Page 1 8/24/44-Port GbE L2 Switch with 2/4 Dual Personality GbE Uplinks 8/24/44-Port GbE L2 PoE Switch with 2/4 Dual Personality GbE Uplinks Version 4.70 Edition 2, 12/2020 Default Login Details Management IP http://DHCP-assigned IP Address http://192.168.1.1 User Name admin Password 1234 Copyright © 2020 Zyxel Communications Corporation...
Page 2 Click the help icon in any screen for help in configuring that screen and supplementary information. • More Information Go to for product discussions. https:/ / b usine ssfo rum .zyxe l.c o m Go to to find other information on the Switch suppo rt.zyxe l.c o m GS2220 Series User’s Guide...
Page 3: Do C Um E Nt C O Nve Ntio Ns
Figures in this user guide may use the following generic icons. The Switch icon is not an exact representation of your device. Switch Generic Router Wireless Router / Access Point Generic Switch Smart TV Desktop Laptop IP Camera Printer Server GS2220 Series User’s Guide...
Page 4: Table Of Contents
DHCP Snooping ..........................263 ARP Inspection ............................ 273 Loop Guard ............................289 VLAN Mapping ........................... 292 Layer 2 Protocol Tunneling ........................ 296 PPPoE ..............................300 Error-Disable ............................308 VLAN Isolation ............................. 314 Green Ethernet ........................... 316 GS2220 Series User’s Guide...
Page 5 Networked AV Mode ......................... 457 System ..............................460 Port ............................... 465 Switching ............................. 472 Networking ............................497 Security ..............................499 Maintenance ............................511 T ro ub le sho o ting a nd Appe ndic e s ....................517 Troubleshooting ..........................518 GS2220 Series User’s Guide...
Page 6: Table Of Contents
2.4 Wall Mounting (GS2220-10 and GS2220-10HP Only) ..............34 2.4.1 Installation Requirements ..................... 34 2.5 Mounting the Switch on a Rack ....................36 2.5.1 Installation Requirements ..................... 36 2.5.2 Precautions ..........................37 2.5.3 Attaching the Mounting Brackets to the Switch ............... 37 GS2220 Series User’s Guide...
Page 7 4.8.3 Reboot the Switch ........................ 77 4.9 Log Out of the Web Configurator ....................77 4.10 Help ..............................77 C ha pte r 5 Initia l Se tup Exa m ple .........................79 5.1 Overview ............................79 GS2220 Series User’s Guide...
Page 8 8.7 Port Setup ............................112 8.8 PoE Status ............................114 8.8.1 PoE Time Range Setup ....................... 116 8.8.2 PoE Setup ..........................117 8.9 Interface Setup ..........................120 8.10 IPv6 ............................... 121 8.10.1 IPv6 Status .......................... 121 GS2220 Series User’s Guide...
Page 9 10.1 Overview ............................. 154 10.1.1 What You Can Do ......................154 10.2 Configure Static MAC Forwarding ................... 154 C ha pte r 11 Sta tic Multic a st Fo rwa rding ......................156 11.1 Overview ............................. 156 GS2220 Series User’s Guide...
Page 10 Bro a dc a st Sto rm C o ntro l .........................183 15.1 Broadcast Storm Control Overview ..................183 15.1.1 What You Can Do ......................183 15.2 Broadcast Storm Control Setup ....................183 C ha pte r 16 Mirro ring ............................185 GS2220 Series User’s Guide...
Page 11 20.2 Configuring Time Range ......................205 C ha pte r 21 C la ssifie r............................207 21.1 Classifier Overview ........................207 21.1.1 What You Can Do ......................207 21.1.2 What You Need to Know ....................207 21.2 Classifier Status ..........................208 GS2220 Series User’s Guide...
Page 12 24.4.4 MLD Snooping-proxy Filtering ..................238 24.4.5 MLD Snooping-proxy Filtering Profile ................239 24.5 General MVR Configuration ...................... 240 24.5.1 MVR Group Configuration ....................242 24.5.2 MVR Configuration Example ................... 244 C ha pte r 25 AAA ..............................246 GS2220 Series User’s Guide...
Page 13 28.1.1 ARP Inspection VLAN Status ..................... 274 28.1.2 ARP Inspection Log Status ....................274 28.2 ARP Inspection Configure ......................275 28.2.1 ARP Inspection Port Configure ..................277 28.2.2 ARP Inspection VLAN Configure ..................278 28.3 IPv6 Source Guard Overview ....................279 GS2220 Series User’s Guide...
Page 14 32.1.2 What You Need to Know ....................300 32.2 PPPoE ............................302 32.3 PPPoE Intermediate Agent ......................303 32.3.1 PPPoE IA Per-Port ....................... 304 32.3.2 PPPoE IA Per-Port Per-VLAN ..................... 305 32.3.3 PPPoE IA for VLAN ......................306 GS2220 Series User’s Guide...
Page 15 36.8 LLDP-MED Network Policy ......................335 36.9 LLDP-MED Location ........................336 C ha pte r 37 Anti- Arpsc a n ............................339 37.1 Anti-Arpscan Overview ......................339 37.1.1 What You Can Do ......................339 37.1.2 What You Need to Know ....................339 GS2220 Series User’s Guide...
Page 16 41.2.1 Activate the Automatic PD Recovery ................360 C ha pte r 42 Sta tic Ro ute ............................363 42.1 Static Routing Overview ......................363 42.1.1 What You Can Do ......................363 42.2 Static Routing ..........................364 42.3 IPv4 Static Route ......................... 364 GS2220 Series User’s Guide...
Page 17 C ha pte r 46 Ma inte na nc e ............................387 46.1 Overview ............................. 387 46.1.1 What You Can Do ......................387 46.2 Maintenance Settings ........................ 387 46.2.1 Erase Running-Configuration ................... 389 46.2.2 Save Configuration ......................389 GS2220 Series User’s Guide...
Page 18 47.7.4 Google Chrome Warning Messages ................424 C ha pte r 48 Dia g no stic ............................426 48.1 Overview ............................. 426 48.2 Diagnostic ........................... 426 C ha pte r 49 Syste m L o g ............................429 GS2220 Series User’s Guide...
Page 19 C ha pte r 55 C o nfig ure C lo ne ..........................445 55.1 Overview ............................. 445 55.2 Configure Clone ......................... 445 C ha pte r 56 IPv6 Ne ig hb o r T a b le .........................448 GS2220 Series User’s Guide...
Page 20 61.4 Link Aggregation Setting ......................475 61.5 Link Aggregation Control Protocol ................... 477 61.6 VLAN ............................479 61.6.1 What You Can Do ......................479 61.6.2 What You Need to Know ....................479 61.7 VLAN Status ..........................482 GS2220 Series User’s Guide...
Page 21 64.8 Port Mirroring ..........................515 Pa rt III: T ro ub le sho o ting a nd Appe ndic e s ..........517 C ha pte r 65 T ro ub le sho o ting ..........................518 GS2220 Series User’s Guide...
Page 22 65.2 Switch Access and Login ......................519 65.3 Switch Configuration ........................520 Appendix A Customer Support ..................... 522 Appendix B Common Services ...................... 528 Appendix C IPv6..........................531 Appendix D Legal Information ...................... 539 Inde x ..............................544 GS2220 Series User’s Guide...
Page 23: Use R's G Uide
A RT Use r’s G uide...
Page 24: Getting To Know Your Switch
G e tting to Kno w Yo ur Switc h 1.1 Intro duc tio n This chapter introduces the main features and applications of the Switch. The GS2220 Series consists of the following models: • GS2220-10 • GS2220-10HP • GS2220-28 •...
Page 25: Management Method
Chapter 1 Getting to Know Your Switch Table 1 GS2220 Series Comparison Table FEAT URE G S2220- 10 G S2220- 10HP G S2220- 28 G S2220- 28HP G S2220- 50 G S2220- 50HP Rubber feet for desktop placement Wall-mount Rack-mount...
Page 26: Mode Changing
LED or Section 7.2 on page 95 C L O UD more information about the field in the screen to see if the Switch goes into Nebula Hyb rid Mo de Sta tus cloud management mode successfully. GS2220 Series User’s Guide...
Page 27: Zon Utility
IP Switch. See Section 4.4 on page 58 for details on using the screen for configuring the Switch’s Networked AV mode’s basic or advanced Se tup Wiza rd settings. Comparison Between Traditional AV and AVoIP Setups Fig ure 2 GS2220 Series User’s Guide...
Page 28: Poe
• IEEE 802.3af Power over Ethernet (PoE) • IEEE 802.3at Power over Ethernet (PoE) Plus The following table describes the PoE features of the Switch by model. Table 2 GS2220 Series Models and PoE Features PO E FEAT URES G S2220- 10HP...
Page 29: Backbone Example Application
In this example, all computers can share high-speed applications on the server. To expand the network, simply add more networking devices such as switches, routers, computers, print servers, and so on. Backbone Application Fig ure 4 GS2220 Series User’s Guide...
Page 30: Bridging Or Fiber Uplink Example Application
This helps you switch to higher-speed LANs without the need for replacing all existing Ethernet cables and adapter cards, restructuring your network and complex maintenance. High Performance Switched Workgroup Application Fig ure 6 GS2220 Series User’s Guide...
Page 31: Ieee 802.1Q Vlan Application Examples
• IPv4/IPv6 dual stack; the Switch can run IPv4 and IPv6 at the same time • DHCPv6 client and relay • Multicast Listener Discovery (MLD) snooping and proxy For more information on IPv6, refer to Appendix C on page 531 and the CLI Reference Guide. GS2220 Series User’s Guide...
Page 32: Ways To Manage The Switch
Switch to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Switch. You could simply restore your last configuration. GS2220 Series User’s Guide...
Page 33: Hardware Installation And Connection
To start using the Switch, simply connect the power cables and turn it on. 2.3 De skto p Insta lla tio n Pro c e dure Make sure the Switch is clean and dry. Remove the adhesive backing from the rubber feet. GS2220 Series User’s Guide...
Page 34: Wall Mounting (Gs2220-10 And Gs2220-10Hp Only)
2.4.1 Insta lla tio n Re q uire m e nts • Distance above the floor: At least 1.8 m (5.9 feet) • Distance between holes: 78 mm (3.071 inches) • Two M4 screws and a #2 Philips screwdriver • Two screw anchors (optional) GS2220 Series User’s Guide...
Page 35 Align the holes on the back of the Switch with the screws on the wall. Hang the Switch on the screws. Note: Make sure there is enough clearance between the wall and the Switch to allow ventilation. GS2220 Series User’s Guide...
Page 36: Mounting The Switch On A Rack
Follow the steps below to mount your Switch on a standard EIA rack using a rack-mounting kit. Note: Make sure there is enough clearance between each equipment on the rack for air circulation. 2.5.1 Insta lla tio n Re q uire m e nts • Two mounting brackets. GS2220 Series User’s Guide...
Page 37: Precautions
Position a mounting bracket (that is already attached to the Switch) on one side of the rack, lining up the two screw holes on the bracket with the screw holes on the side of the rack. GS2220 Series User’s Guide...
Page 38 Using a #2 Philips screwdriver, install the M5 flat head screws through the mounting bracket holes into the rack. Note: Make sure you tighten all the four screws to prevent the Switch from getting slanted. Repeat steps to attach the second mounting bracket on the other side of the rack. GS2220 Series User’s Guide...
Page 39: Hardware Panels
Front Panel: GS2220-10 Fig ure 12 Front Panel: GS2220-10HP Fig ure 13 Front Panel: GS2220-28 Fig ure 14 Front Panel: GS2220-28HP Fig ure 15 Front Panel: GS2220-50 Fig ure 16 Front Panel: GS2220-50HP Fig ure 17 GS2220 Series User’s Guide...
Page 40: Chapter 3 Hardware Panels
Switch uses up to one connection for each SFP and 1000Base-T Ethernet pair. The SFP slots have priority over the Gigabit ports. This means that if an SFP slot and the corresponding GbE port are connected at the same time, the GbE port will be disabled. GS2220 Series User’s Guide...
Page 41: Poe (Gs2220-10Hp, Gs2220-28Hp And Gs2220-50Hp)
(ESD), it is re c o m m e nde d yo u a tta c h a n ESD pre ve ntive wrist stra p to yo ur wrist a nd to a b a re m e ta l surfa c e whe n GS2220 Series User’s Guide...
Page 42 Fig ure 18 Transceiver Installation Example Fig ure 19 Connecting the Fiber Cables Fig ure 20 3.1.3.2 T ra nsc e ive r Re m o va l Use the following steps to remove an SFP transceiver. GS2220 Series User’s Guide...
Page 43: Dual Personality Interfaces
SFP transceiver slot for fiber connection. The fiber connection takes priority if the corresponding Gigabit port is also connected. • 100 Mbps/1 Gbps – Connect these ports to high-bandwidth backbone network Ethernet switches. • Transceiver Slots – Use SFP transceivers in these slots for connections to backbone Ethernet switches. GS2220 Series User’s Guide...
Page 44: Console Port
The following figures show the rear panels of the Switch. The rear panels contain: Rear Panel: GS2220-10 Fig ure 25 Rear Panel: GS2220-10HP Fig ure 26 Rear Panel: GS2220-28 Fig ure 27 Rear Panel: GS2220-28HP Fig ure 28 GS2220 Series User’s Guide...
Page 45: Grounding
Remove the M4 ground screw from the Switch’s rear panel. Secure a green or yellow ground cable (16 AWG or smaller) to the Switch's rear panel using the M4 ground screw. Grounding Fig ure 31 GS2220 Series User’s Guide...
Page 46: Ac Power Connection
To connect power to the Switch, insert the female end of the power cord to the AC power receptacle on the rear panel. Connect the other end of the supplied power cord to a power outlet. GS2220 Series User’s Guide...
Page 47: Leds
PoE power usage is 0 percent of the power supplied budget. PoE MAX Amber Less than five percent of the power supplied budget remains. Five percent is the default value. (GS2220-28HP The Switch has a sufficient power supplied budget. and GS2220- 50HP) Ethernet Ports and PoE GS2220 Series User’s Guide...
Page 48 The Switch is transmitting or receiving data at 1000 Mbps. Amber The uplink port is linking at 100 Mbps. Blinking The Switch is transmitting or receiving data at 100 Mbps. There is no link or port, or the uplink port is shut down. GS2220 Series User’s Guide...
Page 49: T E C Hnic A L Re Fe Re Nc E
A RT T e c hnic a l Re fe re nc e...
Page 50: Web Configurator
Press [ENTER]. Your computer must be in the same subnet in order to access this website Addre ss address. Also, you can use the ZON Utility to check your Switch’s IP address. See Section 4.3 on page 54 for more information on the ZON utility. The following screen appears. GS2220 Series User’s Guide...
Page 51 Or select the Web Configurator in that has a set of menus specifically Ne two rke d AV Mo de designed to simplify configuration and management of the Switch for AVoIP (Audio-Video over Internet Protocol) application. GS2220 Series User’s Guide...
Page 52 Ne two rke d AV Mo de Wiza rd to change the administrator password and SNMP community string. Click on the Ste p 2 Pa sswo rd Finish last step of the to save your settings. Wiza rd GS2220 Series User’s Guide...
Page 53 Get- and GetNext- G e t C o m m unity requests from the management station. string is only used by SNMP managers using SNMP version 2c or lower. G e t C o m m unity GS2220 Series User’s Guide...
Page 54: Zyxel One Network (Zon) Utility
. You should see this information in the tab. Pro pe rtie s G e ne ra l Ha rdwa re Here are the minimum hardware requirements to use the ZON Utility on your computer. • Core i3 processor GS2220 Series User’s Guide...
Page 55: Run The Zon Utility
If your device is not listed here, see the device release notes for ZON m o de l a nd firm wa re ve rsio n Utility support. The release notes are in the firmware zip file on the Zyxel web site. GS2220 Series User’s Guide...
Page 56 Select a network adapter to which your supported devices are connected. Network Adapter Fig ure 41 Click the button for the ZON Utility to discover all supported devices in your network. Discovery Fig ure 42 The ZON Utility screen shows the devices discovered. GS2220 Series User’s Guide...
Page 57 7 Firmware Upgrade Use this icon to upgrade new firmware to selected devices of the same model. Make sure you have downloaded the firmware from the Zyxel website to your computer and unzipped it in advance. GS2220 Series User’s Guide...
Page 58: Networked Av Mode Wizard
• When the Switch is in its factory-default state, selecting Networked AV mode will automatically access the Se tup Wiza rd • When in Networked AV mode, click the link to access the Wiza rd Se tup Wiza rd GS2220 Series User’s Guide...
Page 59: Basic Settings
In order to set up your IP or DNS, please do the following. Click > > Wiza rd Ba sic Se tting s Ste p 1 IP access this screen. Wizard > Basic Settings > Step 1 IP Fig ure 46 GS2220 Series User’s Guide...
Page 60 Ne xt Cancel Click to exit this screen without saving. C a nc e l After clicking screen appears. Ne xt, Pa sswo rd Wizard > Basic Settings > Step 2 Password Fig ure 47 GS2220 Series User’s Guide...
Page 61 Pre vio us Next Click to show the next screen. Ne xt Cancel Click to exit this screen without saving. C a nc e l After clicking , the screen appears. Ne xt Ne two rke d AV GS2220 Series User’s Guide...
Page 62 Multic a st IG MP Sno o ping IG MP Q ue rie r Mo de Auto IG MP Q ue rie r Mo de Fixe d After clicking screen appears. Ne xt, Sum m a ry GS2220 Series User’s Guide...
Page 63 Se t C o m m unity Trap Community This field displays the string. T ra p C o m m unity Networked AV – Basic Settings Networked AV VLAN This field displays the VLAN ID for the AVoIP network. GS2220 Series User’s Guide...
Page 64: Advanced Settings
Networked AV service to a VLAN, select and assign port role, link aggregation (trunking), and view finished results. In order to set up your IP or DNS, please do the following. Click > > Wiza rd Adva nc e d Se tting s Ste p 1 IP access this screen. GS2220 Series User’s Guide...
Page 65 IP address. Next Click to show the next screen. Ne xt Cancel Click to exit this screen without saving. C a nc e l After clicking screen appears. Ne xt, Pa sswo rd GS2220 Series User’s Guide...
Page 66 Set- requests from Se t C o m m unity the management station. string is only used by SNMP managers using SNMP version 2c or lower. Se t C o m m unity GS2220 Series User’s Guide...
Page 67 You must enter a different VLAN ID in the field to be able to assign Ne two rke d AV VL AN another subnet mask that specifies the network number portion of an IP address. (Optional) Select Ports and Assign a Port Role GS2220 Series User’s Guide...
Page 68 Fig ure 53 Each field is described in the following table. Table 16 Wizard > Advanced Settings > Step 4 Summary L ABEL DESC RIPT IO N Setup IP Host Name This field displays a host name. GS2220 Series User’s Guide...
Page 69: Web Configurator Layout
4.5 We b C o nfig ura to r L a yo ut screen is the first screen that displays when you access the Web Configurator. Sta tus This guide uses GS2220-10HP and GS2220-50HP screens as examples. The screens may very slightly for GS2220 Series User’s Guide...
Page 70 G – Click this icon to switch between the Web Configurator’s mode. H – Sta nda rd Ne two rke d AV Click this link to go to the NCC (Nebula Control Center) portal website. I – GS2220 Series User’s Guide...
Page 71 This link takes you to a screen where you can configure the IP address and subnet mask (necessary for Switch management) and set up to 64 IP routing domains. Port Setup This link takes you to a screen where you can configure settings for individual Switch ports. GS2220 Series User’s Guide...
Page 72 The external servers should be RADIUS (Remote Authentication Dial-In User Service). IP Source Guard This link takes you to screens where you can configure filtering of unauthorized DHCP and ARP packets in your network. GS2220 Series User’s Guide...
Page 73 This link takes you to screens where you can configure clustering management and view its Management status. MAC Table This link takes you to a screen where you can view the MAC addresses (and types) of devices attached to what ports and VLAN IDs. GS2220 Series User’s Guide...
Page 74 This screen allows you to set priorities, PoE power-up settings and schedule so that the Switch is able to reserve and allocate power to certain PDs. Port Setup This screen allows you to configure settings for individual Switch ports. GS2220 Series User’s Guide...
Page 75: Change Your Password
After you log in for the first time, it is recommended you change the default administrator password. Click > > to display the next screen. Ma na g e m e nt Ac c e ss C o ntro l L o g ins GS2220 Series User’s Guide...
Page 76: Save Your Configuration
Delete all port-based VLANs with the CPU port as a member. The “CPU port” is the management port of the Switch. Filter all traffic to the CPU port. Disable all ports. Misconfigure the text configuration file. Forget the password and/or IP address. Prevent all services from accessing the Switch. GS2220 Series User’s Guide...
Page 77: Reset The Switch
This is recommended after you finish a management session for security reasons. Web Configurator: Logout Screen Fig ure 56 4.10 He lp The Web Configurator’s online help has descriptions of individual screens and some supplementary information. GS2220 Series User’s Guide...
Page 78 Click the link from a Web Configurator screen to view an online help description of that screen. He lp GS2220 Series User’s Guide...
Page 79: Initial Setup Example
Fig ure 57 Click > > in the navigation panel and click the Adva nc e d Applic a tio n VL AN VL AN C o nfig ura tio n Sta tic link. VL AN Se tup GS2220 Series User’s Guide...
Page 80 Switch to remove VLAN tags before sending. T X T a g g ing Click to save the settings to the run-time memory. Settings in the run-time memory are lost when the GS2220 Series User’s Guide...
Page 81: Set Port Vid
Po rt Se tup Enter 2 in the field for port 1 and click to save your changes back to the run-time memory. PVID Apply Settings in the run-time memory are lost when the Switch’s power is turned off. GS2220 Series User’s Guide...
Page 82: Configure Switch Management Ip Address
Open your web browser and enter 192.168.1.1 (the default IP address) in the address bar to access the Web Configurator. See Section 4.2 on page 50 for more information. Click > > in the navigation panel. Ba sic Se tting IP Se tup IP C o nfig ura tio n GS2220 Series User’s Guide...
Page 83 This is the same as the VLAN ID you configure in the screen. Sta tic VL AN Click to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. GS2220 Series User’s Guide...
Page 84: Tutorials
1 and 100 DHCP Client ( 1 and 100 Access the Switch through by default. Log into the Switch by entering the user name http:/ / 192.168.1.1 (default: ) and password (default: a dm in 1234 GS2220 Series User’s Guide...
Page 85 VL AN C o nfig ura tio n VL AN Po rt Se tup ports 4, 5 and 6 to 100. This tags untagged incoming frames on ports 4, 5 and 6 with the tag 100. GS2220 Series User’s Guide...
Page 86 T ruste d Se rve r T ruste d sta te 4 because the DHCP server is connected to port 4. Keep ports 5 and 6 because they are Untruste d connected to DHCP clients. Click Apply GS2220 Series User’s Guide...
Page 87 Adva nc e d Applic a tio n IP So urc e G ua rd IPv4 So urc e G ua rd , you should see an IP assignment with the type as shown. Se tup DHC P- Sno o ping GS2220 Series User’s Guide...
Page 88: How To Use Dhcpv4 Relay On The Switch
Access the Web Configurator through the Switch’s management port. Go to > and set the VLAN type to . Click to save the settings to Ba sic Se tting Switc h Se tup 802.1Q Apply the run-time memory. GS2220 Series User’s Guide...
Page 89 Switch to remove VLAN tags before sending. T X T a g g ing Click to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. GS2220 Series User’s Guide...
Page 90 2 to add a tag to incoming untagged frames received on that port so PVID that the frames are forwarded to the VLAN group that the tag defines. 10 Click to save your changes back to the run-time memory. Apply GS2220 Series User’s Guide...
Page 91: Configure Dhcpv4 Relay
Fig ure 72 Click the link in the upper right corner of the Web Configurator to save your configuration Sa ve permanently. The DHCP server can then assign a specific IP address based on the DHCP request. GS2220 Series User’s Guide...
Page 92: Troubleshooting
Vendor Class Identifier on the Switch. Se tting up a T FT P Se rve r Select a directory on the TFTP server. Put the configuration files in that directory. GS2220 Series User’s Guide...
Page 93 For example, if you save the auto configuration setting to , you C o nfig 1 need to click the button next to the field. C o nfig 1 Re b o o t Syste m GS2220 Series User’s Guide...
Page 94 Check the screens to see if it is the configuration file you want to load. If it is not, go through the steps above to check your configurations. If it is, click at the top right corner of the Web Configurator to Sa ve save the configuration permanently. Tutorial: Save Fig ure 77 GS2220 Series User’s Guide...
Page 95: Status
Switch or click at the top right corner of the Web Sta tus Sta tus Configurator. The screen displays general device information, system status, and its IP addresses. Sta tus GS2220 Series User’s Guide...
Page 96 This field displays the serial number of this Switch. The serial number is used for device tracking and control. Registration This field displays the MAC address of the Switch that you must use to register at myZyxel.com or MAC Address the NCC (Nebula Control Center). GS2220 Series User’s Guide...
Page 97: Neighbor Screen
This screen shows the neighboring device first recognized on an Ethernet port of the Switch. Device information is displayed in gray when the neighboring device is offline. Click > to see the following screen. Sta tus Ne ig hb o r GS2220 Series User’s Guide...
Page 98 OFF the power of the neighbor device and turn it back ON C yc le again. A count down button (from 5 to 0) starts. Note: The Switch must support power sourcing (PSE) or the network device is a powered device (PD). GS2220 Series User’s Guide...
Page 99: Neighbor Detail
Click the link in the > screen to see the following screen. Ne ig hb o r De ta il Sta tus Ne ig hb o r Status > Neighbor > Neighbor Detail Fig ure 80 GS2220 Series User’s Guide...
Page 100 The Switch must support power sourcing (PSE) or the network device is a powered device (PD). • If multiple neighbor devices use the same port, the button is not available. Re se t • You can only reset Zyxel powered devices that support the ZON utility. GS2220 Series User’s Guide...
Page 101: Basic Setting
Ne b ula Switc h Re g istra tio n 8.2 Syste m Info rm a tio n In the navigation panel, click > to display the screen as shown. Use this screen Ba sic Se tting Syste m Info to view general system information. GS2220 Series User’s Guide...
Page 102 This field displays the total number of bytes in this memory pool. Used (byte) This field displays the number of bytes being used in this memory pool. Utilization This field displays the percentage (%) of memory being used in this memory pool. Hardware Monitor GS2220 Series User’s Guide...
Page 103: General Setup
Use this screen to configure general settings such as the system name and time. Click > Ba sic Se tting in the navigation panel to display the screen as shown. G e ne ra l Se tup GS2220 Series User’s Guide...
Page 104 Enter the new time in hour, minute and second format. The new time then appears in the (hh:min:ss) field after you click C urre nt T im e Apply Current Date This field displays the date you open this menu. GS2220 Series User’s Guide...
Page 105: Introduction To Vlans
VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain. In traditional switched environments, all broadcast packets go to each and every individual port. With VLAN, all broadcasts are confined to a specific broadcast domain. GS2220 Series User’s Guide...
Page 106: Switch Setup
L e a ve Pe rio d single timer. Leave Time must be two times larger than ; the default is 600 L e a ve Pe rio d Jo in T im e r milliseconds. GS2220 Series User’s Guide...
Page 107: Ip Setup
8.6 IP Se tup Use the screen to configure the default gateway device, the default domain name server and IP Se tup add IP domains. 8.6.1 IP Sta tus Basic Setting > IP Status Fig ure 84 GS2220 Series User’s Guide...
Page 108: Ip Status Details
IP Address This is the IP address of your Switch in dotted decimal notation for example 192.168.1.1. IP Subnet Mask This is the IP subnet mask of your Switch in dotted decimal notation for example 255.255.255.0. GS2220 Series User’s Guide...
Page 109: Ip Configuration
This displays the IP address of the primary and secondary DNS servers assigned by the DHCP server. 0.0.0.0 means no DNS server is assigned. 8.6.3 IP C o nfig ura tio n Use this screen to configure the default gateway device, the default domain name server and add IP domains. GS2220 Series User’s Guide...
Page 110 Switch. You need to fill in the following fields when you select this option. IP Address Enter the IP address of your Switch in dotted decimal notation, for example, 172.21.40.x. This is the IP address of the Switch in an IP routing domain. GS2220 Series User’s Guide...
Page 111: Network Proxy Configuration
The proxy server of an organization may prohibit communication between the Switch and NCC (Nebula Control Center) (Section 8.11 on page 131). Use this screen to enable communication between the Switch and NCC through the proxy server. GS2220 Series User’s Guide...
Page 112: Port Setup
C a nc e l 8.7 Po rt Se tup Use this screen to configure Switch port settings. Click > in the navigation panel Ba sic Se tting Po rt Se tup to display the configuration screen. GS2220 Series User’s Guide...
Page 113 When the Switch’s auto-negotiation is turned off, a port uses the pre-configured speed and duplex mode when making a connection, thus requiring you to make sure that the settings of the peer port are the same in order to connect. GS2220 Series User’s Guide...
Page 114: Poe Status
PoE removes the hassle of trying to find a nearby electric outlet to power up devices. Powered Device Examples Fig ure 91 You can also set priorities so that the Switch is able to reserve and allocate power to certain PDs. GS2220 Series User’s Guide...
Page 115 Note: The Switch must have at least 16 W of remaining power in order to supply power to a PoE device, even if the PoE device needs less than 16 W. Port This is the port index number. GS2220 Series User’s Guide...
Page 116: Poe Time Range Setup
Adva nc e d Applic a tio n T im e Ra ng e Click the link in the > screen. The following screen opens. Po E T im e Ra ng e Se tup Ba sic Se tting Po E Sta tus GS2220 Series User’s Guide...
Page 117: Poe Setup
Use this screen to set the PoE power management mode, priority levels, power-up mode and the maximum amount of power for the connected PDs. Click the link in the > screen. The following screen opens. Po E Se tup Ba sic Se tting Po E Sta tus GS2220 Series User’s Guide...
Page 118 Switch to assign the remaining power to the port after all critical priority Hig h ports are served. Select to set the Switch to assign the remaining power to the port after all critical and high L o w priority ports are served. GS2220 Series User’s Guide...
Page 119 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 120: Interface Setup
Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Click to remove the selected entry from the summary table. De le te Cancel Click to clear the check boxes. C a nc e l GS2220 Series User’s Guide...
Page 121: Ipv6
8.10.2 IPv6 Inte rfa c e Sta tus Use this screen to view a specific IPv6 interface status and detailed information. Click an interface index number in the > screen. The following screen opens. Ba sic Se tting IPv6 GS2220 Series User’s Guide...
Page 122 IP address is preferred, which means it is a valid address and can be used as a sender or receiver address. Global Unicast This field displays the Switch’s global unicast address to identify this interface. Address(es) GS2220 Series User’s Guide...
Page 123: Ipv6 Configuration
8.10.3 IPv6 C o nfig ura tio n Use this screen to configure IPv6 settings on the Switch. Click the link in the IPv6 C o nfig ura tio n Ba sic > screen. The following screen opens. Se tting IPv6 GS2220 Series User’s Guide...
Page 124: Ipv6 Global Setup
IPv6 G lo b a l Se tup IPv6 screen to display the screen as shown next. C o nfig ura tio n Basic Setting > IPv6 > IPv6 Configuration > IPv6 Global Setup Fig ure 99 GS2220 Series User’s Guide...
Page 125: Ipv6 Interface Setup
C le a r Index This is the interface index number. Click on an index number to change the settings. Interface This is the name of the IPv6 interface you created. GS2220 Series User’s Guide...
Page 126: Ipv6 Link-Local Address Setup
This is the name of the IPv6 interface you created. IPv6 Link-Local This is the static IPv6 link-local address for the interface. Address IPv6 Default This is the default gateway IPv6 address for the interface. Gateway GS2220 Series User’s Guide...
Page 127: Ipv6 Global Address Setup
This is the interface index number. Click an index number to change the settings. Interface This is the name of the IPv6 interface you created. IPv6 Global This field displays the IPv6 global address and prefix length for the interface. Address/Prefix Length GS2220 Series User’s Guide...
Page 128: Ipv6 Neighbor Discovery Setup
This is the interface index number. Click on an index number to change the settings. Interface This is the name of the IPv6 interface you created. DAD Attempts This field displays the number of consecutive neighbor solicitations the Switch sends for this interface. GS2220 Series User’s Guide...
Page 129: Ipv6 Neighbor Setup
C a nc e l Clear Click to reset the fields to the factory defaults. C le a r Index This is the interface index number. Click an index number to change the settings. GS2220 Series User’s Guide...
Page 130: Dhcpv6 Client Setup
Switch’s run-time memory. The Switch loses these Apply changes if it is turned off or loses power, so use the link on the top navigation panel to save Sa ve your changes to the non-volatile memory when you are done configuring. GS2220 Series User’s Guide...
Page 131: Cloud Management
Click > > to display this screen. Ba sic Se tting C lo ud Ma na g e m e nt Ne b ula C o ntro l C e nte r Disc o ve ry GS2220 Series User’s Guide...
Page 132: Nebula Switch Registration
This screen has a QR code containing the Switch’s serial number and MAC address for handy NCC registration of the Switch using the Nebula Mobile app. First, download the app from the Google Play store for Android devices or the App Store for iOS devices and create an organization and site. GS2220 Series User’s Guide...
Page 133: Vlan
• Use the screen (Section 9.12 on page 151) to set up VLANs where the packet Po rt- Ba se d VL AN Se tup forwarding decision is based on the destination MAC address and its associated port. GS2220 Series User’s Guide...
Page 134: What You Need To Know
GARP (Generic Attribute Registration Protocol) allows network switches to register and de-register attribute values with other GARP participants within a bridged LAN. GARP is a protocol that provides a generic mechanism for protocols that serve a more specific application, for example, GVRP. GS2220 Series User’s Guide...
Page 135 VLAN groups in the end devices (A and B). C, D and E automatically allow frames with VLAN group tags 1 and 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking ports. GS2220 Series User’s Guide...
Page 136 9.2.0.4 Se le c t the VL AN T ype Select a VLAN type in the > screen. Ba sic Se tting Switc h Se tup Basic Setting > Switch Setup > Select VLAN Type Fig ure 110 GS2220 Series User’s Guide...
Page 137: Vlan Status
This is the VLAN index number. Click an index number to view more VLAN details. This is the VLAN identification number that was configured in the corresponding VLAN configuration screen. Name This fields shows the descriptive name of the VLAN. GS2220 Series User’s Guide...
Page 138: Vlan Details
: added as a permanent entry Sta tic : manually added as a Voice VLAN Vo ic e : added through multicast VLAN registration : manually added as MAC-based VLAN MAC - b a se d GS2220 Series User’s Guide...
Page 139: Vlan Configuration
Use this screen to configure a static VLAN for the Switch. Click the link in the Sta tic VL AN Se tup VL AN screen to display the screen as shown next. C o nfig ura tio n GS2220 Series User’s Guide...
Page 140 Otherwise, to ensure that VLAN-unaware devices (such as computers and hubs) can receive frames properly, clear the check box to set the Switch to remove VLAN tags before T X T a g g ing sending. GS2220 Series User’s Guide...
Page 141: Configure Vlan Port Settings
Use this screen to configure the static VLAN (IEEE 802.1Q) settings on a port. Click the link VL AN Po rt Se tup in the screen. VL AN C o nfig ura tio n Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup Fig ure 115 GS2220 Series User’s Guide...
Page 142: Subnet Based Vlans
VLAN. One advantage of using subnet based VLANs is that priority can be assigned to traffic from the same IP subnet. Note: Subnet based VLAN applies to un-tagged packets and is applicable only when you use IEEE 802.1Q tagged VLAN. GS2220 Series User’s Guide...
Page 143: Configuring Subnet Based Vlan
9.7.1 C o nfig uring Sub ne t Ba se d VL AN Click the link in the screen to display the configuration Sub ne t Ba se d VL AN Se tup VL AN C o nfig ura tio n screen as shown. GS2220 Series User’s Guide...
Page 144 This is the index number identifying this subnet based VLAN. Click on any of these numbers to edit an existing subnet based VLAN. Active This field shows whether the subnet based VLAN is active or not. GS2220 Series User’s Guide...
Page 145: Protocol Based Vlans
9.8.1 C o nfig uring Pro to c o l Ba se d VL AN Click the link in the screen to display the configuration Pro to c o l Ba se d VL AN Se tup VL AN C o nfig ura tio n screen as shown. GS2220 Series User’s Guide...
Page 146 This field shows the priority which is assigned to frames belonging to this protocol based VLAN. Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. GS2220 Series User’s Guide...
Page 147: Voice Vlan
Vo ic e VL AN Se tup VL AN C o nfig ura tio n shown. Advanced Application > VLAN > VLAN Configuration > Voice VLAN Setup Fig ure 120 GS2220 Series User’s Guide...
Page 148: Mac Based Vlan
MAC address of the packet is looked up in a MAC to VLAN mapping table. If an entry is found, the corresponding VLAN ID is assigned to the packet. The assigned VLAN ID is verified against the VLAN table. If the VLAN is valid, ingress processing on the packet continues; otherwise, the packet is dropped. GS2220 Series User’s Guide...
Page 149: Vendor Id Based Vlan
9.11 Ve ndo r ID Ba se d VL AN The Vendor ID based VLAN feature assigns incoming untagged packets to a VLAN and classifies the traffic based on the source MAC address of the packet. When untagged packets arrive at the switch, GS2220 Series User’s Guide...
Page 150 Enter a number between 0 and 255 to specify the rule’s weight. This is to decide the priority in which the rule is applied. The higher the number, the higher the rule’s priority. Click to save the new vendor ID based VLAN entry. GS2220 Series User’s Guide...
Page 151: Port-Based Vlan Setup
Po rt Ba se d Ba sic Se tting Switc h Se tup Adva nc e d > from the navigation panel to display the next screen. Applic a tio n VL AN GS2220 Series User’s Guide...
Page 152 Chapter 9 VLAN Advanced Application > VLAN: Port Based VLAN Setup (All Connected) Fig ure 123 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) Fig ure 124 GS2220 Series User’s Guide...
Page 153 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 154: Static Mac Forwarding
Click > in the navigation panel to display the Adva nc e d Applic a tio n Sta tic MAC Fo rwa rding configuration screen as shown. Advanced Application > Static MAC Forwarding Fig ure 125 GS2220 Series User’s Guide...
Page 155 Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Click to remove the selected entry from the summary table. De le te Cancel Click to clear the check boxes. C a nc e l GS2220 Series User’s Guide...
Page 156: Static Multicast Forwarding
Figure 127 on page shows frames being forwarded to devices connected to port 3. Figure 128 on page 157 shows frames being forwarded to ports 2 and 3 within VLAN group 4. No Static Multicast Forwarding Fig ure 126 GS2220 Series User’s Guide...
Page 157: Configure Static Multicast Forwarding
Click > to display the configuration screen as shown. Adva nc e d Applic a tio n Sta tic Multic a st Fo rwa rding Advanced Application > Static Multicast Forwarding Fig ure 129 GS2220 Series User’s Guide...
Page 158 Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Click to remove the selected entry from the summary table. De le te Cancel Click to clear the check boxes. C a nc e l GS2220 Series User’s Guide...
Page 159: Filtering
Use this screen to create rules for traffic going through the Switch. Click > Adva nc e d Applic a tio n Filte ring in the navigation panel to display the screen as shown next. Advanced Application > Filtering Fig ure 130 GS2220 Series User’s Guide...
Page 160 Delete Check the rules that you want to remove and then click the button. De le te Cancel Click to clear the selected check boxes. C a nc e l GS2220 Series User’s Guide...
Page 161: Spanning Tree Protocol
It allows a switch to interact with other (R)STP-compliant switches in your network to ensure that only one path exists between any two stations on the network. The Switch uses IEEE 802.1w RSTP (Rapid Spanning Tree Protocol) that allows faster convergence of the GS2220 Series User’s Guide...
Page 162 ST P Po rt Sta te s STP assigns five port states to eliminate packet looping. A bridge port is not allowed to go directly from GS2220 Series User’s Guide...
Page 163 • A VLAN can be mapped to a specific Multiple Spanning Tree Instance (MSTI). MSTI allows multiple VLANs to use the same spanning tree. • Load-balancing is possible as traffic from different VLANs can use distinct paths in a region. GS2220 Series User’s Guide...
Page 164: Spanning Tree Protocol Status
Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 165: Rapid Spanning Tree Protocol Status
This is the number of times the spanning tree has been reconfigured. Changed Times Time Since Last This is the time since the spanning tree was last reconfigured. Change Port This field displays the number of the port on the Switch. GS2220 Series User’s Guide...
Page 166: Configure Rapid Spanning Tree Protocol
Use this screen to configure RSTP settings, see Section 13.1 on page 161 for more information on RSTP. Click in the > screen. RST P Adva nc e d Applic a tio n Spa nning T re e Pro to c o l GS2220 Series User’s Guide...
Page 167 LAN. If it is a root port, a new root port is selected from among the Switch ports attached to the network. The allowed range is 6 to 40 seconds. GS2220 Series User’s Guide...
Page 168: Configure Multiple Spanning Tree Protocol
13.6 C o nfig ure Multiple Spa nning T re e Pro to c o l To configure MSTP, click in the > screen. MST P Adva nc e d Applic a tio n Spa nning T re e Pro to c o l GS2220 Series User’s Guide...
Page 169 Multiple Spa nning T re e Adva nc e d Applic a tio n > screen to enable MSTP on the Switch. Spa nning T re e Pro to c o l C o nfig ura tio n GS2220 Series User’s Guide...
Page 170 Priority decides which port should be disabled when more than one port forms a loop in the Switch. Ports with a higher priority numeric value are disabled first. The allowed range is between 0 and 255 and the default value is 128. GS2220 Series User’s Guide...
Page 171: Multiple Spanning Tree Protocol Port Configuration
Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. GS2220 Series User’s Guide...
Page 172: Multiple Spanning Tree Protocol Status
Adva nc e d Applic a tio n Spa nning T re e Pro to c o l screen as shown next. Note: This screen is only available after you activate MSTP on the Switch. GS2220 Series User’s Guide...
Page 173 This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. Configuration This field displays the configuration name for this MST region. Name Revision Number This field displays the revision number for this MST region. GS2220 Series User’s Guide...
Page 174 – the Switch receives superior BPDUs on the port and blocks the port. Ro o t- inc o nsiste nt • – the Switch unblocks and allows the port to forward frames again. Fo rwa rding GS2220 Series User’s Guide...
Page 175: Configure Multiple Rapid Spanning Tree Protocol
LAN. If it is a root port, a new root port is selected from among the Switch ports attached to the network. The allowed range is 6 to 40 seconds. GS2220 Series User’s Guide...
Page 176: Multiple Rapid Spanning Tree Protocol Status
Spa nning T re e Pro to c o l screen as shown next. See Section 13.9 on page 176 for more information on MRSTP. Note: This screen is only available after you activate MRSTP on the Switch. GS2220 Series User’s Guide...
Page 177 – The port learns MAC addresses and processes BPDUs, but does not forward L e a rning frames yet. • – The port is operating normally. It learns MAC addresses, processes BPDUs Fo rwa rding and forwards received frames. GS2220 Series User’s Guide...
Page 178: Technical Reference
STP or RSTP, the link for VLAN 2 will be blocked as STP and RSTP allow only one link in the network and block the redundant link. STP/RSTP Network Example Fig ure 141 GS2220 Series User’s Guide...
Page 179: Mst Region
Each created MSTI is identified by a unique number (known as an MST ID) known internally to a region. Thus an MSTI does not span across MST regions. The following figure shows an example where there are two MST regions. Regions 1 and 2 have two spanning tree instances. GS2220 Series User’s Guide...
Page 180: Common And Internal Spanning Tree (Cist)
CIST. In an MSTP-enabled network, there is only one CIST that runs between MST regions and single spanning tree devices. A network may contain multiple MST regions and other network segments running RSTP. MSTP and Legacy RSTP Network Example Fig ure 144 GS2220 Series User’s Guide...
Page 181: Bandwidth Control
Click > in the navigation panel to bring up the screen as Adva nc e d Applic a tio n Ba ndwidth C o ntro l shown next. Advanced Application > Bandwidth Control Fig ure 145 GS2220 Series User’s Guide...
Page 182 Sa ve changes to the non-volatile memory when you are done configuring. Cancel Click to reset the fields. C a nc e l GS2220 Series User’s Guide...
Page 183: Broadcast Storm Control
Adva nc e d Applic a tio n Bro a dc a st Sto rm C o ntro l shown next. Advanced Application > Broadcast Storm Control Fig ure 146 GS2220 Series User’s Guide...
Page 184 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to reset the fields. C a nc e l GS2220 Series User’s Guide...
Page 185: Mirroring
Adva nc e d Applic a tio n Mirro ring Mirro ring screen to select a monitor port and specify the traffic flow to be copied to the monitor port. Advanced Application > Mirroring Fig ure 147 GS2220 Series User’s Guide...
Page 186 Sa ve to the non-volatile memory when you are done configuring. Cancel Click to reset the fields. C a nc e l GS2220 Series User’s Guide...
Page 187: Link Aggregation
When you enable LACP link aggregation on a port, the port can automatically negotiate with the ports at the remote end of a link to establish trunk groups. LACP also allows port redundancy, that is, if an GS2220 Series User’s Guide...
Page 188: Link Aggregation Status
Section 17.1 on page 187 for more information. Advanced Application > Link Aggregation Status Fig ure 148 Port Priority and Port Number are 0 as it is the aggregator ID for the trunk group, not the individual port. GS2220 Series User’s Guide...
Page 189: Link Aggregation Setting
Adva nc e d Applic a tio n L ink Ag g re g a tio n L ink Ag g re g a tio n Se tting next. See Section 17.1 on page 187 for more information on link aggregation. GS2220 Series User’s Guide...
Page 190 Select the trunk group to which a port belongs. Note: When you enable the port security feature on the Switch and configure port security settings for a port, you cannot include the port in an active trunk group. GS2220 Series User’s Guide...
Page 191: Link Aggregation Control Protocol
(and lowest port number if system priority is the same) becomes the LACP “server”. The LACP “server” controls the operation of LACP setup. Enter a number to set the priority of an active port using Link Aggregation Control Protocol (LACP). The smaller the number, the higher the priority level. GS2220 Series User’s Guide...
Page 192: Technical Reference
, select the traffic distribution algorithm used by this group and select the ports that should belong to this group as shown in the figure below. Click when you are done. Apply GS2220 Series User’s Guide...
Page 193 Chapter 17 Link Aggregation Trunking Example Configuration Screen – Fig ure 152 Your trunk group 1 ( ) configuration is now complete. GS2220 Series User’s Guide...
Page 194: Port Authentication
At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client software. GS2220 Series User’s Guide...
Page 195: What You Need To Know
Switch does not prompt the client for login credentials. The login credentials are based on the source MAC address of the client connecting to a port on the Switch along with a password configured specifically for MAC authentication on the Switch. GS2220 Series User’s Guide...
Page 196: Port Authentication Configuration
18.3 Ac tiva te IEEE 802.1x Se c urity Use this screen to activate IEEE 802.1x security. In the screen click to display Po rt Authe ntic a tio n 802.1x the configuration screen as shown. GS2220 Series User’s Guide...
Page 197 Specify if a subscriber has to periodically re-enter his or her user name and password to stay connected to the port. Reauth-period Specify the length of time required to pass before a client has to re-enter his or her user name secs and password to stay connected to the port. GS2220 Series User’s Guide...
Page 198: Activate Mac Authentication
Use this screen to activate MAC authentication. In the screen click Po rt Authe ntic a tio n to display the configuration screen as shown. Authe ntic a tio n Advanced Application > Port Authentication > MAC Authentication Fig ure 157 GS2220 Series User’s Guide...
Page 199: Guest Vlan
You can configure your Switch to have one VLAN that acts as a guest VLAN. If you enable the guest VLAN ( in the example) on a port ( in the GS2220 Series User’s Guide...
Page 200 Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Changes in this row are copied to all the ports as soon as you make them. GS2220 Series User’s Guide...
Page 201: Compound Authentication
Switch along with a password configured specifically for MAC authentication on the Switch. In the screen click to display the configuration Po rt Authe ntic a tio n C o m po und Authe ntic a tio n Mo de screen as shown. GS2220 Series User’s Guide...
Page 202 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 203: Port Security
19.2 Po rt Se c urity Se tup Click > in the navigation panel to display the screen as shown. Adva nc e d Applic a tio n Po rt Se c urity Advanced Application > Port Security Fig ure 161 GS2220 Series User’s Guide...
Page 204 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 205: Time Range
20.2 C o nfig uring T im e Ra ng e Click > in the navigation panel to display the screen as shown. Adva nc e d Applic a tio n T im e Ra ng e Advanced Application > Time Range Fig ure 162 GS2220 Series User’s Guide...
Page 206 Delete Check the rules that you want to remove and then click the button. De le te Cancel Click to clear the selected check boxes. C a nc e l GS2220 Series User’s Guide...
Page 207: Classifier
Setting up QoS involves two separate steps: Configure classifiers to sort traffic into different flows. Configure policy rules to define actions to be performed on a classified traffic flow (refer to Chapter 22 on page 216 to configure policy rules). GS2220 Series User’s Guide...
Page 208: Classifier Status
(or policy) to act upon the traffic that matches the rules. In the screen click to display the configuration screen as shown. C la ssifie r Sta tus C la ssifie r C o nfig ura tio n GS2220 Series User’s Guide...
Page 209 Enter a number between 0 and 65535 to specify the rule’s weight. When the match order is in manual mode in the screen, a higher weight means a higher priority. C la ssifie r G lo b a l Se tting GS2220 Series User’s Guide...
Page 210 MAC address of 00:13:49:12:34:56 matches this criteria. If you leave the field blank, the Ma sk Switch automatically sets the mask to ff:ff:ff:ff:ff:ff. Layer 3 Specify the fields below to configure a layer 3 classifier. GS2220 Series User’s Guide...
Page 211 Cancel Click to reset the fields back to your previous configuration. C a nc e l Clear Click to set the above fields back to the factory defaults. C le a r GS2220 Series User’s Guide...
Page 212: Viewing And Editing Classifier Configuration Summary
PRO T O C O L NUMBER IP ETHII 0800 X.75 Internet 0801 NBS Internet 0802 ECMA Internet 0803 Chaosnet 0804 X.25 Level 3 0805 XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208 IBM SNA 80D5 AppleTalk AARP 80F3 GS2220 Series User’s Guide...
Page 213: Classifier Global Setting Configuration
(VLAN ID) in classifier A and configure a layer-3 item (source IP address) in classifier B. When an incoming packet matches both classifier rules, classifier B has priority over classifier A. Logging GS2220 Series User’s Guide...
Page 214: Classifier Example
C a nc e l 21.5 C la ssifie r Exa m ple The following screen shows an example where you configure a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. GS2220 Series User’s Guide...
Page 215 Chapter 21 Classifier Classifier: Example Fig ure 167 EXAMPLE After you have configured a classifier, you can configure a policy (in the screen) to define Po lic y actions on the classified traffic flow. GS2220 Series User’s Guide...
Page 216: Policy Rule
DiffServ network. Based on the marking rule, different kinds of traffic can be marked for different kinds of forwarding. Resources can then be allocated according to the DSCP values and the configured policies. GS2220 Series User’s Guide...
Page 217: Configuring Policy Rules
[SHIFT] and select the choices at the same time. Parameters Set the fields below for this policy. You only have to set the fields that is related to the actions you configure in the field. Ac tio n GS2220 Series User’s Guide...
Page 218 The Switch loses these changes if it is turned off or loses power, so use the Sa ve link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. GS2220 Series User’s Guide...
Page 219: Policy Example
Po lic y discard out-of-profile traffic on a traffic flow classified using the classifier (refer to Section 21.5 Exa m ple on page 214). Policy Example Fig ure 169 GS2220 Series User’s Guide...
Page 220: Queuing Method
This queue then moves to the back of the list. The next queue is given an equal amount of bandwidth, and then moves to the end of the list; and so on, depending on the number of queues being used. This works in a looping fashion until a queue is empty. GS2220 Series User’s Guide...
Page 221: Configuring Queuing
Use this screen to set priorities for the queues of the Switch. This distributes bandwidth across the different traffic queues. Click > in the navigation panel. Adva nc e d Applic a tio n Q ue uing Me tho d Advanced Application > Queuing Method Fig ure 170 GS2220 Series User’s Guide...
Page 222 Sa ve the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 223: Multicast
VLAN. 24.1.2 Wha t Yo u Ne e d to Kno w Read on for concepts on Multicasting that can help you configure the screens in this chapter. GS2220 Series User’s Guide...
Page 224 The connection between ports 8 and 9 is blocked by STP to break the loop. If there is one query from a router ( ) or MLD Done or Report message from any upstream port, it will be broadcast to all connected upstream ports. GS2220 Series User’s Guide...
Page 225 MVR. Join and leave reports from other multicast groups are managed by IGMP snooping. The following figure shows a network example. The subscriber VLAN ( ) information is hidden from the streaming media server, . In addition, the multicast VLAN information is only visible to the Switch and GS2220 Series User’s Guide...
Page 226 Switch). If there is another subscriber device connected to this port in the same subscriber VLAN, the receiving port will still be on the list of forwarding destination for the multicast traffic. Otherwise, the Switch removes the receiver port from the forwarding table. GS2220 Series User’s Guide...
Page 227: Multicast Setup
Adva nc e d Applic a tio n Multic a st IPv4 Multic a st shows the IPv4 multicast group information. See Section 24.1 on page 223 for more information on multicasting. Advanced Application > Multicast > IPv4 Multicast Fig ure 174 GS2220 Series User’s Guide...
Page 228: Igmp Snooping
L ABEL DESC RIPT IO N IGMP Snooping Use these settings to configure IGMP snooping. Active Select to enable IGMP Snooping to forward group multicast traffic only to ports that Ac tive are members of that group. GS2220 Series User’s Guide...
Page 229 IGMP query port on the specified VLANs. Use a dash to specify consecutive VLANs and a comma (no spaces) to specify non-consecutive VLANs. For example, 51–53 includes 51, 52 and 53, but 51,53 does not include 52. GS2220 Series User’s Guide...
Page 230 IGMP join report received on this port until an existing multicast De ny forwarding table entry is aged out. Select to replace an existing entry in the multicast forwarding table with the new Re pla c e IGMP reports received on this port. GS2220 Series User’s Guide...
Page 231: Igmp Snooping Vlan
IG MP Sno o ping VL AN and VLANs on page 224 for more information on IGMP Snooping VLAN. Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping > IGMP Snooping VLAN Fig ure 176 GS2220 Series User’s Guide...
Page 232: Igmp Filtering Profile
Adva nc e d Applic a tio n Multic a st IPv4 Multic a st IG MP link and then the link to display the screen as shown. Sno o ping IG MP Filte ring Pro file GS2220 Series User’s Guide...
Page 233 To delete a rules from a profile, select the rules that you want to remove in the De le te Rule column, then click the button. De le te Cancel Click to clear the check boxes. C a nc e l De le te Pro file De le te Rule GS2220 Series User’s Guide...
Page 234: Ipv6 Multicast Status
Sa ve to save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 235: Mld Snooping-Proxy Vlan
When an MLD Done message is received, the Switch sets the entry’s lifetime to be the product of L a st Me m b e r Q ue ry Inte rva l Ro b ustne ss Va ria b le GS2220 Series User’s Guide...
Page 236: Mld Snooping-Proxy Vlan Port Role Setting
Multic a st IPv6 Multic a st ML D Sno o ping - > screen to display the screen as shown. See Section 24.1 on page 223 for more information pro xy VL AN on multicasting. GS2220 Series User’s Guide...
Page 237 ) or wait for an MLD report before the Im m e dia te leave timeout ( ) or fast leave timeout ( ) when an MLD leave message is No rm a l Fa st received on this port from a host. GS2220 Series User’s Guide...
Page 238: Mld Snooping-Proxy Filtering
Table 105 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering L ABEL DESC RIPT IO N Active Select this option to enable MLD filtering on the Switch. Port This field displays the port number. GS2220 Series User’s Guide...
Page 239: Mld Snooping-Proxy Filtering Profile
IPv6 Multic a st ML D Sno o ping - pro xy screen to display the screen as shown. Filte ring Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering > Fig ure 183 Filtering Profile GS2220 Series User’s Guide...
Page 240: General Mvr Configuration
Note: You can create up to five multicast VLANs and up to 256 multicast rules on the Switch. Note: Your Switch automatically creates a static VLAN (with the same VID) when you create a multicast VLAN in this screen. GS2220 Series User’s Guide...
Page 241 Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Changes in this row are copied to all the ports as soon as you make them. GS2220 Series User’s Guide...
Page 242: Mvr Group Configuration
Use this screen to configure MVR IP multicast group addresses. Click the link in the G ro up C o nfig ura tio n screen. Note: A port can belong to more than one multicast VLAN. However, IP multicast group addresses in different multicast VLANs cannot overlap. GS2220 Series User’s Guide...
Page 243 If you delete a multicast VLAN, all multicast groups in this VLAN will also be removed. Cancel Select to clear the check boxes in the table. C a nc e l GS2220 Series User’s Guide...
Page 244: Mvr Configuration Example
The following figure shows an example where two IPv4 G ro up C o nfig ura tio n multicast groups ( ) are configured for the multicast VLAN 200. Ne ws Mo vie GS2220 Series User’s Guide...
Page 245 Chapter 24 Multicast MVR Group Configuration Example-1 Fig ure 188 EXAMPLE MVR Group Configuration Example-2 Fig ure 189 EXAMPLE GS2220 Series User’s Guide...
Page 246: Aaa
Switch itself or it can use an external server to authorize a large number of users. Accounting is the process of recording what a user is doing. The Switch can use an external server to GS2220 Series User’s Guide...
Page 247: Aaa Screens
Fig ure 191 25.3 RADIUS Se rve r Se tup Use this screen to configure your RADIUS server settings. Click the link in the RADIUS Se rve r Se tup screen to view the screen as shown. GS2220 Series User’s Guide...
Page 248 Enter the IP address of an external RADIUS server in dotted decimal notation. UDP Port The default port of a RADIUS server for authentication is . You need not change this value 1812 unless your network administrator instructs you to do so. GS2220 Series User’s Guide...
Page 249: Tacacs+ Server Setup
25.4 T AC AC S+ Se rve r Se tup Use this screen to configure your TACACS+ server settings. Click on the link in the T AC AC S+ Se rve r Se tup screen to view the screen as shown. GS2220 Series User’s Guide...
Page 250 Delete Check this box if you want to remove an existing TACACS+ server entry from the Switch. This entry is deleted when you click Apply Accounting Use this section to configure your TACACS+ accounting settings. Server GS2220 Series User’s Guide...
Page 251: Aaa Setup
Use this screen to configure authentication, authorization and accounting settings on the Switch. Click on the link in the screen to view the screen as shown. AAA Se tup Advanced Application > AAA > AAA Setup Fig ure 194 GS2220 Series User’s Guide...
Page 252 This is the amount of time in minutes before the Switch sends an update to the accounting server. This is only valid if you select the option for the entries. sta rt- sto p Exe c Do t1x GS2220 Series User’s Guide...
Page 253: Technical Reference
Attributes (VSAs) to expand the functionality of a RADIUS server. The Switch supports VSAs that allow you to perform the following actions based on user authentication: • Limit bandwidth on incoming or outgoing traffic for the port the user connects to. GS2220 Series User’s Guide...
Page 254 VLAN settings are fixed and untagged. This will also set the port’s VID. The following table describes the values you need to configure. Note that these attributes only work when you enable authorization (see Section 25.5 on page 251). GS2220 Series User’s Guide...
Page 255: Supported Radius Attributes
25.6.3.2 Attrib ute s Use d to L o g in Use rs User-Name User-Password NAS-Identifier NAS-IP-Address 25.6.3.3 Attrib ute s Use d b y the IEEE 802.1x Authe ntic a tio n User-Name NAS-Identifier NAS-IP-Address NAS-Port NAS-Port-Type GS2220 Series User’s Guide...
Page 256: Attributes Used For Accounting
Acct-Terminate-Cause  Table 116 RADIUS Attributes – Exec Events through Telnet/SSH AT T RIBUT E ST ART INT ERIM- UPDAT E ST O P User-Name    NAS-Identifier    NAS-IP-Address    GS2220 Series User’s Guide...
Page 257 Acct-Status-Type Acct-Delay-Time    Acct-Session-Id       Acct-Authentic Acct-Input-Octets   Acct-Output-Octets   Acct-Session-Time   Acct-Input-Packets   Acct-Output-Packets   Acct-Terminate-Cause  Acct-Input-Gigawords   Acct-Output-Gigawords   GS2220 Series User’s Guide...
Page 258: Ip Source Guard
26.1.2 Wha t Yo u Ne e d to Kno w The Switch builds the binding table by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings). IP source guard consists of the following features: GS2220 Series User’s Guide...
Page 259: Ip Source Guard
Click the link to open a screen where you can enable a DHCPv6 snooping policy on a Setup specific VLAN interface. IPv6 DHCP Trust Setup Click the link to open a screen where you can specify which ports are trusted for DHCPv6 snooping. GS2220 Series User’s Guide...
Page 260: Ipv4 Source Guard Setup
To open this screen, click > > > Adva nc e d Applic a tio n IP So urc e G ua rd IPv4 So urc e G ua rd Se tup Sta tic Binding GS2220 Series User’s Guide...
Page 261 This saves your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the link on the top navigation panel to save your Sa ve changes to the non-volatile memory when you are done configuring. GS2220 Series User’s Guide...
Page 262 Delete Select the entries that you want to remove, then click the button to remove the De le te selected entries from the table. Cancel Click this to clear the check boxes above. GS2220 Series User’s Guide...
Page 263: Dhcp Snooping
To open this screen, click > > > Adva nc e d Applic a tio n IP So urc e G ua rd IPv4 So urc e G ua rd Se tup DHC P Sno o ping GS2220 Series User’s Guide...
Page 264 This field displays how long (in seconds) the Switch waits to update the DHCP snooping database after the current bindings change. This section displays information about the current update and the next update of the DHCP snooping database. GS2220 Series User’s Guide...
Page 265 MAC address and VLAN ID. Invalid interfaces This field displays the number of bindings the Switch ignored because the port number was a trusted interface or does not exist anymore. GS2220 Series User’s Guide...
Page 266: Dhcp Snooping Configure
IPv4 So urc e G ua rd Se tup DHC P > Sno o ping C o nfig ure Advanced Application > IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Fig ure 199 Configure GS2220 Series User’s Guide...
Page 267: Dhcp Snooping Port Configure
Adva nc e d Applic a tio n IP So urc e G ua rd IPv4 So urc e G ua rd Se tup DHC P > > Sno o ping C o nfig ure Po rt GS2220 Series User’s Guide...
Page 268: Dhcp Snooping Vlan Configure
Use this screen to enable DHCP snooping on each VLAN and to specify whether or not the Switch adds DHCP relay agent option 82 information to DHCP requests that the Switch relays to a DHCP server for each VLAN. GS2220 Series User’s Guide...
Page 269: Dhcp Snooping Vlan Port Configure
Adva nc e d Applic a tio n IP So urc e G ua rd IPv4 So urc e G ua rd Se tup DHC P > > > Sno o ping C o nfig ure VL AN Po rt GS2220 Series User’s Guide...
Page 270: Technical Reference
Click this to clear the check boxes above. De le te 27.4 T e c hnic a l Re fe re nc e This section provides technical background information on the topics discussed in this chapter. GS2220 Series User’s Guide...
Page 271: Dhcp Snooping Overview
You can configure the name and location of the file on the external TFTP server. The file has the following format: DHCP Snooping Database File Format Fig ure 203 <initial-checksum> TYPE DHCP-SNOOPING VERSION 1 BEGIN <binding-1> <checksum-1> <binding-2> <checksum-1-2> <binding-n> <checksum-1-2-..-n> The <initial-checksum> helps distinguish between the bindings in the latest update and the bindings GS2220 Series User’s Guide...
Page 272 Enable DHCP snooping on the Switch. Enable DHCP snooping on each VLAN, and configure DHCP relay option 82. Configure trusted and untrusted ports, and specify the maximum number of DHCP packets that each port can receive per second. Configure static bindings. GS2220 Series User’s Guide...
Page 273: Arp Inspection
De le te Change Pages Click to show the previous or next screen if all status information Pre vio us Pa g e Ne xt Pa g e cannot be seen in one screen. GS2220 Series User’s Guide...
Page 274: Arp Inspection Vlan Status
Adva nc e d Applic a tio n IP So urc e G ua rd IPv4 > > So urc e G ua rd Se tup ARP Inspe c tio n L o g Sta tus GS2220 Series User’s Guide...
Page 275: Arp Inspection Configure
> > > > Adva nc e d Applic a tio n IP So urc e G ua rd IPv4 So urc e G ua rd Se tup ARP Inspe c tio n GS2220 Series User’s Guide...
Page 276 Enter 0 if you want the Switch to send syslog messages immediately. See Syslo g for an example of the relationship between ra te Syslo g ra te L o g inte rva l GS2220 Series User’s Guide...
Page 277: Arp Inspection Port Configure
Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. GS2220 Series User’s Guide...
Page 278: Arp Inspection Vlan Configure
IPv4 So urc e G ua rd Se tup ARP Inspe c tio n C o nfig ure VL AN Advanced Application > IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Fig ure 209 Configure > VLAN GS2220 Series User’s Guide...
Page 279: Ipv6 Source Guard Overview
Switch that do not match an entry in the IPSG binding table, the Switch will drop these packets. The Switch forwards matching traffic normally. The IPv6 source guard related screens are available in standalone mode. GS2220 Series User’s Guide...
Page 280: Ipv6 Source Binding Status
(for example, a static binding). infinity Type This field displays how the Switch learned the binding. : This static binding was learned from information provided manually by an administrator. : This dhcp-snooping binding was learned by snooping DHCP packets. GS2220 Series User’s Guide...
Page 281: Ipv6 Static Binding Setup
This field displays the source VLAN ID in the binding. If the entry is blank, this field will not be checked in the binding. Port This field displays the port number in the binding. If this field is blank, the binding applies to all ports. GS2220 Series User’s Guide...
Page 282: Ipv6 Source Guard Policy Setup
FE80::/10 and the interface identifier in the modified EUI-64 format. Click this to create the IPv6 source guard policy or to update an existing one. Cancel Click this to reset the values above or if not applicable, to clear the fields above. GS2220 Series User’s Guide...
Page 283: Ipv6 Source Guard Port Setup
Note: Changes in this row are copied to all the ports as soon as you make them. Policy Name Select an IPv6 source guard policy that the Switch will apply to this port. GS2220 Series User’s Guide...
Page 284: Ipv6 Snooping Policy Setup
Clear Click this to clear the fields above. Index This field displays a sequential number for each IPv6 snooping policy. Name This field displays the descriptive name for identification purposes for this IPv6 source guard policy. GS2220 Series User’s Guide...
Page 285: Ipv6 Snooping Vlan Setup
Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Select an entry check box and click to remove the specified entry. De le te Cancel Click this to clear the check boxes above. De le te GS2220 Series User’s Guide...
Page 286: Ipv6 Dhcp Trust Setup
• The packet is a DHCPv6 server packet (for example, ADVERTISE, REPLY, or RELAY-REPLY). • The source MAC address and source IP address in the packet do not match any of the current bindings. GS2220 Series User’s Guide...
Page 287: Technical Reference
MAC address filter remains in the Switch. These MAC address filters are different than regular MAC address filters. • They are stored only in volatile memory. • They do not use the same space in memory that regular MAC address filters use. GS2220 Series User’s Guide...
Page 288 ARP inspection so that the Switch has enough time to build the binding table. Enable ARP inspection on each VLAN. Configure trusted and untrusted ports, and specify the maximum number of ARP packets that each port can receive per second. GS2220 Series User’s Guide...
Page 289: Loop Guard
It will then re-broadcast those messages again. The following figure shows port on switch connected to switch . Switch has two ports, mistakenly connected to each other. It forms a loop. When broadcast or multicast packets leave port GS2220 Series User’s Guide...
Page 290 Switch. Loop Guard – Network Loop Fig ure 221 Note: After resolving the loop problem on your network you can re-activate the disabled port through the Web Configurator or through commands (See the CLI Reference Guide). GS2220 Series User’s Guide...
Page 291: Loop Guard Setup
Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 292: Vlan Mapping
293) to enable Switch VLAN mapping on the VL AN Ma pping ports. • Use the screen (Section 30.2.1 on page 293) to enable and edit the VLAN VL AN Ma pping C o nfig ure mapping rules. GS2220 Series User’s Guide...
Page 293: Enable Vlan Mapping
30.2.1 VL AN Ma pping C o nfig ure Click the link in the screen to display the screen as shown. Use VL AN Ma pping C o nfig ure VL AN Ma pping this screen to enable and edit the VLAN mapping rules. GS2220 Series User’s Guide...
Page 294 This is the priority level that replaces the customer priority level in the tagged packets. Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. GS2220 Series User’s Guide...
Page 295 Check the rules that you want to remove in the column and then click the De le te De le te button. Cancel Click to clear the check boxes. C a nc e l De le te GS2220 Series User’s Guide...
Page 296: Layer 2 Protocol Tunneling
2 protocol packets with a specific MAC address before sending them across the service provider’s network to other edge switches. Layer 2 Protocol Tunneling Network Scenario Fig ure 226 In the following example, if you enable L2PT for STP, you can have switches in the same GS2220 Series User’s Guide...
Page 297: Configuring Layer 2 Protocol Tunneling
31.2 C o nfig uring L a ye r 2 Pro to c o l T unne ling Click > in the navigation panel to display the screen Adva nc e d Applic a tio n L a ye r 2 Pro to c o l T unne ling as shown. GS2220 Series User’s Guide...
Page 298 VLAN configuration through the service provider’s network. LLDP Select this option to have the Switch tunnel LLDP (Link Layer Discovery Protocol) packets so that all network devices can advertise its identity and capabilities through the service provider’s network. GS2220 Series User’s Guide...
Page 299 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 300: Pppoe
32.1.2.1 PPPo E Inte rm e dia te Ag e nt T a g Fo rm a t If the PPPoE Intermediate Agent is enabled, the Switch adds a vendor-specific tag to PADI (PPPoE Active Discovery Initialization) and PADR (PPPoE Active Discovery Request) packets from PPPoE clients. GS2220 Series User’s Guide...
Page 301 Table 146 PPPoE IA Circuit ID Sub-option Format: Using Identifier String and Variables SubOpt Length Value 0x01 Identifier delimiter Slot ID delimiter Port No delimiter VLAN ID String (1 byte) (1 byte) (1 byte) (1 byte) (1 byte) (2 byte) (1 byte) (53 byte) bytes) GS2220 Series User’s Guide...
Page 302: Pppoe
Adva nc e d Applic a tio n PPPo E C lic k to go to the screen. He re Inte rm e dia te Ag e nt Advanced Application > PPPoE > Intermediate Agent Fig ure 229 GS2220 Series User’s Guide...
Page 303: Pppoe Intermediate Agent
Select a delimiter to separate the identifier-string, slot ID, port number and/or VLAN ID from each other. You can use a pound key ( ), semi-colon ( ), period ( ), comma ( ), forward slash ( ) or space. GS2220 Series User’s Guide...
Page 304: Pppoe Ia Per-Port
Use this row to make the setting the same for all ports. Use this row first and then make adjustments on a port-by-port basis. Changes in this row are copied to all the ports as soon as you make them. GS2220 Series User’s Guide...
Page 305: Pppoe Ia Per-Port Per-Vlan
> screen to display the screen as shown. VL AN Inte rm e dia te Ag e nt Po rt Advanced Application > PPPoE > Intermediate Agent > Port > VLAN Fig ure 232 GS2220 Series User’s Guide...
Page 306: Pppoe Ia For Vlan
Switch appends the Circuit ID and/or Remote ID to PPPoE discovery packets from a specific VLAN. Click the link in the screen to display the screen as shown. VL AN Inte rm e dia te Ag e nt Advanced Application > PPPoE > Intermediate Agent > VLAN Fig ure 233 GS2220 Series User’s Guide...
Page 307 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 308: Error-Disable
• Use the screen (Section 33.6 on page 313) to set the Switch to automatically Errdisa b le Re c o ve ry undo an action after the error is gone. GS2220 Series User’s Guide...
Page 309: Error-Disable Settings
Click the link next to in the C lic k he re Errdisa b le Sta tus Adva nc e d > screen to display the screen as shown. Applic a tio n Errdisa b le GS2220 Series User’s Guide...
Page 310 - lim ita tio n every one second. Rate This field displays how many control packets this port can receive or transmit per second. It can be adjusted in means no rate limit. C PU Pro te c tio n GS2220 Series User’s Guide...
Page 311: Cpu Protection Configuration
The following table describes the labels in this screen. Table 154 Advanced Application > Errdisable > CPU protection L ABEL DESC RIPT IO N Reason Select the type of control packet you want to configure here. Port This field displays the port number. GS2220 Series User’s Guide...
Page 312: Error-Disable Detect Configuration
– The Switch drops all the specified control packets (such as BPDU) on the ina c tive - re a so n port. • – The Switch drops the additional control packets the ports has to handle in ra te - lim ita tio n every one second. GS2220 Series User’s Guide...
Page 313: Error-Disable Recovery Configuration
Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 314: Vlan Isolation
34.2 C o nfig uring VL AN Iso la tio n Click > in the navigation panel to display the screen as shown. Adva nc e d Applic a tio n Vla n Iso la tio n GS2220 Series User’s Guide...
Page 315 Delete Check the rules that you want to remove and then click the button. De le te Cancel Click to clear the check boxes. C a nc e l GS2220 Series User’s Guide...
Page 316: Green Ethernet
Adva nc e d Applic a tio n G re e n Ethe rne t Note: EEE, Auto Power Down and Short Reach are NOT supported on an uplink port. GS2220 Series User’s Guide...
Page 317 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 318: Link Layer Discovery Protocol (Lldp)
• Power via MDI TLV (optional, For PoE models only) • Link Aggregation TLV (optional) • Maximum Frame Size TLV (optional) The optional TLVs are inserted between the Time To Live TLV and the End of LLDPDU TLV. GS2220 Series User’s Guide...
Page 319: Lldp-Med Overview
Since LLDPDU updates status and configuration information periodically, network managers may check the result of provision through remote status. The remote status is updated by receiving LLDP-MED TLVs from endpoint devices. GS2220 Series User’s Guide...
Page 320: Lldp Settings
Click here to show a screen with the Switch’s LLDP information. Status LLDP Remote Click here to show a screen with LLDP information from the neighboring devices. Status LLDP Click here to show a screen to configure LLDP parameters. Configuration GS2220 Series User’s Guide...
Page 321: Lldp Local Status
Adva nc e d Applic a tio n L L DP L L DP to display the screen as shown next. L o c a l Sta tus Advanced Application > LLDP > LLDP Local Status Fig ure 245 GS2220 Series User’s Guide...
Page 322: Lldp Local Port Status Detail
Adva nc e d Applic a tio n L L DP > and then, click a port number, for example 1 in the local port column to display the L L DP L o c a l Sta tus screen as shown next. GS2220 Series User’s Guide...
Page 323 Chapter 36 Link Layer Discovery Protocol (LLDP) Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail Fig ure 246 GS2220 Series User’s Guide...
Page 324 Exte nd Po we r via MDI PD • Inve nto ry Ma na g e m e nt Device Type This is the LLDP-MED device class. The Zyxel Switch device type is: • Network Connectivity GS2220 Series User’s Guide...
Page 325: Lldp Remote Status
This is an alpha-numeric string that contains the specific identifier for the port from which this LLDPDU was transmitted. The port ID is identified by the port ID subtype. Port Description This displays a description for the port from which this LLDPDU was transmitted. GS2220 Series User’s Guide...
Page 326: Lldp Remote Port Status Detail
This displays the time-to-live (TTL) multiplier of LLDP frames. The device information on the neighboring devices ages out and is discarded when its corresponding TTL expires. The TTL value is to multiply the TTL multiplier by the LLDP frames transmitting interval. Port Description This displays the remote port description. GS2220 Series User’s Guide...
Page 327 Syste m C a pa b ilitie s Suppo rte d • Syste m C a pa b ilitie s Ena b le d Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Dot 1 Fig ure 249 and Dot3 TLV) GS2220 Series User’s Guide...
Page 328 MDI Ena b le d • Pa ir C o ntro lla b le • PSE Po we r Pa irs • Po we r C la ss Max Frame Size This displays the maximum supported frame size in octets. GS2220 Series User’s Guide...
Page 329 Chapter 36 Link Layer Discovery Protocol (LLDP) Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (MED Fig ure 250 TLV) GS2220 Series User’s Guide...
Page 330 – the Endpoint Device’s power priority (which the Network Connectivity Po we r Prio rity Device may use to prioritize which devices will remain in service during power shortages). • – power requirement, in fractions of Watts, in current configuration. Po we r Va lue GS2220 Series User’s Guide...
Page 331: Lldp Configuration
Use this row to make the setting the same for all ports. Use this row first and then make adjustments to each port if necessary. Changes in this row are copied to all the ports as soon as you make them. GS2220 Series User’s Guide...
Page 332: Lldp Configuration Basic Tlv Setting
Select the check boxes to enable or to disable the sending of System Capabilities TLVs on the ports. System Description Select the check boxes to enable or to disable the sending of System Description TLVs on the ports. GS2220 Series User’s Guide...
Page 333: Lldp Configuration Org-Specific Tlv Setting
Configuration/Status TLVs on the ports. All check boxes in this column are enabled by default. Max Frame Size Select the check boxes to enable or disable the sending of IEEE 802.3 Max Frame Size TLVs on the ports. GS2220 Series User’s Guide...
Page 334: Lldp-Med Configuration
Use this row to make the setting the same for all ports. Use this row first and then make adjustments to each port if necessary. Changes in this row are copied to all the ports as soon as you make them. Notification Topology Select to enable LLDP-MED topology change traps on this port. Change GS2220 Series User’s Guide...
Page 335: Lldp-Med Network Policy
- sig na ling Select to tag or untag in the network policy. • tagged • untagged VLAN Enter the VLAN ID number. It should be from 1 to 4094. For priority tagged frames, enter “0”. GS2220 Series User’s Guide...
Page 336: Lldp-Med Location
> > to display the screen as shown Adva nc e d Applic a tio n L L DP L L DP- MED L o c a tio n (C lic k He re ) next. GS2220 Series User’s Guide...
Page 337 West. • we st • e a st Altitude Enter the altitude information. The value should be from –2097151 to 2097151 in meters or in floors. • m e te rs • flo o r GS2220 Series User’s Guide...
Page 338 Delete Check the locations that you want to remove, then click the button. De le te Cancel Click to clear the selected check boxes. C a nc e l GS2220 Series User’s Guide...
Page 339: Anti-Arpscan
ARP-requests from a host exceed the thresholds, the trusted port will not be closed. • If a port on the Switch is closed by , and you want to recover it, then do one of the Anti- a rpsc a n following: GS2220 Series User’s Guide...
Page 340: Anti-Arpscan Status
Use this screen to view blocked hosts and unblock ones connected to certain ports. To open this screen, click > > Adva nc e d Applic a tio n Anti- Arpsc a n Ho st Sta tus GS2220 Series User’s Guide...
Page 341: Anti-Arpscan Trust Host
To open this screen, click > > Adva nc e d Applic a tio n Anti- Arpsc a n T rust Ho st Advanced Application > Anti-Arpscan > Trust Host Fig ure 259 GS2220 Series User’s Guide...
Page 342: Anti-Arpscan Configure
Anti- Arpsc a n trusted or untrusted. To open this screen, click > > Adva nc e d Applic a tio n Anti- Arpsc a n C o nfig ure Advanced Application > Anti-Arpscan > Configure Fig ure 260 GS2220 Series User’s Guide...
Page 343 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. GS2220 Series User’s Guide...
Page 344: Bpdu Guard
Use this screen to view whether BPDU guard is enabled on the Switch and the port status. Click > in the navigation panel. Adva nc e d Applic a tio n BPDU G ua rd Advanced Application > BPDU Guard Status Fig ure 261 GS2220 Series User’s Guide...
Page 345: Bpdu Guard Configuration
The following table describes the fields in the above screen. Table 177 Advanced Application > BPDU Guard > BPDU Guard Configuration L ABEL DESC RIPT IO N Active Select this option to enable BPDU guard on the Switch. Port This field displays the port number. GS2220 Series User’s Guide...
Page 346 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 347: Oam
39.2 O AM Sta tus Use this screen to view the configuration of ports on which Ethernet OAM is enabled. Click Adva nc e d > in the navigation panel. Applic a tio n O AM GS2220 Series User’s Guide...
Page 348: Oam Details
Use this screen to view OAM configuration details and operational status of a specific port. Click a number in the column in the screen to display the screen as shown next. Po rt O AM Sta tus GS2220 Series User’s Guide...
Page 349 : The port waits for the remote device to initiate OAM discovery; sends information Pa ssive PDUs; may send event notification PDUs; and may respond to variable request PDUs or loopback control PDUs. The Switch might not support some types of PDUs, as indicated in the fields below. GS2220 Series User’s Guide...
Page 350 This field displays the MAC address of the IEEE 802.3ah-enabled remote Ethernet device that is connected to the Switch. Vendor(oui) This field displays the Organizationally Unique Identifiers (OUI) representing the vendor of the IEEE 802.3ah-enabled remote Ethernet device that is connected to the Switch. GS2220 Series User’s Guide...
Page 351: Oam Configuration
Use this screen to turn on Ethernet OAM on the Switch and ports and configure the related settings. In the screen click to display the configuration screen as shown. O AM Sta tus C o nfig ura tio n GS2220 Series User’s Guide...
Page 352 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 353: Oam Remote Loopback
Enable Sta rt Loopback Control PDUs to the remote device. Stop Click to terminate a remote-loopback test from the specified port by sending Disable Sto p Loopback Control PDUs to the remote device. GS2220 Series User’s Guide...
Page 354: Zuld
40.1.2 Wha t Yo u Ne e d to Kno w • ZULD must be enabled on the Switch and the ports in order to detect unidirectional links by monitoring OAMPDUs. GS2220 Series User’s Guide...
Page 355: Zuld Status
Switch. ZUL D Port This field displays the port number. Active This field displays whether ZULD is enabled on the port or not. ZULD must be enabled to detect an unidirectional link by monitoring OAMPDUs. GS2220 Series User’s Guide...
Page 356: Zuld Configuration
Use this screen to enable ZULD on a port, configure a mode and set the probe time. To open this screen, click > > Adva nc e d Applic a tio n ZUL D C o nfig ura tio n Advanced Application > ZULD > Configuration Fig ure 269 GS2220 Series User’s Guide...
Page 357 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. GS2220 Series User’s Guide...
Page 358: Auto Pd Recovery
PD c a use d b y a po we r c uto ff during firm wa re upg ra de . To open this screen, click > Adva nc e d Applic a tio n Auto PD Re c o ve ry GS2220 Series User’s Guide...
Page 359 Polling Interval Specify the number of seconds the Switch waits for a response before sending another ping request. For example, the Switch will try to detect the PD status by performing ping requests every 20 seconds. GS2220 Series User’s Guide...
Page 360: Activate The Automatic Pd Recovery
41.2.1 Ac tiva te the Auto m a tic PD Re c o ve ry Follow the steps below to activate the automatic PD recovery. In the > screen, activate the feature. Adva nc e d Applic a tio n Auto PD Re c o ve ry GS2220 Series User’s Guide...
Page 361 Chapter 41 Auto PD Recovery Auto PD Recovery (Ping Mode) Fig ure 272 Auto PD Recovery (LLDP Mode) Fig ure 273 Select the desired ports in the column. Ac tive Select the Mo de GS2220 Series User’s Guide...
Page 362 PD Re c o ve ry func tio n b e fo re upg ra ding the PD's firm wa re . T his will pre ve nt da m a g e c a use d b y a po we r c uto ff. GS2220 Series User’s Guide...
Page 363: Static Route
364) to display the link to the Sta tic Ro uting IPv4 Sta tic Ro ute screen. • Use the screen (Section 42.3 on page 364) to configure and enable an IPv4 static IPv4 Sta tic Ro ute route. GS2220 Series User’s Guide...
Page 364: Static Routing
> screen to display the screen IPv4 Sta tic Ro ute IP Applic a tio n Sta tic Ro uting as shown. IP Application > Static Routing > IPv4 Static Route Fig ure 276 GS2220 Series User’s Guide...
Page 365 Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Click to remove the selected entry from the summary table. De le te Cancel Click to clear the check boxes. C a nc e l GS2220 Series User’s Guide...
Page 366: Differentiated Services
ToS-enabled network device will not conflict with the DSCP mapping. The DSCP value determines the PHB (Per-Hop Behavior), that each packet gets as it is forwarded across the DiffServ network. Based on the marking rule different kinds of traffic can be marked for different GS2220 Series User’s Guide...
Page 367: Activating Diffserv
43.2 Ac tiva ting DiffSe rv Activate DiffServ to apply marking rules or IEEE 802.1p priority mapping on the selected ports. Click > in the navigation panel to display the screen as shown. IP Applic a tio n DiffSe rv GS2220 Series User’s Guide...
Page 368: Dscp-To-Ieee 802.1P Priority Settings
IEEE 802.1p 43.3.1 C o nfig uring DSC P Se tting s To change the DSCP-IEEE 802.1p mapping click the link in the screen to display the DSC P Se tting DiffSe rv screen as shown next. GS2220 Series User’s Guide...
Page 369 Sa ve the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 370: Dhcp
If there is already a DHCP server on your network, then you can configure the Switch as a DHCP relay agent. When the Switch receives a request from a computer on your network, it contacts the DHCP server for the necessary IP information, and then relays the assigned information back to the computer. GS2220 Series User’s Guide...
Page 371: Dhcp Configuration
– if the Switch is configured as a DHCP relay agent only. G lo b a l – followed by a VLAN ID or multiple VLAN IDs if it is configured as a relay agent for specific VL A N VLANs. GS2220 Series User’s Guide...
Page 372: Dhcpv4 Relay
Table 191 DHCP Relay Agent Information Option Format Code Length (82) i1, i2 and iN are DHCP relay agent sub-options, which contain additional information about the DHCP client. You need to define at least one sub-option. GS2220 Series User’s Guide...
Page 373: Dhcpv4 Option 82 Profile
Use this section to configure the Circuit ID sub-option to include information that is specific to the relay agent (the Switch). Enable Select this option to have the Switch add the Circuit ID sub-option to client DHCP requests that it relays to a DHCP server. GS2220 Series User’s Guide...
Page 374: Configuring Dhcpv4 Global Relay
Use this screen to configure global DHCPv4 relay. Click > > in the IP Applic a tio n DHC P DHC Pv4 navigation panel and click the link to display the screen as shown. G lo b a l GS2220 Series User’s Guide...
Page 375: Configure Dhcpv4 Global Relay Port
Use this screen to apply a different DHCP option 82 profile to certain ports on the Switch. To open this screen, click > > > > IP Applic a tio n DHC P DHC Pv4 G lo b a l Po rt IP Application > DHCP > DHCPv4 > Global > Port Fig ure 285 GS2220 Series User’s Guide...
Page 376: Global Dhcp Relay Configuration Example
The follow figure shows a network example where the Switch is used to relay DHCP requests for the domains. There is only one DHCP server that services the DHCP clients in both VL AN1 VL AN2 domains. GS2220 Series User’s Guide...
Page 377: Dhcpv4 Vlan Setting
Applic a tio n DHC P DHC Pv4 VL AN DHC P Sta tus that displays. Note: You must set up a management IP address for each VLAN that you want to configure DHCP settings for on the Switch. GS2220 Series User’s Guide...
Page 378: Configure Dhcpv4 Vlan Port
Use this screen to apply a different DHCP option 82 profile to certain ports in a VLAN. To open this screen, click > > > > IP Applic a tio n DHC P DHC Pv4 VL AN Po rt GS2220 Series User’s Guide...
Page 379: Example: Dhcp Relay For Two Vlans
VLAN. The system is set up to forward DHCP requests from the dormitory rooms (VLAN 1) to the DHCP server with an IP address of 192.168.1.100. Requests from the academic buildings (VLAN 2) are sent to the other DHCP server with an IP address of 172.16.10.100. GS2220 Series User’s Guide...
Page 380: Dhcpv6 Relay
The DHCPv6 server copies the interface-ID option from the Relay-Forward message into the Relay-Reply message and sends it to the relay agent. The interface-ID should not change even after the relay agent restarts. GS2220 Series User’s Guide...
Page 381 Delete Check the entries that you want to remove and then click the button. De le te Cancel Click to clear the selected check boxes. C a nc e l GS2220 Series User’s Guide...
Page 382: Dhcp Server Guard
Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to reset the fields to their last saved values. C a nc e l GS2220 Series User’s Guide...
Page 383: Arp Setup
The Switch supports three ARP learning modes: ARP-Reply, Gratuitous-ARP, and ARP-Request. ARP- Re ply The Switch in ARP-Reply learning mode updates the ARP table only with the ARP replies to the ARP requests sent by the Switch. This can help prevent ARP spoofing. GS2220 Series User’s Guide...
Page 384 Therefore in the following example, the Switch can learn host ’s MAC address from the ARP request sent by host . The Switch then forwards host ’s ICMP reply to host right after getting host ’s MAC GS2220 Series User’s Guide...
Page 385: Arp Setup
Use this screen to configure each port’s ARP learning mode. Click the link next to in the ARP L e a rning > screen to display the screen as shown next. Applic a tio n ARP Se tup GS2220 Series User’s Guide...
Page 386 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 387: Maintenance
46.2 Ma inte na nc e Se tting s Use this screen to manage firmware and your configuration files. Click > Ma na g e m e nt Ma inte na nc e the navigation panel to open the following screen. GS2220 Series User’s Guide...
Page 388 Log reports include CPU history and utilization, crash and memory. Certificates Click to see the screen and import the Switch's CA-signed certificates. C lic k He re C e rtific a te GS2220 Series User’s Guide...
Page 389: Erase Running-Configuration
), a or the C o nfig 1 C o nfig 2 C usto m De fa ult Fa c to ry configuration when you reboot. Follow the steps below to reboot the Switch. De fa ult GS2220 Series User’s Guide...
Page 390: Factory Default
(next to ) on C usto m De fa ult Re b o o t Syste m the Switch. You will then have to make all your configurations again on the Switch. GS2220 Series User’s Guide...
Page 391: Firmware Upgrade
Upg ra de C o nfig Bo o t Im a g e reboot the Switch and click to apply the new firmware immediately. Click to load the Apply Upg ra de new firmware. GS2220 Series User’s Guide...
Page 392: Restore Configuration
. "config" is the name of C ho o se File Bro wse Re sto re the configuration file on the Switch, so your backup configuration file is automatically renamed when you restore using this screen. GS2220 Series User’s Guide...
Page 393: Backup Configuration
Switch using the DHCP or HTTPS mode. This will overwrite the running configuration stored in the Switch’s RAM instead of the startup configuration stored in the Switch’s flash memory. Management > Maintenance > Auto Configuration Fig ure 303 GS2220 Series User’s Guide...
Page 394: Tech-Support
CLI command by typing “Show tech-support” command. Click > > to see the following screen. Ma na g e m e nt Ma inte na nc e T e c h- Suppo rt GS2220 Series User’s Guide...
Page 395 Switch is shutdown or during power outage. Memory Section Click to see the memory section log report. This log report is stored in flash Do wnlo a d memory. GS2220 Series User’s Guide...
Page 396: Tech-Support Download
Use this screen to import Ma na g e m e nt Ma inte na nc e C e rtific a te s the Switch's CA-signed certificates. Management > Maintenance > Certificates Fig ure 306 GS2220 Series User’s Guide...
Page 397: Https Certificates
Use this screen to view the HTTPS certificate details. Click a hyperlink in the column in the Se rvic e > > screen to open the following screen. Ma na g e m e nt Ma inte na nc e C e rtific a te s GS2220 Series User’s Guide...
Page 398: Technical Reference
Switch setup, IP Setup, and so on. Once you have customized the Switch’s settings, they can be saved back to your computer under a filename of your choosing. ZyNOS (Zyxel Network Operating System sometimes referred to as the “ras” file) is the system firmware GS2220 Series User’s Guide...
Page 399: Ftp Command Line Procedure
“config”. Likewise get config config.cfg transfers the configuration file on the Switch to your computer and renames it to “config.cfg”. See Table 207 on page 399 for more information on filename conventions. Enter quit to exit the ftp prompt. GS2220 Series User’s Guide...
Page 400: Gui-Based Ftp Clients
• The IP addresses in the screen does not match the client IP address. If it does Re m o te Ma na g e m e nt not match, the Switch will disconnect the FTP session immediately. GS2220 Series User’s Guide...
Page 401: Access Control
Use this screen to display the main screen. Click > in the navigation panel to display the main screen as shown. Ma na g e m e nt Ac c e ss C o ntro l GS2220 Series User’s Guide...
Page 402: Configure Snmp
Use this screen to configure your SNMP settings. Click > > to view the screen as shown. Ma na g e m e nt Ac c e ss C o ntro l SNMP Management > Access Control > SNMP Fig ure 309 GS2220 Series User’s Guide...
Page 403: Configure Snmp Trap Group
Use the screen to SNMP T ra p G ro up T ra p G ro up specify the types of SNMP traps that should be sent to each SNMP manager. GS2220 Series User’s Guide...
Page 404: Enable Or Disable Sending Of Snmp Traps On A Port
Use this screen to set SNMP T ra p G ro up Po rt whether a trap received on the ports would be sent to the SNMP manager. GS2220 Series User’s Guide...
Page 405: Configure Snmp User
Use the screen to create SNMP users SNMP Use r Use r for authentication with managers using SNMP v3 and associate them to SNMP groups. An SNMP user is an SNMP manager. GS2220 Series User’s Guide...
Page 406 AES applies a 128-bit key to 128-bit blocks of data. Password Enter the password of up to 32 ASCII characters (except [ ? ], [ | ], [ ' ], [ " ] or [ , ]) for encrypting SNMP packets. GS2220 Series User’s Guide...
Page 407: Set Up Login Accounts
Switch settings. The configuration right varies depending on the user’s privilege level. Click > > to view the screen as shown. Ma na g e m e nt Ac c e ss C o ntro l L o g ins GS2220 Series User’s Guide...
Page 408 The session privilege initially comes from the privilege of the login account. For example, if the user has a privilege of 5, he or she can run commands that requires privilege level of 5 or less but not more. GS2220 Series User’s Guide...
Page 409: Service Access Control
User B cannot connect to the Switch (through SSH) before the for User A expires (default 150 seconds). L o g in T im e o ut GS2220 Series User’s Guide...
Page 410: Remote Management
Configure the IP address range of trusted computers from which you can manage this Switch. End Address The Switch checks if the client IP address of a computer requesting a service or protocol matches the range set here. The Switch immediately disconnects the session if it does not match. GS2220 Series User’s Guide...
Page 411: Technical Reference
A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects. SNMP itself is a simple request or response protocol based on the manager or agent model. The GS2220 Series User’s Guide...
Page 412 O BJEC T L ABEL O BJEC T ID DESC RIPT IO N coldstart coldStart 1.3.6.1.6.3.1.1.5.1 This trap is sent when the Switch is turned warmstart warmStart 1.3.6.1.6.3.1.1.5.2 This trap is sent when the Switch restarts. GS2220 Series User’s Guide...
Page 413 1.3.6.1.4.1.890.1.15.3.24.4.2 This trap is sent when the Switch ceases the action taken on a port, such as shutting down the port or discarding packets on the port, after the specified recovery interval. GS2220 Series User’s Guide...
Page 414 1.3.6.1.4.1.890.1.15.3.9.4.1 This trap is sent when users log in. zyAccessControlLogoutRec 1.3.6.1.4.1.890.1.15.3.9.4.2 This trap is sent when users log out. zyAccessControlLoginFail 1.3.6.1.4.1.890.1.15.3.9.4.3 This trap is sent when users fail in login. GS2220 Series User’s Guide...
Page 415 This trap is sent when the Ethernet link is up. linkdown linkDown 1.3.6.1.6.3.1.1.5.3 This trap is sent when the Ethernet link is down. autonegotiation zyPortAutonegotiationFailed 1.3.6.1.4.1.890.1.15.3.61.3.1 This trap is sent when an Ethernet interface fails to auto-negotiate with the peer Ethernet interface. GS2220 Series User’s Guide...
Page 416 Storm-control zyPortStormControlTrap 1.3.6.1.4.1.890.1.15.3.78.2.1 This trap is sent when storm control is detected on a specific port. A packet filter action has been applied on the interface. GS2220 Series User’s Guide...
Page 417 1.3.6.1.2.1.80.0.3 This trap is sent when a ping test is completed. traceroute traceRouteTestFailed 1.3.6.1.2.1.81.0.2 This trap is sent when a traceroute test fails. traceRouteTestCompleted 1.3.6.1.2.1.81.0.3 This trap is sent when a traceroute test is completed. GS2220 Series User’s Guide...
Page 418: Ssh Overview
SSH Communication Example Fig ure 317 47.7.2.1 Ho w SSH Wo rks The following table summarizes how a secure connection is established between two remote hosts. GS2220 Series User’s Guide...
Page 419 Your Switch supports SSH version 2 using RSA authentication and three encryption methods (DES, 3DES and Blowfish). The SSH server is implemented on the Switch for remote management and file transfer on port 22. Only one SSH connection is allowed at a time. GS2220 Series User’s Guide...
Page 420: Introduction To Https
If you have not changed the default HTTPS port on the Switch, then in your browser enter “https://Switch IP Address/” as the web site address where “Switch IP Address” is the IP address or domain name of the Switch you wish to access. GS2220 Series User’s Guide...
Page 421 After you log in, you will see the red address bar with the message . Click on C e rtific a te Erro r C e rtific a te next to the address bar and click Erro r Vie w c e rtific a te s GS2220 Series User’s Guide...
Page 422 Yo ur c o nne c tio n is no t se c ure display. If that is the case, click and then the button. I Unde rsta nd the Risks Add Exc e ptio n... GS2220 Series User’s Guide...
Page 423 Fig ure 324 Confirm the HTTPS server URL matches. Click to proceed to the Web C o nfirm Se c urity Exc e ptio n Configurator login screen. Security Alert (Mozilla Firefox) Fig ure 325 EXAMPLE GS2220 Series User’s Guide...
Page 424: Google Chrome Warning Messages
After you accept the certificate and enter the login username and password, the Switch main screen appears. The lock displayed in the bottom right of the browser status bar or next to the website address denotes a secure connection. GS2220 Series User’s Guide...
Page 425 Chapter 47 Access Control Example: Lock Denoting a Secure Connection Fig ure 327 EXAMPLE GS2220 Series User’s Guide...
Page 426: Diagnostic
Use this screen to ping IP Ma na g e m e nt Dia g no stic addresses, run a traceroute, perform port tests or show the Switch’s location between devices. Management > Diagnostic Fig ure 328 GS2220 Series User’s Guide...
Page 427 An Ethernet cable usually has four pairs of wires. A 10BASE-T or 100BASE-TX port only use and test two pairs, while a 1000BASE-T port requires all four pairs. This displays the descriptive name of the wire-pair in the cable. GS2220 Series User’s Guide...
Page 428 Enter a time interval (in minutes) and click to show the actual location of the Switch Blink between several devices in a rack. The default time interval is 30 minutes. Click to have the Switch terminate the blinking locater LED. Sto p GS2220 Series User’s Guide...
Page 429: System Log
Click to clear the whole log, regardless of what is Re fre sh C le a r currently displayed on the screen. Click to save the log to your computer. Do wnlo a d GS2220 Series User’s Guide...
Page 430: Syslog Setup
The syslog feature sends logs to an external syslog server. Use this screen to configure the device’s system logging settings and configure a list of external syslog servers. Click > in the navigation panel to display this screen. Ma na g e m e nt Syslo g Se tup GS2220 Series User’s Guide...
Page 431 The default syslog server port is 514. If your syslog server uses a different port, configure the one it uses here. Log Level Select the severity levels of the logs that you want the device to send to this syslog server. The lower the number, the more critical the logs are. GS2220 Series User’s Guide...
Page 432 Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Click to remove the selected entries. De le te Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 433: Cluster Management
The switches being managed by the cluster manager Switch. In the following example, switch in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members. Clustering Application Example Fig ure 331 GS2220 Series User’s Guide...
Page 434: What You Can Do
Switch’s Web Configurator. Inde x MacAddr This is the cluster member Switch’s hardware MAC address. Name This is the cluster member Switch’s Syste m Na m e GS2220 Series User’s Guide...
Page 435: Clustering Management Configuration
C luste r Ma na g e m e nt Sta tus summary list below. Name Type a name to identify the You may use up to 32 printable characters C luste ring Ma na g e r. (spaces are allowed). GS2220 Series User’s Guide...
Page 436: Technical Reference
Web Configurator home page. This cluster member Web Configurator home page and the home page that you would see if you accessed it directly are different. GS2220 Series User’s Guide...
Page 437 51.4.1.1 Uplo a ding Firm wa re to a C luste r Me m b e r Switc h You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example. GS2220 Series User’s Guide...
Page 438 This is the name of the firmware file you want to upload to the cluster member 460ABPI0.bin switch. This is the cluster member switch’s firmware name as seen in the cluster fw-00-a0-c5-01-23-46 manager switch. This is the cluster member switch’s configuration file name as seen in the cluster config-00-a0-c5-01-23-46 manager switch. GS2220 Series User’s Guide...
Page 439: Mac Table
MAC address. The Switch then learns the port that replies with the MAC address. • If the Switch has already learned the port for this MAC address, but the destination port is the same as the port it came in on, then it filters the frame. GS2220 Series User’s Guide...
Page 440: Viewing The Mac Table
MAC forwarding table or MAC filtering table from the MAC table using this screen. Click > in the navigation panel to display the following screen. Ma na g e m e nt MAC T a b le Management > MAC Table Fig ure 337 GS2220 Series User’s Guide...
Page 441 This is the port where the above MAC address is forwarded. Type This shows whether the MAC address is (learned by the Switch) or (manually dyna m ic sta tic entered in the screen). Sta tic MAC Fo rwa rding GS2220 Series User’s Guide...
Page 442: Arp Table
Use the ARP table to view IP-to-MAC address mappings and remove specific dynamic ARP entries. Click > in the navigation panel to open the following screen. Ma na g e m e nt ARP T a b le GS2220 Series User’s Guide...
Page 443 This field displays how long (in seconds) an entry can still remain in the ARP table before it ages out and needs to be relearned. This shows for a static entry. Type This shows the IP address is dynamic (learned by the Switch). GS2220 Series User’s Guide...
Page 444: Path Mtu Table
This field displays the maximum transmission unit of the links in the path. Expire This field displays how long (in minutes) an entry can still remain in the Path MTU table before it ages out and needs to be relearned. GS2220 Series User’s Guide...
Page 445: Configure Clone
Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click > to open the following screen. Ma na g e m e nt C o nfig ure C lo ne GS2220 Series User’s Guide...
Page 446 Chapter 55 Configure Clone Management > Configure Clone Fig ure 340 GS2220 Series User’s Guide...
Page 447 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 448: Ipv6 Neighbor Table
). The information is then displayed in the summary table below. Inte rfa c e Index This field displays the index number of each entry in the table. Address This field displays the IPv6 address of the Switch or a neighboring device. GS2220 Series User’s Guide...
Page 449 • static (S): The interface address is statically configured. Interface This field displays the ID number of the IPv6 interface on which the IPv6 address is created or through which the neighboring device can be reached. GS2220 Series User’s Guide...
Page 450: Port Status
If STP is disabled, this field displays if the link is up, otherwise, it displays FO RWARDING ST O P When LACP (Link Aggregation Control Protocol) and STP are in blocking state, it displays Blo c king GS2220 Series User’s Guide...
Page 451: Port Details
Click a number in the column in the screen to display individual port statistics. Use this Po rt Po rt Sta tus screen to check status and detailed performance data about an individual port on the Switch. GS2220 Series User’s Guide...
Page 452 This field shows the number of received frames on this port. Errors This field shows the number of received errors on this port. Tx kB/s This field shows the number of kilobytes per second transmitted on this port. GS2220 Series User’s Guide...
Page 453 This field shows the number of packets (including bad packets) received that were between 256 and 511 octets in length. 512 to This field shows the number of packets (including bad packets) received that were between 512 1023 and 1023 octets in length. GS2220 Series User’s Guide...
Page 454: Ddmi
Use this screen to view the real-time SFP (Small Form Factor Pluggable) transceiver information and operating parameters on the SFP port. The parameters include, for example, transmitting and receiving power, and module temperature. Click a number in the column in the screen to view current transceivers’ status. Po rt DDMI GS2220 Series User’s Guide...
Page 455 This displays the milliamps (mA) being supplied to the SFP transceiver’s Laser Diode Transmitter. TX Power This displays the amount of power the SFP transceiver is transmitting. (dbm) RX Power This displays the amount of power the SFP transceiver is receiving from the fiber cable. (dbm) GS2220 Series User’s Guide...
Page 456: Port Utilization
This field shows the transmission speed of data received on this port in kilobytes per second. Rx Utilization% This field shows the percentage of actual received frames on this port as a percentage of the L ink speed. GS2220 Series User’s Guide...
Page 457: Networked Av Mode
AV information, used power for PoE devices, Nebula Cloud Control status, and a link to go to screen (Section 62.1 on page 497). IP Se tup screen displays when you log into the Switch in Networked AV mode. Sum m a ry GS2220 Series User’s Guide...
Page 458 This displays the IP address of the Switch for it to be managed over the network. IGMP-Querier This displays when the Switch is allowed to send IGMP General Query messages to the Ac tive VLANs with the multicast hosts attached. Otherwise, it is Ina c tive GS2220 Series User’s Guide...
Page 459 Group-Specific Query (GSQ) message to determine whether other hosts connected to the port should remain in the specific multicast group. The Switch forwards the query message to all hosts connected to the port and waits for IGMP reports from hosts to update the forwarding table for this port. GS2220 Series User’s Guide...
Page 460: System
Use this Syste m Syste m Info rm a tio n screen to view general system information. You can check the firmware version number and monitor the Switch temperature. System > System Information Fig ure 349 GS2220 Series User’s Guide...
Page 461: General Setup
59.3 G e ne ra l Se tup Use this screen to configure general settings such as the system name and time. Click > Syste m G e ne ra l in the navigation panel to display the screen as shown. Se tup GS2220 Series User’s Guide...
Page 462 Enter the new time in hour, minute and second format. The new time then appears in the (hh:mm:ss) field after you click C urre nt T im e Apply Current Date This field displays the date you open this menu. GS2220 Series User’s Guide...
Page 463: Cloud Management
Note: NebulaFlex for hybrid mode and NCC registration are NOT supported at the time of writing and reserved for future use. The Switch is managed and provisioned automatically by the NCC (Nebula Control Center) when: • The Switch is connected to the Internet. GS2220 Series User’s Guide...
Page 464 This screen has a QR code containing the Switch’s serial number and MAC address for handy NCC registration of the Switch using the Nebula Mobile app. First, download the app from the Google Play store for Android devices or the App Store for iOS devices and create an organization and site. GS2220 Series User’s Guide...
Page 465: Port
Ethernet cables must all be completely indoors. PoE Example Application Fig ure 352 To view the current amount of power that PDs are receiving from the Switch, click > > Po rt Po E Se tup Po E Sta tus GS2220 Series User’s Guide...
Page 466 This field shows which ports can receive power from the Switch. You can set this in Section 60.3 on page 467. • – The PD connected to this port cannot get power supply. Disa b le • – The PD connected to this port can receive power. Ena b le GS2220 Series User’s Guide...
Page 467: Poe Setup
PDs. Click > > , the following screen opens. Po rt Po E Se tup Po E Se tup Port > PoE Setup > PoE Setup Fig ure 354 GS2220 Series User’s Guide...
Page 468 Specify the maximum amount of power the PD could use from the Switch on this port. If you leave (mW) this field blank, the Switch refers to the standard or default maximum power for each class. GS2220 Series User’s Guide...
Page 469: Port Setup
60.4 Po rt Se tup Use this screen to configure Switch port settings. Click > in the navigation panel to display Po rt Po rt Se tup the configuration screen. Port > Port Setup Fig ure 355 GS2220 Series User’s Guide...
Page 470 Disa b le 802.1p Priority This priority value is added to incoming frames without a (802.1p) priority queue tag. See Prio rity Table 27 on page 106 for more information. Q ue ue Assig nm e nt GS2220 Series User’s Guide...
Page 471 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 472: Switching
Click > in the navigation panel to display the screen as shown next. Switc hing Bro a dc a st Sto rm C o ntro l Switching > Broadcast Storm Control Fig ure 356 GS2220 Series User’s Guide...
Page 473: Link Aggregation
474) to view ports you have configured L ink Ag g re g a tio n Sta tus to be in the trunk group, ports that are currently transmitting data as one logical link in the trunk group and so on. GS2220 Series User’s Guide...
Page 474: Link Aggregation Status
Link Aggregator ID consists of the following: system priority, MAC address, key, port priority and port number. The ID displays only when there is a port belonging to this trunk group and LACP is also enabled for this group. GS2220 Series User’s Guide...
Page 475: Link Aggregation Setting
Click > > to display the screen shown next. Switc hing L ink Ag g re g a tio n L ink Ag g re g a tio n Se tting GS2220 Series User’s Guide...
Page 476 This is the only screen you need to configure to enable static link aggregation. Aggregation Setting Group ID The field identifies the link aggregation group, that is, one logical link containing multiple ports. Active Set this switch to on to activate a trunk group. GS2220 Series User’s Guide...
Page 477: Link Aggregation Control Protocol
> to display the screen shown next. Switc hing L ink Ag g re g a tio n L ink Ag g re g a tio n C o ntro l Pro to c o l GS2220 Series User’s Guide...
Page 478 Group ID The field identifies the link aggregation group, that is, one logical link containing multiple ports. LACP Active Select this option to enable LACP for a trunk. Port This field displays the port number. GS2220 Series User’s Guide...
Page 479: Vlan
486) to configure the static VLAN (IEEE 802.1Q) VL AN Po rt Se tting settings on a port. 61.6.2 Wha t Yo u Ne e d to Kno w Read this section to know more about VLAN and how to configure the screens. GS2220 Series User’s Guide...
Page 480 802.1Q VLAN-aware switch, the Switch first decides where to forward the frame, and then inserts a VLAN tag reflecting the ingress port's default VID. The default PVID is VLAN 1 for all ports, but this can be changed. GS2220 Series User’s Guide...
Page 481 This is a VLAN configured by a GVRP registration or de-registration process. VLAN Administrative Registration Fixed Fixed registration ports are permanent VLAN members. Control Registration Ports with registration forbidden are forbidden to join the specified Forbidden VLAN. Normal Registration Ports dynamically join a VLAN using GVRP. GS2220 Series User’s Guide...
Page 482: Vlan Status
61.7 VL AN Sta tus Use this screen to view and search all static VLAN groups. Click > from the navigation Switc hing VL AN panel to display the screen as shown next. VL AN Sta tus GS2220 Series User’s Guide...
Page 483: Vlan Detail
61.7.1 VL AN De ta il Use this screen to view detailed port settings and status of the static VLAN group. Click an index number in the screen to display VLAN details. VL AN Sta tus GS2220 Series User’s Guide...
Page 484: Static Vlan
You can also tag all outgoing frames (that were previously untagged) from a port with the specified VID. Use this screen to view static VLAN status for the Switch. Click > > to display Switc hing VL AN Sta tic VL AN the screen as shown next. GS2220 Series User’s Guide...
Page 485 Click this button to remove the static VLAN. Click button to open the following screen. Use this screen to configure a static VLAN for the Edit Switch. Switching > VLAN > Static VLAN > Add or Edit Static VLAN Fig ure 367 GS2220 Series User’s Guide...
Page 486: Vlan Port Setting
C a nc e l 61.9 VL AN Po rt Se tting Use this screen to configure the static VLAN (IEEE 802.1Q) settings on a port. Click the VL AN Po rt Se tting tab in the screen. VL AN GS2220 Series User’s Guide...
Page 487 VLAN groups to pass through the Switch. Isolation Select this to allows this port to communicate only with the CPU management port and the ports on which the isolation feature is NOT enabled. GS2220 Series User’s Guide...
Page 488: Multicast
Use this screen to view the IPv4 multicast group information. Click > from the Switc hing Multic a st navigation panel to display the screen as shown next. IPv4 Multic a st Sta tus Switching > Multicast > IPv4 Multicast Status Fig ure 369 GS2220 Series User’s Guide...
Page 489: Igmp Snooping
Switch. Click the link in the > screen to display the screen as shown. IG MP Sno o ping Switc hing Multic a st GS2220 Series User’s Guide...
Page 490 IGMP group membership entry if it does not receive report messages from the port. 802.1p Priority Select a priority level (0 – 7) to which the Switch changes the priority in outgoing IGMP control packets. Otherwise, select to not replace the priority. No - C ha ng e GS2220 Series User’s Guide...
Page 491 Select this option to set the Switch to remove this port from the multicast tree when an IGMP version 2 leave message is received on this port. Select this option if there is only one host connected to this port. GS2220 Series User’s Guide...
Page 492 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 493: Igmp Snooping Vlan
This is the index number of the IGMP snooping VLAN entry in the table. Click on an index number to view more details or change the settings. Name This field displays the descriptive name for this VLAN group. This field displays the ID number of the VLAN group. GS2220 Series User’s Guide...
Page 494: Igmp Filtering Profile
Each port can be assigned a single profile. A profile can be assigned to multiple ports. Click > in the navigation panel. Click the tab to display the Switc hing Multic a st IG MP Filte ring Pro file screen as shown. GS2220 Series User’s Guide...
Page 495 To configure additional rules for a profile that you have already added, select the profile name and specify a different IP multicast address range. Start Address Type the starting multicast IP address for a range of multicast IP addresses that you want to belong to the IGMP filter profile. GS2220 Series User’s Guide...
Page 496 Sa ve changes to the non-volatile memory when you are done configuring. Clear Click to have the fields display blanks. C le a r Cancel Click to leave this screen. C a nc e l GS2220 Series User’s Guide...
Page 497: Networking
IP domains. 62.1 IP Se tup Use the screen to configure the default gateway device, the default domain name server and IP Se tup add IP domains. Networking > IP Setup Fig ure 376 GS2220 Series User’s Guide...
Page 498 Gateway Click this button to create new settings for the management port. Edit Click this button to configure the settings for the management port. Delete Click this button to remove the settings for the management port. GS2220 Series User’s Guide...
Page 499: Security
Switch settings. The configuration right varies depending on the user’s privilege level. Click > > to view the screen as shown. Se c urity Ac c e ss C o ntro l L o g ins GS2220 Series User’s Guide...
Page 500 Enter your new system password. Up to 32 characters are allowed for the new password except [ ? ], [ | ], [ ' ], [ " ], [ space ], or [ , ]. Retype to Retype your new system password for confirmation. confirm GS2220 Series User’s Guide...
Page 501: Remote Management
Switch. Click > > to view the screen as shown next. Se c urity Ac c e ss C o ntro l Re m o te Ma na g e m e nt GS2220 Series User’s Guide...
Page 502 Sa ve your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 503: Configure Snmp
SNMP v3 a nd Se c urity SNMP v3 enhances security for SNMP management. SNMP managers can be required to authenticate with agents before conducting SNMP management sessions. Security can be further enhanced by encrypting the SNMP messages sent from the managers. GS2220 Series User’s Guide...
Page 504 Use this section to configure where to send SNMP traps from the Switch. Index This field displays the index number of an entry. Version Specify the version of the SNMP trap messages. Enter the IP addresses of up to 4 managers to send your SNMP traps to. GS2220 Series User’s Guide...
Page 505: Configure Snmp Trap Group
SNMP traps that G ro up T ra p G ro up should be sent to each SNMP manager. Security > Access Control > SNMP > Trap Group Fig ure 381 GS2220 Series User’s Guide...
Page 506: Enable Or Disable Sending Of Snmp Traps On A Port
Use this screen to Se c urity Ac c e ss C o ntro l SNMP T ra p G ro up Po rt set whether a trap received on the ports would be sent to the SNMP manager. GS2220 Series User’s Guide...
Page 507 Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 508: Configure Snmp User
Use this screen to create or edit SNMP users for Edit authentication with managers using SNMPv3 or SNMPv2c and associate them to SNMP groups. Security > Access Control > SNMP > User Information > Add or Edit User Information Fig ure 384 GS2220 Series User’s Guide...
Page 509 Clear Click to reset the fields to the factory defaults. C le a r Cancel Click to reset the fields to your previous configuration. C a nc e l GS2220 Series User’s Guide...
Page 510: Service Access Control
Sa ve save your changes to the non-volatile memory when you are done configuring. Cancel Click to begin configuring this screen afresh. C a nc e l GS2220 Series User’s Guide...
Page 511: Maintenance
Switch configuration and log files to a server or as local files to your computer. Maintenance > Maintenance > Backup Configuration Fig ure 386 Follow the steps below to back up the current Switch configuration to your computer in this screen. GS2220 Series User’s Guide...
Page 512: Firmware Upgrade
C usto m De fa ult C urre nt C o nfig ura tio n Fa c to ry De fa ult are the configuration files you want the Switch to use when it restarts). C usto m De fa ult GS2220 Series User’s Guide...
Page 513: Reboot System
C usto m De fa ult Reboot System: Use the Custom Default Confirmation Fig ure 391 Click again and then wait for the Switch to restart. This takes up to 2 minutes. This does not affect the Switch’s configuration. GS2220 Series User’s Guide...
Page 514: Restore Configuration
> > to view the screen as shown next. Ma inte na nc e Ma inte na nc e Sa ve C o nfig ura tio n Maintenance > Maintenance > Save Configuration Fig ure 394 GS2220 Series User’s Guide...
Page 515: Tech-Support
Po rt Mirro r monitor port. Click > in the navigation panel to display the screen. Use this screen Ma inte na nc e Po rt Mirro r Po rt Mirro r GS2220 Series User’s Guide...
Page 516 Sa ve to the non-volatile memory when you are done configuring. Cancel Click to reset the fields. C a nc e l GS2220 Series User’s Guide...
Page 517: T Ro Ub Le Sho O Ting A Nd Appe Ndic E S
A RT T ro ub le sho o ting a nd Appe ndic e s...
Page 518: Troubleshooting
Check the hardware connections. See Section 3.1 on page Inspect your cables for damage. Contact the vendor to replace any damaged cables. Disconnect and re-connect the power adapter or cord to the Switch. If the problem continues, contact the vendor. GS2220 Series User’s Guide...
Page 519: Switch Access And Login
Adva nc e d Sug g e stio n • Try to access the Switch using another service, such as Telnet. If you can access the Switch, check the remote management settings to find out why the Switch does not respond to HTTP. GS2220 Series User’s Guide...
Page 520: Switch Configuration
Click at the top right corner Sa ve of the Web Configurator to save the configuration permanently. See also Section 46.2.2 on page 389 for more information about how to save your configuration. GS2220 Series User’s Guide...
Page 521 If you plug the power cable back to the Switch, it will reboot and load the configuration file that was used the last time. For example, if was used on the Switch before you accidentally unplugged C o nfig 1 the Switch, will be loaded when rebooting. C o nfig 1 GS2220 Series User’s Guide...
Page 522: Appendix A Customer Support
C o rpo ra te He a dq ua rte rs (Wo rldwide ) T a iwa n • Zyxel Communications Corporation • http://www.zyxel.com Asia C hina • Zyxel Communications (Shanghai) Corp. Zyxel Communications (Beijing) Corp. Zyxel Communications (Tianjin) Corp. • https://www.zyxel.com/cn/zh/ India • Zyxel Technology India Pvt Ltd.
Page 523 • Zyxel Communications Corporation • https://www.zyxel.com/tw/zh/ T ha ila nd • Zyxel Thailand Co., Ltd. • https://www.zyxel.com/th/th/ Vie tna m • Zyxel Communications Corporation – Vietnam Office • https://www.zyxel.com/vn/vi Euro pe Be la rus • Zyxel BY • https://www.zyxel.by Be lg ium •...
Page 524 Appendix A Customer Support • https://www.zyxel.com/be/fr/ Bulg a ria • Zyxel България • https://www.zyxel.com/bg/bg/ C ze c h Re pub lic • Zyxel Communications Czech s.r.o • https://www.zyxel.com/cz/cs/ De nm a rk • Zyxel Communications A/S • https://www.zyxel.com/dk/da/ Esto nia •...
Page 525 Ro m a nia • Zyxel Romania • https://www.zyxel.com/ro/ro Russia • Zyxel Russia • https://www.zyxel.com/ru/ru/ Slo va kia • Zyxel Communications Czech s.r.o. organizacna zlozka • https://www.zyxel.com/sk/sk/ Spa in • Zyxel Communications ES Ltd. • https://www.zyxel.com/es/es/ Swe de n • Zyxel Communications •...
Page 526 Appendix A Customer Support T urke y • Zyxel Turkey A.S. • https://www.zyxel.com/tr/tr/ • Zyxel Communications UK Ltd. • https://www.zyxel.com/uk/en/ Ukra ine • Zyxel Ukraine • http://www.ua.zyxel.com So uth Am e ric a Arg e ntina • Zyxel Communications Corporation •...
Page 527 Appendix A Customer Support Middle Ea st • Zyxel Communications Corporation • https://www.zyxel.com/me/en/ No rth Am e ric a • Zyxel Communications, Inc. – North America Headquarters • https://www.zyxel.com/us/en/ O c e a nia Austra lia • Zyxel Communications Corporation •...
Page 528: Appendix B Common Services
File Transfer Program, a program to enable fast transfer of files, including large files that may not be possible by email. H.323 1720 NetMeeting uses this protocol. HTTP Hyper Text Transfer Protocol – a client or server protocol for the world wide web. GS2220 Series User’s Guide...
Page 529 Simple Mail Transfer Protocol is the message- exchange standard for the Internet. SMTP enables you to move messages from one email server to another. SNMP TCP/UDP Simple Network Management Program. SNMP-TRAPS TCP/UDP Traps for use with the SNMP (RFC:1215). GS2220 Series User’s Guide...
Page 530 Its primary function is to allow users to log into remote host systems. TFTP Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 Another videoconferencing solution. GS2220 Series User’s Guide...
Page 531: Appendix C Ipv6
G lo b a l Addre ss A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. GS2220 Series User’s Guide...
Page 532 The following table describes the multicast addresses which are reserved and cannot be assigned to a multicast group. Table 281 Reserved Multicast Address MUL T IC AST ADDRESS FF00:0:0:0:0:0:0:0 FF01:0:0:0:0:0:0:0 FF02:0:0:0:0:0:0:0 FF03:0:0:0:0:0:0:0 FF04:0:0:0:0:0:0:0 FF05:0:0:0:0:0:0:0 FF06:0:0:0:0:0:0:0 FF07:0:0:0:0:0:0:0 FF08:0:0:0:0:0:0:0 FF09:0:0:0:0:0:0:0 FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 GS2220 Series User’s Guide...
Page 533 IA_NA were obtained) a Renew message. If the time T2 is reached and the server does not respond, the client sends a Rebind message to any available server ( ). For an IA_TA, the GS2220 Series User’s Guide...
Page 534 (from the host) with a neighbor advertisement message. • Neighbor advertisement: A response from a node to announce its link-layer address. • Router solicitation: A request from a host to locate a router that can act as the default router and GS2220 Series User’s Guide...
Page 535 Done message to the router or switch. The router or switch then sends a group-specific query to the port on which the Done message is received to determine if other devices connected to this port should remain in the group. GS2220 Series User’s Guide...
Page 536 > > > Sta rt C o ntro l Pa ne l Adm inistra tive T o o ls Se rvic e s Double click Dib b le r – a DHC Pv6 c lie nt GS2220 Series User’s Guide...
Page 537 L o c a l Are a C o nne c tio n Select the check box to enable it. Inte rne t Pro to c o l Ve rsio n 6 (T C P/ IPv6) Click to save the change. GS2220 Series User’s Guide...
Page 538 IPv4 Address... : 172.16.100.61 Subnet Mask ... : 255.255.255.0 Default Gateway ..: fe80::213:49ff:feaa:7125%11 172.16.100.254 GS2220 Series User’s Guide...
Page 539 The following information applies if you use the product within USA area. US Importer: Zyxel Communications, Inc, 1130 North Miller Street Anaheim, CA92806-2001, https://www.zyxel.com/us/en/ Fe de ra l C o m m unic a tio ns C o m m issio n (FC C ) EMC Sta te m e nt •...
Page 540: Appendix D Legal Information
– If the system has multiple sources of power, disconnect power from the system by unplugging all power cables from the power supply. • CLASS 1 LASER PRODUCT (for products with mini-GBIC slots or laser products, such as fiber-optic transceiver and GPON products). GS2220 Series User’s Guide...
Page 541 Symbolen innebär att enligt lokal lagstiftning ska produkten och/eller dess batteri kastas separat från hushållsavfallet. När den här produkten når slutet av sin livslängd ska du ta den till en återvinningsstation. Vid tiden för kasseringen bidrar du till en bättre miljö och mänsklig hälsa genom att göra dig av med den på ett återvinningsställe. GS2220 Series User’s Guide...
Page 542 Various symbols are used in this product to ensure correct usage, to prevent danger to the user and others, and to prevent property damage. The meaning of these symbols are described below. It is important that you read these descriptions thoroughly and fully understand the contents. GS2220 Series User’s Guide...
Page 543 T ra de m a rks ZyNOS (Zyxel Network Operating System) and ZON (Zyxel One Network) are registered trademarks of Zyxel Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Page 544: Inde X
PD recovery for cooling enable All connected restart Setting Wizard use LLDP or ping anti-arpscan auto-crossover port blocked hosts automatic PD recovery host threshold create status 134, 481 automatic VLAN registration trusted hosts auto-MDIX port applications backbone GS2220 Series User’s Guide...
Page 545 CIST Class of Service CPU management port classifier and QoS CPU protection editing crossover Ethernet cable example 104, 462 current date logging 104, 462 current time match order custom default overview restore 208, 212 setup GS2220 Series User’s Guide...
Page 546 Option 82 electrostatic discharge (ESD) option 82 profiles Environment Statement Relay Agent Information Errdisable Detect screen DHCPv4 relay Errdisable Recovery screen DHCPv6 Errdisable screen enable in Windows XP errdisable status DHCPv6 client error disable GS2220 Series User’s Guide...
Page 547 Firmware Upgrade screen hardware features flow control hardware installation 114, 470 back pressure 102, 461 hardware monitor 114, 470 IEEE802.3x hardware overview forwarding hello time delay hops frames 142, 487 HTTPS tagged 142, 487 certificates untagged GS2220 Series User’s Guide...
Page 548 IP installation scenarios neighbor discovery Interface Setup screen neighbor table Internet Protocol version 6, see IPv6 status IPv6 Interface Setup screen configuration IPv6 Interface Status screen status GS2220 Series User’s Guide...
Page 549 LEDs examples limit MAC address learning port shut down 64, 187 link aggregation setup dynamic vs. STP ID information 189, 475 setup 189, 475 traffic distribution algorithm 190, 477 traffic distribution type trunk group GS2220 Series User’s Guide...
Page 550 FTP, see FTP status using SNMP Web Configurator MTU (Multi-Tenant Unit) ZON Utility multicast man-in-the-middle attacks 230, 492 IGMP throttling IP addresses setup hops 232, 494 multicast group maximum transmission unit GS2220 Series User’s Guide...
Page 551 347, 353 remote loopback speed/duplex one-time schedule Port Aggregation Protocol, see PAgP Operations, Administration and Maintenance port authentication guest VLAN Option 82 IEEE802.1x Organizationally Unique Identifiers (OUI) MAC authentication GS2220 Series User’s Guide...
Page 552 Rapid Spanning Tree Protocol (RSTP) power connections Read Only Memory (ROM) power connector rear panel Power Sourcing Equipment (PSE) reboot power status 389, 513 load configuration 28, 114 powered device (PD) 389, 513 reboot system PPPoE IA GS2220 Series User’s Guide...
Page 553 SPQ (Strict Priority Queuing) Save Configuration screen Save link encryption methods schedule how it works one-time implementation recurring SSH (Secure Shell) type SSL (Secure Socket Layer) screw anchors standby ports using static address assignment GS2220 Series User’s Guide...
Page 554 104, 462 time server terminology 104, 462 vs. loop guard time service protocol format STP Path Cost straight-through Ethernet cable trademarks subnet based VLANs transceiver subnet masking connection interface Summary screen connection speed Switch installation DHCP client GS2220 Series User’s Guide...
Page 555 Vendor ID Based VLAN screen VLAN Status screen Vendor Specific Attribute, see VSA 135, 481 VLAN terminology ventilation holes 142, 487 VLAN trunking 111, 137, 138, 483, 484, 498 VLAN Trunking Protocol, see VTP 134, 480 number of possible VIDs GS2220 Series User’s Guide...
Page 556 Windows OS version check Wizard link aggregation WRR (Weighted Round Robin Scheduling) ZON (Zyxel One Network) ZON Utility compatible OS fields description icon description installation requirements introduction minimum hardware requirements network adapter select password prompt GS2220 Series User’s Guide...

This manual is also suitable for:

Gs2220-10 Gs2220-10hp Gs2220-28 Gs2220-28hp Gs2220-50 Gs2220-50hp

ZyXEL Communications GS2220 Series User Manual

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications GS2220 Series

Summary of Contents for ZyXEL Communications GS2220 Series