Page 1 User’s Manual of WGSW-24020/WGSW-48040 User's Manual WGSW-24020 WGSW-48040 24/48-Port 10/100/1000Mbps with 2/4 Shared SFP Managed Ethernet Switch...
Page 2: Fcc Warning
User’s Manual of WGSW-24020/WGSW-48040 Trademarks Copyright © PLANET Technology Corp. 2007. Contents subject to which revision without prior notice. PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners. Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications, and makes no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose.
Page 3: Table Of Contents
User’s Manual of WGSW-24020/WGSW-48040 TABLE OF CONTENTS 1. INTRODUCTION ..................................14 1.1 Packet Contents ................................14 1.2 How to Use This Manual..............................14 1.3 Product Feature ................................15 1.4 Product Specification ..............................16 2. INSTALLATION..................................18 2.1 Product Description ...............................18 2.1.1 Product Overview ..............................18 2.1.2 Switch Front Panel ..............................18 2.1.3 LED Indications ..............................19 2.1.4 Switch Rear Panel ...............................19 2.2 Install the Switch................................20...
Page 4 User’s Manual of WGSW-24020/WGSW-48040 4.4.4 GVRP ..................................45 4.5 Statistics ..................................46 4.5.1 RMON Statisti ..............................46 4.5.2 RMON History ..............................47 4.5.3 RMON Alarm ...............................49 4.5.4 RMON Events..............................51 4.5.5 Port Utilization ..............................52 4.5.6 802.1x Statistics..............................53 4.5.7 GVRP Statistics ..............................54 4.6 ACL....................................57 4.6.1 IP Based ACL ..............................57 4.6.2 IP Based ACL Configure Sample.........................60 4.6.3 MAC Based ACL..............................63 4.6.4 MAC Based ACL Configure Sample ........................65...
Page 5 User’s Manual of WGSW-24020/WGSW-48040 4.10.3 Bridge Multicast Forward All ..........................117 4.11 SNMP..................................118 4.11.1 Global Parameters ............................118 4.11.2 Views ................................119 4.11.3 Group Profile..............................120 4.11.4 Group Membership ............................121 4.11.5 Communities ..............................123 4.11.6 Notification Filter ..............................125 4.11.7 Notification Recipient ............................126 4.12 Admin..................................128 4.12.1 User Authentication ............................128 4.12.2 Static Address ..............................129...
Page 6 User’s Manual of WGSW-24020/WGSW-48040 5.3.10 username.................................157 5.3.11 show users accounts ............................158 5.4 Address Table Commands ............................158 5.4.1 bridge address..............................158 5.4.2 bridge multicast filtering .............................159 5.4.3 bridge multicast address............................160 5.4.4 bridge multicast forbidden address ........................161 3.4.5 bridge multicast forward-unregistered .......................162 5.4.6 bridge multicast forbidden forward-unregistered....................162 5.4.7 bridge multicast forward-all..........................163 5.4.8 bridge multicast forbidden forward-all ........................164 5.4.9 bridge aging-time...............................165...
Page 7 User’s Manual of WGSW-24020/WGSW-48040 5.6.1 copy ...................................185 5.6.2 show startup-config............................188 5.7 Ethernet Configuration Commands..........................190 5.7.1 interface ethernet...............................190 5.7.2 interface range ethernet.............................190 5.7.3 shutdown ................................191 5.7.4 description .................................192 5.7.5 speed.................................192 5.7.6 duplex ................................193 5.7.7 negotiation .................................194 5.7.8 flowcontrol .................................194 5.7.9 mdix ...................................195 5.7.10 back-pressure..............................196 5.7.11 port jumbo-frame..............................196 5.7.12 clear counters ..............................197...
Page 8 User’s Manual of WGSW-24020/WGSW-48040 5.9.6 ip igmp snooping leave-time-out........................217 5.9.7 show ip igmp snooping mrouter.........................217 5.9.8 show ip igmp snooping interface ........................218 5.9.9 show ip igmp snooping groups ..........................219 5.10 IP Addressing Commands ............................220 5.10.1 ip address ................................220 5.10.2 ip address dhcp ...............................220 5.10.3 ip default-gateway ............................221 5.10.4 show ip interface..............................222 5.10.5 arp ...................................223...
Page 9 User’s Manual of WGSW-24020/WGSW-48040 5.15.4 show interfaces port-channel...........................242 5.16 Port Monitor Commands ............................243 5.16.1 port monitor ..............................243 5.16.2 show ports monitor ............................244 5.17 QoS Commands ................................246 5.17.1 qos...................................246 5.17.2 show qos .................................246 5.17.3 wrr-queue cos-map............................247 5.17.4 wrr-queue bandwidth ............................248 5.17.5 priority-queue out num-of-queues........................249 5.17.6 show qos interface............................249 5.17.7 qos map dscp-queue ............................252 5.17.8 qos trust (Global) .............................253...
Page 10 User’s Manual of WGSW-24020/WGSW-48040 5.20.3 snmp-server location ............................279 5.20.4 snmp-server enable traps ..........................279 5.20.5 snmp-server trap authentication ........................280 5.20.6 snmp-server host .............................280 5.20.7 snmp-server set ...............................281 5.20.8 show snmp ..............................282 5.21 Spanning-Tree Commands ............................284 5.21.1 spanning-tree..............................284 5.21.2 spanning-tree mode............................284 5.21.3 spanning-tree forward-time..........................285 5.21.4 spanning-tree hello-time ..........................285 5.21.5 spanning-tree max-age............................286 5.21.6 spanning-tree priority ............................287...
Page 11 User’s Manual of WGSW-24020/WGSW-48040 5.23.7 show users ..............................310 5.23.8 show sessions ..............................311 5.23.9 show system..............................312 5.23.10 show version..............................313 5.24 Syslog Commands..............................313 5.24.1 logging on ................................313 5.24.2 logging ................................314 5.24.3 logging console..............................315 5.24.4 logging buffered ...............................316 5.24.5 logging buffered size............................316 5.24.6 clear logging ..............................317 5.24.7 logging file ...............................317 5.24.8 clear logging file...............................318...
Page 12 User’s Manual of WGSW-24020/WGSW-48040 5.27.5 interface range vlan ............................335 5.27.6 name................................336 5.27.7 switchport mode ..............................336 5.27.8 switchport access vlan.............................337 5.27.9 switchport trunk allowed vlan...........................338 5.27.10 switchport trunk native vlan ...........................339 5.27.11 switchport general allowed vlan ........................339 5.27.12 switchport general pvid ..........................340 5.27.13 switchport general ingress-filtering disable ....................341 5.27.14 switchport general acceptable-frame-type taggedonly...................341 5.27.15 switchport forbidden vlan ..........................342...
Page 13 User’s Manual of WGSW-24020/WGSW-48040 5.29.15 dot1x auth-not-req ............................364 5.29.16 dot1x multiple-hosts............................365 5.29.17 dot1x single-host-violation ..........................366 5.29.18 show dot1x advanced ............................366 TROUBLE SHOOTING................................368 APPENDEX A ...................................369 A.1 Switch's RJ-45 Pin Assignments ..........................369 A.2 RJ-45 cable pin assignment ............................369 A.3 Available Modules ...............................371 -13-...
Page 14: Introduction
User’s Manual of WGSW-24020/WGSW-48040 1. INTRODUCTION Thank you for purchasing PLANET WGSW Gigabit Managed Switch- WGSW-24020 and WGSW-48040. In the following section, the term “Switch” means the two Switches, i.e. WGSW-24020 and WGSW-48040; term of “switch” can be any third part switches.
Page 15: Product Feature
User’s Manual of WGSW-24020/WGSW-48040 1.3 Product Feature Physical Port WGSW-24020 24-Port 10/100/1000Base-T RJ-45 2 SFP slots, shared with Port#12 and Port#24 Console interface for Switch basic management and setup WGSW-48040 48-Port 10/100/1000Base-T RJ-45 4 SFP slots, shared with Port#23, Port#24, Port#47 and Port#48 Console interface for Switch basic management and setup Layer 2 Features Complies with the IEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3z Gigabit Ethernet standard...
Page 16: Product Specification
User’s Manual of WGSW-24020/WGSW-48040 Management WEB-Based, Telnet, Console Command Line management SSH( Secure Shell), SSL Access through SNMPv1, v2c and v3 security set and gets requests. Four groups (history, statistics, alarms, and events) of embedded remote monitoring (RMON) agents for network monitoring and traffic analysis Built-in Trivial File Transfer Protocol (TFTP) client Virtual Cable Test (VCT) technology provides the mechanism to detect and report potential cabling issues, such as...
Page 17 User’s Manual of WGSW-24020/WGSW-48040 Supports 8 groups of 8-Port trunk support, IEEE 802.3ad LACP Link Aggregation Traffic classification based on Port Number, 802.1p priority and DS/TOS field in IP Packet Allow to be disabled or enable. Supports IGMP Snooping v1 and v2 IGMP Snooping RFC-1213 MIB-2 RFC-2863 Interface MIB...
Page 18: Installation
User’s Manual of WGSW-24020/WGSW-48040 2. INSTALLATION This section describes the functionalities of the Switch's components and guides how to install it on the desktop or shelf. Basic knowledge of networking is assumed. Please read this chapter completely before continuing. 2.1 Product Description The PLANET WGSW-24020/WGSW-48040 is a 24/48-Port 10/100/1000Mbps with 2/4 shared SFP interfaces Gigabit Ethernet Switch.
Page 19: Led Indications
User’s Manual of WGSW-24020/WGSW-48040 2.1.3 LED Indications 2.1.3.1 WGSW-24020 LED Indications ■ System Color Function Lights to indicate that the Switch has power. Green ■ Per Per 10/100/1000Base-T RJ-45 port /SFP interfaces ( Shared with 10/100/1000Base-T Port#12 and Port#24) Color Function Lights to indicate the link through that port is successfully established.
Page 20: Install The Switch
User’s Manual of WGSW-24020/WGSW-48040 Figure 2-4 WGSW-48040 rear panel. Power Notice: The device is a power-required device, it means, it will not work till it is powered. If your networks should active all the time, please consider using UPS (Uninterrupted Power Supply) for your device. It will prevent you from network data loss or network downtime.
Page 21: Rack Mounting
User’s Manual of WGSW-24020/WGSW-48040 2.2.2 Rack Mounting To install the Switch in a 19-inch standard rack, please follows the instructions described below. Step1: Place the Switch on a hard flat surface, with the front panel positioned towards the front side. Step2: Attach the rack-mount bracket to each side of the Switch with supplied screws attached to the package.
Page 22: Installing The Sfp Transceiver
User’s Manual of WGSW-24020/WGSW-48040 Step6: Proceeds with the steps 4 and steps 5 of session 2.2.1 Desktop Installation to connect the network cabling and supply power to the Switch. 2.2.3 Installing the SFP transceiver The sections describe how to insert an SFP transceiver into an SFP slot. The SFP transceivers are hot-pluggabe and hot-swappable.
Page 23 User’s Manual of WGSW-24020/WGSW-48040 Connect the fiber cable Attach the duplex LC connector on the network cable into the SFP transceiver. Connect the other end of the cable to a device – switches with SFP installed, fiber NIC on a workstation or a Media Converter.
Page 24: Configuration
User’s Manual of WGSW-24020/WGSW-48040 3. CONFIGURATION This chapter explains the methods that you can use to configure management access to the Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (work-station or personal computer) and the system.
Page 25: Administration Console
User’s Manual of WGSW-24020/WGSW-48040 3.1.1 Administration Console The administration console is an internal, character-oriented, and command line user interface for performing system administration such as displaying statistics or changing option settings. Using this method, you can view the administration console from a terminal, personal computer, Apple Macintosh, or workstation connected to the switch's console (serial) port. There are two ways to use this management method: via direct access or modem port access.
Page 26: Snmp-Based Network Management
User’s Manual of WGSW-24020/WGSW-48040 3.3 SNMP-Based Network Management You can use an external SNMP-based application to configure and manage the Switch. This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string. This management method, in fact, uses two community strings: the get community string and the set community string.
Page 27: Web Configuration
User’s Manual of WGSW-24020/WGSW-48040 4. Web Configuration The WGSW-24020/WGSW-48040 can be configured through an Ethernet connection, make sure the manager PC must be set on same the IP subnet address with the switch. For example, if you have changed the default IP address of the Switch to 192.168.1.1 with subnet mask 255.255.255.0 via console, then the manager PC should be set at 192.168.1.x (where x is a number between 1 and 253) with subnet mask 255.255.255.0.
Page 28 User’s Manual of WGSW-24020/WGSW-48040 Figure 4-2 Switch Web Login screen After entering the username and password, the main screen appears as Figure 4-3. Figure 4-3 Switch Web Main Screen Now, you can use the Web management interface to continue the Switch management or manage the Switch by console interface.
Page 29: Main Screen
User’s Manual of WGSW-24020/WGSW-48040 4.1 Main Screen The Switch provide Web-based browser interface for configuring and managing the Switch. This interface allows you to access the Switch using the Web browser of your choice. This chapter describes how to use the Switch’s Web browser interface to configure and manage the Switch.
Page 30: Setup
User’s Manual of WGSW-24020/WGSW-48040 Multicast SNMP Admin 4.2 Setup The Setup menus include the tree sub-menus: Summary Network Settings Time 4.2.1 Summary The summary screen provides Device and System Information about the Switch. Figure 4-6 Switch System Summary screen The page contains the following informations: Device Information Display the system name.
Page 31 User’s Manual of WGSW-24020/WGSW-48040 Show the IP Address mode of the system – By Static or Dynamic (DHCP). Address Mode Display the MAC address of the Switch. Base MAC Address System Information The unique box serial number for this Switch. Serial Number The product name of this Switch.
Page 32: Network Settings
User’s Manual of WGSW-24020/WGSW-48040 4.2.2 Network Settings The Basic Setup Table include the Network Settings (see figure 4-7), which allows you to assign DHCP or static IP settings to interfaces and assign default gateways. In the Networking Setting screen, you can set these parts as below: Figure 4-7 Switch Network Setting screen The page includes the following fields: Identification:...
Page 33: Time
User’s Manual of WGSW-24020/WGSW-48040 Allow to input the IP subnet mask address, the factory default value is 255.255.255.0 Subnet Mask Allow to input the default gateway address, the factory default value is 0.0.0.0 Deafault Gateway Allow to input the IP Address for the DNS Server. The Domain Name System (DNS) DNS Server converts user-defined domain names into IP addresses.
Page 34 User’s Manual of WGSW-24020/WGSW-48040 Hours / Minuntes / Seconds Defines the system time. The field format is HH:MM:SS, for example, 21:15:03. Defines the system date. The field format is Day:Month:Year, for example, 04 May Month / Day / Year 2007. The difference between Greenwich Mean Time (GMT) and local time.
Page 35 User’s Manual of WGSW-24020/WGSW-48040 range is Jan.-Dec. • Time -- The time at which DST begins every year. The field format is Hour:Minute, for example, 02:10. Defines the recurring time that DST ends each year. For example, DST ends locally every fourth Friday in October at 5:00 am.
Page 36: Port Configuration
User’s Manual of WGSW-24020/WGSW-48040 4.3 Port Configuration In this field, you can see these parts, such as port settings, Link aggregation, LACP. 4.3.1 Port settings To use the port settings screen for setting up each of the switch’s ports. It shows these parts: port, description, admin status, link status, speed, duplex, MDI/MDIX, Flow control, type, LAG, PVE (see Figure 4-9): Figure 4-9 Switch Port Settings screen The Port Settings screen contains the following fields:...
Page 37 User’s Manual of WGSW-24020/WGSW-48040 Shows the port type. Type Shows whether the port is part of a LAG. It bypasses the Forwarding Database and forwards all unicast, multicast, and broadcast traffic to an uplink when a port is a Private VLAN Edge (PVE) port, Uplinks can be ports or LAGs.
Page 38: Link Aggregation
User’s Manual of WGSW-24020/WGSW-48040 This indicates the port is active or not. Operational Status Change the speed of each port. Admin Speed Display current speed of each port. Current Port Speed Change the duplex mode of each port. Admin Duplex Display current duplex mode of each port.
Page 39 User’s Manual of WGSW-24020/WGSW-48040 Figure 4-11 Switch Link Aggregation screen The Link Aggregation page contains the following fields: Indicates the number of the LAG interface. Up to eight LAG interfaces can be configured. Indicates the description of the LAG ports. Description Up indicates that the port is available and down shows administrator has taken the port offline.
Page 40: Lacp
User’s Manual of WGSW-24020/WGSW-48040 appears as follow: Figure 4-12 Switch per Link Aggregation screen 4.3.3 LACP Aggregated Links can be manually setup or automatically established on the relevant links by enabling Link Aggregation Control Protocol (LACP). Aggregate ports can be linked into link-aggregation port-groups. Each group is comprised of ports with the same speed, set to full-duplex operation, the LACP screen contains fields for configuring LACP LAGs (see figure 4-13).
Page 41: Vlan Configuration
User’s Manual of WGSW-24020/WGSW-48040 LACP System Priority Indicates the global LACP priority value. The possible range is 1- 65535 and the default value is 1. Set the port number which need to timeout and the priority values are assigned. Port Where set the LACP priority value for the port and the field range is 1-65535.
Page 42: Create Vlan
User’s Manual of WGSW-24020/WGSW-48040 4.4.1 Create VLAN In this table, the information and global parameters for configuring and working with VLAN s will be provided (see figure 4-14). Figure 4-14 Switch Create VLAN screen The page contains the following fields: Single VLAN You can configure the ID number of the VLAN by this item.
Page 43: Port Setting
User’s Manual of WGSW-24020/WGSW-48040 4.4.2 Port setting In this port setting screen (refer to figure 4-15), the parameters managing ports that are part of a VLAN will be provided, and you can set the default VLAN ID (PVID). All untagged packets arriving to the device are tagged by the ports PVID. Figure 4-15 VLAN Port Setting screen The page contains the following fields: Displays the port number included in the VLAN.
Page 44: Ports To Vlan
User’s Manual of WGSW-24020/WGSW-48040 Port Mode VLAN Membership Frame Leave Untagged Belongs to a single untagged VLAN Access ( Tag=PVID be removed) Allowed to belongs to multiple untagged VLANs at Untagged General the same time (Tag=PVID be removed) Allowed to belongs to multiple Tagged VLANs at Tagged Trunk the same time...
Page 45: Gvrp
User’s Manual of WGSW-24020/WGSW-48040 4.4.4 GVRP GARP VLAN Registration Protocol (GVRP) is specifically provided for automatic distribution of VLAN membership information among VLAN-aware bridges. GVRP allows VLAN-aware bridges to automatically learn VLANs to bridge ports mapping, without having to individually configure each bridge and register VLAN membership. The Global System LAG information displays the same field information as the ports, but represents the LAG GVRP information.
Page 46: Statistics
User’s Manual of WGSW-24020/WGSW-48040 4.5 Statistics The Statistic of the switch, this field includes these parts as below: 4.5.1 RMON Statistics The RMON Statistics screen (refer to figure 4-18) contains fields for viewing information about device utilization and errors that occurred on the device.
Page 47: Rmon History
User’s Manual of WGSW-24020/WGSW-48040 Indicates the number of fragments (packets with less than 64 octets, excluding framing Fragments bits, but including FCS octets) received on the interface since the device was last refreshed. Indicates the total number of received packets that were longer than 1518 octets. This Jabbers number excludes frame bits, but includes FCS octets that had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with...
Page 48 User’s Manual of WGSW-24020/WGSW-48040 RMON History • Source Interface Displays the interface from which the history samples were taken. The possible field values are: Port, specifies the port from which the RMON information was taken. LAG, specifies the port from which the RMON information was taken. •...
Page 49: Rmon Alarm
User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Indicates the sample number from which the statistics were taken. Sample No Displays the number of octets received on the interface since the device was last Received Bytes (Octets) refreshed. This number includes bad packets and FCS octets, but excludes framing bits. Displays the number of packets received on the interface since the device was last Received Packets refreshed, including bad packets, Multicast and Broadcast packets.
Page 50 User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Indicates a specific alarm. Alarm Entry Displays the interface for which RMON statistics are displayed. The possible field Source Interface values are: • Port, displays the selected port of the RMON statistics. •...
Page 51: Rmon Events
User’s Manual of WGSW-24020/WGSW-48040 4.5.4 RMON Events The RMON Events screen (see figure 4-22) contains fields for defining RMON events. Figure 4-22 RMON Event screen The page contains the following fields: Add Event: Displays the event. Event Entry where displays the community to which the event belongs. Community Displays the user-defined event description.
Page 52: Port Utilization
User’s Manual of WGSW-24020/WGSW-48040 Press the button to display the log store in the flash. Only the Event type is Log or Log and Trap, then the RMON Event Log entries appear. The screen in Figure 4-23 appears. Figure 4-23 RMON Event Log Screen 4.5.5 Port Utilization The Port Utilization screen (see figure 4-24) indicates the amount of resources each interface is currently consuming.
Page 53: Statistics
User’s Manual of WGSW-24020/WGSW-48040 The page includes the following fields: Indicates the amount of time that passes before the port utilization statistics are Refresh Rate refreshed. The possible field values are: • No Refresh - indicates that the statistics are not refreshed. •...
Page 54: Gvrp Statistics
User’s Manual of WGSW-24020/WGSW-48040 The page includes the following fields: Port Indicates the port, which is polled for statistics. Refresh Rate Indicates the amount of time that passes before the EAP statistics are refreshed. The possible field values are: • No Refresh, indicates that the EAP statistics are not refreshed. •...
Page 55 User’s Manual of WGSW-24020/WGSW-48040 The following fields are relevant for both tables: Specifies the interface type for which the statistics are displayed. Interface • Port, indicates port statistics are displayed. • LAG, indicates LAG statistics are displayed. Indicates the amount of time that passes before the GVRP statistics are refreshed. Refresh Rate The possible field values are: •...
Page 56 User’s Manual of WGSW-24020/WGSW-48040 -56-...
Page 57: Acl
User’s Manual of WGSW-24020/WGSW-48040 4.6 ACL An ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match. On this menu the interfaces to which an ACL applies must be specified, as well as whether it applies to inbound or outbound traffic.
Page 58 User’s Manual of WGSW-24020/WGSW-48040 The Page contains the following fields: ACL Name Displays the user-defined IP based ACLs. New ACL Name Defines a new user-defined IP based ACL. Delete ACL By which deletes the selected ACL. Action Indicates the action assigned to the packet matching the ACL. Packets are forwarded or dropped.
Page 59 User’s Manual of WGSW-24020/WGSW-48040 filtering process. The TCP Flags that can be selected are: • Urg, indicates the packet is urgent. • Ack, indicates the packet is acknowledged. • Psh, indicates the packet is pushed. • Rst, indicates the connection is dropped. •...
Page 60: Ip Based Acl Configure Sample
User’s Manual of WGSW-24020/WGSW-48040 4.6.2 IP Based ACL Configure Sample This section shows how to build a IP Based ACL and apply to specify interface. ■ Sample Case: Deny IP packets to specific Class C network Purpose: Verify a positive and negative matches to network IP address with a Class C (24 bit mask) , no matter the rule defined as permit or deny.
Page 61 User’s Manual of WGSW-24020/WGSW-48040 Stream Target Protocol Source Address Destination Address 172.16.0.0 / 255.255.255.0 The procedure as following ■ Create Deny ACL and add to list. [DENY Rule]: Choose “New ACL Name”, then key in “Deny-IP Destination A”. Choose “Action”—“Deny”. (The ACL Name can de entered with other policy name).
Page 62 User’s Manual of WGSW-24020/WGSW-48040 ■ Create Permit ACL and add to list [Permit Rule]: Within the same ACL “Deny-IP Destination A”, choose “Action”—“Permit”. [Permit Rule]: Keep the “Source IP Address” and “Wild Card Mask” be blanked. [Permit Rule]: Keep the “Destination IP Address” and “Wild Card Mask” be blanked. After click “Add to List"...
Page 63: Mac Based Acl
User’s Manual of WGSW-24020/WGSW-48040 4.6.3 MAC Based ACL The MAC Based ACL screen (see figure 4-28) allows a MAC based ACL to be defined. ACEs can be added only if the ACL is not bound to an interface. Figure 4-28 MAC-Base ACL screen -63-...
Page 64 User’s Manual of WGSW-24020/WGSW-48040 The Page contains the following fields: ACL Name Displays the user-defined MAC based ACLs New ACL Name Specifies a new user-defined MAC based ACL name. Delete ACL By which deletes the selected ACL Action Indicates the ACL forwarding action. Possible field values are: •...
Page 65: Mac Based Acl Configure Sample
User’s Manual of WGSW-24020/WGSW-48040 4.6.4 MAC Based ACL Configure Sample This chapter will teah you how to configure a MAC based ACL in the Switch. ■ Sample Case: Deny IP packets to specific Class C network Purpose: When the workstation with IP address 192.168.99.188 and MAC address 00-11-08-57-E0-1E ping to PC with IP address 192.168.99.57 and MAC address 00-30-4F-1D-9F-DE, use MAC based ACL function from ACL to deny or shutdown and permit the traffic transmit ability of notebook that connect to port 8 of Switch.
Page 66 User’s Manual of WGSW-24020/WGSW-48040 To defined "Permit", "Deny" or "Shutdown" from Action item. [Deny Rule]: Input Source MAC Address "00:11:08:57:E0:1E" with Wild Card Mask "00:00:00:00:00:00". [Deny Rule]: Enter Dest. Mac Address "00:30:4F:1D:9F:DE" with Wild Card Mask “00:00:00:00:00:00". [Deny Rule]:Input the VLAN ID and default VLAN ID is 1. Press "Add to List"...
Page 67 User’s Manual of WGSW-24020/WGSW-48040 Please press "Save Config" to save current setting. ■ Binding the MAC ACL to specify interface Select “Security” \”ACL Binding” in the Menu bar. Choose Port “g2” from Interface item. Choose “MAC Based ACL”, select ACL name with “Deny-MAC A” – that we had been created at step-1. Click “Add to List"...
Page 68 User’s Manual of WGSW-24020/WGSW-48040 Please press "Save Config" to save current setting. If action "shutdown" is selected, the port will be force disabled Notice: -68-...
Page 69: Security
User’s Manual of WGSW-24020/WGSW-48040 4.7 Security This section is to control the security access of the Switch, includes the user access and management control. The Security function contains links to the following topics: • ACL Binding • RADIUS • TACACS+ •...
Page 70: Radius
User’s Manual of WGSW-24020/WGSW-48040 The Page contains the following fields: Indicates the interface to which the ACL is bound. The selection includes: Interface • Port, indicates port to apply the ACL • LAG, indicates LAG to apply the ACL Indicates the ACL which is bound to the interface. The selection includes: ACL Name •...
Page 71 User’s Manual of WGSW-24020/WGSW-48040 The Page contains the following fields: The Authentication Server IP address. IP Address Displays the server priority. The possible values are 0-65535, where 1 is the Priority highest value. The RADIUS Server priority is used to configure the server query order.
Page 72: Tacacs
User’s Manual of WGSW-24020/WGSW-48040 4.7.3 TACACS+ The device provides Terminal Access Controller Access Control System (TACACS+) client support. TACACS+ provides centralized security for validation of users accessing the device. TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. The TACACS+ protocol ensures network integrity through encrypted protocol exchanges between the device and TACACS+ server.
Page 73: Settings
User’s Manual of WGSW-24020/WGSW-48040 4.7.4 802.1x settings Understanding IEEE 802.1X Port-Based Authentication The IEEE 802.1X standard defines a client-server-based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports. The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN.
Page 74 User’s Manual of WGSW-24020/WGSW-48040 from the client, verifying that information with the authentication server, and relaying a response to the client. The switch includes the RADIUS client, which is responsible for encapsulating and decapsulating the Extensible Authentication Protocol (EAP) frames and interacting with the authentication server. When the switch receives EAPOL frames and relays them to the authentication server, the Ethernet header is stripped and the remaining EAP frame is re-encapsulated in the RADIUS format.
Page 75 User’s Manual of WGSW-24020/WGSW-48040 Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state. While in this state, the port disallows all ingress and egress traffic except for 802.1X protocol packets. When a client is successfully authenticated, the port transitions to the authorized state, allowing all traffic for the client to flow normally.
Page 76 User’s Manual of WGSW-24020/WGSW-48040 ■ 802.1X Settings of WGSW-Switch Port based authentication enables authenticating system users on a per-port basis via an external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the RADIUS server using the Extensible Authentication Protocol (EAP).
Page 77 User’s Manual of WGSW-24020/WGSW-48040 Setting Timer On this screen, it includes port, re-authentication, resending EAP …. (Refer to figure 4-33) Figure 4-33 Setting Timer parameter screen The Page contains the following fields: Specifies the number of seconds that the switch remains in the quiet state Quiet Period following a failed authentication exchange.
Page 78: Port Security
User’s Manual of WGSW-24020/WGSW-48040 4.7.5 Port Security Work security screen (see figure 4-34) can be increased by limiting access on a specific port only to users with specific MAC addresses. MAC addresses can be dynamically learned or statically configured. Locked port security monitors both received and learned packets that are received on specific ports.
Page 79 User’s Manual of WGSW-24020/WGSW-48040 MAC addresses associated with the port. The port learns up to the maximum addresses allowed on the port. Both relearning and aging MAC addresses are enabled. Max Entries Specifies the number of MAC addresses that can be learned on the port. The Max Entries field is enabled only if Locked is selected in the Interface Status field.
Page 80: Multiple Hosts
User’s Manual of WGSW-24020/WGSW-48040 4.7.6 Multiple Hosts The Multiple Hosts screen (see figure 4-35) allows network managers to configure advanced port-based authentication settings for specific ports and VLANs. Figure 4-35 Multiple Hosts screen The Page contains the following fields: Port Displays the port number for which advanced port-based authentication is enabled.
Page 81: Storm Control
User’s Manual of WGSW-24020/WGSW-48040 Trap Frequency Defines the time period by which traps are sent to the host. The Trap Frequency (1-1000000) field can be defined only if multiple hosts are disabled. The default is 10 seconds. Status Where indicates the host status. 4.7.7 Storm control A BroadcastStorm is a result of an excessive amount of broadcast messages simultaneously transmitted across a network by a single port.
Page 82: Qos
User’s Manual of WGSW-24020/WGSW-48040 • Multicast & Broadcast, counts Broadcast and Multicast traffic together. • Broadcast Only, counts only Broadcast traffic. Where the maximum rate (packets per second) at which unknown packets are Rate Threshold forwarded. The range is 70 -100000. The default value is 3500.
Page 83 User’s Manual of WGSW-24020/WGSW-48040 Figure 4-37 CoS Settings screen The Page contains the following fields: This indicates if QoS is enabled on the interface. The possible values are: CoS Mode • Disable, disables QoS on the interface. • Basic, enables QoS on the interface. •...
Page 84: Queue Setting
User’s Manual of WGSW-24020/WGSW-48040 CoS Default: The Table contains the following fields: Interface to which the CoS configuration applies. Interface Determines the default CoS value for incoming packets for which a VLAN tag is not Default CoS defined. The possible field values are 0-7. The default CoS is 0.
Page 85: Dscp Settings
User’s Manual of WGSW-24020/WGSW-48040 % of WRR Bandwidth Displays the amount of bandwidth assigned to the queue. These values are fixed and are not user- defined. • 6.67% • 13.33% • 26.67% • 53.33% 4.8.3 DSCP Settings The DSCP Settings screen (see figure 4-39) enables mapping DSCP values to specific queues. Figure 4-39 DSCP Settings screen The DSCP Settings screen contains the following fields: Indicates the Differentiated Services Code Point value in the incoming packet.
Page 86: Bandwidth
User’s Manual of WGSW-24020/WGSW-48040 4.8.4 Bandwidth The Bandwidth screen (refer to figure 4-40) allows network managers to define the bandwidth settings for a specified egress interface. Modifying queue scheduling affects the queue settings globally. The Bandwidth screen is not used with the Service mode, as bandwidth settings are based on services.
Page 87: Basic Mode
User’s Manual of WGSW-24020/WGSW-48040 Committed Information Defines CIR as the queue shaping type. Rate (CIR) The possible field value is 64 - 1,000,000 Kbps. 4.8.5 Basic Mode The Basic Mode screen (see figure 4-41) contains the following fields: Figure 4-41 Basic Mode screen The page contains the following fields: Trust Mode Displays the trust mode.
Page 88: Advanced Mode
User’s Manual of WGSW-24020/WGSW-48040 4.8.6 Advanced Mode Advanced QoS mode (see figure 4-42) provides rules for specifying flow classification and assigning rule actions that relate to bandwidth management. The rules are based on the Access Control Lists (see Access Control Tab). Figure 4-42 Advance Mode screen MAC ACLs and IP ACLs can be grouped together in more complex structures, called policies.
Page 89 User’s Manual of WGSW-24020/WGSW-48040 Figure 4-43 Out of Profile DSCP Assignments screen The page contains the following fields: This displays the DSCP In value. The value is form 0-63. DSCP In This displays the current DSCP out value. A new value can be selected from the DSCP Out pull-down menu.
Page 90 User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Defines a new Policy name. Policy Name This button will add the policy to the Policy Name table. Add to List This selects an existing Policy by name. Select Policy Which defines a new Policy name.
Page 91 User’s Manual of WGSW-24020/WGSW-48040 Class Map setting New Class Map, by which the New Class Map button opens the New Class Map screen (see figure 4-45) Figure 4-45 Class Map Settings screen The page contains the following fields: Class Map Name defines a new Class Map name.
Page 92 User’s Manual of WGSW-24020/WGSW-48040 Aggregate Policer, where user-defined aggregate policers. The Aggregate Policer button opens the New Aggregate Policer screen. Aggregate Policer Setting New Aggregate Policer screen (see figure 4-46): Figure 4-46 Aggregate Policer Settings screen The page contains the following fields: Where enter a name in this field.
Page 93: Spanning Tree
User’s Manual of WGSW-24020/WGSW-48040 4.9. Spanning Tree ■ Theory of Spanning Tree Protocol The IEEE 802.1D Spanning Tree Protocol and IEEE 802.1W Rapid Spanning Tree Protocol allow for the blocking of links between switches that form loops within the network. When multiple links between switches are detected, a primary link is established.
Page 94 User’s Manual of WGSW-24020/WGSW-48040 Creating a Stable STP Topology It is to make the root port a fastest link. If all switches have STP enabled with default settings, the switch with the lowest MAC address in the network will become the root switch. By increasing the priority (lowering the priority number) of the best switch, STP can be forced to select the best switch as the root switch.
Page 95 User’s Manual of WGSW-24020/WGSW-48040 Switch Blocking Listening Disable Learning Forwarding STP Port State Transitions You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.
Page 96 User’s Manual of WGSW-24020/WGSW-48040 The following are the user-configurable STP parameters for the switch level: Parameter Description Default Value A combination of the User-set priority and 32768 + MAC Bridge Identifier(Not user the switch’s MAC address. configurable The Bridge Identifier consists of two parts: except by setting priority a 16-bit priority and a 48-bit Ethernet MAC below)
Page 97 User’s Manual of WGSW-24020/WGSW-48040 Default Spanning-Tree Configuration Feature Default Value Enable state STP enabled for all ports Port priority Port cost Bridge Priority 32,768 User-Changeable STA Parameters The Switch’s factory default setting should cover the majority of installations. However, it is advisable to keep the default settings as set at the factory;...
Page 98 User’s Manual of WGSW-24020/WGSW-48040 Port Priority and Port Cost settings is, however, relatively straight forward. LAN 1 Portcast = 19 Port 3 Bridge ID = 15 Port 1 Port 2 Portcast = 4 Portcast = 4 Portcast = 4 Portcast = 4 Port 1 Port 1 Bridge ID = 30...
Page 99: Stp Status
User’s Manual of WGSW-24020/WGSW-48040 ensure that the link between switch B and switch C is the blocked link. ■ Supported Spanning Tree Protocol of WGSD Series Switch Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges. STP also provides one path between end stations on a network, eliminating loops.
Page 100: The Global Stp
User’s Manual of WGSW-24020/WGSW-48040 This indicates the device Maximum Age Time. The Maximum Age Time indicates Root Maximum Age the amount of time in seconds a bridge waits before sending configuration (sec) messages. The default max age is 20 seconds. The range is 6 to 40 seconds. Root Hello Time (sec) This indicates the device Hello Time.
Page 101 User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Global Setting This indicates the STP mode by which STP is enabled on the device. The possible STP Operation Mode field values are: • Classic STP, where enables Classic STP on the device. This is the default value.
Page 102: Stp Port Settings
User’s Manual of WGSW-24020/WGSW-48040 4.9.3 STP Port Settings Network administrators can assign STP settings to specific interfaces using the STP Interface Settings screen (see figure 4-49). The STP Interface Settings page contains the following fields: Figure 4-49 STP Port Settings screen The page contains the following fields: Indicates the port or LAG on which STP is enabled.
Page 103 User’s Manual of WGSW-24020/WGSW-48040 Indicates the port contribution to the root path cost. The path cost is adjusted to a Path Cost higher or lower value, and is used to forward traffic when a path being rerouted. Value Rage : 1-20000000. Default Path Cost - The default path cost of the port is automatically set by the port speed and the default path cost method.
Page 104 User’s Manual of WGSW-24020/WGSW-48040 STP Port status table Figure 4-50 STP Port status screen...
Page 105: Rstp Port Settings
User’s Manual of WGSW-24020/WGSW-48040 4.9.4 RSTP Port settings While the classic spanning tree prevents Layer 2 forwarding loops in a general network topology, convergence can take between 30-60 seconds. This time may delay detecting possible loops, and propagating status topology changes. Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies that allow a faster STP convergence without creating forwarding loops (refer to figure 4-51).
Page 106: Mstp Properties
User’s Manual of WGSW-24020/WGSW-48040 • Rapid STP, which indicates that Rapid STP is enabled on the device. • Multiple STP, which indicates that Multiple STP is enabled on the device. This indicates if Fast Link is enabled or disabled for the port or LAG. If Fast Link is Fast Link enabled for a port, the port is automatically placed in the forwarding state.
Page 107: Mstp Instance Settings
User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Where provides a user-defined STP region name. Region Name Where defines unsigned 16-bit number that identifies the revision of the current Revision MST configuration. The revision number is required as part of the MST configuration.
Page 108 User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Instance Configuration Press the VLAN Instance Configuration button, a new window popup. Assgin selected VLAN to specify MST Instance at the VLAN Instatnce Configuration page. The screen in Figure 4-54 appears. Figure 4-54 MSTP VLAN Instance Configuration screen Defines the VLAN group to which the interface is assigned.
Page 109: Mstp Interface Settings
User’s Manual of WGSW-24020/WGSW-48040 4.9.7 MSTP Interface Settings Network Administrators can assign MSTP Interface settings using the MSTP Interface Settings screen (see figure 4-55). Figure 4-55 MSTP Interfance Settings screen The MSTP Interface Settings screen contains the following fields: Lists the MSTP instances configured on the device. Possible field range is 0-15. Instance ID Indicates the interface for which the MSTP settings are displayed.
Page 110 User’s Manual of WGSW-24020/WGSW-48040 Indicates the port contribution to the Spanning Tree instance. The range should Path Cost always be 1200,000,000. Designated Bridge ID Where indicates that the bridge ID number that connects the link or shared LAN to the root.
Page 111: Multicast
User’s Manual of WGSW-24020/WGSW-48040 4.10 Multicast On this field, included IGMP Snooping, Bridge Multicast, Forward All. About the Internet Group Management Protocol (IGMP) Snooping Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group.
Page 112 User’s Manual of WGSW-24020/WGSW-48040 on the network. The Time-to-Live (TTL) field of query messages is set to 1 so that the queries will not be forwarded to other sub networks. IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN, an explicit leave message, and query messages that are specific to a given group.
Page 113: Igmp Snooping
User’s Manual of WGSW-24020/WGSW-48040 A message sent by a host to the querier to indicate that the host wants to be or is a Report member of a given group indicated in the report message. A message sent by a host to the querier to indicate that the host has quit to be a Leave Group member of a specific multicast group.
Page 114 User’s Manual of WGSW-24020/WGSW-48040 Indicates if IGMP snooping is enabled on the VLAN. IGMP Status Indicates if Auto Learn is enabled on the device. If Auto Learn is enabled, the Auto Learn device automatically learns where other Multicast groups are located. Enables or disables Auto Learn on the Ethernet device.
Page 115: Bridge Multicast
User’s Manual of WGSW-24020/WGSW-48040 4.10.2 Bridge Multicast The Bridge Multicast screen (see figure 4-58) displays the ports and LAGs attached to the Multicast service group in the Ports and LAGs tables. The Port and LAG tables also reflect the manner in which the port or LAGs joined the Multicast group. Ports can be added either to existing groups or to new Multicast service groups.
Page 116 User’s Manual of WGSW-24020/WGSW-48040 Displays LAG that can be added to a Multicast service. The fields are the same for both areas. se the Add to List button when you want to assigns ports to a specific Multicast service address group. Multicast Table Figure 4-59 Bridge Multicast screen Example:...
Page 117: Bridge Multicast Forward All
User’s Manual of WGSW-24020/WGSW-48040 4.10.3 Bridge Multicast Forward All The Bridge Multicast Forward All Screen contains fields for attaching ports or LAGs to a device attached to a neighboring Multicast router/switch. Once IGMP Snooping is enabled, Multicast packets are forwarded to the appropriate port or VLAN. Refer to figure 4-60.
Page 118: Snmp
User’s Manual of WGSW-24020/WGSW-48040 4.11 SNMP Simple Network Management Protocol (SNMP) provides a method for managing network devices. Devices supporting SNMP run a local software (agent). The SNMP agents maintain a list of variables, which are used to manage the device. The variables are defined in the Management Information Base (MIB).
Page 119: Views
User’s Manual of WGSW-24020/WGSW-48040 The default Engine ID is based on the device MAC address. Notification This indicates if the device can send SNMP notifications. SNMP Notifications Authentication Notifications This indicates if SNMP Authentication failure notification is enabled on the device. 4.11.2 Views SNMP Views provide access or block access to device features or feature aspects.
Page 120: Group Profile
User’s Manual of WGSW-24020/WGSW-48040 This indicates if the defined OID branch will be included or excluded in the View Type selected SNMP view. Use the button when you want to add the Views configuration to the Views Table at the bottom of the screen.
Page 121: Group Membership
User’s Manual of WGSW-24020/WGSW-48040 • Authentication, which authenticates SNMP messages, and ensures the SNMP messages original is authenticated. Where encrypts SNMP messages. Privacy Defines the group access rights. The possible field values are: Operation • Read. The management access is restricted to read-only, and changes cannot be made to the assigned SNMP view.
Page 122 User’s Manual of WGSW-24020/WGSW-48040 Contains a list of user-defined SNMP groups. SNMP groups are defined in the Group Name SNMP Group Profile page. Indicates the Authentication method used. The possible field values are: Authentication • None, that no authentication method is used to authenticate the port. Method •...
Page 123: Communities
User’s Manual of WGSW-24020/WGSW-48040 4.11.5 Communities The Communities screen contains three areas: • Communities • Basic Table • Advanced Table The screens in Figure 4-65 and 4-66 sppears Communities Figure 4-65 Communities configuration screen The page contains the following fields: Defines the management station IP address for which the advanced SNMP SNMP Management community is defined.
Page 124 User’s Manual of WGSW-24020/WGSW-48040 Figure 4-66 Communities table screen Base Table The page contains the following fields: Displays the management station IP address for which the basic Management Station SNMP community is defined. Displays the password used to authenticate the management station Community String to the device.
Page 125: Notification Filter
User’s Manual of WGSW-24020/WGSW-48040 4.11.6 Notification Filter The Notification Filter screen (see figure 4-67) permits filtering traps based on OIDs. Each OID is linked to a device feature or a feature aspect. The Notification Filter screen also allows network managers to filter notifications. Figure 4-67 Notification Filter screen The page contains the following fields: This contains a list of user-defined notification filters.
Page 126: Notification Recipient
User’s Manual of WGSW-24020/WGSW-48040 4.11.7 Notification Recipient The Notification Recipient screen (see figure 4-68 and 4-69) contains information for defining filters that determine whether traps are sent to specific users, and the trap type sent. Figure 4-68 Notification Recipient The page contains the following fields: Which indicates the IP address to whom the traps are sent.
Page 127 User’s Manual of WGSW-24020/WGSW-48040 • Authentication, which indicates the packet is authenticated. • Privacy, which indicates the packet is both authenticated and encrypted. Displays the UDP port used to send notifications. UDP Port The default is 162. Indicates if the SNMP filter for which the SNMP Notification filter is Filter Name defined.
Page 128: Admin
User’s Manual of WGSW-24020/WGSW-48040 4.12 Admin The Admin section provides information for devining system parameters including User account and file management, device software. Under Admin the folling topics are provided to devine and view the system informatin: User Authentication Static Address Dynamic Address Logging Port Mirroting...
Page 129: Static Address
User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Defines the user authentication methods. Also you can choose combinations of all Authentication Type the authentication methods. The possible field values are: • Local, authenticates the user at the device level. The device checks the user name and password for authentication.
Page 130 User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Displays the interface to which the entry refers: Interface • Port, to which the specific port number the forwarding database parameters refer. • LAG, to which the specific LAG number the forwarding database parameters refer.
Page 131: Dynamic Address
User’s Manual of WGSW-24020/WGSW-48040 4.12.3 Dynamic Address The Dynamic Address Table contains the MAC addresses learned by monitoring the source address for traffic entering the switch. When the destination address for inbound traffic is found in the database, the packets intended for that address are forwarded directly to the associated port.
Page 132: Logging
User’s Manual of WGSW-24020/WGSW-48040 Specifies the VLAN ID for which the table is queried. VLAN ID Specifies the means by which the Dynamic MAC Address table is sorted by Address Table Sort address, VLAN, or interface. 4.12.4 Logging The System Logs enable viewing device events in real time, and recording the events for later usage. System Logs record and manage events and report errors or informational messages (see figure 4-73).
Page 133: Port Mirroring
User’s Manual of WGSW-24020/WGSW-48040 A system warning has occurred. Warning The system is functioning properly, but system notice has occurred. Notice Provides device information. Informational Provides detailed information about the log. If a Debug error occurs, contact Debug Customer Tech Support. 4.12.5 Port Mirroring Port mirroring monitors and mirrors network traffic by forwarding copies of incoming and outgoing packets from one port to a monitoring port.
Page 134: Cable Test
User’s Manual of WGSW-24020/WGSW-48040 4.12.6 Cable Test The Cable Test screen (see figure 4-75) shows you results from performance tests on copper cables. The maximum cable length that can be tested is 120 meters. Cables are tested when the ports are in the down state, except for the Approximate Cable Length test.
Page 135: Save Configuration
User’s Manual of WGSW-24020/WGSW-48040 4.12.7 Save Configuration On this screen, you can choose two methods to save the configuration: Via TFTP Upgrade and Via HTTP. See figure 4-76 Figure 4-76 Save Configuration via TFTP The page contains the following fields: Via TFTP Select this option to upgrade the switch from a file located on a TFTP Server.
Page 136: Jumbo Frame
User’s Manual of WGSW-24020/WGSW-48040 This is used to backup the configuration to the local hard drive. Backup Type in the name and path of the file or Browse to locate the upgrade file. Source File Use the Proceed button to save configuration via TFTP or HHTP that be selected. 4.12.8 Jumbo Frame On this screen, you can choose the jumbo frame function “disable”...
Page 137 User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: Via TFTP Defines the upgrade through a TFTP Server. Via TFTP Select file type to be upgraded through a TFTP Server. The possible field values File Type are : • Software Image. •...
Page 138: Reboot
User’s Manual of WGSW-24020/WGSW-48040 4.12.10 Reboot The Reboot screen (see figure 4-81) resets the device whose configuration is automatically saved before the device is rebooted. Figure 4-81 Reboot screen There is a known issue. Sometimes after the “Reboot” button be pressed, it costs lot time to Notice: stop the curent tasks.
Page 139 User’s Manual of WGSW-24020/WGSW-48040 Severity Type Severity Description Example Level The system is not functioning. Memories overflow. Emergency The system needs immediate Main system memory Alert attention. pool overflow. The system is in a critical state. Cannot bind to SNMP. Critical A system error has occurred.
Page 140: Memory Logs
User’s Manual of WGSW-24020/WGSW-48040 There are five items, as below: Specifies the server to which logs can be sent. Server Defines the UDP port to which the server logs are sent. The possible range is 1 to UDP Port (1-65535) 65535.
Page 141: Flash Logs
User’s Manual of WGSW-24020/WGSW-48040 The page contains the following fields: The log number in the Log File Table. Log Index Log Time Specifies the time at which the log was entered in the Log File Table. Specifies the log severity. Severity The log message text.
Page 142: Command Structure
User’s Manual of WGSW-24020/WGSW-48040 5. COMMAND STRUCTURE The WGSW-24020/WGSW-48040 is a managed Ethernet Switch that can be controlled by the RS-232 console interface, telnet interface, and Web interface. This chapter describer how to configure the Switch through these interfaces. When you are ready to configure the smart functions of the Switch, make sure you had connected the supplied RS-232 serial cable to the RS-232 port at the front panel of your WGSW-24010 Switch and your PC.
Page 143: Using The Cli
User’s Manual of WGSW-24020/WGSW-48040 5.2 Using the CLI 5.2.1 CLI Command Modes The Command Line Interface (CLI) syntax, conventions and terminology are described in this section. Each CLI command is illustrated using the structure outlined below. Introduction To assist in configuring devices, the CLI command-line interface is divided into different command modes. Each command mode has its own set of specific commands.
Page 144: Global Configuration Mode
User’s Manual of WGSW-24020/WGSW-48040 To return from Privileged mode to User EXEC mode, use the following disable commands. The following example illustrates how to access Privileged mode and return back to the User EXEC mode: console > enable enter Password: * * * * * console # console # disable console >...
Page 145: Starting The Cli
User’s Manual of WGSW-24020/WGSW-48040 Line Interface—Contains commands to configure the management connections. These include commands such as line speed, timeout settings, etc. The Global Configuration mode command line is used to enter the line configuration command mode. VLAN Database—Contains commands to create a VLAN as a whole. The Global Configuration mode command vlan database is used to enter the VLAN Database Interface Configuration mode.
Page 146: Editing Features
User’s Manual of WGSW-24020/WGSW-48040 3. Configure the device and enter the necessary commands to complete the required tasks. 4. When finished, exit the session with the quit or exit command. When a different user is required to log onto the system, in the Privileged EXEC Command mode the login command is entered. This effectively logs off the current user and logs on the new user.
Page 147: Negating The Effect Of Commands
User’s Manual of WGSW-24020/WGSW-48040 Keyword Source or destination Up-arrow key Recalls commands in the history buffer, beginning with the most recent command. Ctrl+P Repeats the key sequence to recall successively older commands. Down-arrow Returns to more recent commands in the history buffer after recalling commands with the up-arrow key.
Page 148: Keyboard Shortcuts
User’s Manual of WGSW-24020/WGSW-48040 Keyboard Shortcuts The CLI has a range of keyboard shortcuts to assist in editing the CLI commands. The following table describes the CLI shortcuts. Keyboard Key Description Up-arrow key Recalls commands in the history buffer, beginning with the most recent command. Repeat the key sequence to recall successively older commands.
Page 149: Aaa Commands
User’s Manual of WGSW-24020/WGSW-48040 Display When a parameter is required to define a range of ports or parameters and all is an option, the default for the command is all when no parameters are defined. For example, the command interface range port-channel has the option of either entering a range of channels, or selecting all.
Page 150: Aaa Authentication Enable
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa authentication login command are used with the login authentication command. Create a list by entering the aaa authentication login list-name method command for a particular protocol, where list-name is any character string used to name this list.
Page 151: Login Authentication
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration If the default list is not set, only the enable password is checked. This has the same effect as the command aaa authentication enable default enable. On the console, the enable password is used if it exists. If no password is set, the process still succeeds. This has the same effect as using the command aaa authentication enable default enable none.
Page 152: Enable Authentication
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines Changing login authentication from default to another value may disconnect the telnet session. Example The following example specifies the default authentication method for a remote Telnet or console. console (config) # line cnsole console (config-line) # login authentication default 5.3.4 enable authentication The enable authentication line configuration command specifies the authentication method list when accessing a higher privilege level from a remote telnet or console.
Page 153: Ip Http Authentication
User’s Manual of WGSW-24020/WGSW-48040 5.3.5 ip http authentication The ip http authentication global configuration mode command specifies authentication methods for http. To return to the default, use the no form of this command. Syntax ip http authentication method1 [method2...] no ip http authentication method1 [method2...] —...
Page 154: Ip Https Authentication
User’s Manual of WGSW-24020/WGSW-48040 5.3.6 ip https authentication The ip https authentication global configuration command specifies authentication methods for https servers. To return to the default, use the no form of this command. Syntax ip https authentication method1 [method2...] no ip https authentication method1 [method2...] —...
Page 155: Show Authentication Methods
User’s Manual of WGSW-24020/WGSW-48040 5.3.7 show authentication methods The authentication methods privilege EXEC command displays information about the authentication methods. Syntax show authentication methods Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the authentication configuration.
Page 156: Password
User’s Manual of WGSW-24020/WGSW-48040 5.3.8 password The password line configuration command specifies a password on a line. To remove the password, use the no form of this command. Syntax password password [encrypted] no password password — Password for this level, from 1 to 159 characters in length. encrypted —...
Page 157: Username
User’s Manual of WGSW-24020/WGSW-48040 Example The following example sets a local level 15 password "abc" to control access to user and privilege levels. console (config-line) # enable password level 15 abc 5.3.10 username The username global configuration command establishes a username-based authentication system. To remove a user name use the no form of this command.
Page 158: Show Users Accounts
User’s Manual of WGSW-24020/WGSW-48040 5.3.11 show users accounts The show users accounts privileged EXEC command displays information about the local user database. Syntax show users accounts Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Page 159: Bridge Multicast Filtering
User’s Manual of WGSW-24020/WGSW-48040 specifying a MAC address deletes all static MAC addresses belonging to this VLAN). Syntax bridge address mac-address {ethernet interface | port-channel port-channel-number} [permanent | delete-onreset | delete-on-timeout | secure] no bridge address [mac-address] mac-address — A valid MAC address. Interface —...
Page 160: Bridge Multicast Address
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration Disabled. All multicast addresses are flooded to all ports of the relevant VLAN. Command Mode Global Configuration mode User Guidelines If multicast routers exist on the VLAN and IGMP-snooping is not enabled, the bridge multicast forward-all command should be used to enable forwarding all multicast packets to the multicast routers.
Page 161: Bridge Multicast Forbidden Address
User’s Manual of WGSW-24020/WGSW-48040 multicast addresses can only be defined on static VLANs. Examples The following example registers the MAC address: console (config)# interface vlan 8 console (config-if)# bridge multicast address 0100.5e02.0203 The following example registers the MAC address and adds ports statically. console (config)# interface vlan 8 console (config-if)# bridge multicast address 0100.5e02.0203 add Ethernet g1-9 5.4.4 bridge multicast forbidden address...
Page 162: Bridge Multicast Forward-Unregistered
User’s Manual of WGSW-24020/WGSW-48040 Examples In this example the MAC address 0100.5e02.0203 is forbidden on port g9 within VLAN 8. console (config)# interface vlan 8 console (config-if)# bridge multicast address 0100.5e02.0203 console (config-if)# bridge multicast forbidden address 0100.5e02.0203 add ethernet e9 3.4.5 bridge multicast forward-unregistered The bridge multicast forward-unregistered interface configuration command enables forwarding unregistered multicast addresses.
Page 163: Bridge Multicast Forward-All
User’s Manual of WGSW-24020/WGSW-48040 Syntax bridge multicast forbidden forward-unregistered {add | remove} {ethernet interface-list | port-channel portchannel- number-list } no bridge multicast forbidden forward-unregistered add — Forbid forwarding unregistered multicast packets. remove — Don’t forbid forwarding unregistered multicast packets. interface-list — Separate nonconsecutive Ethernet ports with a comma and no spaces; use a hyphen to designate a range of ports.
Page 164: Bridge Multicast Forbidden Forward-All
User’s Manual of WGSW-24020/WGSW-48040 port-channel-number-list — Separate non consecutive valid port-channels with a comma and no spaces; a hyphen is used to designate a range of port-channels. Default Configuration Disable forward-all on all ports. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command.
Page 165: Bridge Aging-Time
User’s Manual of WGSW-24020/WGSW-48040 This command prevents a port to be a multicast router port. Example In this example, forwarding all multicast packets to e6 are forbidden. console (config)# interface vlan 2 console (config-if)# bridge multicast forbidden forward-all add ethernet e6 5.4.9 bridge aging-time The bridge aging-time global configuration command sets the address table aging time.
Page 166: Port Security
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example In this example, the bridge tables are cleared. console# clear bridge 5.4.11 port security The port security interface configuration command locks the port. By locking the port, new addresses are not learned on the port.
Page 167: Show Bridge Address-Table
User’s Manual of WGSW-24020/WGSW-48040 port. Use the no form of this command to delete the MAC addresses. Syntax port security routed secure-address mac-address no port security routed secure-address mac-address mac-address — Specify a MAC address. Default Configuration No addresses are defined. Command Mode Interface configuration (Ethernet, port-channel).
Page 168: Show Bridge Address-Table Static
User’s Manual of WGSW-24020/WGSW-48040 Example In this example, all classes of entries in the bridge-forwarding database are displayed. console# show bridge address-table Aging time is 250 sec vlan mac address port type ----- ------------------- ------ -------- 0060.704C.73FF dynamic 0060.708C.73FF dynamic 0010.0D48.37FF static 5.4.14 show bridge address-table static...
Page 169: Show Bridge Address-Table Count
User’s Manual of WGSW-24020/WGSW-48040 5.4.15 show bridge address-table count The show bridge address-table count privileged EXEC command displays the number of addresses present in all VLANs or at a specific VLAN. Syntax show bridge address-table count [vlan vlan] vlan — Specific VLAN. Default Configuration This command has no default configuration.
Page 170: Show Bridge Multicast Filtering
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example In this example, multicast MAC address table information is displayed. console # show bridge multicast address-table Vlan MAC Address Type...
Page 171: Show Ports Security
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example In this example, the multicast configuration for VLAN 1 is displayed. console # show bridge multicast filtering 1 Filtering: Enabled VLAN: 1 Forward-All Port...
Page 172: Clock Commands
User’s Manual of WGSW-24020/WGSW-48040 Port status Learning Action Maximum Trap Frequency ------- -------- ------------- ----------------- --------- -------- --------- Disabled Lock Disabled Lock Disabled Lock Disabled Lock Disabled Lock Disabled Lock Disabled Lock Disabled Lock 5.5 Clock Commands 5.5.1 clock set The clock set privileged EXEC command manually sets the system clock.
Page 173: Clock Source
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example sets the system time to 13:32:00 on the 7th March 2005. console# clock set 13:32:00 7 Mar 2005 5.5.2 clock source The clock source Privileged EXEC command configures an external time source for the system clock.
Page 174: Clock Summer-Time
User’s Manual of WGSW-24020/WGSW-48040 Syntax clock timezone hours-offset [minutes minutes-offset] [zone acronym ] no clock timezone hours-offse t— Hours difference from UTC. (Range: -12 – +13) minutes minutes-offse t— Minutes difference from UTC. (Range: 0 – 59 zone acronym —The acronym of the time zone. (Range: Up to 4 characters) Default Configuration Command Mode Global Configuration mode...
Page 175: Default Configuration
User’s Manual of WGSW-24020/WGSW-48040 week — Week of the month. (Range: 1 - 4, first, last) day — Day of the week (Range: first three letters by name, like sun) date — Date of the month (Range:1 - 31) month — Month (Range: first three letters by name) year —...
Page 176: Sntp Authentication-Key
User’s Manual of WGSW-24020/WGSW-48040 5.5.5 sntp authentication-key The sntp authentication-key global configuration command defines an authentication key for Simple Network Time Protocol (SNTP). To remove the authentication key for SNTP, use the no form of this command. Syntax sntp authentication-key number md5 value no sntp authentication-key number number —...
Page 177: Sntp Trusted-Key
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines The command is relevant for both unicast and broadcast. Examples The following example defines the authentication key for SNTP and grants authentication. cnsole(config)# sntp authentication-key 8 md5 ClkKey console(config)# sntp trusted-key 8 console(config)# sntp authenticate 5.5.7 sntp trusted-key The sntp trusted-key global configuration command authenticates the identity of a system to which Simple Network Time Protocol (SNTP) will synchronize.
Page 178: Sntp Broadcast Client Enable
User’s Manual of WGSW-24020/WGSW-48040 Syntax sntp client poll timer seconds no sntp client poll timer seconds — Polling interval in seconds (Range: 60 - 1024) Default Configuration 1024 Command Mode Global configuration mode User Guidelines There are no user guidelines for this command. Examples The following example sets the polling time for the Simple Network Time Protocol (SNTP) client to 120 seconds.
Page 179: Sntp Anycast Client Enable
User’s Manual of WGSW-24020/WGSW-48040 Console (config)#sntp broadcast client enable 5.5.10 sntp anycast client enable The sntp anycast client enable global configuration command enables anycast client. To disable the polling for SNTP broadcast client, use the no form of this command. Syntax sntp anycast client enable no sntp anycast client enable...
Page 180: Sntp Unicast Client Enable
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Interface configuration (Ethernet, Port-Channel, VLAN) mode User Guidelines Use the sntp client enable global configuration command to enable broadcast clients globally. Use the sntp anycast client enable global configuration command to enable anycast clients globally. Examples The following example enables the SNTP client on the interface.
Page 181: Sntp Server
User’s Manual of WGSW-24020/WGSW-48040 predefined unicast clients. To disable the polling for SNTP client, use the no form of this command. Syntax sntp unicast client poll no sntp unicast client poll This command has no arguments or keywords. Default Configuration Disabled Command Mode Global configuration mode...
Page 182: Show Clock
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration No servers are defined. Command Mode Global Configuration mode User Guidelines Up to 8 sntp servers can be defined. Use the sntp unicast client enables global configuration command to enable predefined unicast clients globally. To enable polling you should also use the sntp unicast client poll global configuration command for global enabling.
Page 183: Show Sntp Configuration
User’s Manual of WGSW-24020/WGSW-48040 5.5.16 show sntp configuration The show sntp configuration Privileged EXEC command shows the configuration of the Simple Network Time Protocol (SNTP), use Syntax show sntp configuration This command has no keywords or arguments. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 184: Show Sntp Status
User’s Manual of WGSW-24020/WGSW-48040 Broadcast Clients Poll: Enabled Broadcast Interfaces: 1/1, 1/3 5.5.17 show sntp status The show sntp status Privileged EXEC command shows the status of the Simple Network Time Protocol (SNTP), Syntax show sntp status This command has no keywords or arguments. Default Configuration This command has no default configuration.
Page 185: Configuration And Image Files
User’s Manual of WGSW-24020/WGSW-48040 176.1.8.179 Secondary AFE21789.643287C9 5.6 Configuration and Image Files 5.6.1 copy The copy privileged EXEC command copies files from a source to a destination. Syntax copy source-url destination-url [snmp] source-url — The source file location URL or reserved keyword being copied. destination-url —...
Page 186 User’s Manual of WGSW-24020/WGSW-48040 Xmodem Source for the file from a serial connection that uses the Xmodem protocol. null Null destination for copies or files. A remote file can be copied to null to determine its size. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 187 User’s Manual of WGSW-24020/WGSW-48040 Character Description For network transfers, an exclamation point indicates that the copy process is taking place. Each exclamation point indicates the successful transfer of ten packets (512 bytes each). For network transfers, a period indicates that the copy process timed out. Many periods in a row typically mean that the copy process may fail.
Page 188: Show Startup-Config
User’s Manual of WGSW-24020/WGSW-48040 Example The following example copies a system image named file1 from the TFTP server with an IP address of 172.16.101.101 to non active image file. Console# copy tftp://172.16.101.101/file1 image Accessing file 'file1' on 172.16.101.101... Loading file1 from 172.16.101.101: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Page 189 User’s Manual of WGSW-24020/WGSW-48040 Console# show startup-config software version 1.1 hostname device interface ethernet 1/1 ip address 176.242.100.100 255.255.255.0 duplex full speed 1000 interface ethernet 1/2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000...
Page 190: Ethernet Configuration Commands
User’s Manual of WGSW-24020/WGSW-48040 5.7 Ethernet Configuration Commands 5.7.1 interface ethernet The interface ethernet global configuration command enters the interface configuration mode to configure an Ethernet type interface. Syntax interface ethernet interface interface — Valid Ethernet port. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines...
Page 191: Shutdown
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines Commands under the interface range context are executed independently on each active interface in the range. If the command returns an error on one of the active interfaces, it does not stop executing commands on other active interfaces. Example The following example shows how ports e1 to e4 and ports g1 to g2 are grouped to receive the same command.
Page 192: Description
User’s Manual of WGSW-24020/WGSW-48040 5.7.4 description The description interface configuration command adds a description to an interface. To remove the description use the no form of this command. Syntax description string no description string—Comment or a description of the port up to 64 characters. Default Configuration By default, the interface does not have a description.
Page 193: Duplex
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines The command "no speed" in port-channel context returns each port in the port-channel to its maximum capability. Before attempting to force a particular duplex mode the port operating at 10/100 Mbps, disable the auto-negotiation on that port. Example The following example configures the speed operation of Ethernet e5 to force 100-Mbps operation.
Page 194: Negotiation
User’s Manual of WGSW-24020/WGSW-48040 5.7.7 negotiation The negotiation interface configuration command enables auto-negotiation operation for the speed and duplex parameters of a given interface. To disable negotiation, use the no form of this command. Syntax negotiation no negotiation Default Configuration auto-negotiation Command Mode Interface Configuration (Ethernet, port-channel, out-of-band Ethernet) mode...
Page 195: Mdix
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration Flow Control is off. Command Mode Interface configuration (Ethernet, port-channel) mode User Guidelines Flow Control will operate only if duplex mode is set to FULL. Back Pressure will operate only if duplex mode is set to HALF. When Flow Control is ON, the head-of-line-blocking mechanism of this port is disabled.
Page 196: Back-Pressure
User’s Manual of WGSW-24020/WGSW-48040 Example In the following example, automatic crossover is enabled on g2. Console(config)# interface ethernet g2 Console(config-if)# mdix auto 5.7.10 back-pressure The back-pressure interface configuration command enables Back Pressure on a given interface. To disable Back Pressure, use the no form of this command.
Page 197: Clear Counters
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration Jumbo Frames are not enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example In the following example, Jumbo Frames are enabled on the device. Console# port jumbo-frame 5.7.12 clear counters The clear counters user EXEC mode command clears statistics on an interface.
Page 198: Show Interfaces Configuration
User’s Manual of WGSW-24020/WGSW-48040 Syntax set interface active {ethernet interface | port-channel port-channel-number} interface — Valid Ethernet port. port-channel-number — Valid port-channel trunk index. Default Configuration This command has no default configuration. Command Mode Privilege EXEC mode User Guidelines There are no user guidelines for this command. Example The following example activates interface e5, which is disabled.
Page 199: Show Interfaces Status
User’s Manual of WGSW-24020/WGSW-48040 Flow Admin Back Mdix Port Type Duplex Speed Neg control State Pressure Mode -------- ------------ ------ ----- -------- ------- ----- -------- ---- 100M-Copper Full Enabled Off Disabled Auto 100M-Copper Full Enabled Off Disabled Auto 100M-Copper Full Enabled Off Disabled Auto 100M-Copper Full...
Page 200 User’s Manual of WGSW-24020/WGSW-48040 port-channel-number — A valid port-channel trunk index. oob-interface — Out of band Ethernet port number. Default Configuration This command has no default configuration. Command Mode Privilege EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the status for all configured interfaces.
Page 201: Show Interfaces Description
User’s Manual of WGSW-24020/WGSW-48040 5.7.16 show interfaces description The show interfaces description user EXEC command displays the description for all configured interfaces. Syntax show interfaces description [ethernet interface | port-channel port-channel-number| out-of-band--eth oobinterface] Interface — Valid Ethernet port. port-channel-number — A valid port-channel trunk index. oob-interface —...
Page 202: Command Modes
User’s Manual of WGSW-24020/WGSW-48040 Syntax show interfaces counters [ethernet interface | port-channel port-channel-number] interface — A valid Ethernet port. port-channel-number — A valid port-channel index. Default Configuration This command has no default configuration. Command Modes Privilege EXEC mode User Guidelines There are no user guidelines for this command.
Page 203 User’s Manual of WGSW-24020/WGSW-48040 The following example displays counters for port g1. Console# show interfaces counters ethernet g1 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ------ ------------- ------------------- ------------------- ------------------ 183892 1289 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ------ ------------- ------------------- ------------------- ------------------ 9188 FCS Errors: 8 Single Collision Frames: 0...
Page 204: Show Ports Jumbo-Frame
User’s Manual of WGSW-24020/WGSW-48040 OutBcastPkts Counted transmitted broadcast packets. FCS Errors Counted frames received that are an integral number of octets in length but do not pass the FCS check. Single Collision Counted frames that are involved in a single collision, and are subsequently Frames transmitted successfully.
Page 205: Port Storm-Control Broadcast Enable
User’s Manual of WGSW-24020/WGSW-48040 Jumbo frames will be enabled after reset 5.7.19 port storm-control broadcast enable The port storm-control broadcast enable interface configuration command enables broadcast storm control. To disable broadcast storm control, use the no form of this command. Syntax port storm-control broadcast enable no port storm-control broadcast enable...
Page 206: Show Ports Storm-Control
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration The default storm control broadcast rate is 12000. Command Mode Interface Configuration (Ethernet) User Guidelines Use the port storm-control broadcast enable interface configuration command to enable broadcast storm control. The rate is rounded to the nearest 64 kbytes/sec (except 1 - 63 kbytes/sec, which is rounded to 64 bytes/sec). Note that if the rate is 0, broadcast packets are not forwarded.
Page 207: Gvrp Commands
User’s Manual of WGSW-24020/WGSW-48040 8000 Disabled Disabled 5.8 GVRP Commands 5.8.1 gvrp enable (global) GVRP, or GARP VLAN Registration Protocol, is an industry-standard protocol designed to propagate VLAN information from device to device. With GVRP, a single switch is manually configured with all desired VLANs for the network, and all other switches on the network learn these VLANs dynamically.
Page 208: Garp Timer
User’s Manual of WGSW-24020/WGSW-48040 no gvrp enable Default Configuration GVRP is disabled on all interfaces by default. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines An access port would not dynamically join a VLAN because it is always a member in only one VLAN. Example The following example enables GVRP on ethernet g8.
Page 209: Gvrp Vlan-Creation-Forbid
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines The following relationship for the various timer values must be maintained: Leave time must be greater than or equal to three times the join time. Leaveall time must be greater than the leave time. Set the same GARP timer values on all Layer 2-connected devices.
Page 210: Gvrp Registration-Forbid
User’s Manual of WGSW-24020/WGSW-48040 5.8.5 gvrp registration-forbid The gvrp registration-forbid interface configuration command de-registers all dynamic VLANs, and prevents dynamic VLAN registration on the port. To allow dynamic registering for VLANs on a port, use the no form of this command. Syntax gvrp registration-forbid no gvrp registration-forbid...
Page 211: Show Gvrp Configuration
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines There are no user guidelines for this command. Example The following example clears all the GVRP statistics information on port e8. Console# clear gvrp statistics ethernet e8 5.8.8 show gvrp configuration The show gvrp configuration User EXEC command displays GVRP configuration information, including timer values, whether GVRP and dynamic VLAN creation is enabled, and which ports are running GVRP.
Page 212: Show Gvrp Statistics
User’s Manual of WGSW-24020/WGSW-48040 5.8.9 show gvrp statistics The show gvrp statistics User EXEC command displays GVRP statistics. Syntax show gvrp statistics [ethernet interface | port-channel port-channel-number] interface — A valid Ethernet interface. port-channel-number — A valid trunk index. Default Configuration This command has no default configuration.
Page 213: Show Gvrp Error-Statistics
User’s Manual of WGSW-24020/WGSW-48040 5.8.10 show gvrp error-statistics The show gvrp error-statistics user EXEC command displays GVRP error statistics. Syntax show gvrp error-statistics [ethernet interface | port-channel port-channel-number] interface — Valid Ethernet interface. port-channel-number — A valid port-channel trunk index. Default Configuration This command has no default configuration.
Page 214: Igmp Snooping Commands
User’s Manual of WGSW-24020/WGSW-48040 5.9 IGMP Snooping Commands 5.9.1 ip igmp snooping (Global) The ip igmp snooping global configuration command enables Internet Group Management Protocol (IGMP) snooping. To disable IGMP snooping use the no form of this command. Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled.
Page 215: Ip Igmp Snooping Mrouter
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Interface configuration (VLAN) mode User Guidelines IGMP snooping can only be enabled on static VLANs. Example The following example enables IGMP snooping on VLAN 2. Console (config)# interface vlan 2 Console (config-if)# ip igmp snooping 5.9.3 ip igmp snooping mrouter The ip igmp snooping mrouter interface configuration command enables automatic learning of multicast router ports in the context of a specific VLAN.
Page 216: Ip Igmp Snooping Mrouter-Time-Out
User’s Manual of WGSW-24020/WGSW-48040 Syntax ip igmp snooping host-time-out time-out no ip igmp snooping host-time-out Default Configuration The default host-time-out is 260 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines The timeout should be at least greater than 2*query_interval+max_response_time of the IGMP router. Example The following example configures the host timeout to 300 seconds.
Page 217: Ip Igmp Snooping Leave-Time-Out
User’s Manual of WGSW-24020/WGSW-48040 Console (config)# interface vlan 2 Console (config-if)# ip igmp snooping mrouter-time-out 200 5.9.6 ip igmp snooping leave-time-out The ip igmp snooping leave-time-out command configures the leave-time-out. If an IGMP report for a multicast group is not received within the leave-time-out period after an IGMP leave was received from a specific port, the current port is deleted from the member list of that multicast group.
Page 218: Show Ip Igmp Snooping Interface
User’s Manual of WGSW-24020/WGSW-48040 vlan_id — VLAN ID value. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows IGMP snooping mrouter information. Console # show ip igmp snooping mrouter VLAN Ports...
Page 219: Show Ip Igmp Snooping Groups
User’s Manual of WGSW-24020/WGSW-48040 IGMP Snooping is disabled on VLAN 1 IGMP host timeout is 260 sec IGMP Immediate leave is disabled. IGMP leave timeout is 60 sec IGMP mrouter timeout is 300 sec Automatic learning of multicast router ports is enabled 5.9.9 show ip igmp snooping groups The show ip igmp snooping groups user EXEC command displays the multicast groups learned by IGMP snooping.
Page 220: Ip Addressing Commands
User’s Manual of WGSW-24020/WGSW-48040 5.10 IP Addressing Commands 5.10.1 ip address The ip address interface configuration command sets an IP address. To remove an IP address, use the no form of this command. Syntax ip address ip-address {mask | prefix-length} no ip address [ip-address] ip-address —...
Page 221: Ip Default-Gateway
User’s Manual of WGSW-24020/WGSW-48040 mode. Default Configuration This command has no default configuration. Command Mode Interface configuration (Ethernet, VLAN, port-channel, out-of-band Ethernet) User Guidelines The ip address dhcp command allows any interface to dynamically learn its IP address by using the DHCP protocol. Some DHCP Servers require that the DHCPDISCOVER message have a specific host name.
Page 222: Show Ip Interface
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration No default gateway is defined. Command Mode Interface configuration User Guidelines The setting of the default gateway on the out-of-band port must not precede the assignment of the IP address. Always assign the IP address to the out-of-band port first, and then set the default gateway. Example The following example defines an ip default gateway.
Page 223: Arp
User’s Manual of WGSW-24020/WGSW-48040 5.10.5 arp The arp global configuration command adds a permanent entry in the Address Resolution Protocol (ARP) cache. To remove an entry from the ARP cache, use the no form of this command. Syntax arp ip_addr hw_addr {ethernet interface-number | vlan vlan-id | port-channel number | } no arp ip_addr hw_addr {ethernet interface-number | vlan vlan-id | port-channel number | } ip_addr —...
Page 224: Clear Arp-Cache
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Global Configuration mode User Guidelines It Is recommended not to set the timeout value to less than 3600. Note: The ARP entry is deleted between the period of the "timeout value" and twice the "timeout value". For example, if the timeout value is 20 seconds, the ARP value is deleted during the period of 20 to 40 seconds.
Page 225: Lacp Commands
User’s Manual of WGSW-24020/WGSW-48040 Syntax show arp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays entries in the ARP table. Console# show arp ARP timeout: 60000 Seconds Interface...
Page 226: Lacp Port-Priority
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the system priority to 120. Console (config)# lacp system-priority 120 5.11.2 lacp port-priority The lacp port-priority interface configuration command configures the priority value for physical ports. To reset to default priority value, use the no form of this command.
Page 227: Show Lacp Ethernet
User’s Manual of WGSW-24020/WGSW-48040 Syntax lacp timeout {long | short} no lacp timeout long — Specifies a long timeout value. Short — Specifies a short timeout value. Default Configuration The default port timeout value is long. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command.
Page 228: Show Lacp Port-Channel
User’s Manual of WGSW-24020/WGSW-48040 Port e1 LACP Statistics: LACP PDUs sent:2 LACP PDUs received:2 5.11.5 show lacp port-channel The show lacp port-channel privileged EXEC command displays LACP information for a port-channel. Syntax show lacp port-channel [port_channel_number] port_channel_number — The port-channel number. Default Configuration This command has no default configuration.
Page 229: Line Commands
User’s Manual of WGSW-24020/WGSW-48040 5.12 Line Commands 5.12.1 line The line global configuration command identifies a specific line for configuration and enters the line configuration command mode. Syntax line {console | telnet | ssh} console — Console terminal line. telnet — Virtual terminal for remote console access (Telnet). ssh —...
Page 230: Exec-Timeout
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines There are no user guidelines for this command, which is available only on the console line. Examples The following example the baud rate is set to 19200. Console (config)# line console Console(config-line)# speed 19200 5.12.3 exec-timeout The exec-timeout line configuration command sets the interval that the system waits until user input is detected.
Page 231: Management Acl Commands
User’s Manual of WGSW-24020/WGSW-48040 console — Console terminal line. telnet — Virtual terminal for remote console access (Telnet). ssh — Virtual terminal for secured remote console access (SSH). Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
Page 232 User’s Manual of WGSW-24020/WGSW-48040 configuration. Once in the access-list configuration mode, the denied or permitted access conditions are configured with the deny and permit commands. To remove an access list, use the no form of this command. Syntax management access-list name no management access-list name name —...
Page 233: Permit (Management)
User’s Manual of WGSW-24020/WGSW-48040 5.13.2 permit (management) The permit management access-list configuration command defines a permit rule. Syntax permit [ethernet interface-number | vlan vlan-id | port-channel number | out-of-band-eth oob-interface] [service service] permit ip-source ip-address [mask mask | prefix-length] [ethernet interface-number | vlan vlan-id | port-channel number | out-of-band-eth oob-interface] [service service] ethernet interface-number —...
Page 234: Management Access-Class
User’s Manual of WGSW-24020/WGSW-48040 deny ip-source ip-address [mask mask | prefix-length] [ethernet interface-number | vlan vlan-id | port-channel number | out-of-band-eth oob-interface] ] [service service] ethernet interface-number — A valid Ethernet port number. vlan vlan-id — A valid VLAN number. port-channel number —...
Page 235: Show Management Access-List
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures an access-list called "mlist" as the management access-list. Console (config)# management access-class mlist 5.13.5 show management access-list The show management access-list privileged EXEC command displays management access-lists.
Page 236: Show Management Access-Class
User’s Manual of WGSW-24020/WGSW-48040 5.13.6 show management access-class The show management access-class privileged EXEC command displays the active management access-list. Syntax show management access-class Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the management access-list information.
Page 237: Show Copper-Ports Tdr
User’s Manual of WGSW-24020/WGSW-48040 The port under test should be shut down during the test, unless it is a combo port with an active fiber port. The maximum disatance VCT can function is 120 meters. Examples The following example results in a report on the cable attached to port e3. Console# test copper-port tdr e3 Cable is open at 100 meters The following example results in a failure to report on the cable attached to port e4.
Page 238: Show Copper-Ports Cable-Length
User’s Manual of WGSW-24020/WGSW-48040 Fiber 5.14.3 show copper-ports cable-length The show copper-ports cable-length privileged EXEC command displays the estimated copper cable length attached to a port. Syntax show copper-ports cable-length [interface] interface — A valid Ethernet port. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 239 User’s Manual of WGSW-24020/WGSW-48040 Detailed — Detailed diagnostics. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines To test optical transceivers ensure a fiber link is present. Examples The following example displays the optical transceiver diagnostics. console# show fiber-ports optical-transceiver Port Temp...
Page 240: Port Channel Commands
User’s Manual of WGSW-24020/WGSW-48040 [mWatt] [mWatt] ------ -------- ------------ ------------ ----------- ---------- --------- 5.15 1.789 5.15 1.789 Copper Temp – Internally measured transceiver temperature. Voltage - Internally measured supply voltage. Current – Measured TX bias current. Output Power – Measured TX output power. Input Power –...
Page 241: Interface Range Port-Channel
User’s Manual of WGSW-24020/WGSW-48040 the standards, set them all to inactive. Example The following example enters the context of port-channel number 1. Console (config)# interface port-channel 1 5.15.2 interface range port-channel The interface range port-channel global configuration command enters the interface configuration mode to configure multiple port-channels.
Page 242: Show Interfaces Port-Channel
User’s Manual of WGSW-24020/WGSW-48040 no channel-group port-channel_number — Specifies the number of the valid port-channel for the current port to join. on — Forces the port to join a channel. auto — Allows the port to join a channel as a result of an LACP operation. Default Configuration The port is not assigned to any port-channel.
Page 243: Port Monitor Commands
User’s Manual of WGSW-24020/WGSW-48040 Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows how all port-channel information is displayed. Console (config)# show interfaces port-channel Channel Ports ------------ ----------------- Active: g2 Active: e3, e7 Inactive: g1 Active: e4, e8 5.16 Port Monitor Commands...
Page 244: Show Ports Monitor
User’s Manual of WGSW-24020/WGSW-48040 The following restrictions apply to ports configured to be destination ports: The port cannot be already configured as a source port. The port cannot be a member in a port-channel. An IP interface is not configured on the port. GVRP is not enabled on the port.
Page 245 User’s Manual of WGSW-24020/WGSW-48040 Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows how the port copy status is displayed. Console#show ports monitor Source Port Destination Port Type Status VLAN Tagging ---------------- -----------------------...
Page 246: Qos Commands
User’s Manual of WGSW-24020/WGSW-48040 5.17 QoS Commands 5.17.1 qos The qos global configuration command enables quality of service (QoS) on the device and enters QoS basic or advanced mode. Use the no form of this command to disable the QoS features on the device. Syntax qos [advanced] no qos...
Page 247: Wrr-Queue Cos-Map
User’s Manual of WGSW-24020/WGSW-48040 Console# show qos Qos: basic Basic trust: dscp 5.17.3 wrr-queue cos-map The wrr-queue cos-map global configuration command maps assigned CoS values to select one of the egress queues. To return to the default values, use the no form of this command. Syntax wrr-queue cos-map queue-id cos1...cosn no wrr-queue cos-map [queue-id]...
Page 248: Wrr-Queue Bandwidth
User’s Manual of WGSW-24020/WGSW-48040 5.17.4 wrr-queue bandwidth The wrr-queue bandwidth interface configuration command assigns Weighted Round Robin (WRR) weights to egress queues. The weights ratio determines the frequency in which the packet scheduler dequeues packets from each queue. To return to the default values, use the no form of this command.
Page 249: Priority-Queue Out Num-Of-Queues
User’s Manual of WGSW-24020/WGSW-48040 Queue 2—6/36 Queue 3—6/36 Queue 4—6/36 Queue 5—6/36 Queue 6—6/36 Queue 7—6/36 Queue 8—6/36 Console (config-if)# wrr-queue bandwidth 6 6 6 6 6 6 6 6 5.17.5 priority-queue out num-of-queues The priority-queue out num-of-queues global configuration command enables the egress queues to be expedite queues. Use the no form of this command to return to the default values.
Page 250 User’s Manual of WGSW-24020/WGSW-48040 Syntax show qos interface [ethernet interface-number | vlan vlan-id | port-channel number] [buffers | queuing | policers | shapers] ethernet interface-number — Ethernet port number. vlan vlan-id — VLAN number. port-channel number — Port-channel. buffers — Displays buffer setting for the interface queues. For gigabit Ethernet interfaces, the queue depth for each of the 8 queues and the thresholds for the WRED/Tail Drop are displayed.
Page 251 User’s Manual of WGSW-24020/WGSW-48040 qid MinDP0 MaxDP0 ProbDP0 MinDP1 MaxDP1 ProbDP1 MinDP2 MaxDP2 ProbDP2 Weight The following example displays output from the show qos interface ethernet g1 queueing command. Console# show qos interface Ethernet g1 queuing Ethernet g1 wrr bandwidth weights and EF priority: weights Priority Cos-queue map:...
Page 252: Qos Map Dscp-Queue
User’s Manual of WGSW-24020/WGSW-48040 Disable Enable 178000 8000 Enable 23000 1000 The following example displays output from the show qos interface g1 policers command Console# show qos interface ethernet g1 policers Ethernet g1 Class map: A Policer type: aggregate Committed rate: 192000 bps Committed burst: 9600 bytes Exceed-action: policed-dscp-transmit Class map: B...
Page 253: Qos Trust (Global)
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration The following table describes the default map. Command Mode Global Configuration mode User Guidelines Queue settings for 3, 11, 19, ... cannot be modified. Example The following example maps DSCP values 33, 40 and 41 to queue 1. Console (config)# qos map dscp-queue 33 40 41 to 1 5.17.8 qos trust (Global) The qos trust global configuration command can be used in basic mode to configure the system to "trust"...
Page 254: Qos Trust (Interface)
User’s Manual of WGSW-24020/WGSW-48040 Queue-ID 1 2 3 4 5 6 7 8 For an inter-QoS domain boundary, the port can be configured to the DSCP-trusted state and apply the DSCP-to-DSCP-mutation map, if the DSCP values are different between the QoS domains. To return to the untrusted state, use the no qos command to apply best effort service.
Page 255: Qos Cos Override
User’s Manual of WGSW-24020/WGSW-48040 form of this command. Syntax qos cos default-cos no qos cos qos cos override default-cos — Specifies the default CoS value being assigned to the port. If the port is trusted and the packet is untagged then the default CoS value becomes the CoS value.
Page 256: Show Qos Map
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines This command enables to override the CoS value of tagged packets, with the value configured by the qos cos command. Example The following example overrides the CoS of incoming packets. Console(config)# qos cos override 5.17.12 show qos map The show qos map user EXEC command displays all the QoS maps.
Page 257: Radius Commands
User’s Manual of WGSW-24020/WGSW-48040 The following example displays the policed-DSCP map. Policed-dscp map: d1 : d2 0 ---- ------- ---- --- ---- ---- ---- ---- ---- ---- ---- The following example displays the DSCP-dscp mutation map. Dscp-dscp mutation map: d1 : d2 0 ---- -------...
Page 258 User’s Manual of WGSW-24020/WGSW-48040 [key key] [source source] [priority priority] no radius-server host ip-address ip-address — IP address of the RADIUS server host. An out-of-band IP address can be specified as described in the usage guidelines. timeout — Specifies the timeout value in seconds. If no timeout value is specified, the global value is used. (Range: 1 - retransmit —...
Page 259: Radius-Server Key
User’s Manual of WGSW-24020/WGSW-48040 5.18.2 radius-server key The radius-server key global configuration command sets the authentication and encryption key for all RADIUS communications between the router and the RADIUS daemon. To reset to the default, use the no form of this command. Syntax radius-server key [key-string] no radius-server key...
Page 260: Radius-Server Source-Ip
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines There are no user guidelines for this command. Example The following example configures the number of times the software searches the list of RADIUS server hosts to 5 attempts. Console (config)# radius-server retransmit 5 5.18.4 radius-server source-ip The radius-server source-ip global configuration command specifies the source IP address used for communication with RADIUS servers.
Page 261: Radius-Server Deadtime
User’s Manual of WGSW-24020/WGSW-48040 timeout — Specifies the timeout value in seconds. (Range: 1 - 30) Default Configuration The default value is 3 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the interval for which a router waits for a server host to reply to 5 seconds.
Page 262: Show Radius-Servers
User’s Manual of WGSW-24020/WGSW-48040 Console (config)# radius-server deadtime 10 5.18.7 show radius-servers The show radius-servers user EXEC command displays the RADIUS server settings. Syntax show radius-servers Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
Page 263: Rmon Commands
User’s Manual of WGSW-24020/WGSW-48040 5.19 RMON Commands 5.19.1 show rmon statistics The show rmon statistics user EXEC command displays RMON Ethernet Statistics. Syntax show rmon statistics {ethernet interface number | port-channel port-channel-number} interface number — Valid Ethernet port. port-channel-number — Valid port-channel trunk index. Default Configuration This command has no default configuration.
Page 264 User’s Manual of WGSW-24020/WGSW-48040 times this condition has been detected. The total number of octets of data (including those in bad packets) received on the network Octets (excluding framing bits but including FCS octets). The total number of packets (including bad packets, broadcast packets, and multicast packets) Packets received.
Page 265: Rmon Collection History
User’s Manual of WGSW-24020/WGSW-48040 5.19.2 rmon collection history The rmon collection history interface configuration command enables a Remote Monitoring (RMON) MIB history statistics group on an interface. To remove a specified RMON history statistics group, use the no form of this command. Syntax rmon collection history index [owner ownername] [buckets bucket-number] [interval seconds] no rmon collection history index...
Page 266: Show Rmon History
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays all RMON group statistics. Console# show rmon collection history Index Interface Interval...
Page 267 User’s Manual of WGSW-24020/WGSW-48040 period seconds — Specifies the requested period time to display. (Range: 1 - 4294967295) Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Examples The following example displays RMON Ethernet Statistics history for "throughput"...
Page 268 User’s Manual of WGSW-24020/WGSW-48040 The following example displays RMON Ethernet Statistics history for "other" on index number 5. Console# show rmon history 5 other Sample Set: 1 Owner: CLI Interface: 1/g1 Interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 500 Time Dropped Collisions...
Page 269: Rmon Alarm
User’s Manual of WGSW-24020/WGSW-48040 Fragments The total number of packets received during this sampling interval that were less than 64 octets in length (excluding framing bits but including FCS octets) had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error), or a bad FCS with a non-integral number of octets (AlignmentError).
Page 270: Show Rmon Alarm-Table
User’s Manual of WGSW-24020/WGSW-48040 startup direction — The alarm that may be sent when this entry is first set to valid. If the first sample (after this entry becomes valid) is greater than or equal to the rthreshold, and direction is equal to rising or rising-falling, then a single rising alarm is generated.
Page 271: Show Rmon Alarm
User’s Manual of WGSW-24020/WGSW-48040 Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the alarms summary table. Console# show rmon alarm-table Index Owner ------- --------------------------------------- ----------- 1.3.6.1.2.1.2.2.1.10.1 1.3.6.1.2.1.2.2.1.10.1 Manager 1.3.6.1.2.1.2.2.1.10.9 The following table describes the significant fields shown in the display: Field...
Page 272 User’s Manual of WGSW-24020/WGSW-48040 Example The following example displays RMON 1 alarms. Console# show rmon alarm 1 Alarm 1 ----------- OID: 1.3.6.1.2.1.2.2.1.10.1 Last sample Value: 878128 Interval: 30 Sample Type: delta Startup Alarm: rising Rising Threshold: 8700000 Falling Threshold: 78 Rising Event: 1 Falling Event: 1 Owner: CLI...
Page 273: Rmon Event
User’s Manual of WGSW-24020/WGSW-48040 is generated. Rising Threshold A sampled statistic threshold. When the current sampled value is greater than or equal to this threshold, and the value at the last sampling interval is less than this threshold, a single event is generated. Falling Threshold A sampled statistic threshold.
Page 274: Show Rmon Events
User’s Manual of WGSW-24020/WGSW-48040 Example The following example configures an event with the trap index of 10 Console (config)# rmon event 10 log 5.19.9 show rmon events The show rmon events user EXEC command displays the RMON event table. Syntax show rmon events Default Configuration This command has no default configuration.
Page 275: Show Rmon Log
User’s Manual of WGSW-24020/WGSW-48040 values: none, log, trap, log-trap. In the case of log, an entry is made in the log table for each event. In the case of trap, an SNMP trap is sent to one or more management stations. Community If an SNMP trap is to be sent, it is sent to the SNMP community specified by this octet string.
Page 276: Rmon Table-Size
User’s Manual of WGSW-24020/WGSW-48040 Errors Jan 18 2002 23:48:19 Errors Jan 18 2002 23:58:17 High Broadcast Jan 18 2002 23:59:48 The following table describes the significant fields shown in the display: Field Description Event An index that uniquely identifies the event. Description A comment describing this event.
Page 277: Snmp Commands
User’s Manual of WGSW-24020/WGSW-48040 5.20 SNMP Commands 5.20.1 snmp-server community The snmp-server community global configuration command sets up the community access string to permit access to the SNMP protocol. To remove the specified community string, use the no form of this command. Syntax snmp-server community community [ro | rw | su] [ip-address] snmp-server community-group community group-name [ip-address]...
Page 278: Snmp-Server Contact
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration No community is defined. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Examples The following example sets up the community access string "public" to permit administrative access to SNMP protocol, at an administrative station with the IP address 192.168.1.20.
Page 279: Snmp-Server Location
User’s Manual of WGSW-24020/WGSW-48040 Console (config)# snmp-server contact abc_Tecnical_Support 5.20.3 snmp-server location The snmp-server location global configuration command sets up information on where the device is located. To remove the location string use, the no form of this command. Syntax snmp-server location text no snmp-server location text —...
Page 280: Snmp-Server Trap Authentication
User’s Manual of WGSW-24020/WGSW-48040 Examples The following example displays the command to enable SNMP traps. Console (config)# snmp-server enable traps 5.20.5 snmp-server trap authentication The snmp-server trap authentication global configuration command enables the switch to send Simple Network Management Protocol traps when authentication fails. To disable SNMP authentication failed traps, use the no form of this command. Syntax snmp-server trap authentication no snmp-server trap authentication...
Page 281: Snmp-Server Set
User’s Manual of WGSW-24020/WGSW-48040 community-string — Password-like community string sent with the notification operation. (R ange: 1 - 20 characters) 1 — SNMPv1 traps is used. 2 — SNMPv2 traps is used (Default). Default Configuration The default is SNMPv2. UDP Port - 162 timeout - 15 seconds retries - 3.
Page 282: Show Snmp
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Global Configuration mode User Guidelines Although the CLI can set any required configuration, there might be a situation where a SNMP user sets a MIB variable that does not have an equivalent command. In order to generate configuration files that support those situations, the snmp-server set command is used.
Page 283 User’s Manual of WGSW-24020/WGSW-48040 Community-String Community-Access IP address ------------------------- ---------------------------- ------------------ public read only private read write 172.16.1.1 private read write 172.17.1.1 OOB management stations Community-String Community-Access IP address ------------------------- ---------------------------- ------------------ private read write 176.16.8.9 Traps are enabled. Authentication trap is enabled. Trap-Rec-Address Trap-Rec-Community Version...
Page 284: Spanning-Tree Commands
User’s Manual of WGSW-24020/WGSW-48040 5.21 Spanning-Tree Commands 5.21.1 spanning-tree The spanning-tree global configuration command enables spanning-tree functionality. To disable spanning-tree functionality, use the no form of this command. Syntax spanning-tree no spanning-tree Default Configuration Spanning-tree is enabled. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command.
Page 285: Spanning-Tree Forward-Time
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines There are no user guidelines for this command. Example The following example configures the spanning-tree protocol to RSTP. Console(config)# spanning-tree mode rstp 5.21.3 spanning-tree forward-time The spanning-tree forward-time global configuration command configures the spanning-tree bridge forward time, which is the amount of time a port remains in the listening and learning states before entering the forwarding state.
Page 286: Spanning-Tree Max-Age
User’s Manual of WGSW-24020/WGSW-48040 Syntax spanning-tree hello-time seconds no spanning-tree hello-time seconds — Time in seconds. (Range: 1 - 10) Default Configuration The default hello time for IEEE Spanning-Tree Protocol (STP) is 2 seconds. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command.
Page 287: Spanning-Tree Priority
User’s Manual of WGSW-24020/WGSW-48040 Console(config)# spanning-tree max-age 10 5.21.6 spanning-tree priority The spanning-tree priority global configuration command configures the spanning-tree priority. The priority value is used to determine which bridge is elected as the root bridge. To reset the default spanning-tree priority use the no form of this command.
Page 288: Spanning-Tree Cost
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration By default, all ports are enabled for spanning-tree. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example disables spanning-tree on e5. Console (config)# interface ethernet e5 Console (config-if)# spanning-tree disable 5.21.8 spanning-tree cost The spanning-tree cost interface configuration command configures the spanning-tree path cost for a port.
Page 289: Spanning-Tree Port-Priority
User’s Manual of WGSW-24020/WGSW-48040 Console(config)# interface ethernet e5 Console(config-if)# spanning-tree cost 35000 5.21.9 spanning-tree port-priority The spanning-tree port-priority interface configuration command configures port priority. To reset the default port priority, use the no form of this command. Syntax spanning-tree port-priority priority no spanning-tree port-priority priority —...
Page 290: Spanning-Tree Link-Type
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration PortFast mode is disabled. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines This feature should be used only with interfaces connected to end stations. Otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operations. Example The following example enables PortFast on e5.
Page 291: Spanning-Tree Bpdu
User’s Manual of WGSW-24020/WGSW-48040 5.21.12 spanning-tree pathcost method The spanning-tree pathcost method command sets the default path cost method. To revert to the default setting, use the no form of this command. Syntax spanning-tree pathcost method {long | short} no spanning-tree pathcost method long —...
Page 292: Clear Spanning-Tree Detected-Protocols
User’s Manual of WGSW-24020/WGSW-48040 Command Modes Global Configuration mode User Guidelines The command is relevant when spanning-tree is disabled globally or on a single interface.. Example The following example defines BPDU packet flooding when spanning-tree is disabled on an interface. Console(config)# spanning-tree bpdu flooding 5.21.14 clear spanning-tree detected-protocols The clear spanning-tree detected-protocols privileged EXEC command restarts the protocol migration process (force the...
Page 293 User’s Manual of WGSW-24020/WGSW-48040 Syntax show spanning-tree [ ethernet interface | port-channel port-channel-number ] show spanning-tree [detail] [active | blockedports] interface — The full syntax is: unit/port. (Range: Valid Ethernet port) port-channel-number — Port channel index. (Range:Valid port channel) instance-id — ID associated with a spanning-tree instance.(Range: 1 - 15) detail —...
Page 294: Ssh And Slogin Commands
User’s Manual of WGSW-24020/WGSW-48040 hello 2, max age 20, forward delay 15 Interface Port ID Cost Designated Port ID Name Prio. Nbr Cost Bridge ID Prio. Nbr ------------- -------------- --------- ------ ----------------------- --------------- 128.1 38 32768 0030.9441.62c1 128.25 128.2 57 32769 0002.4b29.7a00 128.25 128.65 57 32769 0002.4b29.7a00...
Page 295: Ip Ssh Server
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration The default value is 22. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example specifies the port to be used by the SSH server as 8080. Console (config)# ip ssh port 8080 5.22.2 ip ssh server The ip ssh server global configuration command enables the device to be configured from a SSH server.
Page 296: Crypto Key Generate Dsa
User’s Manual of WGSW-24020/WGSW-48040 5.22.3 crypto key generate dsa The ip ssh server global configuration command generates DSA key pairs. Syntax crypto key generate dsa Default Configuration DSA key pairs do not exist. Command Mode Global Configuration mode User Guidelines DSA keys are generated in pairs: one public DSA key and one private DSA key.
Page 297: Ip Ssh Pubkey-Auth
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines RSA keys are generated in pairs: one public RSA key and one private RSA key. If the device already has RSA keys, a warning and prompt to replace the existing keys with new keys is displayed. The maximum supported size for the RSA key is 2048 bits.
Page 298: User-Key
User’s Manual of WGSW-24020/WGSW-48040 Syntax crypto key pubkey-chain ssh Default Configuration By default, there are no keys. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enters the SSH Public Key-chain configuration mode. Console(config)# crypto key pubkey-chain ssh Console(config-pubkey-chain)# 5.22.7 user-key...
Page 299: Key-String
User’s Manual of WGSW-24020/WGSW-48040 Console(config-pubkey-chain)# user-key bob Console(config-pubkey-key)# key-string rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl 5.22.8 key-string The key-string SSH public key-string configuration command manually specifies a SSH public key. Syntax key-string text text — Authentication string that must be sentand received in the packets, using the routing protocol being authenticated. The string can contain from 1 to 16 uppercase and lowercase alphanumeric characters.
Page 300: Show Ip Ssh
User’s Manual of WGSW-24020/WGSW-48040 Rmt5nhhqdAtN/4oJfce166DqVX1gWmN zNR4DYDvSzg0lDnwCAC8Qh Fingerprint: a4:16:46:23:5a:8d:1d:b5:37:59:eb:44:13:b9:33:e9 5.22.9 show ip ssh The show ip ssh privileged EXEC command displays the SSH server configuration. Syntax show ip ssh Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Page 301: Show Crypto Key Mypubkey
User’s Manual of WGSW-24020/WGSW-48040 Auth Code Authentication Code (HMAC-MD5, HMAC-SHA1) 5.22.10 show crypto key mypubkey The show crypto key mypubkey privileged EXEC command displays the SSH public keys on the device. Syntax show crypto key mypubkey [rsa | dsa] rsa—RSA key. dsa—DSA key.
Page 302: System Management
User’s Manual of WGSW-24020/WGSW-48040 username — Specifies the remote SSH client username. bubble-babble — Fingerprints in Bubble Babble format. hex — Fingerprint in Hex format. If fingerprint is unspecified, it defaults to Hex format. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 303: Traceroute
User’s Manual of WGSW-24020/WGSW-48040 packet_size — Number of bytes in a packet. The actual packet size is eight bytes larger than the size specified because the switch adds header information.(Range: 57 - 1472 bytes) packet_count — Number of packets to send. If 0 is entered it pings until stopped. (Range: 1 - 65535 packets) time_out —...
Page 304 User’s Manual of WGSW-24020/WGSW-48040 Syntax traceroute ip-address |hostnme [size packet_size] [ttl max-ttl] [count packet_count] [timeout time_out] [source ip-address] [tos tos] ip-address — IP address of the destination host. An out-of-band IP address can be specified as described in the usage guidelines.
Page 305 User’s Manual of WGSW-24020/WGSW-48040 Examples console> traceroute umaxp1.physics.lsa.umich.edu Type Esc to abort. Tracing the route to umaxp1.physics.lsa.umich.edu (141.211.101.64) 1 i2-gateway.stanford.edu (192.68.191.83) 0 msec 0 msec 0 msec 2 STAN.POS.calren2.NET (171.64.1.213) 0 msec 0 msec 0 msec 3 SUNV--STAN.POS.calren2.net (198.32.249.73) 1 msec 1 msec 1 msec 4 Abilene--QSV.POS.calren2.net (198.32.249.162) 1 msec 1 msec 1 msec 5 kscyng-snvang.abilene.ucaid.edu (198.32.8.103) 33 msec 35 msec 35 msec 6 iplsng-kscyng.abilene.ucaid.edu (198.32.8.80) 47 msec 45 msec 45 msec...
Page 306: Telnet
User’s Manual of WGSW-24020/WGSW-48040 5.23.3 telnet The telnet User EXEC command is used to log in to a host that supports Telnet. Syntax telnet ip-address | hostname [port] [keyword1..] ip-address — IP address of the destination host. An out-of-band IP address can be specified as described in the usage guidelines.
Page 307 User’s Manual of WGSW-24020/WGSW-48040 Console> ‘Ctrl-shift-6’ ? [Special telnet escape help] Esc B sends telnet BREAK Esc C sends telnet IP Esc H sends telnet EC Esc O sends telnet AO Esc T sends telnet AYT Esc U sends telnet EL Several concurrent Telnet sessions can be opened and switched between them.
Page 308: Resume
User’s Manual of WGSW-24020/WGSW-48040 File Transfer Protocol ftp-data FTP data connections gopher Gopher hostname NIC hostname server ident Ident Protocol Internet Relay Chat klogin Kerberos login kshell Kerberos shell login Login Printer service nntp Network News Transport Protocol pop2 Post Office Protocol v2 pop3 Post Office Protocol v3 pim-auto-rp...
Page 309: Reload
User’s Manual of WGSW-24020/WGSW-48040 Syntax resume [connection] connection — The connection number. The default is the most recent connection Default Configuration There is no default configuration for this command. Command Mode EXEC mode User Guidelines There are no user guidelines for this command. Examples The following command switches to another open Telnet session.
Page 310: Hostname
User’s Manual of WGSW-24020/WGSW-48040 5.23.6 hostname The hostname global configuration command specifies or modifies the device host name. To remove the existing host name, use the no form of the command. Syntax hostname name no hostname name — The device host name. Default Configuration This command has no default configuration.
Page 311: Show Sessions
User’s Manual of WGSW-24020/WGSW-48040 Example The following example displays information about the active users. Console# show users Username Protocol Location ---------------- ------------ ------------ Serial John 172.16.0.1 Robert HTTP 172.16.0.8 5.23.8 show sessions The show sessions command in EXEC mode lists the open Telnet sessions. Syntax show sessions This command has no arguments or keywords.
Page 312: Show System
User’s Manual of WGSW-24020/WGSW-48040 Address IP address of the remote host. Port Telnet TCP port number Byte Number of unread bytes for the user to see on the connection. 5.23.9 show system The show system user EXEC command displays system information. Syntax show system Default Configuration...
Page 313: Show Version
User’s Manual of WGSW-24020/WGSW-48040 5.23.10 show version The show version user EXEC command displays the system version information. Syntax show version Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays a system version (this version number is only for demonstration purposes).
Page 314: Logging
User’s Manual of WGSW-24020/WGSW-48040 Syntax logging on no logging on Default Configuration Logging is enabled. Command Mode Global Configuration mode User Guidelines The logging process controls the distribution of logging messages to the various destinations, such as the logging buffer, logging file, or syslog server.
Page 315: Logging Console
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration As described in the field descriptions. Command Mode Global Configuration mode User Guidelines Multiple syslog servers can be used. If no specific severity level is specified, the global values apply to each server. To define a logging server on the out-of-band port, use the out-of-band IP address format —oob/ip-address. Example The following example configures messages with a "critical"...
Page 316: Logging Buffered
User’s Manual of WGSW-24020/WGSW-48040 5.24.4 logging buffered The logging buffered global configuration command limits syslog messages displayed from an internal buffer based on severity. To cancel the buffer use, use the no form of this command. Syntax logging buffered level no logging buffered level —...
Page 317: Clear Logging
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example changes the number of syslog messages stored in the internal buffer to 300. Console (config)# logging buffered size 300 5.24.6 clear logging The clear logging privileged EXEC command clears messages from the internal logging buffer.
Page 318: Clear Logging File
User’s Manual of WGSW-24020/WGSW-48040 logging file level no logging file level — Limits the logging of messages to the buffer to a specified level: emergencies, alerts, critical, errors, warnings, notifications, informational and debugging. Default Configuration The default severity level is errors. Command Mode Global Configuration mode User Guidelines...
Page 319: Show Logging
User’s Manual of WGSW-24020/WGSW-48040 5.24.9 show logging The show logging privileged EXEC command displays the state of logging and the syslog messages stored in the internal buffer. Syntax show logging Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Page 320: Show Logging File
User’s Manual of WGSW-24020/WGSW-48040 state to down 11-Aug-2002 15:41:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet g2, changed state to down 11-Aug-2002 15:41:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet e3, changed state to down 5.24.10 show logging file The show logging file privileged EXEC command displays the state of logging and the syslog messages stored in the logging file.
Page 321: Show Syslog-Servers
User’s Manual of WGSW-24020/WGSW-48040 11-Aug-2002 15:41:43: %SYS-5-CONFIG_I: Configured from memory by console 11-Aug-2002 15:41:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet g0, changed state to up 11-Aug-2002 15:41:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet g0, changed state to down 11-Aug-2002 15:41:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet g1, changed state to down 11-Aug-2002 15:41:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet g2, changed state to down...
Page 322: Tacacs Commands
User’s Manual of WGSW-24020/WGSW-48040 5.25 TACACS Commands 5.25.1 tacacs-server host The tacacs-server host command in global configuration mode specifies a TACACS+ host. To delete the specified name or address, use the no form of this command. Syntax tacacs-server host {ip-address | hostname} [single-connection] [port port-number] [timeout timeout] [key keystring] [source source] [priority priority] no tacacs-server host ip-address ip-address —...
Page 323: Tacacs-Server Key
User’s Manual of WGSW-24020/WGSW-48040 Example The following example specifies a TACACS+ host. Console (config)# tacacs-server host 172.16.1.1 5.25.2 tacacs-server key The tacacs-server key command in global configuration mode sets the authentication encryption key used for all TACACS+ communications between the device and the TACACS+ daemon. To disable the key, use the no form of this command. Syntax tacacs-server key key-string no tacacs-server key...
Page 324: Tacacs-Server Source-Ip
User’s Manual of WGSW-24020/WGSW-48040 timeout — Specifies the timeout value in seconds. (Range: 1 - 1000) Default Configuration 5 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Examples The following example sets the timeout value as 300. Console (config)# tacacs-server timeout 300 5.25.4 tacacs-server source-ip The tacacs-server source-ip command in global configuration mode specifies the source IP address that will be used for the...
Page 325: Show Tacacs
User’s Manual of WGSW-24020/WGSW-48040 5.25.5 show tacacs The show tacacs command in Privileged EXEC mode displays configuration and statistics for a TACACS+ server. Syntax show tacacs [ip-address] ip-address — Name or IP address of the host. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 326: User Interface Commands
User’s Manual of WGSW-24020/WGSW-48040 --------------- ------------ 172.16.1.1 Connected Global Global Global values -------------- TimeOut: 3 Source IP: 172.16.8.1 OOB Source IP: 176.16.8.1 5.26 User Interface Commands 5.26.1 enable The enable user EXEC command enters the privileged EXEC mode. Syntax enable [privilege-level] privilege-level —...
Page 327: Disable
User’s Manual of WGSW-24020/WGSW-48040 5.26.2 disable The disable privileged EXEC command returns to User EXEC mode. Syntax disable [privilege-level] privilege-level — Privilege level to enter the system. (Range: 1 - 15) Default Configuration The default privilege level is 1. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Page 328: Login
User’s Manual of WGSW-24020/WGSW-48040 confirming the command entry method is displayed. Console# configure Console (config)# 5.26.4 login The login user EXEC command changes a login username. Syntax login Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
Page 329: Exit(Exec)
User’s Manual of WGSW-24020/WGSW-48040 Command Mode All command modes User Guidelines There are no user guidelines for this command. Example The following example changes the configuration mode from Interface Configuration mode to User EXEC mode. Console(config-if)# exit Console(config)# exit Console# 5.26.6 exit(EXEC) The exit user EXEC command closes an active terminal session by logging off the device.
Page 330: Help
User’s Manual of WGSW-24020/WGSW-48040 Command Mode All Command modes User Guidelines There are no user guidelines for this command. Example The following example ends the current configuration session and returns to the previous command mode. Console (config)# end Console # 5.26.8 help The help command displays a brief description of the help system.
Page 331: History Size
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Line Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables the command history function for telnet. Console (config)# line telnet Console (config-line)# history 5.26.10 history size The history size line configuration command changes the command history buffer size for a particular line.
Page 332: Show Privilege
User’s Manual of WGSW-24020/WGSW-48040 Syntax show history Default Configuration This command has no default configuration. Command Mode User EXEC command mode User Guidelines The commands are listed from the first to the latest command. The buffer is kept unchanged when entering to configuration mode and returning back. Example The following example displays all the commands entered while in the current privileged EXEC mode.
Page 333: Vlan Commands
User’s Manual of WGSW-24020/WGSW-48040 Current privilege level is 15 5.27 VLAN Commands 5.27.1 vlan database The vlan database global configuration command enters the VLAN configuration mode. Syntax vlan database Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Page 334: Default-Vlan Disable
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration This command has no default configuration. Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command. Example The following example VLAN number 1972 is created. Console (config)# vlan database Console (config-vlan)# vlan 1972 5.27.3 default-vlan disable The default-vlan disable VLAN configuration command disables the default VLAN functionality.
Page 335: Interface Vlan
User’s Manual of WGSW-24020/WGSW-48040 5.27.4 interface vlan The interface vlan global configuration command enters the interface configuration (VLAN) mode. Syntax interface vlan vlan-id vlan-id — The ID of an existing VLAN (excluding GVRP dynamic VLANs). Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines...
Page 336: Name
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines Commands under the interface range context are executed independently on each interface in the range. If the command returns an error on one of the interfaces, an error message is displayed and execution continues on other interfaces. Example The following example groups VLAN 221 until 228 and VLAN 889 to receive the same command.
Page 337: Switchport Access Vlan
User’s Manual of WGSW-24020/WGSW-48040 Syntax switchport mode {access | trunk | general} no switchport mode access — Port belongs to a single, untagged VLAN. trunk — Port belongs to 1..4063 VLANs, all tagged (except, optionally, for a single native VLAN). general —...
Page 338: Switchport Trunk Allowed Vlan
User’s Manual of WGSW-24020/WGSW-48040 User Guidelines The command automatically removes the port from the previous VLAN, and adds it to the new VLAN. Example The following example configures a VLAN ID of 23 to the untagged layer 2 VLAN interface number e8. Console (config)# interface ethernet e8 Console (config-if)# switchport access vlan 23 5.27.9 switchport trunk allowed vlan...
Page 339: Switchport Trunk Native Vlan
User’s Manual of WGSW-24020/WGSW-48040 5.27.10 switchport trunk native vlan The switchport trunk native vlan interface configuration command defines the port as a member of the specified VLAN, and the VLAN ID as the "port default VLAN ID (PVID)". To configure the default VLAN ID, use the no form of this command. Syntax switchport trunk native vlan vlan-id no switchport trunk native vlan...
Page 340: Switchport General Pvid
User’s Manual of WGSW-24020/WGSW-48040 tagged — Sets the port to transmit tagged packets for the VLANs. If the port is added to a VLAN without specifying tagged or untagged the default is tagged. untagged — Sets the port to transmit untagged packets for the VLANs. Default Configuration This command has no default configuration.
Page 341: Switchport General Ingress-Filtering Disable
User’s Manual of WGSW-24020/WGSW-48040 Console (config)# interface ethernet e8 Console (config-if)# switchport general pvid 234 5.27.13 switchport general ingress-filtering disable The switchport general ingress-filtering disable interface configuration command disables port ingress filtering. To enable ingress filtering on a port, use the no form of this command. Syntax switchport general ingress-filtering disable no switchport general ingress-filtering disable...
Page 342: Switchport Forbidden Vlan
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration All frame types are accepted at ingress. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures e8 to discard untagged frames at ingress. Console (config)# interface ethernet e8 Console (config-if)# switchport general acceptable-frame-type tagged-only 5.27.15 switchport forbidden vlan...
Page 343: Map Protocol Protocols-Group
User’s Manual of WGSW-24020/WGSW-48040 Console (config)# interface ethernet e8 Console (config-if)# switchport forbidden vlan add 234-256 5.27.16 map protocol protocols-group The map protocol protocols-group VLAN database command adds a special protocol to a named group of protocols, which may be used for protocol-based VLAN assignment. To delete a protocol from a group, use the no form of this command. Syntax map protocol protocol [encapsulation] protocols-group group no map protocol protocol encapsulation...
Page 344: Switchport General Map Protocols-Group Vlan
User’s Manual of WGSW-24020/WGSW-48040 5.27.17 switchport general map protocols-group vlan The switchport general map protocols-group vlan interface configuration command sets a protocol-based classification rule. To delete a classification, use the no form of this command. Syntax switchport general map protocols-group group vlan vlan-id no switchport general map protocols-group group group —...
Page 345: Show Vlan
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Interface configuration (Ethernet, port-channel) User Guidelines An internal usage VLAN is required when an IP interface is defined on Ethernet port or Port-channel. Using this command the user can define the internal usage VLAN of a port. If an internal-usage is not defined for a Port, and the user wants to define an IP interface, the software chooses one of the unused VLANs.
Page 346: Show Vlan Internal Usage
User’s Manual of WGSW-24020/WGSW-48040 Vlan Name Ports Type Authorization ---- ----------------- --------------------------- ----------- ------------------- e(1,4-8),g(1-2),ch(1-8) other Required VLAN_2 permanent Required VLAN_3 permanent Required 5.27.20 show vlan internal usage The show vlan internal usage privileged EXEC command displays a list of VLANs being used internally by the switch. Syntax show vlan internal usage Default Configuration...
Page 347 User’s Manual of WGSW-24020/WGSW-48040 Syntax show interfaces switchport {ethernet interface | port-channel port-channel-number} interface — Specific interface, such as ethernet e8. port-channel-number — Valid port-channel trunk index. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Page 348: Web Server Commands
User’s Manual of WGSW-24020/WGSW-48040 5.28 Web Server Commands 5.28.1 ip http server The ip http server global configuration command enables the device to be configured from a browser. To disable this function use the no form of this command. Syntax ip http server no ip http server Default Configuration...
Page 349: Ip Https Server
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration This default port number is 80. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. However, specifying 0 as the port number will effectively disable HTTP access to the device. Example The following example shows how the http port number is configured to 100.
Page 350: Ip Https Port
User’s Manual of WGSW-24020/WGSW-48040 5.28.4 ip https port The ip https port global configuration command configures a TCP port for use by a secure web browser to configure the device. To use the default port, use the no form of this command. Syntax ip https port port-number no ip https port...
Page 351: Show Ip Http
User’s Manual of WGSW-24020/WGSW-48040 in the private configuration, which is never displayed to the user or backed up to another device. Example The following example regenerates a HTTPS certificate. Console (enable)# crypto certificate generate key-generate 5.28.6 show ip http The show ip http privileged EXEC command displays the HTTP server configuration. Syntax show ip http Default Configuration...
Page 352: Commands
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Privileged EXEC command User Guidelines There are no user guidelines for this command. Example The following example displays the HTTP server configuration. Console# show ip https HTTPS server enabled. Port: 443 Certificate was generated. 5.29 802.1x Commands 5.29.1 aaa authentication dot1x The aaa authentication dot1x global configuration command specifies one or more authentication, authorization, and...
Page 353: Dot1X System-Auth-Control
User’s Manual of WGSW-24020/WGSW-48040 Examples The following example uses the aaa authentication dot1x default command with no authentication. Console (config)# aaa authentication dot1x default none 5.29.2 dot1x system-auth-control The dot1x system-auto-control command enables 802.1x globally. Use the no form of this command to disable 802.1x globally. dot1x system-auto-control no dot1x system-auto-control Syntax...
Page 354: Dot1X Re-Authentication
User’s Manual of WGSW-24020/WGSW-48040 force-authorized — Disable 802.1X authentication on the interface and cause the port to transition to the authorized state without any authentication exchange required. The port resends and receives normal traffic without 802.1X-based authentication of the client. force-unauthorized —...
Page 355: Dot1X Timeout Re-Authperiod
User’s Manual of WGSW-24020/WGSW-48040 Examples The following example enables periodic re-authentication of the client. Console (config)# interface ethernet e8 Console (config-if)# dot1x re-authentication 5.29.5 dot1x timeout re-authperiod The dot1x timeout re-authperiod interface configuration command sets the number of seconds between reauthentication attempts.
Page 356: Dot1X Timeout Quiet-Period
User’s Manual of WGSW-24020/WGSW-48040 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Examples The following command manually initiates a re-authentication of the 802.1X-enabled port. Console (config)# dot1x re-authenticate ethernet e8 5.29.7 dot1x timeout quiet-period The dot1x timeout quiet-period interface configuration command sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange (for example, the client provided an invalid password).
Page 357: Dot1X Timeout Tx-Period
User’s Manual of WGSW-24020/WGSW-48040 exchange, to 3600. Console (config)# interface ethernet e8 Console (config-if)# dot1x timeout quiet-period 3600 5.29.8 dot1x timeout tx-period The dot1x timeout tx-period interface configuration command sets the number of seconds that the switch waits for a response to an Extensible Authentication Protocol (EAP) - request/identity frame, from the client, before resending the request.
Page 358: Dot1X Max-Req
User’s Manual of WGSW-24020/WGSW-48040 5.29.9 dot1x max-req The dot1x max-req interface configuration command sets the maximum number of times that the switch sends an Extensible Authentication Protocol (EAP) - request/identity frame (assuming that no response is received) to the client, before restarting the authentication process.
Page 359: Dot1X Timeout Server-Timeout
User’s Manual of WGSW-24020/WGSW-48040 Command Mode Interface configuration (Ethernet) mode User Guidelines The default value of this command should be changed only to adjust to unusual circumstances, such as unreliable links or specific behavioral problems with certain clients and authentication servers. Examples The following example sets the time for the retransmission of an EAP-request frame to the client, to 3600 seconds.
Page 360: Show Dot1X
User’s Manual of WGSW-24020/WGSW-48040 5.29.12 show dot1x The show dot1x privileged EXEC command displays 802.1X status for the switch or for the specified interface. Syntax show dot1x [ethernet interface] interface —The full syntax is: unit/port. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 361 User’s Manual of WGSW-24020/WGSW-48040 * Port is down or not present Console# show dot1x ethernet e3 Interface Admin Mode Oper Mode Reauth Reauth Username Control Period 1/e3 Auto Unauthorized 3600 Clark State: held Quiet period: 60 Tx period: 30 Max req: 2 Login Time: n/a Last Authentication: n/a MAC Address: 0008.7832.9878...
Page 362: Show Dot1X Users
User’s Manual of WGSW-24020/WGSW-48040 Last Authentication Time since last authentication. Mac address The supplicant MAC address. 5.29.13 show dot1x users The show dot1x users privileged EXEC command displays 802.1X users for the switch. Syntax show dot1x users [username username] username — Supplicant username Default Configuration This command has no default configuration.
Page 363: Show Dot1X Statistics
User’s Manual of WGSW-24020/WGSW-48040 Field Description Username The User-Name representing the identity of the Supplicant. Login Time How long the user is logged in. Last Authentication Time since last authentication. Authentication Method The authentication method used to establish the session. Mac address The supplicant MAC address.
Page 364: Dot1X Auth-Not-Req
User’s Manual of WGSW-24020/WGSW-48040 EapolRespFramesRx: 6 EapolReqIdFramesTx: 3 EapolReqFramesTx: 6 InvalidEapolFramesRx: 0 EapLengthErrorFramesRx: 0 LastEapolFrameVersion: 1 LastEapolFrameSource: 0008.3b79.8787 The following table describes the significant fields shown in the display: Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator.
Page 365: Dot1X Multiple-Hosts
User’s Manual of WGSW-24020/WGSW-48040 no dot1x auth-not-req This command has no arguments or keywords. Default Configuration User should be authorized to access the VLAN. Command Mode Interface configuration (VLAN) mode User Guidelines To define a VLAN for authorized and unauthorized users use the dot1x auth-not-req interface VLAN command. Examples The following example enables unauthorized users access to the VLAN.
Page 366: Dot1X Single-Host-Violation
User’s Manual of WGSW-24020/WGSW-48040 5.29.17 dot1x single-host-violation The dot1x single-host-violation interface configuration command configures the action to be taken, when a station whose MAC address is not the supplicant MAC address, attempts to access the interface. Use the no form of this command to return to default.
Page 367 User’s Manual of WGSW-24020/WGSW-48040 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Examples The following example displays 802.1X advanced features for the switch. Switch# show dot1x advanced Guest VLAN: 3978 Unauthenticated VLANs: 91, 92 Use user attributes from Authentication Server: Enabled User VLAN not created: Create Interface...
Page 368: Trouble Shooting
User’s Manual of WGSW-24020/WGSW-48040 TROUBLE SHOOTING This chapter contains information to help you solve problems. If the Switch is not functioning properly, make sure the Ethernet Switch was set up according to instructions in this manual. The Link LED is not lit Solution: Check the cable connection and remove duplex mode of the Switch.
Page 369: Appendex A
User’s Manual of WGSW-24020/WGSW-48040 APPENDEX A A.1 Switch's RJ-45 Pin Assignments When connecting your 10/100Mbps Ethernet Switch to another switch, a bridge or a hub, a straight or crossover cable is necessary. Each port of the Switch supports auto-MDI/MDI-X detection. That means you can directly connect the Switch to any Ethernet devices without making a crossover cable.
Page 370 User’s Manual of WGSW-24020/WGSW-48040 The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded. The following shows the pin allocation and color of straight cable and crossover cable connection: Straight Cable SIDE 1 SIDE2 SIDE 1 1 = White / Orange...
Page 371: Available Modules
User’s Manual of WGSW-24020/WGSW-48040 A.3 Available Modules The following list the available Modules for WGSW-24020/WGSW-48040 SFP-port 1000Base-T Module MGB-GT SFP-port 1000Base-SX mini-GBIC module MGB-SX SFP-port 1000Base-LX mini-GBIC module MGB-LX SFP-port 1000Base-LX mini-GBIC module-50KM MGB-L50 SFP-port 1000Base-LX mini-GBIC module-70KM MGB-L70 SFP-port 1000Base-LX mini-GBIC module-120KM MGB-L120 SFP-port 1000Base-LX (WDM,TX:1310nm) mini-GBIC module-10KM MGB-LA10...

This manual is also suitable for:

Wsgw-48040

Planet Networking & Communication WSGW-24020 User Manual

1 Introduction

2 Installation

3 Configuration

4 Web Configuration

5 Command Structure

Quick Links

Related Manuals for Planet Networking & Communication WSGW-24020

Summary of Contents for Planet Networking & Communication WSGW-24020