GigaX Series Layer 3 Managed Switch User Guide 1
Exxxx First Edition V1 March 2005 Copyright © 2005 ASUSTeK COMPUTER INC. All Rights Reserved. No part of this manual, including the products and software described in it, may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means, except documentation kept by the purchaser for backup purposes, without the express written permission of ASUSTeK COMPUTER INC. (ASUS).
GigaX Series L3 Managed Switch User Guide Federal Communications Commission Statement This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: • This device may not cause harmful interference, and • This device must accept any interference received including interference that may cause undesired operation. This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules.
ASUS contact information ASUSTeK COMPUTER INC. (Asia-Pacific) Address: General Tel: General Fax: Web Site: Technical Support MB/Others (Tel): Notebook (Tel): Desktop/Server (Tel): Networking (Tel): Support Fax: 150 Li-Te Road, Peitou, Taipei, Taiwan 112 +886-2-2894-3447 +886-2-2894-7798 www.asus.com.
GigaX Series L3 Managed Switch User Guide Table of Contents 1 2 3 4 Introduction............................................................................... 12 1.1 L3 managed features ..................................................... 12 1.2 Conventions used in this document ............................... 14 1.2.1 Notations......................................................... 14 1.2.2 Typography..................................................... 14 1.2.3 Symbols ........................
4.2.2 6 Commonly used buttons and icons.................31 4.3 System Pages ................................................................32 4.3.1 Management ...................................................32 4.3.2 IP Setup ..........................................................33 4.3.3 Administration .................................................34 4.3.4 Reboot.............................................................34 4.3.5 Firmware Upgrade ..........................................
GigaX Series L3 Managed Switch User Guide 4.8.2 4.9 Filter Attach..................................................... 68 Security .......................................................................... 70 4.9.1 Port Access Control ........................................ 70 4.9.2 Dial-In User..................................................... 72 4.9.3 RADIUS .......................................................... 73 4.10 Statistics Chart ..........................................................
7.1.2 nslookup........................................................120 7.2 Replacing defective fans ..............................................121 7.3 Simple fixes ..................................................................123 8 Glossary..................................................................................125 9 Index .......................................................................................
GigaX Series L3 Managed Switch User Guide List of Figures Figure 1. GigaX L3 managed switch package contents................ 15 Figure 2. Front panel ..................................................................... 16 Figure 3. Rear panel...................................................................... 18 Figure 4. Overview of Hardware Connections .............................. 21 Figure 5. Login and IP setup Screen............................................. 24 Figure 6.
Figure 26. Dynamic Address ...........................................................51 Figure 27. Static Address ................................................................53 Figure 28. Tagged VLAN.................................................................54 Figure 29. Default Port VLAN and CoS ...........................................55 Figure 30. CoS Queue Mapping......................................................56 Figure 31. DHCP Snooping ....................................
GigaX Series L3 Managed Switch User Guide Figure 55. Removing the fan module ............................................ 121 Figure 56. Detaching the fan from the module.............................. 122 List of Tables Table 1. Front panel labels and LEDs.......................................... 17 Table 2. Rear panel labels ........................................................... 18 Table 3. Technical specifications ................................................. 18 Table 4.
1 Introduction Congratulations on becoming the owner of the ASUS GigaX L3 managed switch! You may now manage your LAN (local area network) through a friendly and powerful user interface. This user guide tells you how to set up the GigaX L3 managed switch, and how to customize its configuration to get the most out of this product. 1.
GigaX Series L3 Managed Switch User Guide • MIB-II • Enterprise MIB for PSU, fan, and system temperature, voltage • Telnet or SSH remote login • FTP for firmware update and configuration backup • DHCP snooping support • Syslog support • Command Line Interpreter through console , telnet and SSH • Web GUI • LEDs for port link status • LEDs system, redundant power supply (RPS), and fan status 13
1.2 Conventions used in this document 1.2.1 Notations • Acronyms are defined the first time they appear in text and in the glossary. • For brevity, the GigaX switch is referred to as “the switch.” • The terms LAN and network are used interchangeably to refer to a group of Ethernet-connected computers at one site. 1.2.2 Typography • Italics are used to present the parameters for the command line interpreter.
GigaX Series L3 Managed Switch User Guide 2 Getting to know the GigaX 2.1 Package contents The GigaX switch package comes with the following items: • 24-port L3 managed switch • AC Power cord • Null modem cable for console interface (DB9) • Rack installation kit (two brackets with six #6-32 screws) • USB cable for console interface • Installation CD-ROM • Quick installation guide Figure 1.
2.2 Front Panel The front panel includes LED indicators that show the system, RPS, fan, and port status. Figure 2.
GigaX Series L3 Managed Switch User Guide Table 1.
2.3 Rear Panel The switch rear panel contains the ports for the data and power connections. Figure 3. Table 2. Rear panel Rear panel labels No. Label Description 1 Power Connector Connects to the supplied power cord 2 RPS Redundant Power Supply connector 3 FAN1 – FAN2 Replaceable system fans 2.4 Table 3. Technical specifications Technical specifications Physical Dimensions 43.5mm(H) X 444 mm(W) X 265mm(D) Power Input 100-240V AC/2.
GigaX Series L3 Managed Switch User Guide 3 Quick start guide This section provides the basic instructions to set up the GigaX environment. Refer also to the GigaX Series Installation Guide. Part 1 shows you how to install the GigaX on a flat surface or on a rack. Part 2 provides instructions to set up the hardware. Part 3 shows you how to configure basic settings on the GigaX.
3.2 Part 2 — Setting up the switch Connect the device to the power outlet, and your computer or network. See Figure 4. 3.2.1 Connect the console port For console management, use an RS232 (DB9) or a USB cable to connect the switch. If you want to use WEB interface, connect your PC to the switch using the Ethernet cable. 3.2.2 Connect to the computers or a LAN You can use Ethernet cable to connect computers directly to the switch ports.
GigaX Series L3 Managed Switch User Guide Console Management RPS RS-232 USB Cat 5 Ethernet cables Expansion hub/switch LAN computers Figure 4.
Table 4. LED Indicators No. LED Description 1 System Solid green indicates that the device is turned on. If this light is off, check if the power adapter if attached to the switch and plugged into a power source. 2 Switch ports Solid green indicates that the device can communicate with the LAN, or flashing when the device is sending or receiving data from your LAN computer. [1] to [26] 3 RPS Solid green indicates that the device has successfully installed an RPS module.
GigaX Series L3 Managed Switch User Guide 3. Make sure the settings of your terminal emulation software as follows: a) Choose the appropriate serial port number b) Set the data baud rate to 9600 c) Set the data format to no parity, 8 data bits and 1 stop bit d) No flow control e) Set VT1000 for emulation mode 4. After setting up the terminal, you can see the prompt “(ASUS)%” on the terminal. 5. Type “login” to access the command line interface. The default user name is “admin”.
Figure 5.
GigaX Series L3 Managed Switch User Guide 3.3.2 Setting up through the Web interface To successfully connect your PC to the switch, your PC must a valid IP in your network. Contact your network administrator to obtain a valid IP for the switch. If you wish to change the default IP address of the switch, follow section 3.3.1 to change the IP address. Since the switch does not support DHCP client function, a valid static IP for the switch is necessary to use Web interface. 1.
to enter Enter your user name and password, and then click the Configuration Manager. Use the following defaults the first time you log into this interface: Default User Name: Default Password: admin (no password) You can change the password at any time (see section 5.3.1 System Commands). 3. To setup a new IP address, click “System”, then “IP Setup” (see Figure 7). Fill in the IP address, network mask and default gateway, then click . 4.
GigaX Series L3 Managed Switch User Guide 4 Management with the Web Interface The switch provides Web pages that allow switch management through the Internet. The program is designed to work best with Microsoft Internet Explorer® 5.5, or later versions. NOTE: Netscape is not supported. 4.1 Log into Web user interface 1. From a PC, open your web browser, type the following in the web address (or location) box, and press : http://192.168.1.1 This is the factory default IP address for the switch.
The home page appears each time you log into the program. (See Figure 9.) Figure 9. 4.2 Home page Functional layout Typical web page consists of three separate frames. The top frame has a switch logo and front panel as shown in Figures 10. This frame remains on the top of the browser window all the times and updates the LED status periodically. See Table 4 for the LED definitions. See Table 5 for the color status description.
GigaX Series L3 Managed Switch User Guide Figure 10. Top Frame Table 5. Port color description Port Color Description Green port Ethernet link is established Black No Ethernet link Amber port Link is present but port is disabled manually or by spanning tree Clicking on the port icon of the switch displays the port configuration in the lower right frame. The left frame, a menu frame as shown in Figure 11, contains all the features available for switch configuration.
Figure 11.
GigaX Series L3 Managed Switch User Guide The above frame displays configuration pages or graphics for the statistics. See section 4.3 for details. 4.2.1 Menu navigation tips • To expand a group of related menus, click on the corresponding group name. The sign will change to after expansion. • To contract a group of related menus: click on the corresponding group name. The sign will appear next to the group name. • To open a specific configuration page, click on the desired menu item. 4.2.
4.3 System Pages System pages include management, IP setup, administration, reboot, and firmware update function. 4.3.1 Management The Management page contains the following information: Model Name: product name MAC Address: switch MAC address System Name: user assigned name to identify the system (editable) System Contact (editable) System Location (editable) To save any changes and make it effective immediately, click Use to refresh the setting, as shown in Figure 12. Figure 12. Management 32 .
GigaX Series L3 Managed Switch User Guide 4.3.2 IP Setup The switch supports only static IP assignment. The IP Setup page contains the following editable information: VLAN ID: Specify a VLAN ID to system management interface. It is necessary to be within the same VLAN for management usages. IP Address: Assign a static IP address to the switch management interface. Network Mask Default Gateway To save any changes and make it effective immediately, click Use .
4.3.3 Administration The Administration page allows you enable or disable the authentication for web user by password protection. The default setting for web access does not require any authentication. To save any changes and make it effective immediately, click . to refresh the setting, as shown in Figure 14. When you Use enable the password protection, you have to login again immediately. You can change the password at any time through the CLI interface. Figure 14. Administration 4.3.
GigaX Series L3 Managed Switch User Guide 4.3.5 Firmware Upgrade The Firmware page contains the following information: Hardware Version: shows the hardware revision number. Boot ROM Version: shows the version of the boot code Firmware Version: shows the current running firmware version. This number will be updated after the firmware update. Enter the firmware location into the firmware space directly, or click to choose the file name of the firmware from prompt window.
4.4 Physical Interface The Physical Interface displays the Ethernet port status in real time. You can configure the port in following fields: Port: select the port to configure Admin: disable/enable the port Mode: set the speed and duplex mode Flow Control: enable/disable 802.
GigaX Series L3 Managed Switch User Guide Figure 16.
4.5 Route This command group offers L3 interface and route entry configuration 4.5.1 Interfaces Generally, Layer 3/routed interfaces are used to route traffic between the VLAN, this is so-called inter-VLAN routing. That is, different VLANs exchange data with going through Layer 3 interfaces and need not an external router. This switch performs Layer 3 switching only for IP protocol.
GigaX Series L3 Managed Switch User Guide Select the corresponding interface and configure the interface parameters. To save any changes and make it effective . Use to refresh the setting. The immediately, click field you changed will update the content in the display window. By default, Layer 3 switching is disabled. You have to create and activate Layer 3 interface(s) before enable Layer 3 switching. Up to 32 Layer 3 interfaces can be created in this switch.
4.5.2 Static Route Static routing is the simplest form of network routing. It makes available to a switch/router to forward packets from predetermined ports through a predictable path into and out of a network. Static routing is solid, but does not address to the fluctuation in the network, therefore, it might result in destination net unreachable. To create a static route entry, you have to configure the following information: Destination: Input destination IP address.
GigaX Series L3 Managed Switch User Guide Figure 18. Static Route 4.5.3 RIP The Routing Information Protocol (RIP) is documented in RFC 1058, RFC 1388 and RFC 1723. In short, RIP is a distance-vector routing protocol that exchange routing information using UDP packets. RIP configuration includes the following information: RIP process: enable/disable. RIP advertisements are sent and received only when the RIP process is enabled. RIP version: v1/v2/both.
By default, RIP process is disabled and two of RIP Versions are assigned for the switch. All Layer 3 interfaces are classified as RIP enabled interfaces. Once the RIP process has been enabled, the current state of the active process will be displayed. You can click updated status. to refresh the Click to change the RIP interfaces setting. Click to make the setting effective. Figure 19. RIP 4.6 Bridge The Bridge page group contains most layer 2 configurations, like link aggregation, STP....etc..
GigaX Series L3 Managed Switch User Guide 4.6.1 Spanning Tree/Rapid Spanning Tree The configuration page for Spanning Tree Protocol can disable and enable the feature in runtime. This page consists of three parts. The first part shows the root information. It tells user the STP setting about the root switch. The second part is the STP setting. The following options are available: Disable/STP Enabled/RSTP Enabled: Turn the STP/RSTP off/on.
Point to Point: Auto/Yes/No. A full duplex link is considered as a point to point link. Otherwise, it is a shared link. Point to point link may have less convergence time. Auto is recommended in most cases. to effect the settings. Click Click the current value. to refresh the settings to Figure 20. Spanning Tree 4.6.2 Link Aggregation The page configures the link aggregation group (port trunking). The switch can have 6 link aggregation groups.
GigaX Series L3 Managed Switch User Guide Port Selection Criterion: the algorithm to distribute packets among the ports of the link aggregation group according to source MAC address, destination MAC address, source and destination MAC address, source IP address, destination IP address, or source and destination IP address. Name: the group name. Trunk ID: a number to identify the trunk group besides the group name. LACP: Enable/Disable LCAP on selected trunk. LACP mode is fixed to be Active.
aggregation could operate abnormally. • All the ports in the link aggregation group MUST have the same VLAN setting. • All the ports in the link aggregation group are treated as a single logical link. That is, if any member changes an attribute, the others will change too. For example, a trunk group consists of port 1 and 2. If the VLAN of port 1 changes, the VLAN of port 2 also changes with port 1. Figure 21. Link aggregation 4.6.
GigaX Series L3 Managed Switch User Guide Monitor Port: Receives the copies of all the traffics in the selected mirrored ports. GigaX 3024X has only one monitor port. The port can monitor 24 Fast Ethernet ports and two Gigabit ports. The monitor port can not belong to any link aggregation group. The monitor port can not operate as a normal switch port. It does not switch packets or do address learning. Click to make the setting send to the switch (HTTP server).
4.6.4 Static Multicast This page can add multicast addresses into the multicast table. The switch can hold up to 256 multicast entries. All the ports in the group will forward the specified multicast packets to other ports in the group. Show Group: selects “Add a new Group” to enter a new entry. Or select an existing group address to display MAC Address: selects the multicast address VLAN: selects the vlan group CoS: assigns the priority for Class of Service Click to make the setting effective.
GigaX Series L3 Managed Switch User Guide Figure 24. IGMP Snooping 4.6.6 Traffic Control Traffic control prevents the switch bandwidth from flooding packets including broadcast packets, multicast packets and the unicast packets because of destination address lookup failure. The limit number is a threshold to limit the total number of the checked type packets. For example, if broadcast and multicast are enabled, the total traffic amount for those two types will not exceed the limit value.
Figure 25. Traffic Control 4.6.7 Dynamic Addresses This page displays the result of dynamic MAC address lookup by port, VLAN ID, or specified MAC address. The dynamic address is the MAC address learned by switch, it will age out from the address table if the address is not learned again during the age time. User can set the age time by entering a valid number from 10 to 1,000,000 in seconds. Then click on to save the new age value.
GigaX Series L3 Managed Switch User Guide Figure 26.
4.6.8 Static Addresses You can add a MAC address into the switch address table. The MAC address added by this way will not age out from the address table. We call it static address. MAC Address: enter the MAC address VLAN ID: enter the VLAN ID that the MAC belongs Port Selection: select the port which the MAC belongs Discard: you can do packet filtering when the MAC address appears in the packets as destination address, source address, or either of them.
GigaX Series L3 Managed Switch User Guide Figure 27. Static Address 4.6.9 Tagged VLAN You can set up to 255 VLAN groups and show VLAN group in this page. There is a default VLAN created by the switch. It cannot be removed at all. This feature prevents the switch from malfunctions. You can remove any existed VLAN except the default VLAN. You can assign the port to be a tagged port or an untagged port by toggling the port button.
Figure 28.
GigaX Series L3 Managed Switch User Guide 4.6.10 Default Port VLAN and CoS Some VLAN tag related field settings for each port are included in this page. It includes: Port: select the port to configure PVID: port-based VLAN ID. Every untagged packet received from this port will be tagged with this VLAN group ID CoS (Class of Service) value: every untagged packet received from this port will be assigned to this CoS in the VLAN tagged Click on to change the content in the port list window.
4.6.11 CoS Queue Mapping The switch supports 4 egress queues for each port with a strict priority schedule. That is, each CoS value can map into one of the four queues. The queue 4 has the highest priority to transmit the packets. Click to save the configuration. To make the configuration effective, go to “Save Configuration” page, then click Figure 30. CoS Queue Mapping 4.6.
GigaX Series L3 Managed Switch User Guide to make the setting send to the switch. Click Click refresh the settings to current value. to Figure 31.
4.7 SNMP This group offers the SNMP configuration including Community Table, Host Table, and Trap Setting. To provide more secure management and access control, SNMPv3 is supported. 4.7.1 Community Table You can type different community names and specify whether the community has the privilege to do set action (write access) by checking the box. Click to refresh the page. to save the configuration permanently or Figure 32.
GigaX Series L3 Managed Switch User Guide 4.7.2 Host Table This page links host IP address to the community name that is entered in Community Table page. Type an IP address and select the community name from the drop-down list. Click permanently or to save the configuration to refresh the page. Figure 33.
4.7.3 Trap Setting By setting trap destination IP addresses and community names, you can enable SNMP trap function to send trap packets in different versions (v1 or v2c). Click to refresh the page. to save the configuration permanently or Figure 34. Trap Setting 4.7.4 VACM Group VACM (View-based Access Control Model) Group is used to configure the information of SNMPV3 VACM Group. Group Name: enter the security group name. Read View Name: enter the Read View Name that the Group belongs.
GigaX Series L3 Managed Switch User Guide Security level: enter the Security level Name that the Group belongs. Only NoAuth, AuthNopriv, AuthPriv can be chosen. Click on the when you create a new VACM group entry by the above information. Then you will see the new added entry shows in the group window. You can remove the existed group by selecting the entry with the mouse, then clicking on . The button updates the existed VACM Group entries. Click to save effective.
View Name: enter the security group name. View Type: enter the View Type that the View belongs. Included or Excluded when View Subtree matches the Oid in the SNMPv3 message. View Subtree: enter the View Subtree that the View belongs. The Subtree is the Oid to match the Oid in the SNMPv3 message. The match is good when the subtree is shorter than the Oid in the SNMPv3 message. View Mask: enter the View Mask that the View belongs.
GigaX Series L3 Managed Switch User Guide 4.7.6 USM User USM (User-based Security Model) User is used to configure the information of SNMPV3 USM User. Engine Id: enter the Engine Id that should match the ID in the Manager. Name: enter Name combined with Engine ID that should match the Name and Engine ID in the Manager. Auth Protocol: enter the Auth Protocol that Engine ID and Name belong. Only NoAuth, MD5, SHA1 can be chosen. If the NoAuth is chosen, there is no need to enter password.
Figure 37.
GigaX Series L3 Managed Switch User Guide 4.8 Filters The switch can filter certain traffic types according to packet header information from Layer 2 to Layer 4. Each filter set includes a couple of rules. You have to attach the filter set to certain ports to make the filter work. 4.8.1 Filter Set You can create a filter set by giving a name, ID and a mode of rules. The switch defines two modes of rules, one is MAC mode and the other is IP mode.
Figure 38. Filter Set The Filter Rule page provides options for rule modes, one is MAC rule (Figure 39) and the other is IP rule (Figure 40). If you did not enter the MAC address in the blank box, it means the rule doesn’t care the MAC value. In IP rule setup, you can enter any of the 5 types, source IP, destination IP, protocol, source application port and destination application port. The Action field determines if the packet should be dropped or forwarding when it matches the rule.
GigaX Series L3 Managed Switch User Guide Figure 39. Filter Rule in MAC mode Figure 40.
4.8.2 Filter Attach A filter set is idle if you did not attach it to any ingress or egress port. Use the Filter Attach page to attach a filter set to ingress and egress ports. Click to save the configuration. To make the configuration effective, go to the “Save Configuration” page, then click , or click on to refresh the page. To attach a filter set to ports: • Attach to all ports: the filter set applies to all the ports of the system.
GigaX Series L3 Managed Switch User Guide Figure 41.
4.9 Security The switch has the 802.1x port-based security feature. Only authorized hosts are allowed to access the switch port. Traffic is blocked for hosts failed to authenticate themselves. The authentication service is provided by a RADIUS server or the local database in the switch. The switch also supports dynamic VLAN assignment through 802.1x authentication process. The VLAN information for the users/ports should be configured in the authentication server properly before enabling this feature. 4.
GigaX Series L3 Managed Switch User Guide • Multi-host: If enabled, ALL hosts connected to the selected port are allowed to use the port if ONE of the hosts passed the authentication. If disabled, only ONE host among other hosts passed the authentication is allowed to use the port. • Authentication Control: If 'force_authorized' is selected, the selected port is forced authorized. Thus, traffic from all hosts is allowed to pass.
4.9.2 Dial-In User Dial-in User is used to define users in the local database of the switch. • User Name: New user name. • Password: Password for the new user. • Confirm Password: Enter the password again. • Dynamic VLAN: Specify the VLAN ID assigned to the 802.1x-authenticated clients. Click to add the new user. Click with the modifications. Click selected user. Click when you want to remove the to make the settings permanent. Click to refresh the settings to current value. Figure 43.
GigaX Series L3 Managed Switch User Guide 4.9.3 RADIUS In order to use external RADIUS server, the following parameters are required to be setup: • Authentication Server IP: The IP address of the RADIUS server. • Authentication Server Port: The port number for the RADIUS server is listening to. • Authentication Server Key: The key is used for communications between GigaX and the RADIUS server. • Confirm Authentication Key: Re-type the key entered above.
4.10 Statistics Chart The Statistics Chart pages provide network flow in different charts. You can specify the period time to refresh the chart. You can monitor the network traffic amount in different graphic chart by these pages. Most MIB-II counters are displayed in these charts. Click Refresh Rate to set the period for retrieving new data from the switch. You can differentiate the statistics or ports by selecting Color. Finally, click on Draw to let the browser to draw the graphic chart.
GigaX Series L3 Managed Switch User Guide Figure 45. Traffic comparison 4.10.2 Error Group Selecting the Port and display Color, then clicking Draw, the statistics window shows you all the discards or error counts for the specified port. The data is updated periodically. Figure 46. Error group 4.10.3 Historical Status You can display information for different ports and statistics items in this chart.
Figure 47.
GigaX Series L3 Managed Switch User Guide 4.11 Save Configuration To save configuration permanently, you have to click setting also takes effective after a successful save. . The Sometimes you may want to reset the switch configuration, you can click to reset the configuration file to factory default. Of course, a on system reboot will follow this restoration process. You will lose all the configurations when you choose to restore the factory default configurations. Figure 48.
5 Console Interface This chapter describes how to use console interface to configure the switch. The switch provides RS232 and USB connectors to connect your PC. Use a terminal emulator on your PC such as HyperTerminal and command line interpreter to configure the switch. You have to set up the terminal emulator with baud rate 9600, 8 bit data, no parity, and 1 stop bit, and no flow control. Once you enter CLI mode, type “?” will display all available command help messages.
GigaX Series L3 Managed Switch User Guide 5.1 Power On Self Test POST is executing during the system booting time. It tests system memory, LED and hardware chips on the switchboard. It displays system information as the result of system test and initialization. You can ignore the information until the prompt, “(ASUS)%”, appears (see Figure 49). Figure 49.
5.1.1 Boot ROM Command Mode During the POST process, you can enter a “Boot ROM Command” mode by pressing key as shown in Figure 50. Figure 50 shows dual images in the switch. One firmware is in Slot 0 and the other firmware is in Slot 1. The later version will be selected to boot the system automatically. Enter the “?” key to show the help messages for all available commands.
GigaX Series L3 Managed Switch User Guide 5.1.2 Boot ROM Commands Type “?” in the boot mode to display the valid commands list. Table 7. Boot ROM commands Command Parameters Usage Notes d Address [,length] Dump memory contents by giving address and length. p NONE Display current boot parameters g NONE Execute firmware, enter CLI mode b O or 1 or a Dual image support. You can choose the firmware to execute by giving a slot ID, or use “a” for auto select.
5.2 Login and Logout By typing “login” to enter the CLI mode, you have to give a valid user name and password. As the first time login, you can enter “admin” as the user name and bypass the password. For security reason, please change the user name and password after login. Once you forget the use name and password, you may contact ASUS support team or erase the whole configuration file in the Boot ROM Command mode. If you take the second choice, the whole system configuration is lost at the same time.
GigaX Series L3 Managed Switch User Guide [System Contact] Displays the detail information of contact about the switch. This is an RFC-1213 defined MIB object in System Group, and provides contact information on the managed node. CLI command : sys info contact If you put the contact description in the contact description field, the switch contact will change to the new one. [System Location] Displays the physical location of the switch.
[VLAN ID] Displays the VLAN ID for the switch. It is necessary to be within the same VLAN for management usages. CLI command: l3 interface vlan sw0 [IP Address] Displays the static IP address for the switch. This IP address is used for manageable purpose, i.e. network applications such as, http server, SNMP server, ftp server , telnet server and SSH server of the switch are all using this IP address.
GigaX Series L3 Managed Switch User Guide password (old password, no password by default): [Reboot] User can reboot the switch by issuing the reboot command. CLI command: sys reboot [Upload] No CLI command for this function. Refer to Boot ROM commands for this function. 5.3.2 Physical Interface Commands [Admin] [Enable/Disable] Displays the port admin status, allow user to turn the port on or off.
CLI command : sys l2 port retrieve 5.3.3 Route Commands [Show L3 Interfaces] Displays all L3 interfaces settings. CLI command : l3 interface show [Create L3 Interfaces] User can create a new L3 interface by specify an unique interface name, the interface type (VLAN, virtual interface or Port, routed port), and its type member (VLAN ID or port ID).
GigaX Series L3 Managed Switch User Guide [Add Static Route] Insert a static route entry into the routing table by giving the destination IP, gateway IP address, subnet mask and the metric. CLI command : l3 route static add [Delete Static Route] Delete a static route entry from the routing table. CLI command : l3 route static add [Display RIP status] Display current RIP status and its interfaces and routing information.
[RIP-disabled interfaces] You can specify an L3 interface as RIP-disabled interface if you do not want this interface to deal with any RIP message, either incoming or outgoing. CLI command : l3 rip interface remove 5.3.4 Bridge Commands [Spanning Tree is] [STP Enabled/ RSTP Enabled/ Disabled] Allows user to specify whether the switch participates in the Spanning Tree Protocol (STP/ RSTP).
GigaX Series L3 Managed Switch User Guide Port Path Cost (1..200000000):[old port Path Cost] Port EdgePort (yes/no):[old port EdgePort] Port Point-to-Point (yes/no/auto):[old port Point-to-Point] [Reload] Restores the previous saved settings from configuration file.
6: select port by source and destination IP CLI command: l2 trunk create [Add/Remove Trunk] Trunk group port members can be added to or removed from an existing trunk group. CLI command : l2 trunk add CLI command : l2 trunk remove [LACP Action] User can enable or disable LACP on a specific trunk group.
GigaX Series L3 Managed Switch User Guide CLI command : l2 mirror egress CLI command : l2 mirror remove [Reload] Restores the previous saved settings from configuration file. CLI command : l2 mirror retrieve [Show Multicast Group] Displays the static multicast groups that are presented in the multicast group table.
vlan id: [Reload] Restores the previous saved settings from configuration file. CLI command : l2 mcast retrieve [IGMP] [Enabled/Disabled] Layer 2 IGMP snooping can be started or terminated by user if necessary. CLI command : l2 igmp [Reload] Restores the previous saved settings from configuration file.
GigaX Series L3 Managed Switch User Guide [Aging Time] User can set the ARL(Address Resolution Logic) entries aging time by setting the aging time value. CLI command : l2 arl age [aging time value] [Query by Port] ARL entries existed in ARL table can be queried according to port number. CLI command : l2 arl port [Query by VLAN ID] ARL entries existed in ARL table can be queried according to VLAN ID.
[Reload] Restores the previous saved settings from configuration file. CLI command : l2 arl retrieve [Show VLAN] Displays the existing VLAN information of the switch. CLI command : l2 vlan show [Name] [VLAN ID] Allows user to config the VLAN settings. User may create a new VLAN by giving a unique VLAN ID, a VLAN description name, and its port member list, note that the port member here is indicated as tagged port member.
GigaX Series L3 Managed Switch User Guide [Retrieve] Restores the previous saved settings from configuration file. CLI command : l2 vlan retrieve [PVID] Sets the default VLAN for a port by giving a VLAN ID and its associated port member list. CLI command : l2 port vlan [CoS Value] Sets the Class of Service for a port by assigning it a priority (with range of 0-7) criteria value.
[Add/Remove Trusted Port] Allows user to add or remove specific ports for DHCP snooping. CLI command : l2 dhcpsnoop add CLI command : l2 dhcpsnoop remove [Retrieve] Restores the previous saved settings from configuration file. CLI command : l2 dhcpsnoop retrieve 5.3.5 SNMP [Community Name] [Set] A community entry contains a community description string and a set of privileges.
GigaX Series L3 Managed Switch User Guide CLI command : snmp community delete Allows user to delete a community entry from community table. Community entry (table index): This action will delete all hosts in community string with 'delete community'. Are you sure? (y/n):[y] [Retrieve] Restores the previous saved settings from configuration file.
Entry id (table index): [Retrieve] Restores the previous saved settings from configuration file. CLI command : snmp host retrieve [Trap Version] [v1/v2c] [Destination] [Community for Trap] A trap entry contains SNMP version (currently support version 1 and version 2c), a destination IP address and the remote community string.
GigaX Series L3 Managed Switch User Guide CLI command : snmp trap retrieve [Group Name] [Read View Name] [Write View Name] [Notify View Name] [Security Model] [Security level] A VACM (View-based Access Control Model) Group entry contains a group name, read view name, write view name, notify view name, security model, security level and context match.
Security Level [1/2/3](noauth/authnopriv/authpriv): (old security level) Context Match [0/1](inexact/exact): (old context match) Read View Name: (old read view name string) Write View Name: (old write view name string) Notify View Name: (old notify view name string) CLI command : snmp snmpv3 access delete Allows user to delete a VACM entry from VACM group.
GigaX Series L3 Managed Switch User Guide View Type[1/2](included/excluded): CLI command : snmp snmpv3 view set User can modify a VACM View entry in the table by reassigning its allowed view name, view type, view subtree and view mask.
CLI command : snmp snmpv3 usmuser add EngineId: Name: AuthProtocol [oid]: AuthPassword: Priv Protocol [oid]: Priv Password: CLI command : snmp snmpv3 usmuser set User can modify a USM User entry in the table by reassigning its allowed engine Id, name, auth protocol, auth password, priv protocol and priv password.
GigaX Series L3 Managed Switch User Guide 5.3.5 Filters Commands [New] Creates a new filter set with specifying a unique ACL ID and its description name. CLI command : filter set new [Remove] User can delete a filter set by indicating the ACL ID. CLI command : filter set delete [Edit] [Rule Mode] [MAC Rule] [Action] [Permit/Deny] [Source MAC] [Destination MAC] [Add] User can add a new MAC address rule associated to a filter set.
[Rule Mode] [IP Rule] [Action] [Permit/Deny] [Source IP] [Type/IP, Mask] [Destination IP] [Type/IP, Mask] [Source Port] [Type/Port] [Destination Port] [Type/Port] [Protocol] [ICMP/TCP/UDP/ANY] [Add] User can add a new IP rule associated to a filter set. These filter rule works with ICMP, TCP or UDP protocols with permit or deny options. User can also specify the IP address (source or destination) and port number of the filter rule using the CLI command dstip/srcip and dstport/srcport, respectively.
GigaX Series L3 Managed Switch User Guide CLI command : filter rule modify CLI command : filter rule dstmac CLI command : filter rule srcmac [Rule Mode] [IP Rule] [Action] [Permit/Deny] [Source IP] [Type/IP, Mask] [Destination IP] [Type/IP, Mask] [Source Port] [Type/Port] [Destination Port] [Type/Port] [Protocol] [ICMP/TCP/UDP/ANY] [Modify] Allow
[Rule Mode] [MAC Rule] [Action] [Permit/Deny] [Source MAC] [Destination MAC] [Delete] Allows user to delete the MAC filter rule. CLI command : filter rule delete [Rule Mode] [IP Rule] [Action] [Permit/Deny] [Source IP] [Type/IP, Mask] [Destination IP] [Type/IP, Mask] [Source Port] [Type/Port] [Destination Port] [Type/Port] [Protocol] [ICMP/TCP/UDP/ANY] [Delete] Allows user to delete the MAC filter rule.
GigaX Series L3 Managed Switch User Guide [Filter ID] Displays the filter configurations. CLI command : filter show [Ingress Port] Applies a filter set to an ingress port. CLI command : filter apply ingress [Egress Port] Applies a filter set to an egress port. CLI command : filter apply egress [Retrieve] Restores the previous saved settings from configuration file. CLI command : filter retrieve 5.3.
CLI command : security dot1x bridge authmeth [Quiet Period] Allows user to set up the quiet period. CLI command : security dot1x bridge quietperiod [Retransmission Time] Allows user to set up the retransmission time. CLI command : security dot1x bridge retxtime [Max Reauthentication Attempts] Allows user to set up the max number of the reauthentication attemps.
GigaX Series L3 Managed Switch User Guide CLI command : security dot1x retrieve [User Name] [Password] [Confirm Password] [Dynamic VLAN] Create users in the local database of the switch for 802.1x authentication. A user entry contains a user name, password and dynamic VLAN.
[Authentication Server IP] [Authentication Server Port] [Authentication Server Key] [Confirm Authentication Key] Allows user to config the RADIUS server IP, server port and server key .
GigaX Series L3 Managed Switch User Guide [Show Generating Status] Show the SSH key generating status. It will display “success” or “SSH keys generated fail” or “system is generating keys ...”.
Miscellaneous Commands sys uptime: show the time since the system boot up.
GigaX Series L3 Managed Switch User Guide 6 IP Addresses, Network Masks, and Subnets 6.1 IP Addresses This section pertains only to IP addresses for IPv4 (version 4 of the Internet Protocol). IPv6 addresses are not covered. This section assumes basic knowledge of binary numbers, bits, and bytes. For details on this subject, see Appendix 6. IP addresses, the Internet's version of telephone numbers, are used to identify individual nodes (computers or devices) on the Internet.
The first part of every IP address contains the network ID, and the rest of the address contains the host ID. The length of the network ID depends on the network's class (see following section). Table 7 shows the structure of an IP address. Table 8. IP address structure Field1 Field2 Class A Network ID Host ID Class B Network ID Class C Network ID Field3 Field4 Host ID Host ID Following are examples of valid IP addresses: Class A: 10.30.6.125 (network = 10, host = 30.6.125) Class B: 129.88.16.
GigaX Series L3 Managed Switch User Guide 6.1.2 Network classes The three commonly used network classes are A, B, and C. (There is also a class D but it has a special use beyond the scope of this discussion.) These classes have different uses and characteristics. Class A networks are the Internet's largest networks, each with room for over 16 million hosts. Up to 126 of these huge networks can exist, for a total of over 2 billion hosts.
6.2 Subnet masks A mask looks like a regular IP address, but contains a pattern of bits that tells what parts of an IP address are the network ID and what parts are the host ID: bits set to 1 mean "this bit is part of the network ID" and bits set to 0 mean "this bit is part of the host ID." Subnet masks are used to define subnets (what you get after dividing a network into smaller pieces). A subnet's network ID is created by "borrowing" one or more bits from the host ID portion of the address.
GigaX Series L3 Managed Switch User Guide The two extra bits in Field 4 can have four values (00, 01, 10, 11), so there are four subnets. Each subnet uses the remaining six bits in field4 for its host IDs, ranging from 0 to 63. Sometimes a subnet mask does not specify any additional network ID bits, and thus no subnets. Such a mask is called a default subnet mask. These masks are: Class A: Class B: Class C: 255.0.0.0 255.255.0.0 255.255.255.
7 Troubleshooting This section gives instructions for using several IP utilities to diagnose problems. A list of possible problems with suggestion actions is also provided. All the known bugs are listed in the release note. Read the release note before you set up the switch. Contact Customer Support if these suggestions do not resolve the problem. 7.1 Diagnosing problems using IP utilities 7.1.
GigaX Series L3 Managed Switch User Guide Figure 52. Using the ping utility If the target computer cannot be located, you will receive the message “Request timed out.” Using the ping command, you can test whether the path to the switch is working (using the pre-configured default LAN IP address 192.168.1.1) or another address you assigned. You can also test whether access to the Internet is working by typing an external address, such as that for www.yahoo.com (216.115.108.243).
7.1.2 nslookup You can use the nslookup command to determine the IP address associated with an Internet site name. You specify the common name, and the nslookup command looks up the name on your DNS server (usually located with your ISP). If that name is not an entry in your ISP’s DNS table, the request is then referred to another higher-level server, and so on, until the entry is found. The server then returns the associated IP address.
GigaX Series L3 Managed Switch User Guide 7.2 Replacing defective fans Turn off the power of the switch when you remove the fan module on the rear side of the switch. When any one of the switch fans (located on the rear panel) becomes defective, you can easily replace it following these steps. 1. Unlock the fan module by loosening the thumbscrew that secures it to the rear panel. Figure 54. Loosening the thumbscrew 2. Carefully pull the module out as shown. Figure 55.
3. Carefully pull the two power cables from the fan connectors. 4. Loosen the screws that secure the fan to the module. Remove the defective fan. Figure 56. Detaching the fan from the module 5. Fasten the new fan with the screws that you removed earlier. Make sure that the fan cable is near the bottom of the module. Follow the same steps to replace the other fan. 6. Connect the fan cables to the PCB. Make sure that the fan cables are connected to the correct fan connector.
GigaX Series L3 Managed Switch User Guide 7.3 Simple fixes The following table lists some common problems that you may encounter when installing or using the switch, and the suggested actions to solve the problems. Table 9. Troubleshooting Problem Suggested Action LEDs SYSTEM LED does not light up after the switch is turned on. Verify if the power cord is securely connected to the switch and a wall socket/power strip. RPS LED does not light up after a redundant power supply is attached. 1.
Problem Suggested Action Web Configuration Interface You forgot/lost your WEB Configuration Interface user ID or password. 1. If you have not changed the password from the default, try using “admin” as the user ID and bypassing password. Some pages do not display completely 1. Verify that you are using Internet Explorer v5.5 or later. Netscape is not supported. Support for Javascript® must be enabled in your browser. Support for Java® may also be required. 2.
GigaX Series L3 Managed Switch User Guide 8 Glossary 10BASE-T A designation for the type of wiring used by Ethernet networks with a data rate of 10 Mbps. Also known as Category 3 (CAT 3) wiring. See also data rate, Ethernet. 100BASE-T A designation for the type of wiring used by Ethernet networks with a data rate of 100 Mbps. Also known as Category 5 (CAT 5) wiring. See also data rate, Ethernet. 1000BASE-T A designation for the type of wiring used by Ethernet networks with a data rate of 1000 Mbps.
broadcast To send data to all computers on a network. download To transfer data in the downstream direction, i.e., from the Internet to the user. Ethernet The most commonly installed computer network technology, usually using twisted pair wiring. Ethernet data rates are 10 Mbps and 100 Mbps. See also 10BASE-T, 100BASE-T, twisted pair. filtering To screen out selected types of data, based on filtering rules. Filtering can be applied in one direction (ingress or egress), or in both directions.
GigaX Series L3 Managed Switch User Guide ICMP Internet Control Message Protocol An Internet protocol used to report errors and other network-related information. The ping command makes use of ICMP. IGMP Internet Group Management Protocol An Internet protocol that enables a computer to share information about its membership in multicast groups with adjacent routers. A multicast group of computers is one whose members have designated as interested in receiving specific content from the others.
IP address Internet Protocol address The address of a host (computer) on the Internet, consisting of four numbers, each from 0 to 255, separated by periods, e.g., 209.191.4.240. An IP address consists of a network ID that identifies the particular network the host belongs to, and a host ID uniquely identifying the host itself on that network. A network mask is used to define the network ID and the host ID.
GigaX Series L3 Managed Switch User Guide Mbps Abbreviation for Megabits per second, or one million bits per second. Network data rates are often expressed in Mbps. Monitor Also called “Roving Analysis”, allow you to attach a network analyzer to one port and use it to monitor the traffics of other ports on the switch. network A group of computers that are connected together, allowing them to communicate with each other and share resources, such as software, files, etc.
ping Packet Internet (or Inter-Network) Groper A program used to verify whether the host associated with an IP address is online. It can also be used to reveal the IP address for a given domain name. port A physical access point to a device such as a computer or router, through which data flows into and out of the device. protocol A set of rules governing the transmission of data. In order for a data transmission to work, both ends of the connection have to follow the rules of the protocol.
GigaX Series L3 Managed Switch User Guide STP Spanning Tree Protocol The bridge protocol to avoid packet looping in a complicate network. subnet A subnet is a portion of a network. The subnet is distinguished from the larger network by a subnet mask which selects some of the computers of the network and excludes all others. The subnet's computers remain physically connected to the rest of the parent network, but they are treated as though they were on a separate network. See also network mask.
TFTP Trivial File Transfer Protocol A protocol for file transfers, TFTP is easier to use than File Transfer Protocol (FTP) but not as capable or secure. Trunk Two or more ports are combined as one virtual port, also called as Link Aggregation. TTL Time To Live A field in an IP packet that limits the life span of that packet. Originally meant as a time duration, the TTL is usually represented instead as a maximum hop count; each router that receives a packet decrements this field by one.
GigaX Series L3 Managed Switch User Guide Web browser A software program that uses Hyper-Text Transfer Protocol (HTTP) to download information from (and upload to) web sites, and displays the information, which may consist of text, graphic images, audio, or video, to the user. Web browsers use Hyper-Text Transfer Protocol (HTTP). Popular web browsers include Netscape Navigator and Microsoft Internet Explorer. See also HTTP, web site, WWW.
9 Index 100BASE-T, 136 10BASE-T, 136 Administration page, 39 Attach page, 77 Default Port VLAN and CoS page, 64 download, 137 Dynamic Address Commands, 102 Binary numbers, 136 Dynamic Address page, 59 Bits, 136 Error Group page, 85 Boot Rom Command Mode, 90 Ethernet Boot Rom Commmands, 91 defined, 137 Bridge Commands, 96 Filter Attach Commands, 117 Bridge page, 47 Filter Set, 75 Broadcast, 137 Filter Set Commands, 113 CLI Commands, 92 Filtering rule, 137 Community Commands, 106 Filters Commands, 113, 11
GigaX Series L3 Managed Switch User Guide Host, 137 troubleshooting, 134 Host ID, 123 Link Aggregation page, 50 Host Table Commands, 107, 109 Login and Logout, 92 Host Table page, 68 MAC addresses, 139 HTTP, 138 Management page, 35 ICMP, 138 Mask. See Network mask IGMP, 138 Mbps, 140 IGMP Snooping, 138 , 99 IGMP Snooping page, 57 Mirroring page, 53 Internet, 138 Multicast Commands, 100 troubleshooting access to, 134 Network.
recovering, 135 Physical Interface Commands, 95 Physical Interface page, 42 Ping, 128, 141 Port, 141 POST, 89 Power adapter, 23 Power On Self Test, 89 Protocol, 141 Quick Configuration console logging in, 25 Reboot page, 40 Remote, 141 RJ-45, 141 Routing, 142 RPS module, 23 Save Configuration page, 87 Set page, 74 SNMP, 142 SNMP Commands, 106 136 SNMP pages, 67 Spanning Tree Commands, 96 Spanning Tree page, 47 Static Address Commands, 102 Static Address page, 60 Static Multicast page, 56 Statistics Chart
GigaX Series L3 Managed Switch User Guide Trap Setting page, 69 WAN, 144 Troubleshooting, 128 Web browser, 144 Trunk, 143 Web function layout, 33 Trunk Commands, 97 Web Interface, 27 TTL, 143 Web page, 144 Twisted pair, 143 Web site, 144 Upstream, 144 Web top frame, 33 Username World Wide Web, 145 default, 28, 31 137
