13
2 Quick Start 15
2.1 Starting the Switch for the First Time . . . . . . . . . . . . . . . . . . . 15
2.2 Modifying the IP Setting . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
3 Overview of Management Methods 28
3.1 When to use the WeConfig tool . . . . . . . . . . . . . . . . . . . . . . . 29
3.2 When to use the Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3.3 When to use the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
4 Management via Web Interface 32
4.1 Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.2 Logging in . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
4.3 Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
4.4 System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
5 Management via CLI 45
©
2015 Westermo Teleindustri AB 3
Westermo OS Management Guide
Version 4.17.0-0
5.1 Overview of the WeOS CLI hierarchy . . . . . . . . . . . . . . . . . . . 45
5.2 Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
5.3 Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
5.4 General CLI commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
6 WeOS SNMP Support 61
6.1 Introduction and feature overview . . . . . . . . . . . . . . . . . . . . . 61
6.2 Managing SNMP via the web interface . . . . . . . . . . . . . . . . . . 71
6.3 Manage SNMP Settings via the CLI . . . . . . . . . . . . . . . . . . . . 74
II Common Switch Services 78
7 General Switch Maintenance 79
7.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
7.2 Maintenance via the Web Interface . . . . . . . . . . . . . . . . . . . . 115
7.3 Maintenance via the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
8 Ethernet Port Management 163
8.1 Overview of Ethernet Port Management . . . . . . . . . . . . . . . . . 163
8.2 Managing port settings via the web interface . . . . . . . . . . . . . 178
8.3 Managing port settings via the CLI . . . . . . . . . . . . . . . . . . . . 181
9 Ethernet Statistics 191
9.1 Ethernet Statistics Overview . . . . . . . . . . . . . . . . . . . . . . . . 191
9.2 Statistics via the web interface . . . . . . . . . . . . . . . . . . . . . . . 197
9.3 Statistics via the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
10 SHDSL Port Management 204
10.1 Overview of SHDSL Port Management . . . . . . . . . . . . . . . . . . 204
10.2 Managing SHDSL ports via the web interface . . . . . . . . . . . . . 210
10.3 Managing SHDSL ports via the CLI . . . . . . . . . . . . . . . . . . . . 218
11 ADSL/VDSL Port Management 224
11.1 Overview of ADSL/VDSL Port Management . . . . . . . . . . . . . . . 224
11.2 Managing ADSL/VDSL ports via the web interface . . . . . . . . . . 238
11.3 Managing ADSL/VDSL ports via the CLI . . . . . . . . . . . . . . . . . 250
12 Power Over Ethernet (PoE) 255
12.1 Overview of Power over Ethernet (PoE) . . . . . . . . . . . . . . . . . 255
12.2 Managing PoE via the web interface . . . . . . . . . . . . . . . . . . . 259
12.3 Managing PoE via the CLI interface . . . . . . . . . . . . . . . . . . . . 263
4
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
13 Virtual LAN 268
13.1 VLAN Properties and Management Features . . . . . . . . . . . . . . 268
13.2 Port-based network access control . . . . . . . . . . . . . . . . . . . . 279
13.3 Managing VLAN settings via the web interface . . . . . . . . . . . . 284
13.4 Managing VLAN settings via the CLI . . . . . . . . . . . . . . . . . . . 294
14 FRNT 306
14.1 Overview of the FRNT protocol and its features . . . . . . . . . . . . 306
14.2 FRNT and RSTP coexistence . . . . . . . . . . . . . . . . . . . . . . . . . 309
14.3 Managing FRNT settings via the web interface . . . . . . . . . . . . . 311
14.4 Managing FRNT settings via the CLI . . . . . . . . . . . . . . . . . . . . 317
15 Ring Coupling and Dual Homing 320
15.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321
15.2 Managing via the Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
15.3 Managing via CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
15.4 Feature Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
16 Spanning Tree Protocol - RSTP and STP 347
16.1 Overview of RSTP/STP features . . . . . . . . . . . . . . . . . . . . . . . 347
16.2 Managing RSTP via the web interface . . . . . . . . . . . . . . . . . . 353
16.3 Managing RSTP via the CLI . . . . . . . . . . . . . . . . . . . . . . . . . 357
17 Link Aggregation 362
17.1 Link Aggregation Support in WeOS . . . . . . . . . . . . . . . . . . . . 362
17.2 Managing Link Aggregation via the Web . . . . . . . . . . . . . . . . . 372
17.3 Managing Link Aggregation via CLI . . . . . . . . . . . . . . . . . . . . 376
18 Multicast in Switched Networks 381
18.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
18.2 Managing IGMP in the Web Interface . . . . . . . . . . . . . . . . . . . 387
18.3 Managing IGMP in the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . 389
19 General Network Settings 393
19.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
19.2 Network interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
19.3 General IP settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
19.4 Managing network interfaces via the web . . . . . . . . . . . . . . . . 412
19.5 Managing general IP settings via the web . . . . . . . . . . . . . . . . 418
19.6 Managing network interfaces via the CLI . . . . . . . . . . . . . . . . 423
19.7 Managing general IP settings via the CLI . . . . . . . . . . . . . . . . 431
©
2015 Westermo Teleindustri AB 5
Westermo OS Management Guide
Version 4.17.0-0
20 General System Settings 445
20.1 Managing switch identity via Web . . . . . . . . . . . . . . . . . . . . . 446
20.2 Managing switch identity information via CLI . . . . . . . . . . . . . . 448
21 Authentication, Authorisation and Accounting 453
21.1 Overview over AAA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
21.2 Managing AAA via the web . . . . . . . . . . . . . . . . . . . . . . . . . 456
21.3 Managing AAA via the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . 473
22 DHCP Server 487
22.1 Overview of DHCP Server Support in WeOS . . . . . . . . . . . . . . . 488
22.2 Configuring DHCP Server Settings via the Web . . . . . . . . . . . . 499
22.3 Configuring DHCP Server Settings via the CLI . . . . . . . . . . . . . 503
23 DHCP Relay Agent 514
23.1 Overview of DHCP Relay Agent Support . . . . . . . . . . . . . . . . . 515
23.2 Configuring DHCP Relay Agent via the Web . . . . . . . . . . . . . . . 526
23.3 Configuring DHCP Relay Agent via the CLI . . . . . . . . . . . . . . . 529
24 Alarm handling, LEDs and Digital I/O 535
24.1 Alarm handling features . . . . . . . . . . . . . . . . . . . . . . . . . . . 535
24.2 Managing Alarms via the Web . . . . . . . . . . . . . . . . . . . . . . . 547
24.3 Managing Alarms via the CLI . . . . . . . . . . . . . . . . . . . . . . . . 553
24.4 Digital I/O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576
24.5 LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579
25 Logging Support 582
25.1 Logging Support in the web interface . . . . . . . . . . . . . . . . . . 583
25.2 Managing Logging Support via the CLI . . . . . . . . . . . . . . . . . . 584
III Router/Gateway Services 586
26 IP Routing in WeOS 587
26.1 Summary of WeOS Routing and Router Features . . . . . . . . . . . 587
26.2 Static unicast routes via Web . . . . . . . . . . . . . . . . . . . . . . . . 595
26.3 Enabling Routing, Managing Static Routing, etc., via CLI . . . . . . 598
27 Dynamic Routing with OSPF 600
27.1 Overview of OSPF features . . . . . . . . . . . . . . . . . . . . . . . . . 600
27.2 OSPF Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 614
27.3 Managing OSPF via the CLI . . . . . . . . . . . . . . . . . . . . . . . . . 618
6
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
28 Dynamic Routing with RIP 630
28.1 Overview of RIP Features . . . . . . . . . . . . . . . . . . . . . . . . . . . 630
28.2 RIP Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 636
28.3 Managing RIP via the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . 639
29 IP Multicast Routing 648
29.1 Summary of WeOS Multicast Routing Features . . . . . . . . . . . . . 648
29.2 Managing Multicast Routing via Web Interface . . . . . . . . . . . . . 652
29.3 Managing Multicast Routing via CLI . . . . . . . . . . . . . . . . . . . . 657
30 Virtual Router Redundancy (VRRP) 661
30.1 Introduction to WeOS VRRP support . . . . . . . . . . . . . . . . . . . . 662
30.2 Managing VRRP via the web interface . . . . . . . . . . . . . . . . . . 669
30.3 Managing VRRP via the CLI . . . . . . . . . . . . . . . . . . . . . . . . . 674
31 Firewall Management 682
31.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 683
31.2 Firewall Management via the Web Interface . . . . . . . . . . . . . . 710
31.3 Firewall Management via the CLI . . . . . . . . . . . . . . . . . . . . . 733
IV Virtual Private Networks and Tunnels 747
32 Overview of WeOS VPN and Tunnel support 748
32.1 WeOS support for VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 748
32.2 Tunneling using PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 749
32.3 Tunneling using GRE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 749
33 PPP Connections 750
33.1 Overview of PPP Properties and Features . . . . . . . . . . . . . . . . 751
33.2 Managing PPP settings via the web interface . . . . . . . . . . . . . . 761
33.3 Managing PPP settings via the CLI . . . . . . . . . . . . . . . . . . . . . 767
34 GRE tunnels 778
34.1 Overview of GRE tunnel Properties and Management Features . . 778
34.2 Managing GRE settings via the web interface . . . . . . . . . . . . . 782
34.3 Managing GRE settings via the CLI . . . . . . . . . . . . . . . . . . . . 784
35 IPsec VPNs 788
35.1 Overview of IPsec VPN Management Features . . . . . . . . . . . . . 789
35.2 Managing VPN settings via the web interface . . . . . . . . . . . . . 809
35.3 Managing VPN settings via the CLI . . . . . . . . . . . . . . . . . . . . 819
©
2015 Westermo Teleindustri AB 7
Westermo OS Management Guide
Version 4.17.0-0
36 SSL VPN 835
36.1 Overview of SSL VPN Management Features . . . . . . . . . . . . . . 835
36.2 Managing SSL VPN settings via the web interface . . . . . . . . . . 852
36.3 Managing SSL VPN settings via the CLI . . . . . . . . . . . . . . . . . 858
37 WeConnect 870
37.1 Installing WeConnect via the Web . . . . . . . . . . . . . . . . . . . . . 872
37.2 Installing WeConnect via the CLI . . . . . . . . . . . . . . . . . . . . . . 874
37.3 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 876
V Serial Port Management and Applications 880
38 Serial Port Management 881
38.1 Overview of Serial Port Management . . . . . . . . . . . . . . . . . . . 882
38.2 Managing serial ports via the web interface . . . . . . . . . . . . . . 885
38.3 Managing serial ports via the CLI interface . . . . . . . . . . . . . . . 888
39 Serial Over IP 894
39.1 Overview of Serial Over IP . . . . . . . . . . . . . . . . . . . . . . . . . . 894
39.2 Managing Serial Over IP via the web interface . . . . . . . . . . . . . 906
39.3 Managing Serial Over IP via the CLI interface . . . . . . . . . . . . . 913
40 Modbus Gateway 929
40.1 Managing Modbus Gateway via the web interface . . . . . . . . . . 931
40.2 Managing Modbus Gateway via the CLI interface . . . . . . . . . . . 935
41 MicroLok II Gateway 947
41.1 Overview of MicroLok Gateway Properties and Management Fea-
tures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 947
41.2 Managing MicroLok Gateway via the web interface . . . . . . . . . . 952
41.3 Managing MicroLok Gateway via the CLI interface . . . . . . . . . . 956
VI Appendixes 963
Acronyms and abbreviations 964
References 967
Index 971
8
©
2015 Westermo Teleindustri AB
Part I
Westermo OS Management Guide
Version 4.17.0-0
Introduction to WeOS and its
Management Methods
©
2015 Westermo Teleindustri AB 9
Westermo OS Management Guide
Chapter 1

Introduction

1.1 Westermo and its WeOS products

Version 4.17.0-0
Westermo provides an extensive set of network products for robust industrial data communications, managed as well as unmanaged products. Westermo’s products are found in diverse set of harsh environment applications, and where robustness and reliability are vital properties.
This guide describes the extensive functionality of managed Westermo products running the Westermo OS (WeOS).

1.2 Getting Started

Please see www.westermo.com for the latest updated version of this document – the WeOS Management Guide. There you can also find product User Guides, and other support information for your product.
The dedicated User Guide of your product includes information on how to get started with WeOS on your specific product. That is a good place to start if you wish to do the least possible configuration of your switch (i.e., assign appropriate IP settings) before putting it into your network infrastructure.
If the User Guide of your specific product lacks a section on how to get started with WeOS, please visit the chapter 2 (Quick Start) of this document.
10
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0

1.3 Introduction to WeOS

Westermo OS (WeOS) is a network operating system delivering an extensive set of functionality including layer-2 (basic switching, VLAN, IGMP snooping, etc.), layer-3 (routing, firewall, NAT, etc.), and higher-level services (DHCP, DNS, etc.). Furthermore, WeOS provides easy management via a Web interface, via the as­sociated WeConfig tool, and via a USB stick. To satisfy even more advanced cus­tomer needs, WeOS provides flexible management via a command line interface (CLI), as well as via SNMP.
WeOS provides two levels of functionality, WeOS Standard and WeOS Extended. Products running WeOS Standard are outstanding layer-2 switches suitable to build reliable LAN infrastructures. Products running WeOS Extended extends the WeOS functionality by adding routing capabilities and a rich set of related higher level services (NAT, firewall, VPN, etc.).

1.4 How to read this document

This guide is structured in the following parts:
Part I: This part gives general information on WeOS, and introduces the main
methods to manage a WeOS unit (WeConfig, Web, CLI and SNMP)1.
The information in Part I applies both to products running WeOS Standard and WeOS Extended.
Chapter 1 is this chapter.
Chapter 2 describes how to get started with your WeOS product.
Chapters 3 gives an overview of the different ways to manage a WeOS
unit. If you need recommendations of which method to use, please read
chapter 3.
Chapters 4-5 present the WeOS Web and CLI support. Detailed informa-
tion for Web and CLI Management is provided in the later parts of the document.
Chapters 6 is the main source of information for WeOS SNMP support.
1
For information on how to configure a WeOS unit using a USB memory stick, see Chapter 7.
©
2015 Westermo Teleindustri AB 11
Westermo OS Management Guide
Version 4.17.0-0
Part II: Each of the chapters in this part covers services and features in
common software levels Standard and Extended.
Chapter 7 handles general maintenance task (firmware upgrade, config-
uration file handling, factory reset, etc.) and tools such as ping, tracer­oute, which be useful when troubleshooting your network.
Chapters 8-12 cover management of Ethernet, SHDSL and xDSL (ADSL/VDSL)
ports.
Chapters 13-18 concern various layer-2 services in WeOS (VLANs, layer-
2 redundancy (FRNT, RSTP, Link Aggregation), and IGMP Snooping).
Chapter 19 covers network interface configuration including IP address,
netmask, etc., as well system wide network settings such as default gateway and DNS.
Chapter 20-25 handles various general settings (System Identity), AAA
services, DHCP (Server and Relay), and status maintenance (Alarm, Dig­ital I/O, Front Panel LEDs, and logging).
Part III covers WeOS router/gateway services. These features are only appli-
cable to WeOS Extended products.
Chapters 26-30 describes static and dynamic routing, and VRRP support
in WeOS.
Chapter 31 concerns NAT and Firewall support.
Part IV covers WeOS VPN and tunneling services. These features are only
provided for WeOS Extended products.
Chapters 32 gives an overview to VPN and tunneling services.
Chapter 33 covers PPP support (PPP over serial port and PPPoE).
Chapter 34 describes GRE tunneling support.
Chapters 35 and 36 presents VPN support using IPsec and SSL (Open-
VPN).
Part V contains information on serial port configuration (chapter 38) and
applications. These features apply to WeOS products with serial ports, both for WeOS Standard and WeOS Extended.
Chapter 39 describes Serial Over IP and Modem Replacement function-
ality
12
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
Chapter 40-41 cover Modbus Gateway and Microlok Gateway support.

1.5 Westermo products running WeOS

Below you find the list of Westermo products running WeOS, as well as references to their respective User Guide:
Falcon: User Guide [41] (FDV-206-1D1S). (”Basis” platform)
Lynx: User Guides [46] (Lynx-L110/210) and [42] (Lynx-L106/206-F2G). (”Ba­sis” platform)
Lynx-DSS: User Guides [43] (L108/208-F2G-S2), [44] (L105/205-S1), and [45] (L106/206-S2). (”Basis” platform)
RedFox Industrial (RFI): User Guides [48] (”Corazon” platform) and [47] (”At­las” platform)
RedFox Industrial Rack (RFIR): User Guide [49] (”Corazon” platform)
RedFox Rail (RFR): User Guide [50] (RFR-212-FB (”Corazon” platform), and RFR-12-FB (”Atlas” platform)).
Wolverine: User Guides [37] (DDW-142), [38] (DDW-142-485), [39] (DDW-
225) and [40] (DDW-226). (”Basis” platform)
Viper: User Guides [51] (Viper-112/212 and Viper-112/212-T3G) and [52] (Viper-112/212-P8 and Viper-112/212-T3G-P8) (”Basis” platform)
Note
Atlas, Basis and Corazon denote HW platforms used by different products. Products utilising the same HW platform use the same kind of CPU, and have the same amount of RAM and flash memory.
1.5.1 Product hardware details affecting WeOS functionality
The WeOS functionality described in the Management Guide generally applies to all Westermo products running WeOS of the appropriate software level (Standard or Extended). However, where functionality assumes the presence of certain hardware (such as a USB port), those functions are limited to products including
©
2015 Westermo Teleindustri AB 13
Westermo OS Management Guide
Version 4.17.0-0
that hardware. The table below provides a summary of hardware differences af­fecting the availability of certain WeOS functions. For a more definite description of hardware specifications you are referred to the dedicated User Guide of each product (see section 1.5).
Ethernet Ports
SHDSL Ports
xDSL Port
Serial Port(s)
Console port
Digital In/Out
USB Port
Failover Relay
PoE Ports
Falcon
FDV-206-1D1S X X X X X X
Lynx
L106/206-F2G X X X X L110/210 X X X
Lynx-DSS
All Lynx-DSS models X X X X X
RedFox Industrial & RedFox Industrial Rack
All RFI and RFIR models X X X X
RedFox Rail
All RFR models X X X
Viper
All ”non-PoE’ models X X X All ”PoE” models X X X X
Wolverine
DDW-142 X X DDW-142-485 X X DDW-225 X X X X X DDW-226 X X X X X X
2
2
X X X X X X X X
1
1
Failover Relay is available on RedFox Rail models ”RFR-12 FB” and ”RFR-212 FB”. See the
related User Guide[50] for more information on failover relay functionality.
2
The DDW-142 and DDW-142-485 SHDSL ports have support for PAF (SHDSL link bonding).
14
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
Chapter 2

Quick Start

This section provides a guide to quickly get started with your switch. Only simple configuration procedures will be covered1. The steps covered concern:
Get familiar with the factory default setting
Configuring an appropriate IP address

2.1 Starting the Switch for the First Time

When booting the switch for the first time the switch will use the factory default setting.
The factory default setting makes the switch operate as a manageable layer-2 switch, where all Ethernet ports belong to the same virtual LAN (VLAN)2.
Manageable: The switch is manageable via any of the Ethernet ports. To manage the switch via an Ethernet port you need to know the IP address of the switch (see table 2.1). For switches equipped with a console port, the switch can as well be managed via that port without knowing the IP address of the switch.
1
For more advanced settings, we refer to the remaining chapters of this guide as well as the
online help provided via the Web configuration tool and the Command Line Interface (CLI).
2
On Falcon series of switches, all Ethernet ports belong to the default VLAN (VLAN 1), while the xDSL port belongs to a separate VLAN (VLAN 1006). That is, by factory default Falcon operates as a router. See chapter 11 for more details.
©
2015 Westermo Teleindustri AB 15
Westermo OS Management Guide
Version 4.17.0-0
Single VLAN: By default all ports on the switch will belong to the same VLAN. Thus, devices connected to different ports of the switch should be able to communicate with each other right away. For more advanced setups, the ports of the switch can be grouped into different VLANs. In the factory de­fault setting all ports belong to VLAN 1.
The default IP setting for the switch is as shown in table 2.1.
Address Netmask Gateway
Primary IP address Dynamic (DHCP) (Dynamic) (Dynamic) Secondary IP address 192.168.2.200 255.255.255.0 Disabled
Table 2.1: Factory Default IP settings.
Thus, when you power up your WeOS unit with the factory configuration, you can connect to it via two addresses:
The static IP address 192.168.2.200: This address is simplest to use if you are setting up a single unit.
A dynamic address assigned by a DHCP server3(if present): This address may be simplest to use if you want to connect and configure multiple new WeOS units simultaneously.
Note
Before you put your switch into your production network you should change its IP setting according to your network topology. How you change your IP setting is described in the next section.

2.2 Modifying the IP Setting

The switch can be configured with a static IP setting, or it can get its IP address dynamically via DHCP. The latter case is useful if you are running a DHCP server on the same LAN as the switch will be located.
WeOS provides several management tools, which will be presented further in later chapters of this guide. In this chapter we limit the scope to describe how these tools can be used to update the IP settings of the switch.
3
In addition, the unit will autoconfigure itself with a link-local address in the 169.254.x.x range, where ’x’ is in interval 0-255. See section 19.2.6 for more information.
16
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
WeConfig: is Westermo’s Network configuration management tool (NCM) made for commissioning and maintenance of components in a network. It replaces the former Westermo tool known as IPConfig. For further informa­tion on WeConfig’s features and how to use the tool, see the WeConfig User Guide[54].
Web: Configuration of IP settings via the Web interface is described in sec-
tion 2.2.1.
CLI: Configuration of IP settings via the Command Line Interface (CLI) is described in section 2.2.2.
Hint
If you are not sure what IP address your switch has, use the WeConfig tool, or the CLI via console method (section 2.2.2.1). If neither of these methods work, please visit section 7.1.3 for information on how to conduct a factory reset.
©
2015 Westermo Teleindustri AB 17
Westermo OS Management Guide
Router IP address:
192.168.55.1
PC
Host with Web browser. PC IP address and netmask known, e.g., IP address 192.168.55.35 and netmask 255.255.255.0
To Internet or
company Intranet
Router
Ethernet portsConsole
Switch with default IP setting:
Default gateway: Disabled
IP address: 192.168.2.200
Netmask: 255.255.255.0
Should get the following settings:
IP address: 192.168.55.100
Netmask: 255.255.255.0
Default gateway: 192.168.55.1
WeOS switch
Version 4.17.0-0
2.2.1 Using the Web Interface to Update the Switch IP Settings
To configure the IP settings via web your switch is required to be located on the same IP subnet as your PC.
In this example the switch shall be assigned the IP address 192.168.55.100, net­mask 255.255.255.0 and default gateway 192.168.55.1. To achieve this you must (temporarily) change the IP address of the PC in order to be able to communicate with the switch.
The steps to configure the IP settings via the web interface are as follows:
1. Connect your PC to the switch: Connect your PC to the switch as shown in the figure above.
2. Modifying IP Settings on PC: The IP settings on the PC must be updated to match the default settings on the switch, i.e., the PC should be assigned an IP address on the 192.168.2.0/24 network, e.g.,
PC IP address: 192.168.2.1
PC Netmask: 255.255.255.0
3. Access switch via web browser: Open your web browser and enter URL http://192.168.2.200 in the browser’s address field. You will be asked to enter a username and a password. Use the factory default account settings shown below:
Login username: admin
18
Password: westermo
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
4. Open the Network configuration page: Click on the Configuration top­menu and then on the Network sub-menu and then the Global settings menu.
5. Configure Default Gateway: Now click the edit icon ( ) in the Global Settings frame. The following page should appear.
Fill in the appropriate address in the Default Gateway field. In this example, the default gateway is 192.168.55.1. Click the Apply button. Your switch is configured with a new default gateway.
6. Open Interface Configuration Page: Click on the Configuration top-menu and then on the Network sub-menu and then the Interface sub menu. In
©
2015 Westermo Teleindustri AB 19
Westermo OS Management Guide
Version 4.17.0-0
the Interface page, click the edit icon ( ) on the row for the interface named vlan1. The Interface Configuration Page will appear:
7. Configure Interface IP Settings: Enter the appropriate IP settings for your switch. In this example we would:
(a) Set IP Address Method to static (radio button).
(b) Set Primary Address to 192.168.55.100 with 255.255.255.0 in the
Netmask field.
(c) Remove Secondary Address (192.168.2.200) using the trash icon ( ).
Click the Apply button and your switch is configured with a new IP address.
8. Reconfigure PC’s IP Settings: As the IP address is changed on the switch, you cannot reach it from your PC any longer. To access the switch from the PC, the PC’s IP settings must be changed again. In this case, we assume it is changed back to its original settings:
PC IP address: 192.168.55.35
PC Netmask: 255.255.255.0
PC Default Gateway: 192.168.55.1
Further management of the switch can be performed via any of the available management tools - WeConfig, Web, SSH/Telnet/CLI or SNMP.
20
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Router IP address:
192.168.55.1
PC
Host with terminal emulation program. PC IP address and netmask known, e.g., IP address 192.168.55.35 and netmask 255.255.255.0
To Internet or
company Intranet
Router
Ethernet portsConsole
Switch with default IP setting:
Default gateway: Disabled
IP address: 192.168.2.200
Netmask: 255.255.255.0
Should get the following settings:
IP address: 192.168.55.100
Netmask: 255.255.255.0
Default gateway: 192.168.55.1
WeOS switch
Version 4.17.0-0
2.2.2 Using the CLI to Update the Switch IP Settings
The CLI can be accessed in three ways: via the console port (given that the switch is equipped with a console port) or via the Ethernet ports using the Secure Shell (SSH) or the Telnet protocol. Section 2.2.2.1 explains how to access the CLI via the console port, and how to update the IP settings. Section 2.2.2.2 explains how to access the CLI via SSH.
Access with Telnet is also possible, but this is not enabled by default on the switch, and to use it you will first have to access it with one of the other methods and enable this protocol for management. See Section 7.3.49 (CLI) for informa­tion on how to enable the Telnet service on the unit, and then Section 19.4 (Web) or Section 19.6.6 for information on how to enable Telnet configuration via inter­face ”vlan1”.
2.2.2.1 Accessing the CLI via the console port
For WeOS switches equipped with a console port, this port can be used to change IP address of the switch.
1. Connect your PC to the switch: Connect your PC to the switch as shown in
©
2015 Westermo Teleindustri AB 21
the figure below.
Important notice for WeOS Switches equipped with a con­sole port
See the User Guide of your specific product (section 1.5) for information on what Diagnostic Cable to use when connecting to the console port of your specific product.
Westermo OS Management Guide
Version 4.17.0-0
2. Terminal program: To communicate with the switch via the console port, you need to use a terminal emulation program on your PC, such as Hypertermi- nal. Ask your system administrator if you need help to install or configure your terminal emulation program.
The following settings should be used when connecting to the console port:
Console Port Parameter Setting
Data rate 115200 bits/s Data bits 8 Stop bits 1 Parity Off Flow control Off
3. Activating the console: When the switch has finished booting, you will be asked to press the Enter key on your keyboard to activate the console.
4. Logging in: Now you will be asked to enter a username and thereafter a password. For a switch using the factory default settings, use the following login username and password:
Login username: admin
Password: westermo
Below you see a sample printout when logging in on a WeOS switch. (The password is not ”echoed” back to the screen.)
Example
example login: admin Password: .--.--.--.-----.-----.------.-----.-.--.--------.-----. | | | | -__|__--|
\__/\__/|
Robust Industrial Data Communications -- Made Easy
\\/ Westermo WeOS v4.15.0 4.15.0 -- Jun 16 19:10 CEST 2014 Type: ’help’ for help with commands, ’exit’ to logout or leave a context.
example:/#>
_____._____
_ _
| |__| |
| -__|_| . . |
_____|__
| |__|__|__|
_
| http://www.westermo.com
_____
| info@westermo.se
5. Listing IP address: Use the CLI command ”show iface” to list information about network interfaces.
22
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
Example
example:/#> show iface Press Ctrl-C or Q(uit) to quit viewer, Space for next page, <CR> for next line.
Interface Name Oper Address/Length MTU MAC/PtP Address
---------------- ---- ------------------ ----- --------------------------­lo UP 127.0.0.1/8 16436 N/A vlan1 UP 192.168.2.200/24 1500 00:07:7c:10:de:e1
------------------------------------------------------------------------------
example:/#>
6. Changing IP address and netmask: To change the switch IP addressing mode (”static” instead of ”DHCP”), set a static address and netmask, and to skip secondary addresses, use CLI commands ”configure”, ”iface vlan1”, ”inet static”, ”address <IPV4ADDRESS/LEN>”, ”no address secondary” and ”end” as shown below. This example is based on the setup in step 1, and configures the switch with an address (192.168.55.100/24) on the same IP subnet as the PC.
169.254.145.230/16
Example
example:/#> configure example:/config/#> iface vlan1 example:/config/iface-vlan1/#> inet static example:/config/iface-vlan1/#> address 192.168.55.100/24 example:/config/iface-vlan1/#> no address secondary Remove all secondary IP addresses, are you sure (y/N)? y Removing all secondary IPs! example:/config/iface-vlan1/#> end example:/config/#> end
Stopping DHCP Clients ...................................... [ OK ]
Configuration activated. Remember "copy run start" to save to flash (NVRAM). example:/#> show iface Press Ctrl-C or Q(uit) to quit viewer, Space for next page, <CR> for next line.
Interface Name Oper Address/Length MTU MAC/PtP Address
---------------- ---- ------------------ ----- --------------------------­lo UP 127.0.0.1/8 16436 N/A vlan1 UP 192.168.55.100/24 1500 00:07:7c:10:de:e1
------------------------------------------------------------------------------
example:/#>
7. Set default gateway IP address: The figure below shows the same network setup, but with a router attached to the IP subnet.
With this setup you would like to configure a default gateway IP address to allow management of the switch from outside the local network. This
©
2015 Westermo Teleindustri AB 23
Westermo OS Management Guide
Version 4.17.0-0
can be achieved using CLI commands ”configure”, ”ip”, ”route default
192.168.55.1 <IPADDRESS>”, and ”end” as shown below.
Example
example:/#> configure example:/config/#> ip example:/config/ip/#> route default 192.168.55.1 example:/config/ip/#> end example:/config/#> end Configuration activated. Remember "copy run start" to save to flash (NVRAM). example:/#>
8. Save configuration: Although the configuration changes has been activated, the running configuration must be stored to the startup configuration. Oth­erwise the changes will be lost if the switch is rebooted.
Example
example:/#> copy running-config startup-config example:/#>
9. You are now done setting the IP address, subnet mask and default gateway of your switch. Logout from the CLI using the ”logout” command.
Further management of the switch can be performed via any of the available management tools - WeConfig, Web, SSH/Telnet/CLI or SNMP.
2.2.2.2 Accessing the CLI via SSH
Configuring the IP settings via SSH/CLI is very similar to configuring them via the console port. The major differences are:
The IP address of the PC must (temporarily) be changed in order to be able to communicate with the switch, i.e., the PC should have an address on network 192.168.2.0/24, e.g., 192.168.2.1/24.
After the IP settings have been changed on the switch, the PC is likely to loose contact with the switch. The PC must therefore change its IP address again, and login to the switch again in order to copy the running configura­tion to the startup configuration.
The steps to configure the IP settings via SSH/CLI are as follows:
1. Connect your PC to the switch: Connect your PC to the switch as shown in the figure below. In this example we assume the switch will get IP address
24
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Router IP address:
192.168.55.1
PC
Host with SSHv2 client. PC IP address and netmask known, e.g., IP address 192.168.55.35 and netmask 255.255.255.0
To Internet or
company Intranet
Router
Ethernet portsConsole
Switch with default IP setting:
Default gateway: Disabled
IP address: 192.168.2.200
Netmask: 255.255.255.0
Should get the following settings:
IP address: 192.168.55.100
Netmask: 255.255.255.0
Default gateway: 192.168.55.1
WeOS switch
Version 4.17.0-0
192.168.55.100, netmask 255.255.255.0 and default gateway 192.168.55.1.
2. Modifying IP Settings on PC: The IP settings on the PC must be updated to match the default settings on the switch, i.e., the PC should be assigned an IP address on the 192.168.2.0/24 network, e.g.,
3. Connecting and Logging in: When connecting via SSH you will be asked to
4
OpenSSH, http://www.openssh.com
5
Putty, http://www.chiark.greenend.org.uk/~sgtatham/putty/
©
2015 Westermo Teleindustri AB 25
PC IP address: 192.168.2.1
PC Netmask: 255.255.255.0
PC Default Gateway: Not needed
enter a username and thereafter a password. For a switch using the factory default settings, use the following login username and password:
Login username: admin
Password: westermo
The procedure to connect may vary slightly depending on what SSH client you are using. The example below show the connection procedure using Unix OpenSSH4. (On Windows one can use Putty5.)
Westermo OS Management Guide
Version 4.17.0-0
Example
user@pc:~$ ssh admin@192.168.2.200 The authenticity of host ’192.168.2.200 (192.168.2.200)’ can’t be established. RSA key fingerprint is 6d:0c:f3:d3:28:d6:d8:43:bc:69:f8:d0:d6:a2:27:87. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ’192.168.2.200’ (RSA) to the list of known hosts. admin@192.168.2.200’s password: .--.--.--.-----.-----.------.-----.-.--.--------.-----. | | | | -__|__--|
\__/\__/|
Robust Industrial Data Communications -- Made Easy
\\/ Westermo WeOS v4.15.0 4.15.0 -- Jun 16 19:10 CEST 2014 Type: ’help’ for help with commands, ’exit’ to logout or leave a context.
example:/#>
_____._____
4. Changing IP settings: The switch IP settings are changed with the same commands as described when accessing the CLI via the console port (sec-
tion 2.2.2.1). In this example we assign IP address, netmask and default
gateway.
_ _
| |__| |
| -__|_| . . |
_____|__
| |__|__|__|
_
| http://www.westermo.com
_____
| info@westermo.se
Example
example:/#> configure example:/config/#> iface vlan1 example:/config/iface-vlan1/#> inet static example:/config/iface-vlan1/#> address 192.168.55.100/24 example:/config/iface-vlan1/#> no address secondary Remove all secondary IP addresses, are you sure (y/N)? y Removing all secondary IPs! example:/config/iface-vlan1/#> end example:/config/#> ip example:/config/ip/#> route default 192.168.55.1 example:/config/ip/#> end example:/config/#> end
The configuration is now changed, but not yet saved to the startup config­uration. However, as the IP address is changed, the SSH connection will be broken.
5. Logging in again to save configuration: To login again, the PC’s IP settings must be changed again. In this case, we assume it is changed back to its original settings:
PC IP address: 192.168.55.35
PC Netmask: 255.255.255.0
PC Default Gateway: 192.168.55.1
26
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
We can then login again to copy the running configuration to startup config­uration.
Example
user@pc:~$ ssh admin@192.168.55.100 The authenticity of host ’192.168.55.100 (192.168.55.100)’ can’t be established. RSA key fingerprint is 6d:0c:f3:d3:28:d6:d8:43:bc:69:f8:d0:d6:a2:27:87. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ’192.168.55.100’ (RSA) to the list of known hosts. admin@192.168.55.100’s password: .--.--.--.-----.-----.------.-----.-.--.--------.-----. | | | | -__|__--|
\__/\__/|
Robust Industrial Data Communications -- Made Easy
\\/ Westermo WeOS v4.15.0 4.15.0 -- Jun 16 19:10 CEST 2014 Type: ’help’ for help with commands, ’exit’ to logout or leave a context.
example:/#> copy running-config startup-config example:/#>
_____._____
You are now done setting the IP address, subnet mask and default gateway of your switch. Logout from the CLI using the ”logout” command.
_ _
| |__| |
| -__|_| . . |
_____|__
| |__|__|__|
_
| http://www.westermo.com
_____
| info@westermo.se
Further management of the switch can be performed via any of the available management tools - WeConfig, Web, SSH/CLI or SNMP.
©
2015 Westermo Teleindustri AB 27
Westermo OS Management Guide
Version 4.17.0-0
Chapter 3

Overview of Management Methods

WeOS is managed and monitored using the following tools and interfaces:
WeConfig: is Westermo’s Network configuration management tool (NCM) made for commissioning and maintenance of components in a network. It replaces the former Westermo tool known as IPConfig. For further informa­tion on WeConfig’s features and how to use the tool, see the WeConfig User Guide[54].
Web: The WeOS Web interface provides management of essential features. The Web interface should satisfy the needs of all common use cases.
CLI: The WeOS Command Line Interface is an industry standard CLI, and provides the most complete management support. The CLI is intended for advanced users requiring fine grain control of the system.
In addition, WeOS provides device management via SNMP (v1/v2c/v3). A set of standard MIBs and the WeOS private MIB are supported, as described in chap-
ter 6.
28
©
2015 Westermo Teleindustri AB
Westermo OS Management Guide
Version 4.17.0-0
Task WeConfig Web CLI SNMP
Discover WeOS Devices X (X) (X) Set Device IP Address X X X X Upgrade firmware X X X Common management tasks X X X All management tasks X Secure management X X X
In the following sections the properties of the WeConfig tool, the Web Interface, and the CLI are presented further. These sections give information about what management tool to use for a specific need. For more information on SNMP we refer to chapter 6.
3.1 When to use the WeConfig tool
The Westermo configuration management tool, WeConfig, is used for basic con­figuration and maintenance of WeOS products. It is an ideal tool to upgrade
firmware and manage configuration files (backup and restore) of a large set of WeOS devices. With WeConfig you to scan, discover and draw maps of the WeOS
devices in your network, and you can also conduct some basic configuration of WeOS units, such as setting the IP address and the default gateway.
For further information on WeConfig’s features and how to use the tool, see the WeConfig User Guide[54].
3.2 When to use the Web Interface
The Web interface would be the management interface of choice for most users. The main advantages of the Web Interface are:
Easy to use: The Web management interface provides an easy to use method to manage the switch.
All common features: The web interface includes support for all essential management features, and should therefore meet the needs of most users.
Secure management: The web interface can be accessed via regular HTTP and secure HTTP (HTTPS). Secure management is also possible via the CLI (SSHv2) and and SNMP (SNMPv3).
©
2015 Westermo Teleindustri AB 29
Westermo OS Management Guide
Version 4.17.0-0
Discover other Westermo Switches: The Web contains a discovery service (IPconfig) similar to what WeConfig provides. (Note, you must still be able to login to one switch in order to make use of this service.)
To use the Web interface, you must know the IP address of your switch. To find out the switch IP address you may need to use the WeConfig tool1, but once you know it you can do the rest of the management via the Web interface.
The Web interface is introduced in chapter 4.
3.3 When to use the Command Line Interface (CLI)
The WeOS CLI aims to serve advanced users. Furthermore, the CLI is the only management tool which cannot be disabled.
Below we list the situations where the CLI is the most suitable management tool.
Complete set of management features: The CLI includes all the manage­ment features available on the switch. If you cannot accomplish your task with any of the other management tools, the CLI may provide the feature you need.
Discover other Westermo Switches: The CLI contains a discovery service similar to what WeConfig provides, but more rudimentary.
Note
You must still be able to login to one switch in order to make use of this service.
Secure management: To access the CLI you must either have physical ac­cess to the switch (console port), or use the Secure Shell (SSHv2) application to access the CLI remotely. Secure management is also possible via the Web interface (HTTPS) and SNMP (SNMPv3).
Configuration scripting: With a CLI it is possible to develop automatic con­figuration scripts, e.g., using the Expect automation and testing tool. Expect extensions exist for many common scripting languages (Ruby, Perl, Tcl).
As with the Web interface, you must know the IP address of your switch before you can access the CLI remotely via SSH (access via the console port is possible
1
For more information about finding the IP address of your switch we refer to the Getting Started
guide in chapter 2.
30
©
2015 Westermo Teleindustri AB
Loading...
+ 947 hidden pages