User Manual
Table Of Contents
- 16-Port Gigabit (Hi-Power) PoE+ Ethernet Smart Managed Pro Switch with 2 SFP Ports and Cloud Management
- Contents
- 1 Get Started
- Available publications
- Switch management options and default management mode
- Manage the switch by using the device UI
- About on-network and off-network access
- Access the switch on-network and connected to the Internet
- Use a Windows-based computer to access the switch on-network and connected to the Internet
- Use the NETGEAR Insight mobile app to discover the IP address of the switch
- Use the NETGEAR Switch Discovery Tool to discover the switch when it is connected to the Internet
- Discover the switch in a network with a DHCP server using the Smart Control Center
- Use other options to discover the switch IP address
- Access the switch on-network and connected to the Internet when you know the switch IP address
- Access the switch off-network and not connected to the Internet
- Credentials for the device UI
- Register the switch
- Change the language of the device UI
- Change the management mode of the switch
- Use the Device View of the device UI
- Configure interface settings
- Access the NETGEAR support website
- Access the user manual online
- 2 Configure System Information
- View or define switch system information
- Configure the switch IP address settings
- Configure the IPv6 network interface
- Configure the time settings
- Configure Denial of Service settings
- Configure the DNS settings
- Configure green Ethernet settings
- Use the Device View
- Configure Power over Ethernet
- Configure SNMP
- Configure LLDP
- Configure DHCP snooping
- Set up PoE timer schedules
- 3 Configure Switching
- Configure the port settings and maximum frame size
- Configure link aggregation groups
- Configure VLANs
- Configure a voice VLAN
- Configure Auto-VoIP
- Configure Spanning Tree Protocol
- Configure multicast
- Manage IGMP snooping
- Configure IGMP snooping
- Configure IGMP snooping for interfaces
- View, search, or clear the IGMP snooping table
- Configure IGMP snooping for VLANs
- Modify IGMP snooping settings for a VLAN
- Disable IGMP snooping on a VLAN
- Configure one or more IGMP multicast router interfaces
- Configure an IGMP multicast router VLAN
- IGMP snooping querier overview
- Configure an IGMP snooping querier
- Configure an IGMP snooping querier for a VLAN
- Display the status of the IGMP snooping querier for VLANs
- View, search, and manage the MAC address table
- Configure Layer 2 loop protection
- 4 Configure Quality of Service
- 5 Manage Device Security
- Change the device admin password for the device UI
- Manage the RADIUS settings
- Configure the TACACS+ settings
- Manage the Smart Control Center
- Configure management access
- Control access with profiles and rules
- Configure port authentication
- Set up traffic control
- Configure access control lists
- Use the ACL Wizard to create a simple ACL
- Configure a MAC ACL
- Configure MAC ACL rules
- Configure MAC bindings
- View or delete MAC ACL bindings in the MAC binding table
- Configure a basic or extended IPv4 ACL
- Configure rules for a basic IPv4 ACL
- Configure rules for an extended IPv4 ACL
- Configure an IPv6 ACL
- Configure rules for an IPv6 ACL
- Configure IP ACL interface bindings
- View or delete IP ACL bindings in the IP ACL binding table
- Configure VLAN ACL bindings
- 6 Monitor the System
- 7 Maintain or Troubleshoot the Switch
- A Configuration Examples
- B Specifications and Default Settings
16-Port Gigabit (Hi-Power) PoE+ Ethernet Smart Managed Pro Switch with 2 SFP Ports
Manage Device Security User Manual285
• Unauthenticated VLAN ID. Specify the VLAN ID of the unauthenticated VLAN for the
selected port. The range is from 0 to 4093. The default value is 0. Hosts that fail the
authentication might be denied access to the network or placed on a VLAN created
for unauthenticated clients. This VLAN might be configured with limited network
access.
• Periodic Reauthentication. Select Enable to allow periodic reauthentication of the
supplicant for the specified port. If you select Disable, connected clients are not
forced to reauthenticate periodically
.
The default is Disable.
• Reauthentication Period.
Specify
the time in seconds after which reauthentication of
the supplicant occurs. The reauthentication period must be a value in the range from
1 to 65535. The default value is 3600 seconds.
• Quiet Period. Specify the time in seconds that the port remains in the quiet state
following a failed authentication exchange. While in the quite state, the port does not
attempt to acquire a supplicant. The quite state period must be
a value in the range
from 0 to 65535. A value of 0 means that the port remains in the quiet state and never
attempts to acquire a supplicant. The default value is 60 seconds.
• Resending EAP. Specify the EAP retransmit period for the selected port.
The
transmit period is the time in seconds, after which an EAPoL EA
P Request/Identify
frame is resent to the supplicant. The retransmit period must be a value in the range
from 1 to 65535. The default value is 30 seconds.
• MAX EAP Requests.
Specify
the maximum number of EAP requests for the selected
port. The value is the maximum number of times an EAPoL EAP Request/Identity
message is retransmitted before the supplicant times out. The maximum number of
EAP requests must be a value in the range from 1 to 10. The default value is 2.
• Supplicant Timeout. Specify the supplicant time-out for the selected port.
The
supplicant time-out is the time in seconds after which the supplicant times out.
The
supplicant time-out period must be a value in the range from 1 to 65535. The default
value is 30 seconds.
• Server Timeout. Specify the time in seconds that elapses before the switch resends
a request to the authentication server
.
The server time-out period must be a value in
the range from 1 to 65535. The default value is 30 seconds.
10. Click the Apply button.
Your settings are saved.
The following table describes the port authentication status information available on the
page.
Table 51. Port authentication status information
Field Description
Control Direction The control direction for the specified port, which is always Both. The control
direction dictates the degree to which protocol exchanges take
place between
supplicant and authenticator.The unauthorized controlled port exerts control over
communication in both directions (disabling both incoming and outgoing frames).
Protocol Version The protocol version associated with the selected port. The only possible value
is 1, corresponding to the first version of the 802.1X specification.