Managed 24-port 10/100Base-TX plus 4-slot Gigabit Combo (RJ45/SFP) Layer 3 Access Switch NSH-580 V 1.0.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH COPYRIGHT All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, whether electronic, mechanical, photo copying, recording or otherwise, without the prior written permission of the publisher. FCC WARNING This equipment has been tested and found to comply with the limits for a class A device, pursuant to part 15 of FCC rules.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH TABLE OF CONTENTS 1 ABOUT THIS GUIDE..........................................................................5 1.1 1.2 1.3 1.4 1.5 2 Welcome ............................................................................................................5 Purpose .............................................................................................................5 Terms/Usage ................................................................
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7 WEB MANAGEMENT ......................................................................24 7.1 Log into Web Management ............................................................................ 24 7.1.1 7.2 7.2.1 7.2.2 7.2.3 7.2.4 7.3 Management .....................................................................................................................25 IP Setup.....................................................................
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.2 8.3 Login and Logout ...........................................................................................79 CLI Commands ............................................................................................... 79 8.3.1 8.3.2 8.3.3 8.3.4 8.3.5 8.3.6 8.3.7 8.3.8 8.3.9 8.3.10 8.3.11 8.3.12 8.3.13 8.3.14 8.3.15 8.3.16 8.3.17 8.3.18 8.3.19 8.3.20 8.3.21 8.3.22 8.3.23 8.3.24 8.3.25 8.4 9 User Account ..............................
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 1 About This Guide 1.1 Welcome Congratulations on choosing the NSH-580 Managed 24-port 10/100Base-TX + 4-port Gigabit Combo Layer 3 Access Switch. The NSH-580 is a high-performance managed SNMP Layer 3 switch that provides users with twenty four 10/100Mbps Ethernet and 4 Gigabit Combo ports with both SFP slot and RJ-45. The Web/SNMP management provides remote control capability that provides flexible network management and monitoring options.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH z Supports 802.1X EAP and RADIUS Authentication z IGMP Snooping V1 / V2 with Multicast Filtering z Support Layer 3 routing of static route, RIPv1/v2, OSPF z Support multicast routing DVMRP, PIM-DM z Support Virtual Router Redundancy Protocol (VRRP) z Access Control List (Layer 2, 3, 4 and 7) z QoS Supports 802.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH SNMP Standards & Protocols: RFC 1213 MIB II RFC 1493 Bridge MIB RFC 1643 Ethernet Interface MIB RFC 1757 RMON RFC 1112/2236 IGMP Snooping v1, v2 RFC 1541/2131 DHCP RFC 1350 TFTP Network Management: System Configuration: Console port, Telnet, Web browser, SNMP/RMON Management Agent: SNMP Support: MIB II, Bridge MIB, Ethernet MIB, RMON MIB RMON Groups: 1, 2, 3, 9 (Statistics, History, Alarm and Event) Spanning Tree Algorithm: I
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Power Consumption: 40-Watts max.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 2 Hardware Description The NSH-580 is a high-performance managed SNMP Layer 3 switch that provides users with 24 x 10/100Mbps Ethernet and 4 Gigabit Combo ports. The Web/SNMP management provides remote control capability that gives user-friendly and flexible network management and monitoring options. For increased bandwidth applications, the NSH-580 can accommodate trunk groups with 8 ports in each trunk.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 2.2 Connectors The Switch utilizes ports with copper and SFP fiber port connectors functioning under Ethernet/Fast Ethernet/Gigabit Ethernet standards. 2.2.1 10/100Base-TX Ports The 10/100BASE-TX ports support network speeds of either 10Mbps or 100Mbps, and can operate in half- and full-duplex transfer modes.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 3 Installation The location chosen for installing the Switch may greatly affect its performance. When selecting a site, we recommend considering the following rules: 3.1 • Install the Switch in an appropriate place. See Technical Specifications for the acceptable temperature and humidity ranges.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 3.4 Powering On the Unit The Switch uses an AC power supply 100~240V AC, 50~60 Hz, or DC -48V. The power on/off switch is located at the rear of the unit, adjacent to the AC power connector and the system fans. The Switch’s power supply automatically self-adjusts to the local power source and may be powered on without having any or all LAN segment cables connected. 1.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 3) Insert and slide the module into the SFP slot until it clicks into place: 4) Remove any rubber plugs that may be present in the SFP module’s mouth. 5) Align the fiber cable’s connector with the SFP module’s mouth and insert the connector: 6) Slide the connector in until a click is heard: 7) If you want to pull the connector out, first push down the release clip on top of the connector to release the connector from the SFP module.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH To properly connect fiber cabling: Check that the fiber terminators are clean. You can clean the cable plugs by wiping them gently with a clean tissue or cotton ball moistened with a little ethanol. Dirty fiber terminators on fiber optic cables will impair the quality of the light transmitted through the cable and lead to degraded performance on the port.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 4 LED Indicators This Switch is equipped with Unit LEDs to enable you to determine the status of the Switch, as well as Port LEDs to display what is happening in all your connections.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 5 Management options This system may be managed out-of-band through the console port on the front panel or in-band by using Telnet. The user may also choose web-based management, accessible through a web browser. 5.1 Web-based Management Interface After you have successfully installed the Switch, you can configure the Switch, monitor the LED panel, and display statistics graphically using a web browser. 5.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 2. Enter the correct parameters according to the defaults given on the previous page: 3. The prompt screen will appear after selecting “OK”. The default log-in name is “admin” with no preset password (just press ). 4. The prompt Switch> will appear. For a list of main commands, type “?” and .
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH After successful log-in, type the following command line to change the device IP, Network Mask, and Gateway address: Switch#config terminal Switch(config)#interface vlan1 Switch(config-if)#ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx Switch(config-if)#exit Switch(config)#ip route 0.0.0.0/0 xxx.xxx.xxx.xxx The xxxs represent values between 0 and 255 and the user should enter their own IP address in this form.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH After opening the program, a command prompt screen will appear. At the Switch login line, type the pre-set password – the factory default is admin. Type ‘?’ for a list of main commands. On the screenshot below, the writer had typed the list command below the last listed main command.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 5.5 SNMP Settings Simple Network Management Protocol (SNMP) is an Application Layer designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches, and other network devices. Use SNMP to configure system features for proper operation, monitor performance and detect potential problems in the Switch, switch group or network.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 6 First Time Connecting to the Switch The Switch supports user-based security that can allow you to prevent unauthorized users from accessing the Switch or changing its settings. This section tells you how to log into the Switch.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Step 3: This is the User’s Agreement page. Read through it and click on the “I Agree” button. (The page also gives you the option to choose “Typical setup” or “Custom setup”. (The software vendor strongly suggests that the user selects option 1 – Typical.) Step 4: If Internet Explorer is set as the default browser on your system, then the Java Runtime Environment 5.0 Update 5 – Google Programs dialog box will appear.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Step 7: After finishing the installation process, the program will show this page every time you type the IP address. The default User Name and Password is “admin” and “admin”. Click OK to enter the management interface of the NSH-580. TROUBLESHOOTING: If you still have problems accessing the hyperlink, check the following: 1) Check the firewall in your PC or the firewall that your company uses.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7 Web Management The Switch provides Web pages that allow equipment management through the Internet. The Java Runtime Environment (JRE) is required to run Java applet programs that are automatically downloaded from the Switch during management functions. (See section 7 above). 7.1 Log into Web Management From a PC, open your web browser, type the following in the web address (or location) box: http://192.168.0.254 and then press .
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.1.1 Standard GUI buttons Click New to create a new entry for editing to the table (temporary until Submit is clicked). Click Add to add the new entry to the table (temporary until Submit is clicked). Click Modify to temporarily save changes to an existing entry (temporary until Submit is clicked). Click Remove to remove selected entry (temporary until Submit is clicked).
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Management Page The character ‘!’ and ‘#’ cannot be used as or inside the text string value of any attribute, no matter it’s configured through Web Management or Command Line Interface. For example, “Switch!” or “#Switch” is not a valid System Name. Warning 7.2.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH IP Setup Page 7.2.3 Reboot The Reboot page contains a Reboot button. Clicking the button reboots the system. Rebooting the system stops the network traffic and terminates the Web interface connection. Reboot Page 7.2.4 Firmware Upgrade Enter the TFTP server IP address and the firmware file name. Click Upgrade to update the Switch’s firmware from TFTP server. See figure below for reference. For example, TFTP Server: 192.168.1.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.3 Physical Interface 7.3.1 Port Status 7.3.1.1 Interface Configuration The Physical Interface displays the Ethernet port status in real time. You can configure the port in the following fields in Interface Configuration Window: Port: select the port to configure Status: disable/enable the port Mode: set the speed and duplex mode Flow Control: enable/disable 802.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Ethernet Link: the link is connected or not connected. STP Status: STP is enabled or disabled on the port Duplex: the duplex mode Speed: link speed Flow Control: the setting of 802.3x flow control mechanism on both directions of the port Physical Interface – Runtime Status 7.4 lP Interface This function allows users to see the Layer 3 interface status in real time.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH NOTE: There is one more thing to remember regarding DHCP and VLANs. Because each VLAN is a separate IP subnet, you must configure your DHCP server to deliver IP addresses that are appropriate for each subnet. With Windows 2000’s DHCP server, you do this by setting up a separate DHCP realm for each VLAN. Not all DHCP servers have this capability.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Router Reports Routing Protocol: the routing protocol type of the route. If it is “connected”, the destination is on the local LAN segment connected to the interface Destination: destination IP address. It will be masked to generate an IP range as the objective IP addresses of packets to be routed. Mask: the mask for generating a range of IP addresses. Connected via: IP address of the next router for routing to another network.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Configure the Static Route 7.6.2 RIP This function is used to switch on/off RIP routing protocol. Clicking will enable configuration of Passive-Interfaces and RIP version (v1/v2/both). When RIP is turned on, the switch will exchange routing information with neighbor switches which also running RIP. 7.6.2.1 RIP – Basic The RIP function can be enabled/disabled for all Layer 3 interfaces.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Configuring the RIP 7.6.2.2 RIP – Passive Interfaces If an interface does not need to receive and forward routing updates, the user should disable the sending of routing updates through it. The particular subnet will continue to advise other interfaces of routing updates. Routing updates from other routers on that interface will continue to be received and processed.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.6.2.3 RIP Version This L3 switch can support RIPv1, RIPv2 or both. Incoming Packets: Used to specify RIP version for the interpretation of incoming RIP packets Outgoing Packet: Used to specify the RIP version for sending RIP packets to neighbor router 7.6.3 OSPF This function is used to configure the OSPF routing protocol.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.6.3.1 OSPF – Basic The user can use this page to add L3 interfaces to specific OSPF areas. IP Address: All active L3 interfaces are displayed – you can select any one to configure as OSPF interface Area : Specify the area ID for a specific L3 interface Clicking the Advanced >> button adds extra buttons for “Interfaces” and “Area” options next to the “Basic” button. OSPF – Basic 7.6.3.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH OSPF – Interfaces 7.6.3.3 OSPF – Area This function is used to configure OSPF areas Select an Area: Input area ID to be configured Default Cost: Default cost for a stub area sending packet to outside world Stub: a stub area, at the edge of an AS, is not a transit area since there is only one connection to the stub area.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH OSPF – Area 7.6.4 Multicast Route This function is used to configure Multicast Route feature. It offers two different methods including DVMRP and PIM-DM to establish multicast route. Also, IGMP will be automatically enabled/disabled with Multicast Route Protocol. It allows hosts to communicate their specific data destined for a specific multicast group.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Multicast Route – IGMP 7.6.4.2 M.R. – DVMRP This function is used to configure DVMRP. Network DVMRP is: Enable or disable DVMRP for specific network. Select the corresponding “Network Address” to configure parameters then click on the Modify button. The field you changed will update the content in the display window. To save any changes and make it effective immediately, click Submit. Use Refresh to refresh the setting.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.6.4.3 Multicast Route – PIM-DM This function is used to configure PIM-DM. Status: Enable or disable PIM-DM for specific interface. Select the corresponding interface to configure parameters then click on the Modify button. The field you changed will update the content in the display window. To save any changes and make it effective immediately, click Submit. Use Refresh to refresh the setting. NOTE: The system only supports PIM-DM version 2.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.6.5 VRRP The Virtual Router Redundancy Protocol (VRRP) is designed to eliminate the weak point inherent in the static default routed environment. VRRP specifies an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN. The VRRP router controlling the IP address(es) associated with a virtual router is called the Master, and forwards packets sent to these IP addresses.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH VRRP 7.7 Bridge The Bridge page group contains Layer 2 configurations like link aggregation, STP, etc. 7.7.1 Spanning Tree This section configures three types of Spanning Tree Protocol. 7.7.1.1 STP Status The first page, “STP Status”, can disable or enable STP. There are three modes of STP, RSTP and MSTP can be enabled.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Spanning tree – STP Status 7.7.1.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Spanning tree – Current Roots 7.7.1.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Spanning tree – Bridge Parameters 7.7.1.4 Port Parameters This page contains a display window to show and edit the current configurations for each port. You can select a port then edit it. Click Modify to change the port setting for spanning-tree. The following fields are available: Instance ID (MSTP Only): a spanning-tree instance, you can configure MSTP on your switch to map multiple VLANs into a single STP instance.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Spanning tree – Port Parameters 45
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.7.2 Link Aggregation Static This page configures the link aggregation static group (port trunking). Port Selection Criterion: the algorithm to distribute packets among the ports of the link aggregation group according to source MAC address, destination MAC address, source and destination MAC address, source IP address, destination IP address, or source and destination IP address.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Link Aggregation Static 7.7.3 LACP The page configures the LACP group (port trunking). The switch provides a maximum of 8 ports per group. For a standalone Switch, the maximum number of groups is 14 since it supplies 28 ports only. The feature supplies five statistics for verification.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH LACP – Mode This page displays the LACP group information.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH This page displays the statistics of LACP PDUs counted. LACP – Counters This page shows LACP internal information.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH This page shows LACP neighbor information. LACP – Neighbor This page shows LACP system identification.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH LACP – System ID 7.7.4 Mirroring Port Mirroring, together with a network traffic analyzer, helps you monitor network traffics. You can monitor the selected ports for egress or ingress packets. Mirror: Selects the mirrored port from selection panel. The selected port can be mirrored for Ingress, Egress or Both of traffic. Mirror Mode: Enables or disables the mirror function for the selected group.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Mirroring 7.7.5 Static Multicast This page can add multicast addresses into the multicast table. The switch can hold up to 256 multicast entries. All the ports in the group will forward the specified multicast packets to other ports in the group. Port: selects the port from selection panel.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Static Multicast 7.7.6 IGMP Snooping IGMP Snooping helps reduce the multicast traffic on the network by allowing the IGMP snooping function to be turned on or off. The first part provides the following settings, Enable IGMP Snooping: Globally enable IGMP snooping in all existing VLAN interfaces. By default, IGMP snooping is globally disabled on the switch.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH The Switch only allows 256 Layer 2 multicast groups.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.7.7 Traffic Control Traffic Control Traffic Control protects the Switch bandwidth from flooding packets – including broadcast packets, multicast packets and unicast packets – caused by destination address lookup failure. The limit number is a threshold that limits the total number of the selected type of packets.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Dynamic Addresses 7.7.9 Static Addresses The user can add a MAC address to the switch address table. The MAC address added in this way will not age out from the address table. These are called static addresses.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Static Addresses 7.7.10 VLAN Configuration The user can create up to 4094 VLAN groups and show the VLAN groups in this page. VLAN1 is the default VLAN, which is created by the system. It cannot be removed. This feature prevents the switch from malfunctioning. You can remove any existing VLAN except VLAN1. The user can assign the port to be a tagged port or an untagged port by clicking on the port on the picture.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Click Detach All to unselect all ports for a selected entry (temporary until Submit is clicked). Click Submit to save changes to RAM memory. Click Refresh to view effect of changes. To eventually make all changes permanent in Flash memory, go to “Save Configuration” page (bottom of management menu) and click “Save”. VLAN Configuration 7.7.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH GVRP – GVRP Mode GVRP – GVRP Timer 59
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.7.12 QoS/CoS 7.7.12.1 802.1p Priority Each port has eight egress queues. These queues can either be configured with the Weighted Round Robin (WRR) scheduling algorithm or with one queue as a strict priority queue and the other queues for WRR. The strict priority queue must be empty before the other queues are serviced. You can use the strict priority queue for mission-critical and time-sensitive traffic.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.7.12.2 QoS Queue Mapping The switch supports eight egress queues for each port with a strict priority scheduler. That is, each CoS value can map into one of the eight queues. Queue eight has the highest priority to transmit packets. Click Submit to save changes to RAM memory. Click Refresh to view effect of changes.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH QoS/CoS – QoS Bandwidth 7.8 SNMP This group offers the SNMP configuration including Host Table and Trap Setting 7.8.1 Host Table This page links host IP address to the community name that is entered in Community Table page. Type an IP address and select the community name from the drop-down list. Click Add to add new entry to list of entries (temporary until Submit is clicked).
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Host Table 7.8.2 Trap Setting By setting trap destination IP addresses and community names, you can enable SNMP trap function to send trap packets in different versions (v1 or v2c). Click Submit to save changes to RAM memory. Click Refresh to view effect of changes. To eventually make all changes permanent in Flash memory, go to Save Configuration page (bottom of management menu) and click Save.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.8.3 SNMPv3 VGU Table Two concepts represent the new security features defined by SNMPv3: 1) The User-based Security Model (USM), which provides authentication, encryption, and decryption of SNMPv3 packets. 2) The View-based Access Control Model (VACM), which provides access control. The following three pages are related: Click Add to add new entry to list of entries (temporary until Submit is clicked).
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.8.3.2 Groups VACM Group is used to configure the information of SNMPV3 VACM Group. Group Name: enter the security group name. Read View Name: enter the Read View Name that the Group belongs to. The related SNMP messages are Get, GetNext, GetBulk. Write View Name: enter the Write View Name that the Group belongs to. The related SNMP message is Set. Notify View Name: enter the Notify View Name that the Group belongs to.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Auth Password: enter the password that the Auth Protocol belongs. The password needs at least 8 characters or digits. Priv Protocol: enter the Priv Protocol that SNMP User and Security Group belong. Only NoPriv, DES can be chosen. If the NoPriv is chosen, there is no need to enter password. Priv Password: enter the password that the Priv Protocol belongs. The password needs at least 8 characters or digits.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH editing. Click on a filter set to select the set to be edited or removed. Second, click on Edit to enter the rule page, or click on Remove to remove the filter set. The user should follow the rules to make a valid filter set. One set consists of a collection of rules. The rules having the same fields to filter packets belong to one type. For example, two rules which filter packets with two destination IP addresses, belong to the same type.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Access Control List Rule 7.9.2 Apply Access Control List An ACL rule is idle if it is not attached to any ingress port. Use the Apply Access Control List page to attach a filter set to ingress ports. Click Submit to save changes to RAM memory. Click Refresh to view effect of changes. To make all changes permanent in Flash memory, go to Save Configuration page (bottom of management menu) and click Save.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Detach from all ports: remove all the ACL rules from the attached ports. NOTE: The user may not detach certain ports after issuing an “Attach All” command. To detach ports, use the “Detach All” command. NOTE: Once the ACL rule is attached to the ingress ports, it will filter the packets according to the ingress port and the packet fields in the rules.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Content Aware 7.10 Security The switch supports the 802.1x port-based security feature. Only authorized hosts are allowed to access the switch port. Traffic from unauthenticated hosts will be blocked. Authentication can be provided via a RADIUS server or the local database in the switch. The switch also supports dynamic VLAN assignment through 802.1x authentication process.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Authentication Control: If “ForceAuthorized” is selected, the selected port is forced authorized. Thus, traffic from all hosts is allowed to pass. Otherwise, if “ForceUnauthorized” is selected, the selected port is blocked and no traffic can go through. If “Auto” is selected, the behavior of the selected port is controlled by 802.1x protocol. All ports should be set to “Auto” under normal conditions.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Port Access Control 7.10.2 Dial-in User Dial-in User is used to define users in the local database of the switch. User Name: New user name. Password: Password for the new user. Confirm Password: Enter the password again. VLAN ID: Specify the VLAN ID assigned to the 802.1x-authenticated clients. Please click Add to add the new user. Click Modify when the modifications have been entered. Click Remove when you want to remove the selected user.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Confirm Authentication Key: Re-type the key entered above. NOTE: The VLAN of the RADIUS server connected to the switch must be the same as the VLAN of the system management interface. Click Submit to save changes to RAM memory. Click Refresh to view effect of changes. To eventually make all the changes permanent in Flash memory, go to the Save Configuration page (bottom of management menu) and click Save. Radius 7.10.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH After enable this function globally, go to VLAN configuration page, type in the VLAN id you want to configure, and select ‘Enable’ at ‘DHCP-Snooping’ item, then click ‘summit’ to apply the configuration setting. The final step is setting which physical interface that your DHCP server connected. By default, all interfaces are untrusted.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.11 Traffic Chart These statistical chart pages provide network flow information. The user can specify the time limits for chart refresh updates. The charts allow the user to monitor different types of network traffic. Most MIB-II counters are displayed in these charts. Auto Refresh sets the time interval at which new data is retrieved from the switch. Color lets the user assign a different color to each variable.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Traffic Comparison Chart 7.11.2 Group Chart Select the Port, Refresh Period and display Color, then click Draw. The statistics window shows all the discards or error counts for the specified port. Data is updated periodically.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 7.11.3 History Chart The user can display information for different ports and statistics items in this chart. Since this shows the history of the statistics information, the line chart keeps the old data even when it is refreshed. History Chart 7.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8 Command Line Interface This chapter describes how to use console interface to configure the switch. The switch provides RS232 connectors to connect to a PC. Use a terminal emulator on the PC, such as HyperTerminal or command line interpreter, to configure the switch. The terminal emulator should be configured with a baud rate of 38400, 8 bit data, no parity, 1 stop bit, and no flow control.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH loadbx none none load binary file over serial line (X modem) netmask mask xxx.xxx.xxx.xxx set network mask ping host xxx.xxx.xxx.xxx send ICMP ECHO_REQUEST to network host pwd none none reset switch password reset none none perform reset of the CPU serverip IP address xxx.xxx.xxx.xxx set tftp server IP address slot slot 1, 2, auto select boot slot to boot tftpboot filename Example: 3112single.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.1.2 Delete user Delete an existing user. CLI Syntax: delete user user-name Example: Switch(config)#delete user admin 8.3.2 Backup and Restore 8.3.2.1 Backup start-up configuration file Backup the start-up configuration file “Quagga.conf” of the switch to TFTP server. CLI Syntax: copy startup-config tftp: URL Example: Switch#copy startup-config tftp: 192.168.8.56 8.3.2.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Example: Switch>enable 8.3.3.4 Disable Exit enable mode and turn off privileged mode command. CLI Syntax: disable Example: Switch#disable 8.3.3.5 End This command lets the user end the current mode and go to enable mode. CLI Syntax: end Example: Switch(config)#end 8.3.3.6 Exit This command lets the user end the current mode and go to the previous mode. CLI Syntax: exit Example: Switch#exit 8.3.3.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Example: Switch#date 080112202007 8.3.3.10 System Contact Displays contact information regarding the Switch. This is an RFC-1213-defined MIB object in System Group, and provides contact information on the managed node. CLI Syntax: snmp-server contact WORD Example: Switch(config)#snmp-server contact clerk@central.com.tw If the user puts the contact info in the contact description field, the Switch’s contact info will change to the new info. 8.3.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.3.15 show running-config To show running-config file. CLI Syntax: show running-config Example: Switch#show running-config 8.3.3.16 write memory Use the write file configuration command on the switch stack or standalone switch to write configuration to the file. CLI Syntax: write memory Example: Switch#write memory 8.3.3.17 Assign a new user account Add a user, e.g.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH Example: Switch(config)#interface fastethernet1/0/2 Switch(config-if)#duplex full This example shows how to use the duplex configuration command on the switch to set full-duplex on the interface. 8.3.4.3 Interface flow control Use the flow control configuration command on the switch to set flow control status of the port.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.5.3 Interface vlan VLAN-ID This command changes the operation to vlan interface command mode. CLI Syntax: interface vlan VLAN-ID Example: Switch(config)#interface vlan 1 8.3.5.4 IP address This command sets the ip address for a specific interface. CLI Syntax: ip address A.B.C.D/M Example: Switch(config)#ip address 192.168.20.121/24 Note: This will not show the interface name. Please remember which interface you are configuring. 8.3.5.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.6 RIP 8.3.6.1 Router RIP The router rip command is necessary to enable RIP. To disable RIP, use the ‘no router rip’ command. RIP must be enabled before carrying out any of the RIP commands. CLI Syntax: router rip Example: Switch(config)#router rip 8.3.6.2 No Router RIP Disable RIP. CLI Syntax: no router rip Example: Switch(config)#no router rip 8.3.6.3 Version RIP can be configured to process either Version 1 or Version 2 packets.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.7.2 Router ID Assign an OSPF Router ID in IP-address format. CLI Syntax: ospf router-id a.b.c.d Example: Switch(config-router)#ospf router-id 10.0.0.3 8.3.7.3 Area Set the OSPF area ID. CLI Syntax: network a.b.c.d/m area decimal-value Example: Switch(config-router)#network 102.192.2/24 area 1 8.3.8 VRRP Enable or disable VRRP functions for a specific IP interface. CLI Syntax: standby VRID (1-255) ip a.b.c.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.9.4 show spanning-tree active To ‘show spanning-tree active’. CLI Syntax: show spanning-tree active Example: Switch#show spanning-tree active 8.3.9.5 spanning-tree enable and disable Enable/Disable the spanning tree. CLI Syntax: spanning-tree (enable|disable) Example: Switch#spanning-tree disable 8.3.10 Link Aggregation 8.3.10.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH CLI Syntax: clear lacp counters [STACKID] Example: Switch#clear lacp counters 1 8.3.11.2 lacp aggregation-link trunk This command sets the Link Aggregation Control Protocol (LACP) operation add/set for the trunk group ports on the switch. CLI Syntax: lacp aggregation-link trunk STACKID (add/set) group <1-32> PORTLIST Example: Switch#lacp aggregation-link trunk 1 set group 1 25,26 8.3.11.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.12.2 mirror setting This command mirrors the source interface list traffic to the destination interface. The mirror type supports Received traffic, Transmitted traffic, or both. CLI Syntax: mirror IFLIST to IFNAME (rx|tx|both) Example: Switch(config)#mirror fastethernet1/0/3-5 to fastethernet1/0/9 both 8.3.12.3 show mirror To show current mirror features. CLI Syntax: Show mirror Example: Switch#show mirror 8.3.12.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.13.3 show mac-address-table multicast Use the ‘show mac-address-table multicast’ user EXEC command to display the Layer 2 multicast entries for all VLANs. Use the command in privileged EXEC mode to display specific multicast entries. CLI Syntax: show mac-address-table multicast Example: Switch#show mac-address-table multicast 8.3.14 IGMP Snooping 8.3.14.1 disable ip igmp snooping This command disables the ‘ip igmp snooping’ feature.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH CLI Syntax: no storm-control (broadcast|dlf|multicast) Example: Switch(config-if)#no storm-control broadcast 8.3.15.3 show storm-control Use the show storm-control configuration command on the switch to show the limit rate of the port’s total bandwidth used by broadcast/dlf/multicast. CLI Syntax: show storm-control IFNAME (broadcast|dlf|multicast) Example: Switch#show storm-control gi1/0/1 broadcast 8.3.16 Dynamic Addresses 8.3.16.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.17 Static Addresses 8.3.17.1 add static mac-address The user can add a MAC address to the Switch address table. The MAC address added this way will not age out from the address table. This is called a static address. CLI Syntax: mac-address-table static MAC_ADDR vlan VLANID interface IFNAME Example: Switch(config)#mac-address-table static 0000.1111.2222 1 fastethernet1/0/2 8.3.17.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH CLI Syntax: switchport access vlan <1-4094> Example: Switch(config)# interface fastethernet1/0/2 Switch(config-if)#switchport access vlan 1 8.3.18.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.19.5 show gvrp portstate To show gvrp statistics IFNAME status. CLI Syntax: show gvrp portstate [IFNAME] VID Example: Switch#show gvrp portstate fastethernet1/0/1 1 8.3.20 CoS/QoS 8.3.20.1 queue cos-map Use the ‘queue cos-map configuration’ command on the switch to select the CoS queue that a given priority should map into. CLI Syntax: queue cos-map PRIORITY QUEUE Example: Switch(config)#queue cos-map 1 3 8.3.20.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.21 SNMP 8.3.21.1 show rmon statistics To show rmon statistics IFNAME status. CLI Syntax: show rmon statistics [IFNAME] Example: Switch#show rmon statistics fastethernet1/0/1 8.3.21.2 show snmp-server community To show snmp-server community. CLI Syntax: show snmp-server community Example: Switch#show snmp-server community 8.3.21.3 snmp-server host This command sets the SNMP host information. CLI Syntax: snmp-server host A.B.C.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.22.3 filter conditions This command specifies one or more conditions (denied or permitted) to decide if the packet is forwarded or dropped. CLI Syntax: (permit|deny) any any IFNAME Example: Switch(config-ext-macl)#permit any any 1 8.3.22.4 filter attach This command is used to assign filter rule for a specific port. CLI Syntax: mac access-group WORD in Example: Switch(config-if)#mac access-group mac_acl_1 in 8.3.23 Port Access Control 8.3.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.23.2 dot1x default This command resets the configurable 802.1x parameters to the default values. CLI Syntax: dot1x default Example: Switch(config)#interface fastethernet1/0/1 Switch(config-if)# dot1x default 8.3.23.3 dot1x guest-vlan Use the dot1x guest-vlan interface configuration command on the switch to specify an active VLAN as an 802.1X guest VLAN. Use the no form of this command to return to the default setting.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 8.3.24 Dial-in User 8.3.24.1 dot1x username password Add user into local radius database. CLI Syntax: dot1x username WORD passwd WORD vlan Example: Switch(config)#dot1x username test passwd 12345 vlan 1 8.3.24.2 show dot1x user Show dot1x dial-in user. CLI Syntax: show dot1x username Example: Switch#show dot1x username 8.3.25 RADIUS 8.3.25.1 RADIUS settings This command sets the radius server ip, radius key, and radius port for 802.
VOLKTEK NSH-580 MANAGED 24-PORT 10/100 + 4 G COMBO L3 SWITCH 9 Contact Information VOLKTEK CORPORATION 4F, No.
