ZyXEL Communications MES3500-24S User Manual

Layer 2 management switch

Table of Contents

Quick Links

Download this manual

User's Guide

MES3500-24S/MGS3520 Series

Layer 2 Management Switch

Default Login Details

LAN IP Address

User Name

Password

http://192.168.1.1

admin

1234

Version 4.10 Edition 1, 11/2017

Table of Contents

Troubleshooting

Summary of Contents for ZyXEL Communications MES3500-24S

Page 1 User’s Guide MES3500-24S/MGS3520 Series Layer 2 Management Switch Default Login Details Version 4.10 Edition 1, 11/2017 LAN IP Address http://192.168.1.1 User Name admin Password 1234 Copyright © 2017 Zyxel Communications Corporation...
Page 2 Note: It is recommended you use the Web Configurator to configure the Switch. • Web Configurator Online Help Click the help icon in any screen for help in configuring that screen and supplementary information. • More Information Go to support.zyxel.com to find other information on the Switch MES3500-24S/MGS3520 Series User’s Guide...
Page 3: Table Of Contents
IP Source Guard ..........................235 Loop Guard ............................256 VLAN Mapping ........................... 259 Layer 2 Protocol Tunneling ........................ 262 sFlow ..............................266 PPPoE ..............................270 Error Disable ............................278 Private VLAN ............................284 Green Ethernet ........................... 286 MES3500-24S/MGS3520 Series User’s Guide...
Page 4 Access Control ............................ 347 Diagnostic ............................370 Syslog ..............................372 Cluster Management ......................... 375 MAC Table ............................381 ARP Table ............................384 Path MTU Table ........................... 386 Configure Clone ..........................387 Neighbor Table ........................... 390 Troubleshooting ..........................392 MES3500-24S/MGS3520 Series User’s Guide...
Page 5: Table Of Contents
3.1.1 Console Port .......................... 27 3.1.2 Ethernet Ports ........................28 3.1.3 Transceiver Slots ........................29 3.1.4 Power Connector ......................... 30 3.1.5 Signal Slot (MGS3520 Series) ....................31 3.2 LEDs ..............................33 Chapter 4 The Web Configurator........................35 MES3500-24S/MGS3520 Series User’s Guide...
Page 6 6.6 How to Do Port Isolation in a VLAN ....................67 6.6.1 Creating a VLAN ........................68 6.6.2 Creating a Private VLAN Rule ....................70 Part II: Technical Reference................72 Chapter 7 System Status and Port Statistics.......................73 MES3500-24S/MGS3520 Series User’s Guide...
Page 7 9.5.3 Configure a Static VLAN ....................103 9.5.4 Configure VLAN Port Settings ..................105 9.6 Subnet Based VLANs ........................106 9.6.1 Configuring Subnet Based VLAN ..................107 9.7 Protocol Based VLANs ......................... 109 9.7.1 Configuring Protocol Based VLAN ................... 109 MES3500-24S/MGS3520 Series User’s Guide...
Page 8 13.8.1 Multiple Spanning Tree Protocol Port Configuration ............ 140 13.9 Multiple Spanning Tree Protocol Status ................142 Chapter 14 Bandwidth Control ...........................144 14.1 Bandwidth Control Overview ....................144 14.2 Bandwidth Control Setup ......................144 14.2.1 The Egress Queue Rate Screen ..................145 MES3500-24S/MGS3520 Series User’s Guide...
Page 9 Chapter 20 Range Profile ............................173 20.1 Range Profile Overview ......................173 20.2 Range Profile Screen ........................173 20.3 VLAN Range Profile ........................173 20.4 Port Range Profile ........................174 20.5 IP Address Range Profile ......................175 MES3500-24S/MGS3520 Series User’s Guide...
Page 10 24.4 Configuring VLAN Stacking ....................... 194 24.4.1 Port-based Q-in-Q ......................196 24.4.2 Selective Q-in-Q ....................... 197 Chapter 25 Multicast............................199 25.1 Multicast Overview ........................199 25.1.1 IP Multicast Addresses ...................... 199 25.1.2 IGMP Filtering ........................199 25.1.3 IGMP Snooping ......................... 199 MES3500-24S/MGS3520 Series User’s Guide...
Page 11 26.3.2 Attributes Used for Accounting ..................232 Chapter 27 IP Source Guard ..........................235 27.1 IP Source Guard Overview ......................235 27.1.1 DHCP Snooping Overview ....................235 27.1.2 ARP Inspection Overview ....................237 27.2 IP Source Guard .......................... 238 MES3500-24S/MGS3520 Series User’s Guide...
Page 12 31.2 sFlow Port Configuration ......................266 31.2.1 sFlow Collector Configuration ..................268 Chapter 32 PPPoE..............................270 32.1 PPPoE Intermediate Agent Overview ..................270 32.1.1 PPPoE Intermediate Agent Tag Format ................270 32.1.2 Sub-Option Format ......................270 32.1.3 Port State ..........................271 MES3500-24S/MGS3520 Series User’s Guide...
Page 13 36.6.1 LLDP Configuration Basic TLV Setting ................305 36.6.2 LLDP Configuration Org-specific TLV Setting ..............306 36.7 LLDP-MED Configuration ......................307 36.8 LLDP-MED Network Policy ......................309 36.9 LLDP-MED Location ........................310 Chapter 37 Static Route............................313 MES3500-24S/MGS3520 Series User’s Guide...
Page 14 39.5.2 DHCPv6 Port Configure ....................332 Chapter 40 ARP Setup............................334 40.1 ARP Overview ..........................334 40.2 ARP Setup ............................ 336 40.2.1 ARP Learning ........................336 Chapter 41 Maintenance............................338 41.1 The Maintenance Screen ......................338 41.2 Load Factory Default ........................ 339 MES3500-24S/MGS3520 Series User’s Guide...
Page 15 42.9.3 Google Chrome Warning Messages ................366 42.9.4 The Main Screen ........................ 366 42.10 Service Port Access Control ....................367 42.11 Remote Management ......................368 Chapter 43 Diagnostic............................370 43.1 Diagnostic ..........................370 Chapter 44 Syslog ..............................372 MES3500-24S/MGS3520 Series User’s Guide...
Page 16 50.2 Viewing the IPv6 Neighbor Table ..................... 390 Chapter 51 Troubleshooting..........................392 51.1 Power, Hardware Connections, and LEDs ................392 51.2 Switch Access and Login ......................393 51.3 Switch Configuration ........................395 Appendix A Customer Support ..................... 396 MES3500-24S/MGS3520 Series User’s Guide...
Page 17 Table of Contents Appendix B Common Services ...................... 402 Appendix C IPv6..........................405 Appendix D Legal Information ...................... 413 Index ..............................417 MES3500-24S/MGS3520 Series User’s Guide...
Page 18: User's Guide
User’s Guide...
Page 19: Getting To Know Your Switch
100/1000 Mbps RJ-45 port, with either port or slot active at a time. This User’s Guide covers the following models: MES3500-24S, MGS3520-28, MGS3520-28F and MGS3520- Table 1 Switch Comparison Table...
Page 20: Bridging Example
Figure 2 Bridging Application 1.1.3 High Performance Switching Example The Switch is ideal for connecting two networks that need high bandwidth. In the following example, use trunking to connect these two networks. MES3500-24S/MGS3520 Series User’s Guide...
Page 21: Ieee 802.1Q Vlan Application Examples
Shared resources such as a server can be used by all ports in the same VLAN as the server. In the following figure only ports that need access to the server need to be part of VLAN 1. Ports can belong to other VLAN groups too. Figure 4 Shared Server Using VLAN Example MES3500-24S/MGS3520 Series User’s Guide...
Page 22: Ipv6 Support
Switch to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Switch. You could simply restore your last configuration. MES3500-24S/MGS3520 Series User’s Guide...
Page 23: Hardware Installation And Connection
Follow the steps below to mount your Switch on a standard EIA rack using a rack-mounting kit. 2.3.1 Rack-mounted Installation Requirements • Two mounting brackets. • Eight M3 flat head screws and a #2 Philips screwdriver. • Four M5 flat head screws and a #2 Philips screwdriver. MES3500-24S/MGS3520 Series User’s Guide...
Page 24: Attaching The Mounting Brackets To The Switch
Position a mounting bracket (that is already attached to the Switch) on one side of the rack, lining up the two screw holes on the bracket with the screw holes on the side of the rack. MES3500-24S/MGS3520 Series User’s Guide...
Page 25 Figure 6 Mounting the Switch on a Rack Using a #2 Philips screwdriver, install the M5 flat head screws through the mounting bracket holes into the rack. Repeat steps to attach the second mounting bracket on the other side of the rack. MES3500-24S/MGS3520 Series User’s Guide...
Page 26: Hardware Overview
This chapter describes the front panel and rear panel of the Switch and shows you how to make the hardware connections. 3.1 Front & Rear Panels The following figures show the front and rear panels of the Switch. Figure 7 MES3500-24S Front Panel: AC ModelMGS3520-28 Front Panel: AC/DC Model Dual Personality Interfaces LEDs Console Port...
Page 27: Console Port
Connect the signal input pins to signal output terminals on other pieces of equipment. Connect the signal output pins to a signal input terminal on another piece of equipment. 3.1.1 Console Port For local management, you can use a computer with terminal emulation software configured to the following parameters: MES3500-24S/MGS3520 Series User’s Guide...
Page 28: Ethernet Ports
Ethernet cable or crossover Ethernet cable for all Gigabit port connections. Auto-crossover ports automatically sense whether they need to function as crossover or straight ports, so crossover cables can connect both computers and switches/hubs. MES3500-24S/MGS3520 Series User’s Guide...
Page 29: Transceiver Slots
Connect the fiber optic cables to the transceiver. Figure 11 Transceiver Installation Example Figure 12 Connecting the Fiber Optic Cables 3.1.3.2 Transceiver Removal Use the following steps to remove a mini-GBIC transceiver (SFP module). Remove the fiber optic cables from the transceiver. MES3500-24S/MGS3520 Series User’s Guide...
Page 30: Power Connector
Use only power wires of the required diameter for connecting the Switch to a power supply. 3.1.4.1 AC Power Connection (MES3500-24S & MGS3520 Series) Connect the female end of the power cord to the power socket of your Switch. Connect the other end of the cord to a power outlet.
Page 31: Signal Slot (Mgs3520 Series)
• The Switch can be configured to create an error log of the alarm. See Section 44.1 on page 372 more information on using the system log. 3.1.5.1 Connect a Sensor to the Signal Slot This section shows you how to connect an external sensor device to the Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 32 Signal connector on another Zyxel Switch. When daisy-chaining further Switches ensure that the signal output pins you use are the same as those you used when connecting to the first switch, as shown in the diagram below. MES3500-24S/MGS3520 Series User’s Guide...
Page 33: Leds
Amber Blinking The system is transmitting/receiving to/from a 100 Mbps Ethernet network. (MGS3520 The link to a 100 Mbps Ethernet network is up. -50) The link to an Ethernet network is down. 100/1000 Mbps SFP Slots MES3500-24S/MGS3520 Series User’s Guide...
Page 34 The link to a 10 Mbps or a 1000 Mbps Ethernet network is up. Amber Blinking The system is transmitting/receiving to/from a 100 Mbps Ethernet network. The link to a 100 Mbps Ethernet network is up. The link to an Ethernet network is down. MES3500-24S/MGS3520 Series User’s Guide...
Page 35: The Web Configurator
The login screen appears. The default username is admin and associated default password is 1234. The date and time display as shown if you have not configured a time server nor manually entered a time and date in the General Setup screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 36: The Web Configurator Layout
A - Click the menu items to open submenu links, and then click on a submenu link to open the screen in the main window. B, C, D, E - These are quick links which allow you to perform certain tasks no matter which screen you are currently working in. MES3500-24S/MGS3520 Series User’s Guide...
Page 37 E - Click this link to display web help pages. The help pages provide descriptions for all of the configuration screens. In the navigation panel, click a main link to reveal a list of submenu links. Table 4 Navigation Panel Sub-links Overview ADVANCED BASIC SETTING IP APPLICATION MANAGEMENT APPLICATION MES3500-24S/MGS3520 Series User’s Guide...
Page 38 Queuing Method This link takes you to a screen where you can configure queuing with associated queue weights for each port. VLAN Stacking This link takes you to screens where you can activate and configure VLAN stacking. MES3500-24S/MGS3520 Series User’s Guide...
Page 39 This link takes you to a screen where you can view the MAC address – IP address resolution table. Path MTU Table This link takes you to a screen where you can view the path MTU aging time, index, destination address, MTU, and expire settings. MES3500-24S/MGS3520 Series User’s Guide...
Page 40: Change Your Password
Note: Use the Save link when you are done with a configuration session. 4.5 Switch Lockout You could block yourself (and all others) from using in-band-management (managing through the data ports) if you do one of the following: MES3500-24S/MGS3520 Series User’s Guide...
Page 41: Resetting The Switch
Type atlc after the “Enter Debug Mode” message. Wait for the “Starting XMODEM upload” message before activating XMODEM upload on your terminal. After a configuration file upload, type atgo to restart the Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 42: Logging Out Of The Web Configurator
Figure 22 Web Configurator: Logout Screen 4.8 Help The web configurator’s online help has descriptions of individual screens and some supplementary information. Click the Help link from a web configurator screen to view an online help description of that screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 43: Initial Setup Example
In this example, you want to configure port 1 as a member of VLAN 2. Figure 23 Initial Setup Network Example: VLAN Click Advanced Application > VLAN in the navigation panel and click the Static VLAN link. MES3500-24S/MGS3520 Series User’s Guide...
Page 44: Setting Port Vid
VLAN group that the tag defines. In the example network, configure 2 as the port VID on port 1 so that any untagged frames received on that port get sent to VLAN 2. MES3500-24S/MGS3520 Series User’s Guide...
Page 45: Configuring Switch Management Ip Address
The default management IP address of the Switch is 192.168.1.1. You can configure another IP address in a different subnet for management purposes. The following figure shows an example. Figure 25 Initial Setup Example: Management IP Address MES3500-24S/MGS3520 Series User’s Guide...
Page 46 IP address to belong. This is the same as the VLAN ID you configure in the Static VLAN screen. Click Add to save your changes back to the run-time memory. Settings in the run- time memory are lost when the Switch’s power is turned off. MES3500-24S/MGS3520 Series User’s Guide...
Page 47: Tutorials
DHCP Server (A) 1 and 100 DHCP Client (B) 1 and 100 DHCP Client (C) 1 and 100 Access the Switch through http://192.168.1.1. Log into the Switch by entering the username (default: admin) and password (default: 1234). MES3500-24S/MGS3520 Series User’s Guide...
Page 48 This tags untagged incoming frames on ports 5, 6 and 7 with the tag 100. Go to Advanced Application > IP Source Guard > DHCP snooping > Configure, activate and specify VLAN 100 as the DHCP VLAN as shown. Click Apply. MES3500-24S/MGS3520 Series User’s Guide...
Page 49 If you want to add more information in the DHCP request packets such as source VLAN ID or system name, you can also select the Option82 and Information fields in the entry. See Section 27.1.1.3 on page 236. MES3500-24S/MGS3520 Series User’s Guide...
Page 50: How To Use Dhcp Relay On The Switch
IP address (say 172.16.1.18) and gateway information to DHCP client A based on the system name, VLAN ID and port number in the DHCP request. Client A connects to the Switch’s port 2 in VLAN 102. MES3500-24S/MGS3520 Series User’s Guide...
Page 51: Creating A Vlan
In the Static VLAN screen, select ACTIVE, enter a descriptive name (VALN 102 for example) in the Name field and enter 102 in the VLAN Group ID field. Select Fixed to configure port 2 to be a permanent member of this VLAN. MES3500-24S/MGS3520 Series User’s Guide...
Page 52 Enter 102 in the PVID field for port 2 to add a tag to incoming untagged frames received on that port so that the frames are forwarded to the VLAN group that the tag defines. 10 Click Apply to save your changes back to the run-time memory. MES3500-24S/MGS3520 Series User’s Guide...
Page 53: Configuring Dhcpv4 Relay
Select a pre-defined Option 82 Profile that includes the system name, VLAN ID and port number in the client DHCP requests (default2 in this example). Click Apply to save your changes back to the run-time memory. MES3500-24S/MGS3520 Series User’s Guide...
Page 54: Troubleshooting
PPPoE server (S). There is another switch (B) between switch A and server S. Switch B is connected to switch A. In this way, PPPoE server S can identify subscriber C and may apply different settings to it. MES3500-24S/MGS3520 Series User’s Guide...
Page 55: Configuring Switch A
Port 5 (to C) userC 00134900000A Untrusted Port 12 (to B) Trusted Port 11 (to A) Trusted Port 12 (to S) Trusted 6.3.1 Configuring Switch A Click Advanced Application > PPPoE > Intermediate Agent. Select Active then click Apply. MES3500-24S/MGS3520 Series User’s Guide...
Page 56 Select Trusted for port 12 and then leave the other fields empty. Click Apply. Then Click Intermediate Agent on the top of the screen. The Intermediate Agent screen appears. Click VLAN on the top of the screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 57 Then select Yes to enable PPPoE IA in VLAN 1 and also select Circuit-id and Remote-id to allow the Switch to add these two strings to frames tagged with VLAN 1 and pass to the PPPoE server. Click Apply. MES3500-24S/MGS3520 Series User’s Guide...
Page 58: Configuring Switch B
Click Port on the top of the screen. Select Trusted for ports 11 and 12 and then click Apply. Then Click Intermediate Agent on the top of the screen. The Intermediate Agent screen appears. Click VLAN on the top of the screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 59 Then select Yes to enable PPPoE IA in VLAN 1 and also select Circuit-id and Remote-id to allow the Switch to add these two strings to frames tagged with VLAN 1 and pass to the PPPoE server. Click Apply. MES3500-24S/MGS3520 Series User’s Guide...
Page 60: How To Use Error Disable And Recovery On The Switch
Click Advanced Application > Errdisable > CPU Protection, select ARP as the reason, enter 100 as the rate limit (packets per second) for the first entry (port *) to apply the setting to all ports. Then click Apply. MES3500-24S/MGS3520 Series User’s Guide...
Page 61 Click Advanced Application > Errdisable > Errdisable Recovery, select Active and Timer Status for loopguard and ARP entries. Also enter 180 (180 seconds = 3 minutes) in the Interval field for both entries. Then click Apply. MES3500-24S/MGS3520 Series User’s Guide...
Page 62: How To Set Up A Guest Vlan
Access the web configurator through the Switch’s port which is not in VLAN 200. Go to Basic Setting > Switch Setup and set the VLAN type to 802.1Q. Click Apply to save the settings to the run-time memory. MES3500-24S/MGS3520 Series User’s Guide...
Page 63 Clear the TX Tagging check box to set the Switch to remove VLAN tags before sending frames out of these ports. Click Add to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. MES3500-24S/MGS3520 Series User’s Guide...
Page 64 Enter 200 in the PVID field for ports 1, 2, 3 and 10 to add a tag to incoming untagged frames received on these ports so that the frames are forwarded to the VLAN group that the tag defines. 10 Click Apply to save your changes back to the run-time memory. MES3500-24S/MGS3520 Series User’s Guide...
Page 65: Enabling Ieee 802.1X Port Authentication
Click Advanced Application > Port Authentication and then the Click Here link for 802.1x. Select the first Active checkbox to enable 802.1x authentication on the Switch. Select the Active checkboxes for ports 1 to 8 to turn on 802.1x authentication on the selected ports. Click Apply. MES3500-24S/MGS3520 Series User’s Guide...
Page 66: Enabling Guest Vlan
Set Host-mode to Multi-Secure to have the Switch authenticate each client that connects to one of these ports, and specify the maximum number of clients that the Switch will authenticate on each of these port (5 in this example). Click Apply. MES3500-24S/MGS3520 Series User’s Guide...
Page 67: How To Do Port Isolation In A Vlan
Internet In this example, you put ports 2 to 4 and 25 in VLAN 123 and create a private VLAN rule for VLAN 123 to block traffic between ports 2, 3 and 4. MES3500-24S/MGS3520 Series User’s Guide...
Page 68: Creating A Vlan
Clear the TX Tagging check box to set the Switch to remove VLAN tags before sending frames out of these ports. Click Add to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. MES3500-24S/MGS3520 Series User’s Guide...
Page 69 Enter 123 in the PVID field for ports 2, 3, 4 and 25 to add a tag to incoming untagged frames received on these ports so that the frames are forwarded to the VLAN group that the tag defines. 10 Click Apply to save your changes back to the run-time memory. MES3500-24S/MGS3520 Series User’s Guide...
Page 70: Creating A Private Vlan Rule
Follow the steps below to configure private VLAN for VLAN 123. Click Advanced Application > Private VLAN. In the Private VLAN screen, select Active. Enter a descriptive name (PrivateVLAN123 for example) in the Name field and enter 123 in the VLAN ID field. Click Add. MES3500-24S/MGS3520 Series User’s Guide...
Page 71 Ports 2, 3 and 4 in this VLAN will be added to the isolated port list automatically and cannot send traffic to each other. From port 2, 3, or 4, you should be able to access the device that attachs to port 25, such as a server or default gateway. MES3500-24S/MGS3520 Series User’s Guide...
Page 72: Technical Reference
Technical Reference...
Page 73: System Status And Port Statistics
The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details. 7.2 Port Status Summary To view the port statistics, click Status in all web configurator screens to display the Status screen as shown next. Figure 26 Status MES3500-24S/MGS3520 Series User’s Guide...
Page 74: Status: Port Details
7.2.1 Status: Port Details Click a number in the Port column in the Status screen to display individual port statistics. Use this screen to check status and detailed performance data about an individual port on the Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 75 TxPkts This field shows the number of transmitted frames on this port RxPkts This field shows the number of received frames on this port Errors This field shows the number of received errors on this port. MES3500-24S/MGS3520 Series User’s Guide...
Page 76 This field shows the number of packets (including bad packets) received that were between 256 and 511 octets in length. 512-1023 This field shows the number of packets (including bad packets) received that were between 512 and 1023 octets in length. MES3500-24S/MGS3520 Series User’s Guide...
Page 77 1024 and 1518 octets in length. Giant This field shows the number of packets (including bad packets) received that were between 1519 octets and the maximum frame size. The maximum frame size varies depending on your switch model. MES3500-24S/MGS3520 Series User’s Guide...
Page 78: Basic Setting
The following table describes the labels in this screen. Table 10 Basic Setting > System Info LABEL DESCRIPTION System Name This field displays the descriptive name of the Switch for identification purposes. Product Model This field displays the model number of the Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 79 This field displays the minimum voltage measured at this point. Threshold This field displays the percentage tolerance of the voltage with which the Switch still works. Status Normal indicates that the voltage is within an acceptable operating range at this point; otherwise Error is displayed. MES3500-24S/MGS3520 Series User’s Guide...
Page 80: General Setup
1/1 at 0:0:0. NTP (RFC-1305) is similar to Time (RFC-868). None is the default value. Enter the time manually. Each time you turn on the Switch, the time and date will be reset to 1970-1-1 0:0. MES3500-24S/MGS3520 Series User’s Guide...
Page 81: Introduction To Vlans
Devices on a logical network belong to one group. A device can belong to more than one group. With VLAN, a device cannot directly talk to or hear from devices that are not in the same group(s); the traffic must first go through a router. MES3500-24S/MGS3520 Series User’s Guide...
Page 82: Switch Setup
Click Basic Setting > Switch Setup in the navigation panel to display the screen as shown. The VLAN setup screens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. Refer to the chapter on VLAN. Figure 30 Basic Setting > Switch Setup MES3500-24S/MGS3520 Series User’s Guide...
Page 83 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. MES3500-24S/MGS3520 Series User’s Guide...
Page 84: Ip Setup
You can configure up to 64 IP addresses which are used to access and manage the Switch from the ports belonging to the pre-defined VLAN(s). Note: You must configure a VLAN first. Figure 31 Basic Setting > IP Setup MES3500-24S/MGS3520 Series User’s Guide...
Page 85 This field displays the IP address of the default gateway. Delete Check the management IP addresses that you want to remove in the Delete column, then click the Delete button. Cancel Click Cancel to clear the selected check boxes in the Delete column. MES3500-24S/MGS3520 Series User’s Guide...
Page 86: Port Setup
When the Switch’s auto-negotiation is turned off, a port uses the pre- configured speed and duplex mode when making a connection, thus requiring you to make sure that the settings of the peer port are the same in order to connect. MES3500-24S/MGS3520 Series User’s Guide...
Page 87: Interface Setup
Use this screen to set IPv6 interfaces on which you can configure an IPv6 address to access and manage the Switch. Click Basic Setting > Interface Setup in the navigation panel to display the configuration screen. Figure 33 Basic Setting > Interface Setup MES3500-24S/MGS3520 Series User’s Guide...
Page 88: Ipv6
This field displays the index number of an IPv6 interface. Click on an index number to view more interface details. Interface This is the name of the IPv6 interface you created. Active This field displays whether the IPv6 interface is activated or not. MES3500-24S/MGS3520 Series User’s Guide...
Page 89: Ipv6 Interface Status
This field displays the Maximum Transmission Unit (MTU) size for IPv6 packets on this interface. ICMPv6 Rate This field displays the maximum number of ICMPv6 error messages which are allowed to transmit Limit Bucket Size in a given time interval. If the bucket is full, subsequent error messages are suppressed. MES3500-24S/MGS3520 Series User’s Guide...
Page 90 This field displays how long (in seconds) that the global address remains preferred. Lifetime Valid This field displays how long (in seconds) that the global address is valid. Lifetime This field displays the DNS server address assigned by the DHCPv6 server. MES3500-24S/MGS3520 Series User’s Guide...
Page 91: Ipv6 Configuration
Click the link to go to a screen where you can configure the Switch DHCP settings. 8.8.3 IPv6 Global Setup Use this screen to configure the global IPv6 settings. Click the link next to IPv6 Global Setup in the IPv6 Configuration screen to display the screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 92: Ipv6 Interface Setup
Use this screen to turn on or off an IPv6 interface and enable stateless autoconfiguration on it. Click the link next to IPv6 Interface Setup in the IPv6 Configuration screen to display the screen as shown next. Figure 38 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Interface Setup MES3500-24S/MGS3520 Series User’s Guide...
Page 93: Ipv6 Link-Local Address Setup
Manually configure a static IPv6 link-local address for the interface. Default Gateway Set the default gateway IPv6 address for the interface. When an interface cannot find a routing information for a frame’s destination, it forwards the packet to the default gateway. MES3500-24S/MGS3520 Series User’s Guide...
Page 94: Ipv6 Global Address Setup
This is the interface index number. Click on an index number to change the settings. Interface This is the name of the IPv6 interface you created. IPv6 Global Address/ This field displays the IPv6 global address and prefix length for the interface. Prefix Length MES3500-24S/MGS3520 Series User’s Guide...
Page 95: Ipv6 Neighbor Discovery Setup
Click Clear to reset the fields to the factory defaults. Index This is the interface index number. Click on an index number to change the settings. Interface This is the name of the IPv6 interface you created. MES3500-24S/MGS3520 Series User’s Guide...
Page 96: Ipv6 Neighbor Setup
ID number in the Advanced Setup > VLAN screens. Neighbor Address Specify the IPv6 address of the neighboring device which can be reached through the interface. Specify the MAC address of the neighboring device which can be reached through the interface. MES3500-24S/MGS3520 Series User’s Guide...
Page 97: Dhcpv6 Client Setup
Rapid Commit option to obtain information from the DHCPv6 server by a rapid two-message exchange. The Switch discards any Reply messages that do not include a Rapid Commit option. The DHCPv6 server should also support the Rapid Commit option to have it work well. MES3500-24S/MGS3520 Series User’s Guide...
Page 98 This field displays whether the Switch obtains a list of domain names from the DHCP server. Information Refresh This field displays the time interval (in seconds) at which the Switch exchanges other Minimum configuration information with a DHCPv6 server again. MES3500-24S/MGS3520 Series User’s Guide...
Page 99: Vlan
A broadcast frame (or a multicast frame for a multicast group that is known by the system) is duplicated only on ports that are members of the VID (except the ingress port itself), thus confining the broadcast to a specific domain. MES3500-24S/MGS3520 Series User’s Guide...
Page 100: Automatic Vlan Registration
You may choose to accept both tagged and untagged incoming Type frames, just tagged incoming frames or just untagged incoming frames on a port. Ingress filtering If set, the Switch discards incoming frames for VLANs that do not have this port as a member. MES3500-24S/MGS3520 Series User’s Guide...
Page 101: Port Vlan Trunking
You can also tag all outgoing frames (that were previously untagged) from a port with the specified VID. 9.5.1 VLAN Status Section 9.1 on page 99 for more information on Static VLAN. Click Advanced Application > VLAN from the navigation panel to display the VLAN Status screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 102: Vlan Details
Use this screen to view detailed port settings and status of the VLAN group. See Section 9.1 on page 99 for more information on static VLAN. Click on an index number in the VLAN Status screen to display VLAN details. MES3500-24S/MGS3520 Series User’s Guide...
Page 103: Configure A Static Vlan
Use this screen to configure and view 802.1Q VLAN parameters for the Switch. See Section 9.1 on page for more information on static VLAN. To configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 104 Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. MES3500-24S/MGS3520 Series User’s Guide...
Page 105: Configure Vlan Port Settings
Use the VLAN Port Setting screen to configure the static VLAN (IEEE 802.1Q) settings on a port. See Section 9.1 on page 99 for more information on static VLAN. Click the VLAN Port Setting link in the VLAN Status screen. Figure 49 Advanced Application > VLAN > VLAN Port Setting MES3500-24S/MGS3520 Series User’s Guide...
Page 106: Subnet Based Vlans
IP subnet. For example, an ISP (Internet Service Provider) may divide different types of services it provides to customers into different IP subnets. Traffic for voice services is designated for IP subnet 172.16.1.0/24, MES3500-24S/MGS3520 Series User’s Guide...
Page 107: Configuring Subnet Based Vlan
Click Subnet Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown. Note: Subnet based VLAN applies to un-tagged packets and is applicable only when you use IEEE 802.1Q tagged VLAN. MES3500-24S/MGS3520 Series User’s Guide...
Page 108 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 109: Protocol Based Vlans
C. Figure 52 Protocol Based VLAN Application Example 9.7.1 Configuring Protocol Based VLAN Click Protocol Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 110 Port This field shows which port belongs to this protocol based VLAN. Name This field shows the name the protocol based VLAN. Ethernet-type This field shows which Ethernet protocol is part of this protocol based VLAN. MES3500-24S/MGS3520 Series User’s Guide...
Page 111: Create An Ip-Based Vlan Example
To add more ports to this protocol based VLAN. Click the index number of the protocol based VLAN entry. Click 1 Change the value in the Port field to the next port you want to add. Click Add. MES3500-24S/MGS3520 Series User’s Guide...
Page 112: Mac Based Vlan
Enter “0” for the bit(s) of the matched traffic’s MAC address, which can be of any hexadecimal character(s). For example, if you set the MAC address to 00:13:49:00:00:00 and the mask to ff:ff:ff:00:00:00, a packet with a MAC address of 00:13:49:12:34:56 matches this criteria. MES3500-24S/MGS3520 Series User’s Guide...
Page 113: Vlan Mac Learning
Click Cancel to clear the check boxes. 9.9 VLAN MAC Learning Use this screen to set the MAC address learning limit on per-port and per-VLAN basis. Click VLAN MAC Learning in the VLAN Status screen to display the screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 114 To specify a port, select the second choice and enter the number of the port to which this rule is applied. MAC Learning Select this option to enable the MAC address learning limit in this rule. MES3500-24S/MGS3520 Series User’s Guide...
Page 115: Port-Based Vlan Setup
Note: In screens (such as IP Setup and Filtering) that require a VID, you must enter 1 as the VID. The port-based VLAN setup screen is shown next. The CPU management port forms a VLAN with all Ethernet ports. MES3500-24S/MGS3520 Series User’s Guide...
Page 116: Configure A Port-Based Vlan
Click Apply to save your settings. The following screen shows users on a port-based, all-connected VLAN configuration. Figure 57 Advanced Application > VLAN > Port Based VLAN Setup (All Connected) The following screen shows users on a port-based, port-isolated VLAN configuration. MES3500-24S/MGS3520 Series User’s Guide...
Page 117 Chapter 9 VLAN Figure 58 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) MES3500-24S/MGS3520 Series User’s Guide...
Page 118 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 119: Static Mac Forward Setup
Chapter 19 on page 170 for more information on port security. Click Advanced Applications > Static MAC Forwarding in the navigation panel to display the configuration screen as shown. Figure 59 Advanced Application > Static MAC Forwarding MES3500-24S/MGS3520 Series User’s Guide...
Page 120 This field displays the port where the MAC address shown in the next field will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. MES3500-24S/MGS3520 Series User’s Guide...
Page 121: Static Multicast Forward Setup
With static multicast forwarding, you can forward these multicasts to port(s) within a VLAN group. Figure shows frames being forwarded to devices connected to port 3. Figure 62 shows frames being forwarded to ports 2 and 3 within VLAN group 4. Figure 60 No Static Multicast Forwarding MES3500-24S/MGS3520 Series User’s Guide...
Page 122: Configuring Static Multicast Forwarding
Use this screen to configure rules to forward specific multicast frames, such as streaming or control frames, to specific port(s). Click Advanced Application > Static Multicast Forwarding to display the configuration screen as shown. Figure 63 Advanced Application > Static Multicast Forwarding MES3500-24S/MGS3520 Series User’s Guide...
Page 123 This field displays the port(s) within a identified VLAN group to which frames containing the specified multicast MAC address will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. MES3500-24S/MGS3520 Series User’s Guide...
Page 124: Filtering
The Switch can still receive frames originating from the MAC address. Select Discard source and Discard destination to block traffic to/from the MAC address specified in the MAC field. Type a MAC address in a valid MAC address format, that is, six hexadecimal character pairs. MES3500-24S/MGS3520 Series User’s Guide...
Page 125 This field displays the VLAN group identification number. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkbox(es) in the Delete column. MES3500-24S/MGS3520 Series User’s Guide...
Page 126: Spanning Tree Protocol
The slower the media, the higher the cost. Table 39 STP Path Costs DEFAULT VALUE DEFAULT VALUE LINK SPEED ALLOWED RANGE (SHORT) (LONG) Path Cost 10Mbps 2,000,000 1 to 200,000,000 Path Cost 100Mbps 200,000 1 to 200,000,000 MES3500-24S/MGS3520 Series User’s Guide...
Page 127: How Stp Works
MRSTP (Multiple RSTP) is ZyXELZyxel’s proprietary feature that is compatible with RSTP and STP. With MRSTP, you can have more than one spanning tree on your Switch and assign port(s) to each tree. Each spanning tree operates independently with its own bridge information. MES3500-24S/MGS3520 Series User’s Guide...
Page 128: Multiple Stp
Figure 66 STP/RSTP Network Example With MSTP, VLANs 1 and 2 are mapped to different spanning trees in the network. Thus traffic from the two VLANs travel on different paths. The following figure shows the network example using MSTP. MES3500-24S/MGS3520 Series User’s Guide...
Page 129 Thus an MSTI does not span across MST regions. The following figure shows an example where there are two MST regions. Regions 1 and 2 have 2 spanning tree instances. Figure 68 MSTIs in Different Regions MES3500-24S/MGS3520 Series User’s Guide...
Page 130: Spanning Tree Protocol Status Screen
This screen differs depending on which STP mode (RSTP, MRSTP or MSTP) you configure on the Switch. This screen is described in detail in the section that follows the configuration section for each STP mode. Click Configuration to activate one of the STP standards on the Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 131: Spanning Tree Configuration
Click Cancel to begin configuring this screen afresh. 13.4 Configure Rapid Spanning Tree Protocol Use this screen to configure RSTP settings, see Section 13.1 on page 126 for more information on RSTP. Click RSTP in the Advanced Application > Spanning Tree Protocol screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 132 Bridge Priority determines the root bridge, which in turn determines Hello Time, Max Age and Forwarding Delay. Hello Time This is the time interval in seconds between BPDU (Bridge Protocol Data Units) configuration message generations by the root switch. The allowed range is 1 to 10 seconds. MES3500-24S/MGS3520 Series User’s Guide...
Page 133 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 134: Rapid Spanning Tree Protocol Status
Spanning Tree. Topology Changed This is the number of times the spanning tree has been reconfigured. Times Time Since Last This is the time since the spanning tree was last reconfigured. Change MES3500-24S/MGS3520 Series User’s Guide...
Page 135: Configure Multiple Rapid Spanning Tree Protocol
Bridge Priority determines the root bridge, which in turn determines Hello Time, Max Age and Forwarding Delay. Hello Time This is the time interval in seconds between BPDU (Bridge Protocol Data Units) configuration message generations by the root switch. The allowed range is 1 to 10 seconds. MES3500-24S/MGS3520 Series User’s Guide...
Page 136 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 137: Multiple Rapid Spanning Tree Protocol Status
Spanning Tree. Topology This is the number of times the spanning tree has been reconfigured. Changed Times Time Since Last This is the time since the spanning tree was last reconfigured. Change MES3500-24S/MGS3520 Series User’s Guide...
Page 138: Configure Multiple Spanning Tree Protocol
13.8 Configure Multiple Spanning Tree Protocol To configure MSTP, click MSTP in the Advanced Application > Spanning Tree Protocol screen. See Section 13.1.5 on page 128 for more information on MSTP. Figure 76 Advanced Application > Spanning Tree Protocol > MSTP MES3500-24S/MGS3520 Series User’s Guide...
Page 139 Instance Enter the number you want to use to identify this MST instance on the Switch. The Switch supports instance numbers 0-64 for the MGS320 Series, and 0-32 for the MES3500-24S. Bridge Priority Set the priority of the Switch for the specific spanning tree instance. The lower the number, the more likely the Switch will be chosen as the root bridge within the spanning tree instance.
Page 140: Multiple Spanning Tree Protocol Port Configuration
Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to begin configuring this screen afresh. 13.8.1 Multiple Spanning Tree Protocol Port Configuration To configure MSTP ports, click Port in the Advanced Application > Spanning Tree Protocol > MSTP screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 141 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 142: Multiple Spanning Tree Protocol Status
This is the time (in seconds) the root switch will wait before changing states (that is, listening to (second) learning to forwarding). Cost to Bridge This is the path cost from the root port on this Switch to the root switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 143 This is the path cost from the root port in this MST instance to the regional root switch. Port ID This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the MST instance. MES3500-24S/MGS3520 Series User’s Guide...
Page 144: Bandwidth Control
Bandwidth control means defining a maximum allowable bandwidth for incoming and/or out-going traffic flows on a port. 14.2 Bandwidth Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. Figure 79 Advanced Application > Bandwidth Control MES3500-24S/MGS3520 Series User’s Guide...
Page 145: The Egress Queue Rate Screen
Note: The sum of the egress queue rates for a port’s active queues must be smaller than or equal to the maximum bandwidth allowed for the outgoing traffic flow on a port (Advanced Application > Bandwidth Control). Figure 80 Advanced Application > Bandwidth Control > Egress Queue Rate MES3500-24S/MGS3520 Series User’s Guide...
Page 146 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 147: Broadcast Storm Control
Click Advanced Application > Broadcast Storm Control in the navigation panel to display the screen as shown next. Figure 81 Advanced Application > Broadcast Storm Control MES3500-24S/MGS3520 Series User’s Guide...
Page 148 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 149: Mirroring
Note: If the Switch is not acting as a source or destination device in remote port mirroring, you need to enable port VLAN trunking to allow traffic belonging to the specific RMirror VLAN to pass through it. Alternatively, you can configure a VLAN group for the mirrored traffic. MES3500-24S/MGS3520 Series User’s Guide...
Page 150 But it cannot be the monitor port in local port mirroring. Table 53 Port Rules between Remote and Local Port Mirroring RMirror Source Mirroring Port Destination Monitor Source Mirrored Port Port Mirrored Local Port Port Monitor Mirroring Port MES3500-24S/MGS3520 Series User’s Guide...
Page 151: Local Port Mirroring Screen
Note: Changes in this row are copied to all the ports as soon as you make them. Mirrored Select this option to mirror the traffic on a port. Direction Specify the direction of the traffic to mirror by selecting from the drop-down list box. Choices are Egress (outgoing), Ingress (incoming) and Both. MES3500-24S/MGS3520 Series User’s Guide...
Page 152: Rmirror-Source Screen
Use this screen to set the RMirror VLAN ID, configure the mirroring port and specify the traffic flow to be copied when the Switch is the source device in remote port mirroring. Click the RMirror-Source link in the Mirroring screen. The following screen opens. Figure 83 Advanced Application > Mirroring > RMirror-Source MES3500-24S/MGS3520 Series User’s Guide...
Page 153: Rmirror-Destination Screen
Use this screen to specify the RMirror VLAN ID and configure the monitor port when the Switch is the destination device in remote port mirroring. Click the RMirror-Destination link in the Mirroring screen. The following screen opens. MES3500-24S/MGS3520 Series User’s Guide...
Page 154 Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 155: Link Aggregation
• You must connect all ports point-to-point to the same Ethernet switch and configure the ports for LACP trunking. • LACP only works on full-duplex links. • All ports in the same trunk group must have the same media type, speed, duplex mode and flow control settings. MES3500-24S/MGS3520 Series User’s Guide...
Page 156: Link Aggregation Id
These are the ports that are currently transmitting data as one logical link in this trunk group. Ports Port Priority and Port Number are 0 as it is the aggregator ID for the trunk group, not the individual port. MES3500-24S/MGS3520 Series User’s Guide...
Page 157: Link Aggregation Setting
LACP - if the ports are configured to join a trunk group via LACP. 17.4 Link Aggregation Setting Click Advanced Application > Link Aggregation > Link Aggregation Setting to display the screen shown next. See Section 17.1 on page 155 for more information on link aggregation. MES3500-24S/MGS3520 Series User’s Guide...
Page 158 Select src-ip to distribute traffic based on the packet’s source IP address. Select dst-ip to distribute traffic based on the packet’s destination IP address. Select src-dst-ip to distribute traffic based on a combination of the packet’s source and destination IP addresses. MES3500-24S/MGS3520 Series User’s Guide...
Page 159: Link Aggregation Control Protocol
Click in the Advanced Application > Link Aggregation > Link Aggregation Setting > LACP to display the screen shown next. See Section 17.2 on page 155 for more information on dynamic link aggregation. Figure 87 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP MES3500-24S/MGS3520 Series User’s Guide...
Page 160: Static Trunking Example
Make your physical connections - make sure that the ports that you want to belong to the trunk group are connected to the same destination. The following figure shows ports 2-5 on switch A connected to switch B. Figure 88 Trunking Example - Physical Connections MES3500-24S/MGS3520 Series User’s Guide...
Page 161 Click Apply when you are done. Figure 89 Trunking Example - Configuration Screen EXAMPLE Your trunk group 1 (T1) configuration is now complete. MES3500-24S/MGS3520 Series User’s Guide...
Page 162: Port Authentication
At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client software. MES3500-24S/MGS3520 Series User’s Guide...
Page 163: Mac Authentication
Switch does not prompt the client for login credentials. The login credentials are based on the source MAC address of the client connecting to a port on the Switch along with a password configured specifically for MAC authentication on the Switch. Figure 91 MAC Authentication Process MES3500-24S/MGS3520 Series User’s Guide...
Page 164: Port Authentication Configuration
18.2.1 Activate IEEE 802.1x Security Use this screen to activate IEEE 802.1x security. In the Port Authentication screen click 802.1x to display the configuration screen as shown. Figure 93 Advanced Application > Port Authentication > 802.1x MES3500-24S/MGS3520 Series User’s Guide...
Page 165: Guest Vlan
VLAN. That is, unauthenticated users can have access to limited network resources in the same guest VLAN, such as the Internet. The rights granted to the Guest VLAN depends on how the network administrator configures switches or routers with the guest network feature. MES3500-24S/MGS3520 Series User’s Guide...
Page 166 Use this screen to enable and assign a guest VLAN to a port. In the Port Authentication > 802.1x screen click Guest Vlan to display the configuration screen as shown. Figure 95 Advanced Application > Port Authentication > 802.1x > Guest VLAN MES3500-24S/MGS3520 Series User’s Guide...
Page 167: Activate Mac Authentication
Cancel Click Cancel to begin configuring this screen afresh. 18.2.3 Activate MAC Authentication Use this screen to activate MAC authentication. In the Port Authentication screen click MAC Authentication to display the configuration screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 168 Note: Changes in this row are copied to all the ports as soon as you make them. Active Select this checkbox to permit MAC authentication on this port. You must first allow MAC authentication on the Switch before configuring it on each port. MES3500-24S/MGS3520 Series User’s Guide...
Page 169 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 170: Port Security
By default, MAC address learning is still enabled even though the port security is not activated. 19.2 Port Security Setup Click Advanced Application > Port Security in the navigation panel to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 171 Use this row only if you want to make some of the settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. MES3500-24S/MGS3520 Series User’s Guide...
Page 172 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 173: Range Profile
Figure 98 Advanced Application > Range Profile 20.3 VLAN Range Profile Use this screen to view, manage and create VLAN range profiles. In the Range Profile screen, click VLAN Range to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 174: Port Range Profile
Click Cancel to begin configuring this screen afresh. 20.4 Port Range Profile Use this screen to view, manage and create port range profiles. In the Range Profile screen, click Port Range to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 175: Ip Address Range Profile
Click Cancel to begin configuring this screen afresh. 20.5 IP Address Range Profile Use this screen to view, manage and create IP address range profiles. In the Range Profile screen, click IP Address Range to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 176: Socket-Port Range Profile
Click Cancel to begin configuring this screen afresh. 20.6 Socket-Port Range Profile Use this screen to view, manage and create socket port range profiles. In the Range Profile screen, click Socket-port Range to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 177 This field displays whether this profile is in use by a feature, such as classifier. Delete Check the profile(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 178: Classifier
(or policy) to act upon the traffic that matches the rules. To configure policy rules, refer to Chapter 22 on page 184. Click Advanced Application > Classifier in the navigation panel to display the configuration screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 179 Specify the fields below to configure a layer-2 classifier. VLAN Select Any to classify traffic from any VLAN. Select Single and specify a source VLAN ID in the field provided. Select Range and choose a pre-defined VLAN range profile. MES3500-24S/MGS3520 Series User’s Guide...
Page 180 IP Address Select Prefix to enter a source IP address and specify the address prefix by entering the number of ones in the subnet mask. Otherwise, select Range and choose a predefined source IP address range profile. MES3500-24S/MGS3520 Series User’s Guide...
Page 181: Viewing And Editing Classifier Configuration
Table 71 Classifier: Summary Table LABEL DESCRIPTION Rule This field displays how many rules have been configured on the Switch. Usage Index This field displays the index number of the rule. Click an index number to edit the rule. MES3500-24S/MGS3520 Series User’s Guide...
Page 182: Classifier Example
Table 73 Common IP Ports PORT NUMBER PORT NAME Telnet SMTP HTTP POP3 21.4 Classifier Example The following screen shows an example of configuring a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. MES3500-24S/MGS3520 Series User’s Guide...
Page 183 Figure 105 Classifier: Example EXAMPLE After you have configured a classifier, you can configure a policy to define action(s) on the classified traffic flow. See Chapter 22 on page 184 for information on configuring a policy rule. MES3500-24S/MGS3520 Series User’s Guide...
Page 184: Policy Rule
Resources can then be allocated according to the DSCP values and the configured policies. 22.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. Refer to Section 21.2 on page 178 for more information. MES3500-24S/MGS3520 Series User’s Guide...
Page 185 [SHIFT] and select the choices at the same time. Parameters Set the fields below for this policy. You only have to set the field(s) that is related to the action(s) you configure in the Action field. General MES3500-24S/MGS3520 Series User’s Guide...
Page 186: Viewing And Editing Policy Configuration
To view a summary of the classifier configuration, scroll down to the summary table at the bottom of the Policy screen. To change the settings of a rule, click a number in the Index field. Figure 107 Advanced Application > Policy Rule: Summary Table MES3500-24S/MGS3520 Series User’s Guide...
Page 187: Policy Example
Click Cancel to clear the Delete check boxes. 22.4 Policy Example The figure below shows an example Policy screen where you configure a policy to limit bandwidth on a traffic flow classified using the Example classifier (refer to Section 21.4 on page 182). MES3500-24S/MGS3520 Series User’s Guide...
Page 188 Chapter 22 Policy Rule Figure 108 Policy Example EXAMPLE MES3500-24S/MGS3520 Series User’s Guide...
Page 189: Queuing Method
The weights range from 1 to 15 and the actual guaranteed bandwidth is calculated as follows: (Weight -1) x 10 KB If the weight setting is 5, the actual quantum guaranteed to the associated queue would be as follows: x 10KB = 160 KB MES3500-24S/MGS3520 Series User’s Guide...
Page 190: Weighted Round Robin Scheduling (Wrr)
This queuing mechanism is highly efficient in that it divides any available bandwidth across the different traffic queues and returns to queues that have not yet emptied. 23.2 Configuring Queuing Click Advanced Application > Queuing Method in the navigation panel. Figure 109 Advanced Application > Queuing Method MES3500-24S/MGS3520 Series User’s Guide...
Page 191 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 192: Vlan Stacking
VLAN group. The service provider can separate these two VLANs within its network by adding tag 37 to distinguish customer A and tag 48 to distinguish customer B at edge device 1 and then stripping those tags at edge device 2 as the data frames leave the network. MES3500-24S/MGS3520 Series User’s Guide...
Page 193: Vlan Stacking Port Roles
Note: Static VLAN Tx Tagging MUST be enabled on a port where you choose Tunnel Port. 24.3 VLAN Tag Format A VLAN tag (service provider VLAN stacking or customer IEEE 802.1Q) consists of the following three fields. Table 77 VLAN Tag Format Type Priority MES3500-24S/MGS3520 Series User’s Guide...
Page 194: Frame Format
Length and type of Ethernet frame (SP)TPID (Service Provider) Tag Protocol IDentifier Data Frame data VLAN ID Frame Check Sequence 24.4 Configuring VLAN Stacking Click Advanced Applications > VLAN Stacking to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 195 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 196: Port-Based Q-In-Q
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 197: Selective Q-In-Q
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 198 This is the service provider’s priority level in the packets. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the Delete check boxes. MES3500-24S/MGS3520 Series User’s Guide...
Page 199: Multicast
The Switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 200: Igmp Snooping And Vlans
The connection between ports 8 and 9 is blocked by STP to break the loop. If there is one query from a router (X) or MLD Done or Report message from any upstream port, it will be broadcast to all connected upstream ports. MES3500-24S/MGS3520 Series User’s Guide...
Page 201: Mld Messages
Click Advanced Applications > Multicast > IPv4 Multicast to display the screen as shown. This screen shows the IPv4 multicast group information. See Section 25.1 on page 199 for more information on multicasting. Figure 115 Advanced Application > Multicast > IPv4 Multicast MES3500-24S/MGS3520 Series User’s Guide...
Page 202: Igmp Snooping
Click the IGMP Snooping link in the Advanced Application > Multicast > IPv4 Multicast screen to display the screen as shown. See Section 25.1 on page 199 for more information on multicasting. Figure 116 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping MES3500-24S/MGS3520 Series User’s Guide...
Page 203 Select this option to set the Switch to remove this port from the multicast tree when an IGMP version 2 leave message is received on this port. Select this option if there is only one host connected to this port. MES3500-24S/MGS3520 Series User’s Guide...
Page 204 Select Edge to stop the Switch from using the port as an IGMP query port. The Switch will not keep any record of an IGMP router being connected to this port. The Switch does not forward IGMP join or leave packets to this port. MES3500-24S/MGS3520 Series User’s Guide...
Page 205: Igmp Snooping Vlan
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 206: Igmp Filtering Profile
Click Advanced Application > Multicast > IPv4 Multicast in the navigation panel. Click the IGMP Snooping link and then the IGMP Filtering Profile link to display the screen as shown. Figure 118 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping > IGMP Filtering Profile MES3500-24S/MGS3520 Series User’s Guide...
Page 207: Ipv6 Multicast Status
This field displays IP multicast group addresses. Group Timeout This field displays the time (in seconds) that elapses before the Switch removes a MLD group membership entry if it does not receive report messages from the port. MES3500-24S/MGS3520 Series User’s Guide...
Page 208: Mld Snooping-Proxy
25.4.2 MLD Snooping-proxy VLAN Click the VLAN link in the Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy screen to display the screen as shown. See Section 25.1 on page 199 for more information on multicasting. MES3500-24S/MGS3520 Series User’s Guide...
Page 209 This value is used to calculate the amount of time an MLD snooping membership entry (learned only on the upstream port) can remain in the forwarding table. MES3500-24S/MGS3520 Series User’s Guide...
Page 210: Mld Snooping-Proxy Vlan Port Role Setting
Click the Port Role Setting link in the Advanced Application > Multicast > IPv6 Multicast > MLD Snooping- proxy > VLAN screen to display the screen as shown. See Section 25.1 on page 199 for more information on multicasting. MES3500-24S/MGS3520 Series User’s Guide...
Page 211 Report or Done messages when receiving queries from a multicast router. Otherwise, select None if the port is not joining a multicast group or does not belong to this VLAN. MES3500-24S/MGS3520 Series User’s Guide...
Page 212: Mld Snooping-Proxy Filtering
25.4.4 MLD Snooping-proxy Filtering Use this screen to configure the Switch’s MLD filtering settings. Click the Filtering link in the Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy screen to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 213 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields to your previous configuration. MES3500-24S/MGS3520 Series User’s Guide...
Page 214: Mld Snooping-Proxy Filtering Profile
This field displays the end of the multicast IPv6 address range. Delete Check the profile(s) that you want to remove in the Delete column, then click the Delete button. Cancel Click Cancel to clear the check boxes. MES3500-24S/MGS3520 Series User’s Guide...
Page 215: Mvr Overview
The following figure shows a multicast television example where a subscriber device (such as a computer) in VLAN 1 receives multicast traffic from the streaming media server, S, via the Switch. Multiple subscriber devices can connect through a port configured as the receiver on the Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 216: General Mvr Configuration
Note: You can create up to five multicast VLANs and up to 256 multicast rules on the Switch. Note: Your Switch automatically creates a static VLAN (with the same VID) when you create a multicast VLAN in this screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 217 Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. MES3500-24S/MGS3520 Series User’s Guide...
Page 218: Mvr Group Configuration
Configure MVR IP multicast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. Note: A port can belong to more than one multicast VLAN. However, IP multicast group addresses in different multicast VLANs cannot overlap. MES3500-24S/MGS3520 Series User’s Guide...
Page 219 Select the entry(ies) that you want to remove in the Delete column, then click the Delete button to remove the selected entry(ies) from the table. If you delete a multicast VLAN, all multicast groups in this VLAN will also be removed. Cancel Select Cancel to clear the checkbox(es) in the table. MES3500-24S/MGS3520 Series User’s Guide...
Page 220: Mvr Configuration Example
To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200. MES3500-24S/MGS3520 Series User’s Guide...
Page 221 Chapter 25 Multicast Figure 131 MVR Group Configuration Example-1 EXAMPLE Figure 132 MVR Group Configuration Example-2 EXAMPLE MES3500-24S/MGS3520 Series User’s Guide...
Page 222: Aaa
26.1.2 RADIUS and TACACS+ RADIUS and TACACS+ are security protocols used to authenticate users by means of an external server instead of (or in addition to) an internal device user database that is limited to the memory capacity of MES3500-24S/MGS3520 Series User’s Guide...
Page 223: Aaa Screens
RADIUS servers and Section 26.3 on page 231 for RADIUS attributes utilized by the authentication and accounting features on the Switch. Click on the RADIUS Server Setup link in the AAA screen to view the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 224 RADIUS server and the Switch. This key is not sent over the network. This key must be the same on the external RADIUS server and the Switch. Note that as you type a password, the screen displays an asterisk (*) for each character you type. MES3500-24S/MGS3520 Series User’s Guide...
Page 225: Tacacs+ Server Setup
Use this screen to configure your TACACS+ server settings. See Section 26.1.2 on page 222 for more information on TACACS+ servers. Click on the TACACS+ Server Setup link in the Authentication and Accounting screen to view the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 226 TACACS+ server and the Switch. This key is not sent over the network. This key must be the same on the external TACACS+ server and the Switch. Note that as you type a password, the screen displays an asterisk (*) for each character you type. MES3500-24S/MGS3520 Series User’s Guide...
Page 227: Aaa Setup
Click Cancel to begin configuring this screen afresh. 26.2.3 AAA Setup Use this screen to configure authentication, authorization and accounting settings on the Switch. Click on the AAA Setup link in the AAA screen to view the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 228 Switch to check other sources for access privilege level specify them in Method 2 and Method 3 fields. Select local to have the Switch check the access privilege configured for local authentication. Select radius or tacacs+ to have the Switch check the access privilege via the external servers. MES3500-24S/MGS3520 Series User’s Guide...
Page 229 If you don’t select this and you have two accounting servers set up, then the Switch sends information to the first accounting server and if it doesn’t get a response from the accounting server then it tries the second accounting server. MES3500-24S/MGS3520 Series User’s Guide...
Page 230: Vendor Specific Attribute
• Vendor-Type: A vendor specified attribute, identifying the setting you want to modify. • Vendor-data: A value you want to assign to the setting. Note: Refer to the documentation that comes with your RADIUS server on how to configure VSAs for users authenticating via the RADIUS server. MES3500-24S/MGS3520 Series User’s Guide...
Page 231: Tunnel Protocol Attribute
Remote Authentication Dial-In User Service (RADIUS) attributes are data used to define specific authentication, and accounting elements in a user profile, which is stored on the RADIUS server. This section lists the RADIUS attributes supported by the Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 232: Attributes Used For Authentication
- This value is set to Ethernet(15) on the Switch. Calling-Station-Id Frame-MTU EAP-Message State Message-Authenticator 26.3.2 Attributes Used for Accounting The following sections list the attributes sent from the Switch to the RADIUS server when performing authentication. MES3500-24S/MGS3520 Series User’s Guide...
Page 233    NAS-IP-Address    Service-Type    Calling-Station-Id    Acct-Status-Type    Acct-Delay-Time    Acct-Session-Id    Acct-Authentic    Acct-Session-Time   Acct-Terminate-Cause  MES3500-24S/MGS3520 Series User’s Guide...
Page 234  Acct-Delay-Time    Acct-Session-Id    Acct-Authentic    Acct-Input-Octets   Acct-Output-Octets   Acct-Session-Time   Acct-Input-Packets   Acct-Output-Packets   Acct-Terminate-Cause  Acct-Input-Gigawords   Acct-Output-Gigawords   MES3500-24S/MGS3520 Series User’s Guide...
Page 235: Ip Source Guard
Every port is either a trusted port or an untrusted port for DHCP snooping. This setting is independent of the trusted/untrusted setting for ARP inspection. You can also specify the maximum number for DHCP packets that each port (trusted or untrusted) can receive each second. MES3500-24S/MGS3520 Series User’s Guide...
Page 236 The Switch can add information to DHCP requests that it does not discard. This provides the DHCP server more information about the source of the requests. The Switch can add the following information: • Slot ID (1 byte), port ID (1 byte), and source VLAN ID (2 bytes) MES3500-24S/MGS3520 Series User’s Guide...
Page 237: Arp Inspection Overview
• It pretends to be computer B and sends a message to computer A. As a result, all the communication between computer A and computer B passes through computer X. Computer X can read and alter the information passed between them. MES3500-24S/MGS3520 Series User’s Guide...
Page 238: Ip Source Guard
Use this screen to look at the current bindings for DHCP snooping and ARP inspection. Bindings are used by DHCP snooping and ARP inspection to distinguish between authorized and unauthorized packets in the network. The Switch learns the bindings by snooping DHCP packets (dynamic bindings) and from MES3500-24S/MGS3520 Series User’s Guide...
Page 239: Ip Source Guard Static Binding
If you try to create a static binding with the same MAC address and VLAN ID as an existing static binding, the new static binding replaces the original one. To open this screen, click Advanced Application > IP Source Guard > Static Binding. MES3500-24S/MGS3520 Series User’s Guide...
Page 240 Specify the port(s) in the binding. If this binding has one port, select the first radio button and enter the port number in the field to the right. If this binding applies to all ports, select Any. Click this to create the specified static binding or to update an existing one. MES3500-24S/MGS3520 Series User’s Guide...
Page 241: Dhcp Snooping
Click this to clear the Delete check boxes above. 27.4 DHCP Snooping Use this screen to look at various statistics about the DHCP snooping database. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping. MES3500-24S/MGS3520 Series User’s Guide...
Page 242 This field displays how long (in seconds) the Switch waits to update the DHCP snooping database after the current bindings change. This section displays information about the current update and the next update of the DHCP snooping database. MES3500-24S/MGS3520 Series User’s Guide...
Page 243 MAC address and VLAN ID. Invalid interfaces This field displays the number of bindings the Switch ignored because the port number was a trusted interface or does not exist anymore. MES3500-24S/MGS3520 Series User’s Guide...
Page 244: Dhcp Snooping Configure
TFTP server so that they are still available after a restart. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure. MES3500-24S/MGS3520 Series User’s Guide...
Page 245 Enter how long (10-65535 seconds) the Switch waits to update the DHCP snooping interval database the first time the current bindings change after an update. Once the next update is scheduled, additional changes in current bindings are automatically included in the next update. MES3500-24S/MGS3520 Series User’s Guide...
Page 246: Dhcp Snooping Port Configure
You can also specify the maximum number for DHCP packets that each port (trusted or untrusted) can receive each second. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > Port. Figure 144 Advanced Application > IP Source Guard > DHCP Snooping Port Configure MES3500-24S/MGS3520 Series User’s Guide...
Page 247: Dhcp Snooping Vlan Configure
DHCP server for each VLAN. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN. Figure 145 Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN MES3500-24S/MGS3520 Series User’s Guide...
Page 248: Dhcp Snooping Vlan Port Configure
Advanced Application > IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure > VLAN > Port. Figure 146 Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN > Port MES3500-24S/MGS3520 Series User’s Guide...
Page 249: Arp Inspection Status
MAC address filter to block traffic from the source MAC address and source VLAN ID of the unauthorized ARP packet. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection. Figure 147 Advanced Application > IP Source Guard > ARP Inspection Status MES3500-24S/MGS3520 Series User’s Guide...
Page 250: Arp Inspection Vlan Status
Select this to look at all the VLANs in a specific range in the section below. Then, enter the lowest VLAN ID (Start VID) and the highest VLAN ID (End VID) you want to look at. MES3500-24S/MGS3520 Series User’s Guide...
Page 251: Arp Inspection Log Status
The Switch consolidates identical log messages generated by ARP packets in the log consolidation interval into one log message. You can configure this interval in the ARP Inspection Configure screen. See Section 27.6.3 on page 252. MES3500-24S/MGS3520 Series User’s Guide...
Page 252: Arp Inspection Configure
Table 115 Advanced Application > IP Source Guard > ARP Inspection > Configure LABEL DESCRIPTION Active Select this to enable ARP inspection on the Switch. You still have to enable ARP inspection on specific VLAN and specify trusted ports. Filter Aging Time MES3500-24S/MGS3520 Series User’s Guide...
Page 253: Arp Inspection Port Configure
Use this screen to specify whether ports are trusted or untrusted ports for ARP inspection. You can also specify the maximum rate at which the Switch receives ARP packets on each untrusted port. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure > Port. MES3500-24S/MGS3520 Series User’s Guide...
Page 254: Arp Inspection Vlan Configure
Use this screen to enable ARP inspection on each VLAN and to specify when the Switch generates log messages for receiving ARP packets from each VLAN. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure > VLAN. MES3500-24S/MGS3520 Series User’s Guide...
Page 255 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. MES3500-24S/MGS3520 Series User’s Guide...
Page 256: Loop Guard
The following figure shows port N on switch A connected to switch B. Switch B is in loop state. When broadcast or multicast packets leave port N and reach switch B, they are sent back to port N on A as they are rebroadcast from B. MES3500-24S/MGS3520 Series User’s Guide...
Page 257: Loop Guard Setup
Click Advanced Application > Loop Guard in the navigation panel to display the screen as shown. Note: The loop guard feature can not be enabled on the ports that have Spanning Tree Protocol (RSTP, MRSTP or MSTP) enabled. MES3500-24S/MGS3520 Series User’s Guide...
Page 258 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 259: Vlan Mapping
VLAN network respectively (such as VLAN 10). Figure 158 VLAN mapping example 29.2 Enabling VLAN Mapping Click Advanced Application and then VLAN Mapping in the navigation panel to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 260: Configuring Vlan Mapping
Click Cancel to begin configuring this screen afresh. 29.3 Configuring VLAN Mapping Click the VLAN Mapping Configure link in the VLAN Mapping screen to display the screen as shown. Use this screen to enable and edit the VLAN mapping rule(s). MES3500-24S/MGS3520 Series User’s Guide...
Page 261 This is the direction of the traffic to which the rule is applied. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the Delete check boxes. MES3500-24S/MGS3520 Series User’s Guide...
Page 262: Layer 2 Protocol Tunneling
To emulate a point-to-point topology between two customer switches at different sites, such as A and B, you can enable protocol tunneling on edge switches 1 and 2 for PAgP (Port Aggregation Protocol), LACP or UDLD (UniDirectional Link Detection). MES3500-24S/MGS3520 Series User’s Guide...
Page 263: Layer-2 Protocol Tunneling Mode
Incoming encapsulated layer-2 protocol packets received on a tunnel port are decapsulated and sent to an access port. 30.2 Configuring Layer 2 Protocol Tunneling Click Advanced Application > Layer 2 Protocol Tunneling in the navigation panel to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 264 (local and remote) networks. Select this option to have the Switch tunnel VTP (VLAN Trunking Protocol) packets so that all customer switches can use consistent VLAN configuration through the service provider’s network. MES3500-24S/MGS3520 Series User’s Guide...
Page 265 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 266: Sflow
For example, you can use it to know which IP address or which type of traffic caused network congestion. Figure 164 sFlow Application 31.2 sFlow Port Configuration Click Advanced Application > sFlow in the navigation panel to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 267 Enter a number (N) from 256 to 65535. The Switch captures every one out of N packets for this port and creates sFlow datagram. poll-interval Specify a time interval (from 20 to 120 in seconds) the Switch waits before sending the sFlow datagram and packet counters for this port to the collector. MES3500-24S/MGS3520 Series User’s Guide...
Page 268: Sflow Collector Configuration
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields to your previous configuration. MES3500-24S/MGS3520 Series User’s Guide...
Page 269 This field displays port number the Switch uses to send sFlow datagram to the collector. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 270: Pppoe
There are two types of sub-option: “Agent Circuit ID Sub-option” and “Agent Remote ID Sub-option”. They have the following formats. Table 125 PPPoE IA Circuit ID Sub-option Format: User-defined String SubOpt Length Value 0x01 String (1 byte) (1 byte) (63 bytes) MES3500-24S/MGS3520 Series User’s Guide...
Page 271: Port State
Every port is either a trusted port or an untrusted port for the PPPoE intermediate agent. This setting is independent of the trusted/untrusted setting for DHCP snooping or ARP inspection. You can also specify the agent sub-options (circuit ID and remote ID) that the Switch adds to PADI and PADR packets from PPPoE clients. MES3500-24S/MGS3520 Series User’s Guide...
Page 272: Pppoe Screen
Use this screen to configure the Switch to give a PPPoE termination server additional subscriber information that the server can use to identify and authenticate a PPPoE client. Click Advanced Application > PPPoE > Intermediate Agent in the navigation panel to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 273 Select a delimiter to separate the identifier-string, slot ID, port number and/or VLAN ID from each other. You can use a pound key (#), semi-colon (;), period (.), comma (,), forward slash (/) or space. MES3500-24S/MGS3520 Series User’s Guide...
Page 274: Pppoe Ia Per-Port
Use this row to make the setting the same for all ports. Use this row first and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. MES3500-24S/MGS3520 Series User’s Guide...
Page 275: Pppoe Ia Per-Port Per-Vlan
32.3.2 PPPoE IA Per-Port Per-VLAN Use this screen to configure PPPoE IA settings that apply to a specific VLAN on a port. Click the VLAN link in the Intermediate Agent > Port screen to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 276 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 277: Pppoe Ia For Vlan
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 278: Error Disable
33.3 Error Disable Screen Use this screen to configure error disable related settings. Click Advanced Application > Errdisable in the navigation panel to open the following screen. Figure 172 Advanced Application > Errdisable MES3500-24S/MGS3520 Series User’s Guide...
Page 279: Error-Disable Status
Press to reset the specified port(s) to handle ARP, BPDU or IGMP packets instead of ignoring them, if the port(s) is in inactive-reason mode. Errdisable Status Port This is the number of the port on which you want to configure Errdisable Status. MES3500-24S/MGS3520 Series User’s Guide...
Page 280: Cpu Protection Configuration
Advanced Application > Errdisable screen to display the screen as shown. Note: After you configure this screen, make sure you also enable error detection for the specific control packets in the Advanced Application > Errdisable > Errdisable Detect screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 281: Error-Disable Detect Configuration
Click the Click Here link next to Errdisable Detect link in the Advanced Application > Errdisable screen to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 282: Error-Disable Recovery Configuration
Use this screen to configure the Switch to automatically undo an action after the error is gone. Click the Click Here link next to Errdisable Recovery in the Advanced Application > Errdisable screen to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 283 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 284: Private Vlan
Note: Make sure you keep at least one port in the promiscuous port list for a VLAN with private VLAN enabled. Otherwise, this VLAN is blocked from the whole network. 34.2 Configuring Private VLAN Click Advanced Application > Private VLAN in the navigation panel to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 285 This is the VLAN to which this rule is applied. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the Delete check boxes. MES3500-24S/MGS3520 Series User’s Guide...
Page 286: Green Ethernet
35.2 Configuring Green Ethernet Click Advanced Application > Green Ethernet in the navigation panel to display the screen as shown. Note: EEE, Auto Power Down and Short Reach are not supported on an uplink port. MES3500-24S/MGS3520 Series User’s Guide...
Page 287 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 288: Link Layer Discovery Protocol (Lldp)
• Power via MDI TLV (optional, for PoE models only) • Link Aggregation TLV (optional) • Maximum Frame Size TLV (optional) The optional TLVs are inserted between the Time To Live TLV and the End of LLDPDU TLV. MES3500-24S/MGS3520 Series User’s Guide...
Page 289: Lldp-Med Overview
Since LLDPDU updates status and configuration information periodically, network managers may check the result of provision via remote status. The remote status is updated by receiving LLDP-MED TLVs from endpoint devices. MES3500-24S/MGS3520 Series User’s Guide...
Page 290: Lldp Screens
Click here to show a screen with the Switch’s LLDP information. Status LLDP Remote Click here to show a screen with LLDP information from the neighboring devices. Status LLDP Click here to show a screen to configure LLDP parameters. Configuration MES3500-24S/MGS3520 Series User’s Guide...
Page 291: Lldp Local Status
This screen displays a summary of LLDP status on this Switch. Click Advanced Application > LLDP > LLDP Local Status to display the screen as shown next. Figure 183 Advanced Application > LLDP > LLDP Local Status MES3500-24S/MGS3520 Series User’s Guide...
Page 292: Lldp Local Port Status Detail
This screen displays detailed LLDP status for each port on this Switch. Click Advanced Application > LLDP > LLDP Local Status and then, click a port number, for example 1 in the local port column to display the screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 293 This displays the VLAN ID sent by the IEEE 802.1 Port VLAN ID TLV. Port-Protocol This displays the IEEE 802.1 Port Protocol VLAN ID TLVs, which indicates whether the VLAN is VLAN ID TLV enabled and supported. Dot3 TLV MES3500-24S/MGS3520 Series User’s Guide...
Page 294 • Aggregation Capability — The current aggregation capability of the port. • Aggregation Status — The current aggregation status of the port. • Aggregation Port ID — The aggregation ID of the current port. Max Frame Size This displays the maximum supported frame size in octets. MES3500-24S/MGS3520 Series User’s Guide...
Page 295 Chapter 36 Link Layer Discovery Protocol (LLDP) Figure 185 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail (Med TLV) MES3500-24S/MGS3520 Series User’s Guide...
Page 296: Lldp Remote Status
This screen displays a summary of LLDP status for each LLDP connection to a neighboring Switch. Click Advanced Application > LLDP > LLDP Remote Status (Click Here) to display the screen as shown next. Figure 186 Advanced Application > LLDP > LLDP Remote Status MES3500-24S/MGS3520 Series User’s Guide...
Page 297: Lldp Remote Port Status Detail
This screen displays detailed LLDP status of the remote device conencted to the Switch. Click Advanced Application > LLDP > LLDP Remote Status (Click Here) and then click an index number, for example 1, in the Index column in the LLDP Remote Status screen to display the screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 298 This displays the time-to-live (TTL) multiplier of LLDP frames. The device information on the neighboring devices ages out and is discarded when its corresponding TTL expires. The TTL value is to multiply the TTL multiplier by the LLDP frames transmitting interval. MES3500-24S/MGS3520 Series User’s Guide...
Page 299 System Capabilities Supported • System Capabilities Enabled Management This displays the following management address parameters of the remote device. Address TLV • Management Address Subtype • Management Address • Interface Number Subtype • Interface Number • Object Identifier MES3500-24S/MGS3520 Series User’s Guide...
Page 300 This displays the IEEE 802.1 Port Protocol VLAN ID TLV, which indicates whether the VLAN ID VLAN ID TLV and whether it is enabled and supported on the port of remote Switch which sent the LLDPDU. • Port-Protocol VLAN ID • Port-Protocol VLAN ID Supported • Port-Protocol VLAN ID Enabled MES3500-24S/MGS3520 Series User’s Guide...
Page 301 • Port Class • MDI Supported • MDI Enabled • Pair Controlable • PSE Power Pairs • Power Class Max Frame Size This displays the maximum supported frame size in octets. MES3500-24S/MGS3520 Series User’s Guide...
Page 302 Chapter 36 Link Layer Discovery Protocol (LLDP) Figure 189 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (MED TLV) MES3500-24S/MGS3520 Series User’s Guide...
Page 303 Power Priority - the Endpoint Device’s power priority (which the Network Connectivity Device may use to prioritize which devices will remain in service during power shortages) • Power Value - power requirement, in fractions of Watts, in current configuration MES3500-24S/MGS3520 Series User’s Guide...
Page 304: Lldp Configuration
Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. MES3500-24S/MGS3520 Series User’s Guide...
Page 305: Lldp Configuration Basic Tlv Setting
Use this screen to configure Basic TLV settings. Click Advanced Application > LLDP > LLDP Configuration (Click Here) > Basic TLV Setting to display the screen as shown next. Figure 191 Advanced Application > LLDP > LLDP Configuration> Basic TLV Setting MES3500-24S/MGS3520 Series User’s Guide...
Page 306: Lldp Configuration Org-Specific Tlv Setting
Use this screen to configure organization-specific TLV settings. Click Advanced Application > LLDP > LLDP Configuration (Click Here) > Org-specific TLV Setting to display the screen as shown next. Figure 192 Advanced Application > LLDP > LLDP Configuration> Org-specific TLV Setting MES3500-24S/MGS3520 Series User’s Guide...
Page 307: Lldp-Med Configuration
Cancel Click Cancel to begin configuring this screen afresh. 36.7 LLDP-MED Configuration Click Advanced Application > LLDP > LLDP-MED Configuration to display the screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 308 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 309: Lldp-Med Network Policy
Click Cancel to begin entering the information afresh. Index This field displays the of index number of the network policy. Click an index number to edit the rule. Port This field displays the port number of the network policy. MES3500-24S/MGS3520 Series User’s Guide...
Page 310: Lldp-Med Location
Click Cancel to clear the selected check boxes. 36.9 LLDP-MED Location Click Advanced Application > LLDP > LLDP-MED Location (Click Here) to display the screen as shown next. Figure 195 Advanced Application > LLDP > LLDP-MED Location MES3500-24S/MGS3520 Series User’s Guide...
Page 311 • Street • Leading-Street-Direction • Street-Suffix • Trailing-Street-Suffix • House-Number • House-Number-Suffix • Landmark • Additional-Location • Name • Zip-Code • Building • Unit • Floor • Room-Number • Place-Type • Postal-Community-Name • Post-Office-Box • Additional-Code MES3500-24S/MGS3520 Series User’s Guide...
Page 312 Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Check the locations that you want to remove, then click the Delete button. Cancel Click Cancel to clear the selected check boxes. MES3500-24S/MGS3520 Series User’s Guide...
Page 313: Static Route
R2 to send traffic to an SNMP trap server on network N2. Figure 196 Static Routing Overview 37.2 Static Routing Click IP Application > Static Routing in the navigation panel to display the screen as shown. Figure 197 IP Application > Static Routing MES3500-24S/MGS3520 Series User’s Guide...
Page 314: Ipv4 Static Route
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the above fields to your previous configuration. MES3500-24S/MGS3520 Series User’s Guide...
Page 315 Switch that will forward the packet to the destination. Metric This field displays the cost of transmission for routing purposes. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. MES3500-24S/MGS3520 Series User’s Guide...
Page 316: Differentiated Services
DSCP value) the incoming packets into different traffic flows (Platinum, Gold, Silver, Bronze) based on the configured marking rules. A network administrator can then apply various traffic policies to the traffic flows. An example traffic policy, is to give higher drop precedence to one traffic flow over MES3500-24S/MGS3520 Series User’s Guide...
Page 317: Activating Diffserv
Figure 200 DiffServ Network 38.2 Activating DiffServ Activate DiffServ to apply marking rules or IEEE 802.1p priority mapping on the selected port(s). Click IP Application > DiffServ in the navigation panel to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 318: Dscp-To-Ieee 802.1P Priority Settings
38.3 DSCP-to-IEEE 802.1p Priority Settings You can configure the DSCP to IEEE 802.1p mapping to allow the Switch to prioritize all traffic based on the incoming DSCP value according to the DiffServ to IEEE 802.1p mapping table. MES3500-24S/MGS3520 Series User’s Guide...
Page 319: Configuring Dscp Settings
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 320: Dhcp
Click IP Application > DHCP in the navigation panel to display the screen as shown. Click the link next to DHCPv4 to open screens where you can enable and configure DHCPv4 relay settings and create option 82 profiles. Click the link next to DHCPv6 to open a screen where you can configure DHCPv6 relay settings. MES3500-24S/MGS3520 Series User’s Guide...
Page 321: Dhcpv4 Status
Relay Agent Information. This helps provide authentication about the source of the requests. The DHCP server can then provide an IP address based on this information. Please refer to RFC 3046 for more details. MES3500-24S/MGS3520 Series User’s Guide...
Page 322: Dhcpv4 Option 82 Profile
Use this screen to create DHCPv4 option 82 profiles. Click IP Application > DHCP > DHCPv4 in the navigation panel and click the Option 82 Profile link to display the screen as shown. Figure 205 IP Application > DHCP > DHCPv4 > Option 82 Profile MES3500-24S/MGS3520 Series User’s Guide...
Page 323: Configuring Dhcpv4 Global Relay
39.4.3 Configuring DHCPv4 Global Relay Configure global DHCP relay in the DHCP Relay screen. Click IP Application > DHCP > DHCPv4 in the navigation panel and click the Global link to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 324: Dhcpv4 Global Relay Port Configure
Use this screen to apply a different DHCP option 82 profile to certain ports on the Switch. To open this screen, click IP Application > DHCP > DHCPv4 > Global > Port. Figure 207 IP Application > DHCP > DHCPv4 > Global > Port MES3500-24S/MGS3520 Series User’s Guide...
Page 325: Global Dhcpv4 Relay Configuration Example
The follow figure shows a network example where the Switch is used to relay DHCP requests for the VLAN1 and VLAN2 domains. There is only one DHCP server that services the DHCP clients in both domains. Figure 208 Global DHCP Relay Network Example MES3500-24S/MGS3520 Series User’s Guide...
Page 326: Configuring Dhcpv4 Vlan Settings
Note: You must set up a management IP address for each VLAN that you want to configure DHCP settings for on the Switch. See Section 8.5 on page 84 for information on how to set up management IP addresses for VLANs. Figure 210 IP Application > DHCP > DHCPv4 > VLAN MES3500-24S/MGS3520 Series User’s Guide...
Page 327: Dhcpv4 Vlan Port Configure
Enter the number of port(s) to which you want to apply the specified DHCP option 82 profile. You can enter multiple ports separated by (no space) comma (,) or hyphen (-). For example, enter “3-5” for ports 3, 4, and 5. Enter “3,5,7” for ports 3, 5, and 7. MES3500-24S/MGS3520 Series User’s Guide...
Page 328: Example: Dhcpv4 Relay For Two Vlans
(VLAN 1) to the DHCP server with an IP address of 192.168.1.100. Requests from the academic buildings (VLAN 2) are sent to the other DHCP server with an IP address of 172.16.10.100. Figure 212 DHCP Relay for Two VLANs For the example network, configure the VLAN Setting screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 329: Dhcpv6 Relay
Use this screen to configure DHCPv6 relay settings for a specific VLAN on the Switch. Click IP Application > DHCP > DHCPv6 in the navigation panel to display the screen as shown. MES3500-24S/MGS3520 Series User’s Guide...
Page 330 Select the entry(ies) that you want to remove in the Delete column, then click the Delete button to remove the selected entry(ies) from the table. Cancel Click this to clear the check boxes in the Delete column. MES3500-24S/MGS3520 Series User’s Guide...
Page 331: Dhcpv6 Options Profile
DHCPv6 server. Subscriber-ID Select slot-port to have the Switch add the number of port that the DHCPv6 client is connected Enter a string of up to 64 printable characters to be carried in the subscriber-ID option. MES3500-24S/MGS3520 Series User’s Guide...
Page 332: Dhcpv6 Port Configure
Options Profile Select a pre-defined DHCPv6 options profile that the Switch applies to the specified port(s) in this VLAN. The profile you select here has priority over the one you select in the DHCP > DHCPv6 screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 333 Select the entry(ies) that you want to remove in the Delete column, then click the Delete button to remove the selected entry(ies) from the table. Cancel Click this to clear the check boxes in the Delete column. MES3500-24S/MGS3520 Series User’s Guide...
Page 334: Arp Setup
When the Switch receives the ARP reply from host B, it updates its ARP table and also forwards host A’s ICMP request to host B. After the Switch gets the ICMP reply from host B, it sends out an ARP request to MES3500-24S/MGS3520 Series User’s Guide...
Page 335 In Gratuitous-ARP learning mode, the Switch updates its ARP table with either an ARP reply or a gratuitous ARP request. ARP-Request When the Switch is in ARP-Request learning mode, it updates the ARP table with both ARP replies, gratuitous ARP requests and ARP requests. MES3500-24S/MGS3520 Series User’s Guide...
Page 336: Arp Setup
Figure 217 IP Application > ARP Setup 40.2.1 ARP Learning Use this screen to configure each port’s ARP learning mode. Click the link next to ARP Learning in the IP Application > ARP Setup screen to display the screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 337 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 338: Maintenance
Click Click Here to see the Tech-Support screen. You can set CPU and memory thresholds for log reports and download related log reports for issue analysis. Log reports include CPU history and utilization, crash and memory. MES3500-24S/MGS3520 Series User’s Guide...
Page 339: Load Factory Default
(Config 1) or configuration two (Config 2) when you reboot. You can restart the Switch immediately or set the Switch to restart at a specific time. Click Management > Maintenance > Reboot System to view the screen as shown next. MES3500-24S/MGS3520 Series User’s Guide...
Page 340 Select the configuration files you want the Switch to use when it restarts. Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power. MES3500-24S/MGS3520 Series User’s Guide...
Page 341: Firmware Upgrade
System Information in Basic Settings. • Firmware 1 shows its version number (and model code) and MM/DD/YYYY creation date. • Firmware 2 shows its version number (and model code) and MM/DD/YYYY creation date. MES3500-24S/MGS3520 Series User’s Guide...
Page 342: Restore A Configuration File
Backing up your Switch configurations allows you to create various “snap shots” of your device from which you may restore at a later date. Back up your current Switch configuration to a computer using the Backup Configuration screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 343: Tech-Support
Switch. The Tech Support menu eases your effort in obtaining reports and it is also available in CLI command by typing “Show tech-support” command. Click Management > Maintenance > Tech-Support to see the following screen. Figure 225 Management > Maintenance > Tech-Support MES3500-24S/MGS3520 Series User’s Guide...
Page 344: Ftp Command Line
The configuration file (also known as the romfile or ROM) contains the factory default settings in the screens such as password, Switch setup, IP Setup, and so on. Once you have customized the Switch’s settings, they can be saved back to your computer under a filename of your choosing. MES3500-24S/MGS3520 Series User’s Guide...
Page 345: Ftp Command Line Procedure
Launch the FTP client on your computer. Enter open, followed by a space and the IP address of your Switch. Press [ENTER] when prompted for a username. Enter your password as requested (the default is “1234”). MES3500-24S/MGS3520 Series User’s Guide...
Page 346: Gui-Based Ftp Clients
• FTP service is disabled in the Service Access Control screen. • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the Switch will disconnect the FTP session immediately. MES3500-24S/MGS3520 Series User’s Guide...
Page 347: Access Control
(NMS) and a network element (NE). A manager station can manage and monitor the Switch through the network via SNMP version one (SNMPv1), SNMP version 2c or SNMP version 3. The next figure illustrates an SNMP management operation. SNMP is only available if TCP/IP is configured. MES3500-24S/MGS3520 Series User’s Guide...
Page 348: Snmp V3 And Security
Encryption protects the contents of the SNMP messages. When the contents of the SNMP messages are encrypted, only the intended recipients can read them. 42.3.2 Supported MIBs MIBs let administrators collect statistics and monitor status and performance. MES3500-24S/MGS3520 Series User’s Guide...
Page 349: Snmp Traps
This trap is sent when the port is turned on to ecovered recover from a short circuit. zyPoePowerPortOverSystem 1.3.6.1.4.1.890.1.15.3.59.4.7 This trap is sent when the port is turned on to BudgetRecovered recover from an over system budget. MES3500-24S/MGS3520 Series User’s Guide...
Page 350 Table 176 SNMP InterfaceTraps OPTION OBJECT LABEL OBJECT ID DESCRIPTION linkup linkUp 1.3.6.1.6.3.1.1.5.4 This trap is sent when the Ethernet link is up. linkdown linkDown 1.3.6.1.6.3.1.1.5.3 This trap is sent when the Ethernet link is down. MES3500-24S/MGS3520 Series User’s Guide...
Page 351 This trap is sent when the transceiver fRangeRecovered supply voltage is recovered from the out of normal operating range. zyTransceiverDdmiTxBiasOutOfR 1.3.6.1.4.1.890.1.15.3.84.3.10 This trap is sent when the transmitter angeRecovered laser bias current is recovered from the out of normal operating range. MES3500-24S/MGS3520 Series User’s Guide...
Page 352 1.3.6.1.2.1.80.0.3 This trap is sent when a ping test is completed. traceroute traceRouteTestFailed 1.3.6.1.2.1.81.0.2 This trap is sent when a traceroute test fails. traceRouteTestCompleted 1.3.6.1.2.1.81.0.3 This trap is sent when a traceroute test is completed. MES3500-24S/MGS3520 Series User’s Guide...
Page 353: Configuring Snmp
1.3.111.2.802.1.1.8.0.1 The trap is sent when the Switch detects a connectivity fault. 42.3.4 Configuring SNMP Click Management > Access Control > SNMP to view the screen as shown. Use this screen to configure your SNMP settings. MES3500-24S/MGS3520 Series User’s Guide...
Page 354 Use this section to configure where to send SNMP traps from the Switch. Version Specify the version of the SNMP trap messages. Enter the IP addresses of up to four managers to send your SNMP traps to. MES3500-24S/MGS3520 Series User’s Guide...
Page 355: Configuring Snmp Trap Group
Clear the check boxes for individual traps that you do not want the Switch to send to the SNMP station. Clearing a category’s check box automatically clears all of the category’s trap check boxes (the Switch only sends traps from selected categories). MES3500-24S/MGS3520 Series User’s Guide...
Page 356: Enabling/Disabling Sending Of Snmp Traps On A Port
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 357: Configuring Snmp User
MD5, but is slower. Password Enter the password of up to 32 ASCII characters for SNMP user authentication. Note that as you type a password, the screen displays an asterisk (*) for each character you type. MES3500-24S/MGS3520 Series User’s Guide...
Page 358: Setting Up Login Accounts
• An administrator is someone who can both view and configure Switch changes. The username for the Administrator is always admin. The default administrator password is 1234. Note: It is highly recommended that you change the default administrator password (1234). MES3500-24S/MGS3520 Series User’s Guide...
Page 359 CLI. For more information on assigning privileges see the Ethernet Switch CLI Reference Guide. User Name Set a user name (up to 32 ASCII characters long). Password Enter your new system password. Retype to confirm Retype your new system password for confirmation MES3500-24S/MGS3520 Series User’s Guide...
Page 360: Ssh Overview
Figure 233 SSH Communication Example 42.6 How SSH works The following table summarizes how a secure connection is established between two remote hosts. MES3500-24S/MGS3520 Series User’s Guide...
Page 361: Ssh Implementation On The Switch
Your Switch supports SSH version 2 using RSA authentication and three encryption methods (DES, 3DES and Blowfish). The SSH server is implemented on the Switch for remote management and file transfer on port 22. Only one SSH connection is allowed at a time. MES3500-24S/MGS3520 Series User’s Guide...
Page 362: Requirements For Using Ssh
HTTP connection requests from a web browser go to port 80 (by default) on the Switch’s WS (web server). Figure 235 HTTPS Implementation Note: If you disable HTTP in the Service Access Control screen, then the Switch blocks all HTTP connection attempts. MES3500-24S/MGS3520 Series User’s Guide...
Page 363: Https Example
If that is the case, click Continue to this website (not recommended) to proceed to the web configurator login screen. Figure 237 Security Certificate Warning (Internet Explorer 7 or 8) MES3500-24S/MGS3520 Series User’s Guide...
Page 364: Mozilla Firefox Warning Messages
42.9.2 Mozilla Firefox Warning Messages When you attempt to access the Switch HTTPS server, a This Connection is Unstructed screen may display. If that is the case, click I Understand the Risks and then the Add Exception... button. MES3500-24S/MGS3520 Series User’s Guide...
Page 365 Chapter 42 Access Control Figure 240 Security Alert (Mozilla Firefox) Confirm the HTTPS server URL matches. Click Confirm Security Exception to proceed to the web configurator login screen. Figure 241 Security Alert (Mozilla Firefox) EXAMPLE MES3500-24S/MGS3520 Series User’s Guide...
Page 366: Google Chrome Warning Messages
After you accept the certificate and enter the login username and password, the Switch main screen appears. The lock displayed in the bottom right of the browser status bar or next to the website address denotes a secure connection. MES3500-24S/MGS3520 Series User’s Guide...
Page 367: Service Port Access Control
“trusted computer(s)” for each service in the Remote Management screen (discussed later). Click Management > Access Control > Service Access Control to view the screen as shown. Figure 244 Management > Access Control > Service Access Control MES3500-24S/MGS3520 Series User’s Guide...
Page 368: Remote Management
You can specify a group of one or more “trusted computers” from which an administrator may use a service to manage the Switch. Click Access Control to return to the Access Control screen. Figure 245 Management > Access Control > Remote Management MES3500-24S/MGS3520 Series User’s Guide...
Page 369 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 370: Diagnostic
Table 187 Management > Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi-line text box. Click Clear to empty the text box and reset the syslog entry. Ping Test MES3500-24S/MGS3520 Series User’s Guide...
Page 371 This displays the distance between the port and the location where the cable is open or fault shorted. This shows N/A if the Pair status is Ok. This shows Unsupported if the Switch chipset does not support to show the distance. MES3500-24S/MGS3520 Series User’s Guide...
Page 372: Syslog
Debug: The message is intended for debug-level purposes. 44.2 Syslog Setup Click Management > Syslog in the navigation panel to display this screen. The syslog feature sends logs to an external syslog server. Use this screen to configure the device’s system logging settings. MES3500-24S/MGS3520 Series User’s Guide...
Page 373: Syslog Server Setup
Click Cancel to begin configuring this screen afresh. 44.3 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to view the screen as shown next. Use this screen to configure a list of external syslog servers. MES3500-24S/MGS3520 Series User’s Guide...
Page 374 This field displays the severity level of the logs that the device is to send to this syslog server. Delete Select an entry’s Delete check box and click Delete to remove the entry. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 375: Cluster Management
The switches being managed by the cluster manager switch. In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members. Figure 249 Clustering Application Example MES3500-24S/MGS3520 Series User’s Guide...
Page 376: Cluster Management Status
45.2.1 Cluster Member Switch Management Go to the Clustering Management Status screen of the cluster manager switch and then select an Index hyperlink from the list of members to go to that cluster member switch's web configurator home page. MES3500-24S/MGS3520 Series User’s Guide...
Page 377 Figure 251 Cluster Management: Cluster Member Web Configurator Screen example example 45.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example. MES3500-24S/MGS3520 Series User’s Guide...
Page 378: Clustering Management Configuration
This is the cluster member switch’s configuration file name as seen in the cluster config manager switch. 45.3 Clustering Management Configuration Use this screen to configure clustering management. Click Management > Cluster Management > Configuration to display the next screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 379 Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. MES3500-24S/MGS3520 Series User’s Guide...
Page 380 This is the cluster member switch’s model name. Remove Select this checkbox and then click the Remove button to remove a cluster member switch from the cluster. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 381: Mac Table
• If the Switch has already learned the port for this MAC address, but the destination port is the same as the port it came in on, then it filters the frame. Figure 254 MAC Table Flowchart MES3500-24S/MGS3520 Series User’s Guide...
Page 382: Viewing The Mac Table
Select MAC to display and arrange the data according to MAC address. Select VID to display and arrange the data according to VLAN group. Select PORT to display and arrange the data according to port number. MES3500-24S/MGS3520 Series User’s Guide...
Page 383 This is the VLAN group to which this frame belongs. Port This is the port where the above MAC address is forwarded. Type This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). MES3500-24S/MGS3520 Series User’s Guide...
Page 384: Arp Table
MAC address that replied. 47.2 The ARP Table Screen Click Management > ARP Table in the navigation panel to open the following screen. Use the ARP table to view IP-to-MAC address mapping(s) and remove specific dynamic ARP entries. MES3500-24S/MGS3520 Series User’s Guide...
Page 385 This field displays how long (in seconds) an entry can still remain in the ARP table before it ages out and needs to be relearned. This shows 0 for a static entry. Type This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). MES3500-24S/MGS3520 Series User’s Guide...
Page 386: Path Mtu Table
This field displays the maximum transmission unit of the links in the path. Expire This field displays how long (in minutes) an entry can still remain in the Path MTU table before it ages out and needs to be relearned. MES3500-24S/MGS3520 Series User’s Guide...
Page 387: Configure Clone
This chapter shows you how you can copy the settings of one port onto other ports. 49.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management > Configure Clone to open the following screen. MES3500-24S/MGS3520 Series User’s Guide...
Page 388 Chapter 49 Configure Clone Figure 258 Management > Configure Clone MES3500-24S/MGS3520 Series User’s Guide...
Page 389 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. MES3500-24S/MGS3520 Series User’s Guide...
Page 390: Neighbor Table
This field displays the IPv6 address of the Switch or a neighboring device. Address This field displays the MAC address of the IPv6 interface on which the IPv6 address is configured or the MAC address of the neighboring device. MES3500-24S/MGS3520 Series User’s Guide...
Page 391 • dynamic (D): The IP address to MAC address can be successfully resolved using IPv6 Neighbor Discovery protocol. Is it similar as IPv4 ARP (Address Resolution protocol). • static (S): The interface address is statically configured. MES3500-24S/MGS3520 Series User’s Guide...
Page 392: Troubleshooting
Turn the Switch off and on (in DC models or if the DC power supply is connected in AC/DC models). Disconnect and re-connect the power adaptor or cord to the Switch (in AC models or if the AC power supply is connected in AC/DC models). If the problem continues, contact the vendor. MES3500-24S/MGS3520 Series User’s Guide...
Page 393: Switch Access And Login
• The default management IP address is 192.168.1.1. • If you changed the IP address, use the new IP address. • If you changed the IP address and have forgotten it, see the troubleshooting suggestions for forgot the IP address for the Switch. MES3500-24S/MGS3520 Series User’s Guide...
Page 394 I cannot see some of Advanced Application submenus at the bottom of the navigation panel. The recommended screen resolution is 1024 by 768 pixels. Adjust the value in your computer and then you should see the rest of Advanced Application submenus at the bottom of the navigation panel. MES3500-24S/MGS3520 Series User’s Guide...
Page 395: Switch Configuration
Click Save at the top right corner of the web configurator to save the configuration permanently. See also Section 41.3 on page 339 for more information about how to save your configuration. MES3500-24S/MGS3520 Series User’s Guide...
Page 396: Appendix A Customer Support
• Brief description of the problem and the steps you took to solve it. Corporate Headquarters (Worldwide) Taiwan • Zyxel Communications Corporation • http://www.zyxel.com Asia China • Zyxel Communications (Shanghai) Corp. Zyxel Communications (Beijing) Corp. Zyxel Communications (Tianjin) Corp. • http://www.zyxel.cn India • Zyxel Technology India Pvt Ltd • http://www.zyxel.in Kazakhstan •...
Page 397 • Zyxel Singapore Pte Ltd. • http://www.zyxel.com.sg Taiwan • Zyxel Communications Corporation • http://www.zyxel.com/tw/zh/ Thailand • Zyxel Thailand Co., Ltd • http://www.zyxel.co.th Vietnam • Zyxel Communications Corporation-Vietnam Office • http://www.zyxel.com/vn/vi Europe Austria • Zyxel Deutschland GmbH • http://www.zyxel.de Belarus • Zyxel BY • http://www.zyxel.by...
Page 398 Appendix A Customer Support Belgium • Zyxel Communications B.V. • http://www.zyxel.com/be/nl/ • http://www.zyxel.com/be/fr/ Bulgaria • Zyxel България • http://www.zyxel.com/bg/bg/ Czech Republic • Zyxel Communications Czech s.r.o • http://www.zyxel.cz Denmark • Zyxel Communications A/S • http://www.zyxel.dk Estonia • Zyxel Estonia • http://www.zyxel.com/ee/et/ Finland •...
Page 399 • Zyxel Communications Poland • http://www.zyxel.pl Romania • Zyxel Romania • http://www.zyxel.com/ro/ro Russia • Zyxel Russia • http://www.zyxel.ru Slovakia • Zyxel Communications Czech s.r.o. organizacna zlozka • http://www.zyxel.sk Spain • Zyxel Communications ES Ltd • http://www.zyxel.es Sweden • Zyxel Communications • http://www.zyxel.se Switzerland •...
Page 400 Appendix A Customer Support • http://www.zyxel.ch/ Turkey • Zyxel Turkey A.S. • http://www.zyxel.com.tr • Zyxel Communications UK Ltd. • http://www.zyxel.co.uk Ukraine • Zyxel Ukraine • http://www.ua.zyxel.com Latin America Argentina • Zyxel Communication Corporation • http://www.zyxel.com/ec/es/ Brazil • Zyxel Communications Brasil Ltda.
Page 401 Appendix A Customer Support North America • Zyxel Communications, Inc. - North America Headquarters • http://www.zyxel.com/us/en/ Oceania Australia • Zyxel Communications Corporation • http://www.zyxel.com/au/en/ Africa South Africa • Nology (Pty) Ltd. • http://www.zyxel.co.za MES3500-24S/MGS3520 Series User’s Guide...
Page 402: Appendix B Common Services
File Transfer Program, a program to enable fast transfer of files, including large files that may not be possible by e-mail. H.323 1720 NetMeeting uses this protocol. HTTP Hyper Text Transfer Protocol - a client/server protocol for the world wide web. MES3500-24S/MGS3520 Series User’s Guide...
Page 403 Simple Mail Transfer Protocol is the message- exchange standard for the Internet. SMTP enables you to move messages from one e-mail server to another. SNMP TCP/UDP Simple Network Management Program. SNMP-TRAPS TCP/UDP Traps for use with the SNMP (RFC:1215). MES3500-24S/MGS3520 Series User’s Guide...
Page 404 Its primary function is to allow users to log into remote host systems. TFTP Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 Another videoconferencing solution. MES3500-24S/MGS3520 Series User’s Guide...
Page 405: Appendix C Ipv6
54 bits 64 bits Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. MES3500-24S/MGS3520 Series User’s Guide...
Page 406 The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group. Table 203 Reserved Multicast Address MULTICAST ADDRESS FF00:0:0:0:0:0:0:0 FF01:0:0:0:0:0:0:0 FF02:0:0:0:0:0:0:0 FF03:0:0:0:0:0:0:0 FF04:0:0:0:0:0:0:0 FF05:0:0:0:0:0:0:0 FF06:0:0:0:0:0:0:0 FF07:0:0:0:0:0:0:0 FF08:0:0:0:0:0:0:0 FF09:0:0:0:0:0:0:0 FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 MES3500-24S/MGS3520 Series User’s Guide...
Page 407 DHCP server to assign and pass IPv6 network addresses, prefixes and other configuration information to DHCP clients. DHCPv6 servers and clients exchange DHCP messages using UDP. In IPv6, all network interfaces can be associated with several addresses. MES3500-24S/MGS3520 Series User’s Guide...
Page 408 48) to generate its LAN IP address. Through sending Router Advertisements (RAs) regularly by multicast, the Switch passes the IPv6 prefix information to its LAN hosts. The hosts then can use the prefix to generate their IPv6 addresses. MES3500-24S/MGS3520 Series User’s Guide...
Page 409 If the Switch cannot find an entry in the neighbor cache or the state for the neighbor is not reachable, it starts the address resolution process. This helps reduce the number of IPv6 solicitation and advertisement messages. MES3500-24S/MGS3520 Series User’s Guide...
Page 410 Install Dibbler and select the DHCPv6 client option on your computer. After the installation is complete, select Start > All Programs > Dibbler-DHCPv6 > Client Install as service. Select Start > Control Panel > Administrative Tools > Services. Double click Dibbler - a DHCPv6 client. MES3500-24S/MGS3520 Series User’s Guide...
Page 411 To enable IPv6 in Windows 7: Select Control Panel > Network and Sharing Center > Local Area Connection. Select the Internet Protocol Version 6 (TCP/IPv6) checkbox to enable it. Click OK to save the change. MES3500-24S/MGS3520 Series User’s Guide...
Page 412 IPv4 Address... : 172.16.100.61 Subnet Mask ... : 255.255.255.0 Default Gateway ..: fe80::213:49ff:feaa:7125%11 172.16.100.254 MES3500-24S/MGS3520 Series User’s Guide...
Page 413: Appendix D Legal Information
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of Zyxel Communications Corporation. Published by Zyxel Communications Corporation. All rights reserved.
Page 414 If this product is end of life, take it to a recycling station designated by local authorities. At the time of disposal, the separate collection of your product and/or its battery will help save natural resources and ensure that the environment is sustainable development. MES3500-24S/MGS3520 Series User’s Guide...
Page 415 • 請勿阻礙設備的散熱孔，空氣對流不足將會造成設備損害。 • 請插在正確的電壓供給插座 ( 如 : 北美 / 台灣電壓 110V AC，歐洲是 230V AC)。 • 假若電源變壓器或電源變壓器的纜線損壞，請從插座拔除，若您還繼續插電使用，會有觸電死亡的風險。 • 請勿試圖修理電源變壓器或電源變壓器的纜線，若有毀損，請直接聯絡您購買的店家，購買一個新的電源變壓器。 • 請勿將此設備安裝於室外，此設備僅適合放置於室內。 • 請勿隨一般垃圾丟棄。 • 請參閱產品背貼上的設備額定功率。 • 請參考產品型錄或是彩盒上的作業溫度。 • 設備必須接地，接地導線不允許被破壞或沒有適當安裝接地導線，如果不確定接地方式是否符合要求可聯繫相應的電氣檢驗機構檢驗。 • 如果您提供的系統中有提供熱插拔電源，連接或斷開電源請遵循以下指導原則 - 先連接電源線至設備連，再連接電源。 - 先斷開電源再拔除連接至設備的電源線。 - 如果系統有多個電源，需拔除所有連接至電源的電源線再關閉設備電源。 MES3500-24S/MGS3520 Series User’s Guide...
Page 416 North American products. Trademarks ZyNOS (Zyxel Network Operating System) and ZON (Zyxel One Network)are registered trademarks of Zyxel Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Page 417: Index
ARP inspection 235, 237 classifier 178, 181 and MAC filter and QoS configuring editing syslog messages example trusted ports overview ARP-Reply setup 178, 181 ARP-Request viewing authentication cloning a port See port cloning and RADIUS cluster management MES3500-24S/MGS3520 Series User’s Guide...
Page 418 Error Disable daylight saving time error disable default Ethernet settings control packets status DHCP configuration options error disable detect modes error disable recovery relay agent configuration relay example overview setup 320, 326 Ethernet broadcast address 334, 384 MES3500-24S/MGS3520 Series User’s Guide...
Page 419 GARP timer fast 83, 100 mormal general setup IGMP snooping getting help Gigabit ports IGMP throttling GMT (Greenwich Mean Time) ingress port gratuitous ARP installation green Ethernet desktop and uplink port precautions auto power down rack-mounting MES3500-24S/MGS3520 Series User’s Guide...
Page 420 LACP login password MAC address mode loop guard overview how it works PAgP port shut down point to point probe packet loop guard, vs STP tunnel port MES3500-24S/MGS3520 Series User’s Guide...
Page 421 Multiple Spanning Tree Instance, See MSTI Metric Multiple Spanning Tree Protocol Multiple Spanning Tree Protocol, See MSTP. and SNMP Multiple STP supported MIBs Multiple STP, see MSTP MIB (Management Information Base) mirroring ports configuration MLD filtering profile group configuration MES3500-24S/MGS3520 Series User’s Guide...
Page 422 108, 110 port details isolate traffic port isolation priority 108, 110 port mirroring 149, 151 PVID 99, 106 direction 151, 153 PVID (Priority Frame) egress 151, 153 ingress 151, 153 port redundancy MES3500-24S/MGS3520 Series User’s Guide...
Page 423 Spanning Tree Protocol, See STP. monitor port SPQ (Strict Priority Queuing) reflector port source encryption methods Round Robin Scheduling how it works RSTP implementation SSH (Secure Shell) Secure Shell, See SSH SSL (Secure Socket Layer) standby ports MES3500-24S/MGS3520 Series User’s Guide...
Page 424 DHCP VLAN ARP inspection and priority DHCP snooping configuration PPPoE IA switch lockout Tunnel Protocol Attribute, and RADIUS switch reset tutorials switch setup DHCP snooping syslog 238, 372 Error Disable protocol PPPoE IA MES3500-24S/MGS3520 Series User’s Guide...
Page 425 WRR (Weighted Round Robin Scheduling) port-based, isolation port-based, wizard static VLAN status 102, 103 tagged trunking 101, 106 ZyNOS (ZyXEL Network Operating System) type 83, 101 VLAN (Virtual Local Area Network) VLAN ID VLAN mapping activating configuration example MES3500-24S/MGS3520 Series User’s Guide...

This manual is also suitable for:

Mgs3520 series Mgs3520-28 Mgs3520-28f Mgs3520-50

ZyXEL Communications MES3500-24S User Manual

Chapter 3 Hardware Overview

Chapter 6 Tutorials

Chapter 8 Basic Setting

Chapter 9 VLAN

Chapter 12 Filtering

Chapter 14 Bandwidth Control

Chapter 16 Mirroring

Chapter 17 Link Aggregation

Chapter 18 Port Authentication

Chapter 19 Port Security

Chapter 20 Range Profile

Chapter 21 Classifier

Chapter 22 Policy Rule

Chapter 23 Queuing Method

Chapter 24 VLAN Stacking

Chapter 25 Multicast

Chapter 26 AAA

Chapter 27 IP Source Guard

Chapter 28 Loop Guard

Chapter 29 VLAN Mapping

Chapter 31 Sflow

Chapter 32 Pppoe

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications MES3500-24S

Summary of Contents for ZyXEL Communications MES3500-24S