Page 1 NS3500-24T-4C Managed Switch User Manual P/N 1073386-EN • REV A • ISS 08FEB18...
Page 2 Copyright © 2018 United Technologies Corporation. Interlogix is part of UTC Climate, Controls & Security, a unit of United Technologies Corporation. All rights reserved. Trademarks and patents Trade names used in this document may be trademarks or registered trademarks of the manufacturers or vendors of the respective products.
Page 3: Table Of Contents
Access Control Lists (ACL) 191 Authentication 204 Security 239 Address table 254 LLDP 260 Network diagnostics 274 Loop protection 278 RMON 280 Chapter 5 Switch operation 290 Address table 290 Learning 290 Forwarding and filtering 290 NS3500-24T-4C Managed Switch User Manual...
Page 4 Store-and-forward 290 Auto-negotiation 291 Chapter 6 Troubleshooting 292 Appendix A Networking connection 293 Glossary 295 NS3500-24T-4C Managed Switch User Manual...
Page 5: Important Information
Note: Note messages advise you of the possible loss of time or effort. They describe how to avoid the loss. Notes are also used to point out important information that you should read. NS3500-24T-4C Managed Switch User Manual...
Page 6: Introduction
Note: User manuals and install guides are available for download from www.interlogix.com. NS3500-24T-4C Managed Switch User Manual...
Page 7: Product Description
10/100/1000BASE-T with 4-Port Shared 100/1000Base-X SFP and supports static Layer 3 routing for enterprise-level network. The abundant L2 / L4 switching engine offered by the NS3500-24T-4C performs effective data traffic control for enterprises and VoIP service providers, video streaming, and multicast applications. Providing user-...
Page 8 Moreover, the managed switch offers secure management remotely by supporting SSH, SSL, and SNMP v3 connections where the packet content can be encrypted at each session. NS3500-24T-4C Managed Switch User Manual...
Page 9 The managed switch series supports a SFP-DDM (Digital Diagnostic Monitor) function that can easily monitor real-time parameters of the SFP and SFP+ transceivers, such as optical output power, optical input power, temperature, laser bias current, and transceiver supply voltage. NS3500-24T-4C Managed Switch User Manual...
Page 10: Product Features
Provider Bridging (VLAN Q-in-Q) support (IEEE 802.1ad) • Private VLAN Edge (PVE) • Protocol-based VLAN • MAC-based VLAN • Up to 255 VLANs groups, out of 4095 VLAN IDs • IP Subnet-based VLAN • Voice VLAN • Management VLAN NS3500-24T-4C Managed Switch User Manual...
Page 11 Supports IGMP snooping v1, v2, and v3 for IPv4 multicasting networks • Supports MLD snooping v1 and v2 for IPv6 multicasting networks • Querier mode support • IGMP snooping port filtering • MLD snooping port filtering NS3500-24T-4C Managed Switch User Manual...
Page 12 Built-in Trivial File Transfer Protocol (TFTP) client • Four RMON groups (history, statistics, alarms, and events) • IPv6 IP address / NTP / DNS management and ICMPv6 • BOOTP and DHCP for IP address assignment NS3500-24T-4C Managed Switch User Manual...
Page 13: Product Specifications
Max. 20.3 W / 69365 BTU Power Requirement AC 100~240 V, 50/60 Hz, 0.4 A Layer 2 Management Functions Port disable / enable Port Configuration Auto-negotiation 10/100/1000Mbps full and half duplex mode selection Flow control disable / enable NS3500-24T-4C Managed Switch User Manual...
Page 14 Maximum of eight VLAN interfaces Routing Table Maximum of 32 routing entries IPv4 software static routing Routing Protocols IPv6 software static routing Management Basic Management Interfaces Console, Telnet, web browser, SNMP v1, v2c SSH, SSL, SNMP v3 Secure Management NS3500-24T-4C Managed Switch User Manual...
Page 15 IEEE 802.1w Rapid Spanning Tree Protocol IEEE 802.1s Multiple Spanning Tree Protocol IEEE 802.1p Class of Service Environment Temperature: 0 to 50°C Operating Relative Humidity: 5 to 95% (non-condensing) Temperature: -10 to 70°C Storage Relative Humidity: 5 to 95% (non-condensing) NS3500-24T-4C Managed Switch User Manual...
Page 16: Installation
The included DB9 console cable connects to the console port on the device. After making the connection, users can run any terminal emulation program (Hyper Terminal, ProComm Plus, Telix, Winterm, and so on) to enter the startup screen of the device NS3500-24T-4C Managed Switch User Manual...
Page 17 Blinking: indicates that the switch is actively sending or receiving data over that port. LNK/ACT Orange Lit: indicates that the link through that port is established. Blinking: indicates that the port is actively sending or receiving data over that port. NS3500-24T-4C Managed Switch User Manual...
Page 18 1. Attach the rubber feet to the recessed areas on the bottom of the managed switch. 2. Place the managed switch on the desktop or the shelf near an AC power source, as shown below: NS3500-24T-4C Managed Switch User Manual...
Page 19 4. Follow the same steps to attach the second bracket to the opposite side. 5. After the brackets are attached to the managed switch, use suitable screws to securely attach the brackets to the rack, as shown below. NS3500-24T-4C Managed Switch User Manual...
Page 20 Installing the SFP transceiver SFP transceivers are hot-pluggable and hot-swappable. They can be plugged in and removed to/from any SFP port without having to power down the managed switch (see below). NS3500-24T-4C Managed Switch User Manual...
Page 21 Chapter 2: Installation Approved Interlogix SFP transceivers The managed switch supports both single mode and multi-mode SFP transceivers. The following list of approved Interlogix SFP transceivers is valid as of the time of publication: Optical Optical Receiver Fiber # of...
Page 22 * Note: High Power Optic. There must be a minimum of 5 dB of optical loss to the fiber for proper operation. Note: We recommend the use of Interlogix SFPs on the managed switch. If you insert an SFP transceiver that is not supported, the managed switch will not recognize it.
Page 23 Never pull out the module without making use of the lever or the push bolts on the module. Removing the module with force could damage the module and the SFP module slot of the managed switch. NS3500-24T-4C Managed Switch User Manual...
Page 24: Switch Management
Management access overview The managed switch provides the flexibility to access and manage it using any or all of the following methods: • An administration console • Web browser interface • An external SNMP-based network management application NS3500-24T-4C Managed Switch User Manual...
Page 25: Administration Console
Using this method, you can view the administration console from a terminal, a computer, or workstation connected to the managed switch's console (serial) port. NS3500-24T-4C Managed Switch User Manual...
Page 26 A computer attachment can use any terminal emulation program for connecting to the terminal serial port. A workstation attachment under UNIX can use an emulator such as TIP. NS3500-24T-4C Managed Switch User Manual...
Page 27: Web Management
MIBs. However, if it only knows the get community string, it can only read MIBs. The default get and set community strings for the managed switch are public. NS3500-24T-4C Managed Switch User Manual...
Page 28: Smart Discovery Utility
Update All button: • Update Device: Use the current setting on one single device. • Update Multi: Use the current setting on multi-devices. • Update All: Use the current setting on all devices in the list. NS3500-24T-4C Managed Switch User Manual...
Page 29 Web Smart Switch under a different IP subnet address. 6. Click the Connect to Device button and the web login screen appears. 7. Click the Exit button to shut down the Smart Discovery Utility. NS3500-24T-4C Managed Switch User Manual...
Page 30: Web Configuration
If the default IP address of the managed switch has been changed to 192.168.1.1 with subnet mask 255.255.255.0 via the console, then the administrator computer should be set at 192.168.1.x (where x is a number between 2 and 254) to do the relative configuration on a manager computer. NS3500-24T-4C Managed Switch User Manual...
Page 31: Main Web
Main web page This section describes how to use the managed switch’s web browser interface for configuration and management. 1. Main menu 4. Help 2. Copper port link status 5. Main screen 3. SFP port link status NS3500-24T-4C Managed Switch User Manual...
Page 32: System
Under the System list, the following topics are provided to configure and view the system information. This list contains the following items: Item Function System Information The managed switch system information is provided here. NS3500-24T-4C Managed Switch User Manual...
Page 33 You can restart the managed switch on this page. After restarting, the managed switch will boot normally. System information The System Infomation page provides information on the current device such as the hardware MAC address, software version, and system uptime. NS3500-24T-4C Managed Switch User Manual...
Page 34 This page includes the IP Configuration, IP Interface, and IP Routes. The configured column is used to view or change the IP configuration. The maximum number of interfaces supported is 128 and the maximum number of routes is 32. NS3500-24T-4C Managed Switch User Manual...
Page 35 (less index has higher priority) in doing DNS name resolution. The following modes are supported: No DNS server – No DNS server will be used. NS3500-24T-4C Managed Switch User Manual...
Page 36 IPv4 operation on the interface is not required, or if no DHCP fallback address is required The IPv4 network mask, in number of bits (prefix length). Mask Length Valid values are between 0 and 30 bits for a IPv4 NS3500-24T-4C Managed Switch User Manual...
Page 37 Next Hop VLAN associated with the gateway. The given VID ranges from 1 to 4095 and will be effective only when the corresponding IPv6 interface is valid. If the IPv6 gateway address is link-local, it must specify NS3500-24T-4C Managed Switch User Manual...
Page 38 IP status IP status displays the status of the IP protocol layer. The status is defined by the IP interfaces, the IP routes, and the neighbour cache (ARP cache) status. NS3500-24T-4C Managed Switch User Manual...
Page 39 User privileges should be the same or greater than the group privilege level to have access to that group. By default, most groups’ privilege level 5 has read-only access and privilege level NS3500-24T-4C Managed Switch User Manual...
Page 40 10 for a standard user account, and privilege level 5 for a guest account. Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 41 Privilege levels This page provides an overview of the privilege levels. After setup is complete, click the Apply button and log in to the web interface with the new user name and password. The following appears: NS3500-24T-4C Managed Switch User Manual...
Page 42 Configure NTP on this page. NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer systems. NTP uses UDP (data grams) as a transport layer. You can specify NTP servers in this page. NS3500-24T-4C Managed Switch User Manual...
Page 43 Example: 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It also uses an IPv4 address (for example, '::192.1.2.34'). NS3500-24T-4C Managed Switch User Manual...
Page 44 It is convenient for areas in close commercial or other communication to maintain the same time, so time zones tend to follow the boundaries of countries and their subdivisions. Configure the time zone on the Time Zone Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 45 UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in home (data sharing, communications, and entertainment) and corporate environments for easy installation of computer components. Configure UPnP on the UPnP Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 46 Addressing Mode is static. Valid configurable values ranges from 1 to 4095. Default value is 1. Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 47 The parameter of "port_no" is the fourth byte and it means the port number. The remote ID is six bytes in length, and the value equals the DHCP relay agent’s MAC address. Configure DHCP relay in the DHCP Relay Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 48 Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. DHCP relay statistics This page provides statistics for DHCP relay. NS3500-24T-4C Managed Switch User Manual...
Page 49 The number of packets received is dropped with the relay agent information option. Buttons • Select the Auto-refresh check box to refresh the page automatically. Automatic refresh occurs every three seconds. • Click Refresh to immediately refresh the page. NS3500-24T-4C Managed Switch User Manual...
Page 50 If the browser does not display anything on this page, download the Adobe SVG tool and install it in the computer. System log The System Log Information page shows the managed switch system log information. NS3500-24T-4C Managed Switch User Manual...
Page 51 ID. • Click << to update the system log entries, ending at the last entry currently displayed. • Click >> to update the system log entries, starting from the last entry currently displayed. NS3500-24T-4C Managed Switch User Manual...
Page 52 ID. • Click Print to print the system log entry to the current entry ID. Remote syslog The System Log Configuration page displays the managed switch remote system log information details. NS3500-24T-4C Managed Switch User Manual...
Page 53 Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. SMTP configuration The SMTP Configuration page displays the managed switch SMTP configuration details. NS3500-24T-4C Managed Switch User Manual...
Page 54 • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. Web firmware upgrade Update the managed switch firmware using the Firmware Upload page. NS3500-24T-4C Managed Switch User Manual...
Page 55 Otherwise, the system won’t apply the new firmware and the user has to repeat the firmware upgrade process. Save startup configuration This function ensures that the current active configuration can be used after the next reboot. After clicking Save Configuration, the following screen appears. NS3500-24T-4C Managed Switch User Manual...
Page 56 The Download Configuration page permits the download of the running-config, startup- config, and default-config system files to the switch. Configuration upload The Upload Configuration page permits the upload of the running-config and startup- config to the switch. NS3500-24T-4C Managed Switch User Manual...
Page 57 It is possible to activate any of the configuration files present on the switch, except for running-config which represents the currently active configuration. Select the file to activate and click Activate Configuration. This initiates the process of completely replacing the existing configuration with that of the selected file. NS3500-24T-4C Managed Switch User Manual...
Page 58 2. The firmware version and date information may be empty for older firmware releases. This does not constitute an error. NS3500-24T-4C Managed Switch User Manual...
Page 59: Dhcp Server
The DHCP Server Excluded IP Configuration page offers permits exclusion of IP addresses for static IP address devices, such as servers or routesr. The DHCP server will not allocate these excluded IP addresses to the DHCP client. NS3500-24T-4C Managed Switch User Manual...
Page 60 DHCP client. Adding a pool and giving it a name creates a new pool with a default configuration. If you want to configure all settings including type, IP subnet mask, and lease time, click the pool name to go into the configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 61 Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. Click a pool name to configure DHCP pool settings on the DHCP Pool Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 62 Chapter 4: Web configuration NS3500-24T-4C Managed Switch User Manual...
Page 63 DHCP option 51, 58 and 59. Specifies the lease time that allows the client to request a lease time for the IP address. If all are 0's, then it means the lease time is infinite. NS3500-24T-4C Managed Switch User Manual...
Page 64 DHCP server delivers the corresponding option 43 specific information to the client that sends an option 60 vendor class identifier. Vendor 1 Specific DHCP option 43. Information Specifies the vendor specific information according to the option 60 NS3500-24T-4C Managed Switch User Manual...
Page 65 Statistics The DHCP Server Statistics page displays the database counters and the number of DHCP messages sent and received by the DHCP server. NS3500-24T-4C Managed Switch User Manual...
Page 66 Number of bindings that the administrator assigns an IP address to a client (host pool type). Expired Binding Number of bindings in which the lease time expired or they are cleared from Automatic/Manual type bindings. NS3500-24T-4C Managed Switch User Manual...
Page 67 Click Clear to clear DHCP message received and sent counters. Binding The DHCP Server Binding IP page displays bindings generated for DHCP clients. The page includes the following fields: Binding IP address Displays all bindings. NS3500-24T-4C Managed Switch User Manual...
Page 68 The DHCP Server Declined IP page displays declined IP addresses. The page includes the following fields: Declined IP address Displays IP addresses declined by DHCP clients. Object Description Declined IP List of IP addresses declined. NS3500-24T-4C Managed Switch User Manual...
Page 69 RX and TX Release The number of release (option 53 with value 7) packets received and transmitted. RX and TX Inform The number of inform (option 53 with value 8) packets received and transmitted. NS3500-24T-4C Managed Switch User Manual...
Page 70: Udld
• Click Clear to clear the counters for the selected port. UDLD The UDLD Port Configuration page permits the user to inspect and change the current Unidirectional Link Detection (UDLD) configurations. NS3500-24T-4C Managed Switch User Manual...
Page 71 Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. UDLD status The Detailed UDLD Status/Neighbor Status page displays the UDLD status of the ports. NS3500-24T-4C Managed Switch User Manual...
Page 72: Simple Network Management Protocol (Snmp)
Physically, NMSs are usually engineering workstation-caliber computers with fast CPUs, megapixel color displays, substantial memory, and abundant disk space. At least one NMS must be present in each managed environment. NS3500-24T-4C Managed Switch User Manual...
Page 73 Use the SNMP Menu to display or configure the managed switch's SNMP function. This section has the following items: System Configuration Configure SNMP on this page. Trap Destination Configure SNMP trap on this page. Configuration NS3500-24T-4C Managed Switch User Manual...
Page 74 'F's are not allowed. Change of the Engine ID will clear all original local users. Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 75 Trap Community Indicates the community access string when sending the SNMP trap packet. The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 33 to 126. NS3500-24T-4C Managed Switch User Manual...
Page 76 Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. SNMP system information The switch system information is provided in the System Information Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 77 If you want to apply link up or link down to one of ports, input the SNMP OID to the subset OID column. For example, if you want apply a link down trap to port1, input “10000001” in the linkDown entry. NS3500-24T-4C Managed Switch User Manual...
Page 78 OID count must not exceed 128. Buttons • Click Add New Entry to add a new community entry. • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 79 Click Reset to undo any changes made locally and revert to previously saved values. SNMPv3 users Configure SNMPv3 users on the SNMPv3 User Configuration page. The entry index keys are Engine ID and User Name. NS3500-24T-4C Managed Switch User Manual...
Page 80 8 to 40. The allowed content is the ASCII characters from 33 to 126. Privacy Protocol Indicates the privacy protocol that this entry should belong to. Selections include: None: None privacy protocol. NS3500-24T-4C Managed Switch User Manual...
Page 81 Click Reset to undo any changes made locally and revert to previously saved values. SNMPv3 groups Configure SNMPv3 groups on the SMNPv3 Group Configuration page. The entry index keys are Security Model and Security Name. NS3500-24T-4C Managed Switch User Manual...
Page 82 1 to 32, and the allowed content is the ASCII characters from 33 to 126. View Type Indicates the view type that this entry should belong to. Selections include: included: An optional flag to indicate that this view subtree should be included. NS3500-24T-4C Managed Switch User Manual...
Page 83 User-based Security Model (USM) Security Level Indicates the security model that this entry should belong to. Selections include: NoAuth, NoPriv: None authentication and none privacy. Auth, NoPriv: Authentication and none privacy. Auth, Priv: Authentication and privacy. NS3500-24T-4C Managed Switch User Manual...
Page 84: Port Management
Port Statistics Detail Lists Ethernet and RMON port statistics SFP Module Information Displays SFP information Port Mirror Sets the source and target ports for mirroring Port configuration Ports can be configured on the Port Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 85 Check the configured column to use flow control. This setting is related to the setting for Configured Link Speed. Maximum Frame Size Enter the maximum frame size allowed for the switch port, including FCS. The allowed range is 1518 bytes to 9600 bytes. NS3500-24T-4C Managed Switch User Manual...
Page 86 • Click Refresh to refresh the page and undo all local changes. Port statistics overview The Port Statistics Overview page provides an overview of general traffic statistics for all switch ports. NS3500-24T-4C Managed Switch User Manual...
Page 87 The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit. NS3500-24T-4C Managed Switch User Manual...
Page 88 The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes. Receive and transmit queue counters The number of received and transmitted packets per input and output queue. NS3500-24T-4C Managed Switch User Manual...
Page 89 You can also use the port number hyperlinks to check the statistics on a specific interface. NS3500-24T-4C Managed Switch User Manual...
Page 90 Warning Temperature setting and allows users to record message out via SNMP Trap. • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 91 The traffic to be copied to the mirror port is selected as follows: • All frames received on a given port (also known as ingress or source mirroring). • All frames transmitted on a given port (also known as egress or destination mirroring). NS3500-24T-4C Managed Switch User Manual...
Page 92 Tx frames on the mirror port. Because of this, the mode for the selected mirror port is limited to Disabled only. Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 93: Link Aggregation
LACP ports, the devices establish a LAG between them. The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between partner systems that require high speed redundant links. Link aggregation permits grouping up to eight consecutive ports into a single NS3500-24T-4C Managed Switch User Manual...
Page 94 Reording of frames within a flow is therefore not possible. The aggregation code is based on the following information: • Source MAC • Destination MAC • Source and destination IPv4 address. • Source and destination TCP/UDP ports for IPv4 packets NS3500-24T-4C Managed Switch User Manual...
Page 95 The TCP/UDP port number can be used to calculate the destination port for the frame. Select the check box to enable the use of the TCP/UDP Port Number, or uncheck it to disable. By default, the TCP/UDP Port Number is enabled. NS3500-24T-4C Managed Switch User Manual...
Page 96 Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. Static aggregation status The Aggregation Status page shows static aggregation status. NS3500-24T-4C Managed Switch User Manual...
Page 97 LAG. This page allows the user to inspect and change the current LACP port configurations. The LACP port settings relate to the current device, as reflected by the page header. NS3500-24T-4C Managed Switch User Manual...
Page 98 LACP system status The LACP System Status page provides a status overview of all LACP instances. This page displays the current LACP aggregation groups and LACP port status. NS3500-24T-4C Managed Switch User Manual...
Page 99 LACP port status The LACP Status page provides a LACP status overview of all ports. This page displays the current LACP aggregation groups and LACP port status. NS3500-24T-4C Managed Switch User Manual...
Page 100 • Select the Auto-refresh check box to automatically refresh the page every three seconds. LACP port statistics The LACP Statistics page provides an overview of LACP statistics for all ports. NS3500-24T-4C Managed Switch User Manual...
Page 101: Vlan
VLANs. 2. The managed switch supports IEEE 802.1Q VLAN. The port untagging function can be used to remove the 802.1 tag from packet headers to maintain compatibility with devices that are tag-unaware. NS3500-24T-4C Managed Switch User Manual...
Page 102 Up to 255 VLANs based on the IEEE 802.1Q standard. • Port overlapping, allowing a port to participate in multiple VLANs. • End stations can belong to multiple VLANs. • Passing traffic between VLAN-aware and VLAN-unaware devices. • Priority tagging NS3500-24T-4C Managed Switch User Manual...
Page 103 VID is 12 bits long, 4094 unique VLAN can be identified. The tag is inserted into the packet header making the entire packet longer by four octets. All of the information originally contained in the packet is retained. NS3500-24T-4C Managed Switch User Manual...
Page 104 A switch port can have only one PVID, but can have as many VIDs as the switch has memory in its VLAN table to store them. NS3500-24T-4C Managed Switch User Manual...
Page 105 VLANs configured on the switch. Packets are forwarded only between ports that are designated for the same VLAN. Untagged VLANs can be used to manually isolate user groups or subnets. NS3500-24T-4C Managed Switch User Manual...
Page 106 Assigning a unique range of VLAN IDs to each customer would restrict customer configurations, require intensive processing of VLAN mapping tables, and could easily exceed the maximum VLAN limit of 4096. NS3500-24T-4C Managed Switch User Manual...
Page 107 In cases where a given service VLAN only has two member ports on the switch, the learning can be disabled for the particular VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports. This way, the MAC table requirements are reduced. Global VLAN configuration NS3500-24T-4C Managed Switch User Manual...
Page 108 Ethertype for Custom S- This field specifies the Ethertype/TPID (specified in hexadecimal) ports used for custom S-ports. The setting is in force for all ports whose Port Type is set to S-Custom-port. Port VLAN configuration NS3500-24T-4C Managed Switch User Manual...
Page 109 VLAN tag is used to classify the frame on ingress to a particular VLAN, and if so, which TPID it reacts on. Likewise, on egress, the Port Type determines the TPID of the tag, if a tag is required. NS3500-24T-4C Managed Switch User Manual...
Page 110 1-4095. The field may be left empty, which means that the port will not become member of any VLANs. Forbidden VLANs A port may be configured to never be a member of one or more NS3500-24T-4C Managed Switch User Manual...
Page 111 IP phones. : MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN. Multicast traffic for all channels is sent only on a single (multicast) VLAN. NS3500-24T-4C Managed Switch User Manual...
Page 112 VLAN ID). • Click >> to update the table, starting with the entry after the last entry currently displayed. VLAN port status The VLAN Port Status for Combined users page provides VLAN port status. NS3500-24T-4C Managed Switch User Manual...
Page 113 By default, all ports are VLAN unaware and are members of VLAN 1 and private VLAN 1. A VLAN unaware port can only be a member of one VLAN, but it can be a member of multiple private VLANs. NS3500-24T-4C Managed Switch User Manual...
Page 114 Port isolation When a VLAN is configured to be a private VLAN, communication between ports within that VLAN can be prevented. Two application examples are provided in this section: NS3500-24T-4C Managed Switch User Manual...
Page 115 The configuration of promiscuous and isolated ports applies to all private VLANs. When traffic comes in on a promiscuous port in a private VLAN, the VLAN mask from the VLAN table is applied. When traffic comes in on an isolated port, the private VLAN NS3500-24T-4C Managed Switch User Manual...
Page 116 The diagram below shows how the managed switch handles tagged and untagged traffic flow for two VLANs. VLAN Group 2 and VLAN Group 3 are separated VLANs. Each VLAN isolates network traffic, so only members of the VLAN receive traffic from NS3500-24T-4C Managed Switch User Manual...
Page 117 1. While [PC-3], a tagged packet with VLAN Tag=2 enters Port-3, [PC-1] and [PC-2] will receive the packet through Port-1 and Port-2. 2. While the packet leaves Port-1 and Port-2, it will be stripped away, becoming an untagged packet. NS3500-24T-4C Managed Switch User Manual...
Page 118 3. Enable VLAN Tag for specific ports Link Type: Port-3 (VLAN-2) and Port-6 (VLAN-3) Change Port 3 Mode as Trunk and select Egress Tagging as Tag All and Types 2 in the Allowed VLANs column. NS3500-24T-4C Managed Switch User Manual...
Page 119 In most cases, they are used for “Uplink” to other switches. VLANs are separated at different switches, but they need access to other switches within the same VLAN group. Setup steps 1. Add a VLAN group. Add two VLANs – VLAN 2 and VLAN 3 NS3500-24T-4C Managed Switch User Manual...
Page 120 For example, include Port-7 to be VLAN 2 and VLAN 3 member ports. 5. Specify Port-7 to be the 802.1Q VLAN trunk port, and the trunking port must be a tagged port during egress. The Port-7 configuration is shown below. NS3500-24T-4C Managed Switch User Manual...
Page 121 However, each computer requires access to the same server/AP/Printer. This section explains how to configure the port for the server so that it can be accessed by each isolated port. NS3500-24T-4C Managed Switch User Manual...
Page 122 The MAC-based VLAN entries can be configured on the MAC-based VLAN Membership Configuration page. This page allows for adding and deleting MAC-based VLAN entries and assigning the entries to different ports. This page shows only static entries. NS3500-24T-4C Managed Switch User Manual...
Page 123 Click >> to update the table, starting with the entry after the last entry currently displayed. MAC-based VLAN status The MAC-based VLAN Membership Status page shows MAC-based VLAN entries configured by various MAC-based VLAN users NS3500-24T-4C Managed Switch User Manual...
Page 124 The IP subnet-based VLAN entries can be configured on the IP Subnet-based VLAN Membership Configuration page. This page allows for adding, updating, and deleting IP subnet-based VLAN entries and assigning the entries to different ports. This page shows only static entries. NS3500-24T-4C Managed Switch User Manual...
Page 125 The Protocol to Group Mapping Table page permits the addition of new protocols to the Group Name (unique for each Group) mapping entries, and allows you to see and delete entries already mapped for the switch. NS3500-24T-4C Managed Switch User Manual...
Page 126 An empty row to VLAN mapping is added to the table, and Frame Type, Value, and the Group Name can be entry configured as needed. Click the Delete button to undo the addition of a new entry. NS3500-24T-4C Managed Switch User Manual...
Page 127 An empty row to VLAN mapping is added to the table, and Frame Type, Value, and the Group Name can be entry configured as needed. Click the Delete button to undo the addition of a new entry. NS3500-24T-4C Managed Switch User Manual...
Page 128: Spanning Tree Protocol (Stp)
Please read the following before making any changes from the default values. The switch STP performs the following functions: • Creates a single spanning tree from any combination of switching or bridging elements. NS3500-24T-4C Managed Switch User Manual...
Page 129 When STP is enabled using the default parameters, the path between source and destination stations in a switched network might not be ideal. For example, connecting higher-speed links to a port that has a higher number than the current root port can cause a root-port change. NS3500-24T-4C Managed Switch User Manual...
Page 130 From initialization (switch boot) to blocking. • From blocking to listening or to disabled. • From listening to learning or to disabled. • From learning to forwarding or to disabled. • From forwarding to disabled. • From disabled to blocking. NS3500-24T-4C Managed Switch User Manual...
Page 131 On the switch level, STP calculates the bridge identifier for each switch and then sets the root bridge and the designated bridges. On the port level, STP sets the root port and the designated ports. NS3500-24T-4C Managed Switch User Manual...
Page 132 The user changeable parameters in the switch are as follows: • Priority – A priority for the switch can be set from 0 to 65535. 0 is equal to the highest priority. NS3500-24T-4C Managed Switch User Manual...
Page 133 Illustration of STP A simple illustration of three switches connected in a loop is depicted in the following diagram. In this example, you can anticipate some major network problems if the STP assistance is not applied. NS3500-24T-4C Managed Switch User Manual...
Page 134 C is deliberately chosen as a 100 Mbps Fast Ethernet link (default port cost = 200,000). Gigabit ports could be used, but the port cost should be increased from the default to ensure that the link between switch B and switch C is the blocked link. NS3500-24T-4C Managed Switch User Manual...
Page 135 STP/RSTP bridge. Forward Delay The delay used by STP bridges to transition root and designated ports to forwarding (used in STP compatible mode). Valid values are in the range of 4 to 30 seconds NS3500-24T-4C Managed Switch User Manual...
Page 136 Bridge status The STP Bridges page provides a status overview of all STP bridge instances. The table contains a row for each STP bridge instance, and the columns display the following information: NS3500-24T-4C Managed Switch User Manual...
Page 137 Topology Change Last The time since the last topology change occurred. Buttons • Select the Auto-refresh check box to refresh the page automatically. Automatic refresh occurs every three seconds. • Click Refresh to refresh the page immediately. NS3500-24T-4C Managed Switch User Manual...
Page 138 Controls whether the operEdge flag should start as set or cleared (the initial operEdge state when a port is initialized). AutoEdge Controls if the bridge should enable automatic edge detection on the bridge port. This allows operEdge to be derived from BPDUs received on the port. NS3500-24T-4C Managed Switch User Manual...
Page 139 IEEE 8021w standard exceeds 65,535, the default is set to 65,535. Recommended STP path cost range Port Type IEEE 802.1D-1998 IEEE 802.1w-2001 Ethernet 50-600 200,000-20,000,000 Fast Ethernet 10-60 20,000-2,000,000 Gigabit Ethernet 3-10 2,000-200,000 NS3500-24T-4C Managed Switch User Manual...
Page 140 Half Duplex 200,000 Full Duplex 100,000 Trunk 50,000 Gigabit Ethernet Full Duplex 10,000 Trunk 5,000 MSTI priorities The MSTI Configuration page permits the user to inspect and change the current STP MSTI bridge instance priority configurations. NS3500-24T-4C Managed Switch User Manual...
Page 141 Click Reset to undo any changes made locally and revert to previously saved values. MSTI configuration The MSTI Configuration page permits the user to inspect and change the current STP MSTI bridge instance priority configurations. NS3500-24T-4C Managed Switch User Manual...
Page 142 CIST (physical) port for each MSTI instance configured and applicable for the port. The MSTI instance must be selected before displaying actual MSTI port configuration options. This page contains MSTI port settings for physical and aggregated ports. The aggregation settings are stack global. NS3500-24T-4C Managed Switch User Manual...
Page 143 Controls the port priority. This can be used to control priority of ports having identical port cost. Buttons • Click to set MSTx configuration. • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 144 Automatic refresh occurs every three seconds. • Click Refresh to refresh the page immediately. Port statistics The STP Statistics page displays the STP port statistics counters for physical ports in the currently selected switch. NS3500-24T-4C Managed Switch User Manual...
Page 145: Multicast
IGMP messages and copies them to the CPU for feature processing. The overall purpose of IGMP snooping is to limit the forwarding of multicast frames to only ports that are a member of the multicast group. NS3500-24T-4C Managed Switch User Manual...
Page 146 If there are no members on a sub network, packets will not be forwarded to that sub network. Multicast service NS3500-24T-4C Managed Switch User Manual...
Page 147 Chapter 4: Web configuration Multicast flooding IGMP snooping multicast stream control NS3500-24T-4C Managed Switch User Manual...
Page 148 LAN, an explicit leave message, and query messages that are specific to a given group. The states a computer will go through to join or to leave a multicast group are as follows: NS3500-24T-4C Managed Switch User Manual...
Page 149 The IPMC Profile Configurations page provides IPMC Profile related configurations. The IPMC profile is used to deploy the access control on IP multicast streams. It is allowed to create at maximum 64 Profiles with a maximum of 128 corresponding rules for each. NS3500-24T-4C Managed Switch User Manual...
Page 150 The IPMC Profile Address Configuration page provides address range settings used in the IPMC profile. The address entry is used to specify the address range associated with the IPMC profile. It can create a maximum of 128 address entries in the system. NS3500-24T-4C Managed Switch User Manual...
Page 151 IPMC profile address configuration. • Click >> to update the table starting with the entry after the last entry currently displayed. IGMP snooping configuration The IGMP Snooping Configuration page provides IGMP snooping-related configuration information. NS3500-24T-4C Managed Switch User Manual...
Page 152 Enable to limit the number of multicast groups to which a switch port can belong. Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 153 Query Interval. The QI is the interval between general queries sent by the querier. The allowed range is 31744 seconds. The default query interval is 125 seconds. Query Response Interval. This is the maximum response time used to NS3500-24T-4C Managed Switch User Manual...
Page 154 IGMP join report is dropped. IGMP throttling sets a maximum number of multicast groups that a port can join at the same time. When the maximum number of groups is reached on a port, the switch can NS3500-24T-4C Managed Switch User Manual...
Page 155 Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. IGMP snooping status The IGMP Snooping Status page provides IGMP snooping status. NS3500-24T-4C Managed Switch User Manual...
Page 156 When initially accessing the page, it shows the first 20 entries from the beginning of the IGMP Group table. The Start from VLAN group Address fields permit the user to select the starting point in the IGMP group table. NS3500-24T-4C Managed Switch User Manual...
Page 157 When initially accessing the page, it shows the first 20 entries from the beginning of the IGMP Group table. The Start from VLAN group Address fields permit the user to select the starting point in the IGMP information table. NS3500-24T-4C Managed Switch User Manual...
Page 158 IGMP group table. • Click >> to update the table, starting with the entry after the last entry currently shown. MLD snooping configuration The MLD Snooping Configuration page provides MLD snooping-related configuration. NS3500-24T-4C Managed Switch User Manual...
Page 159 When initially accessing the page, it shows the first 20 entries from the beginning of the VLAN table. The first entry shown will be the one with the lowest VLAN ID found in the VLAN table. NS3500-24T-4C Managed Switch User Manual...
Page 160 VLAN table (i.e., the entry with the lowest VLAN ID). • Click >> to updates the table, starting with the entry after the last entry currently displayed. NS3500-24T-4C Managed Switch User Manual...
Page 161 “deny” or “replace.” If the action is set to deny, any new MLD join reports will be dropped. If the action is set to replace, the switch randomly removes an existing group and replaces it with the new multicast group. NS3500-24T-4C Managed Switch User Manual...
Page 162 Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. MLD snooping status The MLD Snooping Status page provides MLD snooping status. NS3500-24T-4C Managed Switch User Manual...
Page 163 When initially accessing the page, it shows the first 20 entries from the beginning of the MLD Group table. The Start from VLAN group Address fields permit the user to select the starting point in the MLD group table. NS3500-24T-4C Managed Switch User Manual...
Page 164 When initially accessing the page, it shows the first 20 entries from the beginning of the IGMP Group table. The Start from VLAN Group fields permit the user to select the starting point in the MLD information table. NS3500-24T-4C Managed Switch User Manual...
Page 165 Uplink ports that send and receive multicast data to and from the multicast VLAN are called MVR source ports. A maximum of eight MVR VLANs with corresponding channel settings can be created for each multicast VLAN. A maximum of 256 group addresses are available for channel settings. NS3500-24T-4C Managed Switch User Manual...
Page 166 Chapter 4: Web configuration The MVR Configurations page provides MVR-related configuration information. NS3500-24T-4C Managed Switch User Manual...
Page 167 Receiver: Configure a port as a receiver port if it is a subscriber port and should only receive multicast data. It does not receive data unless it becomes a member of the multicast group by issuing IGMP/MLD messages. Caution: We do not recommend overlapping MVR source ports with NS3500-24T-4C Managed Switch User Manual...
Page 168 The number of received IGMPv1 joins and MLDv2 reports, respectively. Reports Received IGMPv2/MLDv1 The number of received IGMPv2 leaves and MLDv1 dones, respectively. Leaves Received Buttons • Click Refresh to refresh the page immediately. • Click Clear to clear all statistics counters. NS3500-24T-4C Managed Switch User Manual...
Page 169 Different source addresses that belong to the same group are treated as single entry. Each page shows up to 99 entries from the MVR SFM information table The range of entries per page can be typed into the Start from VLAN entries per page fields. NS3500-24T-4C Managed Switch User Manual...
Page 170: Quality Of Service (Qos)
Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic. QoS permits the assignment of various grades of network service to different types of traffic such as multi-media, video, protocol-specific, time critical, and file-backup traffic. NS3500-24T-4C Managed Switch User Manual...
Page 171 2. Apply a classifier to determine how the incoming traffic will be classified and thus treated by the managed switch. 3. Create a QoS profile that associates a service level and a classifier. 4. Apply a QoS profile to a port(s). NS3500-24T-4C Managed Switch User Manual...
Page 172 Click Reset to undo any changes made locally and revert to previously saved values. Port classification The QoS Ingress Port Classification page permits configuration of the basic QoS ingress classification settings for all switch ports. NS3500-24T-4C Managed Switch User Manual...
Page 173 Shows the classification mode for tagged frames on this port. Disabled: Use default CoS and DPL for tagged frames. Enabled: Use mapped versions of PCP and DEI for tagged frames. Click on the mode to configure the mode and/or mapping. NS3500-24T-4C Managed Switch User Manual...
Page 174 • Click Reset to undo any changes made locally and revert to previously saved values. Queue policing Configure the queue policer settings for all switch ports in the QoS Ingress Queue Policers page. NS3500-24T-4C Managed Switch User Manual...
Page 175 Click Reset to undo any changes made locally and revert to previously saved values. Port scheduler The QoS Egress Port Schedulers page provides an overview of the QoS egress port schedulers for all switch ports. NS3500-24T-4C Managed Switch User Manual...
Page 176 Shows "disabled" or actual port shaper rate (e.g., "800 Mbps"). QoS egress port schedule and shapers The port scheduler and shapers for a specific port are configured on the QoS Egress Port Schedule and Shapers page. NS3500-24T-4C Managed Switch User Manual...
Page 177 Chapter 4: Web configuration NS3500-24T-4C Managed Switch User Manual...
Page 178 Port tag remarking The QoS Egress Port Tag Remarking page provides an overview of QoS egress port tag remarking for all switch ports. NS3500-24T-4C Managed Switch User Manual...
Page 179 Click Reset to undo any changes made locally and revert to previously saved values. Port DSCP The QoS Port DSCP Configuration page permits configuration of the basic QoS port DSCP settings for all switch ports. NS3500-24T-4C Managed Switch User Manual...
Page 180 Translation->Egress Remap DP0' table or from the 'DSCP Translation- >Egress Remap DP1' table. Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 181 DSCP values are mapped to a specific QoS class and Drop Precedence Level. Frames with untrusted DSCP values are treated as a non-IP frame. QoS Class QoS Class values can be between 0-7. Drop Precedence Level (0-1) NS3500-24T-4C Managed Switch User Manual...
Page 182 There are two configuration parameters for DSCP Translation: Translate Classify Translate DSCP at the Ingress side can be translated to any of 0-63 DSCP values. Classify Click Classify to enable classification at the Ingress side. NS3500-24T-4C Managed Switch User Manual...
Page 183 Select DSCP value (0-63) from DSCP menu to map DSCP to corresponding QoS Class and DPL value Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 184 IPv4: The QCE only matches IPV4 frames. IPv6: The QCE only matches IPV6 frames. Action Indicates the classification action taken on the ingress frame if the parameters configured match with the frame's content. Action fields include: NS3500-24T-4C Managed Switch User Manual...
Page 185 : Moves the QCE down the list. : Deletes the QCE. : The lowest plus sign adds a new entry at the bottom of the list of QCL. QoS control entry configuration The QCE Configuration page appears as follows: NS3500-24T-4C Managed Switch User Manual...
Page 186 – Diffserv Code Point value (DSCP): It can be a specific value, range of values, or Any. DSCP values are in the range 0-63 including BE, CS1- CS7, EF or AF11-AF43. Sport – Source TCP/UDP port:(0-65535) or Any, specific or port range applicable for IP protocol UDP/TCP. NS3500-24T-4C Managed Switch User Manual...
Page 187 Any: The QCE will match all frame types. Ethernet: Only Ethernet frames (with Ether Type 0x600-0xFFFF) are allowed. LLC: Only (LLC) frames are allowed. SNAP: Only (SNAP) frames are allowed. IPv4: The QCE will match only IPV4 frames. NS3500-24T-4C Managed Switch User Manual...
Page 188 These only affect flooded frames (i.e., frames with a (VLAN ID, DMAC) pair not present on the MAC Address table). The configuration indicates the permitted packet rate for unicast, multicast, or broadcast traffic across the switch. NS3500-24T-4C Managed Switch User Manual...
Page 189 Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. QoS statistics The Queuing Counters page provides statistics for the different queues for all switch ports. NS3500-24T-4C Managed Switch User Manual...
Page 190 We recommended that there be two VLANs on a port – one for voice and one for data. Before connecting the IP device to the switch, the IP phone should configure the voice VLAN ID correctly. It should be configured through its own GUI. NS3500-24T-4C Managed Switch User Manual...
Page 191 Voice VLAN members automatically. Forced: Force join to Voice VLAN. Port Security Indicates the Voice VLAN port security mode. When the function is enabled, all non-telephone MAC address in Voice VLAN are blocked 10 seconds. NS3500-24T-4C Managed Switch User Manual...
Page 192 IEEE. It must be six characters long and the input format is "xx-xx- xx" (x is a hexadecimal digit). Description The description of the OUI address. Normally, it describes the vendor telephony device it belongs to. The allowed string length is 0 to 32. NS3500-24T-4C Managed Switch User Manual...
Page 193: Access Control Lists (Acl)
The maximum number of ACEs is 512 on each switch. The page includes the following fields: Object Description User Indicates the ACL user. Ingress Port Indicates the ingress port of the ACE. Values include: NS3500-24T-4C Managed Switch User Manual...
Page 194 The Access Control List Configuration page shows the Access Control List (ACL), which is made up of the ACEs defined on this switch. Each row describes the ACE that is defined. The maximum number of ACEs is 512 on each switch. NS3500-24T-4C Managed Switch User Manual...
Page 195 : Edits the ACE row. : Moves the ACE up the list. : Moves the ACE down the list. : Deletes the ACE. : The lowest plus sign adds a new entry at the bottom of the ACE listings. NS3500-24T-4C Managed Switch User Manual...
Page 196 Specific: If you want to filter a specific policy with this ACE, choose this value. Two fields for entering a policy value and bitmask appear. Policy Value When Specific is selected for the policy filter, you can enter a specific policy NS3500-24T-4C Managed Switch User Manual...
Page 197 This is only shown when the frame type is Ethernet Type or ARP. Specify the source MAC filter for this ACE. Any: No SMAC filter is specified (SMAC filter status is "don't-care”). Specific: If you want to filter a specific source MAC address with this ACE, NS3500-24T-4C Managed Switch User Manual...
Page 198 Specify the sender IP filter for this ACE. Any: No sender IP filter is specified. (Sender IP filter is "don't-care”). Host: Sender IP filter is set to Host. Specify the sender IP address in the SIP NS3500-24T-4C Managed Switch User Manual...
Page 199 Specify whether frames can hit the action according to their ARP/RARP protocol address space (PRO) settings. 0: ARP/RARP frames where the PRO is equal to IP (0x800). 1: ARP/RARP frames where the PRO is equal to IP (0x800). Any: Any value is allowed ("don't-care”). NS3500-24T-4C Managed Switch User Manual...
Page 200 SIP address in dotted decimal notation. SIP Mask When Network is selected for the source IP filter, you can enter a specific SIP mask in dotted decimal notation. DIP Filter Specify the destination IP filter for this ACE. NS3500-24T-4C Managed Switch User Manual...
Page 201 IPv6 frames with a hop limit field greater than zero must not be able to match this entry. non-zero: IPv6 frames with a hop limit field greater than zero must be able to match this entry. Any: Any value is allowed ("don't-care”). NS3500-24T-4C Managed Switch User Manual...
Page 202 TCP/UDP destination range value. A field for entering a TCP/UDP destination value appears. TCP/UDP Destination When Specific is selected for the TCP/UDP destination filter, you can enter Number a specific TCP/UDP destination value. The allowed range is to 65535. A NS3500-24T-4C Managed Switch User Manual...
Page 203 EtherType Filter Specify the Ethernet type filter for this ACE. Any: No EtherType filter is specified (EtherType filter status is "don't-care”). Specific: If you want to filter a specific EtherType filter with this ACE, you NS3500-24T-4C Managed Switch User Manual...
Page 204 ACL ports configuration Configure the ACL parameters (ACE) of each switch port on the ACL Ports Configuration page. These parameters will affect frames received on a port unless the frame matches a specific ACE. NS3500-24T-4C Managed Switch User Manual...
Page 205 Any changes made locally are undone. • Click Clear to clear the counters. ACL rate limiter configuration Configure the rate limiter for the ACL of the managed switch on the ACL Rate Limiter Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 206: Authentication
Authentication This section describes user access and management control for the managed switch, including user access and management control. The following main topics are covered: • IEEE 802.1X port-based network access control • MAC-based authentication NS3500-24T-4C Managed Switch User Manual...
Page 207 MAC address is a valid RADIUS user that can be used by anyone, and only the MD5-Challenge method is supported. The 802.1X and MAC-based authentication configuration consists of two sections, a system- and a port-wide. NS3500-24T-4C Managed Switch User Manual...
Page 208 Authentication Protocol over LAN (EAPOL) traffic through the port to which the client is connected. After authentication is successful, normal traffic can pass through the port. Device roles With 802.1X port-based authentication, the devices in the network have specific roles as shown below. NS3500-24T-4C Managed Switch User Manual...
Page 209 A port in the authorized state effectively means that the client has been successfully authenticated. NS3500-24T-4C Managed Switch User Manual...
Page 210 If the authentication fails, the port remains in the unauthorized state, but authentication can be retried. If the authentication server cannot be reached, the switch can retransmit the request. If no NS3500-24T-4C Managed Switch User Manual...
Page 211 Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3500-24T-4C Managed Switch User Manual...
Page 212 The switch uses the MAC address to authenticate against the back end server. Intruders can create counterfeit MAC addresses, which makes MAC-based authentication less secure than 802.1X authentication. The NAS configuration consists of two sections, a system- and a port-wide. NS3500-24T-4C Managed Switch User Manual...
Page 213 "Configuration > Security > AAA" Page), the client is put on hold in the Unauthorized state. The hold timer does not count during an on-going authentication. In MAC-based Auth. mode, the The switch will ignore new frames coming NS3500-24T-4C Managed Switch User Manual...
Page 214 (selected), the switch considers entering the Guest VLAN even if an EAPOL frame has been received on the port for the life-time of the port. The value can only be changed if the Guest VLAN option is globally enabled. NS3500-24T-4C Managed Switch User Manual...
Page 215 This allows other clients connected to the port (through a hub, for example) to piggy- back on the successfully authenticated client and get network access even though they really aren't authenticated. To overcome this security breach, NS3500-24T-4C Managed Switch User Manual...
Page 216 The disadvantage is that MAC addresses can be spoofed by malicious users - equipment whose MAC address is a valid RADIUS user can be used by NS3500-24T-4C Managed Switch User Manual...
Page 217 Private-Group-ID does not need to include a Tag): Value of Tunnel-Medium-Type must be set to "IEEE-802" (ordinal 6). Value of Tunnel-Type must be set to "VLAN" (ordinal 13). Value of Tunnel-Private-Group-ID must be a string of ASCII chars in the NS3500-24T-4C Managed Switch User Manual...
Page 218 (EAPOL-based authentication). For MAC-based authentication, reauthentication is attempted immediately. The button only has an effect for successfully authenticated clients on the port and will not cause the clients to get temporarily unauthorized. NS3500-24T-4C Managed Switch User Manual...
Page 219 If the VLAN ID is assigned by the RADIUS server, "(RADIUS-assigned)" is appended to the VLAN ID. Read more about RADIUS-assigned VLANs here. If the port is moved to the Guest VLAN, "(Guest)" is appended to the VLAN ID. Read more about Guest VLANs here. NS3500-24T-4C Managed Switch User Manual...
Page 220 ID is not overridden by NAS. If the VLAN ID is assigned by the RADIUS server, "(RADIUS-assigned)" is appended to the VLAN ID. If the port is moved to the Guest VLAN, "(Guest)" is appended to the VLAN NS3500-24T-4C Managed Switch User Manual...
Page 221 Total dot1xAuthEapolFrame The number of EAPOL frames of any type that have been transmitted by the switch. Request ID dot1xAuthEapolReqId The number of EAPOL FramesTx Request Identity frames that have been transmitted by the switch. NS3500-24T-4C Managed Switch User Manual...
Page 222 Auth. dot1xAuthBack 802.1X- and MAC-based: endAuthFails Failures Counts the number of times that the switch receives a failure message. This indicates that the supplicant/client has not NS3500-24T-4C Managed Switch User Manual...
Page 223 The protocol version number carried in the most recently received EAPOL frame. MAC-based: Not applicable. Identity 802.1X-based: The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame. MAC-based: Not applicable. NS3500-24T-4C Managed Switch User Manual...
Page 224 Click Refresh to refresh the page immediately. • Click Clear to clear the counters for the selected port. This button is available in the following modes: • Force Authorized • Force Unauthorized • Port-based 802.1X NS3500-24T-4C Managed Switch User Manual...
Page 225 Clear This to clear only the currently selected client's counter. This button is available in the following modes: • Multi 802.1X • MAC-based Auth.X RADIUS Configure the RADIUS servers on the RADIUS Server Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 226 Retransmit This optional setting overrides the global retransmit value. Leaving it blank will use the global retransmit value. This optional setting overrides the global key. Leaving it blank will use the global key. NS3500-24T-4C Managed Switch User Manual...
Page 227 • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. TACACS+ The TACACS+ Server Configuration page permits configuration of the TACACS+ Servers. NS3500-24T-4C Managed Switch User Manual...
Page 228 RADIUS overview The RADIUS Authentication/Accounting Server Overview page provides an overview of the status of the RADIUS servers configurable on the authentication configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 229 This state is only reachable when more than one server is enabled. Buttons • Click Refresh to refresh the page immediately. • Click Auto-refresh to refresh the page automatically. Automatic refresh occurs every three seconds. NS3500-24T-4C Managed Switch User Manual...
Page 230 The page includes the following fields: RADIUS authentication statistics The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB. Use the server select box to switch between the back end servers to show details for each. NS3500-24T-4C Managed Switch User Manual...
Page 231 Access radiusAuthClientEx The number of RADIUS Requests tAccessRequests Access-Request packets sent to the server. This does not include retransmissions. Access radiusAuthClientEx The number of RADIUS Retransmissi tAccessRetransmis Access-Request packets retransmitted to the NS3500-24T-4C Managed Switch User Manual...
Page 232 Round-Trip radiusAuthClie The time interval (measured in milliseconds) Time ntExtRoundTrip between the most recent Access-Reply/Access- Time Challenge and the Access-Request that matched it from the RADIUS authentication NS3500-24T-4C Managed Switch User Manual...
Page 233 The number of RADIUS tRequests packets sent to the server. This does not include retransmissions. Retransmissions radiusAccClientEx The number of RADIUS tRetransmissions packets retransmitted to the RADIUS accounting server. Pending radiusAccClientEx The number of RADIUS NS3500-24T-4C Managed Switch User Manual...
Page 234 Response and the Request that matched it from the RADIUS accounting server. The granularity of this measurement is 100 ms. A value of 0 ms indicates that there has yet to be round-trip communication with the server. NS3500-24T-4C Managed Switch User Manual...
Page 235 Ensure that the shared secret key is as same as the one you had set at the managed switch’s 802.1x system configuration (12345678 in this case). 1. Configure the IP Address of remote RADIUS server and secret key. 2. Click New RADIUS Client on the Windows 2003 server. NS3500-24T-4C Managed Switch User Manual...
Page 236 Chapter 4: Web configuration 3. Assign the client IP address to the managed switch. 4. The shared secret key should be as same as the key configured on the managed switch. NS3500-24T-4C Managed Switch User Manual...
Page 237 6. Create user data. The establishment of the user data needs to be created on the Radius Server PC. For example, select Active Directory Users and Computers and create legal user data (Windows Server 2003). 7. Right-click a user that you created and then type in properties and configure settings. NS3500-24T-4C Managed Switch User Manual...
Page 238 Otherwise, the switch might not be able to access the RADIUS server after the 802.1X starts to work. 802.1X client configuration Windows XP has native support for 802.1X. The following procedures show how to configure 802.1X Authentication in Windows XP. NS3500-24T-4C Managed Switch User Manual...
Page 239 Properties setting window. 4. Click the Authentication tab. 5. Select Enable network access control using IEEE 802.1X to enable 802.1x authentication. 6. Select MD-5 Challenge from the drop-down list box for EAP type. NS3500-24T-4C Managed Switch User Manual...
Page 240 8. When the client has associated with the managed switch, a user authentication notice appears in the system tray. Click on the notice to continue. 9. Type the user name, password and the logon domain that your account belongs to. 10. Click to complete the validation process. NS3500-24T-4C Managed Switch User Manual...
Page 241: Security
The limit control module utilizes a lower-layer port security module that manages MAC addresses learned on the port. The limit control configuration consists of two sections, a system- and a port-wide. NS3500-24T-4C Managed Switch User Manual...
Page 242 NS3500-24T-4C Managed Switch User Manual...
Page 243 For other methods, refer Shutdown in the Action section. Note: Clicking the reopen button causes the page to be refreshed, resulting in the loss of non-committed changes. NS3500-24T-4C Managed Switch User Manual...
Page 244 Indicates the host can access the switch from the TELNET/SSH interface and that the host IP address matched the entry. Buttons • Click Add New Entry to add a new access management entry. • Click Apply to apply changes. NS3500-24T-4C Managed Switch User Manual...
Page 245 • Click Auto-refresh to to refresh the page automatically. Automatic refresh occurs every three seconds. • Click Clear to clear all statistics. HTTPs Configure HTTPS on the HTTPS Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 246 MAC address to forward. If only one chooses to block it, it will be blocked until that user module decides otherwise. The status page is divided into two sections – one with a legend of user modules and one with the actual port status. NS3500-24T-4C Managed Switch User Manual...
Page 247 If only one chooses to block it, it will be blocked until that user module decides otherwise. The status page is divided into two sections – one with a legend of user modules and one with the actual port status. NS3500-24T-4C Managed Switch User Manual...
Page 248 A one-letter abbreviation of the user module. This is used in the Users column in the port status table. Port status The table has one row for each port on the selected switch in the switch and a number of columns, which are: NS3500-24T-4C Managed Switch User Manual...
Page 249 MAC address to be set in the forwarding state, all enabled user modules must unanimously agree on allowing the MAC address to forward. If only one chooses to block it, it will be blocked until that user module decides otherwise. NS3500-24T-4C Managed Switch User Manual...
Page 250 DHCP snooping is used to block intruders on the untrusted ports of DUT when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server. NS3500-24T-4C Managed Switch User Manual...
Page 251 Chapter 4: Web configuration Configure DHCP Snooping on the DHCP Snooping Configuration page. NS3500-24T-4C Managed Switch User Manual...
Page 252 IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing attacks when a host tries to NS3500-24T-4C Managed Switch User Manual...
Page 253 Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. IP source guard static table The Static IP Source Guard Table page appears as below: NS3500-24T-4C Managed Switch User Manual...
Page 254 Layer 2 networks by "poisoning" the ARP caches. This feature is used to block such attacks. Only valid ARP requests and responses can go through DUT. The ARP Inspection Configuration page provides ARP Inspection related configuration. NS3500-24T-4C Managed Switch User Manual...
Page 255 None: Log nothing. Deny: Log denied entries. Permit: Log permitted entries. ALL: Log all entries. Buttons • Click Translate Dynamic to Static to translate all dynamic entries to static entries. • Click Apply to apply changes. NS3500-24T-4C Managed Switch User Manual...
Page 256: Address Table
The frames also contain a MAC address (SMAC address) that shows the MAC address of the equipment sending the frame. The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses. Dynamic NS3500-24T-4C Managed Switch User Manual...
Page 257 If the learning mode for a given port is greyed out, another module is in control of the mode so that it cannot be changed by the user. An example of such a module is the MAC-Based Authentication under 802.1X. NS3500-24T-4C Managed Switch User Manual...
Page 258 MAC address table status Dynamic MAC table Entries in the MAC table are shown on this page. The MAC table contains up to 8192 entries and is sorted first by VLAN ID, then by MAC address. NS3500-24T-4C Managed Switch User Manual...
Page 259 Automatic refresh occurs every three seconds. • Click Refresh to refresh the displayed table starting from the MAC address VLAN input fields. • Click Clear to flush all dynamic entries. NS3500-24T-4C Managed Switch User Manual...
Page 260 The port number for which the status applies. Click the port number to see the status for this particular port. VLAN ID The VLAN ID of the entry. MAC Address The MAC address of the entry. IP Address The IP address of the entry. NS3500-24T-4C Managed Switch User Manual...
Page 261 VLAN/IP address pairs as a basis for the next lookup. When the end is reached the text "no more entries" is shown in the displayed table. Use the I<< button to start over. NS3500-24T-4C Managed Switch User Manual...
Page 262: Lldp
SNMP applications to simplify troubleshooting, enhance network management, and maintain an accurate network topology. LLDP configuration The LLDP Configuration page allows the user to inspect and configure the current LLDP port settings. NS3500-24T-4C Managed Switch User Manual...
Page 263 Tx Delay seconds. Tx Delay cannot be larger than 1/4 of the Tx Interval value. Valid values are restricted to 1 - 8192 seconds. This attribute must comply with the rule: (4 * Delay Interval) ≤Transmission Interval NS3500-24T-4C Managed Switch User Manual...
Page 264 Optional TLV: When selected, the "port description" is included in LLDP information transmitted. System Name Optional TLV: When selected, the "system name" is included in LLDP information transmitted. System Description Optional TLV: When selected, the "system description" is included in LLDP NS3500-24T-4C Managed Switch User Manual...
Page 265 LLDP information transmitted. Buttons • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. LLDP-MED configuration The LLDP-MED Configuration page permits configuration of the LLDP-MED. NS3500-24T-4C Managed Switch User Manual...
Page 266 It is possible to select between two altitude types (floors or meters). Meters: Representing meters of Altitude defined by the vertical datum specified. Floors: Representing altitude in a form more relevant in buildings which have different floor-to-floor dimensions. An altitude of 0.0 is meaningful even NS3500-24T-4C Managed Switch User Manual...
Page 267 Name (residence and office occupant) - Example: Flemming Jahn Zip code Postal/zip code - Example: 2791 Building Building (structure) - Example: Low Library Apartment Unit (Apartment, suite) - Example: Apt 42 Floor Floor - Example: 4 Room no. Room number - Example: 450F NS3500-24T-4C Managed Switch User Manual...
Page 268 A large network may support multiple VoIP policies across the entire organization, and different policies per application type. LLDP-MED allows multiple policies to be advertised per port, each corresponding to a different application type. Different ports NS3500-24T-4C Managed Switch User Manual...
Page 269 This application type should not be advertised if all the same network policies apply as those advertised in the video conferencing application policy. NS3500-24T-4C Managed Switch User Manual...
Page 270 The LLDP-MED Neighbor Information page provides a status overview of all LLDP- MED neighbors. The table contains a row for each port on which an LLDP neighbor is detected. The columns hold the following information: NS3500-24T-4C Managed Switch User Manual...
Page 271 Communication Controllers, other communication related servers, or any device requiring basic services as defined in TIA-1057. Discovery services defined in this class include LAN configuration, device location, network policy, power management, and inventory management. LLDP-MED Media Endpoint (Class II) NS3500-24T-4C Managed Switch User Manual...
Page 272 PCs or laptops. Video Conferencing – For use by dedicated video conferencing equipment and other similar appliances supporting real–time interactive video/audio services. Streaming Video – For use by broadcast or multicast based video content NS3500-24T-4C Managed Switch User Manual...
Page 273 Neighbor The LLDP Neighbor Information page provides a status overview for all LLDP neighbors. The displayed table contains a row for each port on which an LLDP neighbor is detected. NS3500-24T-4C Managed Switch User Manual...
Page 274 The LLDP Global/Statistics Local Counters page provides an overview of all LLDP traffic. Two types of counters are shown. Global counters are counters that refer to the switch, while local counters refers to counters for the currently selected switch. NS3500-24T-4C Managed Switch User Manual...
Page 275 Chassis ID or Remote Port ID is not already contained within the table. Entries are removed from the table when a given port links down, an LLDP shutdown frame is received, or when the entry ages out. NS3500-24T-4C Managed Switch User Manual...
Page 276: Network Diagnostics
Cable diagnostics performs tests on copper cables. These functions have the ability to identify the cable length and operating conditions, and to isolate a variety of common faults that can occur on the Cat5 twisted-pair cabling. There might be two states, which are as follows: NS3500-24T-4C Managed Switch User Manual...
Page 277 New Ping to re-start diagnostics with ping. IPv6 ping The ICMPv6 Ping page allows you to issue ICMPv6 ping packets to troubleshoot IPv6 connectivity issues. After clicking Start, five ICMPv6 packets are transmitted, and the NS3500-24T-4C Managed Switch User Manual...
Page 278 IP connectivity issues on a special port. After clicking Test, five ICMP packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs. NS3500-24T-4C Managed Switch User Manual...
Page 279 10 and 100 Mbps ports are linked down while running cable diagnostics. Therefore, running cable diagnostics on a 10 or 100 Mbps management port causes the switch to stop responding until VeriPHY is complete. The ports belong to the current unit, as reflected by the page header. NS3500-24T-4C Managed Switch User Manual...
Page 280: Loop Protection
The length (in meters) of the cable pair. The resolution is 3 meters Buttons • Click Start to run the diagnostics. Loop protection This section describes the enable loop protection function that provides loop protection to prevent broadcast loops in the managed switch. NS3500-24T-4C Managed Switch User Manual...
Page 281 Port configuration Object Description Port The switch port number. Enable Controls loop protection enable/disable on this switch port. Action Configures the action performed when a loop is detected on a port. NS3500-24T-4C Managed Switch User Manual...
Page 282: Rmon
• Click Refresh to refresh the page immediately. RMON RMON is an expansion of standard SNMP. RMON is a set of MIB definitions used to define standard network monitor functions and interfaces, enabling communication NS3500-24T-4C Managed Switch User Manual...
Page 283 InNUcastPkts: The number of broadcast and multicast packets delivered to a higher-layer protocol. InDiscards: The number of inbound packets that are discarded when the packets are normal. InErrors: The number of inbound packets that contained errors preventing NS3500-24T-4C Managed Switch User Manual...
Page 284 When initially accessing the page, it shows the first 20 entries from the beginning of the Alarm table. The first entry shown will be the one with the lowest ID found in the Alarm table. NS3500-24T-4C Managed Switch User Manual...
Page 285 >> to update the table starting with the entry after the last entry currently displayed. RMON event configuration Configure the RMON Event table on the RMON Event Configuration page. The entry index key is ID. NS3500-24T-4C Managed Switch User Manual...
Page 286 When initially accessing the page, it shows the first 20 entries from the beginning of the Event table. The first entry shown will be the one with the lowest ID found in the Event table NS3500-24T-4C Managed Switch User Manual...
Page 287 • Click >> to update the table starting with the entry after the last entry currently displayed. RMON history configuration Configure RMON History on the RMON History Configuration page. The entry index key is ID. NS3500-24T-4C Managed Switch User Manual...
Page 288 The value of sysUpTime at the start of the interval over which this sample was measured. Drop The total number of events in which packets were dropped by the probe due to lack of resources. NS3500-24T-4C Managed Switch User Manual...
Page 289 >> to update the table starting with the entry after the last entry currently displayed. RMON statistics configuration Configure the RMON Statistics table on the RMON Statistics Configuration page. The entry index key is ID. NS3500-24T-4C Managed Switch User Manual...
Page 290 The total number of octets of data (including those in bad packets) received on the network. Pkts The total number of packets (including bad packets, broadcast packets, and multicast packets) received. Broadcast The total number of good packets received that were directed to the broadcast address. NS3500-24T-4C Managed Switch User Manual...
Page 291 (i.e., the entry with the lowest ID). • Click >> to update the table starting with the entry after the last entry currently displayed. NS3500-24T-4C Managed Switch User Manual...
Page 292: Switch Operation
Store-and-forward Store-and-Forward is a packet-forwarding technique. A Store-and-Forward switch stores the incoming frame in an internal buffer and completes error checking before NS3500-24T-4C Managed Switch User Manual...
Page 293 (usually at Power On or Reset). This is done by detecting the modes and speeds of both devices that are connected. Both the 10BASE-T and 100BASE-TX devices can connect with the port in either half- or full-duplex mode. 1000BASE-T can be only connected in full-duplex mode. NS3500-24T-4C Managed Switch User Manual...
Page 294 2. If the cord is inserted correctly, replace the power cord. 3. Check that the AC power source is working by connecting a different device in place of the switch. If that device does not work, check the AC power NS3500-24T-4C Managed Switch User Manual...
Page 295 Pin number MDI-X Tx + (transmit) Rx + (receive) Tx - (transmit) Rx - (receive) Rx + (receive) Tx + (transmit) 4, 5 Not used Rx + (receive) Tx + (transmit) 7, 8 Not used NS3500-24T-4C Managed Switch User Manual...
Page 296 7 = White / Brown SIDE 2 8 = Brown 8 = Brown Ensure that connected cables are with the same pin assignment and color as the above diagram before deploying the cables into the network. NS3500-24T-4C Managed Switch User Manual...
Page 297 ACL can generally be configured to control inbound traffic, and in this context, they are similar to firewalls. NS3500-24T-4C Managed Switch User Manual...
Page 298 ARP allows a host to communicate with other hosts when only the Internet address of its neighbors is known. Before using IP, the host sends a broadcast ARP request containing the Internet address of the desired destination system. NS3500-24T-4C Managed Switch User Manual...
Page 299 IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address. NS3500-24T-4C Managed Switch User Manual...
Page 300 DSCP Differentiated Services Code Point. It is a field in the header of IP packets for packet classification purposes. Energy Efficient Ethernet as defined in IEEE 802.3az. Ethernet Protection Switching as defined in ITU/T G.8031. NS3500-24T-4C Managed Switch User Manual...
Page 301 VLAN interface is pruned from the multicast tree for the multicast group specified in the original leave message. Fast- leave processing ensures optimal bandwidth management for all hosts on a switched network, even when multiple multicast groups are in use simultaneously. NS3500-24T-4C Managed Switch User Manual...
Page 302 With 802.1X, access to all switch ports can be centrally controlled from a server, which means that authorized users can use the same credentials for authentication from any point within the network. NS3500-24T-4C Managed Switch User Manual...
Page 303 IP address of another host. LACP LACP is an IEEE 802.3ad standard protocol. The Link Aggregation Control Protocol, allows bundling several physical ports together to form a single logical port. NS3500-24T-4C Managed Switch User Manual...
Page 304 In this context, mirroring a frame is the same as copying the frame. Both incoming (source) and outgoing (destination) frames can be mirrored to the mirror port NS3500-24T-4C Managed Switch User Manual...
Page 305 NTP uses UDP (datagrams) as the transport layer. Operation Administration and Maintenance. It is a protocol described in ITU-T Y.1731 used to implement carrier Ethernet functionality. MEP functionality like CC and RDI is based on this. NS3500-24T-4C Managed Switch User Manual...
Page 306 POP and IMAP deal with the receiving of email and are not to be confused with the Simple Mail Transfer Protocol (SMTP). You send email with SMTP, and a mail handler receives it on the recipient's behalf. Then, the mail is read using POP or IMAP. NS3500-24T-4C Managed Switch User Manual...
Page 307 QoS class of 0 (zero) has the lowest priority. RARP Reverse Address Resolution Protocol. It is a protocol that is used to obtain an IP address for a given hardware address, such as an Ethernet address. RARP is the complement of ARP. NS3500-24T-4C Managed Switch User Manual...
Page 308 IEEE 802.2 LLC, more protocols than can be distinguished by the 8-bit 802.2 Service Access Point (SAP) fields. SNAP supports identifying protocols by Ethernet type field values; it also supports vendor-private protocol identifiers. NS3500-24T-4C Managed Switch User Manual...
Page 309 TACACS+ provides separate authentication, authorization, and accounting services. Tag Priority Tag Priority is a 3-bit field storing the priority level for the 802.1Q frame. NS3500-24T-4C Managed Switch User Manual...
Page 310 WEP with a new encryption algorithm. TKIP comprises the same encryption engine and RC4 algorithm defined for WEP. The key used for encryption in TKIP is 128 bits and changes the key used for each packet. NS3500-24T-4C Managed Switch User Manual...
Page 311 (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components User Priority User Priority is a 3-bit field that stores the priority level for the 802.1Q frame. NS3500-24T-4C Managed Switch User Manual...
Page 312 802.11i was prepared. WPA is specifically designed to also work with pre-WPA wireless network interface cards (through firmware upgrades), but not necessarily with first generation wireless access points. WPA2 implements the full standard, but will not work with some older network cards (Wikipedia). NS3500-24T-4C Managed Switch User Manual...
Page 313 Wait To Restore. This is the time a fail on a resource has to be 'not active' before restoration back to this (previously failing) resource. NS3500-24T-4C Managed Switch User Manual...

Interlogix NS3500-24T-4C User Manual

Chapter 1 Introduction

Chapter 2 Installation

Chapter 3 Switch Management

Chapter 4 Web Configuration

Chapter 5 Switch Operation

Quick Links

Summary of Contents for Interlogix NS3500-24T-4C

Page 3: Table Of Contents

Page 5: Important Information

Page 6: Introduction

Page 7: Product Description

Page 10: Product Features

Page 13: Product Specifications

Page 16: Installation

Page 24: Switch Management

Page 25: Administration Console

Page 27: Web Management

Page 28: Smart Discovery Utility

Page 30: Web Configuration

Page 31: Main Web

Page 32: System

Page 59: Dhcp Server

Page 70: Udld

Page 72: Simple Network Management Protocol (Snmp)

Page 84: Port Management

Page 93: Link Aggregation

Page 101: Vlan

Page 128: Spanning Tree Protocol (Stp)

Page 145: Multicast

Page 170: Quality Of Service (Qos)

Page 193: Access Control Lists (Acl)

Page 206: Authentication

Page 241: Security

Page 256: Address Table

Page 262: Lldp

Page 276: Network Diagnostics

Page 280: Loop Protection

Page 282: Rmon

Page 292: Switch Operation

Interlogix NS3500-24T-4C User Manual

Chapter 1 Introduction

Chapter 2 Installation

Chapter 3 Switch Management

Chapter 4 Web Configuration

Chapter 5 Switch Operation

Quick Links

Related Manuals for Interlogix NS3500-24T-4C

Summary of Contents for Interlogix NS3500-24T-4C

Table of Contents