User’s Manual of SGSW-24040 / 24240 Series 1
User’s Manual of SGSW-24040 / 24240 Series Trademarks Copyright © PLANET Technology Corp. 2014. Contents are subject to revision without prior notice. PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners.
User’s Manual of SGSW-24040 / 24240 Series A) Elevated Operating Ambient - If installed in a closed or multi-unit rack assembly, the operating ambient temperature of the rack environment may be greater than room ambient. Therefore, consideration should be given to installing the equipment in an environment compatible with the maximum ambient temperature (Tma) specified by the m Statement of PoE is capable of providing maximum power anufacturer.
User’s Manual of SGSW-24040 / 24240 Series TABLE OF CONTENTS 1. INTRODUTION .................................................................................................................... 20 1.1 Packet Contents .........................................................................................................................................20 1.2 Product Description ...................................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series 4.2 System.........................................................................................................................................................67 4.2.1 System Information..............................................................................................................................................68 4.2.2 IP Configuration ...............................................................................................................
User’s Manual of SGSW-24040 / 24240 Series 4.5.1 Static Aggregation Configuration ....................................................................................................................... 118 4.5.2 LACP Configuration ...........................................................................................................................................120 4.5.3 LACP System Status .................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series 4.9 Quality of Service .....................................................................................................................................185 4.9.1 Understand QOS ...............................................................................................................................................185 4.9.2 QCL Configuration Wizard ..............................................................................................................
User’s Manual of SGSW-24040 / 24240 Series 4.12.6 Port Security Status .........................................................................................................................................272 4.12.7 Port Security Detail ..........................................................................................................................................275 4.12.8 DHCP Snooping .............................................................................................................
User’s Manual of SGSW-24040 / 24240 Series 4.17.1.3 Stack Redundancy ..............................................................................................................................331 4.17.1.4 Shortest Path Forwarding ...................................................................................................................332 4.17.2 Stack Configuration .....................................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series IP DNS ................................................................................................................................................................358 IP DNS Proxy ......................................................................................................................................................359 IPv6 AUTOCINFIG ...................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series VLAN Ethernet Type............................................................................................................................................380 VLAN Add............................................................................................................................................................380 VLAN Delete................................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series Security Switch SNMP Trap Version....................................................................................................................404 Security Switch SNMP Trap Community .............................................................................................................404 Security Switch SNMP Trap Destination..............................................................................................................
User’s Manual of SGSW-24040 / 24240 Series Security Network NAS Mode ...............................................................................................................................426 Security Network NAS State................................................................................................................................427 Security Network NAS Reauthentication .............................................................................................................
User’s Manual of SGSW-24040 / 24240 Series Security Network ARP Inspection Entry...............................................................................................................452 Security Network ARP Inspection Status .............................................................................................................453 Security AAA Configuration .................................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series IGMP Mode .........................................................................................................................................................474 IGMP Leave Proxy ..............................................................................................................................................475 IGMP State ................................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series LLDPMED ECS ...................................................................................................................................................495 LLDPMED Policy Delete......................................................................................................................................496 LLDPMED Policy Add.................................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series Mirror SID ............................................................................................................................................................515 Mirror Mode .........................................................................................................................................................515 6.18 Configuration Command .....................................................................................................
User’s Manual of SGSW-24040 / 24240 Series SMTP Server.......................................................................................................................................................533 SMTP Auth ..........................................................................................................................................................534 SMTP Auth_user ........................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series The PoE Provision Process...........................................................................................................................545 Stages of powering up a PoE link ...............................................................................................................................545 Line Detection...........................................................................................................................................
User’s Manual of SGSW-24040 / 24240 Series 1.
User’s Manual of SGSW-24040 / 24240 Series 1.2 Product Description Cost-effective IPv6 Managed Gigabit Switch Solution for SMBs As the need for IP address increases, the IPv4 network infrastructure is not capable enough to provide IP addresses to each single user. Thus, ISPs adopt the IPv6 protocol where more IP addresses can be utilized. To meet the current trend, PLANET has launched the IPv6-designed Gigabit Ethernet Switch, SGSW Managed Switch series.
User’s Manual of SGSW-24040 / 24240 Series Efficient Management For efficient management, the Managed Switch series is equipped with console, WEB and SNMP management interfaces. With its built-in Web-based management, it offers an easy-to-use, platform-independent management and configuration facility. The Managed Switch supports standard Simple Network Management Protocol (SNMP) and can be managed via any standard-based management software.
User’s Manual of SGSW-24040 / 24240 Series reduces installation time. IEEE 802.3at Power over Ethernet Pre-Standard Compliant (SGSW-24040HP only) Till today, the IEEE 802.3af Power over Ethernet Standard has become popular yet the PoE demand still grows for increasing network-powered applications. With many critical applications included, the IEEE 802.3af PoE standard may not afford the trend of higher power demand. Hence, the IEEE 802.
User’s Manual of SGSW-24040 / 24240 Series Appendix A The section contains cable information of the Managed Switch.
User’s Manual of SGSW-24040 / 24240 Series 1.4 Product Features Physical Port SGSW-24040 / SGSW-24040R 24-Port 10/100/1000Base-T Gigabit Ethernet RJ-45 4 100/1000Base-X SFP slots, shared with Port-21 to Port-24 RS-232 DB9 console interface for Switch basic management and setup 2 High-performance 5GbE Stacking interface SGSW-24040P / SGSW-24040P4 / SGSW-24040HP 24-Port 10/100/1000Base-T Gigabit Ethernet RJ-45 with IEEE 802.
User’s Manual of SGSW-24040 / 24240 Series 802.3ad Link Aggregation Control Protocol (LACP) Cisco ether-channel (Static Trunk) Maximum 12 trunk groups, up to 16 ports per trunk group Up to 16Gbps bandwidth(Duplex Mode) ■ Provide Port Mirror (many-to-1) ■ Port Mirroring to monitor the incoming or outgoing traffic on a particular port Quality of Service ■ Ingress Shaper and Egress Rate Limit per port bandwidth control ■ 4 priority queues on all switch ports ■ Traffic classification: - IEEE 802.
User’s Manual of SGSW-24040 / 24240 Series Management ■ Switch Management Interfaces - Console / Telnet Command Line Interface - Web switch management - SNMP v1, v2c, and v3 switch management - SSH / SSL secure access ■ Four RMON groups (history, statistics, alarms, and events) ■ IPv6 IP Address / NTP / DNS management ■ Built-in Trivial File Transfer Protocol (TFTP) client ■ BOOTP and DHCP for IP address assignment ■ Firmware upload/download via HTTP / TFTP ■ DHCP Relay ■ User Privilege levels co
Power over Ethernet (SGSW-24040P / 24040P4 / 24040HP Only) ■ Complies with IEEE 802.3af Power over Ethernet End-Span PSE ■ Complies with IEEE 802.3at high-power Power over Ethernet End-Span PSE (SGSW-24040HP only) ■ Up to 24 ports for IEEE 802.3af devices powered ■ Up to 24 ports for IEEE 802.3at devices powered (SGSW-24040HP only) ■ Supports PoE Power up to 15.4 watts for each PoE port ■ Supports PoE Power up to 30.
User’s Manual of SGSW-24040 / 24240 Series SGSW-24040R: 3.1kg LED Power, Link/Act and speed per Gigabit port Power Consumption Max. 30.2 watts / 102.98 BTU Power Requirement – AC 100~240V AC, 50/60Hz Power Requirement – DC --- 100~240V AC, 50/60Hz -48V DC @ 0.
User’s Manual of SGSW-24040 / 24240 Series RFC-1493 Bridge MIB RFC-1643 Ethernet MIB RFC-2863 Interface MIB RFC-2665 Ether-Like MIB RFC-2737 Entity MIB RFC-2618 RADIUS Client MIB RFC-2933 IGMP-STD-MIB RFC3411 SNMP-Frameworks-MIB IEEE 802.1X PAE LLDP MAU-MIB Standards Conformance Regulation Compliance FCC Part 15 Class A, CE IEEE 802.3 10Base-T IEEE 802.3u 100Base-TX/100Base-FX IEEE 802.3z Gigabit SX/LX IEEE 802.3ab Gigabit 1000T IEEE 802.3x Flow Control and Back pressure IEEE 802.
User’s Manual of SGSW-24040 / 24240 Series Share Data Buffer 1392 kilobytes Switch Processing Scheme Store-and-Forward IEEE 802.3x Pause Frame for Full-Duplex Flow Control Jumbo Frame Back pressure for Half-Duplex 10Kbytes < 5 seconds: System reboot Reset Button Dimensions (W x D x H) > 10 seconds: Factory Default 440 x 200 x 44.5 mm, 1U high SGSW-24040: 3.0kg Weight SGSW-24040R: 3.1kg LED Power, Link/Act and speed per Gigabit port Power Consumption Max. 30.2 watts / 102.
User’s Manual of SGSW-24040 / 24240 Series - Port Number - 802.1p priority - DS/TOS field in IP Packet IGMP (v1/v2) Snooping, up to 255 multicast Groups IGMP Snooping IGMP Querier mode support IP-based ACL / MAC-based ACL Access Control List Up to 256 entries RFC-1213 MIB-II IF-MIB RFC-1493 Bridge MIB RFC-1643 Ethernet MIB RFC-2863 Interface MIB RFC-2665 Ether-Like MIB SNMP MIBs RFC-2737 Entity MIB RFC-2618 RADIUS Client MIB RFC-2933 IGMP-STD-MIB RFC3411 SNMP-Frameworks-MIB IEEE 802.
SGSW Stackable PoE models Product SGSW-24040P SGSW-24040P4 SGSW-24040HP Hardware Specification Copper Ports 24 10/ 100/1000Base-T RJ-45 Auto-MDI/MDI-X ports SFP/mini-GBIC Slots 4 SFP interfaces, shared with Port-21 to Port-24 1 x RS-232 DB9 serial port (115200, 8, N, 1) Console Port Stacking Ports 2 5GbE / Cross-HDMI interface Switch Fabric 68Gbps / non-blocking Address Table 8K entries, automatic source address learning and ageing Share Data Buffer 1392 kilobytes Switch Processing Schem
User’s Manual of SGSW-24040 / 24240 Series Number of PD @ 14 24 23 - - 11 15.4 Watts Number of PD @ 30.8 Watts Layer 2 Function Basic Management Interfaces Console, Telnet, Web Browser, SNMPv1, v2c and v3 Secure Management Interface SSH, SSL, SNMP v3 Port disable/enable. Auto-negotiation 10/100/1000Mbps full and half duplex mode selection. Port Configuration Flow Control disable / enable. Bandwidth control on each port.
User’s Manual of SGSW-24040 / 24240 Series RFC3411 SNMP-Frameworks-MIB IEEE 802.1X PAE LLDP MAU-MIB Standards Conformance Regulation Compliance FCC Part 15 Class A, CE IEEE 802.3 10Base-T IEEE 802.3u 100Base-TX/100Base-FX IEEE 802.3z Gigabit SX/LX IEEE 802.3ab Gigabit 1000T IEEE 802.3x Flow Control and Back pressure IEEE 802.3ad Port Trunk with LACP IEEE 802.1d Spanning Tree protocol IEEE 802.1w Rapid Spanning Tree protocol IEEE 802.1s Multiple Spanning Tree protocol IEEE 802.1p Class of service IEEE 802.
User’s Manual of SGSW-24040 / 24240 Series 2. INSTALLATION This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For easier management and control of the Managed Switch, familiarize yourself with its display indicators, and ports. Front panel illustrations in this chapter display the unit LED indicators. Before connecting any network device to the Managed Switch, please read this chapter completely. 2.1 Hardware Description 2.1.
User’s Manual of SGSW-24040 / 24240 Series ■ Gigabit TP interface 10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters. ■ Gigabit SFP slots 1000Base-SX/LX mini-GBIC slot, SFP (Small Factor Pluggable) transceiver module: From 550 meters (Multi-mode fiber), up to 10/30/50/70/120 kilometers (Single-mode fiber). ■ Console Port The console port is a DB9, RS-232 male serial port connector. It is an interface for connecting a terminal directly.
User’s Manual of SGSW-24040 / 24240 Series 2.1.2 LED Indications The front panel LEDs indicates instant status of port links, data activity and system power; helps monitor and troubleshoot when needed. Figure 2-5 & Figure 2-7 show the LED indications of these Managed Switches. SGSW-24040 / SGSW-24040R LED indication Figure 2-5 SGSW-24040 / SGSW-24040R LED panel ■ System LED Color Function PWR Green Master Green Lights to indicate that the Switch is the Master of the stack group.
User’s Manual of SGSW-24040 / 24240 Series ■ 1000Base-SX/LX SFP interfaces (Shared Port-21~Port-24) LED Color Function Lights: To indicate the link through that SFP port is successfully established with 1000 speed 1000Mbps Green LNK Off: To indicate that the SFP port is link down SGSW-24040P / SGSW-24040P4 / SGSW-24040HP LED indication Figure 2-6 SGSW-24040P / SGSW-24040P4 LED panel ■ System LED Color Function PWR Green Master Green Lights to indicate that the Switch is the Master of the
User’s Manual of SGSW-24040 / 24240 Series ■ 10/100/1000Base-T interfaces LED Color Function Lights: To indicate the link through that port is successfully established with speed 10Mbps or 100Mbps or 1000Mbps Blink: To indicate that the switch is actively sending or receiving data over that port.
User’s Manual of SGSW-24040 / 24240 Series STX1 Green Lights to indicate the stacking link through that port is successfully established. STX2 Green Lights to indicate the stacking link through that port is successfully established. ■ 10/100/1000Base-T interfaces (Shared Port-1~Port-8) LED Color Function Lights: To indicate the link through that port is successfully established with speed 1000Mbps Blink: To indicate that the switch is actively sending or receiving data over that port.
User’s Manual of SGSW-24040 / 24240 Series 2.1.3 Switch Rear Panel The rear panel of the Managed Switch indicates an AC inlet power socket, which accepts input power from 100 to 240V AC, 50-60Hz.
User’s Manual of SGSW-24040 / 24240 Series The device is a power-required device, meaning it will not work till it is powered. If your networks should be active all the time, please consider using UPS (Uninterrupted Power Supply) for your device. It will Power Notice: prevent you from network data loss or network downtime. In some areas, installing a surge suppression device may also help to protect your Managed Switch from being damaged by unregulated surge or current to the Switch or the power adapter.
User’s Manual of SGSW-24040 / 24240 Series Figure 2-14 SGSW-24040 /24040R Series Stack Ports 44
User’s Manual of SGSW-24040 / 24240 Series 2.2 Installing the Switch This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the following topics and perform the procedures in the order being presented. To install your Managed Switch on a desktop or shelf, simply complete the following steps. 2.2.
User’s Manual of SGSW-24040 / 24240 Series Step5: Supply power to the Managed Switch. Connect one end of the power cable to the Managed Switch. Connect the power plug of the power cable to a standard wall outlet. When the Managed Switch receives power, the Power LED should remain solid Green. 2.2.2 Rack Mounting To install the Managed Switch in a 19-inch standard rack, please follow the instructions described below.
User’s Manual of SGSW-24040 / 24240 Series Figure 2-17 Mounting SGSW-24040 in a Rack Step6: Proceeds with Steps 4 and 5 of section 2.2.1 Desktop Installation to connect the network cabling and supply power to the Managed Switch. 2.2.2 Installation dans un rack Pour installer l’équipement dans un rack 19 pouces standard, veuillez suivre les instructions suivantes. Etape1: Placez l’équipement sur une surface dure et plate, avec la face avant en regard vers vous.
User’s Manual of SGSW-24040 / 24240 Series Etape3: Bien serrer les vis. Etape4: Effectuez les mêmes étapes pour le second support situé au côté opposé. Etape5: Une fois que les supports sont installés, utilisez les vis adéquates pour monter l’équipement dans le rack comme montré dans la Figure 2-17. Figure 2-17 Mounting SGSW-24040 in a Rack Etape 6: procède à des étapes 4 et 5 étapes de la session 2.2.1 bureau Installation de connecter le câblage réseau et d'alimentation au commutateur géré. 2.2.
User’s Manual of SGSW-24040 / 24240 Series Figure 2-18 Plug in the SFP transceiver Approved PLANET SFP Transceivers PLANET Managed Switch supports both Single mode and Multi-mode SFP transceivers.
User’s Manual of SGSW-24040 / 24240 Series Converter. 3. Check the LNK/ACT LED of the SFP slot on the front of the Managed Switch. Ensure that the SFP transceiver is operating correctly. 4. Check the Link mode of the SFP port if the link fails. When working with some fiber-NICs or Media Converters, setting the Link mode to “1000 Force” is needed. Removing the transceiver module 1.
User’s Manual of SGSW-24040 / 24240 Series Figure 2-20 -48V DC connector Warning: Before connecting the DC power cable to the input terminal block of Managed Switch, ensure that the power switch is in the “OFF” position and the DC power is OFF.
User’s Manual of SGSW-24040 / 24240 Series 2.3 Stack Installation SGSW-24040 / 24240 Series The SGSW-24040 / 24240 Managed Switch series provides a switch stacking function to manage up to 16 switches using a single IP address. And up to 384 Gigabit Ethernet ports can be managed by a stacking group and you can add ports and functionality as needed.
User’s Manual of SGSW-24040 / 24240 Series 2.3.1 Connecting Stacking Cable Before attempting to connect stacking ports, verify that you have the required stack cables. The following cables are used to connect stacked switches: CB-STX50: 50cm, Short stack cable –used to connect adjacent SGSW switches. CB-STX200: 200cm, Long / Redundant stack cable – used to connect the top and bottom SGSW switches of a stack.
User’s Manual of SGSW-24040 / 24240 Series master is indicated by a lit green “Master” LED on the front panel as the Figure 2-24 shows. Stack ID Master LED Figure 2-24 Stack Master with “Master” LED lit STEP-6: When a SGSW Switch is added to the stack, a Switch ID is automatically assigned to the SGSW Switch. The automatic SID assignment can be modified by choosing a different Switch ID on the Stack Configuration page.
User’s Manual of SGSW-24040 / 24240 Series 1. The stack switch with the least priority ID or MAC Address number will become Master. Only Master switch’s management interface (console, telnet, web and SNMP) is accessible. It allows to build a stack of up to 16 PLANET SGSW Switches. If there is the space limitation or power issue and you wish to stack all the switches in different racks, use long stack cables “CB-STX200” to connect two stacks.
User’s Manual of SGSW-24040 / 24240 Series 3. SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (workstation or personal computer) and the system. It also contains information about port connection options.
User’s Manual of SGSW-24040 / 24240 Series 3.2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods: An administration console Web browser interface An external SNMP-based network management application The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use. Each of these management methods has their own advantages.
User’s Manual of SGSW-24040 / 24240 Series Figure 3-1 Console management Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal-emulation program (such as HyperTerminal) to the Managed Switch console (serial) port. When using this management method, a straight DB9 RS-232 cable is required to connect the switch to the PC.
User’s Manual of SGSW-24040 / 24240 Series 3.4 Web Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. After you set up your IP address for the switch, you can access the Managed Switch's Web interface applications directly in your Web browser by entering the IP address of the Managed Switch.
User’s Manual of SGSW-24040 / 24240 Series 60
User’s Manual of SGSW-24040 / 24240 Series 3.5 SNMP-based Network Management You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMPc Network Manager, HP Openview Network Node Management (NNM) or What’s Up Gold. This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string. This management method, in fact, uses two community strings: the get community string and the set community string.
User’s Manual of SGSW-24040 / 24240 Series 4. WEB CONFIGURATION This section introduces the configuration and functions of the Web-based management. About Web-based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. The Web-based Management supports Internet Explorer 7.0.
User’s Manual of SGSW-24040 / 24240 Series 1. Logging on the switch Use Internet Explorer 7.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The factory-default IP Address is as follows: http://192.168.0.100 2. When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch. The login screen in Figure 4-1-2 appears.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-1-3 Default main page Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides. 1. It is recommended to use Internet Explore 7.0 or above to access Managed Switch. 2. The changed IP address takes effect immediately after clicking on the Save button.
User’s Manual of SGSW-24040 / 24240 Series 4.1 Main Web Page The SGSW Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s Web browser interface to configure and manage it.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-1-5 SGSW Managed Switch Main Functions Menu 66
User’s Manual of SGSW-24040 / 24240 Series 4.2 System Use the system menu items to display and configure basic administrative details of the Managed Switch. Under System the following topics are provided to configure and view the system information: This section has the following items: ■ System Information The switch system information is provided here. ■ IP Configuration Configure the switch-managed IP information on this page.
User’s Manual of SGSW-24040 / 24240 Series 4.2.1 System Information The System Info page provides information for the current device information. System Info page helps a switch administrator to identify the hardware MAC address, software version and system uptime. The screen in Figure 4-2-1 appears. Figure 4-2-1 System Information page screenshot The page includes the following fields: Object Description Contact The system contact configured in Configuration | System | Information | System Contact.
User’s Manual of SGSW-24040 / 24240 Series Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Click to refresh the page; any changes made locally will be undone. 4.2.2 IP Configuration The IP Configuration includes the IP Address, Subnet Mask and Gateway. The Configured column is used to view or change the IP configuration. Fill up the IP Address, Subnet Mask and Gateway for the device. The screen in Figure 4-2-2 appears.
User’s Manual of SGSW-24040 / 24240 Series VLAN ID Provide the managed VLAN ID. The allowed range is 1 through 4095. DNS Server Provide the IP address of the DNS Server in dotted decimal notation. DNS Proxy When DNS proxy is enabled, DUT will relay DNS requests to the current configured DNS server on DUT, and reply as a DNS resolver to the client device on the network. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
User’s Manual of SGSW-24040 / 24240 Series represented as eight fields of up to four hexadecimal digits with a colon separates each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It also used a following legally IPv4 address. For example, '::192.1.2.34'. Prefix Provide the IPv6 Prefix of this switch. The allowed range is 1 through 128.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Username The name identifying the user. This is also a link to Add/Edit User. Privilege Level The privilgeg level for the user. Buttons : Click to add a new user. Add / Edit User This page configures a user – add, edit or delete user.
User’s Manual of SGSW-24040 / 24240 Series Once the new user is added, the new user entry will be shown on the Users Configuration page. Figure 4-2-6 User Configuration page screenshot After changing the default password, if you forget the password, please press the “Reset” button on the front panel of the Managed Switch for over 10 seconds and then release it. The current setting including VLAN will be lost and the Managed Switch will restore to the default mode.
User’s Manual of SGSW-24040 / 24240 Series 4.2.5 Users Privilege Levels This page provides an overview of the privilege levels. After the setup is completed, please press “Save” button to take effect. Please login the web interface with the new user name and password and the screen in Figure 4-2-7 appears. Figure 4-2-7 Privilege Levels Configuration page screenshot The page includes the following fields: Object Description Group Name The name of the privilege group is identified.
User’s Manual of SGSW-24040 / 24240 Series contains more than one. The following description defines these privilege level groups in details: System: Contact, Name, Location, Timezone, Log. Security: Authentication, System Access Management, Port (contains Dot1x port, MAC based and the MAC Address Limit), ACL, HTTPS, SSH, ARP Inspection and IP source guard. IP: Everything except 'ping'. Port: Everything except 'VeriPHY'. Diagnostics: 'ping' and 'VeriPHY'.
User’s Manual of SGSW-24040 / 24240 Series 4.2.6 NTP Configuration Configure NTP on this page. NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer systems. NTP uses UDP (data grams) as transport layer. You can specify NTP Servers and set GMT Time zone. The NTP Configuration screen in Figure 4-2-8 appears. Figure 4-2-8 NTP Configuration page screenshot The page includes the following fields: Object Description Mode Indicates the NTP mode operation.
User’s Manual of SGSW-24040 / 24240 Series 4.2.7 UPnP Configuration Configure UPnP on this page. UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components. The UPnP Configuration screen in Figure 4-2-9 appears.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. Figure 4-2-10 UPnP devices shows on Windows My Network Places 4.2.8 DHCP Relay Configure DHCP Relay on this page. DHCP Relay is used to forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain.
User’s Manual of SGSW-24040 / 24240 Series The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id" "port_no". The parameter of "vlan_id" is the first two bytes represent the VLAN ID. The parameter of "module_id" is the third byte for the module ID (in standalone switch it always equal 0, in stackable switch it means switch ID). The parameter of "port_no" is the fourth byte and it means the port number.
User’s Manual of SGSW-24040 / 24240 Series DHCP relay information operation mode enabled. Possible policies are: Replace: Replace the original relay information when receive a DHCP message that already contains it. Keep: Keep the original relay information when receive a DHCP message that already contains it. Drop: Drop the package when receive a DHCP message that already contains relay information. Buttons : Click to save changes.
User’s Manual of SGSW-24040 / 24240 Series Receive Missing The packets number that received packets which Remote ID option was missing. Remote ID Receive Bad Circuit ID The packets number that the Circuit ID option did not match known circuit ID. Receive Bad Remote The packets number that the Remote ID option did not match known Remote ID. ID Client Statistics Object Description Transmit to Client The packets number that relayed packets from server to client.
User’s Manual of SGSW-24040 / 24240 Series 4.2.10 CPU Load This page displays the CPU load, using an SVG graph. The load is measured as averaged over the last 100ms, 1 sec and 10 seconds intervals. The last 120 samles are graphed, and the last numbers are displayed as text as well. In order to display the SVG graph, your browser must support the SVG format. Consult the SVG Wiki for more information on browser support.
User’s Manual of SGSW-24040 / 24240 Series 4.2.11 System Log The switch system log information is provided here. The System Log screen in Figure 4-2-14 appears. Figure 4-2-14 System Log page screenshot The page includes the following fields: Object Description ID The ID (>= 1) of the system log entry. Level The level of the system log entry. The following level types are supported: Info: Information level of the system log. Warning: Warning level of the system log.
User’s Manual of SGSW-24040 / 24240 Series : Updates the system log entries, starting from the last entry currently displayed. : Updates the system log entries, ending at the last available entry ID. 4.2.12 Detailed Log The switch system detailed log information is provided here. The Detailed Log screen in Figure 4-2-15 appears. Figure 4-2-15 Detailed Log page screenshot The page includs the following fields: Object Description ID The ID (>= 1) of the system log entry.
User’s Manual of SGSW-24040 / 24240 Series 4.2.13 Remote Syslog Configure remote syslog on this page. The Remote Syslog screen in Figure 4-2-16 appears. Figure 4-2-16 Remote Syslog page screenshot The page includes the following fields: Object Description Mode Indicates the remote syslog mode operation. Possible modes are: Enabled: Enable remote syslog mode operation. Disabled: Disable remote syslog mode operation. Syslog Server IP Fill in your remote syslog server IP address.
User’s Manual of SGSW-24040 / 24240 Series 4.2.14 SMTP Configure This page facilitates a SMTP Configure the switch. The SMTP Configure screen in Figure 4-2-17 appears. Figure 4-2-17 SMTP Configuration page screenshot The page includes the following fields: Object Description SMTP Mode Controls whether SMTP is enabled on this switch. SMTP Server Type the SMTP server name or the IP address of the SMTP server. SMTP Port Set port number of SMTP service.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Send a test mail to mail server to check this account is available or not. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.2.15 Web Firmware Upgrade This page facilitates an update of the firmware controlling the switch. The Web Firmware Upgrade screen in Figure 4-2-18 appears. Figure 4-2-18 Web Firmware Upgrade page screenshot To open Firmware Upgrade screen perform the folling: 1.
User’s Manual of SGSW-24040 / 24240 Series DO NOT Power OFF the Managed Switch until the update progress is complete. Do not quit the Firmware Upgrade page without pressing the “OK” button after the image has been loaded. Or the system won’t apply the new firmware. User has to repeat the firmware upgrade processes again. 4.2.16 TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network.
User’s Manual of SGSW-24040 / 24240 Series 4.2.17 Configuration Backup This function allows backup and reload the current configuration of the Managed Switch to the local management station. The Configuration Backup screen in Figure 4-2-21 appears. Figure 4-2-21 Configuration Backup page screenshot You can save/view or load the switch configuration. The configuration file is in XML format with a hierarchy of tags: Header tags: and .
User’s Manual of SGSW-24040 / 24240 Series Figure 4-2-22 File Download screen 2. Chose the file save path in management workstation.
User’s Manual of SGSW-24040 / 24240 Series 4.2.18 Configuration Upload This function allows backup and reload the current configuration of the Managed Switch to the local management station. The Configuration Upload screen in Figure 4-2-24 appears. Figure 4-2-24 Configuration Upload page screenshot Configuration Upload 1. Click the “ ” button of the main page, the system would pop up the file selection menu to choose saved configuration. Figure 4-2-25 Windows file selection menu popup 2.
User’s Manual of SGSW-24040 / 24240 Series 4.2.19 Factory Default You can reset the configuration of the stack switch on this page. Only the IP configuration is retained. The new configuration is available immediately, which means that no restart is necessary. The Factory Default screen in Figure 4-2-26 appears. Figure 4-2-26 Factory Default page screenshot Buttons : Click to reset the configuration to Factory Defaults. : Click to return to the Port State page without resetting the configuration.
User’s Manual of SGSW-24040 / 24240 Series 4.2.20 System Reboot The Reboot page enables the device to be rebooted from a remote location. Once the Reboot button is pressed, users have to re-login the WEB interface for about 60 seconds later, and the System Reboot screen in Figure 4-2-27 appears. Figure 4-2-27 System Reboot page screenshot Buttons : Click to reboot the system. : Click to return to the Port State page without rebooting the system.
User’s Manual of SGSW-24040 / 24240 Series 4.3 Simple Network Management Protocol 4.3.1 SNMP Overview The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.
User’s Manual of SGSW-24040 / 24240 Series SNMPv3 Communities Configure SNMPv3 communities table on this page. SNMPv3 Users Configure SNMPv3 users table on this page. SNMPv3 Groups Configure SNMPv3 groups table on this page. SNMPv3 Views Configure SNMPv3 views table on this page. SNMPv3 Accesses Configure SNMPv3 accesses table on this page. 4.3.2 SNMP System Configuration Configure SNMP on this page. The SNMP System Configuration screen in Figure 4-3-1 appears.
User’s Manual of SGSW-24040 / 24240 Series will associated with SNMPv3 communities table. Engine ID Indicates the SNMPv3 engine ID. The string must contain an even number between 10 and 64 hexadecimal digits, but all-zeros and all-'F's are not allowed. Change of the Engine ID will clear all original local users. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.3.
User’s Manual of SGSW-24040 / 24240 Series to 126. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.3.4 SNMP Trap Configuration Configure SNMP trap on this page. The SNMP Trap Configuration screen in Figure 4-3-3 appears. Figure 4-3-3 SNMP Trap Configuration page screenshot The page includes the following fields: Object Description Trap Mode Indicates the SNMP trap mode operation.
User’s Manual of SGSW-24040 / 24240 Series allowed string length is 0 to 255, and the allowed content is the ASCII characters from 33 to 126. Trap Destination Indicates the SNMP trap destination address. Address Trap Destination IPv6 Address Provide the trap destination IPv6 address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'.
User’s Manual of SGSW-24040 / 24240 Series 4.3.5 SNMPv3 Configuration 4.3.5.1 SNMPv3 Communities Configuration Configure SNMPv3 communities table on this page. The entry index key is Community. The SNMPv3 Communities Configuration screen in Figure 4-3-4 appears. Figure 4-3-4 SNMPv3 Communities Configuration page screenshot The page includes the following fields: Object Description Delete Check to delete the entry. It will be deleted during the next save.
User’s Manual of SGSW-24040 / 24240 Series 4.3.5.2 SNMPv3 Users Configuration Configure SNMPv3 users table on this page. The entry index keys are Engine ID and User Name. The SNMPv3 Users Configuration screen in Figure 4-3-5 appears. Figure 4-3-5 SNMPv3 Users Configuration page screenshot The page includes the following fields: Object Description Delete Check to delete the entry. It will be deleted during the next save.
User’s Manual of SGSW-24040 / 24240 Series 33 to 126. Privacy Protocol Indicates the privacy protocol that this entry should belong to. Possible privacy protocol are: None: None privacy protocol. DES: An optional flag to indicate that this user using DES authentication protocol. Privacy Password A string identifying the privacy pass phrase. The allowed string length is 8 to 32, and the allowed content is the ASCII characters from 33 to 126. Buttons : Click to add a new user entry.
User’s Manual of SGSW-24040 / 24240 Series 4.3.5.3 SNMPv3 Groups Configuration Configure SNMPv3 groups table on this page. The entry index keys are Security Model and Security Name. The SNMPv3 Groups Configuration screen in Figure 4-3-6 appears. Figure 4-3-6 SNMPv3 Groups Configuration page screenshot The page includes the following fields: Object Description Delete Check to delete the entry. It will be deleted during the next save.
User’s Manual of SGSW-24040 / 24240 Series 4.3.5.4 SNMPv3 Views Configuration Configure SNMPv3 views table on this page. The entry index keys are View Name and OID Subtree. The SNMPv3 Views Configuration screen in Figure 4-3-7 appears. Figure 4-3-7 SNMPv3 Views Configuration page screenshot The page includes the following fields: Object Description Delete Check to delete the entry. It will be deleted during the next save.
User’s Manual of SGSW-24040 / 24240 Series 4.3.5.5 SNMPv3 Accesses Configuration Configure SNMPv3 accesses table on this page. The entry index key are Group Name, Security Model and Security Level. The SNMPv3 Accesses Configuration screen in Figure 4-3-8 appears. Figure 4-3-8 SNMPv3 Accesses Configuration page screenshot The page includes the following fields: Object Description Delete Check to delete the entry. It will be deleted during the next save.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to add a new access entry. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
User’s Manual of SGSW-24040 / 24240 Series 4.4 Port Management Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items: Configures port connection settings Port Configuration Port Statistics Overview Port Statistics Detail SFP Module Information Display SFP information Port Mirror Sets the source and target ports for mirroring Lists Ethernet and RMON port statistics 4.4.
User’s Manual of SGSW-24040 / 24240 Series Description Indicates the per port description. Link The current link state is displayed graphically. Green indicates the link is up and red that it is down. Current Link Speed Provides the current link speed of the port. Configured Link Speed Select any available link speed for the given switch port. Draw the menu bar to select the mode. Flow Control Auto Speed - Setup Auto negotiation. 10 Half - Force sets 10Mbps/Half-Duplex mode.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. : Click to refresh the page. Any changes made locally will be undone. 4.4.2 Port Statistics Overview This page provides an overview of general traffic statistics for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header. The Port Statistics Overview screen in Figure 4-4-2 appears.
User’s Manual of SGSW-24040 / 24240 Series The displayed counters are: Object Description Port The logical port for the settings contained in the same row. Packets The number of received and transmitted packets per port. Bytes The number of received and transmitted bytes per port. Errors The number of frames received in error and the number of incomplete transmissions per port. Drops The number of frames discarded due to ingress or egress congestion.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Receive Total and Transmit Total Object Description Rx and Tx Packets The number of received and transmitted (good and bad) packets Rx and Tx Octets The number of received and transmitted (good and bad) bytes. Includes FCS, but excludes framing bits. Rx and Tx Unicast The number of received and transmitted (good and bad) unicast packets.
User’s Manual of SGSW-24040 / 24240 Series Transmit Error Counters Object Description Tx Drops The number of frames dropped due to output buffer congestion. Tx Late/Exc. Coll. The number of frames dropped due to excessive or late collisions. Buttons : Click to refresh the page immediately. : Clears the counters for all ports. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. 4.4.
User’s Manual of SGSW-24040 / 24240 Series Speed Display the spedd of current SFP module, the speed value or description is get from the SFP module. Different vendors SFP modules might shows different speed information. Wave Length(nm) Display the wavelength of current SFP module, the wavelength value is get from the SFP module. Use this column to check if the wavelength values of two nodes are the matched while the fiber connection is failed.
User’s Manual of SGSW-24040 / 24240 Series 4.4.5 Port Mirroring Configuration Configure port Mirroring on this page. This function monitors network traffic that forwards a copy of each incoming or outgoing packet from one port of a network Switch to another port where the packet can be studied. It enables the manager to keep close track of switch performance and alter it if necessary.
User’s Manual of SGSW-24040 / 24240 Series Mirror Port Configuration The Port Mirror Configuration screen in Figure 4-4-6 appears. Figure 4-4-6 Port Mirror Configuration page screenshot The page includes the following fields: Object Description Port to mirror to Frames from ports that have either source or destination mirroring enabled are mirrored to this port. Disabled disables mirroring.
User’s Manual of SGSW-24040 / 24240 Series Switch to mirror to Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored to this switch. Port The logical port for the settings contained in the same row. Mode Select mirror mode. Rx only: Frames received at this port are mirrored to the mirroring port. Frames transmitted are not mirrored. Tx only: Frames transmitted from this port are mirrored to the mirroring port. Frames received are not mirrored.
User’s Manual of SGSW-24040 / 24240 Series 4.5 Link Aggregation Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Groups (LAGs). Port Aggregation multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. Each LAG is composed of ports of the same speed, set to full-duplex operations.
User’s Manual of SGSW-24040 / 24240 Series The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems that require high speed redundant links. Link aggregation lets you group up to eight consecutive ports into a single dedicated connection. This feature can expand bandwidth to a device on the network. LACP operation requires full-duplex mode, more detail information refer to the IEEE 802.3ad standard.
User’s Manual of SGSW-24040 / 24240 Series 4.5.1 Static Aggregation Configuration This page is used to configure the Aggregation hash mode and the aggregation group. The aggregation hash mode settings are global, whereas the aggregation group relate to the currently selected stack unit, as reflected by the page header. Hash Code Contributors The Aggeration Mode COnfiguration screen in Figure 4-5-2 appears.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-5-3 Aggregation Group Configuration page screenshot The page includes the following fields: .Object Description Locality Indicates the aggregation group type. This field is only valid for stackable switches. Global: The group members may reside on different units in the stack. The device supports two 8-port global aggregations. Local: The group members reside on the same unit. Each local aggregation may consist of up to 16 members.
User’s Manual of SGSW-24040 / 24240 Series 4.5.2 LACP Configuration Link Aggregation Control Protocol (LACP) - LACP LAG negotiate Aggregated Port links with other LACP ports located on a different device. LACP allows switches connected to each other to discover automatically whether any ports are member of the same LAG. This page allows the user to inspect the current LACP port configurations, and possibly change them as well.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-5-4 LACP Port Configuration page screenshot The page includes the following fields: Object Description Port The switch port number. LACP Enabled Controls whether LACP is enabled on this switch port. LACP will form an aggregation when 2 or more ports are connected to the same partner. LACP can form max 12 LLAGs per switch and 2 GLAGs per stack. Key The Key value incurred by the port, range 1-65535 .
User’s Manual of SGSW-24040 / 24240 Series Aggr ID The Aggregation ID associated with this aggregation instance. For LLAG the id is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id' Partner System ID The system ID (MAC address) of the aggregation partner. Partner Key The Key that the partner has assigned to this aggregation ID. Last changed The time since this aggregation changed. Local Ports Shows which ports are a part of this aggregation for this switch/stack.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-5-6 LACP Port Status page screenshot The page includes the following fields: Object Description Port The switch port number. LACP 'Yes' means that LACP is enabled and the port link is up. 'No' means that LACP is not enabled or that the port link is down. 'Backup' means that the port could not join the aggregation group but will join if other port leaves. Meanwhile it's LACP status is disabled. Key The key assigned to this port.
User’s Manual of SGSW-24040 / 24240 Series 4.5.5 LACP Port Statistics This page provides an overview for LACP statistics for all ports. The LACP statistics screen in Figure 4-5-7 appears. Figure 4-5-7 LACP Port statistics page screenshot The page includes the following fields: Object Description Port The switch port number. LACP Transmitted Shows how many LACP frames have been sent from each port. LACP Received Shows how many LACP frames have been received at each port.
User’s Manual of SGSW-24040 / 24240 Series 4.6 VLAN 4.6.1 VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN. VLAN also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN.
User’s Manual of SGSW-24040 / 24240 Series to the same physical segment. VLANs help to simplify network management by allowing you to move devices to a new VLAN without having to change any physical connections. VLANs can be easily organized to reflect departmental groups (such as Marketing or R&D), usage groups (such as e-mail), or multicast groups (used for multimedia applications such as videoconferencing).
User’s Manual of SGSW-24040 / 24240 Series 1 bit of Canonical Format Identifier (CFI - used for encapsulating Token Ring packets so they can be carried across Ethernet backbones), and 12 bits of VLAN ID (VID). The 3 bits of user priority are used by 802.1p. The VID is the VLAN identifier and is used by the 802.1Q standard. Because the VID is 12 bits long, 4094 unique VLAN can be identified. The tag is inserted into the packet header making the entire packet longer by 4 octets.
User’s Manual of SGSW-24040 / 24240 Series Tagged packets are forwarded according to the VID contained within the tag. Tagged packets are also assigned a PVID, but the PVID is not used to make packet forwarding decisions, the VID is. Tag-aware switches must keep a table to relate PVID within the switch to VID on the network. The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet. If the two VID are different the switch will drop the packet.
User’s Manual of SGSW-24040 / 24240 Series ■ Untagged VLANs Untagged (or static) VLANs are typically used to reduce broadcast traffic and to increase security. A group of network users assigned to a VLAN form a broadcast domain that is separate from other VLANs configured on the switch. Packets are forwarded only between ports that are designated for the same VLAN. Untagged VLANs can be used to manually isolate user groups or subnets. 4.6.
User’s Manual of SGSW-24040 / 24240 Series 4.6.4 VLAN Port Configuration This page is used for configuring the Managed Switch port VLAN. The VLAN per Port Configuration page contains fields for managing ports that are part of a VLAN. The port default VLAN ID (PVID) is configured on the VLAN Port Configuration page. All untagged packets arriving to the device are tagged by the ports PVID. Understand nomenclature of the Switch ■ IEEE 802.1Q Tagged and Untagged Every port on an 802.
User’s Manual of SGSW-24040 / 24240 Series The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge, aggregating traffic from numerous independent customer LANs into the MAN (Metro Access Network) space. One of the purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used independent of the customers’ VLANs.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-6-2 VLAN Port Configuration page screenshot The page includes the following fields: Object Description Port This is the logical port number for this row. PVID Allow assign PVID for selected port. The range for the PVID is 1-4094. The PVID will be inserted into all untagged frames entering the ingress port. The PVID must as same as the VLAN ID that the port belong to VLAN group, or the untagged traffic will be dropped.
User’s Manual of SGSW-24040 / 24240 Series Accept Frame Type Determines whether the port accepts all frames or only tagged frames. This parameter affects VLAN ingress processing. If the port only accepts tagged frames, untagged frames received on the port are discarded. By default, the field is set to All. Link Type Allow 802.1Q Untagged or Tagged VLAN for selected port. When adding a VLAN to selected port, it tells the switch whether to keep or remove the tag from a frame on egress.
User’s Manual of SGSW-24040 / 24240 Series 4.6.5 VLAN Membership Configuration Adding Static Members to VLANs (VLAN Index) Use the VLAN Static Table to configure port members for the selected VLAN index. The VLAN membership configuration for the selected stack switch / unit switch can be monitored and modified here. Up to 255 VLANs are supported. This page allows for adding and deleting VLANs as well as adding and deleting port members of each VLAN.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to add new VLAN. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. : Refreshes the displayed table starting from the "VLAN ID" input fields. : Updates the table starting from the first entry in the VLAN Table, i.e. the entry with the lowest VLAN ID. : Updates the table, starting with the entry after the last entry currently displayed. 4.6.
User’s Manual of SGSW-24040 / 24240 Series Server. - Voice VLAN : Voice VLAN is a VLAN configured specially for voice traffic typically originating from IP phones. - MVR : MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN. Multicast traffic for all channels is sent only on a single (multicast) VLAN. - MSTP : The 802.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Port The logical port for the settings contained in the same row. PVID Shows the VLAN identifier for that port. The allowed values are 1 through 4095. The default value is 1. VLAN Aware Show the VLAN Awareness for the port. If VLAN awareness is enabled, the tag is removed from tagged frames received on the port. VLAN tagged frames are classified to the VLAN ID in the tag.
User’s Manual of SGSW-24040 / 24240 Series create multiple spanning trees in a network, which significantly improves network resource utilization while maintaining a loop-free environment. Buttons : Select VLAN Users from this drop down list. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Click to refresh the page immediately. 4.6.
User’s Manual of SGSW-24040 / 24240 Series For private VLANs to be applied, the switch must first be configured for standard VLAN operation When this is in place, one or more of the configured VLANs can be configured as private VLANs.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-6-6 Port Isolation Configuration page screenshot The page includes the following fields: Object Description Port The switch interface. PVLAN Port Type Displays private VLAN port types. - Isolated: A single stand-alone VLAN that contains one promiscuous port and one or more isolated (or host) ports. This VLAN conveys traffic between the isolated ports and a lone promiscuous port.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Delete To delete a VLAN entry, check this box. The entry will be deleted on all stack switch units during the next Save. VLAN ID Indicates the ID of this particular VLAN. Port Members A row of check boxes for each port is displayed for each VLAN ID. To include a port in a VLAN, check the box. To remove or exclude the port from the VLAN, make sure the box is unchecked.
User’s Manual of SGSW-24040 / 24240 Series 4.6.10 VLAN setting example: - Separate VLAN - 802.1Q VLAN Trunk - Port Isolate 4.6.10.1 Two separate 802.1Q VLAN The diagram shows how the Managed Switch handle Tagged and Untagged traffic flow for two VLANs. VLAN Group 2 and VLAN Group 3 are separated VLAN. Each VLAN isolate network traffic so only members of the VLAN receive traffic from the same VLAN members.
User’s Manual of SGSW-24040 / 24240 Series 3. While the packet leaves Port-2, it will be stripped away it tag becoming an untagged packet. 4. While the packet leaves Port-3, it will keep as a tagged packet with VLAN Tag=2. Tagged packet entering VLAN 2 5. While [PC-3] transmit a tagged packet with VLAN Tag=2 enters Port-3, [PC-1] and [PC-2] will received the packet through Port-1 and Port-2. 6.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-6-9 Add new VLAN group, assign VLAN members for VLAN 2 and VLAN 3 and remove specify ports from VLAN 1 member It’s import to remove the VLAN members from VLAN 1 configuration. Or the ports would become overlap setting. ( About the overlapped VLAN configuration, see next VLAN configure sample) 4. Assign PVID for each port: Port-1,Port-2 and Port-3 : PVID=2 Port-4,Port-5 and Port-6 : PVID=3 Port-7~Port-24 : PVID=1 5.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-6-10 Port 1-Port 6 VLAN Configuration 145
User’s Manual of SGSW-24040 / 24240 Series 4.6.10.2 VLAN Trunking between two 802.1Q aware switch The most cases are used for “Uplink” to other switches. VLANs are separated at different switches, but they need to access with other switches within the same VLAN group. The screen in Figure 4-6-11 appears. Setup steps 1. Create VLAN Group Set VLAN Group 1 = Default-VLAN with VID (VLAN ID) =1 Add two VLANs – VLAN 2 and VLAN 3 VLAN Group 2 with VID=2 VLAN Group 3 with VID=3 2.
User’s Manual of SGSW-24040 / 24240 Series About the VLAN ports connect to the hosts, please refer to 4.6.10.1 examples. The following steps will focus on the VLAN Trunk port configuration. 1. Specify Port-8 to be the 802.1Q VLAN Trunk port. 2. Assign Port-8 to both VLAN 2 and VLAN 3 at the VLAN Member configuration page. 3. Define a VLAN 1 as a “Public Area” that overlapping with both VLAN 2 members and VLAN 3 members. 4.
User’s Manual of SGSW-24040 / 24240 Series Setup steps 1. Assign Port Mode Set Port-1~Port-4 in Isolate port. Set Port5 and Port-6 in Promiscuous port. The screen in Figure 4-6-15 appears.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-6-15 The configuration of Isolate and Promiscuous port 2. Assign VLAN Member : VLAN 1 : Port-1,Port-2 ,Port-5 and Port-3 VLAN 2 : Port-3~Port-6. The screen in Figure 4-6-16 appears.
User’s Manual of SGSW-24040 / 24240 Series 4.7 Spanning Tree Protocol 4.7.1 Theory The Spanning Tree protocol can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
User’s Manual of SGSW-24040 / 24240 Series The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on which the packet is transmitted will receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-7-1 STP Port State Transitions You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.
User’s Manual of SGSW-24040 / 24240 Series The following are the user-configurable STP parameters for the switch level: Parameter Description Default Value Bridge Identifier(Not user A combination of the User-set priority and 32768 + MAC configurable the switch’s MAC address.
User’s Manual of SGSW-24040 / 24240 Series User-Changeable STA Parameters The Switch’s factory default setting should cover the majority of installations. However, it is advisable to keep the default settings as set at the factory; unless, it is absolutely necessary. The user changeable parameters in the Switch are as follows: Priority – A Priority for the switch can be set from 0 to 65535. 0 is equal to the highest Priority. Hello Time – The Hello Time can be from 1 to 10 seconds.
User’s Manual of SGSW-24040 / 24240 Series switch as the root bridge using the Priority setting, or influencing STP to choose a particular port to block using the Port Priority and Port Cost settings is, however, relatively straight forward. Figure 4-7-5 Before Applying the STA Rules In this example, only the default STP values are used.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-7-6 After Applying the STA Rules The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two (optional) Gigabit ports (default port cost = 20,000) on switch A are connected to one (optional) Gigabit port on both switch B and C.
User’s Manual of SGSW-24040 / 24240 Series The STP Bridge Configuration screen in Figure 4-7-7 appears. Figure 4-7-7 STP Bridge Configuration page screenshot The page includes the following fields: Basic Settings Object Description Protocol Version The STP protocol version setting. Valid values are STP, RSTP and MSTP. Forward Delay The delay used by STP Bridges to transition Root and Designated Ports to Forwarding (used in STP compatible mode).
User’s Manual of SGSW-24040 / 24240 Series Transmit Hold Count The number of BPDU's a bridge port can send per second. When exceeded, transmission of the next BPDU will be delayed. Valid values are in the range 1 to 10 BPDU's per second. Advanced Settings Object Description Edge Port BPDU Control whether a port explicitly configured as Edge will transmit and receive Filtering Edge Port BPDU Guard BPDUs.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-7-8 STP Bridge Status page screenshot The page includes the following fields: Object Description MSTI The Bridge Instance. This is also a link to the STP Detailed Bridge Status. Bridge ID The Bridge ID of this Bridge instance. Root ID The Bridge ID of the currently elected root bridge. Root Port The switch port currently assigned the root port role. Root Cost Root Path Cost. For the Root Bridge this is zero.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-7-9 STP CIST Port Configuration page screenshot The page includes the following fields: Object Description Port The switch port number of the logical STP port. STP Enabled Controls whether RSTP is enabled on this switch port.
User’s Manual of SGSW-24040 / 24240 Series Path Cost Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the Specific setting, a user-defined value can be entered. The path cost is used when establishing the active topology of the network. Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports. Valid values are in the range 1 to 200000000.
User’s Manual of SGSW-24040 / 24240 Series Transition to the forwarding state is faster for point-to-point LANs than for shared media. (This applies to physical ports only. Aggregations are always forced Point2Point). Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. By default, the system automatically detects the speed and duplex mode used on each port, and configures the path cost according to the values shown below.
User’s Manual of SGSW-24040 / 24240 Series Table 4-7-3 Default STP Path Costs 4.7.5 MSTI Priorities This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well. The MSTI Priority screen in Figure 4-7-10 appears. Figure 4-7-10 MSTI Priority page screenshot The page includes the following fields: Object Description MSTI The bridge instance. The CIST is the default instance, which is always active.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-7-11 MSTI Configuration page screenshot The page includes the following fields: Configuration Identification Object Description Configuration Name The name identifiying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's. (Intra-region). The name is at most 32 characters.
User’s Manual of SGSW-24040 / 24240 Series MSTI The bridge instance. The CIST is not available for explicit mapping, as it will receive the VLANs not explicitly mapped. VLANs Mapped The list of VLAN's mapped to the MSTI. The VLANs must be separated with comma and/or space. A VLAN can only be mapped to one MSTI. A unused MSTI should just be left empty. (I.e. not having any VLANs mapped to it.) Buttons : Click to save changes.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-7-13 MST1 MSTI Port Configuration page screenshot 166
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: MSTx MSTI Port Configuration Object Description Port The switch port number of the corresponding STP CIST (and MSTI) port. Path Cost Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the Specific setting, a user-defined value can be entered.
User’s Manual of SGSW-24040 / 24240 Series 4.7.8 Port Status This page displays the STP CIST port status for port physical ports in the currently selected switch. The STP Port Status screen in Figure 4-7-14 appears. Figure 4-7-14 STP Port Status page screenshot The page includes the following fields: Object Description Port The switch port number of the logical STP port. CIST Role The current STP port role of the ICST port.
User’s Manual of SGSW-24040 / 24240 Series Uptime Disabled Blocking Learning Forwarding Non-STP The time since the bridge port was last initialized. Buttons : Click to refresh the page immediately. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. 4.7.9 Port Statistics This page displays the STP port statistics counters for port physical ports in the currently selected switch. The STP Port Statistics screen in Figure 4-7-15 appears.
User’s Manual of SGSW-24040 / 24240 Series Discarded Illegal The number of illegal Spanning Tree BPDU's received (and discarded) on the port. Buttons : Click to refresh the page immediately. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Click to clear the information immediately.
User’s Manual of SGSW-24040 / 24240 Series 4.8 Multicast 4.8.1 IGMP Snooping The Internet Group Management Protocol (IGMP) lets host and routers share information about multicast groups memberships. IGMP snooping is a switch feature that monitors the exchange of IGMP messages and copies them to the CPU for feature processing. The overall purpose of IGMP Snooping is to limit the forwarding of multicast frames to only ports that are a member of the multicast group.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-8-2 Multicast flooding Figure 4-8-3 IGMP Snooping multicast stream control 172
User’s Manual of SGSW-24040 / 24240 Series IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group. IGMP version 1 is defined in RFC 1112. It has a fixed packet size and no optional data.
User’s Manual of SGSW-24040 / 24240 Series message, and query messages that are specific to a given group. The states a computer will go through to join or to leave a multicast group are shown below: Figure 4-8-4 IGMP State Transitions IGMP Querier – A router, or multicast-enabled switch, can periodically ask their hosts if they want to receive multicast traffic.
User’s Manual of SGSW-24040 / 24240 Series 4.8.2 IGMP Snooping Configuration This page provides IGMP Snooping related configuration. Most of the settings are global, whereas the Router Port configuration is related to the currently selected stack unit, as reflected by the page header. The IGMP Snooping Configuration screen in Figure 4-8-5 appears.
User’s Manual of SGSW-24040 / 24240 Series 4.8.3 IGMP Port Related Configuration This page provides IGMP Snooping related configuration. Most of the settings are global, whereas the Router Port configuration is related to the currently selected stack unit, as reflected by the page header. The IGMP Port Related Configuration screen in Figure 4-8-6 appears.
User’s Manual of SGSW-24040 / 24240 Series Object Description Router Port Specify which ports act as IGMP router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier. The Switch forwards IGMP join or leave packets to an IGMP router port. Auto: Select “Auto” to have the Managed Switch automatically uses the port as IGMP Router port if the port receives IGMP query packets.
User’s Manual of SGSW-24040 / 24240 Series screen in Figure 4-8-7 appears. Figure 4-8-7 IGMP Snooping VLAN Configuration page screenshot The page includes the following fields: Object Description VLAN ID The VLAN ID of the entry. IGMP Snooping Enable Enable the per-VLAN IGMP Snooping. Only up to 64 VLANs can be selected. IGMP Querier Enable the IGMP Querier in the VLAN. The Querier will send out if no Querier received in 255 seconds after IGMP Querier Enabled.
User’s Manual of SGSW-24040 / 24240 Series is permitted, the IGMP join report is forwarded as normal. If a requested multicast group is denied, the IGMP join report is dropped. IGMP throttling sets a maximum number of multicast groups that a port can join at the same time. When the maximum number of groups is reached on a port, the switch can take one of two actions; either “deny” or “replace”. If the action is set to deny, any new IGMP join reports will be dropped.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-8-9 IGMP Snooping Status page screenshot The page includes the following fields: Object Description VLAN ID The VLAN ID of the entry. Groups The present IGMP groups. Max. are 128 groups for each VLAN. Port Members The ports that are members of the entry. Querier Status Show the Querier status is "ACTIVE" or "IDLE". Querier Transmit The number of Transmitted Querier. Querier Receive The number of Received Querier.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to refresh the page immediately. : Clears all Statistics counters. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. 4.8.7 MVR Configuration In multicast VLAN networks, subscribers to a multicast group can exist in more than one VLAN if the VLAN boundary restrictions in a network consist of Layer 2 switches.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-8-10 MVR Configuration page screenshot The page includes the following fields: Object Description MVR Mode Enable/Disable the Global MVR.
User’s Manual of SGSW-24040 / 24240 Series VLAN ID Specify the Multicast VLAN ID. Mode Enable MVR on the port. Type Specify the MVR port type on the port. Immediate Leave Enable the fast leave on the port. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.8.8 MVR Status This page provides MVR status. The MVR Status screen in Figure 4-8-11 appears.
User’s Manual of SGSW-24040 / 24240 Series : Click to refresh the page immediately. : Clears all Statistics counters. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals.
User’s Manual of SGSW-24040 / 24240 Series 4.9 Quality of Service 4.9.1 Understand QOS Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic. QoS enables you to assign various grades of network service to different types of traffic, such as multi-media, video, protocol-specific, time critical, and file-backup traffic. QoS reduces bandwidth limitations, delay, loss, and jitter.
User’s Manual of SGSW-24040 / 24240 Series 4. Apply a QoS profile to a port(s). 4.9.2 QCL Configuration Wizard This handy wizard helps you set up a QCL quickly. The QCL Configuration Wizard screen in Figure 4-9-1 appears. Figure 4-9-1 Welcome to the QCL Configuration Wizard page screenshot The page includes the following fields: Object Description Set up Port Policies Group ports into several types according to different QCL policies.
User’s Manual of SGSW-24040 / 24240 Series 4.9.2.1 Set up Policy Rules Group ports into several types according to different QCL policies. The settings relate to the currently selected stack unit, as reflected by the page header. The screen in Figure 4-9-2 appears. Figure 4-9-2 Set up Policy Rules page screenshot The page includes the following fields: Object Description QCL ID Frames that hit this QCE are set to match this specific QCL.
User’s Manual of SGSW-24040 / 24240 Series port in a QCL member, click the radio button. Buttons : Click to start the wizard again. : Click to get more information. : Click to continue the wizard. Once the QCL configuration wizard is finished, the below screen appears. Buttons : Click to start the wizard again. : Click to get more information. 4.9.2.2 Set up Typical Network Application Rules Set up the specific QCL for different typical network application quality control.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-9-3 Set up Typical Network Application Rules page screenshot The page includes the following fields: Object Description Audio and Video Indicates the common servers that apply to the specific QCE . The common servers are: QuickTime 4 Server MSN Messenger Phone Yahoo Messenger Phone Napster Real Audio Games Indicates the common games that apply to the specific QCE.
User’s Manual of SGSW-24040 / 24240 Series STEP-2 According to your selection on the previous page, this wizard will create specific QCEs (QoS Control Entries) automatically. First select the QCL ID for these QCEs, and then select the traffic class. Different parameter options are displayed depending on the frame type that you selected.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-9-5 Set up ToS Precedence Mapping page screenshot The page includes the following fields: Object Description QCL ID Select the QCL ID to which this QCE applies. ToS Precedence Class Select a traffic class of Low, Normal, Medium, or High to apply to the QCE. Buttons : Click to cancel the wizard. : Click to go back to the previous wizard step. : Click to continue the wizard.
User’s Manual of SGSW-24040 / 24240 Series 4.9.2.4 Set up VLAN Tag Priority Mapping Set up the traffic class mapping to the User Priority value (3 bits) when receiving VLAN tagged packets. The Set up VLAN Tag Priority Mapping screen in Figure 4-9-6 appears. Figure 4-9-6 Set up VLAN Tag Priority Mapping page screenshot The page includes the following fields: Object Description QCL ID Select the QCL ID to which this QCE applies.
User’s Manual of SGSW-24040 / 24240 Series 4.9.3 QoS Control List Configuration This page lists the QCEs for a given QCL. Frames can be classified by 4 different QoS classes: Low, Normal, Medium, and High. The classification is controlled by a QoS assigned to each port. A QCL consists of an ordered list of up to 12 QCEs. Each QCE can be used to classify certain frames to a specific QoS class.
User’s Manual of SGSW-24040 / 24240 Series DSCP: IPv4 and IPv6 DSCP. ToS: The 3 precedence bit in the ToS byte of the IPv4/IPv6 header (also known as DS field). Tag Priority: User Priority. Only applicable if the frame is VLAN tagged or priority tagged. Type Value Indicates the value according to its QCE type. Ethernet Type: The field shows the Ethernet Type value. VLAN ID: The field shows the VLAN ID. TCP/UDP Port: The field shows the TCP/UDP port range. DSCP: The field shows the IPv4/IPv6 DSCP value.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description QCE Type Select the available type for the specific QCE. Ethernet Type: Matches the received frame's EtherType against the QCE Key. VLAN ID: Matches the frame's VID against the QCE Key. TCP/UDP Port: Matches the destination port and the source port against the QCE Key. DSCP: Matches the received IPv4/IPv6 DSCP value (6 bits) against the two DSCP values in the QCE Key.
User’s Manual of SGSW-24040 / 24240 Series A QCL consists of an ordered list of up to 12 QCEs. Each QCE can be used to classify certain frames to a specific QoS class. This classification can be based on parameters such as VLAN ID, UDP/TCP port, IPv4/IPv6 DSCP or Tag Priority. Frames not matching any of the QCEs are classified to the default QoS class for the port. The settings relate to the currently selected stack unit, as reflected by the page header.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Number of Classes Configure the number of traffic classes as "1", "2", or "4". The default value is "4". Port The logical port for the settings contained in the same row. Default Class Configure the default QoS class for the port, that is, the QoS class for frames not matching any of the QCEs in the QCL. QCL # Select which QCL to use for the port.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-9-10 Rate Limit Configuration page screenshot The page includes the following fields: Object Description Port The logical port for the settings contained in the same row. Policer Enabled Enable or disable the port policer. The default value is "Disabled". Policer Rate Configure the rate for the port policer. The default value is "500".
User’s Manual of SGSW-24040 / 24240 Series default value is "kbps". Shaper Enabled Enable or disable the port shaper. The default value is "Disabled". Shaper Rate Configure the rate for the port shaper. The default value is "500". This value is restricted to 500-1000000 when the "Policer Unit" is "kbps", and it is restricted to 1-1000 when the "Policer Unit" is "Mbps" Shaper Unit Configure the unit of measure for the port shaper rate as kbps or Mbps. The default value is "kbps". 4.9.
User’s Manual of SGSW-24040 / 24240 Series 64, 128, 256, 512, 1K, 2K, 4K, 8K, 16K, 32K, 64K, 128K, 256K, 512K, or 1024K. The 1 kpps is actually 1002.1 pps. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.9.7 QoS Statistics This page provides statistics for the different queues for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header. The QoS Statistics screen in Figure 4-9-12 appears.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Port The logical port for the settings contained in the same row. Low Queue There are 4 QoS queues per port with strict or weighted queuing scheduling. This is the lowest priority queue. Normal Queue This is the normal priority queue of the 4 QoS queues. It has higher priority than the "Low Queue". Medium Queue This is the medium priority queue of the 4 QoS queues.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-9-13 DSCP Remarking Configuration page screenshot The page includes the following fields: Object Description Port The logical port for the settings contained in the same row. DSCP Remarking If the QoS remarking mode is set to enabled, it should be with this DSCP Mode DSCP Queue Mapping remarking/correction function according to RFC2474 on this port.
User’s Manual of SGSW-24040 / 24240 Series CS3 = DSCP (24) CS4 = DSCP (32) CS5 = DSCP (40) CS6 = DSCP (48) CS7 = DSCP (56) Expedite Forward = DSCP (46) Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.9.9 Voice VLAN Configuration The Voice VLAN feature enables the voice traffic forwarding on the Voice VLAN, then the switch can classifying and scheduling to network traffic.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-9-14 Voice VLAN Configuration page screenshot 204
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Mode Indicates the Voice VLAN mode operation. We must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter. Possible modes are: Enabled: Enable Voice VLAN mode operation. Disabled: Disable Voice VLAN mode operation. VLAN ID Indicates the Voice VLAN ID. It should be a unique VLAN ID in the system and cannot equal each port PVID.
User’s Manual of SGSW-24040 / 24240 Series 4.9.10 Voice VLAN OUI Table Configure VOICE VLAN OUI table on this page. The maximum entry number is 16. Modify OUI table will restart auto detect OUI process. The Voice VLAN OUI Table screen in Figure 4-9-15 appears. Figure 4-9-15 Voice VLAN OUI Table page screenshot The page includes the following fields: Object Description Delete Check to delete the entry. It will be deleted during the next save.
User’s Manual of SGSW-24040 / 24240 Series 4.10 Access Control Lists ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual users or groups permitted or denied to specific traffic objects, such as a process or a program. Each accessible traffic object contains an identifier to its ACL. The privileges determine whether there are specific traffic object access rights.
User’s Manual of SGSW-24040 / 24240 Series ARP: The ACE will match ARP/RARP frames. IPv4: The ACE will match all IPv4 frames. IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol. IPv4/UDP: The ACE will match IPv4 frames with UDP protocol. IPv4/TCP: The ACE will match IPv4 frames with TCP protocol. IPv4/Other: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP. Action Indicates the forwarding action of the ACE. Permit: Frames matching the ACE may be forwarded and learned.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-10-2 Access Control List Configuration page screenshot The page includes the following fields: Object Description Ingress Port Indicates the ingress port of the ACE. Possible values are: Any: The ACE will match any ingress port. Policy: The ACE will match ingress ports with a specific policy. Port: The ACE will match a specific ingress port. Frame Type Indicates the frame type of the ACE.
User’s Manual of SGSW-24040 / 24240 Series Counter The counter indicates the number of times the ACE was hit by a frame. Modification Buttons You can modify each ACE (Access Control Entry) in the table using the following buttons: : Inserts a new ACE before the current row. : Edits the ACE row. : Moves the ACE up the list. : Moves the ACE down the list. : Deletes the ACE. : The lowest plus sign adds a new entry at the bottom of the ACE listings.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-10-3 ACE Configuration page screenshot The page includes the following fields: Object Description Ingress Port Select the ingress port for which this ACE applies. Any: The ACE applies to any port. Port n: The ACE applies to this port number, where n is the number of the switch port. Policy n: The ACE applies to this policy number, where n can range from 1 through 8. Switch Select the Switch for this ACE applies.
User’s Manual of SGSW-24040 / 24240 Series Logging Specify the logging operation of the ACE. The allowed values are: Enabled: Frames matching the ACE are stored in the System Log. Disabled: Frames matching the ACE are not logged. Please note that the System Log memory size and logging rate is limited. Shutdown Specify the port shut down operation of the ACE. The allowed values are: Enabled: If a frame matches the ACE, the ingress port will be disabled.
User’s Manual of SGSW-24040 / 24240 Series this VLAN ID value. Tag Priority Specify the tag priority for this ACE. A frame that hits this ACE matches this tag priority. The allowed number range is 0 to 7. The value Any means that no tag priority is specified (tag priority is "don't-care".) ARP Parameters The ARP parameters can be configured when Frame Type "ARP" is selected. Object Description ARP/RARP Specify the available ARP/RARP opcode (OP) flag for this ACE.
User’s Manual of SGSW-24040 / 24240 Series ARP SMAC Match Specify whether frames can hit the action according to their sender hardware address field (SHA) settings. 0: ARP frames where SHA is not equal to the SMAC address. 1: ARP frames where SHA is equal to the SMAC address. Any: Any value is allowed ("don't-care"). RARP SMAC Match Specify whether frames can hit the action according to their target hardware address field (THA) settings. 0: RARP frames where THA is not equal to the SMAC address.
User’s Manual of SGSW-24040 / 24240 Series ICMP: Select ICMP to filter IPv4 ICMP protocol frames. Extra fields for defining ICMP parameters will appear. These fields are explained later in this help file. UDP: Select UDP to filter IPv4 UDP protocol frames. Extra fields for defining UDP parameters will appear. These fields are explained later in this help file. TCP: Select TCP to filter IPv4 TCP protocol frames. Extra fields for defining TCP parameters will appear.
User’s Manual of SGSW-24040 / 24240 Series Any: No destination IP filter is specified. (Destination IP filter is "don't-care".) Host: Destination IP filter is set to Host. Specify the destination IP address in the DIP Address field that appears. Network: Destination IP filter is set to Network. Specify the destination IP address and destination IP mask in the DIP Address and DIP Mask fields that appear.
User’s Manual of SGSW-24040 / 24240 Series you can enter a specific TCP/UDP source range value. A field for entering a TCP/UDP source value appears. TCP/UDP Source No. When "Specific" is selected for the TCP/UDP source filter, you can enter a specific TCP/UDP source value. The allowed range is 0 to 65535. A frame that hits this ACE matches this TCP/UDP source value. TCP/UDP Source Range When "Range" is selected for the TCP/UDP source filter, you can enter a specific TCP/UDP source range value.
User’s Manual of SGSW-24040 / 24240 Series TCP URG Specify the TCP "Urgent Pointer field significant" (URG) value for this ACE. 0: TCP frames where the URG field is set must not be able to match this entry. 1: TCP frames where the URG field is set must be able to match this entry. Any: Any value is allowed ("don't-care"). Ethernet Type Parameters The Ethernet Type parameters can be configured when Frame Type "Ethernet Type" is selected.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-10-4 ACL Ports Configuration page screenshot The page includes the following fields: Object Description Port The logical port for the settings contained in the same row. Policy ID Select the policy to apply to this port. The allowed values are 1 through 8. The default value is 1. Action Select whether forwarding is permitted ("Permit") or denied ("Deny"). The default value is "Permit".
User’s Manual of SGSW-24040 / 24240 Series Logging Specify the logging operation of this port. The allowed values are: Enabled: Frames received on the port are stored in the System Log. Disabled: Frames received on the port are not logged. The default value is "Disabled". Please note that the System Log memory size and logging rate are limited. Shutdown Specify the port shut down operation of this port. The allowed values are: Enabled: If a frame is received on the port, the port will be disabled.
User’s Manual of SGSW-24040 / 24240 Series 4.10.5 ACL Rate Limiter Configuration Configure the rate limiter for the ACL of the switch. The ACL Rate Limiter Configuration screen in Figure 4-10-5 appears. Figure 4-10-5 ACL Rate Limiter Configuration page screenshot The page includes the following fields: Object Description Rate Limiter ID The rate limiter ID for the settings contained in the same row.
User’s Manual of SGSW-24040 / 24240 Series 4.11 Authentication This section is to control the access of the Managed Switch, includes the user access and management control. The Authentication section contains links to the following main topics: IEEE 802.1X Port-based Network Access Control MAC-based Authentication User Authentication Overview of 802.1X (Port-based) Authentication In the 802.
User’s Manual of SGSW-24040 / 24240 Series to authenticate. The disadvantage is that MAC addresses can be spoofed by malicious users, equipment whose MAC address is a valid RADIUS user can be used by anyone, and only the MD5-Challenge method is supported. The 802.1X and MAC-Based Authentication configuration consists of two sections, a system- and a port-wide.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-11-1 Client—the device (workstation) that requests access to the LAN and switch services and responds to requests from the switch. The workstation must be running 802.1X-compliant client software such as that offered in the Microsoft Windows XP operating system. (The client is the supplicant in the IEEE 802.1X specification.) Authentication server—performs the actual authentication of the client.
User’s Manual of SGSW-24040 / 24240 Series authentication server must support EAP within the native frame format. When the switch receives frames from the authentication server, the server's frame header is removed, leaving the EAP frame, which is then encapsulated for Ethernet and sent to the client. Authentication Initiation and Message Exchange The switch or the client can initiate authentication.
User’s Manual of SGSW-24040 / 24240 Series Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state. While in this state, the port disallows all ingress and egress traffic except for 802.1X protocol packets. When a client is successfully authenticated, the port transitions to the authorized state, allowing all traffic for the client to flow normally.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Client The management client for which the configuration below applies. Authentication Method Authentication Method can be set to one of the following values: None: authentication is disabled and login is not possible. local: use the local user database on the switch stack for authentication. radius: use a remote RADIUS server for authentication.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-11-4 Network Access Server Configuration page screenshot 228
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: System Configuration Object Description Mode Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Reauthentication Enabled If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period. Reauthentication for 802.
User’s Manual of SGSW-24040 / 24240 Series the entry. Hold Time This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses: Single 802.1X Multi 802.1X MAC-Based Auth. If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the "Configuration→Security→AAA" page) - the client is put on hold in the Unauthorized state.
User’s Manual of SGSW-24040 / 24240 Series VLAN as listed below. The "Guest VLAN Enabled" checkbox provides a quick way to globally enable/disable Guest VLAN functionality. When checked, the individual ports' ditto setting determines whether the port can be moved into Guest VLAN. When unchecked, the ability to move to the Guest VLAN is disabled for all ports. Guest VLAN ID This is the value that a port's Port VLAN ID is set to if a port is moved into the Guest VLAN.
User’s Manual of SGSW-24040 / 24240 Series In this mode, the switch will send one EAPOL Failure frame when the port link comes up, and any client on the port will be disallowed network access. Port-based 802.1X In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication server. The authenticator acts as the man-in-the-middle, forwarding requests and responses between the supplicant and the authentication server.
User’s Manual of SGSW-24040 / 24240 Series really aren't authenticated. To overcome this security breach, use the Single 802.1X variant. Single 802.1X is really not an IEEE standard, but features many of the same characteristics as does port-based 802.1X. In Single 802.1X, at most one supplicant can get authenticated on the port at a time. Normal EAPOL frames are used in the communication between the supplicant and the switch.
User’s Manual of SGSW-24040 / 24240 Series Unlike port-based 802.1X, MAC-based authentication is not a standard, but merely a best-practices method adopted by the industry. In MAC-based authentication, users are called clients, and the switch acts as the supplicant on behalf of clients. The initial frame (any kind of frame) sent by a client is snooped by the switch, which in turn uses the client's MAC address as both username and password in the subsequent EAP exchange with the RADIUS server.
User’s Manual of SGSW-24040 / 24240 Series • Single 802.1X RADIUS attributes used in identifying a QoS Class: Refer to the written documentation for a description of the RADIUS attributes needed in order to successfully identify a QoS Class. The User-Priority-Table attribute defined in RFC4675 forms the basis for identifying the QoS Class in an Access-Accept packet.
User’s Manual of SGSW-24040 / 24240 Series Tag value and fulfil the following requirements (if Tag == 0 is used, the Tunnel-Private-Group-ID does not need to include a Tag): - Value of Tunnel-Medium-Type must be set to "IEEE-802" (ordinal 6). - Value of Tunnel-Type must be set to "VLAN" (ordinal 13). - Value of Tunnel-Private-Group-ID must be a string of ASCII chars in the range '0' - '9', which is interpreted as a decimal string representing the VLAN ID. Leading '0's are discarded.
User’s Manual of SGSW-24040 / 24240 Series Guest VLAN and starts authenticating the supplicant according to the port mode. If an EAPOL frame is received, the port will never be able to go back into the Guest VLAN if the "Allow Guest VLAN if EAPOL Seen" is disabled. Port State The current state of the port. It can undertake one of the following values: Globally Disabled: NAS is globally disabled. Link Down: NAS is globally enabled, but there is no link on the port.
User’s Manual of SGSW-24040 / 24240 Series 4.11.4 Network Access Overview This page provides an overview of the current NAS port states for the selected switch. The Network Access Overview screen in Figure 4-11-5 appears. Figure 4-11-5 Network Access Overview page screenshot The page includes the following fields: Object Description Port The switch port number. Click to navigate to detailed NAS statistics for this port. Admin State The port's current administrative state.
User’s Manual of SGSW-24040 / 24240 Series client for MAC-based authentication. Last ID The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame for EAPOL-based authentication, and the source MAC address from the most recently received frame from a new client for MAC-based authentication. Port VLAN ID The VLAN ID that NAS has put the port in. The field is blank, if the Port VLAN ID is not overridden by NAS.
User’s Manual of SGSW-24040 / 24240 Series Port State The current state of the port. Refer to NAS Port State for a description of the individual states. QoS Class The QoS class assigned by the RADIUS server. The field is blank if no QoS class is assigned. Port VLAN ID The VLAN ID that NAS has put the port in. The field is blank, if the Port VLAN ID is not overridden by NAS. If the VLAN ID is assigned by the RADIUS server, "(RADIUS-assigned)" is appended to the VLAN ID.
User’s Manual of SGSW-24040 / 24240 Series Rx Logoff mesRx received by the switch. dot1xAuthEapolLogoffFr The number of valid EAPOL amesRx Logoff frames that have been received by the switch. Rx Invalid Type dot1xAuthInvalidEapolF The number of EAPOL ramesRx frames that have been received by the switch in which the frame type is not recognized.
User’s Manual of SGSW-24040 / 24240 Series Rx Access dot1xAuthBackendAcce 802.1X-based: Challenges ssChallenges Counts the number of times that the switch receives the first request from the backend server following the first response from the supplicant. Indicates that the backend server has communication with the switch. MAC-based: Counts all Access Challenges received from the backend server for this port (left-most table) or client (right-most table). Rx Other dot1xAuthBackendOther 802.
User’s Manual of SGSW-24040 / 24240 Series server. Tx Responses dot1xAuthBackendResp 802.1X-based: onses Counts the number of times that the switch attempts to send a supplicant's first response packet to the backend server. Indicates the switch attempted communication with the backend server. Possible retransmissions are not counted. MAC-based: Counts all the backend server packets sent from the switch towards the backend server for a given port (left-most table) or client (right-most table).
User’s Manual of SGSW-24040 / 24240 Series Identity - 802.1X-based: The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame. MAC-based: Not applicable. Selected Counters Object Description Selected Counters The Selected Counters table is visible when the port is one of the following administrative states: Multi 802.1X MAC-based Auth.
User’s Manual of SGSW-24040 / 24240 Series remain in the unauthenticated state for Hold Time seconds. Last Authentication Shows the date and time of the last authentication of the client (successful as well as unsuccessful). Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Click to refresh the page immediately. : This button is available in the following modes: • Force Authorized • Force Unauthorized • Port-based 802.1X • Single 802.
User’s Manual of SGSW-24040 / 24240 Series 4.11.6 Authentication Server Configuration This page allows you to configure the Authentication Servers. The Authentication Server Configuration screen in Figure 4-11-7 appears.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Port State These setting are common for all of the Authentication Servers. Object Description Timeout The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server. If the server does not reply within this timeframe, we will consider it to be dead and continue with the next enabled server (if any).
User’s Manual of SGSW-24040 / 24240 Series RADIUS Accounting Server Configuration The table has one row for each RADIUS Accounting Server and a number of columns, which are: Object Description # The RADIUS Accounting Server number for which the configuration below applies. Enabled Enable the RADIUS Accounting Server by checking this box. IP Address/Hostname The IP address or hostname of the RADIUS Accounting Server. IP address is expressed in dotted decimal notation.
User’s Manual of SGSW-24040 / 24240 Series 4.11.7 RADIUS Overview This page provides an overview of the status of the RADIUS servers configurable on the Authentication configuration page. The RADIUS Authentication/Accounting Server Overview screen in Figure 4-11-8 appears. Figure 4-11-8 RADIUS Authentication/Accounting Server Overview page screenshot The page includes the following fields: RADIUS Authentication Servers Object Description # The RADIUS server number.
User’s Manual of SGSW-24040 / 24240 Series but will get re-enabled when the dead-time expires. The number of seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled. RADIUS Accounting Servers Object Description # The RADIUS server number. Click to navigate to detailed statistics for this server. IP Address The IP address and UDP port number (in : notation) of this server.
User’s Manual of SGSW-24040 / 24240 Series 4.11.8 RADIUS Details This page provides detailed statistics for a particular RADIUS server. The RADIUS Authentication/Accounting for Server Overview screen in Figure 4-11-9 appears. Figure 4-11-9 RADIUS Authentication/Accounting for Server Overview page screenshot The page includes the following fields: RADIUS Authentication Servers The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB.
User’s Manual of SGSW-24040 / 24240 Series Rx Access radiusAuthClientExtA The number of RADIUS Accepts ccessAccepts Access-Accept packets (valid or invalid) received from the server. Rx Access Rejects radiusAuthClientExtA The number of RADIUS ccessRejects Access-Reject packets (valid or invalid) received from the server. Rx Access radiusAuthClientExtA The number of RADIUS Challenges ccessChallenges Access-Challenge packets (valid or invalid) received from the server.
User’s Manual of SGSW-24040 / 24240 Series authentication port and dropped for some other reason. Tx Access radiusAuthClientExtA The number of RADIUS Requests ccessRequests Access-Request packets sent to the server. This does not include retransmissions. Tx Access radiusAuthClientExtA The number of RADIUS Retransmissio ccessRetransmission Access-Request packets ns s retransmitted to the RADIUS authentication server.
User’s Manual of SGSW-24040 / 24240 Series State - Shows the state of the server. It takes one of the following values: Disabled: The selected server is disabled. Not Ready: The server is enabled, but IP communication is not yet up and running. Ready: The server is enabled, IP communication is up and running, and the RADIUS module is ready to accept access attempts. Dead (X seconds left): Access attempts were made to this server, but it did not reply within the configured timeout.
User’s Manual of SGSW-24040 / 24240 Series packets include packets with an invalid length. Bad authenticators or or unknown types are not included as malformed access responses. Rx Bad radiusAcctClientExt The number of RADIUS Authenticators BadAuthenticators packets containing invalid authenticators received from the server. Rx Unknown Types radiusAccClientExt The number of RADIUS UnknownTypes packets of unknown types that were received from the server on the accounting port.
User’s Manual of SGSW-24040 / 24240 Series timeout, the client may retry to the same server, send to a different server, or give up. A retry to the same server is counted as a retransmit as well as a timeout. A send to a different server is counted as a Request as well as a timeout. Other Info This section contains information about the state of the server and the latest round-trip time. Name RFC4670 Name Description State - Shows the state of the server.
User’s Manual of SGSW-24040 / 24240 Series 4.11.9 Windows Platform RADIUS Server Configuration Setup the RADIUS server and assign the client IP address to the Managed switch. In this case, field in the default IP Address of the Managed Switch with 192.168.0.100. And also make sure the shared secret key is as same as the one you had set at the Managed Switch’s 802.1x system configuration – 12345678 at this case. 1. Configure the IP Address of remote RADIUS server and secret key.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-11-11 Windows Server – add new RADIUS client setting 3.
User’s Manual of SGSW-24040 / 24240 Series 4. The shared secret key should be as same as the key configured on the Managed Switch.
User’s Manual of SGSW-24040 / 24240 Series 5. Configure ports attribute of 802.1X, the same as “802.1X Port Configuration”. Figure 4-11-14 802.1x Port Configuration 6. Create user data. The establishment of the user data needs to be created on the Radius Server PC.
User’s Manual of SGSW-24040 / 24240 Series 5.
User’s Manual of SGSW-24040 / 24240 Series Set the Ports Authenticate Status to “Force Authorized” if the port is connected to the RADIUS server or the port is an uplink port that is connected to another switch. Or once the 802.1X is called to work, the switch might not be able to access the RADIUS server. 4.11.10 802.1X Client Configuration Windows XP is originally 802.1X support. As to other operating systems (windows 98SE, ME, 2000), an 802.1X client utility is needed.
User’s Manual of SGSW-24040 / 24240 Series 4. Select “Authentication” tab. 5. Select “Enable network access control using IEEE 802.1X” to enable 802.1x authentication. 6. Select “MD-5 Challenge” from the drop-down list box for EAP type. Figure 4-11-19 7. Click “OK”. 8. When client has associated with the Managed Switch, a user authentication notice appears in system tray. Click on the notice to continue.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-11-20 Windows client popup login request message 9. Enter the user name, password and the logon domain that your account belongs. 10. Click “OK” to complete the validation process.
User’s Manual of SGSW-24040 / 24240 Series 4.12 Security This section is to control the access of the Managed Switch, includes the user access and management control. The Security page contains links to the following main topics: Port Limit Control Access Management HTTPs / SSH DHCP Snooping IP Source Guard ARP Inspection 4.12.1 Port Limit Control This page allows you to configure the Port Security Limit Control system and port settings.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-12-1 Port Limit Control Configuration Overview page screenshot 266
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: System Configuration Object Description Mode Indicates if Limit Control is globally enabled or disabled on the switchstack. If globally disabled, other modules may still use the underlying functionality, but limit checks and corresponding actions are disabled. Aging Enabled If checked, secured MAC addresses are subject to aging as discussed under Aging Period.
User’s Manual of SGSW-24040 / 24240 Series Limit The maximum number of MAC addresses that can be secured on this port. This number cannot exceed 1024. If the limit is exceeded, the corresponding action is taken. The stackswitch is "born" with a total number of MAC addresses from which all ports draw whenever a new MAC address is seen on a Port Security-enabled port.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to refresh the page. Note that non-committed changes will be lost. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.12.2 Access Management Configure access management table on this page. The maximum entry number is 16. If the application's type match any one of access management entry, it will allow to access the switch. The Access Management Configuration screen in Figure 4-12-2 appears.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to add a new access management entry. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.12.3 Access Management Statistics This page provides statistics for access management. The Access Management Statistics screen in Figure 4-12-3 appears.
User’s Manual of SGSW-24040 / 24240 Series 4.12.4 HTTPs Configure HTTPS on this page. The HTTPS Configuration screen in Figure 4-12-4 appears. Figure 4-12-4 HTTPS Configuration screen page screenshot The page includes the following fields: Object Description Mode Indicates the HTTPS mode operation. Possible modes are: Enabled: Enable HTTPS mode operation. Disabled: Disable HTTPS mode operation. Automatic Redirect Indicates the HTTPS redirect mode operation.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-12-5 SSH Configuration screen page screenshot The page includes the following fields: Object Description Mode Indicates the SSH mode operation. Possible modes are: Enabled: Enable SSH mode operation. Disabled: Disable SSH mode operation. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.12.6 Port Security Status This page shows the Port Security status.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-12-6 Port Security Status screen page screenshot The page includes the following fields: User Module Legend The legend shows all user modules that may request Port Security services. Object Description User Module Name The full name of a module that may request Port Security services. Abbr A one-letter abbreviation of the user module. This is used in the Users column in the port status table.
User’s Manual of SGSW-24040 / 24240 Series Port Status The table has one row for each port on the selected switch in the switch and a number of columns, which are: Object Description Port The port number for which the status applies. Click the port number to see the status for this particular port. Users Each of the user modules has a column that shows whether that module has enabled Port Security or not.
User’s Manual of SGSW-24040 / 24240 Series 4.12.7 Port Security Detail This page shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
User’s Manual of SGSW-24040 / 24240 Series 4.12.8 DHCP Snooping DHCP Snooping is used to block intruder on the untrusted ports of DUT when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server. Configure DHCP Snooping on this page. The DHCP Snooping Configuration screen in Figure 4-12-8 appears.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Snooping Mode Indicates the DHCP snooping mode operation. Possible modes are: Enabled: Enable DHCP snooping mode operation. When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports. Disabled: Disable DHCP snooping mode operation. Port Mode Indicates the DHCP snooping port mode.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Rx and Tx Discover The number of discover (option 53 with value 1) packets received and transmitted. Rx and Tx Offer The number of offer (option 53 with value 2) packets received and transmitted. Rx and Tx Request The number of request (option 53 with value 3) packets received and transmitted. Rx and Tx Decline The number of decline (option 53 with value 4) packets received and transmitted.
User’s Manual of SGSW-24040 / 24240 Series 4.12.10 IP Source Guard Configuration IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host. This page provides IP Source Guard related configuration. The IP Source Guard Configuration screen in Figure 4-12-10 appears.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Mode of IP Source Enable the Global IP Source Guard or disable the Global IP Source Guard. All Guard Configuration Port Mode Configuration configured ACEs will be lost when the mode is enabled. Specify IP Source Guard is enabled on which ports. Only when both Global Mode and Port Mode on a given port are enabled, IP Source Guard is enabled on this given port.
User’s Manual of SGSW-24040 / 24240 Series 4.12.11 IP Source Guard Static Table This page provides Static IP Source Guard Table. The Static IP Source Guard Table screen in Figure 4-12-11 appears. Figure 4-12-11 Static IP Source Guard Table screen page screenshot The page includes the following fields: Object Description Delete Check to delete the entry. It will be deleted during the next save. Port The logical port for the settings. VLAN ID The VLAN ID for the settings.
User’s Manual of SGSW-24040 / 24240 Series 4.12.12 ARP Inspection ARP Inspection is a secure feature. Several types of attacks can be launched against a host or devices connected to Layer 2 networks by "poisoning" the ARP caches. This feature is used to block such attacks. Only valid ARP requests and responses can go through DUT. This page provides ARP Inspection related configuration. The ARP Inspection Configuration screen in Figure 4-12-12 appears.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description Mode of ARP Enable the Global ARP Inspection or disable the Global ARP Inspection. Inspection Configuration Port Mode Specify ARP Inspection is enabled on which ports. Only when both Global Mode and Port Mode on a given port are enabled, ARP Inspection is enabled on this Configuration given port. Buttons : Click to save changes.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to add a new entry. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
User’s Manual of SGSW-24040 / 24240 Series 4.13 Address Table Switching of frames is based upon the DMAC address contained in the frame. The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame ). This table contains both static and dynamic entries.
User’s Manual of SGSW-24040 / 24240 Series 4.13.2 Static MAC Table Configuration The static entries in the MAC table are shown in this table. The static MAC table can contain 64 entries. The maximum of 64 entries is for the whole stack, and not per switch. The MAC table is sorted first by VLAN ID and then by MAC address. The Static MAC Table Configuration screen in Figure 4-13-2 appears.
User’s Manual of SGSW-24040 / 24240 Series 4.13.3 MAC Address Table Status Dynamic MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address. The MAC Address Table screen in Figure 4-13-3 appears. Figure 4-13-3 MAC Address Table Status Navigating the MAC Table Each page shows up to 999 entries from the MAC table, default being 20, selected through the "entries per page" input field.
User’s Manual of SGSW-24040 / 24240 Series VLAN: Query of the MAC addresses entry by VLAN. MAC Address: Query of the MAC addresses entry by MAC address. Type Indicates whether the entry is a static or dynamic entry. VLAN The VLAN ID of the entry. MAC address The MAC address of the entry. Port Members The ports that are members of the entry. Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-13-4 MAC Table Learning screenshot The page includes the following fields: Object Description Auto Learning is done automatically as soon as a frame with unknown SMAC is received. Disable No learning is done. Secure Only static MAC entries are learned, all other frames are dropped.
User’s Manual of SGSW-24040 / 24240 Series 4.13.5 Dynamic ARP Inspection Table Entries in the Dynamic ARP Inspection Table are shown on this page. The Dynamic ARP Inspection Table contains up to 1024 entries, and is sorted first by port, then by VLAN ID, then by MAC address, and then by IP address. The Dynamic ARP Inspection Table screen in Figure 4-13-5 appears.
User’s Manual of SGSW-24040 / 24240 Series : Flushes all dynamic entries. : Updates the table starting from the first entry in the MAC Table, i.e. the entry with the lowest VLAN ID and MAC address. : Updates the table, starting with the entry after the last entry currently displayed. 4.13.6 Dynamic IP Source Guard Table Entries in the Dynamic IP Source Guard Table are shown on this page. The Dynamic IP Source Guard Table is sorted first by port, then by VLAN ID, then by IP address, and then by IP mask.
User’s Manual of SGSW-24040 / 24240 Series MAC address The MAC address of the entry. IP Address The IP address of the entry. Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Refreshes the displayed table starting from the "Start from MAC address" and "VLAN" input fields. : Flushes all dynamic entries. : Updates the table starting from the first entry in the MAC Table, i.e. the entry with the lowest VLAN ID and MAC address.
User’s Manual of SGSW-24040 / 24240 Series 4.14 LLDP 4.14.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast domain. LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device. Advertised information is represented in Type Length Value (TLV) format according to the IEEE 802.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-14-1 LLDP Configuration page screenshot The page includes the following fields: LLDP Parameters Object Description Tx Interval The switch is periodically transmitting LLDP frames to its neighbors for having the network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 32768 seconds.
User’s Manual of SGSW-24040 / 24240 Series >= (4 * Delay Interval) Tx Hold Each LLDP frame contains information about how long the information in the LLDP frame shall be considered valid. The LLDP information valid period is set to Tx Hold multiplied by Tx Interval seconds. Valid values are restricted to 2 - 10 times. TTL in seconds is based on the following rule: (Transmission Interval * Holdtime Multiplier) ≤ 65536. Therefore, the default TTL is 4*30 = 120 seconds.
User’s Manual of SGSW-24040 / 24240 Series is enabled. Only CDP TLVs that can be mapped into a corresponding field in the LLDP neighbors table are decoded. All other TLVs are discarded ( Unrecognized CDP TLVs and discarded CDP frame are not shown in the LLDP statistic. Only ). CDP TLVs are mapped into LLDP neighbors table as shown below. CDP TLV "Device ID" is mapped into the LLDP "Chassis ID" field. CDP TLV "Address" is mapped into the LLDP "Management Address" field.
User’s Manual of SGSW-24040 / 24240 Series Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.14.3 LLDPMED Configuration This page allows you to configure the LLDP-MED. The LLDPMED Configuration screen in Figure 4-14-2 appears.
User’s Manual of SGSW-24040 / 24240 Series achieve these related properties. Initially, a Network Connectivity Device will only transmit LLDP TLVs in an LLDPDU. Only after an LLDP-MED Endpoint Device is detected, will an LLDP-MED capable Network Connectivity Device start to advertise LLDP-MED TLVs in outgoing LLDPDUs on the associated port.
User’s Manual of SGSW-24040 / 24240 Series building, 0.0 represents the floor level associated with ground level at the main entrance. Map Datum The Map Datum used for the coordinates given in this Option WGS84: (Geographical 3D) - World Geodesic System 1984, CRS Code 4327, Prime Meridian Name: Greenwich. NAD83/NAVD88: North American Datum 1983, CRS Code 4269, Prime Meridian Name: Greenwich; The associated vertical datum is the North American Vertical Datum of 1988 (NAVD88).
User’s Manual of SGSW-24040 / 24240 Series Name Name (residence and office occupant) - Example: Flemming Jahn Zip code Postal/zip code - Example: 2791 Building Building (structure) - Example: Low Library Apartment Unit (Apartment, suite) - Example: Apt 42 Floor Floor - Example: 4 Room no. Room number - Example: 450F Place type Place type - Example: Office Postal community Postal community name - Example: Leonia name P.O. Box Post office box (P.O.
User’s Manual of SGSW-24040 / 24240 Series This network policy is potentially advertised and associated with multiple sets of application types supported on a given port. The application types specifically addressed are: 1. Voice 2. Guest Voice 3. Softphone Voice 4. Video Conferencing 5. Streaming Video 6.
User’s Manual of SGSW-24040 / 24240 Series VLAN or a single 'tagged’ data specific VLAN. When a network policy is defined for use with an 'untagged’ VLAN (see Tagged flag below), then the L2 priority field is ignored and only the DSCP value has relevance. Video Conferencing Streaming Video - for use by broadcast or multicast based video content distribution and other similar applications supporting streaming video services that require specific network policy treatment.
User’s Manual of SGSW-24040 / 24240 Series Policy ID The set of policies that shall apply for a given port. The set of policies is selected by checkmarking the checkboxes that corresponds to the policies Buttons : click to add new policy. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.14.4 LLDP-MED Neighbor This page provides a status overview for all LLDP-MED neighbors.
User’s Manual of SGSW-24040 / 24240 Series 3. IEEE 802.3 Repeater (included for historical reasons) 4. IEEE 802.11 Wireless Access Point 5. Any device that supports the IEEE 802.1AB and MED extensions defined by TIA-1057 and can relay IEEE 802 frames via any method. LLDP-MED Endpoint Device Definition Within the LLDP-MED Endpoint Device category, the LLDP-MED scheme is broken into further Endpoint Device Classes, as defined in the following.
User’s Manual of SGSW-24040 / 24240 Series communication appliances, such as IP Phones, PC-based softphones, or other communication appliances that directly support the end user. Discovery services defined in this class include provision of location identifier (including ECS / E911 information), embedded L2 switch support, inventory management LLDP-MED Capabilities LLDP-MED Capabilities describes the neighbor unit's LLDP-MED capabilities. The possible capabilities are: 1. LLDP-MED capabilities 2.
User’s Manual of SGSW-24040 / 24240 Series unknown. Defined: The network policy is defined. TAG TAG is indicating whether the specified application type is using a tagged or an untagged VLAN. Can be Tagged ot Untagged Untagged: The device is using an untagged frame format and as such does not include a tag header as defined by IEEE 802.1Q-2003. Tagged: The device is using the IEEE 802.1Q tagged frame format VLAN ID VLAN ID is the VLAN identifier (VID) for the port as defined in IEEE 802.1Q-2003.
User’s Manual of SGSW-24040 / 24240 Series Local Port The port on which the LLDP frame was received. Chassis ID The Chassis ID is the identification of the neighbor's LLDP frames. Remote Port ID The Remote Port ID is the identification of the neighbor port. System Name System Name is the name advertised by the neighbor unit. Port Description Port Description is the port description advertised by the neighbor unit.
User’s Manual of SGSW-24040 / 24240 Series 4.14.6 Port Statistics This page provides an overview of all LLDP traffic. Two types of counters are shown. Global counters are counters that refer to the whole stack, switch, while local counters refers to counters for the currently selected switch. The LLDP Statistics screen in Figure 4-14-5 appears.
User’s Manual of SGSW-24040 / 24240 Series Total Neighbors Shows the number of LLDP frames dropped due to that the entry table was full. Entries Dropped Total Neighbors Shows the number of entries deleted due to Time-To-Live expiring. Entries Aged Out Local Counters The displayed table contains a row for each port. The columns hold the following information: Object Description Local Port The port on which LLDP frames are received or transmitted.
User’s Manual of SGSW-24040 / 24240 Series 4.15 Network Diagnostics This section provide the Physical layer and IP layer network diagnostics tools for troubleshoot. The diagnostic tools are designed for network manager to help them quickly diagnose problems between point to point and better service customers. Use the Diagnastics menu items to display and configure basic administrative details of the Managed Switch.
User’s Manual of SGSW-24040 / 24240 Series 4.15.1 Ping This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues. After you press “Start”, 5 ICMP packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs. The ICMP Ping screen in Figure 4-15-1 appears.
User’s Manual of SGSW-24040 / 24240 Series 4.15.2 IPv6 Ping This page allows you to issue ICMPv6 PING packets to troubleshoot IPv6 connectivity issues. After you press “Start”, 5 ICMPv6 packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs. The ICMPv6 Ping screen in Figure 4-15-2 appears.
User’s Manual of SGSW-24040 / 24240 Series 4.15.3 Remote IP Ping Test This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues on special port. After you press “Test”, 5 ICMP packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs. The ICMP Ping screen in Figure 4-15-3 appears.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-15-3 Remote IP Ping Test page screenshot The page includes the following fields: Object Description Port The logical port for the settings. Remote IP Address The destination IP Address. Ping Size The payload size of the ICMP packet. Values range from 8 bytes to 1400 bytes. Result Display the ping result. 4.15.4 Cable Diagnostics This page is used for running the Cable Diagnostics. Press to run the diagnostics.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-15-4 VeriPHY Cable Diagnostics page screenshot The page includes the following fields: Object Description Port The port where you are requesting Cable Diagnostics. Description Display per port description. Cable Status Port: Port number. Pair: The status of the cable pair. Length: The length (in meters) of the cable pair. Buttons : Download the diagnostics. : Click to run the diagnostics. : Print out the cable diagnostics information.
User’s Manual of SGSW-24040 / 24240 Series 4.16 Power over Ethernet (SGSW-24040P / SGSW-24040P4 / SGSW-24040HP) Providing up to 24 PoE, in-line power interfaces, the SGSW-24040P / SGSW-24040P / SGSW-24040HP PoE Switch can easily build a power central-controlled IP phone system, IP Camera system, AP group for the enterprise. For instance, 24 cameras / APs can be easily installed around the corner in the company for surveillance demands or build a wireless roaming environment in the office.
User’s Manual of SGSW-24040 / 24240 Series 4.16.1 Power over Ethernet Powered Device Voice over IP phones Enterprise can install POE VoIP Phone, ATA and other Ethernet/non-Ethernet end-devices to the central where UPS is installed for un-interrupt power system 3~5 watts and power control system.
User’s Manual of SGSW-24040 / 24240 Series Class Usage Range of maximum power used by the PD Class Dsecription 0 Default 0.44 to 12.95 Watts Classification unimplement 1 Optional 0.44 to 3.84 Watts Very low power 2 Optional 3.84 to 6.49 Watts Low power 3 Optional 6.49 to 12.95 Watts (or to 15.4Watts) Mid power 4 Optional 12.95 to 25.50 Watts (or to 30.8Watts) High power In this mode, the Maximum Power fields have no effect.
User’s Manual of SGSW-24040 / 24240 Series The page includes the following fields: Object Description System PoE Admin Allows user enable or disable PoE function. It will causes all of PoE ports supply or not supply power. Mode Power Management There are five modes for configuring how the ports/PDs may reserve power and when to shut down ports. Mode Classification mode Allocation mode Consumption mode Priority mode The default PoE management mode is “Consumption mode”.
User’s Manual of SGSW-24040 / 24240 Series Class Usage Range of maximum power used by the PD Class Dsecription 0 Default 0.44 to 12.95 Watts Classification unimplement 1 Optional 0.44 to 3.84 Watts Very low power 2 Optional 3.84 to 6.49 Watts Low power 3 Optional 6.49 to 12.95 Watts (or to 15.4 Watts) Mid power 4 Optional 12.95 to 25.50 Watts (or to 30.8 Watts) High power Table 4-16-1 Device class Only the SGSW-24040HP has IEEE 802.3at mode and supplies a maximum Power of up to 30.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-16-3 Power over Ethernet Configuration screenshot The page includes the following fields: Object Description PoE Mode There are three modes for PoE mode. Enable: enable PoE function.. Disable: disable PoE function. Schedule: enable PoE function in schedule mode. Schedule Indicates the schedule profile mode. Possible porifles are: Profile1 Profile2 Profile3 Profile4 AF / AT Mode Ther are two modes for PoE mode. (SGSW-24040HP only) 802.
User’s Manual of SGSW-24040 / 24240 Series and keep on detection mode until PD’s power consumption lower than the power limit value Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. Only the SGSW-24040HP has IEEE 802.3at mode and supplies a maximum Power of up to 30.8 watts.
User’s Manual of SGSW-24040 / 24240 Series 4.16.4 PoE Status This page allows the user to inspect the total power consumption, total power reserved and current status for all PoE ports. The screen in Figure 4-16-4 appears. Figure 4-16-4 PoE Status screenshot The page includes the following fields: Object Description Current Power Show the total watts usage of PoE Switch. Consumption Total Power Reserved Shows how much the total power be reserved for all PDs.
User’s Manual of SGSW-24040 / 24240 Series PoE Temperature Unit 1 Display the current operating temperature of PoE chip unit 1. The unit 1 is in charge of PoE Port-1~Port-12 PoE Temperature Unit 2 Display the current operating temperature of PoE chip unit 2. The unit 1 is in charge of PoE Port-13~Port-24 Local Port This is the logical port number for this row. PD Class Display the class of the PD attached to the port, as established by the classification process.
User’s Manual of SGSW-24040 / 24240 Series 4.16.5 PoE Schedule This page allows the user to define PoE schedule. The screen in Figure 4-16-5 appears. Figure 4-16-5 PoE Schedule screenshot The page includes the following fields Object Description Profile Set the schedule profile mode. Possible porifles are: Profile1 / Profile2 / Profile3 / Profile4 Week Day Show the PoE schedule mode usage of week day. Start Hour Allow choosing specific hour for PoE port enable and feed PoE power.
User’s Manual of SGSW-24040 / 24240 Series Reboot Min Allow choosing specific minutes for Switch reboot. Buttons : click to add new rule. : Click to save changes. : Check to delete the entry. 4.16.6 LLDP Neighbor Power Over Ethernet This page provides a status overview for all LLDP PoE neighbors. The displayed table contains a row for each port on which an LLDP PoE neighbor is detected. The columns hold the following information: The screen in Figure 4-16-6 appears.
User’s Manual of SGSW-24040 / 24240 Series If the power priority is unknown it is indicated as "Unknown" Power The Power Value contains a numerical value that indicates the maximum power in watts required by a PD device from a PSE device, or the minimum power a PSE device is capable of sourcing over a maximum length cable based on its current configuration. The maximum allowed value is 102.3 W. If the device indicates value higher than 102.
User’s Manual of SGSW-24040 / 24240 Series 4.17 Stack Using Stacking, it is possible to connect a number of switches together in a stack, which behaves as a single switch as seen from outside the stack. Two types of stack topologies are supported: Ring topology Chain topology (same as a disconnected ring) Multiple PLANET SGSW series devices may be connected together to constitute a ring or chain stack topology using the STX / 5Gbps ports as interconnect links.
User’s Manual of SGSW-24040 / 24240 Series Ring Stack: A ring of switches, thereby providing redundant forwarding paths. Figure 4-17-2 Ring Stack topology Back-to-Back Stack : Two switches interconnected on both stacking ports.
User’s Manual of SGSW-24040 / 24240 Series 4.17.1 Stack This section provides information for understand stacking architecture, include the below items: Switch IDs Assigning and Swapping Switch IDs Removing a Switch From the Stack Replacing a Switch General Switch ID Assignment Rules Master Election Stack Redundancy Shortest Path Forwarding 4.17.1.1 Switch IDs The Switch ID (1-16) assigned to a SGSW Switch.
User’s Manual of SGSW-24040 / 24240 Series General Switch ID Assignment Rules When assigning Switch IDs to the devices in the stack, you must note the following: 1. Switches with assigned IDs can be changed to use any other switch ID (possibly by swapping Switch ID with another active switch). 2. When swapping two Switch IDs, the devices will retain their (own) configuration, except for the Switch ID. 3. Switches without an assigned Switch ID can only be assigned to any unused ID. 4.
User’s Manual of SGSW-24040 / 24240 Series Figure 4-17-4 Remove or Replace a switch from the stack 4.17.1.4 Shortest Path Forwarding The SGSW Swtich supports shortest path forwarding technology to optimal data flow across the stack. The advantage of shortest path forwarding as below: Automatic Loop Prevention – Using Time To Live (TTL) information in the stack-header Utilize all stack links in the ring.
User’s Manual of SGSW-24040 / 24240 Series 4.17.2 Stack Configuration This page is used for configure the stack, include assign Switch ID, master priority and display the current stack member information. The screen in Figure 4-17-6appears. Figure 4-17-6 Stack Configuration page screenshot The page includes the following fields: Object Description Delete Deletes this switch from the stack configuration. Stack Member The MAC address of the switch.
User’s Manual of SGSW-24040 / 24240 Series hardware), the following procedure must be used to assign the configuration of the failing switch to the new hardware: 1. Remove the failing switch from the stack. For example, assume that the failing switch had Switch ID 3. 2. Insert the new switch into the stack. The new switch is assigned an unused Switch ID. 3. To remove the automatic switch ID assignment, choose "Delete", followed by "Save". The new switch is then shown with Switch ID set to "-". 4.
User’s Manual of SGSW-24040 / 24240 Series priority and MAC address. When master election is enforced, the first two criteria are ignored for a period of 10-15 seconds. Within a managed stack, one master switch (or just "master") must be elected. Any switch not being master is a slave switch (or just "slave"). To elect a master, the following criteria are evaluated sequentially: 1. If any switch already claims to have been master for more than 30 seconds, then that switch will become master. 2.
User’s Manual of SGSW-24040 / 24240 Series 4.17.3 Stack Information This page provides an overview of the stack topology, as detected by SPROUT. Stack Topology The Stack Topology screen in Figure 4-17-7 appears. Figure 4-17-7 Stack Information page screenshot - Stack Topology The page includes the following fields: Object Description Stack Topology Specifies the type of topology for the stack: Chain: A chain of switches, that is, no redundant forwarding paths.
User’s Manual of SGSW-24040 / 24240 Series Master Forwarding Table As the heading suggests, the information in the table is as seen from the master view. For each switch in the stack, the following information is shown: The MAC address, switch ID, distance information, and the primary forwarding path to the switch. For ring topology, a backup path is also provided. Figure 4-17-9 Stack Information page screenshot - Master Forwarding Table 4.17.
User’s Manual of SGSW-24040 / 24240 Series Identify the MASTER SWITCH Assign / re-assing Switch ID for each management purpose Step 1: linking the switches by CB-STX50 stack cable. Step 2: Check the Master LED of each SGSW switch to find out the Master Switch that is elected automatically by the stack operation. Step 3: Use the Web browser such as IE 7.0 to login the Master Switch, the default IP address is 192.168.0.100.
User’s Manual of SGSW-24040 / 24240 Series Select the switch with ID=1 and assign a new ID for this unit, for example: ID=4 Figure 4-17-13 Assing new ID for current master Select the target switch and set up with lower priority “1”, also re-assing the Switch ID=1 for it. After click Save, click “Start Master Election” and save again.
User’s Manual of SGSW-24040 / 24240 Series Step 6: After the Stack Master and Members have been configured, any switch in the stack can be managed from the web agent by choosing the desired Member ID from the Switch drop down menu. To connect to a Member switch through the CLI, use the rcommand. Figure 4-17-16 To manage the member switch Slave switch IP will be covered by Master one, and disappear temporarily. The slave IP address can be the same as Master IP address.
User’s Manual of SGSW-24040 / 24240 Series 5. COMMAND LINE INTERFACE 5.1 Accessing the CLI When accessing the management interface for the switch over a direct connection to the server’s console port, or via a Telnet connection, the switch can be managed by entering command keywords and parameters at the prompt. Using the switch's command-line interface (CLI) is very similar to entering commands on a UNIX system. This chapter describes how to use the Command Line Interface (CLI).
User’s Manual of SGSW-24040 / 24240 Series Configure IP address The SGSW Managed Switch is shipped with default IP address as following. IP Address: 192.168.0.100 Subnet Mask: 255.255.255.0 To check the current IP address or modify a new IP address for the Switch, please use the procedures as follows: Show the current IP address 1. On ”Switch/> ” prompt, enter “ip configuration”. 2. The screen displays the current IP address, Subnet Mask and Gateway as shown in Figure 5-2.
User’s Manual of SGSW-24040 / 24240 Series IP: 192.168.0.101 Subnet Mask: 255.255.255.0 Gateway: 192.168.0.253 VLAN ID: 1 Figure 5-3 Set IP address screen 4. Repeat Step 1 to check if the IP address is changed. If the IP address is successfully configured, the Managed Switch will apply the new IP address setting immediately. You can access the Web interface of SGSW Managed Switch through the new IP address.
User’s Manual of SGSW-24040 / 24240 Series 5.2 Telnet Login The Managed Switch also supports telnet for remote management. The switch asks for user name and password for remote login when using telnet, please use “admin” for user name and password.
User’s Manual of SGSW-24040 / 24240 Series 6. Command Line Mode The CLI groups all the commands in appropriate modes according to the nature of the command. A sample of the CLI command modes are described below. Each of the command modes supports specific software commands.
User’s Manual of SGSW-24040 / 24240 Series 6.1 System Command System Configuration Description: Show system configuration.
User’s Manual of SGSW-24040 / 24240 Series Syntax: System Name [] Parameters: : System name or 'clear' to clear System name is a text string drawn from the alphabet (A-Za-z), digits (0-9), minus sign (-). No blank or space characters are permitted as part of a name. The first character must be an alpha character, and the first or last character must not be a minus sign. Example: To set device title: Switch/>System name SGSW-24040-LAB System Contact Description: Set or show the system contact.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : System location string. Use 'clear' or "" to clear the string In CLI, no blank or space characters are permitted as part of a contact. Default Setting: empty Example: To set device location: Switch/>System location 9F-LAB System Timezone Description: Set or show the system timezone offset.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : CLI prompt string Default Setting: SWITCH Example: To change CLI title: Switch/>system prompt SGSW-24040 SGSW-24040/> System Reboot Description: Reboot the system. Syntax: System Reboot Example: To reboot device without changing any of the settings: Switch/>system reboot System Restore Default Description: Restore factory default configuration.
User’s Manual of SGSW-24040 / 24240 Series System Load Description: Show current CPU load: 100ms, 1s and 10s running average (in percent, zero is idle). Syntax: System Load Example: To show current CPU load: Switch/>system load Load average(100ms, 1s, 10s): 1%, 1%, 1% System Log Description: Show or clear the system log.
User’s Manual of SGSW-24040 / 24240 Series ID ---- Level ------ Time ------------------------- Message ------- 1 Info - Switch just made a cold boot.
User’s Manual of SGSW-24040 / 24240 Series 6.2 Stack Stack List Description: Show the list of switches in stack.
User’s Manual of SGSW-24040 / 24240 Series Stack Master Reelect Description: Force master reelection (ignoring master time). Syntax: Stack Master Reelect Example: Force master reelection. Switch/>stack master reelect Switch/> Stack Select Description: Set or show the selected switch ID. Syntax: Stack Select [|all] Parameters: |all: Switch ID (1-16) or all switch Default Setting: Switch ID: All Example: Select the switch ID.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Stack SID Swap Parameters: : Switch ID (1-16), default: Show SID Example: Change stack SID value. Switch/>stack sid swap 1 2 Switch/> Stack SID Delete Description: Delete SID assignment and associated configuration. Syntax: Stack SID Delete Parameters: : Switch ID (1-16) Example: Delete stack SID 10. Switch/>stack sid delete 10 Switch/> Stack SID Assign Description: Assign SID and associated configuration to switch.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Switch ID (1-16) : MAC address (xx-xx-xx-xx-xx-xx) Example: Assign SID 10 for 00-30-4f-24-04-0a Switch/>stack sid assign 10 00-30-4f-24-04-0a Switch/> 355
User’s Manual of SGSW-24040 / 24240 Series 6.3 IP Command IP Configuration Description: Show IP configuration. Syntax: IP Configuration Example: Show IP configuration: Switch/>ip configuration IP Configuration: ================= DHCP Client : Disabled IP Address : 192.168.0.100 IP Mask : 255.255.255.0 IP Router : 192.168.0.1 DNS Server : 0.0.0.0 VLAN ID :1 DNS Proxy : Disabled IPv6 AUTOCONFIG mode : Disabled IPv6 Link-Local Address: fe80::230:4fff:fe24:4d1 IPv6 Address : ::192.168.0.
User’s Manual of SGSW-24040 / 24240 Series Parameters: enable : Enable or renew DHCP client disable: Disable DHCP client Default Setting: Disable Example: Disable DHCP sever: SWITCH/>ip dhcp disable IP Setup Description: Set or show the IP setup. Syntax: IP Setup [] [] [] [] Parameters: : IP address (a.b.c.d), default: Show IP address : IP subnet mask (a.b.c.d), default: Show IP mask : IP router (a.b.c.
User’s Manual of SGSW-24040 / 24240 Series IP Ping Description: Ping IP address (ICMP echo). Syntax: IP Ping [] Parameters: : IP host address (a.b.c.d) or a host name string : Ping data length (8-1400), excluding MAC, IP and ICMP headers Example: SWITCH/>ip ping 192.168.0.21 PING server 192.168.0.21 60 bytes from 192.168.0.21: icmp_seq=0, time=0ms 60 bytes from 192.168.0.21: icmp_seq=1, time=0ms 60 bytes from 192.168.0.
User’s Manual of SGSW-24040 / 24240 Series IP DNS Proxy Description: Set or show the IP DNS Proxy mode. Syntax: IP DNS_Proxy [enable|disable] Parameters: enable : Enable DNS Proxy disable: Disable DNS Proxy Default Setting: disable Example: Enable DNS proxy function: SWITCH/>ip dns_proxy enable IPv6 AUTOCINFIG Description: Set or show the IPv6 AUTOCONFIG mode.
User’s Manual of SGSW-24040 / 24240 Series IPv6 Setup Description: Set or show the IPv6 setup. Syntax: IP IPv6 Setup [] [] [] [] Parameters: : IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:). For example, four hexadecimal digits with a colon separates each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'.
User’s Manual of SGSW-24040 / 24240 Series Syntax: IP IPv6 Ping6 [] Parameters: : IPv6 host address. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:). For example, four hexadecimal digits with a colon separates each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'.
User’s Manual of SGSW-24040 / 24240 Series 3 north-america.pool.ntp.org 4 asia.pool.ntp.org 5 oceania.pool.ntp.org IP NTP Mode Description: Set or show the NTP mode. Syntax: IP NTP Mode [enable|disable] Parameters: enable : Enable NTP mode disable : Disable NTP mode (default: Show NTP mode) Default Setting: disable Example: Enable NTP mode: SWITCH/>ip ntp mode enable IP NTP Server Add Description: Add NTP server entry.
User’s Manual of SGSW-24040 / 24240 Series IP NTP Server IPv6 Add Description: Add NTP server IPv6 entry. Syntax: IP NTP Server Ipv6 Add Parameters: : The server index (1-5) : IPv6 server address. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'.
User’s Manual of SGSW-24040 / 24240 Series 6.4 Port Management Command Port Configuration Description: Show port configuration.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports 10hdx : 10 Mbps, half duplex 10fdx : 10 Mbps, full duplex 100hdx : 100 Mbps, half duplex 100fdx : 100 Mbps, full duplex 1000fdx : 1 Gbps, full duplex auto : Auto negotiation of speed and duplex (default: Show configured and current mode) Default Setting: Auto Example: Set 10Mbps (half duplex) speed for port1 SWITCH/>port mode 1 10hdx Port Flow Control Description: Set or show the port fl
User’s Manual of SGSW-24040 / 24240 Series Port State Description: Set or show the port administrative state. Syntax: Port State [] [enable|disable] Parameters: : Port list or 'all', default: All ports enable : Enable port disable : Disable port (default: Show administrative mode) Default Setting: Enable Example: Disable port1 SWITCH/>port state 1 disable Port Maximum Frame Description: Set or show the port maximum frame size.
User’s Manual of SGSW-24040 / 24240 Series Port Power Description: Set or show the port PHY power mode.
User’s Manual of SGSW-24040 / 24240 Series Example: Show SFP information for port21-24 SWITCH/>port sfp Port ---- Type -------------- Speed -------- Wave Length(nm) --------------- Distance(m) ----------- 21 1000Base-LX 1000-Base 1310 10000 22 1000Base-LX 1000-Base 1310 10000 23 -- -- -- -- 24 -- -- -- -- Port Excessive Description: Set or show the port excessive collision mode.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports clear : The command parameter takes the following values: : Clear port statistics packets : Show packet statistics bytes : Show byte statistics errors : Show error statistics discards : Show discard statistics filtered : Show filtered statistics low : Show low priority statistics normal : Show normal priority statistics medium high : Show medium priority statistics : Show hi
User’s Manual of SGSW-24040 / 24240 Series 6.5 MAC Address Table Command MAC Configuration Description: Show MAC address table configuration.
User’s Manual of SGSW-24040 / 24240 Series 16 Auto 17 Auto 18 Auto 19 Auto 20 Auto 21 Auto 22 Auto 23 Auto 24 Auto MAC Add Description: Add MAC address table entry.
User’s Manual of SGSW-24040 / 24240 Series Example: Delete Mac address 00-30-4F-01-01-02 in vid1 SWITCH/>mac delete 00-30-4f-01-01-02 1 MAC Lookup Description: Lookup MAC address entry. Syntax: MAC Lookup [] Parameters: : MAC address (xx-xx-xx-xx-xx-xx) : VLAN ID (1-4095), default: 1 Example: Lookup state of Mac address 00-30-4F-01-01-02 SWITCH/>mac lookup 00-30-4f-01-01-02 MAC Age Time Description: Set or show the MAC address age timer.
User’s Manual of SGSW-24040 / 24240 Series Example: Set agetime value in 30 SWITCH/>mac agetime 30 MAC Learning Description: Set or show the port learn mode.
User’s Manual of SGSW-24040 / 24240 Series Example: Show all of MAC table SWITCH/>mac dump Type VID MAC Address Ports ------ --- ----------------- ----- Static 1 00-30-00-33-22-55 1 Static 1 00-30-4f-24-04-d1 None,CPU Static 1 33-33-ff-24-04-d1 None,CPU Static 1 33-33-ff-a8-00-64 None,CPU Dynamic Static 1 1 40-61-86-04-18-69 ff-ff-ff-ff-ff-ff 10 1-24,CPU MAC Statistics Description: Show MAC address table statistics.
User’s Manual of SGSW-24040 / 24240 Series 10 1 11 0 12 0 13 0 14 0 15 0 16 0 17 0 18 0 19 0 20 0 21 0 22 0 23 0 24 0 Total Dynamic Addresses: 1 Total Static Addresses : 5 MAC Flush Description: Flush all learned entries.
User’s Manual of SGSW-24040 / 24240 Series 6.6 VLAN Configuration Command VLAN Configuration Description: Show VLAN configuration. Syntax: VLAN Configuration [] Parameters: : Port list or 'all', (default: All ports) Example: Show VLAN status of port1 SWITCH/>vlan configuration 1 VLAN Configuration: =================== Mode : IEEE 802.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports |none : Port VLAN ID (1-4095) or 'none', (default: Show port VLAN ID) Default Setting: 1 Example: Set PVID2 for port20 SWITCH/>vlan pvid 20 2 VLAN Frame Type Description: Set or show the port VLAN frame type.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports enable : Enable VLAN ingress filtering disable : Disable VLAN ingress filtering (default: Show VLAN ingress filtering) Default Setting: Disable Example: Enable VLAN ingress filtering for port20 SWITCH/>vlan ingressfilter 20 enable VLAN Mode Description: Set or show the VLAN Mode. Syntax: VLAN Mode [portbased|dot1q] Parameters: portbased : Port-Based VLAN Mode dot1q : 802.
User’s Manual of SGSW-24040 / 24240 Series Syntax: VLAN LinkType [] [untagged|tagged] Parameters: : Port list or 'all', default: All ports untagged : VLAN Link Type Tagged tagged : VLAN Link Type Untagged (default: Show VLAN link type) Default Setting: Un-tagged Example: Enable tagged frame for port2 SWITCH/>vlan linktype 2 tagged VLAN Q-in-Q Mode Description: Set or show the port Q-in-Q mode.
User’s Manual of SGSW-24040 / 24240 Series VLAN Ethernet Type Description: Set or show out layer VLAN tag ether type in Q-in-Q VLAN mode. Syntax: VLAN Ethtype [] [man|dot1q] Parameters: : Port list or 'all', default: All ports man dot1q : Set out layer VLAN tag ether type : MAN : Set out layer VLAN tag ether type : 802.
User’s Manual of SGSW-24040 / 24240 Series VLAN Delete Description: Delete VLAN entry. Syntax: VLAN Delete Parameters: : VLAN ID (1-4095) Example: Delete port17 to port24 in VLAN10 SWITCH/>vlan delete 10 VLAN Lookup Description: Lookup VLAN entry.
User’s Manual of SGSW-24040 / 24240 Series Example: Show VLAN status SWITCH/>vlan lookup VID ---- Ports ----- 1 1-24 200 None VLAN Status Description: VLAN Port Configuration Status.
User’s Manual of SGSW-24040 / 24240 Series NAS No MVR No Voice VLAN No MSTP No Combined Enabled 1 All Disabled 383 Untag This 1 No
User’s Manual of SGSW-24040 / 24240 Series 6.7 Private VLAN Configuration Command PVLAN Configuration Description: Show Private VLAN configuration.
User’s Manual of SGSW-24040 / 24240 Series 18 Disabled 19 Disabled 20 Disabled 21 Disabled 22 Disabled 23 Disabled 24 Disabled PVLAN ID Ports -------- ----- 1 1-24 PVLAN Add Description: Add or modify Private VLAN entry. Syntax: PVLAN Add [] Parameters: : Private VLAN ID : Port list or 'all', default: All ports Example: Add port17 to port24 in PVLAN10 SWITCH/>pvlan add 10 17-24 PVLAN Delete Description: Delete Private VLAN entry.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Private VLAN ID Example: Delete PVLAN10 SWITCH/>pvlan delete 10 PVLAN Lookup Description: Lookup Private VLAN entry. Syntax: PVLAN Lookup [] Parameters: : Private VLAN ID Example: Lookup PVLAN SWITCH/> lookup PVLAN ID Ports -------- ----- 1 1-24 PVLAN Isolate Description: Set or show the port isolation mode.
User’s Manual of SGSW-24040 / 24240 Series disable : Disable port isolation (default: Show port isolation port list) Default Setting: Promiscous Example: Enable isolate for port10 SWITCH/>pvlan isolate 10 enable 387
User’s Manual of SGSW-24040 / 24240 Series 6.8 Security Command Security Switch User Configuration Description: Show users configuration.
User’s Manual of SGSW-24040 / 24240 Series Example: Add new user: username: test, password: test & privilege: 10 SWITCH/>security switch users add test test 10 Security Switch User Delete Description: Delete users entry. Syntax: Security Switch Users Delete Parameters: : A string identifying the user name that this entry should belong to Example: Delete test account.
User’s Manual of SGSW-24040 / 24240 Series -------------------------------- --- --- --- --Aggregation 5 10 Debug 15 15 15 15 Diagnostics 5 10 IGMP_Snooping IP 5 5 5 10 5 10 10 10 5 10 5 10 LACP 5 10 5 10 LLDP 5 10 5 10 LLDP-MED 5 10 5 10 MAC_Table 5 10 5 10 MVR 5 10 5 10 Maintenance 15 15 15 15 Mirroring 5 10 5 10 Port_Security 5 10 5 10 Ports 5 10 1 10 Private_VLANs 5 10 5 10 QoS 5 10 5 10 SNMP 5 Security 5 10 10 5 10 5 10 Spanni
User’s Manual of SGSW-24040 / 24240 Series Example: Change privilege level of MVR group. SWITCH/>security switch privilege level group mvr 15 15 15 15 Security Switch Privilege Level Current Description: Show the current privilege level. Syntax: Security Switch Privilege Level Current Default Setting: 15 Security Switch Auth Configuration Description: Show Auth configuration.
User’s Manual of SGSW-24040 / 24240 Series telnet local Disabled ssh local Disabled web local Disabled Security Switch Auth Method Description: Set or show Auth method.
User’s Manual of SGSW-24040 / 24240 Series Security Switch SSH Configuration Description: Show SSH configuration. Syntax: Security Switch SSH Configuration Example: Show SSH configuration. SWITCH/>security switch ssh configuration SSH Configuration: ================== SSH Mode : Disabled Security Switch SSH Mode Description: Set or show the SSH mode.
User’s Manual of SGSW-24040 / 24240 Series Security Switch HTTPs Configuration Description: Show HTTPS configuration. Syntax: Security Switch HTTPS Configuration Default Setting: disable Example: Show HTTPs configuration. SWITCH/>security switch https configuration HTTPS Configuration: ==================== HTTPS Mode : Disabled HTTPS Redirect Mode : Disabled Security Switch HTTPs Mode Description: Set or show the HTTPS mode.
User’s Manual of SGSW-24040 / 24240 Series SWITCH/>security switch https mode enable Security Switch HTTPs Redirect Description: et or show the HTTPS redirect mode. Automatic redirect web browser to HTTPS during HTTPS mode enabled. Syntax: Security Switch HTTPS Redirect [enable|disable] Parameters: enable : Enable HTTPs redirect disable: Disable HTTPs redirect (default: Show HTTPs redirect mode) Default Setting: disable Example: Enable HTTPs redirect function.
User’s Manual of SGSW-24040 / 24240 Series System Access Mode : Disabled System Access number of entries: 0 Security Switch Access Mode Description: Set or show the access management mode. Syntax: Security Switch Access Mode [enable|disable] Parameters: enable : Enable access management disable: Disable access management (default: Show access management mode) Default Setting: disable Example: Enable access management function.
User’s Manual of SGSW-24040 / 24240 Series : SNMP interface snmp telnet : TELNET/SSH interface (default: Show configured and current mode) Example: Add access management list from 192.168.0.1 to 192.168.0.200 via web interface. SWITCH/>security switch access add 1 192.168.0.1 192.168.0.200 web Security Switch Access IPv6 Add Description: Add access management IPv6 entry.
User’s Manual of SGSW-24040 / 24240 Series Security Switch Access Delete Description: Delete access management entry. Syntax: Security Switch Access Delete : entry index (1-16) Example: Delete access management ID 1 SWITCH/>security switch access delete 1 Security Switch Access Lookup Description: Lookup access management entry. Syntax: Security Switch Access Lookup [] Parameters: : entry index (1-16) Example: Lookup access management entry.
User’s Manual of SGSW-24040 / 24240 Series Example: Clear access management entry. SWITCH/>security switch access clear Security Switch Access Statistics Description: Show or clear access management statistics. Syntax: Security Switch Access Statistics [clear] Parameters: clear: Clear access management statistics Default Setting: disable Example: Show access management statistics.
User’s Manual of SGSW-24040 / 24240 Series Example: Show SNMP configuration.
User’s Manual of SGSW-24040 / 24240 Series Number of entries: 1 SNMPv3 Groups Table; Idx Model Security Name Group Name --- ----- -------------------------------- -------------------------------1 v1 public default_ro_group 2 v1 private default_rw_group 3 v2c public default_ro_group 4 v2c private default_rw_group 5 usm default_user default_rw_group Number of entries: 5 SNMPv3 Views Table: Idx View Name View Type OID Subtree --- -------------------------------- --------- -----------
User’s Manual of SGSW-24040 / 24240 Series Default Setting: enable Example: Disable SNMP mode. SWITCH/>security switch snmp mode disable Security Switch SNMP Version Description: Set or show the SNMP protocol version. Syntax: Security Switch SNMP Version [1|2c|3] Parameters: 1 : SNMP version 1 2c: SNMP version 2c 3 : SNMP version 3 (default: Show SNMP version) Default Setting: 2c Example: Set SNMP in version 3.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Community string. Use 'clear' or "" to clear the string (default: Show SNMP read community) Default Setting: public Example: Set SNMP read community private. SWITCH/>security switch snmp read community private Security Switch SNMP Write Community Description: Set or show the community string for SNMP write access. Syntax: Security Switch SNMP Write Community [] Parameters: : Community string.
User’s Manual of SGSW-24040 / 24240 Series Parameters: enable : Enable SNMP traps disable: Disable SNMP traps (default: Show SNMP trap mode) Default Setting: disable Example: Enable SNMP trap mode. SWITCH/>security switch snmp trap mode enable Security Switch SNMP Trap Version Description: Set or show the SNMP trap protocol version.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Switch SNMP Trap Community [] Parameters: : Community string. Use 'clear' or "" to clear the string (default: Show SNMP trap community) Default Setting: public Example: Set private value for SNMP trap community. SWITCH/>security switch snmp trap community private Security Switch SNMP Trap Destination Description: Set or Show the SNMP trap destination address.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:). For example, four hexadecimal digits with a colon separates each field (:). For example, fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can only appear once.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Switch SNMP Trap Link-up [enable|disable] Parameters: enable : Enable SNMP trap link-up and link-down disable: Disable SNMP trap link-up and link-down (default: Show SNMP trap link-up and link-down mode) Default Setting: enable Example: Disable SNMP trap link-up SWITCH/>security switch snmp trap link-up disable Security Switch SNMP Trap Inform Mode Description: Set or show the SNMP trap inform mode.
User’s Manual of SGSW-24040 / 24240 Series Security Switch SNMP Trap Inform Timeout Description: Set or show the SNMP trap inform timeout (usecs). Syntax: Security Switch SNMP Trap Inform Timeout [] Parameters: : SNMP trap inform timeout (0-2147 seconds) (default: Show SNMP trap inform timeout) Default Setting: 1 Example: Set SNMP trap inform timeout in 20sec.
User’s Manual of SGSW-24040 / 24240 Series Security Switch SNMP Trap Probe Security Engine ID Description: Show SNMP trap security engine ID probe mode.
User’s Manual of SGSW-24040 / 24240 Series Security Switch SNMP Trap Security Name Description: Set or show SNMP trap security name. Syntax: Security Switch SNMP Trap Security Name [] Parameters: : A string representing the security name for a principal (default: Show SNMP trap security name) Example: Set the SNMP trap security name SWITCH/>security switch snmp trap security name 12345678 Security Switch SNMP Engine ID Description: Set or show SNMPv3 local engine ID.
User’s Manual of SGSW-24040 / 24240 Series Add or modify SNMPv3 community entry. The entry index key is . Syntax: Security Switch SNMP Community Add [] [] Parameters: : Community string : IP address (a.b.c.d), default: Show IP address : IP subnet mask (a.b.c.d), default: Show IP mask Example: Add SNMPv3 community entry. SWITCH/>security switch snmp community add public 192.168.0.20 255.255.255.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : entry index (1-64) Example: Lookup SNMPv3 community entry SWITCH/>security switch snmp community lookup Idx Community Source IP Source Mask --- -------------------------------- --------------- --------------- 1 public 192.168.0.20 2 private 0.0.0.0 255.255.255.0 0.0.0.0 Number of entries: 2 Security Switch SNMP User Add Description: Add SNMPv3 user entry.
User’s Manual of SGSW-24040 / 24240 Series Security Switch SNMP User Delete Description: Delete SNMPv3 user entry. Syntax: Security Switch SNMP User Delete Parameters: : entry index (1-64) Example: Delete SNMPv3 user entry SWITCH/>security switch snmp user delete 1 Security Switch SNMP User Changekey Description: Change SNMPv3 user password.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Switch SNMP User Lookup [] Parameters: : entry index (1-64) Example: Lookup SNMPv3 user entry SWITCH/>security switch snmp user lookup Idx Engine ID User Name --- --------- -------------------------------- 1 Remote admin_snmpv3 Level Auth Priv -------------- ---- ---- Auth, Priv MD5 DES Number of entries: 1 Security Switch SNMP Group Add Description: Add or modify SNMPv3 group entry.
User’s Manual of SGSW-24040 / 24240 Series Security Switch SNMP Group Delete Description: Delete SNMPv3 group entry. Syntax: Security Switch SNMP Group Delete Parameters: : entry index (1-64) Example: Delete SNMPv3 group entry SWITCH/>security switch snmp group delete 1 Security Switch SNMP Group Lookup Description: Lookup SNMPv3 group entry.
User’s Manual of SGSW-24040 / 24240 Series Security Switch SNMP View Add Description: Add or modify SNMPv3 view entry. The entry index key are and .
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Switch SNMP View Lookup [] Parameters: : entry index (1-64) Example: Lookup SNMPv3 view entry SWITCH/>security switch snmp view lookup Idx View Name View Type OID Subtree --- -------------------------------- --------- -------------------------------- 1 default_view included .1 2 snmpv3_viwe included .1 Number of entries: 2 Security Switch SNMP Access Add Description: Add or modify SNMPv3 access entry.
User’s Manual of SGSW-24040 / 24240 Series Example: Add SNMPv3 access entry SWITCH/>security switch snmp access add group_snmpv3 usm authpriv snmpv3_view snmpv3_view Security Switch SNMP Access Delete Description: Delete SNMPv3 access entry. Syntax: Security Switch SNMP Access Delete Parameters: : entry index (1-64) Example: Delete SNMPv3 access entry SWITCH/>security switch snmp access delete 3 Security Switch SNMP Access Lookup Description: Lookup SNMPv3 access entry.
User’s Manual of SGSW-24040 / 24240 Series 2 default_rw_group any NoAuth, NoPriv Number of entries: 2 Security Network Psec Switch Description: Show Port Security status. Syntax: Security Network Psec Switch [] Parameters: : Port list or 'all', default: All ports Default Setting: 800007e5017f000001 Example: Show port security status. SWITCH/>security network psec switch Users: L = Limit Control 8 = 802.
User’s Manual of SGSW-24040 / 24240 Series 10 ---- No users 0 11 ---- No users 0 12 ---- No users 0 13 ---- No users 0 14 ---- No users 0 15 ---- No users 0 16 ---- No users 0 17 ---- No users 0 18 ---- No users 0 19 ---- No users 0 20 ---- No users 0 21 ---- No users 0 22 ---- No users 0 23 ---- No users 0 24 ---- No users 0 Security Network Psec Port Description: Show MAC Addresses learned by Port Security.
User’s Manual of SGSW-24040 / 24240 Series Security Network Limit Configuration Description: Show Limit Control configuration. Syntax: Security Network Limit Configuration [] Parameters: : Port list or 'all', default: All ports Example: Show Limit Control configuration.
User’s Manual of SGSW-24040 / 24240 Series 17 Disabled 4 None 18 Disabled 4 None 19 Disabled 4 None 20 Disabled 4 None 21 Disabled 4 None 22 Disabled 4 None 23 Disabled 4 None 24 Disabled 4 None Security Network Limit Mode Description: Set or show global enabledness.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Network Limit Aging [enable|disable] Parameters: enable : Enable aging disable : Disable aging (default: Show current enabledness of aging) Default Setting: disable Example: Enable limit aging SWITCH/>security network limit aging enable Security Network Limit Agetime Description: Time in seconds between check for activity on learned MAC addresses.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Network Limit Port [] [enable|disable] Parameters: : Port list or 'all', default: All ports enable : Enable port security on this port disable : Disable port security on this port (default: Show current port enabledness of port security limit control) Default Setting: disable Example: Enable port limit for port 1 SWITCH/>security network limit port 1 enable Security Network Limit Limit Description: Set or show the max.
User’s Manual of SGSW-24040 / 24240 Series Security Network Limit Action Description: Set or show the action involved with exceeding the limit.
User’s Manual of SGSW-24040 / 24240 Series Security Network NAS Configuration Description: Show 802.1X configuration. Syntax: Security Network NAS Configuration [] Parameters: : Port list or 'all', default: All ports Example: Show 802.1X configuration of port 1 SWITCH/>security network nas configuration 1 802.1X Configuration: ===================== Mode : Disabled Reauth. : Disabled Reauth.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Network NAS Mode [enable|disable] Parameters: enable : Globally enable 802.1X disable: Globally disable 802.1X (default: Show current 802.1X global enabledness) Default Setting: disable Example: Enable IEEE802.1X function SWITCH/>security network nas mode enable Security Network NAS State Description: Set or show the port security state.
User’s Manual of SGSW-24040 / 24240 Series Example: Show the port 1 security state. SWITCH/>security network nas state 1 Port ---- Admin State ------------------ 1 Force Authorized Port State Last Source Last ID --------------------- ----------------- ------------------ Link Down - Security Network NAS Reauthentication Description: Set or show Reauthentication enabledness.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Period between reauthentications (1-3600 seconds) (default: Show current reauthentication period) Default Setting: 3600 Example: Set reauthentication period in 3000sec. SWITCH/>security network nas reauthperiod 3000 Security Network NAS EapolTimeout Description: Set or show the time between EAPOL retransmissions.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Time between checks for activitiy on a MAC address that succeeded autentication (default: Show current age time) Default Setting: 300 Example: Set NAS age time in 1000sec SWITCH/>security network nas agetime 1000 Security Network NAS Holdtime Description: Time in seconds before a MAC-address that failed authentication gets a new authentication chance.
User’s Manual of SGSW-24040 / 24240 Series Parameters: global : Select the global RADIUS-assigned QoS setting : Select the per-port RADIUS-assigned QoS setting (default: Show current per-port RADIUS-assigned QoS enabledness) enable : Enable RADIUS-assigned QoS either globally or on one or more ports disable: Disable RADIUS-assigned QoS either globally or on one or more ports (default: Show current RADIUS-assigned QoS enabledness) Default Setting: disable Example: Enable NAS RADIUS QoS SWITCH/
User’s Manual of SGSW-24040 / 24240 Series Security Network NAS Guest_VLAN Description: Set or show either global enabledness and parameters (use the global keyword) or per-port enabledness of Guest VLAN Unless the 'global' keyword is used, the and parameters will not be unused.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Network NAS Authenticate [] [now] Parameters: : Port list or 'all', default: All ports now: Force reauthentication immediately Example: Start NAS authentication now for port 1. SWITCH/>security network nas authenticate 1 now Security Network NAS Statistics Description: Show or clear 802.1X statistics.
User’s Manual of SGSW-24040 / 24240 Series Port 1 Backend Server Statistics: Rx Access Challenges: 0 Rx Other Requests: 0 Rx Auth. Successes: 0 Rx Auth. Failures: Tx Responses: 0 0 Security Network ACL Configuration Description: Show ACL Configuration. Syntax: Security Network ACL Configuration [] Parameters: : Port list or 'all', default: All ports Example: Show ACL Configuration.
User’s Manual of SGSW-24040 / 24240 Series 12 1 Permit Disabled Disabled Disabled Disabled 0 13 1 Permit Disabled Disabled Disabled Disabled 0 14 1 Permit Disabled Disabled Disabled Disabled 0 15 1 Permit Disabled Disabled Disabled Disabled 0 16 1 Permit Disabled Disabled Disabled Disabled 0 17 1 Permit Disabled Disabled Disabled Disabled 0 18 1 Permit Disabled Disabled Disabled Disabled 746 19 1 Permit Disabled Disabled Disabled Disabled 0 20
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Network ACL Action [] [permit|deny] [] [] [] [] Parameters: : Port list or 'all', default: All ports permit : Permit forwarding (default) deny : Deny forwarding : Rate limiter number (1-15) or 'disable' : Port number for copy of frames or 'disable' : System logging of frames: log|log_disable : Shut down ingress port: shut|shu
User’s Manual of SGSW-24040 / 24240 Series Set ACL policy 2 for port 1 SWITCH/>security network acl policy 1 2 Security Network ACL Rate Description: Set or show the ACL rate limiter. Syntax: Security Network ACL Rate [] [] Parameters: : Rate limiter list (1-15), default: All rate limiters : Rate in pps (1, 2, 4, ..., 512, 1k, 2k, 4k, ...
User’s Manual of SGSW-24040 / 24240 Series [] [(etype [] [] []) | (arp [] [] [] [] []) | (ip [] [] [] []) | (icmp [] [] [] [] []) | (udp [] [] [] [] []) | (tcp [] [] [] [] [] [])] [permit|deny] [] [] [] [] Parameters: : ACE ID (1-128),
User’s Manual of SGSW-24040 / 24240 Series : System logging of frames: log|log_disable : Shut down ingress port: shut|shut_disable Security Network ACL Delete Description: Delete ACE. Syntax: Security Network ACL Delete Parameters: : ACE ID (1-128) Example: Delete ACE 1 SWITCH/>security network acl delete 1 Security Network ACL Lookup Description: Show ACE, default: All ACEs.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Security Network ACL Clear Example: Clear all ACL counters. SWITCH/>security network acl clear Security Network ACL Status Description: Show ACL status.
User’s Manual of SGSW-24040 / 24240 Series Example: Show DHCP relay configuration. SWITCH/>security network dhcp relay configuration DHCP Relay Configuration: ========================= DHCP Relay Mode : Disabled DHCP Relay Server : NULL DHCP Relay Information Mode : Disabled DHCP Relay Information Policy : replace Security Network DHCP Relay Mode Description: Set or show the DHCP relay mode. Syntax: Security Network DHCP Relay Mode [enable|disable] Parameters: enable : Enable DHCP relaly mode.
User’s Manual of SGSW-24040 / 24240 Series Security Network DHCP Relay Server Description: Show or set DHCP relay server. Syntax: Security Network DHCP Relay Server [] Parameters: : IP address (a.b.c.d), default: Show IP address Default Setting: null Example: Set DHCP relay server in 192.168.0.20 SWITCH/>security network dhcp relay server 192.168.0.20 Security Network DHCP Relay Information Mode Description: Set or show DHCP relay agent information option mode.
User’s Manual of SGSW-24040 / 24240 Series SWITCH/>security network dhcp relay information mode enable Security Network DHCP Relay Information Policy Description: Set or show the DHCP relay mode. When enable DHCP relay information mode operation, if agent receive a DHCP message that already contains relay agent information. It will enforce the policy.
User’s Manual of SGSW-24040 / 24240 Series Example: Show DHCP relay statistics. SWITCH/>security network dhcp relay statistics Security Network DHCP Snooping Configuration Description: Show DHCP snooping configuration.
User’s Manual of SGSW-24040 / 24240 Series 17 trusted 18 trusted 19 trusted 20 trusted 21 trusted 22 trusted 23 trusted 24 trusted Security Network DHCP Snooping Mode Description: Set or show the DHCP snooping mode. Syntax: Security Network DHCP Snooping Mode [enable|disable] Parameters: enable : Enable DHCP snooping mode. When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports trusted : Configures the port as trusted sources of the DHCP message untrusted: Configures the port as untrusted sources of the DHCP message (default: Show flow DHCP snooping port mode) Default Setting: trusted Example: Set untrusted DHCP snooping port mode in port 1 SWITCH/>security network dhcp snooping port mode 1 untrusted Security Network DHCP Snooping Statistics Description: Show or clear DHCP
User’s Manual of SGSW-24040 / 24240 Series Rx Lease Query: 0 Tx Lease Query: Rx Lease Unassigned: 0 Tx Lease Unassigned: Rx Lease Unknown: 0 Rx Lease Active: 0 Tx Lease Active: Description: Show IP source guard configuration. Syntax: Security Network IP Source Guard Configuration Example: Show IP source guard configuration.
User’s Manual of SGSW-24040 / 24240 Series 15 Disabled unlimited 16 Disabled unlimited 17 Disabled unlimited 18 Disabled unlimited 19 Disabled unlimited 20 Disabled unlimited 21 Disabled unlimited 22 Disabled unlimited 23 Disabled unlimited 24 Disabled unlimited IP Source Guard Entry Table: Type Port VLAN IP Address ------- ---- ---- --------------- IP Mask --------------- Security Network IP Source Guard Mode Description: Set or show IP source guard mode.
User’s Manual of SGSW-24040 / 24240 Series Security Network IP Source Guard Port Mode Description: Set or show the IP Source Guard port mode.
User’s Manual of SGSW-24040 / 24240 Series Example: Set IP source guard limit SWITCH/>security network ip source guard 1 1 Security Network IP Source Guard Entry Description: Add or delete IP source guard static entry.
User’s Manual of SGSW-24040 / 24240 Series Example: Show IP source guard static and dynamic entries. SWITCH/>security network ip source guard status Security Network ARP Inspection Configuration Description: Show ARP inspection configuration. Syntax: Security Network ARP Inspection Configuration Example: Show ARP inspection configuration. SWITCH/>security network arp inspection configuration Security Network ARP Inspection Mode Description: Set or show ARP inspection mode.
User’s Manual of SGSW-24040 / 24240 Series Security Network ARP Inspection Port Mode Description: Set or show the ARP Inspection port mode.
User’s Manual of SGSW-24040 / 24240 Series Example: Add ARP inspection static entry. SWITCH/>security network arp inspection entry 1 add 1 00-30-4f-00-00-11 192.168.0.11 Security Network ARP Inspection Status Description: Show ARP inspection static and dynamic entries. Syntax: Security Network ARP Inspection Status [] Parameters: : Port list or 'all', default: All ports Example: Show ARP inspection static and dynamic entries.
User’s Manual of SGSW-24040 / 24240 Series RADIUS Authentication Server Configuration: =========================================== Server Mode IP Address Secret Port ------ --------------- ------------------------------ ----- -------- 1 Disabled 1812 2 Disabled 1812 3 Disabled 1812 4 Disabled 1812 5 Disabled 1812 RADIUS Accounting Server Configuration: ======================================= Server Mode IP Address Secret Port ------ -------- --------------- ------------------
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Server response timeout (3-3600 seconds) (default: Show server timeout configuration) Default Setting: 15 Example: Set 30sec for server timeout SWITCH/>security aaa timeout 30 Security AAA Deadtime Description: Set or show server dead time.
User’s Manual of SGSW-24040 / 24240 Series Parameters: The server index (1-5) (default: Show RADIUS authentication server configuration) enable : Enable RADIUS authentication server disable : Disable RADIUS authentication server (default: Show RADIUS server mode) : IP host address (a.b.c.d) or a host name string : Secret shared with external authentication server. To set an empty secret, use two quotes (""). To use spaces in secret, enquote the secret.
User’s Manual of SGSW-24040 / 24240 Series Example: Set RADIUS accounting server configuration. SWITCH/>security acct_radius 1 enable 192.168.0.20 12345678 1813 Security AAA TACACS+ Description: Set or show TACACS+ authentication server setup.
User’s Manual of SGSW-24040 / 24240 Series Example: Show RADIUS statistics.
User’s Manual of SGSW-24040 / 24240 Series 6.9 Spanning Tree Protocol Command STP Configuration Description: Show STP configuration. Syntax: STP Configuration Example: Show STP configuration. SWITCH/>stp cofiguration STP Configuration: ================== Protocol Version: MSTP Max Age : 20 Forward Delay : 15 Tx Hold Count :6 Max Hop Count : 20 STP Version Description: Set or show the STP Bridge protocol version.
User’s Manual of SGSW-24040 / 24240 Series Example: Set the STP Bridge protocol version. SWITCH/> stp version rstp STP Tx Hold Description: Set or show the STP Bridge Transmit Hold Count parameter. Syntax: STP Txhold [] Parameters: : STP Transmit Hold Count (1-10) Default Setting: 6 Example: Set STP Tx hold in 10 SWITCH/>stp txhold 10 STP MaxHops Description: Set or show the MSTP Bridge Max Hop Count parameter.
User’s Manual of SGSW-24040 / 24240 Series Example: Set STP maximum hops in 25 SWITCH/>stp maxhops 25 STP MaxAge Description: Set or show the CIST/MSTI bridge maximum age. Syntax: STP MaxAge [] Parameters: : STP maximum age time (6-40, and max_age <= (forward_delay-1)*2) Default Setting: 20 Example: Set STP maximum age time in 10 SWITCH/>stp maxage 10 STP FwdDelay Description: Set or show the CIST/MSTI bridge forward delay.
User’s Manual of SGSW-24040 / 24240 Series Example: Set STP forward delay value in 25 SWITCH/>stp fwddelay 25 STP CName Description: Set or Show MSTP configuration name and revision. Syntax: STP CName [] [] Parameters: : MSTP Configuration name. A text string up to 32 characters long. Use quotes (") to embed spaces in name. : Integer value Default Setting: Configuration name: MAC address Configuration rev.
User’s Manual of SGSW-24040 / 24240 Series Example: Set edge port BPDU filtering SWITCH/>stp bpdufilter enable STP BPDU Guard Description: Set or show edge port BPDU Guard. Syntax: STP bpduGuard [enable|disable] Parameters: enable|disable: enable or disable BPDU Guard for Edge ports Default Setting: Disable Example: Set edge port BPDU guard SWITCH/>stp bpduguard enable STP Recovery Description: Set or show edge port error recovery timeout.
User’s Manual of SGSW-24040 / 24240 Series Example: Set STP recovery value in 30 sec. SWITCH/>stp recovery 30 STP Status Description: Show STP Bridge status. Syntax: STP Status [] [] Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) : Port list or 'all', default: All ports Default Setting: Disable Example: Show STP Bridge status.
User’s Manual of SGSW-24040 / 24240 Series STP MSTI Priority Description: Set or show the CIST/MSTI bridge priority. Syntax: STP Msti Priority [] [] Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) : STP bridge priority (0/16/32/48/.../224/240) Default: MSTI Bridge Priority ---- --------------- CIST 128 MST1 128 MST2 128 MST3 128 MST4 128 MST5 128 MST6 128 MST7 128 Example: Set MST1 priority value in 48.
User’s Manual of SGSW-24040 / 24240 Series Example: Add MST1 priority value in 48. SWITCH/>stp msti priority 1 48 STP MSTI Add Description: Add a VLAN to a MSTI. Syntax: STP Msti Add Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) : VLAN ID (1-4095) Example: Add MST1 in vlan1. SWITCH/>stp msti add 1 1 STP Port Configuration Description: Show STP Port configuration. Syntax: STP Port Configuration [] Parameters: : Port list or 'all'.
User’s Manual of SGSW-24040 / 24240 Series STP Port Mode Description: Set or show the STP enabling for a port. Syntax: STP Port Mode [] [enable|disable] Parameters: : Port list or 'all'. Port zero means aggregations. Enable : Enable MSTP protocol Disable : Disable MSTP protocol Default: Enable Example: Disable STP function on port1 SWITCH/>stp port mode 1 disable STP Port Edge Description: Set or show the STP adminEdge port parameter.
User’s Manual of SGSW-24040 / 24240 Series STP Port AutoEdge Description: Set or show the STP autoEdge port parameter. Syntax: STP Port AutoEdge [] [enable|disable] Parameters: : Port list or 'all', default: All ports Enable : Enable MSTP autoEdge Disable : Disable MSTP autoEdge Default: enable Example: Disable STP edge function on port1 SWITCH/>stp port autoedge 1 disable STP Port P2P Description: Set or show the STP point2point port parameter.
User’s Manual of SGSW-24040 / 24240 Series Default: auto Example: Disable STP P2P function on port1 SWITCH/>stp port p2p 1 disable STP Port RestrictedRole Description: Set or show the MSTP restrictedRole port parameter.
User’s Manual of SGSW-24040 / 24240 Series enable : Enable MSTP restricted TCN disable : Disable MSTP restricted TCN Default: disable Example: Eisable STP restricted TCN on port1 SWITCH/>stp port restrictedtcn 1 enable STP Port bpduGuard Description: Set or show the bpduGuard port parameter.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports Example: Show STP port statistics. SWITCH/>stp port statistics Port Rx MSTP Tx MSTP Rx RSTP Tx RSTP Rx STP Tx STP Rx TCN Tx TCN Rx Ill. Rx Unk. ----- -------- -------- -------- -------- 14 579 0 0 0 ------0 ------- ------- 0 STP Port Mcheck Description: Set the STP mCheck (Migration Check) variable for ports.
User’s Manual of SGSW-24040 / 24240 Series Default: auto Example: Set MSTI2 in port1~2 SWITCH/>stp msti port configuration 2 1-2 MSTI Port ---- ---- MST2 Aggr MSTI Port ---- Path Cost Priority ---------- -------- Auto 128 Path Cost Priority ---- ---------- -------- MST2 1 Auto 128 MST2 2 Auto 128 STP MSTI Port Cost Description: Set or show the STP CIST/MSTI port path cost.
User’s Manual of SGSW-24040 / 24240 Series STP MSTI Port Priority Description: Set or show the STP CIST/MSTI port priority. Syntax: STP Msti Port Priority [] [] [] Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) : Port list or 'all'. Port zero means aggregations. : STP port priority (0/16/32/48/...
User’s Manual of SGSW-24040 / 24240 Series 6.10 Multicast Configuration Command IGMP Configuration Description: Show IGMP snooping configuration. Syntax: IGMP Configuration [] Parameters: : Port list or 'all', default: All ports Example: Show IGMP snooping configuration. SWITCH/>igmp configuration IGMP Mode Description: Set or show the IGMP snooping mode.
User’s Manual of SGSW-24040 / 24240 Series IGMP Leave Proxy Description: Set or show the mode of IGMP Leave Proxy. Syntax: IGMP Leave Proxy [enable|disable] Parameters: enable : Enable IGMP Leave Proxy disable: Disable IGMP Leave Proxy (default: Show IGMP snooping mode) Default Setting: disable Example: Enable IGMP leave proxy SWITCH/>igmp leave proxy enable IGMP State Description: Set or show the IGMP snooping state for VLAN.
User’s Manual of SGSW-24040 / 24240 Series Example: Disable VID 1 SWITCH/>igmp state 1 disable IGMP Querier Description: Set or show the IGMP snooping querier mode for VLAN. Syntax: IGMP Querier [] [enable|disable] Parameters: : VLAN ID (1-4095), default: Show all VLANs enable : Enable IGMP querier disable : Disable IGMP querier (default: Show IGMP querier mode) Default Setting: disable Example: Enable the IGMP snooping querier mode for VLAN.
User’s Manual of SGSW-24040 / 24240 Series (default: Show IGMP fast leave mode) Default Setting: disable Example: Enable the IGMP snooping fast leave port mode. SWITCH/>igmp fastleave 1 enable IGMP Throttling Description: Set or show the IGMP port throttling status.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports add del : Add new port group filtering entry : Del existing port group filtering entry (default: Show IGMP port group filtering list) IP multicast group address (a.b.c.d) Default Setting: No filtering Example: Set the IGMP port group filtering list for port 1. SWITCH/>igmp filtering 1 add 239.0.0.1 IGMP Router Description: Set or show the IGMP snooping router port mode.
User’s Manual of SGSW-24040 / 24240 Series IGMP Flooding Description: Set or show the IGMP snooping unregistered flood operation. Syntax: IGMP Flooding [enable|disable] Parameters: enable : Enable IGMP flooding disable: Disable IGMP flooding (default: Show IGMP flood mode) Default Setting: disable Example: Enable IGMP flooding function SWITCH/>igmp flooding enable IGMP Groups Description: Show IGMP groups.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : VLAN ID (1-4095) Default Setting: disable 480
User’s Manual of SGSW-24040 / 24240 Series 6.11 Link Aggregation Command Aggregation Configuration Description: Show link aggregation configuration. Syntax: Aggr Configuration Example: SWITCH/>aggr configuration Aggregation Mode: SMAC : Enabled DMAC : Disabled IP : Enabled Port : Enabled Aggregation Add Description: Add or modify link aggregation.
User’s Manual of SGSW-24040 / 24240 Series Aggregation Delete Description: Delete link aggregation. Syntax: Aggr Delete Parameters: : Aggregation ID, global: 1-2, local: 3-14 Example: Delete Group2 SWITCH/>aggr delete 2 Aggregation Lookup Description: Lookup link aggregation.
User’s Manual of SGSW-24040 / 24240 Series Aggregation Mode Description: Set or show the link aggregation traffic distribution mode.
User’s Manual of SGSW-24040 / 24240 Series 6.12 Link Aggregation Control Protocol Command LACP Configuration Description: Show LACP configuration.
User’s Manual of SGSW-24040 / 24240 Series 22 Disabled Auto Active 23 Disabled Auto Active 24 Disabled Auto Active LACP Mode Description: Set or show LACP mode.
User’s Manual of SGSW-24040 / 24240 Series Default Setting: auto Example: Set key1 for port1~4 SWITCH/>lacp key 1-4 1 LACP Role Description: Set or show the LACP role. Syntax: LACP Role [] [active|passive] Parameters: : Port list or 'all', default: All ports active : Initiate LACP negotiation passive: Listen for LACP packets (default: Show LACP role) Default Setting: active Example: Set passive for port1~4 SWITCH/>lacp role 1-4 passive LACP Status Description: Show LACP Status.
User’s Manual of SGSW-24040 / 24240 Series Example: Show LACP status of port1~4 SWITCH/>lacp status 1-4 Port ---- Mode -------- Key Aggr ID Partner System ID Partner Port ----- ------- ----------------- ------------ 1 Disabled 1 - - - 2 Disabled 1 - - - 3 Disabled 1 - - - 4 Disabled 1 - - - LACP Statistics Description: Show LACP Statistics.
User’s Manual of SGSW-24040 / 24240 Series 6.13 LLDP Command LLDP Configuration Description: Show LLDP configuration.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports enable : Enable LLDP reception and transmission disable: Disable LLDP rx : Enable LLDP reception only tx : Enable LLDP transmission only (default: Show LLDP mode) Default Setting: disable Example: Enable port1 LLDP function. SWITCH/>lldp mode 1 enable LLDP Optional TLV Description: Show or Set LLDP Optional TLVs.
User’s Manual of SGSW-24040 / 24240 Series System capabilities: Enable Master's IP address: Enable Example: Disable description of the port for port1 SWITCH/>lldp optional_tlv 1 port_descr disable LLDP Interval Description: Set or show LLDP Tx interval. Syntax: LLDP Interval [] Parameters: : LLDP transmission interval (5-32768) Default Setting: 30 Example: Set transmission interval in 10 SWITCH/>lldp interval 10 LLDP Hold Description: Set or show LLDP Tx hold value.
User’s Manual of SGSW-24040 / 24240 Series Example: Set LLDP hold value in 10 SWITCH/>lldp hold 10 LLDP Delay Description: Set or show LLDP Tx delay. Syntax: LLDP Delay [] Parameters: : LLDP transmission delay (1-8192) Default Setting: 2 Example: Set LLDP delay value in 1 SWITCH/>lldp delay 1 LLDP Reinit Description: Set or show LLDP reinit delay.
User’s Manual of SGSW-24040 / 24240 Series Example: Set LLDP reinit delay value in 3 SWITCH/>lldp reinit 3 LLDP Statistics Description: Show LLDP Statistics. Syntax: LLDP Statistics [] [clear] Parameters: : Port list or 'all', default: All ports : Clear LLDP statistics clear Example: Show LLDP Statistics of port 1 SWITCH/>lldp statistics 1 LLDP global counters Neighbor entries was last changed at - (323592 sec. ago).
User’s Manual of SGSW-24040 / 24240 Series LLDP Info Description: Show LLDP neighbor device information. Syntax: LLDP Info [] Parameters: : Port list or 'all', default: All ports LLDP CDP Aware Description: Set or show if discovery information from received CDP ( Cisco Discovery Protocol ) frames is added to the LLDP neighbor table.
User’s Manual of SGSW-24040 / 24240 Series 6.14 LLDPMED Command LLDPMED Configuration Description: Show LLDP-MED configuration. Syntax: LLDPMED Configuration [] Parameters: : Port list or 'all', default: All ports Example: Show LLDP-MED configuration of port1~4 SWITCH/>lldpmed configuration 1-4 LLDP-MED Configuration: ======================= Fast Start Repeast Count : 4 Location Coordinates : Latitude - 0.0000 North Longitude - 0.0000 East Altitude - 0.
User’s Manual of SGSW-24040 / 24240 Series Syntax: LLDPMED Civic [country|state|county|city|district|block|street|leading_street_direction|trailing_street_suffix|str_suf|house_no|house_no_s uffix|landmark|additional_info|name|zip_code|building|apartment|floor|room_number|place_type|postal_com_name|p_o_ box|additional_code] [] Parameters: country state county city district block street : Country : National subdivisions (state, caton, region, province, prefecture) : County, parish,gun (JP), dis
User’s Manual of SGSW-24040 / 24240 Series Syntax: LLDPMED ecs [] Parameters: : lldpmed The value for the Emergency Call Service LLDPMED Policy Delete Description: Delete the selected policy. Syntax: LLDPMED policy delete [] Parameters: : List of policies to delete Example: Delete the policy 1 SWITCH/>lldpmed policy delete 1 LLDPMED Policy Add Description: Adds a policy to the list of polices.
User’s Manual of SGSW-24040 / 24240 Series visitors with their own IP Telephony handsets and other similar appliances supporting interactive voice services. guest_voice_signaling : Guest Voice Signaling (conditional) for use in network topologies that require a different policy for the guest voice signaling than for the guest voice media. : Softphone Voice softphone_voice for use by softphone applications on typical data centric devices, such as PCs or laptops.
User’s Manual of SGSW-24040 / 24240 Series LLDPMED Coordinates Description: Set or show LLDP-MED Location. Syntax: LLDPMED Coordinates [latitude|longitude|altitude] [north|south|west|east|meters|floor] [coordinate_value] Parameters: : Latitude, 0 to 90 degress with max. 4 digits ( Positive numbers are north of the equator and negative latitude numbers are south of the equator). : Longitude,0 to 180 degress with max.
User’s Manual of SGSW-24040 / 24240 Series LLDPMED Fast Description: Set or show LLDP-MED Fast Start Repeat Count. Syntax: LLDPMED Fast [] Parameters: : The number of times the fast start LLDPDU are being sent during the activation of the fast start mechanism defined by LLDP-MED (1-10). LLDPMED Info Description: Show LLDP-MED neighbor device information.
User’s Manual of SGSW-24040 / 24240 Series 6.15 Power over Ethernet Command PoE Configuration Description: Show PoE configuration. Syntax: PoE Configuration Parameters: : Port list or 'all', default: All ports Example: Show PoE configuration. SWITCH/>poe configuration Port ---- Mode ------- Priority Max.Power[W] -------- --------------- PowerAlloc[W] ------------- 1 Enabled High 15.4 15.4 2 Enabled High 15.4 15.4 3 Enabled High 15.4 15.4 4 Enabled High 15.4 15.
User’s Manual of SGSW-24040 / 24240 Series 22 Enabled High 15.4 15.4 23 Enabled High 15.4 15.4 24 Enabled High 15.4 15.4 Power management mode ---------------------Power management mode : automode PoE Mode Description: Set or show the PoE mode.
User’s Manual of SGSW-24040 / 24240 Series Syntax: PoE Priority [] [low|high|critical] Parameters: : Port list or 'all', default: All ports low : Set priority to low high : Set priority to high critival: Set priority to critical (default: Show PoE priority) Default Setting: high Example: Set low priority for port21~24 SWITCH/>poe priority 21-24 low PoE Mamagement Mode Description: Show / Set PoE management mode.
User’s Manual of SGSW-24040 / 24240 Series PoE Maximum Power Description: Set or show PoE maximum power per port (0-30.8, with one digit). Syntax: PoE Maximum_Power [] [] Parameters: : Port list or 'all', default: All ports : PoE maiximum power for the port ( 0-30.8 ) Default Setting: 30.8 Example: Set maximum power in 10 watts for port1~4.
User’s Manual of SGSW-24040 / 24240 Series PoE Power Supply Description: Set or show the value of the power supply. Syntax: PoE Power_Supply [] Parameters: : PoE power for a power supply Example: Set 200 watts of power supply. SWITCH/>poe power_supply 200 PoE Status Description: Show PoE status.
User’s Manual of SGSW-24040 / 24240 Series 6.16 Quality of Service Command QoS Configuration Description: Show QoS Configuration. Syntax: QoS Configuration [] Parameters: : Port list or 'all', default: All ports Example: Show QoS Configuration of port 1-4.
User’s Manual of SGSW-24040 / 24240 Series Syntax: QoS Classes [] Parameters: : Number of traffic classes (1,2 or 4) Default Setting: 4 Example: Set QoS classes 2 SWITCH/>qos classes 2 QoS Default Description: Set or show the default port priority.
User’s Manual of SGSW-24040 / 24240 Series Syntax: QoS Tagprio [] [] Parameters: : Port list or 'all', default: All ports : VLAN tag priority (0-7) Default Setting: 0 Example: Set priority7 for port 3 SWITCH/>qos tagprio 3 7 QoS QCL Port Description: Set or show the port QCL ID.
User’s Manual of SGSW-24040 / 24240 Series If the QCE ID parameter is specified and an entry with this QCE ID already exists, the QCE will be modified. Otherwise, a new QCE will be added. If the QCE ID is not specified, the next available QCE ID will be used. If the next QCE ID parameter is specified, the QCE will be placed before this QCE in the list. If the next QCE ID is not specified, the QCE will be placed last in the list.
User’s Manual of SGSW-24040 / 24240 Series QoS QCL Lookup Description: Lookup QCE. Syntax: QoS QCL Lookup [] [] Parameters: : QCL ID : QCE ID (1-24) QoS Mode Description: Set or show the port egress scheduler mode.
User’s Manual of SGSW-24040 / 24240 Series Syntax: QoS Weight [] [] [] Parameters: : Port list or 'all', default: All ports : Traffic class low/normal/medium/high or 1/2/3/4 : Traffic class weight 1/2/4/8 QoS Rate Limiter Description: Set or show the port rate limiter.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports enable : Enable shaper disable : Disable shaper (default: Show shaper mode) : Rate in 1000 bits per second (500-1000000 kbps) Default Setting: Disabled, 500kbps Example: Set 1000kbps shaper for port 9~16 SWITCH/>qos shaper 9-16 enable 1000 QoS Storm Unicast Description: Set or show the unicast storm rate limiter.
User’s Manual of SGSW-24040 / 24240 Series Syntax: QoS Storm Multicast [enable|disable] [] Parameters: enable : Enable multicast storm control disable : Disable multicast storm control : Rate in pps (1, 2, 4, ..., 512, 1k, 2k, 4k, ..., 1024k) Default Setting: Disabled, 1pps Example: Enable multicast storm rate limiter in 1kpps SWITCH/>qos storm multicast enable 1k QoS Strom Broadcast Description: Set or show the multicast storm rate limiter.
User’s Manual of SGSW-24040 / 24240 Series QoS DSCP Remarking Description: Set or show the status of QoS DSCP Remarking.
User’s Manual of SGSW-24040 / 24240 Series 6.17 Mirror Command Mirror Configuration Description: Show mirror configuration. Syntax: Mirror Configuration [] Parameters: : Port list or 'all', default: All ports Default Setting: disable Example: Show mirror configuration. SWITCH/>mirror configuration Mirror Port Description: Set or show the mirror port.
User’s Manual of SGSW-24040 / 24240 Series Mirror SID Description: Set or show the mirror switch ID. Syntax: Mirror SID [] Parameters: : Switch ID (1-16) Default Setting: 1 Example: Set SID2 for mirror switch ID. SWITCH/>mirror sid 2 Mirror Mode Description: Set or show the mirror mode.
User’s Manual of SGSW-24040 / 24240 Series Example: Enable the mirror mode for port 1-4.
User’s Manual of SGSW-24040 / 24240 Series 6.18 Configuration Command Configuration Save Description: Save configuration to TFTP server. Syntax: Config Save Parameters: : TFTP server IP address (a.b.c.d) : Configuration file name Configuration Load Description: Load configuration from TFTP server. Syntax: Config Load [check] Parameters: : TFTP server IP address (a.b.c.
User’s Manual of SGSW-24040 / 24240 Series 6.19 Firmware Command Firmware Load Description: Load new firmware from TFTP server. Syntax: Firmware Load Parameters: : IP host address (a.b.c.d) or a host name string : Firmware file name Firmware IPv6 Load Description: Load new firmware from IPv6 TFTP server.
User’s Manual of SGSW-24040 / 24240 Series 6.20 UPnP Command UPnP Configuration Description: Show UPnP configuration. Syntax: UPnP Configuration Example: Show UPnP configuration. SWITCH/>upnp configuration UPnP Configuration: =================== UPnP Mode : Disabled UPnP TTL :4 UPnP Advertising Duration : 100 UPnP Mode Description: Set or show the UPnP mode.
User’s Manual of SGSW-24040 / 24240 Series UPnP TTL Description: Set or show the TTL value of the IP header in SSDP messages. Syntax: UPnP TTL [] Parameters: : ttl range (1..255), default: Show UPnP TTL Default Setting: 4 Example: Set the value 10 for TTL value of the IP header in SSDP messages. SWITCH/>upnp ttl 10 UPnP Advertising Duration Description: Set or show UPnP Advertising Duration. Syntax: UPnP Advertising Duration [] Parameters: : duration range (100..
User’s Manual of SGSW-24040 / 24240 Series 6.21 MVR Command MVR Configuration Description: Show the MVR configuration. Syntax: MVR Configuration Example: Show the MVR configuration.
User’s Manual of SGSW-24040 / 24240 Series 19 Disabled Receive Disabled 20 Disabled Receive Disabled 21 Disabled Receive Disabled 22 Disabled Receive Disabled 23 Disabled Receive Disabled 24 Disabled Receive Disabled MVR Group Description: Show the MVR group. Syntax: MVR Group MVR Status Description: Show the MVR status. Syntax: MVR Status MVR Mode Description: Set or show the MVR mode.
User’s Manual of SGSW-24040 / 24240 Series Default Setting: disable Example: Enable MVR mode. SWITCH/>mvr mode enable MVR Port Mode Description: Set or show the MVR port mode. Syntax: MVR Port Mode [] [enable|disable] Parameters: : Port list or 'all', default: All ports enable : Enable MVR mode disable : Disable MVR mode (default: Show MVR mode) Default Setting: disable Example: Enable the MVR port mode for port 1-4.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : VLAN ID (1-4095), default: Show current MVR multicast VLAN ID Default Setting: 100 Example: Set VLAN 1000 for MVR multicast VLAN ID. SWITCH/>mvr multicast vlan 1000 MVR Port Type Description: Set or show MVR port type.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : Port list or 'all', default: All ports enable : Enable Immediate-leave mode disable : Disable Immediate-leave mode (default: Show MVR Immediate-leave mode) Default Setting: disable Example: Enable MVR port state about immediate leave for port 1.
User’s Manual of SGSW-24040 / 24240 Series 6.22 Voice VLAN Command Voice VLAN Configuration Description: Show Voice VLAN configuration. Syntax: Voice VLAN Configuration Example: Show Voice VLAN configuration.
User’s Manual of SGSW-24040 / 24240 Series Port Mode Security ---- -------- -------- 1 Disabled Disabled 2 Disabled Disabled 3 Disabled Disabled 4 Disabled Disabled 5 Disabled Disabled 6 Disabled Disabled 7 Disabled Disabled 8 Disabled Disabled 9 Disabled Disabled 10 Disabled Disabled 11 Disabled Disabled 12 Disabled Disabled 13 Disabled Disabled 14 Disabled Disabled 15 Disabled Disabled 16 Disabled Disabled 17 Disabled Disabled 18 Disabled Disable
User’s Manual of SGSW-24040 / 24240 Series disable: Disable Voice VLAN mode (default: Show flow Voice VLAN mode) Default Setting: disable Example: Enable the Voice VLAN mode. SWITCH/>voice vlan mode enable Voice VLAN ID Description: Set or show Voice VLAN ID. Syntax: Voice VLAN ID [] Parameters: : VLAN ID (1-4095) Default Setting: 1000 Example: Set ID 2 for Voice VLAN ID. SWITCH/>voice vlan id 2 Voice VLAN Agetime Description: Set or show Voice VLAN age time.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : MAC address age time (10-10000000) default: Show age time Default Setting: 86400sec Example: Set Voice VLAN age time in 100sec. SWITCH/>voice valn agetime 100 Voice VLAN Traffic Class Description: Set or show Voice VLAN ID.
User’s Manual of SGSW-24040 / 24240 Series Parameters: : OUI address (xx-xx-xx) : Entry description. Use 'clear' or "" to clear the string No blank or space characters are permitted as part of a contact.(only in CLI) Example: Add Voice VLAN OUI entry. SWITCH/>voice vlan oui add 00-11-22 test Voice VLAN OUI Delete Description: Delete Voice VLAN OUI entry. Modify OUI table will restart auto detect OUI process.
User’s Manual of SGSW-24040 / 24240 Series Voice VLAN OUI Lookup Description: Lookup Voice VLAN OUI entry. Syntax: Voice VLAN OUI Lookup [] Parameters: : OUI address (xx-xx-xx), default: Show OUI address Example: Lookup Voice VLAN OUI entry. SWITCH/>voice vlan oui lookup Voice VLAN Port Mode Description: Set or show the Voice VLAN port mode. When the port mode isn't disabled, we must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter.
User’s Manual of SGSW-24040 / 24240 Series Example: Set auto mode for port 1-4 of Voice VLAN port mode. SWITCH/>voice vlan port mode 1-4 auto Voice VLAN Security Description: Set or show the Voice VLAN port security mode. When the function is enabled, all non-telephone MAC address in Voice VLAN will be blocked 10 seconds. Syntax: Voice VLAN Security [] [enable|disable] Parameters: : Port list or 'all', default: All ports enable : Enable Voice VLAN security mode.
User’s Manual of SGSW-24040 / 24240 Series 6.23 SMTP Command SMTP Configuration Description: Show SMTP configure. Syntax: SMTP Configuration Default Setting: disable SMTP Mode Description: Enable or disable SMTP configure. Syntax: SMTP Mode [enable|disable] Parameters: enable : Enable SMTP mode disable : Disable SMTP mode (default: Show SMTP mode) Default Setting: disable SMTP Server Description: Set or show SMTP server configure.
User’s Manual of SGSW-24040 / 24240 Series : SMTP server address : SMTP server port Default Setting: disable SMTP Auth Description: Enable or disable SMTP authentication configure. Syntax: SMTP Auth [enable|disable] Parameters: enable : Enable SMTP Authentication disable : Disable SMTP Authentication (default: Show SMTP Authentication) Default Setting: disable SMTP Auth_user Description: Set or show SMTP authentication user name configure.
User’s Manual of SGSW-24040 / 24240 Series SMTP Auth_pass Description: Set or show SMTP authentication password configure. Syntax: SMTP Auth_pass [] Parameters: : SMTP Authentication Password Default Setting: disable SMTP Mailfrom Description: Set or show SMTP e-mail from configure.
User’s Manual of SGSW-24040 / 24240 Series Default Setting: disable SMTP Mailto1 Description: Set or show SMTP e-mail 1 to configure. Syntax: SMTP Mailto1 [] Parameters: : SMTP e-mail 1 to address Default Setting: disable SMTP Mailto2 Description: Set or show SMTP e-mail 2 to configure.
User’s Manual of SGSW-24040 / 24240 Series 6.24 Show Command Show ACL Configuration Description: Show ACL Configuration. Syntax: Show acl Show Link Aggregation Configuration Description: Show link aggregation configuration. Syntax: Show aggr Show IGMP Configuration Description: Show IGMP snooping configuration. Syntax: Show igmp Show IP Configuration Description: Show IP configuration.
User’s Manual of SGSW-24040 / 24240 Series Show LACP Configuration Description: Show LACP configuration. Syntax: Show lacp Show LLDP Configuration Description: Show LLDP configuration. Syntax: Show lldp Show MAC Configuration Description: Show MAC address table configuration. Syntax: Show MAC Show Mirror Configuration Description: Show mirror configuration. Syntax: Show mirror Show PoE Configuration Description: Show PoE configuration.
User’s Manual of SGSW-24040 / 24240 Series Syntax: Show PoE Show Port Configuration Description: Show port configuration. Syntax: Show port Show Private VLAN Configuration Description: Show Private VLAN configuration. Syntax: Show pvlan Show QoS Configuration Description: Show QoS Configuration. Syntax: Show QoS Show SNMP Configuration Description: Show SNMP configuration.
User’s Manual of SGSW-24040 / 24240 Series Show Stack Configuration Description: Show the list of switches in stack. Syntax: Show stack Show System Configuration Description: Show system configuration. Syntax: Show system Show VLAN Configuration Description: Show VLAN configuration. Syntax: Show vlan Show STP Configuration Description: Show STP Port configuration.
User’s Manual of SGSW-24040 / 24240 Series 7. SWITCH OPERATION 7.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Ethernet Switch. 7.2 Learning When one packet comes in from any port, the Switch will record the source address, port no.
User’s Manual of SGSW-24040 / 24240 Series 7.5 Auto-Negotiation The STP ports on the Switch have built-in "Auto-negotiation". This technology automatically sets the best possible bandwidth when a connection is established with another network device (usually at Power On or Reset). This is done by detect the modes and speeds at the second of both device is connected and capable of, both 10Base-T and 100Base-TX devices can connect with the port in either Half- or Full-Duplex mode.
User’s Manual of SGSW-24040 / 24240 Series 8. POWER OVER ETHERNET OVERVIEW What is PoE? Based on the global standard IEEE 802.3af, PoE is a technology for wired Ethernet, the most widely installed local area network technology adopted today. PoE allows the electrical power necessary for the operation of each end-device to be carried by data cables rather than by separate power cords.
User’s Manual of SGSW-24040 / 24240 Series Figure 8-1 - Power Supplied over the Spare Pins The data pairs are used. Since Ethernet pairs are transformer coupled at each end, it is possible to apply DC power to the center tap of the isolation transformer without upsetting the data transfer. In this mode of operation the pair on pins 3 and 6 and the pair on pins 1 and 2 can be of either polarity.
User’s Manual of SGSW-24040 / 24240 Series References: IEEE Std 802.3af-2003 (Amendment to IEEE Std 802.3-2002, including IEEE Std 802.3ae-2002), 2003 Page(s):0_1-121 White Paper on Power over Ethernet (IEEE802.3af) http://www.poweroverethernet.com/articles.php?article_id=52 Microsemi /PowerDsine http://www.microsemi.com/PowerDsine/ Linear Tech http://www.linear.
User’s Manual of SGSW-24040 / 24240 Series Classification Once a PD is detected, the PSE may optionally perform classification, to determine the maximal power a PD is to consume. The PSE induces 15.5-20.5 VDC, limited to 100 mA, for a period of 10 to 75 ms responded by a certain current consumption by the PD, indicating its power class. The PD is assigned to one of 5 classes: 0 (default class) indicates that full 15.
User’s Manual of SGSW-24040 / 24240 Series DC Disconnect DC Disconnect detection involves measurement of current. Naturally, a disconnected PD stops consuming current, which can be inspected by the PSE. The PSE must therefore disconnect power within 300 to 400 ms from the current flow stop. The lower time boundary is important to prevent shutdown due to random fluctuations.
User’s Manual of SGSW-24040 / 24240 Series 9. TROUBLESHOOTING This chapter contains information to help you solve problems. If the Ethernet Switch is not functioning properly, make sure the Ethernet Switch was set up according to instructions in this manual.
User’s Manual of SGSW-24040 / 24240 Series 4. If that device works, refer to the next step. 5. If that device does not work, check the AC power While IP Address be changed or forgotten admin password – To reset the IP address to the default IP Address “192.168.0.100” or reset the password to default value. Press the hardware reset button at the front panel about 10 seconds. After the device is rebooted, you can login the management WEB interface within the same subnet of 192.168.0.xx.
User’s Manual of SGSW-24040 / 24240 Series APPENDIX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI MDI-X 1 BI_DA+ BI_DB+ 2 BI_DA- BI_DB- 3 BI_DB+ BI_DA+ 4 BI_DC+ BI_DD+ 5 BI_DC- BI_DD- 6 BI_DB- BI_DA- 7 BI_DD+ BI_DC+ 8 BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard. A.
User’s Manual of SGSW-24040 / 24240 Series 7, 8 Not used The standard cable, RJ-45 pin assignment The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded.
User’s Manual of SGSW-24040 / 24240 Series APPENDIX B : GLOSSARY A ACE ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID. There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains many detailed, different parameter options that are available for individual application. ACL ACL is an acronym for Access Control List.
User’s Manual of SGSW-24040 / 24240 Series ranging from 1-1024K packets per seconds. Under "Ports" and "Access Control List" web-pages you can assign a Rate Limiter ID to the ACE(s) or ingress port(s). AES AES is an acronym for Advanced Encryption Standard. The encryption key protocol is applied in 802.1i standard to improve WLAN security. It is an encryption standard by the U.S. government, which will replace DES and 3DES. AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits.
User’s Manual of SGSW-24040 / 24240 Series CCM CCM is an acronym for Continuity Check Message. It is a OAM frame transmitted from a MEP to it's peer MEP and used to implement CC functionality. CDP CDP is an acronym for Cisco Discovery Protocol. D DEI DEI is an acronym for Drop Eligible Indicator. It is a 1-bit field in the VLAN tag. DES DES is an acronym for Data Encryption Standard.
User’s Manual of SGSW-24040 / 24240 Series The DHCP option 82 enables a DHCP relay agent to insert specific information into a DHCP request packets when forwarding client DHCP packets to a DHCP server and remove the specific information from a DHCP reply packets when forwarding server DHCP packets to a DHCP client. The DHCP server can use this information to implement IP address or other assignment policies.
User’s Manual of SGSW-24040 / 24240 Series EPS EPS is an abbreviation for Ethernet Protection Switching defined in ITU/T G.8031. Ethernet Type Ethernet Type, or EtherType, is a field in the Ethernet MAC header, defined by the Ethernet networking standard. It is used to indicate which protocol is being transported in an Ethernet frame. F FTP FTP is an acronym for File Transfer Protocol. It is a transfer protocol that uses the Transmission Control Protocol (TCP) and provides file writing and reading.
User’s Manual of SGSW-24040 / 24240 Series HTTPS is really just the use of Netscape's Secure Socket Layer (SSL) as a sublayer under its regular HTTP application layering. (HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer, TCP/IP.) SSL uses a 40-bit key size for the RC4 stream encryption algorithm, which is considered an adequate degree of encryption for commercial exchange. I ICMP ICMP is an acronym for Internet Control Message Protocol.
User’s Manual of SGSW-24040 / 24240 Series IP IP is an acronym for Internet Protocol. It is a protocol used for communicating data across a internet network. IP is a "best effort" system, which means that no packet of information sent over it is assured to reach its destination in the same condition it was sent.
User’s Manual of SGSW-24040 / 24240 Series LLDP-MED LLDP-MED is an extendsion of IEEE 802.1ab and is defined by the telecommunication industry association (TIA-1057). LOC LOC is an acronym for Loss Of Connectivity and is detected by a MEP and is indicating lost connectivity in the network. Can be used as a switch criteria by EPS M MAC Table Switching of frames is based upon the DMAC address contained in the frame.
User’s Manual of SGSW-24040 / 24240 Series N NAS NAS is an acronym for Network Access Server. The NAS is meant to act as a gateway to guard access to a protected source. A client connects to the NAS, and the NAS connects to another resource asking whether the client's supplied credentials are valid. Based on the answer, the NAS then allows or disallows access to the protected resource. An example of a NAS implementation is IEEE 802.1X. NetBIOS NetBIOS is an acronym for Network Basic Input/Output System.
User’s Manual of SGSW-24040 / 24240 Series For some TLVs it is configurable if the switch shall include the TLV in the LLDP frame. These TLVs are known as optional TLVs. If an optional TLVs is disabled the corresponding information is not included in the LLDP frame. OUI OUI is the organizationally unique identifier. An OUI address is a globally unique identifier assigned to a vendor by IEEE.
User’s Manual of SGSW-24040 / 24240 Series POP3 POP3 is an acronym for Post Office Protocol version 3. It is a protocol for email clients to retrieve email messages from a mail server. POP3 is designed to delete mail on the server as soon as the user has downloaded it. However, some implementations allow users or an administrator to specify that mail be saved for some period of time. POP can be thought of as a "store-and-forward" service. An alternative protocol is Internet Message Access Protocol (IMAP).
User’s Manual of SGSW-24040 / 24240 Series Each accessible traffic object contains an identifier to its QCL. The privileges determine specific traffic object to specific QoS class. QL QL In SyncE this is the Quality Level of a given clock source. This is received on a port in a SSM indicating the quality of the clock received in the port. QoS QoS is an acronym for Quality of Service. It is a method to guarantee a bandwidth relationship between individual applications or protocols.
User’s Manual of SGSW-24040 / 24240 Series S SAMBA Samba is a program running under UNIX-like operating systems that provides seamless integration between UNIX and Microsoft Windows machines. Samba acts as file and print servers for Microsoft Windows, IBM OS/2, and other SMB client machines. Samba uses the Server Message Block (SMB) protocol and Common Internet File System (CIFS), which is the underlying protocol used in Microsoft Windows networking.
User’s Manual of SGSW-24040 / 24240 Series SSID Service Set Identifier is a name used to identify the particular 802.11 wireless LANs to which a user wants to attach. A client device will receive broadcast messages from all access points within range advertising their SSIDs, and can choose one to connect to based on pre-configuration, or by displaying a list of SSIDs in range and asking the user to select one (wikipedia). SSH SSH is an acronym for Secure SHell.
User’s Manual of SGSW-24040 / 24240 Series The TCP protocol guarantees reliable and in-order delivery of data from sender to receiver and distinguishes data for multiple connections by concurrent applications (for example, Web server and e-mail server) running on the same host. The applications on networked hosts can use TCP to create connections to one another.
User’s Manual of SGSW-24040 / 24240 Series U UDP UDP is an acronym for User Datagram Protocol. It is a communications protocol that uses the Internet Protocol (IP) to exchange the messages between computers. UDP is an alternative to the Transmission Control Protocol (TCP) that uses the Internet Protocol (IP). Unlike TCP, UDP does not provide the service of dividing a message into packet datagrams, and UDP doesn't provide reassembling and sequencing of the packets.
User’s Manual of SGSW-24040 / 24240 Series Provider switching: This is also known as Q-in-Q switching. Ports connected to subscribers are VLAN unaware, members of one VLAN, and set up with this unique Port VLAN ID. Ports connected to the service provider are VLAN aware, members of multiple VLANs, and set up to tag all frames. Untagged frames received on a subscriber port are forwarded to the provider port with a single VLAN tag.
User’s Manual of SGSW-24040 / 24240 Series WPA-Radius WPA-Radius is an acronym for Wi-Fi Protected Access - Radius (802.1X authentication server). WPA was designed to enhance the security of wireless networks. There are two flavors of WPA: enterprise and personal. Enterprise is meant for use with an IEEE 802.1X authentication server, which distributes different keys to each user. Personal WPA utilizes less scalable 'pre-shared key' (PSK) mode, where every allowed computer is given the same passphrase.
EC Declaration of Conformity For the following equipment: *Type of Product: 24 100/1000 SFP Slots with 8 Shared TP Managed Stackable Switch *Model Number: SGSW-24240 / SGSW-24240R * Produced by: Manufacturer‘s Name : Manufacturer‘s Address: Planet Technology Corp. 10F., No.96, Minquan Rd., Xindian Dist., New Taipei City 231, Taiwan (R.O.C.
EC Declaration of Conformity For the following equipment: *Type of Product: 24-Port 10/100/1000Mbps with 4 Shared SFP PoE Managed Stackable Switch *Model Number: SGSW-24040P4 / SGSW-24040P * Produced by: Manufacturer‘s Name : Manufacturer‘s Address: Planet Technology Corp. 10F., No.96, Minquan Rd., Xindian Dist., New Taipei City 231, Taiwan (R.O.C.
EC Declaration of Conformity For the following equipment: *Type of Product: 24-Port 10/100/1000Mbps with 4 Shared SFP 802.3at PoE Managed Stackable Switch *Model Number: SGSW-24040HP * Produced by: Manufacturer‘s Name : Manufacturer‘s Address: Planet Technology Corp. 10F., No.96, Minquan Rd., Xindian Dist., New Taipei City 231, Taiwan (R.O.C.
EC Declaration of Conformity For the following equipment: *Type of Product: 24-Port 10/100/1000Mbps Layer 2 Managed Stackable Switch *Model Number: SGSW-24040 / SGSW-24040R / WGSW-24040 / WGSW-24040R * Produced by: Manufacturer‘s Name : Manufacturer‘s Address: Planet Technology Corp. 10F., No.96, Minquan Rd., Xindian Dist., New Taipei City 231, Taiwan (R.O.C.).
