2 OPERATING MANUAL GSM2109-1009-8PoE Switch Managed Switch with Eight 10/100/1000Base-TX Ports Plus One Mini GBIC slot for 1000Base-SX or LX fiber or one 10/100/1000Base-TX port Eight PoE Ports CORPORATE HEADQUATERS MANUFACTURING/CUSTOMER SERVICE 5001 American Blvd. W., Suite 605 945 37 Avenue, NW Bloomington, MN 55437 Rochester, MN 55901 Phone: 800.441.5319 Phone: 800.328.2275 Phone: 952.831.5603 Phone: 507.252.1951 Fax: 952.831.5605 th Fax: 507.285.1952 Web site: http://www.watersnet.
Table of Contents 1.0 Specifications ......................................................................................................5 2.0 Package Contents ...............................................................................................8 3.0 Introduction..........................................................................................................8 3.1 Switch Features...................................................................................................
5.10 System Event Log ...............................................................................................33 5.11 System Event Log – SMTP Configuration ........................................................... 34 5.12 Event Configuration .............................................................................................36 5.13 SNTP Configuration.............................................................................................37 5.14 IP Security ....................
5.31 Power over Ethernet (PoE)..................................................................................76 5.32 Factory Default Settings ...................................................................................... 78 5.33 Save Configuration ..............................................................................................79 5.34 Reboot the System .............................................................................................. 79 6.0 CLI Commands .........
1.0 Specifications OPERATIONAL CHARACTERISTICS: MAC Address Table: Switching Mode: Bandwidth: System Throughput: Memory Buffer Size: Performance: 8k Store-and-forward Up to 18Gbps Up to 26.
PoE SPECIFICATIONS: PoE Enable/Disable Power limit by classification (enable/disable PD power classification) Power limit by management (enable power feeding priority) Per port power feeding priority setting Power through Ports 1-8: Positive (VCC+): RJ45 pin 4, 5 Negative (VCC-): RJ45 pin 7, 8 Detect Legacy Signature (resistive and capacitive) Per port provides 15.4 watts LED indicators for PoE ready and activity NETWORK STANDARDS: IEEE 802.3 IEEE 802.3u IEEE 802.3z IEEE 802.3x IEEE 802.3ab IEEE 802.
POWER SUPPLY: Input Voltage 90 to 240 VAC, 50 to 60Hz Power Consumption 138watts maximum OPERATING ENVIRONMENT: Ambient Temperature: 32° to 113°F (0° to 45°C) Storage: -40° to 158°F (-40°to 70°C) Ambient relative humidity: 5% to 95% (non-condensing) MECHANICAL: Enclosure: Rugged high-strength sheet metal suitable for stand-alone, wall or tabletop mounting Cooling Method: Internal fan PHYSICAL CHARACTERISTICS: GSM2109-8POE: Dimensions: 10.6 x 8.25 x 1.75 in (269 x 209.6 x 43mm) Weight: 3lbs (1.
2.0 Package Contents Examine the shipping container for obvious damage prior to installing this product. Notify the carrier of any damage that you believe occurred during shipment. Ensure that the items listed below are included. supplier. If an item is missing, please contact your Both the GSM2109 and 1009-8POE switch packages contain the following: Switch Power Cord Four Rubber Feet RS-232 cable User’s Guide 3.
PoE ports eliminates the need to run 110/220 VAC power to other devices on the LAN. The same CAT5 Ethernet cable that carries data to each device can also deliver power over the same cable. This allows greater flexibility in the location of network devices and can help reduce installation costs. There are two system components for PoE: the power sourcing equipment (PSE) which initiates the connection to the second component--the powered device (PD).
reducing the collision domain to a single switch-port, the need for carrier sensing was eliminated. Third, by using the store-and-forward technology’s approach of inspecting each packet to intercept corrupt or redundant data, switching eliminated unnecessary transmissions that slow down network traffic. Auto-negotiation regulates the speed and duplex of each port, based on the capability of both devices. Flow-control allows transmission from a 100Mbps node to a 10Mbps node without loss of data.
802.1p CoS per port 4 queues Port based VLAN 802.1q VLAN 802.3ad port trunk with LACP STP/RSTP QoS • Port based / tag based • IPv4 Tos/Ipv4, Ipv6 DiffServe Port mirror and bandwidth control 802.
3.2 Software Features RFC Standard RFC2233 MIBII, RFC 1157 SNMP MIB, RFC 1493 Bridge MIB, RFC 2674 VLAN MIB, RFC 2665 Ethernet like MIB, RFC1215 Trap MIB, RFC 2819 RMON MIB, Private MIB, RFC2030 SNTP, RFC 2821 SMTP, RFC 1757 RMON1 MIB, RFC 1215 Trap Management SNMP v1, SNMP v2c, SNMP v3, Telnet, Console (CLI), Web management and menu driven SNMP Trap Cold start, warm start, link down, link up, authorization fail, Trap station up to 3. Port Trunk Supports IEEE802.3ad with LACP function.
Port Security Port Mirror Supports ingress and egress MAC address filter and static source MAC address lock. Global system supports 3 mirroring types: “RX, TX and Both packet”. The maximum of port mirror entries is 8. Ingress rate limiting packet type: all of frames, broadcast, Bandwidth Control multicast, unknown unicast and broadcast packet. Egress rate shaping supports all of packet. Rate limiting levels: 64kbps to 64Mbits or up to 256Mbits for Gigabit port. Support IEEE802.
Configuration upload and download Spanning Tree Support binary format configuration file for system quick configuration. IEEE802.1d Spanning tree IEEE802.1w Rapid spanning tree Provides X-ring, dual homing and coupling ring. Provides redundant backup feature and recovery time below X-ring 300ms PoE Enable/Disable; Power limit by classification: Enable/ Disable PD power classification and output power will be limited by PD’s classification.
3.3.1 Console and Telnet Management Console Management is done through the RS-232 Console Port. Use the RS-232 cable supplied in your package to connect directly to a workstation from your switch. Use the default IP 192.168.16.1 to use Telnet or Web Management to login to the switch and modify the configuration. 3.3.2 Web-based Management The switch provides an embedded HTML web site residing in flash memory.
Figure 3.2 - Front Panel Rear Panel A three-pronged AC power plug is located on the rear panel of the switch. The switch operates in the range 100-240V AC, 50-60Hz. Figure 3.3 - Rear Panel Hardware Ports One slot for mini GBIC One 10/100/1000Base-TX port Eight 10/100Base-TX connections. MDI allows you to connect to another hub or switch and MDIX allows you to connect to a workstation or PC.
3.5 LED Indicators The following table provides the status and description of the LEDs. The LEDs provide a real-time indication of systematic operation status. LED Power Status Color Description On Green Power On Off On No power inputs Green 1000M The port is operating at 100Mbps or no device is Off LNK/ ACT The port is operating at 1000Mbps.
dust. 2. Remove adhesive backing from the rubber feet. 3. Apply the rubber feet to each corner on the bottom of the switch. 3.6.2 Power On Connect the power cord to the AC power socket on the rear panel of the switch. Check the power indicator on the front panel to see if power is properly supplied.
4.0 Network Applications This section provides samples of network topology in which the switches can be used. This model switch is generally used as a desktop, workgroup or edge segment switch. The switch has been designated as a segment switch which has a large address table (8K MAC addresses) providing high performance for connecting network segments. The uplink port (Gigabit combo port) provides connection to another switch in either fiber or copper to form a large switched network.
X-Ring Application The X-ring protocol is supported which helps the network to recover from network connection failures within 300ms or less, therefore, making the network more reliable. The X-ring algorithm is similar to Spanning Tree Protocol (STP) and Rapid STP (RSTP), but its recovery time is less than STP/RSTP. The following figure illustrates an example of the X-ring protocol: Figure 4.
Coupling Ring Application There may be more than one X-ring group in the network. can connect each X-Ring for redundant backup. The Coupling Ring function It ensures the transmission between two ring groups, therefore reducing failure. Figure 4.3 – Coupling Ring Application Dual Homing Application The Dual Homing function is used to prevent the connection loss from between X-ring groups and upper level/core switches.
Figure 4.4 – Dual Homing Application Small Workgroup Application The GSM2109 and 1009-8POE switches are designed to be desktop size switches that provide an ideal solution for a small workgroup or classroom environment. The switch can be a standalone switch connected to personal computers, a server, and a printer. The following illustrates a small workgroup application: Figure 4.
Segment Bridge Both switch models provide power to the powered devices that follow the IEEE 802.3af standard on the network. This solves the problem of position limitation, so the network device can be installed in a more convenient location for us. The following figure provides an example of a network application for PoE. Figure 4.6 – PoE Segment Bridge Application These compact switches can be easily connected to the backbone switch allowing communications throughout the network.
Connecting a Terminal or PC to the Console Port Use the supplied RS-232 cable to connect a terminal or PC to the console port. The terminal or PC to be connected must support the terminal emulation program. After the connection between switch and PC is made, run a terminal emulation program or Hyper Terminal to match the following default characteristics of the console port: Baud Rate: 9600 bps Data Bits: 8 Parity: None Stop Bit: 1 Flow Control: None Figure 4.7 - Communication Parameters 1.
4. The default user name is root, and the default password is root. You may change the login identification to make it more secure for your network in the System Configuration menu. 5. Once you have logged into the system, the following command prompt will be displayed. Enter enable to access CLI commands. Figure 4.9– CLI and Telnet Command Prompt Switch management can be accessed via the following methods: • Console Connection described above. Begin entering CLI commands at this prompt.
The web based management supports IE 6.0. It is based on Java Applets with an aim to reduce network bandwidth consumption, enhance access speed and present an easy viewing screen. 5.1 Workstation Settings for Web Management Before the management functions can be accessed via the web, use the console connection to login to the switch to check the IP address of the switch. The default IP address is: IP Address: 192.168.16.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.16.
Figure 5.1 - Web Management Login Screen 5.3 System Information Use the System menu to configuration the following system information: System Name - assign a name for the switch. The maximum length is 64 bytes. System Description - displays the description for the switch. The information is read only and cannot be modified. System Location - assign the physical location for the switch. The maximum length is 64 bytes. System Contact – Enter the designated contact person for this switch.
Figure 5.2 - System Information Screen 5.4 IP Address Configuration This menu allows you to change the IP address for the switch as well as reconfigure IP settings. Once the IP address has been set, the switch must be rebooted. DHCP - Disable or enable the DHCP client function. When DHCP function is enabled, the system will assign IP addresses to devices from the local DHCP server. Therefore, you do not have to assign the IP addresses. IP Address – Use this option to assign the switch IP address.
DNS2 - DNS2 is the backup for DNS1. If the DNS1 cannot function, the DNS2 will replace DNS1. Figure 5.3 – IP Configuration 5.5 DHCP Server Dynamic Host Configuration Protocol (DHCP) is a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device may have a different IP address every time it connects to the network. In some systems, the IP address may change while connected. DHCP supports a combination of static and dynamic IP addresses.
High IP Address - High IP address is the last of the dynamic IP numbers to be assigned. In the example listed above, the High IP address would be 192.168.1.200. Subnet Mask - The dynamic IP assigned range for subnet mask. Gateway - The gateway of your network. DNS – The Domain Name Server IP Address of your network. Lease Time (sec) – Specifies in seconds the time period that the system will reset the dynamic IP assignment. Figure 5.
5.6 Port and IP Binding The switch allows you to assign a specific IP address that is in the dynamic IP range to a specific port. When the device is connecting to the port and requests a dynamic IP assignment, the system will assign the IP address that has been previously assigned to the connected device. Figure 5.6 - Port and IP Bindings Screen 5.7 TFTP Transaction The TFTP Update Firmware screen allows you to update the switch firmware, restore EEPROM value or backup current EEPROM value. 1.
Figure 5.7 - Update Firmware Screen 5.8 Restore Configuration You can restore the EEPROM value from the TFTP server. Before restoring, you must load the image file on the TFTP server so the switch can download the flash image. 1. Fill in the TFTP server IP address. 2. Enter the correct Restore File Name. 3. Click Apply to proceed. Figure 5-8 - Restore Configuration Screen 5.9 Backup Configuration This menu allows you to save the current EEPROM value from the switch to the TFTP server. 1.
Figure 5.9 - Backup Configuration Screen 5.10 System Event Log The System Event Log – Syslog Configuration allows you to configure the switch so you can collect and view system events. 1. Select the Syslog Client Mode: client only, server only, or both client and server. 2. Enter the Syslog server IP address. 3. Click Reload to refresh the events log. 4. Click Clear to clear the current events log.
Figure 5.10 – System Event Log Note: When the Syslog Client Mode is set as Client Only, the system event log will only be sent to the client logged into the switch. When the Syslog Client Mode is set to Server Only, the system log will only be sent to the to the syslog server. You will have to enter the IP address in the Syslog Server IP address column. If the Syslog Client Mode is set to Both, the system log will be set to the client and server. 5.
Password – Enter the password for the email account. Confirm password – Enter the password again for confirmation. Rcpt email address 1~ 6 – Up to six email accounts can be assigned to receive the alerts. Figure 5.
5.12 Event Configuration The Event Configuration allows you to select SMTP events. When selected events occur, the system will send out the log information or alerts. events can also be selected. Per port log and SMTP The four event types are listed below. Before you can select an event type, the Syslog Client Mode (Email Alert on the SMTP Configuration Tab) must be enabled. Device cold start – the system will produce a log event when the device executes a cold start action.
Figure 5.12 – System Event Log 5.13 SNTP Configuration Use this menu to configure the Simple Network Time Protocol (SNTP) settings. The SNTP synchronizes the switch clock with the Internet. SNTP Client – set the SNTP function to enable or disable. SNTP is disabled by default. Daylight Savings Time - enable or disable the daylight savings time function. When daylight saving time is enabled, you must also set the daylight savings time period. UTC Timezone - set the switch location time zone.
Local Time Zone Conversion from UTC Time at 12:00 UTC November Time Zone - 1 hour 11am Oscar Time Zone -2 hours 10 am ADT - Atlantic Daylight -3 hours 9 am -4 hours 8 am -5 hours 7 am -6 hours 6 am -7 hours 5 am -8 hours 4 am ALA - Alaskan Standard -9 hours 3 am HAW - Hawaiian Standard -10 hours 2 am Nome, Alaska -11 hours 1 am +1 hour 1 pm +2 hours 2 pm AST - Atlantic Standard EDT - Eastern Daylight EST - Eastern Standard CDT - Central Daylight CST - Central Standard MDT
Local Time Zone Conversion from UTC Time at 12:00 UTC +3 hours 3 pm ZP4 - USSR Zone 3 +4 hours 4 pm ZP5 - USSR Zone 4 +5 hours 5 pm ZP6 - USSR Zone 5 +6 hours 6 pm +7 hours 7 pm +8 hours 8 pm +9 hours 9 pm +10 hours 10 pm +12 hours Midnight USSR Zone 1 BT - Baghdad, USSR Zone 2 WAST - West Australian Standard CCT - China Coast, USSR Zone 7 JST - Japan Standard, USSR Zone 8 EAST - East Australian Standard GST Guam Standard, USSR Zone 9 IDLE - International Date Line NZST - New Zealan
Daylight Saving Period– enter the beginning and ending time for daylight savings time. Both will be different in every year. Daylight Saving Offset (mins) – For non-US and European countries, specify the amount of time for daylight savings time. Click Apply to save the configuration. Figure 5.13 – SNTP Configuration 5.14 IP Security IP security allows you to assign ten specific IP addresses that have permission to access the switch through the web browser for secure switch management.
Note: Remember to execute Save Configuration to save the new settings. 5.
5.15 User Authentication User authentication is used to modify login user name and password: User name – key in the new user name. The default is root. Password - key in the new password. The default is root. Confirm password - Retype the new password for confirmation. Click Apply to save the configuration. 5.15 – User Authentication 5.16 Port Menu Port Statistics provides statistics for current port traffic. You can use the Clear button to clean out off of the counts.
oversize, CRC align errors, fragments and jabber packets) TX Abort Packet - counts the aborted packet during transmission Packet Collision – counts the dropped packets TX Bcast Packet – counts the broadcasted packets Rx Mcast Packet – counts the multicast packets The clear button will clean out all counts. Figure 5.16 – Port Statistics 5.17 Port Control The section of this screen is used to configure each port. The bottom section displays the current settings for each port.
device exceeds the input data rate of another device, the receiving device will send a PAUSE frame which halts the transmission of the sender for a specified period of time. When disabled, the receiving device will drop the packet if there is too much to process. Security – The default for security is Off. When turned On, access from a device connected to that port will be blocked unless the MAC address of that device is included in the static MAC address table. Click Apply to save the configuration.
5.18 Port Trunking The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between partner systems. The systems have to reach an agreement on the identity of the Link Aggregation Group to which the link belongs, move the link to that Link Aggregation Group and enable its transmission and reception functions. Link aggregation allows you to group up to eight consecutive ports into a single dedicated connection.
Figure 5.
5.19 Aggregator Information Once the LACP aggregator has been configured, the information can be displayed through the Aggregator Information screen. Group information – displays the trunk group ID Port member – displays the members of this static trunk group. 5.
5.20 State Activity Once the LACP aggregator has been configured, you can configure the port state activity. Port state activity can be set to active or passive. Active – port automatically sends LACP protocol packets Passive – port does not automatically send LACP protocol packets and responds only if it receives LACP protocol packets from the opposite device. Note: A link having either two active LACP ports or one active port can perform dynamic LACP trunking.
o Both – RX and TX packet Source port – select the ports to be monitored. All monitored port traffic will be copied to the mirror port. You can select a maximum of 10 monitor ports in the switch. You can choose the port to monitor in only one mirror mode. Select the mirroring port state: o RX – RX packet only o TX – TX packet only o Both – RX and TX packet Click Apply to confirm the settings. Note: To disable the function, set the monitor port to none. Figure 5.
5.22 Rate Limiting Rate limiting allows you to set up the bandwidth rate and packet limitation type per port. Ingress Limit Packet Type – select the packet type to be filtered. The packet types include four types of packets: all, broadcast/multicast/flooded, unicast packets, broadcast/multicast packets, and broadcast only packets. The egress rate supports all types of packets. All ports support port ingress and egress rate control.
5.23 Protocol Menu The Protocol Menu includes the following functions: 5.23.1 VLAN Rapid Spanning Tree Protocol (RSTP) Simple Network Management Protocol (SNMP) Quality of Service (QoS) Internet Group Management Protocol (IGMP) X-Ring VLAN Configuration Virtual Local Area Networks (VLANs) are logical network groups that limit the broadcast domain.
5.23.2 Port Based VLAN Configuration When a port is configured in a VLAN, packets can travel only among members of the same VLAN group. All unselected ports belong to another single VLAN. If the port-based VLAN is enabled, VLAN-tagging is ignored.
Figure 5.25 – Port Based Add Interface 1. Enter the group name and the VLAN ID. 2. Use the Add button to add the selected port into the right field to group these members to be a VLAN group. 3. Use the Remove button to remove VLANs. 4. Click Apply.
Figure 5.26 – Port Based Edit/Delete Interface 1. Use the delete button to delete the VLAN. 2. Use the edit button to modify a group name, VLAN ID or to add/remove members of the existing VLAN group. 5.23.3 802.1q VLAN The IEEE 802.1q specification covers tagged-based. Therefore, it is possible to create a VLAN across devices from different switch venders. IEEE 802.1Q VLAN uses a technique to insert a “tag” into the Ethernet frames.
1. To enable the GVRP protocol, check box to enable GVRP protocol. 2. Select the ports to be configured. 3. There are three link types. Access Link Trunk Link Hybrid Link 4. Assign the Untagged VID. 5. Assign the Tagged VID. 6. Click apply. Figure 5.27 displays the settings. Figure 5.27 – 802.
Group Configuration To edit the existing VLAN Group: 1. Select the VLAN group in the table list. 2. Click apply. Figure 5.28 – Group Configuration Screen 3. You can change the VLAN group name and VLAN ID. 4. Once you have made the changes, click apply to save the changes.
Figure 5.29 – Group Configuration Screen 5.24 RSTP (Rapid Spanning Tree Protocol ) Menu The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides faster spanning tree convergence once a topology change has been made. This switch supports both STP and RSTP. The switch will auto detect the connected device that is running STP or RSTP protocol. 5.24.1 RSTP System - Configuration 1. Spanning tree information about the Root Bridge can be viewed here. 2.
between 6 through 40. Hello Time (1-10) - Determines how often the switch broadcasts its hello message to other switches to check RSTP current status. Enter a value between 1 through 10. Forward Delay Time (4-30) - the number of seconds a port waits before changing from its RSTP learning and listening states to the forwarding state. Enter a value between 4 through 30.
Priority - decide which port should be blocked by priority in LAN. Enter a number 0 through 240. The value of priority must be a multiple of 16. Admin P2P - some of the rapid state transactions that are possible within RSTP are dependent upon whether the port concerned can only be connected to exactly one other bridge (i.e. it is served by a point-to-point LAN segment), or can be connected to two or more bridges (i.e. it is served by a shared medium LAN segment).
Figure 5.31 – RSTP – Port Configuration 5.25 SNMP Configuration Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management provides a system to learn of problems by receiving traps or change notices from network devices implementing SNMP. 5.25.
information • Read/write – enables requests accompanied by this string to display MIB-object information and set MIB objects Click Add. To remove the community string, select the community string to be removed, and click Remove. You cannot remove the default community string set. Agent Mode - select the SNMP version that you want to use. Click Change to switch to the selected SNMP version mode. Figure 5.32 – SNMP Configuration 5.25.
Click Add - to save the settings. To remove the community string, select the community string to be removed and click Remove. The default community string cannot be removed. Figure 5.33 – SNMP Trap Configuration 5.25.3 SNMPV3 Configuration To configure the SNMP V3 function, the following tasks should be done. See Figure 5.33 – SNMP V3 Configuration Interface. Configure the Context Table. Assign the context name of the context table. Click Add.
Configure SNMP V3 Group Table. Security Name (User ID) – assign the user name that you set up in user table. Group Name – set up the group name. Click Add to add the group information. Click Remove to remove group information. Configure SNMP V3 Access Table Context Prefix – set up the context name.
Figure 5.
5.26 QoS Configuration Use the QoS configuration menus to configure the following: QoS policy Priority setting Per port priority setting COS TOS QoS Policy and Priority Type QoS Policy – select the QoS policy rule. • 8,4,2,1 weight fair queue scheme - the switch will follow the 8:4:2:1 rate to process priority queue from highest to lowest queue.
Figure 5.35 – QoS Configuration Port Based Priority Use this section of the screen to configure the priority level per port. Ports 1 ~ 9 – each port has four priority levels – High, Middle, Low and Lowest. Click Apply to save the configuration.
COS Configuration Use this section of the screen to set the COS priority level. COS priority - set the COS priority level 0~7: High, Middle, Low, Lowest. Click Apply to save the configuration. TOS Configuration Use this section of the screen to set the TOS priority level. TOS priority - the system provides 0~63 TOS priority levels. Each level has four types of priority – high, mid, low, and lowest. The default value is the lowest priority for each level.
Message Query Description A message sent from the querier (IGMP router or switch) asking for a response from each host belonging to the multicast group. A message sent by a host to the querier to indicate that the host Report wants to be or is a member of a given group indicated in the report message. Leave A message sent by a host to the querier to indicate that the host Group is no longer a member of a specific multicast group. Table 5.
5.28 X-ring X-ring provides a faster redundant recovery than the spanning tree topology. The action is similar to STP and RSTP, but the algorithms that are used are not the same. To use the X-ring topology, the X-ring function must be enabled on each switch and two ports should be assigned as the member ports in the ring. One switch in the X-ring group should be set as a master switch that one of two member ports will be blocking. That switch is the backup port, and the other port is the working port.
o Coupling Port - select the member port. o Control Port - select the switch as the master switch in the coupling ring. Enable Dual Homing – Dual homing only works when X-ring is enabled. To enable the dual homing function, set up one port as the dual homing port. Only one port can be the dual homing port. Dual-homing provides reliability for your network by allowing a device to be connected to the network by way of two independent connection points.
Figure 5.37 - X-ring Interface Note: When the X-ring function is enabled, RSTP must be disabled. The X-ring function cannot exist at the same time as RSTP. Remember to save configuration so the new settings will be saved if the switch loses power. 5.29 802.1X - Security Configuration Use the Security menu to configure 802.1x and port security by MAC address. 802.
specified Radius Server. Shared Key - set an encryption key to be used during authentication sessions with the specified radius server. This key must match the encryption key used on the Radius Server. NAS, Identifier - set the identifier for the radius client. Click Apply to save the configuration. Figure 5.38 – 802.1x System Configuration Port Configuration The 802.1x authentication state can be configured for each port. The State provides the following conditions.
Figure 5.39 – 802.1x Per Port Setting Interface Miscellaneous Configuration Quiet Period - set the period during which the port doesn’t try to acquire a supplicant. TX Period - set the period the port waits for retransmit (next EAPOL PDU) during an authentication session. Supplicant Timeout - set the period of time the switch waits for a supplicant response to an EAP request. Server Timeout - set the period of time the switch waits for a server response to an authentication request.
Figure 5.40 – 802.1x Miscellaneous Configuration 5.30 MAC Address Table The MAC Address Table uses MAC addresses to ensure port security. Static MAC Address The Static MAC Address menu allows you to add a static MAC address. The static MAC address will remain in the switch's address table, regardless of whether or not the device is physically connected to the switch.
Figure 5.41 – Static MAC Address Interface Filtering MAC Address By filtering MAC addresses, you can enhance the security on your network. The MAC Filtering screen allows you to add and delete MAC addresses. To add a MAC Address for filtering: 1. MAC Address - Enter the MAC address to be filtered. 2. Click Add to save the configuration. 3. The MAC address will be displayed in the table. You can delete a MAC address from the filtering table by selecting the MAC address and clicking Delete.
Figure 5.42 – All MAC Address Interface 5.31 Power over Ethernet (PoE) The following list describes the PoE settings for the switch. Maximum Power Available - Displays the maximum watts. Actual Power Consumption – Real-time total power consumption. System Power Limit – Can modify the value of this column to limit the total output power for the system. Main Supply Voltage – Displays the output voltage of the system for PoE ports. Firmware Version – Displays the firmware version.
rate is within the window of the PD signatures, the device is considered to be discovered. Start – The system initializes and resets successfully. Click Add to apply changes. Port – Displays the index of PoE ports. Enable State – PoE is enabled by default. You can check this box to disable the PoE function to the port. Power Limit From Classification – Check this box to select the power limit method.
Figure 5.43 – PoE Settings 5.32 Factory Default Settings You can return the factory default settings by choosing Factory Default from the Main Menu. Keep current IP address setting – You may either keep the current IP address or reset the IP to the default IP address. Use the Space key to make the change. Keep current username and password – You may either keep the current username and password or reset to default username and password (root/root). Use the Space key to make the change.
5.33 Save Configuration Once you have made changes to the system, you must use Save All Configuration from the Main Menu to ensure that all changes are saved. 1. Click on Save Configuration. 2. Click on Save to save the configuration to the flash memory. 5.34 Reboot the System Once changes have been made, the system should be rebooted to apply the changes. 1. Choose Reboot System from the Main Menu. 2. Click on Reboot to reboot the system.
6.0 CLI Commands To use the CLI commands, enter enable once you have logged into the switch. The following table lists the Command level of the CLI commands. Command Description User EXEC This command is a subset of switch> the commands available at the privileged level. Use this command to: Privileged EXEC Prompt Exit Method Logout or quit Enter the enable command while in EXEC mode.
f)# command (with a specific interface) while in the global configuration mode Commands Set List – Used in Next Table User EXEC E Privileged P EXEC Global G configuration VLAN V database Interface I Configuration The following table lists the System Commands.
Command description [system description] system contact [system contact] show system-info ip address] Level Description Example G Set switch system contact window string switch(config)#system contact xxx E Show system information switch>show system-info G Configure the IP address of switch switch(config)#ip address 192.168.1.1 255.255.255.0 192.168.1.
Command [low ip] dhcpserver highip Level Description Example G Configures high IP address number for IP pool switch(config)# dhcpserver highip 192.168.1.50 [high ip] dhcpserver subnetmask G Configures subnet mask for DHCP clients switch(config)#dhcpserver subnetmask 255.255.255.0 [subnet mask] dhcpserver gateway G Configures gateway for DHCP clients switch(config)#dhcpserver gateway 192.168.1.
Command Level security telnet G security ip G [Index(1..10)] [IP Address] show security P no security no security http no security telnet G G G Description server Enables IP security of telnet server Set the IP security list Example Displays IP security information Disables IP security function Disables IP security for HTTP server Disables IP security of telnet server switch#show security switch(config)#security telnet switch(config)#security ip 1.192.168.1.
Command bandwidth type all Level I Description Set interface ingress limit frame type to “accept all frame” bandwidth type I Set interface ingress limit frame type to “accept broadcast, multicast, and flooded unicast frame” broadcast-mul ticastflooded-unicas t bandwidth I type broadcast-mul ticast bandwidth I type broadcast-only bandwidth in [value] I bandwidth out I show bandwidth I state [enable | disable] I show interface configuration I Waters Network Systems Example switch(config)#inte
Command Level show interface status I show interface accounting I no accounting I Description Example interface configuration Displays the actual status of switch(config)#interface the interface fastEthernet 2 h(config-if)#show interface status Displaces statistic counter of switch(config)#interface interface fastEthernet 2 h(config-if)#show interface accounting Clears interface accounting switch(config)#interface information fastEthernet 2 switch(config-if)#no accounting The following table lists
Command Level show aggregator no aggregator lacp [GroupID] no aggregator group [GroupID] P G G Description list separate by a comma (ex.2, 3, 6) Displays the information of trunk group Disable the LACP function of trunk group Example Remove a trunk group switch(config)#no aggregator group 2 switch#show aggregator switch(config)#no aggregator lacp 1 The following table lists the VLAN Commands. Command vlan database vlanmode Level P V Description Enter VLAN configure mode Used to set VLAN mode.
Command name [GroupName] vid [VID] vlan 8021q port [PortNumber] access-link untag [UntaggedVID] vlan 8021q port [PortNumber] trunk-link tag [TaggedVID List] vlan 8021q port [PortNumber] hybrid-link untag [UntaggedVID] tag [TaggedVID List] vlan 8021q trunk [PortNumber] access-link untag [UntaggedVID] vlan 8021q trunk [PortNumber] trunk-link tag [TaggedVID List] vlan 8021q trunk [PortNumber] hybrid-link untag Level Description group. If there is no group, this command can’t be applied.
Command Level [UntaggedVID] tag [TaggedVID List] show vlan V [GroupID] or show vlan no vlan group V [GroupID] Description Example trunk 3 hybrid-link untag 5 tag 6-8 Show VLAN information switch(vlan)#show vlan 23 Delete port based group ID switch(vlan)#no vlan group 2 The following table lists the Spanning Tree Commands.
Command Level stp-path-cost [1~200000000 ] I stp-pathpriority [Port Priority] I stp-admin-p2p [Auto|True| False] I Description time determines how long each of the listening and learning states last before the port begins forwarding. Use the spanning-tree cost interface configuration command to set the path cost for Spanning Tree Protocol (STP) calculations. In the event of a loop, spanning tree considers the path cost when selecting an interface to place into the forwarding state.
The following table lists the QoS Commands.
Command Level Description mac-addresstable filter hwaddr [MAC] show macaddress-table show macaddress-table static show macaddress-table filter no macaddress-table static hwaddr [MAC] G Configure filter MAC address table. Example able static hwaddr 000012345678 switch(config)#mac-address-tab le filter hwaddr 000012348678 P Display MAC address table (all) switch#show mac-address-table P Display static MAC address table switch#show mac-address-table static P Display filter MAC address table.
Command strings [Community] right [RO/RW] snmp-server host [IP address] community [Communitystring] trap-version [v1|v2c] snmpv3 context-name [Context Name ] snmpv3 user [User Name] group [Group Name] password [Authentication Password] [Privacy Password] snmpv3 access context-name [Context Name ] group [Group Name ] security-level [NoAuthNoPriv|A uthNoPriv| AuthPriv] match-rule [Exact|Prifix] views [Read View Name] [Write View Name] [Notify View Name] snmpv3 mibview view [View Name] type [Excluded| Level
Command Included] sub-oid [OID] show snmp no snmp communitystrings [Community] no snmp-server host [Host-address] no snmp-server host [Host-address] no snmpv3 user [User Name] no snmpv3 access context-name [Context Name ] group [Group Name ] security-level [NoAuthNo Priv|AuthNoPriv| AuthPriv] match-rule [Exact|Prifix] views [Read View Name] [Write View Name] [Notify View Name] no snmpv3 mibview view [View Name] type [Excluded| Included] sub-oid [OID] Level Description P G Displays the SNMP configuration
Command monitor rx Level G monitor tx G show monitor monitor [RX|TX|Both] P I show monitor I no monitor I Waters Network Systems Description Set RX destination port for monitor function Set TX destination port for monitor function Displays port monitor information Configure source port for monitor function Example switch(config)#monitor rx switch(config)#monitor tx switch#show monitor switch(config)#interface fastEthernet 2 switch(config-if)#monitor RX Displays port monitor information switch(c
The following table lists the commands for the 802.1x Security functions. Command 8021x enable Level G Description The 802.1x global configuration command is used to enable 802.1x protocols. The 802.1x system radius IP global configuration command is used to change the radius server IP. The 802.1x system server port global configuration command is used to change the radius server port The 802.1x system account port global configuration command is used to change the accounting port The 802.
Command 8021x misc reauthperiod [sec.] Level G Description The 802.1x misc reauth period global configuration command is used to set the reauth period. Example switch(config)# 8021x misc reauthperiod 3000 8021x portstate [disable | reject | accept | authorize] I The 802.1x port state interface configuration command is used to set the state of the selected port.
The following table lists the SystemLog, SMTP and Events Commands. Command systemlog ip [IP address] Level G Description Set IP address of system log server Example switch(config)#systemlog ip 192.168.1.
Command event smtp [Link-UP|LinkDown|Both] Level I Description Set port event for SMTP Example switch(config)#interface fastethernet 3 switch(config-if)#event smtp both switch#show event switch(config)#no event device-cold-start switch(config)#no event authentication-failure show event no event device-cold- start no event authenticationfailure no event X -ring-topologychange no event systemlog P G Display event selection Disable cold start event type G Disable authentication failure event type G D
Command Level show sntp show sntp timezone no sntp no sntp daylight P P G G Description to obtain more information of the index number Displays SNTP information Displays index number of time zone list Disable SNTP function Disable daylight savings time Example switch#show sntp switch#show sntp timezone switch(config)#no sntp switch(config)#no sntp daylight The following table lists the X-Ring Commands.
7.0 Troubleshooting All Waters’ switching products are designed to provide reliability and consistently high performance in all network environments. The installation of Waters’ MS1008-2G-4POE/PSX1008-2G-4PoE switch is a straightforward procedure (See Sections 3-5). Should problems develop during installation or operation, this section is intended to help locate, identify and correct these types of problems. suggestions listed below prior to contacting your supplier.
800.328.2275 or email carolynl@watersnet.com for assistance. When Calling for Assistance Please be prepared to provide the following information. 1. A complete description of the problem, including the following: a. The nature and duration of the problem b. Situations when the problem occurs c. The components involved in the problem d. Any particular application that, when used, appears to create the problem 2. An accurate list of Waters Network Systems product model(s) involved.
repair products that are under warranty at no charge, and will return the warranty-repaired units to the sender with shipping charges prepaid (see Warranty Information at the end of this manual for complete details). However, if Waters cannot duplicate the problem or condition causing the return, the unit will be returned as: No Problem Found. Waters Network Systems reserves the right to charge for the testing of non-defective units under warranty.
8.0 Warranty Waters Network Systems’ Warranty Statement Waters Network Systems’ products are warranted against defects in materials and workmanship. The warranty period for each product will be provided upon request at the time of purchase. Unless otherwise stated, the warranty period is for the useable life of the product.
delivery chosen by Waters Network Systems. A product’s lifetime ends when service and repair for the product can no longer be obtained from the original manufacturer or its direct successor or assignee.
PRICE. IN NO EVENT SHALL WATERS NETWORK SYSTEMS BE LIABLE FOR THE COST OF PROCUREMENT OF SUBSTITUTE GOODS BY THE CUSTOMER OR FOR ANY CONSEQENTIAL OR INCIDENTAL DAMAGES FOR BREACH OR WARRANTY. SOFTWARE: WATERS WARRANTS THAT THE SOFTWARE PROGRAMS LICENSED FROM IT WILL PERFORM IN SUBSTANTIAL CONFORMANCE TO THE PROGRAM SPECIFICATIONS THEREFORE FOR A PERIOD OF NINETY (90) DAYS FROM THE DATE OF SHIPMENT FROM WATERS OR ITS AUTHORIZED SALES AGENT.
REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. WATERS NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS.
Fax Number: Waters Network Systems 952.831.
