GS752TXS Smart Switch Software Administration Manual 350 East Plumeria Drive San Jose, CA 95134 USA July 2011 202-10865-01 v1.
GS752TXS Smart Switch Software Administration Manual ©2011 NETGEAR, Inc. All rights reserved No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of NETGEAR, Inc. Technical Support Thank you for choosing NETGEAR.
Table of Contents Chapter 1 Getting Started Getting Started with the GS752TXS Smart Switch . . . . . . . . . . . . . . . . . . Switch Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Connecting the Switch to the Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . Switch Discovery in a Network with a DHCP Server . . . . . . . . . . . . . . . . . Switch Discovery in a Network without a DHCP Server . . . . . . . . . . . . . .
GS752TXS Smart Switch Software Administration Manual Neighbors Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 Services — DHCP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Global Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76 Binding Configuration . . . . . . . . . . . . . . . . .
GS752TXS Smart Switch Software Administration Manual MST Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 STP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 MFDB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 Auto-Video . . . . . . . . .
GS752TXS Smart Switch Software Administration Manual Chapter 7 Managing Device Security Management Security Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191 Change Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191 RADIUS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192 Configuring TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
GS752TXS Smart Switch Software Administration Manual System Logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260 Memory Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260 FLASH Log Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 Server Log Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263 Trap Logs . . . . . . . . . . . . . . . . . . . .
GS752TXS Smart Switch Software Administration Manual Class. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .299 DiffServ Traffic Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .299 Creating Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .300 DiffServ Example Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .301 802.1X . . . . . . . . . . . . . . . . . . . . . .
1. Getting Started 1 The NETGEAR® GS752TXS Smart Switch Software Administration Manual describes how to configure and operate the GS752TXS Smart Switch by using the Web-based graphical user interface (GUI). This manual describes the software configuration procedures and explains the options available within those procedures.
GS752TXS Smart Switch Software Administration Manual Note: Refer to the release notes for the GS752TXS Smart Switch for information about issues and workarounds. Getting Started with the GS752TXS Smart Switch This chapter provides an overview of starting your NETGEAR GS752TXS Smart Switch and accessing the user interface. It also leads you through the steps to use the Smart Control Center utility.
GS752TXS Smart Switch Software Administration Manual Switch Management Interface The NETGEAR GS752TXS Smart Switch contains an embedded Web server and management software for managing and monitoring switch functions. The GS752TXS functions as a simple switch without the management software. However, you can use the management software to configure more advanced features that can improve switch efficiency and overall network performance.
GS752TXS Smart Switch Software Administration Manual Connecting the Switch to the Network To enable remote management of the switch through a Web browser or SNMP, you must connect the switch to the network and configure it with network information (an IP address, subnet mask, and default gateway). The switch has a default IP address of 192.168.0.239 and a default subnet mask of 255.255.255.0.
GS752TXS Smart Switch Software Administration Manual Switch Discovery in a Network with a DHCP Server This section describes how to set up your switch in a network that has a DHCP server. The DHCP client on the switch is enabled by default. When you connect it to your network, the DHCP server will automatically assign an IP address to your switch. Use the Smart Control Center to discover the IP address automatically assigned to the switch.
GS752TXS Smart Switch Software Administration Manual 6. Make a note of the displayed IP address assigned by the DHCP server. You will need this value to access the switch directly from a Web browser (without using the Smart Control Center). 7. Select your switch by clicking the line that displays the switch, then click the Web Browser Access button. The Smart Control Center displays a login window. Use your Web browser to manage your switch. The default password is password.
GS752TXS Smart Switch Software Administration Manual Switch Discovery in a Network without a DHCP Server This section describes how to use the Smart Control Center to set up your switch in a network without a DHCP server. If your network has no DHCP service, you must assign a static IP address to your switch. If you choose, you can assign it a static IP address, even if your network has DHCP service. To assign a static IP address: 1. Connect the switch to your existing network. 2.
GS752TXS Smart Switch Software Administration Manual 8. Enter the static switch IP address, gateway IP address, and subnet mask for the switch, and then type your password. Tip: You must enter the current password every time you use the Smart Control Center to update the switch setting. The default password is password. 9. Click Apply to configure the switch with the network settings. Please ensure that your PC and the switch are in the same subnet. Make a note of these settings for later use.
GS752TXS Smart Switch Software Administration Manual WARNING! When you change the IP address of your administrative system, you will loose your connection to the rest of the network. Be sure to write down your current network address settings before you change them. To modify the network settings on your administrative system: 1. On your PC, access the MS Windows operating system TCP/IP Properties. 2. Set the IP address of the administrative system to an address in the 192.168.0.0 network, such as 192.168.
GS752TXS Smart Switch Software Administration Manual Web Access To access the GS752TXS management interface, use one of the following methods: • From the Smart Control Center, select the switch and click Web Browser Access. • Open a Web browser and enter the IP address of the switch in the address field. You must be able to ping the IP address of the GS752TXS management interface from your administrative system for Web access to be available.
GS752TXS Smart Switch Software Administration Manual Smart Control Center Utilities In addition to device discovery and network address assignment, the Smart Control Center includes several maintenance features.
GS752TXS Smart Switch Software Administration Manual Changing the Switch Password 1. Select the switch. 2. Click Change Password. Additional fields appear on the screen. 3. Type the switch password in the Current Password field. The default password for the switch is password. 4. Type the new password in the New Password and Confirm Password fields. The password can contain up to 20 ASCII characters. Click Apply to update the switch with the new password.
GS752TXS Smart Switch Software Administration Manual 4. Click OK. 5. Enter the switch password and click Apply. The file is uploaded to the administrative computer as a *.cfg file. You can open it and view the contents with a text editor. To restore the configuration to a previously saved version: 1. Click the Maintenance tab and select the device with the configuration to restore. 2. Click Download Configuration. 3.
GS752TXS Smart Switch Software Administration Manual 5. Enter the switch password and click Apply to begin the download process. Note: Click the Tasks tab to view status information about the configuration download. Firmware Upgrade The application software for the GS752TXS Smart Switch is upgradeable, enabling your switch to take advantage of improvements and additional features as they become available. The upgrade procedure and the required equipment are described in this section.
GS752TXS Smart Switch Software Administration Manual Note: NETGEAR recommends that you download the same image as the primary and secondary image for redundancy. 3. From the Select new firmware window that appears, navigate to and select the firmware image to download to the switch. 4. Click Open. You can choose to schedule a later time to complete the download and installation by clearing the Run Now? option and selecting a date and time to perform the firmware download and installation.
GS752TXS Smart Switch Software Administration Manual Viewing and Managing Tasks From the Tasks tab, you can view information about configuration downloads and firmware upgrades that have already occurred, are in progress, or are scheduled to take place at a later time. You can also delete or reschedule selected tasks. Figure 3 shows the Tasks page. Figure 3.
GS752TXS Smart Switch Software Administration Manual Understanding the User Interfaces The GS752TXS Smart Switch software includes a set of comprehensive management functions for configuring and monitoring the system by using one of the following methods: • Web user interface • Simple Network Management Protocol (SNMP) Each of the standards-based management methods allows you to configure and monitor the components of the GS752TXS Smart Switch software.
GS752TXS Smart Switch Software Administration Manual Navigation Tab Feature Link Help Link Logout Button Help Page Page Menu Configuration Status and Options Figure 4. Administrative Page Layout Navigation Tabs, Feature Links, and Page Menu The navigation tabs along the top of the Web interface give you quick access to the various switch functions. The tabs are always available and remain constant, regardless of which feature you configure.
GS752TXS Smart Switch Software Administration Manual Page Link Configuration Pages Figure 5. Menu Hierarchy Configuration and Status Options The area directly under the feature links and to the right of the page menu displays the configuration information or status for the page you select. On pages that contain configuration options, you can input information into fields or select options from drop-down menus.
GS752TXS Smart Switch Software Administration Manual has occurred on the port, or red indicates that the link is disabled. Gray is applicable for port 51 and 52, indicates that the port is working in stack mode. The LED of the port speed illuminates either green or yellow.
GS752TXS Smart Switch Software Administration Manual If you click the graphic, but do not click a specific port, the main menu appears, as the following figure shows. This menu contains the same option as the navigation tabs at the top of the page.
GS752TXS Smart Switch Software Administration Manual Help Page Access Every page contains a link to the online help , which contains information to assist in configuring and managing the switch. The online help pages are context sensitive. For example, if the IP Addressing page is open, the help topic for that page displays if you click Help. Figure 4 on page 26 shows the location of the Help link on the Web interface.
GS752TXS Smart Switch Software Administration Manual Interface Naming Convention The GS752TXS Smart Switch supports physical and logical interfaces. Interfaces are identified by their type and the interface number. All the physical ports 1–48 are Gigabit ports and Port 49–52 are SFP+ ports that support both 10G and 1000M mode. The number of the port is identified on the front panel. You can configure the logical interfaces by using the software.
2. Configuring System Information 2 Use the features in the System tab to define the switch’s relationship to its environment. The System tab contains links to the following features: • Management on page 33 • SNMP on page 59 • LLDP on page 64 • Services — DHCP Snooping on page 75 Management This section describes how to display the switch status and specify some basic switch information, such as the management interface IP address, system clock settings, and DNS information.
GS752TXS Smart Switch Software Administration Manual To define system information: 1. Open the System Information page. 2. Define the following fields: • System Name. Enter the name you want to use to identify this switch. You may use up to 31 alphanumeric characters. The factory default is blank. • System Location. Enter the location of this switch. You may use up to 31 alphanumeric characters. The factory default is blank. • System Contact. Enter the contact person for this switch.
GS752TXS Smart Switch Software Administration Manual Field Description Date & Time The current date and time. System Up Time Displays the number of days, hours, and minutes since the last system restart. Base MAC Address The universally assigned network address. Model Name The model name of the switch. Boot Version The boot code version of the switch. Software Version The software version of the switch.
GS752TXS Smart Switch Software Administration Manual Click Refresh to refresh the screen with most recent data. The following table describes the status information the Slot Information displays. Field Description Slot Identifies the slot using the format unit/slot. Status Displays whether the slot is empty or full. Administrative State Displays whether the slot is administratively enabled or disabled. Power State Displays whether the slot is powered on or not.
GS752TXS Smart Switch Software Administration Manual IP Configuration Use the IP Configuration page to configure network information for the management interface, which is the logical interface used for in-band connectivity with the switch through any of the switch's front-panel ports. The configuration parameters associated with the switch's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.
GS752TXS Smart Switch Software Administration Manual 3. Specify the VLAN ID for the management VLAN. The management VLAN is used to establish an IP connection to the switch from a workstation that is connected to a port in the same VLAN. If not specified, the active management VLAN ID is 1 (default), which allows an IP connection to be established through any port. When the management VLAN is set to a different value, an IP connection can be made only through a port that is part of the management VLAN.
GS752TXS Smart Switch Software Administration Manual To access the switch over a IPv6 network, you must initially configure the switch with IPv6 information (IPv6 prefix, prefix length, and default gateway).
GS752TXS Smart Switch Software Administration Manual 7. EUI64. Specify whether format IPv6 address in EUI-64 format. The default value is False. 8. Click Add to add a new IPv6 address in global format. 9. Click DELETE to delete a selected IPv6 address. 10. Click Apply to apply the changes to the system. Update the switch with the values on the screen. If you want the switch to retain the new values across a power cycle, you must perform a save. 11.
GS752TXS Smart Switch Software Administration Manual • Delay. More than ReachableTime milliseconds have elapsed since the last positive confirmation was received that the forward path was functioning properly. A packet was sent within the last DELAY_FIRST_PROBE_TIME seconds. If no reachability confirmation is received within DELAY_FIRST_PROBE_TIME seconds of entering the DELAY state, send a neighbor solicitation message and change the state to PROBE. • Probe.
GS752TXS Smart Switch Software Administration Manual Polling for Unicast information is used for polling a server for which the IP address is known. SNTP servers that have been configured on the device are the only ones that are polled for synchronization information. T1 through T4 are used to determine server time. This is the preferred method for synchronizing device time because it is the most secure method.
GS752TXS Smart Switch Software Administration Manual When the Clock Source is set to Local, the Time Zone field is grayed out (disabled): 4. Click Apply to send the updated configuration to the switch. Configuration changes occur immediately. To configure the time through SNTP: 1. From the Clock Source field, select SNTP. When the Clock Source is set to SNTP, the Date and Time fields are grayed out (disabled). The switch gets the date and time from the network. 2.
GS752TXS Smart Switch Software Administration Manual Field Description Last Attempt Status Specifies the status of the last SNTP request or unsolicited message for both unicast mode. If no message has been received from a server, a status of Other is displayed. These values are appropriate for all operational modes: • Other: None of the following enumeration values. • Success: The SNTP operation was successful and the system time was updated.
GS752TXS Smart Switch Software Administration Manual To configure a new SNTP Server: 1. Enter the appropriate SNTP server information in the available fields: • Server Type. Specifies whether the address for the SNTP server is an IP address (IPv4) or hostname (DNS). • Address. Enter the IP address or the hostname of the SNTP server. • Port. Enter a port number on the SNTP server to which SNTP requests are sent. The valid range is 1–65535. The default is 123. • Priority.
GS752TXS Smart Switch Software Administration Manual Field Description Address Specifies all the existing Server Addresses. If no Server configuration exists, a message saying “No SNTP server exists” flashes on the screen. Last Update Time Specifies the local date and time (UTC) that the response from this server was used to update the system clock. Last Attempt Time Specifies the local date and time (UTC) that this SNTP server was last queried.
GS752TXS Smart Switch Software Administration Manual have a size greater than this configured Max ICMPv4 Pkt Size. Its range is (0 to 16376). The default value is 512. • Denial of Service ICMPv6: Enabling ICMPv6 DoS prevention causes the switch to drop ICMPv6 packets that have a type set to ECHO_REQ (ping) and a size greater than the configured ICMPv6 Pkt Size. The factory default is disabled. • Denial of Service Max ICMPv6 Packet Size: Specify the Max IPv6 ICMP Pkt Size allowed.
GS752TXS Smart Switch Software Administration Manual Auto-DoS Configuration The Auto-DoS Configuration page lets you automatically enable all the DoS features available on the switch, except for the L4 Port attack. See the previous section for information about the types of DoS attacks the switch can monitor and block. To access the Auto-DoS Configuration page, click System Management Denial of Service Auto-DoS Configuration. To configure the Auto-DoS feature: 1.
GS752TXS Smart Switch Software Administration Manual To configure individual DoS settings: 1. Select the types of DoS attacks for the switch to monitor and block and configure any associated values, as the following list describes. • Denial of Service Min TCP Header Size: Specify the Min TCP Hdr Size allowed. If DoS TCP Fragment is enabled, the switch will drop these packets: • First TCP fragments that has a TCP payload: IP_Payload_Length IP_Header_Size < Min_TCP_Header_Size. Its range is (0 to 255).
GS752TXS Smart Switch Software Administration Manual receiving fragmented IP packets. Otherwise, switch ignores the first fragment IP packages.The factory default is disabled. • Denial of Service ICMP Fragment: Enabling ICMP Fragment DoS prevention causes the switch to drop ICMP Fragmented packets. The factory default is disabled. • Denial of Service SIP=DIP: Enabling SIP=DIP DoS prevention causes the switch to drop packets that have a source IP address equal to the destination IP address.
GS752TXS Smart Switch Software Administration Manual To access this page, click System Management DNS DNS Configuration. To configure the global DNS settings: 1. Specify whether to enable or disable the administrative status of the DNS Client. • Enable. Allow the switch to send DNS queries to a DNS server to resolve a DNS domain name. The DNS is enabled by default. • Disable. Prevent the switch from sending DNS queries. 2. Enter the DNS default domain name to include in DNS queries.
GS752TXS Smart Switch Software Administration Manual To add a static entry to the local DNS table: 1. Specify the static host name to add. Enter up to 158 characters. 2. Specify the IP address in standard IPv4 dot notation to associate with the hostname. 3. Click Add. The entry appears in the list below. 4. To remove an entry from the static DNS table, select the check box next to the entry and click Delete. 5.
GS752TXS Smart Switch Software Administration Manual Green Ethernet Configuration Use this page to configure Green Ethernet features. Using the Green Ethernet Configuration features allows for power consumption savings. To access this page, click System Management Green Ethernet Green Ethernet Configuration. To configure the Green Ethernet Configuration feature: 1. Enable or disable the Auto Power Down Mode. • Enable.
GS752TXS Smart Switch Software Administration Manual 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Green Ethernet Interface Configuration Use this page to configure Green Ethernet Interface Configuration feature. Using this features allows for proper port configuration and the ability to enable or disable the Auto Power Down, Short Cable, and EEE Modes.
GS752TXS Smart Switch Software Administration Manual • EEE Mode - This object determines whether or not Energy Efficient Ethernet (EEE) from green feature is enabled for particular port. The EEE and the Short Cable modes are not supposed to be active simultaneously. 2. Click Apply to apply the change to the system. Configuration changes take effect immediately. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
GS752TXS Smart Switch Software Administration Manual • Cumulative Energy Saved on this port due to Green Mode(s) (Watts * Hours) This shows the energy savings per port, per hour. • Energy Detect Admin Mode - Select Enable or Disable to enter this mode. • Operational Status - This shows the Green Mode operational status, either Inactive or Active. • Reason - This shows the Admin status, either Admin Down or Admin Up. • Short Reach Admin Mode - Select Enable or Disable enter Short Reach Admin Mode.
GS752TXS Smart Switch Software Administration Manual • Remote Tw_sys_tx Echo (uSec) - This shows the time duration of the Remote Tw_sys_tx Echo on the port. • Remote Tw_sys_rx (uSec) - This shows the time duration of the Remote Tw_sys_rx on the port. • Remote Tw_sys_rx Echo (uSec) - This shows the time duration of the Remote Remote Tw_sys_rx Echo on the port. • Remote Fallback Tw_sys (uSec) - This shows the time duration of the Remote Remote Fallback Tw_sys on the port.
GS752TXS Smart Switch Software Administration Manual • Green Features supported on this unit - This shows the which feature(s) are supported on this unit. • Interface - Use this to select the interface to be displayed or configured. • Energy Detect Admin Mode - Select Enable or Disable to enter Energy Detect Admin Mode. • Energy Detect Operational Status - This shows if the Energy Detect Operational Status is either Active or Inactive.
GS752TXS Smart Switch Software Administration Manual • Percentage LPI time per Stack - It will get calculated based on the sampling interval and values fetched during sampling. • Sample No. - It keeps track of every sample in the table. When the number increases to maximum it will be rolled over. • Percentage Time spent in LPI mode since last sample - It will get calculated based on the sampling interval and values fetched during sampling.
GS752TXS Smart Switch Software Administration Manual To configure SNMP communities: 1. To add a new SNMP community, enter community information in the available fields described below, and then click Add. • Management Station IP. Specify the IP address of the management station.Together, the Management Station IP and the Management Station IP Mask denote a range of IP addresses from which SNMP clients may use that community to access this device.
GS752TXS Smart Switch Software Administration Manual 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Trap Configuration This page displays an entry for every active Trap Receiver. To access this page, click System SNMP SNMP V1/V2 Trap Configuration. To configure SNMP trap settings: 1.
GS752TXS Smart Switch Software Administration Manual Trap Flags The pages in the Trap Manager folder allow you to view and configure information about SNMP traps the system generates. Use the Trap Flags page to enable or disable traps the switch can send to an SNMP manager. When the condition identified by an active trap is encountered by the switch, a trap message is sent to any enabled SNMP Trap Receivers, and a message is written to the trap log.
GS752TXS Smart Switch Software Administration Manual SNMP v3 User Configuration This is the configuration for SNMP v3. To access this page, click System SNMP SNMP V3 User Configuration. The SNMPv3 Access Mode is a read-only field that shows the access privileges for the user account. The admin account always has Read/Write access, and all other accounts have Read Only access. To configure SNMPv3 settings for the user account: 1.
GS752TXS Smart Switch Software Administration Manual LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol (LLDP), allows stations on an 802 LAN to advertise major capabilities and physical descriptions. This information is viewed by a network manager to identify system topology and detect bad configurations on the LAN.
GS752TXS Smart Switch Software Administration Manual To configure global LLDP settings: 1. Configure the following LLDP properties. • TLV Advertised Interval. Specify the interval at which frames are transmitted. The default is 30 seconds, and the valid range is 5–32768 seconds. • Hold Multiplier. Specify multiplier on the transmit interval to assign to Time-to-Live (TTL). The default is 4, and the range is 2–10. • Reinitializing Delay. Specify the delay before a reinitialization.
GS752TXS Smart Switch Software Administration Manual To configure LLDP port settings: 1. Change the LLDP port settings described below: • Interface. Specifies the port to be affected by these parameters. • • Admin Status. Select the status for transmitting and receiving LLDP packets: • Tx Only: Enable only transmitting LLDP PDUs on the selected ports. • Rx Only: Enable only receiving LLDP PDUs on the selected ports. • Tx and Rx: Enable both transmitting and receiving LLDP PDUs on the selected ports.
GS752TXS Smart Switch Software Administration Manual LLDP-MED Network Policy This page displays information about the LLPD-MED network policy TLV transmitted in the LLDP frames on the selected local interface. To display this page, click System LLDP Advanced LLDP-MED Network Policy. From the Interface menu, select the interface with the information to view. The following table describes the LLDP-MED network policy information that displays on the screen.
GS752TXS Smart Switch Software Administration Manual Field Description User Priority Specifies the priority associated with the policy. DSCP Specifies the DSCP associated with a particular policy type. Click Refresh to refresh the page with the most current data from the switch. LLDP-MED Port Settings Use this page to enable LLDP-MED mode on an interface and configure its properties. To display this page, click System LLDP Advanced LLDP-MED Port Settings.
GS752TXS Smart Switch Software Administration Manual • • Extended Power via MDI: PD Inventory 5. Click Apply to send the updated configuration to the switch. These changes occur immediately and the configuration will be saved. 6. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Local Information Use the LLDP Local Information page to view the data that each port advertises through LLDP.
GS752TXS Smart Switch Software Administration Manual Click Refresh to refresh the page with the most current data from the switch. To view additional details about a port, click the name of the port in the Interface column of the Port Information table. A popup window displays information for the selected port. The following table describes the detailed local information that displays for the selected port.
GS752TXS Smart Switch Software Administration Manual Field Description Operational MAU Type Displays the Medium Attachment Unit (MAU) type. The MAU performs physical layer functions, including digital data conversion from the Ethernet interface collision detection and bit injection into the network. MED Details Capabilities Supported Displays the MED capabilities enabled on the port. Current Capabilities Displays the TLVs advertised by the port.
GS752TXS Smart Switch Software Administration Manual The following table describes the information that displays for all LLDP neighbors that have been discovered. Field Description MSAP Entry Displays the Media Service Access Point (MSAP) entry number for the remote device. Local Port Displays the interface on the local system that received LLDP information from a remote system. Chassis ID Subtype Identifies the type of data displayed in the Chassis ID field on the remote system.
GS752TXS Smart Switch Software Administration Manual Field Description Port Details Local Port Displays the interface on the local system that received LLDP information from a remote system. MSAP Entry Displays the Media Service Access Point (MSAP) entry number for the remote device. Basic Details Chassis ID Subtype Identifies the type of data displayed in the Chassis ID field on the remote system. Chassis ID Identifies the remote 802 LAN device's chassis.
GS752TXS Smart Switch Software Administration Manual Field Description MED Details Capabilities Supported Specifies the supported capabilities that were received in MED TLV from the device. Current Capabilities Specifies the advertised capabilities that were received in MED TLV from the device. Device Class Displays the LLDP-MED endpoint device class. The possible device classes are: • Endpoint Class 1 Indicates a generic endpoint class, offering basic LLDP services.
GS752TXS Smart Switch Software Administration Manual Field Description LLDP Unknown TLVs Type Displays the unknown TLV type field. Value Displays the unknown TLV value field. Services — DHCP Snooping DHCP Snooping is a useful feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a message that is received from outside the network or firewall and that can cause traffic attacks within your network.
GS752TXS Smart Switch Software Administration Manual To configure DHCP snooping global settings: 1. In the DHCP Snooping Mode field, select Enable or Disable to turn the DHCP Snooping feature on or off. The factory default is disabled. 2. In the MAC Address Validation field, select Enable or Disable to turn the DHCP Snooping feature on or off. The factory default is disabled. 3. Click Apply to apply the change to the system. Configuration changes take effect immediately. 4.
GS752TXS Smart Switch Software Administration Manual To configure DHCP snooping interface settings: 1. In the Go To Interface field, enter the Interface in unit/slot/port format and click on the Go button. The entry corresponding to the specified interface, will be selected. 2. To configure DHCP snooping interface settings for a physical port, click 1, LAGs, or ALL. 3. Select the check box next to the port or LAG to configure.
GS752TXS Smart Switch Software Administration Manual To configure DHCP binding settings: 1. For DHCP Snooping Static Binding Configuration, in the Interface field, select the interface to add a binding into the DHCP snooping database. 2. In the MAC Address field, specify the MAC address for the binding to be added. This is the Key to the binding database. 3. In the VLAN ID field, select the VLAN from the list for the binding rule. The range of the VLAN ID is (1 to 4093). 4.
GS752TXS Smart Switch Software Administration Manual The Lease Time field displays the remaining Lease time for the Dynamic entries. Persistent Configuration To access the DHCP Snooping Persistent Configuration page, click System Services DHCP Snooping Persistent Configuration. To configure DHCP snooping persistent settings: 1. Select the Local or Remote in the Store field.
GS752TXS Smart Switch Software Administration Manual Use the DHCP Snooping Statistics page to view the DHCP Snooping statistics. 1. Click on the interface settings for a physical port, click 1, LAGs, or ALL. • The Interface field shows the untrusted and snooping enabled interface for which statistics to be displayed. • The MAC Verify Failures field shows the number of packets that were dropped by DHCP Snooping as there is no matching DHCP Snooping binding entry found.
3. Configuring Stacking Switches 3 Stacking Overview A stackable switch is a switch that is fully functional operating standalone, but can also be set-up to operate together with up to six other switches with this group of switches showing the characteristics of a single switch while having the port capacity of the sum of the combined switches. One of the switches in the stack controls the operation of the stack. This switch is called the stack master.
GS752TXS Smart Switch Software Administration Manual settings for all stack members. Each stack member retains a copy of the saved file for backup purposes. If the master is removed from the stack, another member will be elected master, and will then run from that saved configuration. The Stack Master Switch performs a consistency check to ensure that all units in the stack are running the same version of agent.
GS752TXS Smart Switch Software Administration Manual Web GUI, the system applies default settings to all the Stack member units and would reset the Stack including the participating stack members. When the stack is powered up and completes the boot process or the original Master Switch becomes unavailable, the Master Switch is determined through the Master Switch Election process.
GS752TXS Smart Switch Software Administration Manual 1. Use Management Unit Selected to select the unit to be managed unit and click Apply to move the management to the selected unit. 2. Unit ID displays the list of units of the stack. Details of the selected unit are displayed. There is also an ADD option visible only to Admin users which can be used to preconfigure new members of the stack. 3. Use Change to Switch ID to renumber the switch ID of the selected switch by admin users. 4.
GS752TXS Smart Switch Software Administration Manual Field Description Hardware Management Preference The hardware management preference of the switch. The hardware management preference can be disabled or unassigned. Standby Status Identifies the switch that is configured as the Standby Unit. The possible values are: • Cfg Standby - Indicates that the unit is configured as the Standby Unit. The unit configured as the Standby switch becomes the stack manager if the current manager fails.
GS752TXS Smart Switch Software Administration Manual Field Description Detected Code Version in Flash The displays the Release number and version number of the code stored in flash. SFS Last Attempt Status This displays the status of last tried stack firmware synchronisation. “None” is the default value if SFS has not been tried. Stack Port Configuration To display the Stack Port Configuration page, click System Stacking Advanced Stack Port Configuration.
GS752TXS Smart Switch Software Administration Manual Field Description Transmit Data Rate (Mbps) Displays the approximate transmit rate on the stacking port. Total Transmit Errors Displays the total number of errors in transmit packets since boot. The counter may wrap. Receive Data Rate (Mbps) Displays the approximate receive rate on the stacking port. Total Receive Errors Displays the total number of errors in receive packets since boot. The counter may wrap.
GS752TXS Smart Switch Software Administration Manual Stack Firmware Synchronization To display the stack firmware synchronization configurations from the Stack Firmware Synchronization page, click System Stacking Advanced Stack Firmware Synchronization. A screen similar to the following displays. 1. Use the Stack Firmware Auto Upgrade field to enable or disable the Stack Firmware Synchronization feature. 2.
4. Configuring Switching Information 4 Use the features in the Switching tab to define Layer 2 features.
GS752TXS Smart Switch Software Administration Manual To configure port settings: 1. To configure settings for a physical port, click PORTS. 2. To configure settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure settings for both physical ports and LAGs, click ALL. 4. Select the check box next to the port or LAG to configure. You can select multiple ports and LAGs to apply the same setting to the selected interfaces.
GS752TXS Smart Switch Software Administration Manual • Link Trap. This object determines whether or not to send a trap when link status changes. The factory default is Enable. • Enable: Specifies that the system sends a trap when the link status changes. • Disable: Specifies that the system does not send a trap when the link status changes. • Maximum Frame Size. Specifies the maximum Ethernet frame size the interface supports. The size includes the Ethernet header, CRC, and payload.
GS752TXS Smart Switch Software Administration Manual • Enable. The switch sends pause packets if the port buffers become full. • Disable. The switch does not send pause packets if the port buffers become full. 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. If you change the mode, click Apply to apply the changes to the system.
GS752TXS Smart Switch Software Administration Manual To configure LAG settings: 1. Select the check box next to the LAG to configure. You can select multiple LAGs to apply the same setting to the selected interfaces. Select the check box in the heading row to apply the same settings to all interfaces. 2. Configure or view the following settings: • LAG Name. Specify the name you want assigned to the LAG. You may enter any string of up to 15 alphanumeric characters.
GS752TXS Smart Switch Software Administration Manual 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. If you make any changes to this page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately.
GS752TXS Smart Switch Software Administration Manual 4. Click the box below each port to include in the LAG. The following figure shows an example of how to configure LAG1 with ports g1–g4 as members. 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 6. If you make any changes to this page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. 7.
GS752TXS Smart Switch Software Administration Manual 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. If you make any changes to this page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. LACP Port Configuration To display the LACP Port Configuration page, click Switching LAG Advanced LACP Port Configuration. To configure LACP port priority settings: 1.
GS752TXS Smart Switch Software Administration Manual VLANs Adding Virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header, which is fast, and like a router, it partitions the network into logical segments, which provides better administration, security and management of multicast traffic. By default, all ports on the switch are in the same broadcast domain.
GS752TXS Smart Switch Software Administration Manual To configure VLANs: 1. To add a VLAN, configure the VLAN ID, name, and type, and then click Add. • VLAN ID. Specify the VLAN Identifier for the new VLAN. (You can enter data in this field only when you are creating a new VLAN.) The range of the VLAN ID is 1–4093. • VLAN Name. Use this optional field to specify a name for the VLAN. It can be up to 32 alphanumeric characters long, including blanks. The default is blank. VLAN ID 1 is always named Default.
GS752TXS Smart Switch Software Administration Manual To display the VLAN Membership Configuration page, click Switching VLAN Advanced VLAN Membership. To configure VLAN membership: 1. From the VLAN ID field, select the VLAN to which you want to add ports. 2. Click the orange bar below the VLAN Type field to display the physical ports on the switch. 3. Click the lower orange bar to display the LAGs on the switch. 4.
GS752TXS Smart Switch Software Administration Manual 5. Use the Group Operations field to select all the ports and configure them. Possible values are: • Untag All: Select all the ports on which all frames transmitted from this VLAN will be untagged. All the ports will be included in the VLAN. • Tag All: Select the ports on which all frames transmitted for this VLAN will be tagged. All the ports will be included in the VLAN.
GS752TXS Smart Switch Software Administration Manual To configure PVID information: 1. To configure PVID settings for a physical port, click PORTS. 2. To configure PVID settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure PVID settings for both physical ports and LAGs, click ALL. 4. Select the check box next to the interfaces to configure. You can select multiple interfaces to apply the same setting to the selected interfaces.
GS752TXS Smart Switch Software Administration Manual MAC Based VLAN MAC Based VLAN feature allows incoming untagged packets to be assigned to a VLAN and classify traffic based on the source MAC address of the packet. A MAC to VLAN mapping is defined by configuring an entry in the MAC to VLAN table. An entry is specified via a source MAC address and the desired VLAN ID. The MAC to VLAN configurations are shared across all ports of the device (i.e.
GS752TXS Smart Switch Software Administration Manual Protocol Based VLAN Group Configuration Protocol-based VLAN can be used to define filtering criteria for untagged packets. By default, if you do not configure any port- (IEEE 802.1Q) or protocol based VLANs, untagged packets will be assigned to VLAN 1. You can override this behavior by defining either port-based VLANs or protocol based VLANs, or both. Tagged packets are always handled according to the IEEE 802.
GS752TXS Smart Switch Software Administration Manual 4. Enter any number in the range of (1 to 4093) VLAN ID field. All the ports in the group will assign this VLAN ID to untagged packets received for the protocols you included in this group. The Ports field displays all the member ports which belong to the group. 5. To add an entry of MAC Address to VLAN mapping, click Add. 6. To remove the Protocol Based VLAN group identified by the value in the Group ID field, click Delete. 7.
GS752TXS Smart Switch Software Administration Manual 3. Click the Current Members button can be click to show the current numbers in the selected protocol based VLAN Group. 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. If you make any changes to this page, click Apply to send the updated configuration to the switch. Configuration changes take place immediately.
GS752TXS Smart Switch Software Administration Manual 2. From the Voice VLAN Aging Time field, specify the amount of time after the last IP phone’s OUI is aged out for a specific port. The port will age out after the bridge and voice aging time. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. If you make any changes to this page, click Apply to send the updated configuration to the switch.
GS752TXS Smart Switch Software Administration Manual 8. If you make any changes to this page, click Apply to send the updated configuration to the switch. Note: The Membership field displays whether the current operational status of the voice VLAN on the interface is active or not active. Voice VLAN OUI The Organizational Unique Identifier (OUI) identifies the IP phone manufacturer.
GS752TXS Smart Switch Software Administration Manual To configure OUI settings: 1. To add a new OUI prefix, enter the VOIP OUI prefix in the Telephony OUI(s) field, provide a description of the prefix, and click Add. The OUI prefix must be in the format AA:BB:CC. 2. To delete an OUI prefix from the list, select the check box next to the OUI prefix and click Delete. 3.
GS752TXS Smart Switch Software Administration Manual Use the Auto-VoIP Configuration menu to configure the Auto-VoIP parameters. Interface specifies all the configurable Auto-VoIP interfaces. Traffic Class displays the Traffic Class on which the received VoIP frames are marked. To display the Auto-VoIP Configuration page, click Switching Auto-VoIP. To enable Auto-VoIP: 1. To configure Auto-VoIP interface settings for a physical port, click 1, LAGs, or ALL. 2. Go To Interface.
GS752TXS Smart Switch Software Administration Manual transitioning of the port to ‘Forwarding’). The difference between the RSTP and the traditional STP (IEEE 802.1D) is the ability to configure and recognize full-duplex connectivity and ports which are connected to end stations, resulting in rapid transitioning of the port to ‘Forwarding’ state and the suppression of Topology Change Notification. These features are represented by the parameters ‘pointtopoint’ and ‘edgeport’.
GS752TXS Smart Switch Software Administration Manual To configure STP settings on the switch: 1. From the Spanning Tree State field, specify whether to enable or disable Spanning Tree operation on the switch. 2. From the STP Operation Mode field, specify the Force Protocol Version parameter for the switch. Options are: • STP (Spanning Tree Protocol): IEEE 802.1D • RSTP (Rapid Spanning Tree Protocol): IEEE 802.1w • MSTP (Multiple Spanning Tree Protocol): IEEE 802.1s 3.
GS752TXS Smart Switch Software Administration Manual The following table describes the STP Status information displayed on the screen. Field Description Configuration Digest Key This is used to identify the configuration currently being used. Bridge Identifier The bridge identifier for the CST. It is made up using the bridge priority and the base MAC address of the bridge. Time Since Topology Change The time in seconds since the topology of the CST last changed.
GS752TXS Smart Switch Software Administration Manual To configure CST settings: 1. Specify values for CST in the appropriate fields: • Bridge Priority. When switches or bridges are running STP, each is assigned a priority. After exchanging BPDUs, the switch with the lowest priority value becomes the root bridge. Specifies the bridge priority value for the Common and Internal Spanning Tree (CST). The valid range is 0–61440. The bridge priority is a multiple of 4096.
GS752TXS Smart Switch Software Administration Manual 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch 3. If you make any configuration changes, click Apply to send the updated configuration to the switch. Configuration changes take place immediately. The following table describes the MSTP status information displayed on the Spanning Tree CST Configuration page.
GS752TXS Smart Switch Software Administration Manual 3. To configure CST settings for both physical ports and LAGs, click ALL. 4. Select the check box next to the port or LAG to configure. You can select multiple ports and LAGs to apply the same setting to the selected interfaces. Select the check box in the heading row to apply the same settings to all interfaces. 5. Configure the CST values for the selected port(s) or LAG(s): • STP Status.
GS752TXS Smart Switch Software Administration Manual The following table describes the CST Status information displayed on the screen. Field Description Interface Select a physical or port channel interface to configure. The port is associated with the VLAN(s) associated with the CST. Port Role Each MST Bridge Port that is enabled is assigned a Port Role for each spanning tree.
GS752TXS Smart Switch Software Administration Manual Field Description CST Path Cost Displays the path Cost to the CST tree Regional Root. Port Forwarding State Displays the Forwarding State of this port. Click Refresh to update the information on the screen with the most current data. Rapid STP Use the Rapid STP page to view information about Rapid Spanning Tree (RSTP) port status. To display the Rapid STP page, click Switching STP Advanced RSTP.
GS752TXS Smart Switch Software Administration Manual Click Refresh to update the information on the screen with the most current data. MST Configuration Use the Spanning Tree MST Configuration page to configure Multiple Spanning Tree (MST) on the switch. To display the Spanning Tree MST Configuration page, click Switching STP Advanced MST Configuration. To configure an MST instance: 1. To add an MST instance, configure the MST values and click Add: • MST ID. Specify the ID of the MST to create.
GS752TXS Smart Switch Software Administration Manual For each configured instance, the information described in the following table displays on the page. Field Description Bridge Identifier The bridge identifier for the selected MST instance. It is made up using the bridge priority and the base MAC address of the bridge. Time Since Topology Change Displays the total amount of time since the topology of the selected MST instance last changed.
GS752TXS Smart Switch Software Administration Manual Note: If no MST instances have been configured on the switch, the page displays a “No MSTs Available” message. To configure MST port settings: 1. To configure MST settings for a physical port, click PORTS. 2. To configure MST settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure MST settings for both physical ports and LAGs, click ALL. 4. Select the check box next to the port or LAG to configure.
GS752TXS Smart Switch Software Administration Manual Field Description Port Forwarding State Indicates the current STP state of a port. If enabled, the port state determines what forwarding action is taken on traffic. Possible port states are: • Disabled: STP is currently disabled on the port. The port forwards traffic while learning MAC addresses. • Blocking: The port is currently blocked and cannot be used to forward traffic or learn MAC addresses.
GS752TXS Smart Switch Software Administration Manual The following table describes the information available on the STP Statistics page. Field Description Interface Select a physical or port channel interface to view its statistics. STP BPDUs Received Number of STP BPDUs received at the selected port. STP BPDUs Transmitted Number of STP BPDUs transmitted from the selected port. RSTP BPDUs Received Number of RSTP BPDUs received at the selected port.
GS752TXS Smart Switch Software Administration Manual • Auto-Video on page 124 • IGMP Snooping on page 125 • IGMP Snooping Querier on page 133 • MLD Snooping on page 137 MFDB The Multicast Forwarding Database (MFDB) holds the port membership information for all active multicast address entries. The key for an entry consists of a VLAN ID and MAC address pair. Entries may contain data for more than one protocol. To access the MFDB page, click Switching Multicast MFDB MFDB Table.
GS752TXS Smart Switch Software Administration Manual • Description: The text description of this multicast table entry. Possible values are Management Configured, Network Configured and Network Assisted. • Interface: The list of interfaces that are designated for forwarding (Fwd:) and filtering (Flt:) for the selected address.
GS752TXS Smart Switch Software Administration Manual To configure Auto-Video: 1. Globally enable or disable the Auto-Video administrative mode for the switch by selecting the Auto-Video Status radio button. The Auto-Video VLAN field show the number of Auto-configured IGMP snooping VLANs. 2. Click Cancel to cancel the configuration on the screen and resets the data on the screen to the latest value of the switch. 3. Click Apply to send the updated configuration to the switch.
GS752TXS Smart Switch Software Administration Manual filter packets addressed to unrequested group addresses, they are unable to transmit new packets onto the shared media for the period of time that the multicast packet is flooded. The problem of wasting bandwidth is even worse when the LAN segment is not shared, for example in full-duplex links. Allowing switches to snoop IGMP packets is a creative effort to solve this problem.
GS752TXS Smart Switch Software Administration Manual • Disable. The IGMP IP header is not checked for Router Alert option. 3. Choose whether to block unknown multicast addresses. • Enable. Packets with unknown multicast MAC address in the destination field will be dropped. • Disable. Packets with unknown destination multicast MAC addresses are processed. 4. Click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. 5.
GS752TXS Smart Switch Software Administration Manual To configure IGMP Snooping interface settings: 1. To configure IGMP Snooping settings for a physical port, click PORTS. 2. To configure IGMP Snooping settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure IGMP Snooping settings for both physical ports and LAGs, click ALL. 4. Select the check box next to the port or LAG to configure. You can select multiple ports and LAGs to apply the same setting to the selected interfaces.
GS752TXS Smart Switch Software Administration Manual 6. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 7. If you make any configuration changes, click Apply to apply the new settings to the switch. Configuration changes take effect immediately. IGMP Snooping Table Use the IGMP Snooping Table page to view all of the entries in the Multicast Forwarding Database that were created for IGMP snooping.
GS752TXS Smart Switch Software Administration Manual Field Description Description The text description of this multicast table entry. Possible values are Management Configured, Network Configured, and Network Assisted. Interface The list of interfaces that are designated for forwarding (Fwd) and filtering (Flt) for the associated address. Use the buttons at the bottom of the page to perform the following actions: • Click Clear to clear one or all of the IGMP Snooping entries.
GS752TXS Smart Switch Software Administration Manual Field Description MAC Address The MAC Address to which the multicast MAC address is related. To search by MAC address, enter the address with the MFDB table entry you want displayed. Enter six two-digit hexadecimal numbers separated by colons, for example 00:0f:43:67:89:AB, and then click Go. If the address exists, that entry will be displayed. An exact match is required. VLAN ID The VLAN ID to which the multicast MAC address is related.
GS752TXS Smart Switch Software Administration Manual The following table describes the information available on the MFDB Statistics page: Field Description Max MFDB Table Entries Displays the maximum number of entries that the Multicast Forwarding Database table can hold. Most MFDB Entries Since Last Reset The largest number of entries that have been present in the Multicast Forwarding Database table since the system was last reset. This value is also known as the MFDB high-water mark.
GS752TXS Smart Switch Software Administration Manual general queries to the interface.You should enable fast-leave admin mode only on VLANs where only one host is connected to each layer 2 LAN port. This prevents the inadvertent dropping of the other hosts that were connected to the same layer 2 LAN port but were still interested in receiving multicast traffic directed to that group. Also, fast-leave processing is supported only with IGMP version 2 hosts. • Host Timeout.
GS752TXS Smart Switch Software Administration Manual IGMP Snooping Querier Configuration Use this page to enable or disable the IGMP Snooping Querier feature, specify the IP address of the router to perform the querying, and configure the related parameters. To access this page, click Switching Multicast IGMP Snooping Querier IGMP Snooping Querier Configuration. To configure IGMP Snooping Querier settings: 1.
GS752TXS Smart Switch Software Administration Manual IGMP Snooping Querier VLAN Configuration Use this page to configure IGMP queriers for use with VLANs on the network. To access this page, click Switching Multicast IGMP Snooping Querier Querier VLAN Configuration. To configure Querier VLAN settings: 1. To create a new VLAN ID for IGMP Snooping, select New Entry from the VLAN ID field and complete the following fields: • VLAN ID.
GS752TXS Smart Switch Software Administration Manual IGMP Snooping Querier VLAN Status Use this page to view the operational state and other information for IGMP snooping queriers for VLANs on the network. To access this page, click Switching Multicast IGMP Snooping Querier Querier VLAN Status. The following table describes the information available on the Querier VLAN Status page.
GS752TXS Smart Switch Software Administration Manual Field Description Last Querier Version Displays the IGMP protocol version of the last querier from which a query was snooped on the VLAN. Operational Max Response Time Displays the maximum response time to be used in the queries that are sent by the snooping querier. Click Refresh to redisplay the page with the latest information from the switch.
GS752TXS Smart Switch Software Administration Manual To configure MLD Snooping: 1. Enable or disable the MLD Snooping Admin Mode, the administrative mode for MLD Snooping for the switch. The default is disable. • Multicast Control Frame Count - This displays the number of multicast control frames that are processed by the CPU. • Interfaces Enabled for MLD Snooping - This displays a list of all the interfaces currently enabled for MLD Snooping.
GS752TXS Smart Switch Software Administration Manual To configure the MLD interface: 1. Click 1, LAGs, or ALL to configure the interface settings for a physical port,. 2. Enter the interface in unit/slot/port format in the Go To Interface field and click on the Go button. The entry corresponding to the specified interface will be selected. 3. Select all physical, VLAN and LAG interface you want to configure.in the Interface field. 4.
GS752TXS Smart Switch Software Administration Manual 10. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. MLD VLAN Configuration MLD Snooping can be enabled on a per VLAN basis. It is necessary to keep track of the interfaces that are participating in a VLAN in order to apply or remove configurations. To access the MLD VLAN Configuration page, click Switching Multicast MLD Snooping MLD VLAN Configuration.
GS752TXS Smart Switch Software Administration Manual 9. Click Apply to apply the new settings to the switch. Configuration changes take effect immediately 10. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 11. Click Refresh to update the page with the latest information from the switch.
GS752TXS Smart Switch Software Administration Manual 3. Use the Multicast Router field to enable or disable Multicast Router on the selected interface. 4. Click Apply to apply the new settings to the switch. Configuration changes take effect immediately 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
GS752TXS Smart Switch Software Administration Manual 4. Click Apply to apply the new settings to the switch. Configuration changes take effect immediately 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Querier Configuration Use this page to enable or disable the MLD Querier Configuration feature, specify the IP address of the router to perform the querying, and configure the related parameters.
GS752TXS Smart Switch Software Administration Manual 5. In the Querier Expiry Interval field, specify the time interval in seconds after which the last querier information is removed. The Querier Expiry Interval must be a value in the range of 60–300 seconds. The default value is 60. 6. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 7. Click Apply to apply the new settings to the switch.
GS752TXS Smart Switch Software Administration Manual Field Description Querier VLAN Address Specify the Snooping Querier Address to be used as source address in periodic MLD queries sent on the specified VLAN. Operational State Specifies the operational state of the IGMP Snooping Querier on a VLAN: • Querier: The snooping switch is the querier in the VLAN. The snooping switch will send out periodic queries with a time interval equal to the configured querier query interval.
GS752TXS Smart Switch Software Administration Manual MAC Address Table The MAC Address Table contains information about unicast entries for which the switch has forwarding and/or filtering information. This information is used by the transparent bridging function in determining how to propagate a received frame. Use the search function of the MAC Address Table page to display information about the entries in the table. To access this page, click Switching Address Table Basic Address Table.
GS752TXS Smart Switch Software Administration Manual The following table describes the information available for each entry in the address table. Field Description VLAN ID Specifies the VLAN ID on which the IGMP Snooping Querier is administratively enabled and for which VLAN exists in the VLAN database. MAC Address A unicast MAC address for which the switch has forwarding and/or filtering information. The format is a six-byte MAC address with each byte separated by colons.
GS752TXS Smart Switch Software Administration Manual 1. Specify the number of seconds the forwarding database should wait before deleting a learned entry that has not been updated. IEEE 802.1D-1990 recommends a default of 300 seconds. You may enter any number of seconds between 10 and 1000000. The factory default is 300. Note: IEEE 802.1D recommends a default of 300 seconds, which is the factory default. 2.
GS752TXS Smart Switch Software Administration Manual d. Click Add. 2. To delete a static MAC address, select the check box next to the entry and click Delete. 3. To modify the settings for a static MAC address, select the check box next to the entry, update the desired values, and click Apply. 4. Click Refresh to reload the page and display the latest MAC address learned on a specific port. 5.
GS752TXS Smart Switch Software Administration Manual 150 | Chapter 4: Configuring Switching Information
5. Configuring Routing 5 The GS752TXS Smart Switch supports IP routing. Use the links in the Routing navigation tree folder to manage routing on the system.
GS752TXS Smart Switch Software Administration Manual 1. Click Routing IP, then click the IP Configuration link. Table 5-1. IP Configuration Fields Field Description Default Time to Live The default value inserted into the Time-To-Live field of the IP header of datagrams originated by the switch, if a TTL value is not supplied by the transport layer protocol. Routing Mode Select either the Enable or the Disable radio button.
GS752TXS Smart Switch Software Administration Manual 1. Click Routing IP, then click the Statistics link. Table 5-2. IP Statistics Fields Field Description IpInReceives The total number of input datagrams received from interfaces, including those received in error. IpInHdrErrors The number of input datagrams discarded due to errors in their IP headers, including bad checksums, version number mismatch, other format errors, time-to-live exceeded, errors discovered in processing their IP options, etc.
GS752TXS Smart Switch Software Administration Manual Table 5-2. IP Statistics Fields (Continued) Field Description IpForwDatagrams The number of input datagrams for which this entity was not their final IP destination, as a result of which an attempt was made to find a route to forward them to that final destination. In entities which do not act as IP Gateways, this counter includes only those packets which were Source-Routed via this entity, and the Source-Route option processing was successful.
GS752TXS Smart Switch Software Administration Manual Table 5-2. IP Statistics Fields (Continued) Field Description IpFragFails The number of IP datagrams that have been discarded because they needed to be fragmented at this entity but could not be, e.g., because their Don't Fragment flag was set. IpFragCreates The number of IP datagram fragments that have been generated as a result of fragmentation at this entity.
GS752TXS Smart Switch Software Administration Manual Table 5-2. IP Statistics Fields (Continued) Field Description IcmpOutSrcQuenchs The number of ICMP Source Quench messages sent. IcmpOutRedirects The number of ICMP Redirect messages sent. For a host, this object is always zero, since hosts do not send redirects. IcmpOutEchos The number of ICMP Echo (request) messages sent. IcmpOutEchoReps The number of ICMP Echo Reply messages sent.
GS752TXS Smart Switch Software Administration Manual • Add selected ports to the newly created VLAN and remove selected ports from the default VLAN. • Create a LAG, add selected ports to a LAG, then add LAG to the newly created VLAN. • Enable tagging on selected ports if the port is in another VLAN. Disable tagging if a selected port does not exist in another VLAN. • Exclude ports not selected from the VLAN. • Enable routing on the VLAN using the IP address and subnet mask entered.
GS752TXS Smart Switch Software Administration Manual 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 6. If you change any of the settings on the page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately.
GS752TXS Smart Switch Software Administration Manual Table 5-3. VLAN Routing Configuration Fields (Continued) Field Description Subnet Mask Enter a Subnet Mask for the VLAN Routing Interface. IP MTU Specify the maximum size of IP packets sent on an interface. A valid range is from 68 bytes to the link MTU. The default value is 1500. A value of 0 indicates that the IP MTU is unconfigured. When the IP MTU is unconfigured, the router uses the link MTU as the IP MTU.
GS752TXS Smart Switch Software Administration Manual 1. Click Routing, then click the Router Discovery link. Table 5-4. Router Discovery Configuration Fields Field Description Interface Select the router interface for which data is to be configured. To perform the same configuration on all interfaces, select the check box in the heading row. To configure a single interface, select the check box associated with the interface. The interface number appears in the Interface field in the table heading row.
GS752TXS Smart Switch Software Administration Manual Configuring and Viewing Routes From the Routing Table page, you can configure static and default routes and view the routes that the GS752TXS has already learned. To display the page: 1. Click the Routing Routing Table link. Table 5-5. Route Configuration Fields Field Description Route Type Specifies whether the route is to be a Default route or a Static route.
GS752TXS Smart Switch Software Administration Manual Table 5-5. Route Configuration Fields Field Description Next Hop IP Address The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path towards the destination. The next router is always one of the adjacent neighbors or the IP address of the local interface for a directly attached network. When creating a route, the next hop IP must be on the same network as the routing interface.
GS752TXS Smart Switch Software Administration Manual Configuring ARP The address resolution protocol (ARP) associates a layer 2 MAC address with a layer 3 IPv4 address. GS752TXS Smart Switch software features both dynamic and manual ARP configuration. With manual ARP configuration, you can statically add entries into the ARP table. ARP is a necessary part of the internet protocol (IP) and is used to translate an IP address to a media (MAC) address, defined by a local area network (LAN) such as Ethernet.
GS752TXS Smart Switch Software Administration Manual 1. Click the Routing ARP, then click the Basic ARP Cache link. Table 5-6. Management VLAN ARP Cache Fields Field Description MAC Address Displays the MAC address of the device. IP Address Displays the associated IP address of a device on a subnet attached to one of the switch's existing routing interfaces. Port Shows the associated interface of the connection. Table 5-7.
GS752TXS Smart Switch Software Administration Manual Table 5-7. Routing VLANs ARP Cache (Continued) Field Description Type The type of the ARP entry. Possible values are: • Local. An ARP entry associated with one of the switch’s routing interface’s MAC addresses. • Gateway. A dynamic ARP entry whose IP address is that of a router. • Static. An ARP entry configured by the user. • Dynamic. An ARP entry which has been learned by the router. Age Age since the entry was last refreshed in the ARP Table.
GS752TXS Smart Switch Software Administration Manual Table 5-8. Global ARP Configuration Fields Field Description Age Time (secs) Enter the value you want the switch to use for the ARP entry ageout time. You must enter a valid integer, which represents the number of seconds it will take for an ARP entry to age out. The range is 15 to 21600 seconds. The default value is 1200 seconds. Response Time (secs) Enter the value you want the switch to use for the ARP response timeout.
GS752TXS Smart Switch Software Administration Manual Table 5-9. Static ARP Configuration Field Description IP Address Enter the IP address that you want to add. It must be the IP address of a device on a subnet attached to one of the switch's existing routing interfaces. MAC Address The unicast MAC address of the device. The format is six two-digit hexadecimal numbers separated by colons, for example 00:06:29:32:81:40. Table 5-10.
GS752TXS Smart Switch Software Administration Manual 2. Click Refresh to refresh the page with the most current data from the switch. 3. Click Add to add an ARP Entry. 4. Click Delete to delete an ARP Entry. 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 6. If you change any of the settings on the page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately.
GS752TXS Smart Switch Software Administration Manual Table 5-11. ARP Entry Management Fields Field Description Remove from Table Allows you to remove certain entries from the ARP Table. The choices listed specify the type of ARP Entry to be deleted: • All Dynamic Entries • All Dynamic and Gateway Entries • Specific Dynamic / Gateway Entry. Selecting this allows you to specify the required IP address. • Specific Static Entry. • None. Select if you do not want to delete any entry from the ARP Table.
GS752TXS Smart Switch Software Administration Manual 170 | Chapter 5: Configuring Routing
6. Configuring Quality of Service 6 Use the features in the QoS tab to configure Quality of Service (QoS) settings on the switch. The QoS tab contains links to the following features: • Class of Service on page 171 • Differentiated Services on page 178 In a typical switch, each physical port consists of one or more queues for transmitting packets on the attached network. Multiple queues per port are often provided to give preference to certain packets over others based on user-defined criteria.
GS752TXS Smart Switch Software Administration Manual • CoS Interface Configuration on page 173 • Interface Queue Configuration on page 174 • 802.1p to Queue Mapping on page 176 • DSCP to Queue Mapping on page 177 Basic CoS Configuration Use the Trust Mode Configuration page to set the class of service trust mode of an interface. Each port in the switch can be configured to trust one of the packet fields (802.1p or IP DSCP), or to not trust any packet’s priority designation (untrusted mode).
GS752TXS Smart Switch Software Administration Manual 2. Select Global Trust Mode to specify whether to trust a particular packet marking at ingress. Global Trust Mode can only be one of the following: • Untrusted. Do not trust any CoS packet marking at ingress. • 802.1p. The eight priority tags that are specified in IEEE 802.1p are p0 to p7. The QoS setting lets you map each of the eight priority levels to one of seven internal hardware priority queues. • DSCP.
GS752TXS Smart Switch Software Administration Manual To configure CoS settings for an interface: 1. To configure CoS settings for a physical port, click PORTS. 2. To configure CoS settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure CoS settings for both physical ports and LAGs, click ALL. 4. Select the check box next to the port or LAG to configure. You can select multiple ports and LAGs to apply the same setting to the selected interfaces. 5.
GS752TXS Smart Switch Software Administration Manual To display the Interface Queue Configuration page, click the QoS CoS tab, and then click the Advanced Interface Queue Configuration link. To configure CoS queue settings for an interface: 1. To configure CoS queue settings for a physical port, click PORTS. 2. To configure CoS queue settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure CoS queue settings for both physical ports and LAGs, click ALL. 4.
GS752TXS Smart Switch Software Administration Manual 7. If you make changes to the page, click Apply to apply the changes to the system. 802.1p to Queue Mapping The 802.1p to Queue Mapping page also displays the Current 802.1p Priority Mapping table. To display the 801.p to Queue Mapping page, click QoS CoS Advanced 802.1p to Queue Mapping. To map 802.1p priorities to queues: 1. Select the Global radio button to apply the same 802.
GS752TXS Smart Switch Software Administration Manual DSCP to Queue Mapping Use the DSCP to Queue Mapping page to specify which internal traffic class to map the corresponding DSCP value. To display the IP DSCP Mapping page, click QoS CoS Advanced DSCP to Queue Mapping. To map DSCP values to queues: 1. For each DSCP value, select a hardware queue to associate with the value. The traffic class is the hardware queue for a port. Higher traffic class values indicate a higher queue position.
GS752TXS Smart Switch Software Administration Manual 3. If you make changes to the page, click Apply to apply the changes to the system. Differentiated Services The QoS feature contains Differentiated Services (DiffServ) support that allows traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors. Standard IP-based networks are designed to provide “best effort” data delivery service.
GS752TXS Smart Switch Software Administration Manual Diffserv Configuration Use the Diffserv Configuration page to display DiffServ General Status Group information, which includes the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables. To display the page, click QoS DiffServ Advanced Diffserv Configuration. To configure the global DiffServ mode: 1. Select the administrative mode for DiffServ: • Enable.
GS752TXS Smart Switch Software Administration Manual Field Description Policy Attributes Table Displays the current and maximum number of rows of the policy attributes table. Service Table Displays the current and maximum number of rows of the service table. Class Configuration Use the Class Configuration page to add a new DiffServ class name, or to rename or delete an existing class. The page also allows you to define the criteria to associate with a DiffServ class.
GS752TXS Smart Switch Software Administration Manual To configure the class match criteria: 1. Click the class name for an existing class. The class name is a hyperlink. The following figure shows the configuration fields for the class.
GS752TXS Smart Switch Software Administration Manual 2. Define the criteria to associate with a DiffServ class: • Reference Class. Selects a class to start referencing for criteria. A specified class can reference at most one other class of the same type. • Class of Service. Select the field and enter a class of service 802.1p user priority value to be matched for the packets. The valid range is 0–7. • VLAN. Select the field and enter a VLAN ID to be matched for packets. The VLAN ID range is 1–4093.
GS752TXS Smart Switch Software Administration Manual IPv6 Class Configuration The IPv6 Class Configuration feature extends the existing QoS ACL and DiffServ functionality by providing support for IPv6 packet classification. An Ethernet IPv6 packet is distinguished from an IPv4 packet by its unique Ethertype value, so all IPv6 classifiers include the Ethertype field. An IPv6 access list presents a similar purpose as its IPv4 counterpart.
GS752TXS Smart Switch Software Administration Manual The switch supports only the Class Type value All, which means all the various match criteria defined for the class should be satisfied for a packet match. All signifies the logical AND of all the match criteria. 2. To rename an existing class, select the check box next to the configured class, update the name, and click Apply. The same set of fields described for IPv6 ACL classification are also supported as match criteria for DiffServ classes.
GS752TXS Smart Switch Software Administration Manual 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. After creating a Class, click the class link to the Class page. To configure the policy attributes: 1. Click the name of the policy.
GS752TXS Smart Switch Software Administration Manual The policy name is a hyperlink. The following figure shows the configuration fields for the policy. 2. Select the queue to which packets will of this policy-class will be assigned . 3. Configure the policy attributes:. • Drop. Select this option to drop packets for this policy-class. • Mark CoS.
GS752TXS Smart Switch Software Administration Manual • Simple Policy. Use this attribute to establish the traffic policing style for the specified class. The simple form of the policy command uses a single data rate and burst size, resulting in two outcomes: confirm and violate. 4. If you select the Simple Policy attribute, you can configure the following fields: • Color Mode.
GS752TXS Smart Switch Software Administration Manual • Mark IP DSCP. These packets are marked by DiffServ with the specified DSCP value before being presented to the system forwarding element. This selection requires that the DSCP value field be set. 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 6. If you change any of the settings on the page, click Apply to send the updated configuration to the switch.
GS752TXS Smart Switch Software Administration Manual 7. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Service Statistics Use the Service Statistics page to display service-level statistical information about all interfaces that have DiffServ policies attached. To display the page, click the QoS DiffServ tab and then click the Advanced Service Statistics link.
7. Managing Device Security 7 Use the features available from the Security tab to configure management security settings for port, user, and server security.
GS752TXS Smart Switch Software Administration Manual To change the login password for the management interface: 1. Specify the current password in the Old Password. The entered password will be displayed in asterisks (*). Passwords are 1–20 alphanumeric characters in length and are case sensitive. 2. Enter the new password. It will not display as it is typed, and only asterisks (*) will show on the screen. Passwords are 1–20 alphanumeric characters in length and are case sensitive. 3.
GS752TXS Smart Switch Software Administration Manual • Access Control Port (802.1X) The RADIUS folder contains links to the following features: • Global Configuration on page 193 • RADIUS Server Configuration on page 194 • Accounting Server Configuration on page 196 Global Configuration Use the RADIUS Configuration page to add information about one or more RADIUS servers on the network. To access the RADIUS Configuration page, click Security Management Security RADIUS Global Configuration.
GS752TXS Smart Switch Software Administration Manual all configured servers. If the RADIUS request was generated by a user login attempt, all user interfaces will be blocked until the RADIUS application returns a response. 2. In the Timeout Duration field, specify the timeout value, in seconds, for request retransmissions. Consideration to maximum delay time should be given when configuring RADIUS max retransmit and RADIUS timeout.
GS752TXS Smart Switch Software Administration Manual • In the Authentication Port field, specify the UDP port number the server uses to verify the RADIUS server authentication. The valid range is 0–65535. • From the Secret Configured menu, select Yes to add a RADIUS secret in the next field. You must select Yes before you can configure the RADIUS secret. After you add the RADIUS server, this field indicates whether the shared secret for this server has been configured.
GS752TXS Smart Switch Software Administration Manual Field Description Bad Authenticators The number of RADIUS Access-Response packets containing invalid authenticators or signature attributes received from this server. Pending Requests The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. Timeouts The number of authentication timeouts to this server.
GS752TXS Smart Switch Software Administration Manual To configure the RADIUS accounting server: 1. In the Accounting Server Address field, specify the IP address of the RADIUS accounting server to add. 2. In the Port field, specify the UDP port number the server uses to verify the RADIUS accounting server authentication. The valid range is 0–65535. 3. From the Secret Configured menu, select Yes to add a RADIUS secret in the next field. You must select Yes before you can configure the RADIUS secret.
GS752TXS Smart Switch Software Administration Manual The following table describes RADIUS accounting server statistics available on the page. Field Description Accounting Server Address Displays the IP address of the supported RADIUS accounting server. Round Trip Time (secs) Displays the time interval, in hundredths of a second, between the most recent Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server.
GS752TXS Smart Switch Software Administration Manual The TACACS+ protocol ensures network security through encrypted protocol exchanges between the device and TACACS+ server. The TACACS+ folder contains links to the following features: • Configuring TACACS+ on page 198 • TACACS+ Server Configuration on page 199 TACACS+ Configuration The TACACS+ Configuration page contains the TACACS+ settings for communication between the switch and the TACACS+ server you configure via the inband management port.
GS752TXS Smart Switch Software Administration Manual To display the TACACS+ Server Configuration page, click Security Management Security, and then click the TACACS+ Server Configuration link. To configure TACACS+ server settings: 1. To add a new TACACS+ server, select Add from the TACACS+ Server field, enter the IP address of the server to add, and click Apply.
GS752TXS Smart Switch Software Administration Manual 4. In the Key String field, specify the authentication and encryption key for TACACS+ communications between the GS752TXS and the TACACS+ server. This key must match the encryption used on the TACACS+ server. The valid range is 0–128 characters. 5. In the Connection Timeout field, specify the amount of time that passes before the connection between the device and the TACACS+ server times out. The field range is from 1 to 30 seconds. 6.
GS752TXS Smart Switch Software Administration Manual specified more than one method. This parameter will not appear when you first create a new login list. User authentication occurs in the order the methods are selected. Possible methods are as follows: • Local: The user's locally stored ID and password will be used for authentication. Since the local method does not time out, if you select this option as the first method, no other method will be tried, even if you have specified more than one method.
GS752TXS Smart Switch Software Administration Manual To configure the HTTP server settings: 1. Enable or disable the Web Java Mode. This applies to both secure and unsecure HTTP connections. The currently configured value is shown when the Web page is displayed. The default value is Enable. 2. In the HTTP Session Soft Timeout field, specify the number of minutes an HTTP session can be idle before a timeout occurs.
GS752TXS Smart Switch Software Administration Manual a Web interface, secure HTTP can help ensure that communication between the management system and the switch is protected from eavesdroppers and man-in-the-middle attacks. Use the Secure HTTP Configuration page to configure the settings for HTTPS communication between the management station and the switch. To display the Secure HTTP Configuration page, click Security Access, and then click the HTTPS HTTPS Configuration link.
GS752TXS Smart Switch Software Administration Manual interface. A value of zero corresponds to an infinite timeout. The default value is 5 minutes. The currently configured value is shown when the Web page is displayed. 6. In the HTTPS Session Hard Timeout (Hours) field, specify the number of hours an HTTPS session can remain active, regardless of session activity. The value must be in the range of (1–168) hours. The default value is 24 hours.
GS752TXS Smart Switch Software Administration Manual 1. From the File Type menu, select the type of SSL certificate to download, which can be one of the following: • SSL Trusted Root Certificate PEM File. SSL Trusted Root Certificate File (PEM Encoded). • SSL Server Certificate PEM File. SSL Server Certificate File (PEM Encoded). • SSL DH Weak Encryption Parameter PEM File. SSL Diffie-Hellman Weak Encryption Parameter File (PEM Encoded). • SSL DH Strong Encryption Parameter PEM File.
GS752TXS Smart Switch Software Administration Manual 1. From the Certificate Present field, a Yes or No status displays. In the Certificate Management field, select None to not display the certificates. This is the default selection. 2. Select Generate Certificates to generate the Certificate files. 3. Select Delete Certificates to delete the corresponding Certificate files, if it is present. The Certificate Generation Status field displays whether SSL certificate generation is in progress.
GS752TXS Smart Switch Software Administration Manual To configure Access Profile: 1. Enter the name of the access profile to be added in the Access Profile Name field. Maximum length is 32 characters. 2. Choose the Activate Profile check box to activate an access profile. 3. Choose the Deactivate Profile check box to deactivate an access profile. 4. Choose the Remove Profile check box to remove an access profile. The access profile should be deactivated before removing the access profile.
GS752TXS Smart Switch Software Administration Manual Access Rule Configuration Use Access Rule Configuration page to add security access rules. To access the Access Rule Configuration page, click the Security tab, then click Access, and then click the Access Control Access Rule Configuration link. To configure Access rules: 1. Select the following from the Profile Summary: • Rule Type: Choose the action to be performed when the rules selected are matched.
GS752TXS Smart Switch Software Administration Manual Port Authentication In port-based authentication mode, when 802.1X is enabled globally and on the port, successful authentication of any one supplicant attached to the port results in all users being able to use the port without restrictions. At any given time, only one supplicant is allowed to attempt authentication on a port in this mode. Ports in this mode are under bidirectional control. This is the default authentication mode. The 802.
GS752TXS Smart Switch Software Administration Manual To configure global 802.1X settings: 1. Select the radio button in the Port Based Authentication State field to enable or disable 802.1X administrative mode on the switch. • Enable. Port-based authentication is permitted on the switch. Note: If 802.1X is enabled, authentication is performed by a RADIUS server. This means the primary authentication method must be RADIUS.
GS752TXS Smart Switch Software Administration Manual To configure 802.1X settings for the port: 1. Select the check box next to the port to configure. You can also select multiple check boxes to apply the same settings to the select ports, or select the check box in the heading row to apply the same settings to all ports. 2. For the selected port(s), specify the following settings: • Port Control. Defines the port authorization state. The control mode is only set if the link status of the port is link up.
GS752TXS Smart Switch Software Administration Manual • Unauthorized: Denies the selected interface system access by moving the interface into unauthorized state. The switch cannot provide authentication services to the client through the interface. • Guest VLAN ID. This field allows the user to configure the Guest VLAN ID on the interface. The valid range is 0–4093.The default value is 0. Enter 0 to reset the Guest VLAN ID on the interface. • Guest VLAN Period.
GS752TXS Smart Switch Software Administration Manual take place between Supplicant and Authenticator.The unauthorized controlled port exerts control over communication in both directions (disabling both incoming and outgoing frames). This field is not configurable. • Protocol Version. This field displays the protocol version associated with the selected port. The only possible value is 1, corresponding to the first version of the 802.1X specification. This field is not configurable. • PAE Capabilities.
GS752TXS Smart Switch Software Administration Manual 6. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Port Summary Use the Port Summary page to view information about the port access control settings on a specific port. To access the Port Summary page, click Security Port Authentication Advanced Port Summary. The following table describes the fields on the Port Summary page.
GS752TXS Smart Switch Software Administration Manual Field Description Operating Control Mode This field indicates the control mode under which the port is actually operating. Possible values are: • ForceUnauthorized • ForceAuthorized • Auto • N/A: If the port is in detached state it cannot participate in port access control. Reauthentication Enabled Displays if reauthentication is enabled on the selected port. This is a configurable field. The possible values are true and false.
GS752TXS Smart Switch Software Administration Manual To configure MAC filter settings: 1. To configure a new MAC filter: a. Select Create Filter from the MAC Filter menu. If no filters have been configured, this is the only option available. b. From the VLAN ID menu, select the VLAN to use with the MAC address to fully identify packets you want filtered. You can change this field only when the Create Filter option is selected from the MAC Filter menu. c.
GS752TXS Smart Switch Software Administration Manual 2. To delete a configured MAC Filter, select it from the menu, and then click Delete. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. If you make changes to the page, click Apply to apply the changes to the system. MAC Filter Summary Use the MAC Filter Summary page to view the MAC filters that are configured on the system.
GS752TXS Smart Switch Software Administration Manual The switch measures the incoming broadcast/multicast/unknown unicast packet rate per port and discards packets when the rate exceeds the defined value. Storm control is enabled per interface, by defining the packet type and the rate at which the packets are transmitted. To display the Storm Control page, click Security Traffic Control, and then click the Storm Control link. To configure storm control settings: 1.
GS752TXS Smart Switch Software Administration Manual 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 6. If you make changes to the page, click Apply to apply the changes to the system. Port Security Configuration Use the Port Security feature to lock one or more ports on the system. When a port is locked, only packets with an allowable source MAC addresses can be forwarded. All other packets are discarded.
GS752TXS Smart Switch Software Administration Manual The Port Security Violation table shows information about violations that occurred on ports that are enabled for port security. The following table describes the fields in the Port Security Violation table. Field Description Port Identifies the port where a violation occurred. Last Violation MAC Displays the source MAC address of the last packet that was discarded at a locked port.
GS752TXS Smart Switch Software Administration Manual To configure port security settings: 1. To configure port security settings for a physical port, click PORTS. 2. To configure port security settings for a Link Aggregation Group (LAG), click LAGS. 3. To configure port security settings for both physical ports and LAGs, click ALL. 4. Select the check box next to the port or LAG to configure. Select multiple check boxes to apply the same setting to all selected interfaces.
GS752TXS Smart Switch Software Administration Manual To display the Security MAC Address page, click Security Traffic Control, and then click the Port Security Security MAC Address link. To convert learned MAC addresses: 1. Select the Convert Dynamic Address to Static check box. 2. Click Apply. The Dynamic MAC Address entries are converted to Static MAC address entries in a numerically ascending order until the Static limit is reached.
GS752TXS Smart Switch Software Administration Manual To configure protected ports: 1. Click the orange bar to display the available ports. 2. Click the box below each port to configure as a protected port. Protected ports are marked with a √. No traffic forwarding is possible between two protected ports. 3. Click Refresh to refresh the page with the most current data from the switch. 4.
GS752TXS Smart Switch Software Administration Manual • • MAC Binding Configuration on page 229 • MAC Binding Table on page 231 Advanced • IP ACL on page 232 • IP Rules on page 233 • IP Extended Rules on page 235 • IPv6 ACL on page 238 • IPv6 Rules on page 239 • IP Binding Configuration on page 242 • IP Binding Table on page 244 • VLAN Binding Table on page 245 ACL Wizard ACL Wizard helps you to create a simple ACL and apply to the selected ports easily and quickly.
GS752TXS Smart Switch Software Administration Manual • ACL Based on Source MAC - Use this to create a ACL based on the source MAC address, source MAC mask and VLAN. • ACL Based on Destination IPv4 - Use this to create a ACL based on the destination IPv4 address and IPv4 address mask. • ACL Based on Source IPv4 - Use this to create a ACL based on the source IPv4 address and IPv4 address mask.
GS752TXS Smart Switch Software Administration Manual 13. To send the updated configuration to the switch, click Apply. Configuration changes take effect immediately MAC ACL A MAC ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match. There are multiple steps involved in defining a MAC ACL and applying it to the switch: 1.
GS752TXS Smart Switch Software Administration Manual • Direction. Displays the direction of packet traffic affected by the MAC ACL, which can be Inbound or blank. 2. To delete a MAC ACL, select the check box next to the Name field, then click Delete. 3. To change the name of a MAC ACL, select the check box next to the Name field, update the name, then click Apply. 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
GS752TXS Smart Switch Software Administration Manual • CoS. Requires a packet’s class of service (CoS) to match the CoS value listed here. Enter a CoS value between 0–7 to apply this criteria. • Destination MAC. Requires an Ethernet frame’s destination port MAC address to match the address listed here. Enter a MAC address in this field. The valid format is xx:xx:xx:xx:xx:xx. • Destination MAC Mask. If desired, enter the MAC Mask associated with the Destination MAC to match.
GS752TXS Smart Switch Software Administration Manual To configure MAC ACL interface bindings: 1. Select an existing MAC ACL from the ACL ID menu. The packet filtering direction for ACL is Inbound, which means the MAC ACL rules are applied to traffic entering the port. 2. Specify an optional sequence number to indicate the order of this access list relative to other access lists already assigned to this interface and direction. A low number indicates high precedence order.
GS752TXS Smart Switch Software Administration Manual MAC Binding Table Use the MAC Binding Table page to view or delete the MAC ACL bindings. To display the MAC Binding Table, click Security ACL, then click the Basic Binding Table link. The following table describes the information displayed in the MAC Binding Table. Field Description Interface Displays the interface to which the MAC ACL is bound. Direction Specifies the packet filtering direction for ACL.
GS752TXS Smart Switch Software Administration Manual IP ACL IP ACLs allow network managers to define classification actions and rules for specific ingress ports. Packets can be filtered on ingress (inbound) ports only. If the filter rules match, then some actions can be taken, including dropping the packet or disabling the port. For example, a network administrator defines an ACL rule that says port number 20 can receive TCP packets. However, if a UDP packet is received the packet is dropped.
GS752TXS Smart Switch Software Administration Manual • Rules. Displays the number of rules currently configured for the IP ACL. • Type. Identifies the ACL as either a standard or extended IP ACL. 2. To delete an IP ACL, select the check box next to the IP ACL ID field, then click Delete. 3. To change the name of an IP ACL, select the check box next to the IP ACL ID field, update the name, then click Apply. 4.
GS752TXS Smart Switch Software Administration Manual 2. Configure the new rule. • Rule ID. Specify a number from 1–10 to identify the IP ACL rule. You can create up to 10 rules for each ACL. • Action. Selects the ACL forwarding action, which is one of the following: • Permit. Forwards packets which meet the ACL criteria. • Deny. Drops packets which meet the ACL criteria. • Egress Queue. Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule.
GS752TXS Smart Switch Software Administration Manual example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, enter 0.0.0.255 in the Source IP Mask field. This field is required when you configure a source IP address. 3. To delete an IP ACL rule, select the check box associated with the rule, and then click Delete. 4. To update an IP ACL rule, select the check box associated with the rule, update the desired fields, and then click Apply. You cannot modify the Rule ID of an existing IP rule. 5.
GS752TXS Smart Switch Software Administration Manual To configure rules for an IP ACL: 1. To add an IP ACL rule, select the ACL ID to add the rule to, select the check box in the Extended ACL Rule table, and click Add. The page displays the extended ACL Rule Configuration fields. 2. Configure the new rule. • Rule ID. Specify a number from 1–10 to identify the IP ACL rule. You can create up to 10 rules for each ACL.
GS752TXS Smart Switch Software Administration Manual • Action. Selects the ACL forwarding action, which is one of the following: • Permit. Forwards packets which meet the ACL criteria. • Deny. Drops packets which meet the ACL criteria. • Egress Queue. Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Enter an identifying number from 0–7 in the appropriate field. • Match Every. Requires a packet to match the criteria of this ACL.
GS752TXS Smart Switch Software Administration Manual • • Destination L4 Port Number: If the destination L4 keyword is Other, enter a user-defined Port ID by which packets are matched to the rule. Service Type. Choose one of the Service Type match conditions for the extended IP ACL rule. The possible values are IP DSCP, IP precedence, and IP TOS, which are alternative ways of specifying a match criterion for the same Service Type field in the IP header, however each uses a different user notation.
GS752TXS Smart Switch Software Administration Manual The current number of the IP ACLs configured on the switch is displayed in the Current Number of ACL area. The maximum number of IP ACL that can be configured on the switch is displayed in the Maximum ACL field, depending on the hardware. The name of IPv6 ACL can be configured in IPv6 ACL field. The number of the rules associated with the IP ACL is displayed in the Rules field. The ACL type is IPv6 ACL and displayed in the Type field. 1.
GS752TXS Smart Switch Software Administration Manual To configure the IPv6 rules, select the following: 1. To add an IPv6 rule, use the pull-down list in the ACL Name field to select the IP ACL for which to create or update a rule. Complete the fields described in the following list, and click Add. 2. Configure the new rule. • Rule ID: Enter a whole number in the range of 1 to 10 that will be used to identify the rule. An IPv6 ACL may have up to 10 rules.
GS752TXS Smart Switch Software Administration Manual • Logging: When set to Enable, logging is enabled for this ACL rule (subject to resource availability in the device). If the Access List Trap Flag is also enabled, then this causes periodic traps to be generated indicating the number of times this rule was hit during the current report interval. A fixed 5-minute report interval is used for the entire system. A trap is not issued if the ACL rule hit count is zero for the current interval.
GS752TXS Smart Switch Software Administration Manual • Destination L4 Port: Specify a packet's destination layer 4 port as a match condition for the selected IPv6 ACL rule. Destination port information is optional. Destination port information can be specified in two ways: • Select keyword “other” from the drop-down menu and specify the number of the port in the range from 0 to 65535. • Select one of the keyword from the list: DOMAIN, ECHO, FTP, FTPDATA, HTTP, SMTP, SNMP, TELNET, TFTP, and WWW.
GS752TXS Smart Switch Software Administration Manual To configure IP ACL interface bindings: 1. Select an existing IP ACL from the ACL ID menu. The packet filtering direction for ACL is Inbound, which means the IP ACL rules are applied to traffic entering the port. 2. Specify an optional sequence number to indicate the order of this access list relative to other access lists already assigned to this interface and direction. A low number indicates high precedence order.
GS752TXS Smart Switch Software Administration Manual IP Binding Table Use the IP Binding Table page to view or delete the IP ACL bindings. To display the IP Binding Table, click Security ACL, then click the Advanced Binding Table link. The following table describes the information displayed in the MAC Binding Table. Field Description Interface Displays the interface to which the IP ACL is bound. Direction Specifies the packet filtering direction for ACL.
GS752TXS Smart Switch Software Administration Manual VLAN Binding Table To display the VLAN Binding Table page, click Security ACL, then click the Advanced Vlan Binding Table link. In the ACL Binding area, enter the values in the following fields: 1. In the VLAN ID field, specify a VLAN ID for ACL mapping. 2. In the Direction field, specify the direction of packet traffic affected by the MAC ACL, which can be Inbound or blank. 3.
GS752TXS Smart Switch Software Administration Manual 246 | Chapter 7: Managing Device Security
8. Monitoring the System 8 Use the features available from the Monitoring tab to view a variety of information about the switch and its ports and to configure how the switch monitors events. The Monitoring tab contains links to the following features: • Ports on page 247 • System Logs on page 260 • Port Mirroring on page 268 Ports The pages available from the Ports link contain a variety of information about the number and type of traffic transmitted from and received on the switch.
GS752TXS Smart Switch Software Administration Manual The following table describes the Switch Statistics displayed on the screen. Field Description ifIndex This object indicates the ifIndex of the interface table entry associated with the processor of this switch. Octets Received The total number of octets of data received by the processor (excluding framing bits, but including FCS octets).
GS752TXS Smart Switch Software Administration Manual Field Description Receive Packets Discarded The number of inbound packets which were chosen to be discarded, even though no errors had been detected, in order to prevent their being delivered to a higher layer protocol. A possible reason for discarding a packet could be to free up buffer space. Octets Transmitted The total number of octets transmitted out of the interface, including framing characters.
GS752TXS Smart Switch Software Administration Manual Port Statistics The Port Statistics page displays a summary of per-port traffic statistics on the switch. To access the Port Summary page, click Monitoring Ports tab, and then click the Port Statistics link. The following table describes the per-port statistics displayed on the screen. Field Description Interface Lists the ports on the system. Total Packets Received Without Errors The total number of packets received that were without errors.
GS752TXS Smart Switch Software Administration Manual Use the buttons at the bottom of the page to perform the following actions: • To clear all the counters for all ports on the switch, select the check box in the row heading and click Clear. The button resets all statistics for all ports to default values. • To clear the counters for a specific port, select the check box associated with the port and click Clear.
GS752TXS Smart Switch Software Administration Manual Field Description Port Type For most ports this field is blank. Otherwise the possible values are: • Mirrored: Indicates that the port has been configured as a monitoring port and is the source port in a port mirroring session. For additional information about port monitoring and probe ports, see Multiple Port Mirroring on page 268.
GS752TXS Smart Switch Software Administration Manual Field Description Link Trap This object determines whether or not to send a trap when link status changes. The factory default is Enable. • Enable: Specifies that the system sends a trap when the link status changes. • Disable: Specifies that the system does not send a trap when the link status changes.
GS752TXS Smart Switch Software Administration Manual Field Description Packets Received 512-1023 Octets The total number of packets (including bad packets) received that were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 1024-1518 Octets The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets).
GS752TXS Smart Switch Software Administration Manual Field Description Local Traffic Frames The total number of frames dropped in the forwarding process because the destination address was located off of this port. 802.3x Pause Frames Received A count of MAC Control frames received on this interface with an opcode indicating the PAUSE operation. This counter does not increment when the interface is operating in half-duplex mode.
GS752TXS Smart Switch Software Administration Manual Field Description Packets Transmitted 1519-1522 Octets The total number of packets (including bad packets) transmitted that were between 1519 and 1522 octets in length inclusive (excluding framing bits but including FCS octets). Total Packets Transmitted Successfully The number of frames that have been transmitted by this port to its segment.
GS752TXS Smart Switch Software Administration Manual Field Description 802.3x Pause Frames Transmitted A count of MAC Control frames transmitted on this interface with an opcode indicating the PAUSE operation. This counter does not increment when the interface is operating in half-duplex mode. EAPOL Frames Received The number of valid EAPOL frames of any type that have been received by this authenticator.
GS752TXS Smart Switch Software Administration Manual Field Description Ports Specifies the interface which is polled for statistics. Frames Received Displays the number of valid EAPOL frames received on the port. Frames Transmitted Displays the number of EAPOL frames transmitted through the port. Start Frames Received Displays the number of EAPOL Start frames received on the port. Logoff Frames Received Displays the number of EAPOL Log off frames that have been received on the port.
GS752TXS Smart Switch Software Administration Manual The following table describes the cable information displayed on the screen. Field Description Interface Specifies the interface that has the connected cable. Cable Status Displays the cable status. • Normal: the cable is working correctly. • Open: the cable is disconnected or there is a faulty connector. • Short: there is an electrical short in the cable. • Cable Test Failed: The cable status could not be determined.
GS752TXS Smart Switch Software Administration Manual System Logs The switch may generate messages in response to events, faults, or errors occurring on the platform as well as changes in configuration or other occurrences. These messages are stored locally and can be forwarded to one or more centralized points of collection for monitoring purposes or long term archival storage.
GS752TXS Smart Switch Software Administration Manual • Disable: Prevents the system from logging messages. 2. From the Behavior menu, specify the behavior of the log when it is full. • Wrap: When the buffer is full, the oldest log messages are deleted as the system logs new messages. • Stop on Full: When the buffer is full, the system stops logging new messages and preserves all existing log messages. 3.
GS752TXS Smart Switch Software Administration Manual FLASH Log Configuration The FLASH log is a log that is stored in persistent storage, which means that the log messages are retained across a switch reboot. • The first log type is the system startup log. The system startup log stores the first N messages received after system reboot. This log always has the log full operation attribute set to stop on full and can store up to 32 messages. • The second log type is the system operation log.
GS752TXS Smart Switch Software Administration Manual Error, the logged messages include Error, Critical, Alert, and Emergency. The default severity level is Alert (1). The severity can be one of the following levels: • Emergency (0): The highest level warning level. If the device is down or not functioning properly, an emergency log is saved to the device. • Alert (1): The second highest warning level. An alert log is saved if there is a serious device malfunction, such as all device features being down.
GS752TXS Smart Switch Software Administration Manual To configure local log server settings: 1. Use the radio buttons in the Admin Status field to determine whether to send log messages to the remote syslog hosts configured on the switch. • Enable: Messages will be sent to all configured hosts (syslog collectors or relays) using the values configured for each host. • Disable: Stops logging to all syslog hosts. Disable means no messages will be sent to any collector/relay. 2.
GS752TXS Smart Switch Software Administration Manual Alert, and Emergency. The default severity level is Alert (1). The severity can be one of the following levels: • Emergency (0): The highest level warning level. If the device is down or not functioning properly, an emergency log is saved to the device. • Alert (1): The second highest warning level. An alert log is saved if there is a serious device malfunction, such as all device features being down. • Critical (2): The third highest warning level.
GS752TXS Smart Switch Software Administration Manual The following table describes the Trap Log information displayed on the screen. Field Description Number of Traps Since The number of traps that have occurred since the switch last reboot. Last Reset Trap Log Capacity The maximum number of traps stored in the log. If the number of traps exceeds the capacity, the entries will overwrite the oldest entries.
GS752TXS Smart Switch Software Administration Manual Event Logs Use the Event Log page to display the event log, which is used to hold error messages for catastrophic events. After the event is logged and the updated log is saved in flash memory, the switch will be reset. The log can hold at least 2,000 entries and is erased when an attempt is made to add an entry after it is full. The event log is preserved across system resets.
GS752TXS Smart Switch Software Administration Manual Use the buttons at the bottom of the page to perform the following actions: • Click Clear to clear the messages out of the Event Log. • Click Refresh to refresh the data on the screen and display the most current information. Port Mirroring The page under the Mirroring link allows you to view and configure port mirroring on the system. Multiple Port Mirroring Port mirroring selects the network traffic for analysis by a network analyzer.
GS752TXS Smart Switch Software Administration Manual To access the Multiple Port Mirroring page, click Monitoring Port Mirroring. To configure Port Mirroring: 1. Select the check box next to a port to configure it as a source port. 2. In the Destination Port field, specify the port to which port traffic is be copied. Use the g1, g2,...format to specify the port. You can configure only one destination port on the system. 3.
9. Maintenance 9 Use the features available from the Maintenance tab to help you manage the switch.
GS752TXS Smart Switch Software Administration Manual To reboot the switch: 8. Select the check box on the page. 9. Click Apply. The switch resets immediately. The management interface is not available until the switch completes the boot cycle. After the switch resets, the login screen appears. Factory Default Use the Factory Default page to reset the system configuration to the factory default values. Note: If you reset the switch to the default configuration, the IP address is reset to 192.168.0.
GS752TXS Smart Switch Software Administration Manual To reset the switch to the factory default settings: 1. Select the check box on the page. 2. Click Apply. The switch resets immediately. Upload File From the Switch The switch supports system file uploads from the switch to a remote system by using either TFTP or HTTP.
GS752TXS Smart Switch Software Administration Manual To upload a file from the switch to the TFTP server: 1. Use the File Type menu to specify the type of file you want to upload: • Archive - Specify archive (STK) code when you want to retrieve from the operational flash. • Text Configuration - Specify text configuration when you want to retrieve the stored text configuration. • Error Log - Specify error log to retrieve the system error (persistent) log, sometimes referred to as the event log.
GS752TXS Smart Switch Software Administration Manual 7. In the Transfer File Name field, specify a destination file name for the file to upload. You may enter up to 32 characters. The transfer fails if you do not specify a file name. For a code transfer, use an .stk file extension. 8. Select the Start File Transfer check box to initiate the file upload. 9. Click Apply to begin the file transfer. The last row of the table displays information about the progress of the file transfer.
GS752TXS Smart Switch Software Administration Manual 2. If you are uploading an GS752TXS image (Code), select the image on the switch to upload to the management system. This field is visible only when Code is selected as the File Type. 3. Click Apply. A window appears to allow you to open the text file on the management system or to save the image or text file to the management system. 4. Click Cancel to cancel the operation on the screen and reset the data on the screen to the latest value of the switch.
GS752TXS Smart Switch Software Administration Manual • The file to download from the TFTP server is on the server in the appropriate directory. • The file is in the correct format. • The switch has a path to the TFTP server. To download a file to the switch from a TFTP server: 1. From the File Type menu, Specify what type of file you want to download to the switch: • Archive: The archive is the system software image, which is saved in one of two flash sectors called images (image1 and image2).
GS752TXS Smart Switch Software Administration Manual name with a space is not accepted. Leave this field blank to save the file to the root TFTP directory. 6. In the Remote File Name field, specify the name of the file to download from the TFTP server. You may enter up to 32 characters. A file name with a space is not accepted. 7. Select the Start File Transfer check box to initiate the file upload. 8.
GS752TXS Smart Switch Software Administration Manual • Text Configuration: A text-based configuration file enables you to edit a configured text file (startup-config) offline as needed without having to translate the contents for the switch to understand.
GS752TXS Smart Switch Software Administration Manual • Copy on page 280 Copy You can use the Copy page to view information about the system images on the device. To display the Dual Image Status page, click Maintenance > File Management > Copy. 1. Select the source image. The Source Image field displays the name of the active image. 2. Select the Source Image Select the destination unit to which you are going to copy from the master. 3.
GS752TXS Smart Switch Software Administration Manual Field Description Stack Member Select the destination unit to which you are going to copy from master. Destination Image Select image1 or image2 as the destination image. For information about how to update or change the system images, see File Management on page 279. Dual Image Configuration The system running a legacy software version will ignore (not load) a configuration file created by the newer software version.
GS752TXS Smart Switch Software Administration Manual 4. To set the selected image as the active image, select the Active Image check box. Note: After activating an image, you must perform a system reset of the switch to run the new code. 5. To remove the selected image from permanent storage on the switch, select the Delete Image check box. You cannot delete the active image. 6. Click Cancel to cancel the operation on the screen and reset the data on the screen to the latest value of the switch. 7.
GS752TXS Smart Switch Software Administration Manual • Current-active - This displays the currently active image on this unit. • Next-active - This displays the image to be used on the next restart of this unit. • Image1 Description - This displays the description associated with the image1 code file. • Image2 Description - This displays the description associated with the image2 code file. Click Refresh to refresh the screen with most recent data.
GS752TXS Smart Switch Software Administration Manual 2. Optionally, configure the following settings: • In the Count field, specify the number of pings to send. The valid range is 1–15. • In the Interval (secs) field, specify the number of seconds between pings sent. The valid range is 1–60. • In the Size field, specify the size of the ping (ICMP) packet to send. The valid range is 0–65507. • The Ping field displays the result after the switch send a Ping request to the specified address. 3.
GS752TXS Smart Switch Software Administration Manual 1. In the Ping field, select either Global or Link Global to select either the global IPv6 Address/Hostname or Link Local Address to ping. 2. Optionally, configure the following settings: • In the IPv6 Address/Host Name field, enter the IPv6 address or Hostname of the station you want the switch to ping. The initial value is blank. The IPv6 Address or Hostname you enter is not retained across a power cycle. • In the Datagram Size.
GS752TXS Smart Switch Software Administration Manual 1. In the Hostname/IP Address field, specify the IP address or the hostname of the station you want the switch to ping. The initial value is blank. This information is not retained across a power cycle. 2. Optionally, configure the following settings: • Probes Per Hop. Specify the number of times each hop should be probed. The valid range is 1–10. • MaxTTL. Specify the maximum time-to-live for a packet in number of hops. The valid range is 1–255.
10. Help 10 Use the features available from the Help tab to connect to online resources for assistance. The Help tab contains a link to Online Help . Online Help The Online Help includes the following pages: • Support on page 287 • User Guide on page 288 Support Use the Support page to connect to the Online Support site at netgear.com. To access the Support page, click Help Support. To connect to the NETGEAR support site for the GS752TXS, click Apply.
GS752TXS Smart Switch Software Administration Manual User Guide Use the User Guide page to access the GS752TXS Smart Switch Software Administration Manual (the guide you are now reading) that is available on the NETGEAR Website. To access the User Guide page, click Help User Guide. To access to the User Guide that is available online, click Apply.
A. Hardware Specifications and Default Values A GS752TXS Smart Switch Specifications The GS752TXS Smart Switch conforms to the TCP/IP, UDP, HTTP, ICMP, TFTP, DHCP, IEEE 802.1D, IEEE 802.1p, and IEEE 802.1Q standards. Feature Value Interfaces 48 10/100/1000 Mbps switching ports 4-10 Gbps SFP+ slots (port 49~52) to support 10 Gbps optical module and 1G optical module Port 51 and port 52 can be used as the stacking ports or as uplink ports.
GS752TXS Smart Switch Software Administration Manual GS752TXS Switch Features and Defaults Feature Sets Supported Default Auto negotiation/static speed/duplex All ports Auto negotiation Auto MDI/MDIX N/A Enabled 802.3x flow control/back pressure 1 (per system) Disabled Port mirroring 1 Disabled Port trunking (aggregation) 8 Pre-configured 802.1D spanning tree 1 Disabled 802.1w RSTP 1 Disabled 802.1s spanning tree 3 instances Disabled Static 802.
GS752TXS Smart Switch Software Administration Manual Feature Sets Supported Default 802.1X All ports Disabled MAC ACL 100 (shared with IP and IPv6 ACLs) All MAC addresses allowed IP ACL 100 (shared with MAC and IPv6 ACLs) All IP addresses allowed IPv6 ACL 100 (shared with IP ACL and MAC All IP addresses allowed ACL) Password control access 1 Idle timeout = 5 mins.
GS752TXS Smart Switch Software Administration Manual Feature Sets Supported Default MIB support 1 Disabled Smart Control Center N/A Enabled Statistics N/A N/A Feature Sets Supported Default IGMP snooping v1/v2/v3 All ports Disabled Configurations upload/download 1 N/A EAPoL flooding All ports Disabled BPDU flooding All ports Disabled Static multicast groups 8 Disabled Filter multicast control 1 Disabled Number of static routes 32 N/A Number of routed VLANs 15 N/A Numb
B. Configuration Examples B This chapter contains information about how to configure the following features: • Virtual Local Area Networks (VLANs) on page 293 • Access Control Lists (ACLs) on page 295 • Differentiated Services (DiffServ) on page 298 • 802.1X on page 302 • MSTP on page 305 • Configuring VLAN Routing with Static Route on page 309 Virtual Local Area Networks (VLANs) A local area network (LAN) can generally be defined as a broadcast domain.
GS752TXS Smart Switch Software Administration Manual • They are easy to manage. The addition of nodes, as well as moves and other changes, can be dealt with quickly and conveniently from a management interface rather than from the wiring closet. • They provide increased performance. VLANs free up bandwidth by limiting node-to-node and broadcast traffic throughout the network. • They ensure enhanced network security. VLANs create virtual boundaries that can be crossed only through a router.
GS752TXS Smart Switch Software Administration Manual • • For the VLAN with VLAN ID 10, specify the following members: port 1 (U), port 2 (U), and port 3 (T). For the VLAN with VLAN ID 20, specify the following members: port 4 (U), port 5 (T), and port 6 (U). 3. In the Port PVID Configuration screen (see Port VLAN ID Configuration on page 100), specify the PVID for ports g1 and g4 so that packets entering these ports are tagged with the port VLAN ID: • Port g1: PVID 10 • Port g4: PVID 20 4.
GS752TXS Smart Switch Software Administration Manual criteria to a particular queue or redirect the traffic to a particular port. A default deny all rule is the last rule of every list. 2. Apply the access list to an interface in the inbound direction. The GS752TXS Smart Switch allows ACLs to be bound to physical ports and LAGs.The switch software supports MAC ACLs and IP ACLs.
GS752TXS Smart Switch Software Administration Manual You can assign an optional sequence number to indicate the order of this access list relative to other access lists if any are already assigned to this interface and direction. 4. The MAC Binding Table displays the interface and MAC ACL binding information (See MAC Binding Table on page 231). The ACL named Sales_ACL looks for Ethernet frames with destination and source MAC addresses and MAC masks defined in the rule.
GS752TXS Smart Switch Software Administration Manual • Assign Queue ID: 0 (optional: 0 is the default value) • Match Every: False • Source IP Address: 192.168.187.0 • Source IP Mask: 255.255.255.0 For additional information about IP ACL rules, see IP Rules on page 233. 3. Click Add. 4. From the IP Rules screen, create a second rule for IP ACL 1 with the following settings: • Rule ID: 2 • Action: Permit • Match Every: True 5. Click Add. 6.
GS752TXS Smart Switch Software Administration Manual • Integrated Services: network resources are apportioned based on request and are reserved (resource reservation) according to network management policy (RSVP, for example). • Differentiated Services: network resources are apportioned based on traffic classification and priority, giving preferential treatment to data with strict timing requirements. The GS752TXS Smart Switch supports DiffServ.
GS752TXS Smart Switch Software Administration Manual You can combine these classifiers with logical AND or OR operations to build complex MF-classifiers (by specifying a class type of all or any, respectively). That is, within a single class, multiple match criteria are grouped together as an AND expression or a sequential OR expression, depending on the defined class type. Only classes of the same type can be nested; class nesting does not allow for the negation (i.e.
GS752TXS Smart Switch Software Administration Manual • mark cos: the 802.1p user priority bits are (re)marked and forwarded • mark dscp: the packet DSCP is (re)marked and forwarded • mark prec: the packet IP Precedence is (re)marked and forwarded • send: the packet is forwarded without DiffServ modification Color Mode Awareness: Policing in the DiffServ feature uses either color blind or color aware mode. Color blind mode ignores the coloration (marking) of the incoming packet.
GS752TXS Smart Switch Software Administration Manual 4. Click Apply. 5. From the Policy Configuration screen, create a new policy with the following settings: • Policy Selector: Policy1 • Member Class: Class1 For more information about this screen, see Policy Configuration on page 184. 6. Click Add to add the new policy. 7. Click the Policy1 hyperlink to view the Policy Class Configuration screen for this policy. 8.
GS752TXS Smart Switch Software Administration Manual to a LAN port that has point-to-point connection characteristics and of preventing access to that port in cases in which the authentication and authorization process fails. In this context, a port is a single point of attachment to the LAN, such as ports of MAC bridges and associations between stations or access points in IEEE 802.11 Wireless LANs. The IEEE 802.
GS752TXS Smart Switch Software Administration Manual responsible for submitting the information received from the Supplicant to the Authentication Server in order for the credentials to be checked, which will determine the authorization state of the Port. The Authenticator PAE controls the authorized/unauthorized state of the controlled Port depending on the outcome of the RADIUS-based authentication process. Supplicant Authenticator Switch Authentication Server (RADIUS) 192.168.10.23 Supplicant 802.
GS752TXS Smart Switch Software Administration Manual 6. From the RADIUS Server Configuration screen, configure a RADIUS server with the following settings: • Server Address: 192.168.10.23 • Secret Configured: Yes • Secret: secret123 • Active: Primary For more information, see RADIUS Configuration on page 192. 7. Click Add. 8. From the Authentication List screen, configure the default List to use RADIUS as the first authentication method (See Authentication List Configuration on page 201).
GS752TXS Smart Switch Software Administration Manual MSTP ensures that frames with a given VLAN ID are assigned to one and only one of the MSTIs or the IST within the Region, that the assignment is consistent among all the networking devices in the Region and that the stable connectivity of each MSTI and IST at the boundary of the Region matches that of the CST.
GS752TXS Smart Switch Software Administration Manual kind outside the Region, in other words connectivity within the region is independent of external connectivity. MSTP Example Configuration This example shows how to create an MSTP instance from the GS752TXS switch. The example network has three different GS752TXS switches that serve different locations in the network. In this example, ports g1–g5 are connected to host stations, so those links are not subject to network loops.
GS752TXS Smart Switch Software Administration Manual Note: Bridge priority values are multiples of 4096. If you do not specify a root bridge and all switches have the same Bridge Priority value, the switch with the lowest MAC address is elected as the root bridge (see CST Configuration on page 112). 5. From the CST Port Configuration screen, select ports g1–g8 and select Enable from the STP Status menu (see CST Port Configuration on page 114). 6. Click Apply. 7.
GS752TXS Smart Switch Software Administration Manual Configuring VLAN Routing with Static Route VLAN Routing Overview VLANs divide broadcast domains in a LAN environment. Whenever hosts in one VLAN need to communicate with hosts in another VLAN, the traffic must be routed between them. This is known as inter-VLAN routing. On Netgear GS752TXS switches it is accomplished by creating Layer 3 interfaces (Switch virtual interfaces (SVI)).
C. Notification of Compliance NETGEAR Wired Products C Certificate of the Manufacturer/Importer It is hereby certified that the ProSafe™ GS752TXS Smart Switch has been suppressed in accordance with the conditions set out in the BMPT-AmtsblVfg 243/1991 and Vfg 46/1992. The operation of some equipment (for example, test transmitters) in accordance with the regulations may, however, be subject to certain restrictions. Please refer to the notes in the operating instructions.
GS752TXS Smart Switch Software Administration Manual Europe – EU Declaration of Conformity Marking by the above symbol indicates compliance with the Essential Requirements of the R&TTE Directive of the European Union (1999/5/EC). This equipment meets the following conformance standards: EN300 328, EN301 489-17, EN60950 For complete DoC please visit the NETGEAR EU Declarations of Conformity website at: http://kb.netgear.
GS752TXS Smart Switch Software Administration Manual EDOC in Languages of the European Community Nederlands [Dutch] Hierbij verklaart NETGEAR Inc. dat het toestel Radiolan in overeenstemming is met de essentiële eisen en de andere relevante bepalingen van richtlijn 1999/5/EG. Malti [Maltese] Hawnhekk, NETGEAR Inc., jiddikjara li dan Radiolan jikkonforma mal-htigijiet essenzjali u ma provvedimenti ohrajn relevanti li hemm fid-Dirrettiva 1999/5/EC. Magyar [Hungarian] Alulírott, NETGEAR Inc.
GS752TXS Smart Switch Software Administration Manual • This device must accept any interference received, including interference that may cause undesired operation. FCC Radio Frequency Interference Warnings & Instructions This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Index Numerics 802.1X 193, 210 example configuration 302 A access control ACL example configuration 295 ACLs 224 management interface 202 ARP Cache 163 configuring 163 Entry configuration 166 Entry Management 168 Global ARP configuration 165 authentication 802.1X 210, 303 enable 30 list 201 port-based 210 RADIUS 192, 195 SNMP 30, 62, 63 TACACS+ 198 Auto-VoIP Configuration 108 B Binding Configuration 77 C certificate 205 changing the password 19, 191 Configuration 802.
GS752TXS Smart Switch Software Administration Manual DiffServ 178 DNS 50 DoS 46 download a file 276 files via HTTP 276 from a remote system 276 software 276 Dual Image Status 280 E EAP 257, 258 EAPOL 258 F file management 279 firmware 22 firmware download 276 G getting started 10 Green Ethernet 53, 54, 55, 58 guest VLAN configuration 304 H help, HTML-based 27 HTTP 202 management interface access 18 secure 202 using to download files 275, 278 HTTPS 203 I IEEE 802.11x 303 IEEE 802.1AB 64 IEEE 802.
GS752TXS Smart Switch Software Administration Manual OUI 107 password change 19, 191 login 191 Persistent Configuration 79 Ping 283 port authentication 210 summary 215 server configuration 44 server status 45 SSL 203 Statistics 79 storm control 219 STP 109 example configuration 305 Status 110 Stratum 0 41 1 41 2 41 Q T QoS 171 802.
GS752TXS Smart Switch Software Administration Manual voice 105 Voice VLAN OUI 107 VoIP 108 W Web interface panel 25 318 | Index
