IGS-6325-Series User Manual
Table Of Contents
- 1. INTRODUCTION
- 2. INSTALLATION
- 3. SWITCH MANAGEMENT
- 4. WEB CONFIGURATION
- 4.1 Main Web page
- 4.2 System
- 4.2.1 Management
- 4.2.1.1 System Information
- 4.2.1.2 IP Configuration
- 4.2.1.3 IP Status
- 4.2.1.4 Users Configuration
- 4.2.1.5 Privilege Levels
- 4.2.1.6 NTP Configuration
- 4.2.1.6.1 System Time Correction Manually
- 4.2.1.7 Time Configuration
- 4.2.1.8 UPnP
- 4.2.1.9 DHCP Relay
- 4.2.1.10 DHCP Relay Statistics
- 4.2.1.11 CPU Load
- 4.2.1.12 System Log
- 4.2.1.13 Detailed Log
- 4.2.1.14 Remote Syslog
- 4.2.1.15 SMTP Configuration
- 4.2.1.16 Fault Alarm
- 4.2.1.17 Digital Input/Output
- 4.2.2 Simple Network Management Protocol
- 4.2.3 RMON
- 4.2.4 DHCP server
- 4.2.5 Industrial Protocol
- 4.2.1 Management
- 4.3 Switching
- 4.3.1 Port Management
- 4.3.2 Link Aggregation
- 4.3.3 VLAN
- 4.3.3.1 VLAN Overview
- 4.3.3.2 IEEE 802.1Q VLAN
- 4.3.3.3 VLAN Port Configuration
- 4.3.3.4 VLAN Membership Status
- 4.3.3.5 VLAN Port Status
- 4.3.3.6 Private VLAN
- 4.3.3.7 Port Isolation
- 4.3.3.8 VLAN setting example:
- 4.3.3.8.1 Two Separate 802.1Q VLANs
- 4.3.3.8.2 VLAN Trunking between two 802.1Q aware switches
- 4.3.3.8.3 Port Isolate
- 4.3.3.9 MAC-based VLAN
- 4.3.3.10 IP Subnet-based VLAN Membership Configuration
- 4.3.3.11 Protocol-based VLAN
- 4.3.3.12 Protocol-based VLAN Membership
- 4.3.4 Spanning Tree Protocol
- 4.3.5 Multicast
- 4.3.6 MLD Snooping
- 4.3.7 MVR (Multicast VLAN Registration)
- 4.3.8 LLDP
- 4.3.9 MAC Address Table
- 4.3.10 Loop Protection
- 4.3.11 UDLD
- 4.3.12 GVRP
- 4.3.13 PTP
- 4.3.14 Link OAM
- 4.4 Quality of Service
- 4.5 Security
- 4.6 Ring
- 4.7 Maintenance
- 4.8 Power over Ethernet
- 4.9 ONVIF
- 4.10 Routing
- 4.10.1 IP Configuration
- 4.10.2 IP Status
- 4.10.3 Routing Information Base
- 4.10.4 OSPF
- 4.10.4.1 Global Configuration
- 4.10.4.2 Network Area
- 4.10.4.3 Passive Interface
- 4.10.4.4 Stub Area
- 4.10.4.5 Area Authentication
- 4.10.4.6 Area Range
- 4.10.4.7 Interface Configuration
- 4.10.4.8 Virtual Link
- 4.10.4.9 Global Status
- 4.10.4.10 Area Status
- 4.10.4.11 Neighbor Status
- 4.10.4.12 Interface Status
- 4.10.4.13 Configuration Example of OSPFv4
- 5. SWITCH OPERATION
- 6. TROUBLESHOOTING
- APPENDIX A: Networking Connection
- APPENDIX B : GLOSSARY
User’s Manual of IGS-6325 series
342
• Hold Time
This setting applies to the following modes, i.e. modes using the Port Security
functionality to secure MAC addresses:
■ Single 802.1X
■ Multi 802.1X
■ MAC-Based Auth.
If a client is denied access, either because the RADIUS server denies the client
access or because the RADIUS server request times out (according to the
timeout specified on the "Configuration→Security→AAA" page), the client is put
on hold in the Unauthorized state. The hold timer does not count during an
on-going authentication.
In MAC-based Auth. mode, the switch will ignore new frames coming from the
client during the hold time.
The Hold Time can be set to a number between 10 and 1000000 seconds.
• RADIUS-Assigned QoS
Enabled
RADIUS-assigned QoS provides a means to centrally control the traffic class to
which traffic coming from a successfully authenticated supplicant is assigned on
the switch. The RADIUS server must be configured to transmit special RADIUS
attributes to take advantage of this feature.
The "RADIUS-Assigned QoS Enabled" checkbox provides a quick way to
globally enable/disable RADIUS-server assigned QoS Class functionality. When
checked, the individual ports' ditto setting determines whether RADIUS-assigned
QoS Class is enabled for that port. When unchecked, RADIUS-server assigned
QoS Class is disabled for all ports.
• RADIUS-Assigned
VLAN Enabled
RADIUS-assigned VLAN provides a means to centrally control the VLAN on
which a successfully authenticated supplicant is placed on the switch. Incoming
traffic will be classified to and switched on the RADIUS-assigned VLAN. The
RADIUS server must be configured to transmit special RADIUS attributes to take
advantage of this feature.
The "RADIUS-Assigned VLAN Enabled" checkbox provides a quick way to
globally enable/disable RADIUS-server assigned VLAN functionality. When
checked, the individual ports' ditto setting determines whether RADIUS-assigned
VLAN is enabled for that port. When unchecked, RADIUS-server assigned VLAN
is disabled for all ports.
• Guest VLAN Enabled
A Guest VLAN is a special VLAN - typically with limited network access - on
which 802.1X-unaware clients are placed after a network administrator-defined
timeout. The switch follows a set of rules for entering and leaving the Guest
VLAN as listed below.