Page 1 ES-2048 Intelligent Layer 2 Switch 48-port Fast Ethernet + 2 GbE Dual Personality Interfaces (Copper/SFP) User’s Guide Version 3.70 8/2006 Edition 1...
Page 4: Certifications
FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This device generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications.
Page 5 ES-2048 User’s Guide 2 Select your product from the drop-down list box on the ZyXEL home page to go to that product's page. 3 Select the certification you wish to view from this page. Certifications...
Page 6: Safety Warnings
ES-2048 User’s Guide For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. •...
Page 7 ES-2048 User’s Guide This product is recyclable. Dispose of it properly. Safety Warnings...
Page 8: Zyxel Limited Warranty
ES-2048 User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever...
Page 9: Customer Support
+7-3272-590-689 1-800-255-4101 www.us.zyxel.com +1-714-632-0882 +1-714-632-0858 ftp.us.zyxel.com ES-2048 User’s Guide REGULAR MAIL ZyXEL Communications Corp. 6 Innovation Road II Science Park Hsinchu 300 Taiwan ZyXEL Costa Rica Plaza Roble Escazú Etapa El Patio, Tercer Piso San José, Costa Rica ZyXEL Communications Czech s.r.o.
Page 10 +46-31-744-7701 www.ua.zyxel.com +380-44-494-49-32 +44-1344 303044 www.zyxel.co.uk 08707 555779 (UK only) +44-1344 303034 ftp.zyxel.co.uk REGULAR MAIL ZyXEL Communications A/S Nils Hansens vei 13 0667 Oslo Norway ZyXEL Communications ul. Okrzei 1A 03-715 Warszawa Poland ZyXEL Russia Ostrovityanova 37a Str. Moscow, 117279...
Page 11: Table Of Contents
2.1 Freestanding Installation ...37 2.2 Mounting the Switch on a Rack ...38 2.2.1 Rack-mounted Installation Requirements ...38 2.2.1.1 Precautions ...38 2.2.2 Attaching the Mounting Brackets to the Switch ...38 2.2.3 Mounting the Switch on a Rack ...38 Table of Contents Table of Contents...
Page 12 Initial Setup Example ... 57 5.1 Overview ...57 5.1.1 Creating a VLAN ...57 5.1.2 Setting Port VID ...58 5.2 Configuring Switch Management IP Address ...59 Chapter 6 System Status and Port Statistics ... 61 6.1 Overview ...61 6.2 Port Status Summary 6.2.1 Status: Port Details...
Page 13 7.2 System Information 7.3 General Setup 7.4 Introduction to VLANs ...71 7.5 Switch Setup Screen 7.6 IP Setup 7.6.1 Management IP Addresses ...74 7.7 Port Setup Chapter 8 VLAN ... 81 8.1 Introduction to IEEE 802.1Q Tagged VLAN 8.1.1 Forwarding Tagged and Untagged Frames ...81 8.2 Automatic VLAN Registration ...82...
Page 14 ES-2048 User’s Guide 11.1.3 STP Port States ...106 11.2 Rapid Spanning Tree Protocol Status 11.3 Configure Rapid Spanning Tree Protocol Chapter 12 Bandwidth Control ... 113 12.1 Bandwidth Control Overview ...113 12.1.1 CIR and PIR ...113 12.2 Bandwidth Control Setup ...113 Chapter 13 Broadcast Storm Control...
Page 15 Chapter 18 Queuing Method... 141 18.1 Queuing Method Overview ...141 18.1.1 Strictly Priority ...141 18.1.2 Weighted Fair Queuing ...141 18.1.3 Weighted Round Robin Scheduling (WRR) ...142 18.2 Configuring Queuing ...142 Chapter 19 Multicast... 145 19.1 Multicast Overview ...145 19.1.1 IP Multicast Addresses ...145 19.1.2 IGMP Filtering ...145 19.1.3 IGMP Snooping ...145 19.2 Multicast Status ...146...
Page 16 24.3.3 Configuring SNMP ...180 24.4 Setting Up Login Accounts 24.5 SSH Overview ...182 24.6 How SSH works ...182 24.7 SSH Implementation on the Switch ...183 24.7.1 Requirements for Using SSH ...184 24.8 Introduction to HTTPS ...184 24.9 HTTPS Example ...185 24.9.1 Internet Explorer Warning Messages ...185...
Page 17 Cluster Management ... 197 27.1 Clustering Management Status Overview ...197 27.2 Clustering Management Status ...198 27.2.1 Cluster Member Switch Management ...199 27.2.1.1 Uploading Firmware to a Cluster Member Switch ...200 27.3 Clustering Management Configuration ...201 Chapter 28 MAC Table ... 205 28.1 MAC Table Overview ...205...
Page 18 ES-2048 User’s Guide 31.10 Saving Your Configuration ...217 31.10.1 Switch Configuration File ...217 31.10.2 Logging Out ...218 31.11 Command Summary ...218 31.11.1 User Mode ...218 31.11.2 Enable Mode ...219 31.11.3 General Configuration Mode ...224 31.11.4 interface port-channel Commands ...233 31.11.5 config-vlan Commands ...237 31.11.6 mvr Commands ...238...
Page 19 33.8 Enabling Trunking ...258 33.9 Enabling Port Authentication ...259 33.9.1 RADIUS Server Settings ...259 33.9.2 Port Authentication Settings ...260 Chapter 34 Interface Commands... 263 34.1 Overview ...263 34.2 Interface Command Examples ...263 34.2.1 interface port-channel ...263 34.2.2 bpdu-control ...263 34.2.3 broadcast-limit ...264 34.2.4 bandwidth-limit ...264 34.2.5 mirror ...265 34.2.6 gvrp ...266...
Page 20 36.1 Overview ...279 36.2 Create Multicast VLAN ...279 Chapter 37 Troubleshooting ... 281 37.1 Problems Starting Up the Switch ...281 37.2 Problems Accessing the Switch ...281 37.2.1 Pop-up Windows, JavaScripts and Java Permissions ...282 37.2.1.1 Internet Explorer Pop-up Blockers ...282 37.2.1.2 JavaScripts ...285...
Page 21: List Of Figures
Figure 18 Example Xmodem Upload ... 54 Figure 19 Reload the Configuration file: Via Console Port ... 55 Figure 20 Resetting the Switch: Via the Console Port ... 56 Figure 21 Web Configurator: Logout Screen ... 56 Figure 22 Initial Setup Network Example: VLAN ... 57 Figure 23 Initial Setup Network Example: Port VID ...
Page 22 ES-2048 User’s Guide Figure 39 Protocol Based VLAN ... 92 Figure 40 Protocol Based VLAN Configuration Example ... 93 Figure 41 Port Based VLAN Setup (All Connected) ... 95 Figure 42 Port Based VLAN Setup (Port Isolation) ... 96 Figure 43 Static MAC Forwarding ... 100 Figure 44 Filtering ...
Page 23 Figure 97 Clustering Application Example ... 198 Figure 98 Clustering Management: Status ... 199 Figure 99 Cluster Management: Cluster Member Web Configurator Screen ... 200 Figure 100 Example: Uploading Firmware to a Cluster Member Switch ... 201 Figure 101 Clustering Management Configuration ... 202 Figure 102 MAC Table Flowchart ...
Page 24 ES-2048 User’s Guide List of Figures...
Page 25: List Of Tables
Table 26 Bandwidth Control ... 114 Table 27 Broadcast Storm Control ... 118 Table 28 Mirroring ... 122 Table 29 Link Aggregation ID: Local Switch ... 126 Table 30 Link Aggregation ID: Peer Switch ... 126 Table 31 Link Aggregation Control Protocol Status ... 127 Table 32 Link Aggregation Control Protocol: Configuration ...
Page 26 Table 74 interface port-channel Commands ... 233 Table 75 Command Summary: config-vlan Commands ... 237 Table 76 mvr Commands ... 239 Table 77 Troubleshooting the Start-Up of Your Switch ... 281 Table 78 Troubleshooting Accessing the Switch ... 281 Table 79 Troubleshooting the Password ... 289 Table 80 General Product Specifications ...
Page 27 ES-2048 User’s Guide Table 82 Physical and Environmental Specifications ... 292 Table 83 Classes of IP Addresses ... 296 Table 84 Allowed IP Address Range By Class ... 296 Table 85 “Natural” Masks ... 297 Table 86 Alternative Subnet Mask Notation ... 297 Table 87 Two Subnets Example ...
Page 28 ES-2048 User’s Guide List of Tables...
Page 29: Preface
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”. • The ES-2048 Intelligent Layer 2 Switch may be referred to as “the ES-2048”, “the switch”, or “the device” in this User’s Guide.
Page 30: User Guide Feedback
Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.
Page 31: Getting To Know Your Switch
GBIC transceiver (SFP module) with one port active at a time. With its built-in web configurator, managing and configuring the switch is easy. In addition, the switch can also be managed via Telnet, any terminal emulator program on the console port, or third-party SNMP management.
Page 32: Port Mirroring
(R)STP detects and breaks network loops and provides backup links between switches, bridges or routers. It allows a switch to interact with other (R)STP -compliant switches in your network to ensure that only one path exists between any two stations on the network.
Page 33: System Monitoring
Maintenance and Management Features • Access Control You can specify the service(s) and computer IP address(es) to control access to the switch for management. • Cluster Management Cluster management (also known as iStacking) allows you to manage switches through one switch, called the cluster manager.
Page 34: Hardware Features
• IEEE 802.3x flow control in full duplex mode Two Gigabit Ethernet Ports for Uplink Modules The gigabit ports allow the ES-2048 to connect to another WAN switch or daisy-chain to other switches. Chapter 1 Getting to Know Your Switch...
Page 35: Applications
Console Port Use the console port for local management of the switch. Fans The fans cool the switch sufficiently to allow reliable operation of the switch in even poorly ventilated rooms or basements. 1.4 Applications This section shows a few examples of using the switch in various network environments.
Page 36: Bridging Example
Sales) to the corporate backbone. It can alleviate bandwidth contention and eliminate server and network bottlenecks. All users that need high bandwidth can connect to high-speed department servers via the switch. You can provide a super-fast uplink connection by using a Gigabit Ethernet/mini-GBIC port on the switch.
Page 37: Ieee 802.1Q Vlan Application Examples
Ethernet cables and adapter cards, restructuring your network and complex maintenance. The switch can provide the same bandwidth as ATM at much lower cost while still being able to use existing adapters and switches.
Page 38: Vlan Shared Server Example
In this example, only ports that need access to the server need belong to VLAN 1. Ports can belong to other VLAN groups too. Figure 5 Shared Server Using VLAN Example Chapter 1 Getting to Know Your Switch...
Page 39: Hardware Installation And Connection
4 Remove the adhesive backing from the rubber feet. 5 Attach the rubber feet to each corner on the bottom of the switch. These rubber feet help protect the switch from shock or vibration and ensure space between devices when stacking.
Page 40: Mounting The Switch On A Rack
2.2.2 Attaching the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the switch, lining up the four screw holes on the bracket with the screw holes on the side of the switch.
Page 41: Figure 8 Mounting The Switch On A Rack
ES-2048 User’s Guide Figure 8 Mounting the Switch on a Rack 2 Using a #2 Philips screwdriver, install the M5 flat head screws through the mounting bracket holes into the rack. 3 Repeat steps to attach the second mounting bracket on the other side of the rack.
Page 42 ES-2048 User’s Guide Chapter 2 Hardware Installation and Connection...
Page 43: Chapter 3 Hardware Overview
This chapter describes the front panel and rear panel of the switch and shows you how to make the hardware connections. 3.1 Panel Connections The figures below show the front panel and the rear panel of the switch. Figure 9 Front Panel...
Page 44: Console Port
• No parity, 8 data bits, 1 stop bit • No flow control Connect the male 9-pin end of the console cable to the console port of the switch. Connect the female end to a serial port (COM1, COM2 or other COM port) of your computer.
Page 45: Mini-Gbic Slots
These are slots for mini-GBIC (Gigabit Interface Converter) transceivers. A transceiver is a single unit that houses a transmitter and a receiver. The switch does not come with transceivers. You must use transceivers that comply with the SFP Transceiver MultiSource Agreement (MSA).
Page 46: Transceiver Removal
Make sure you are using the correct power source as shown on the panel. To connect the power to the switch, insert the female end of power cord to the power receptacle on the rear panel. Connect the other end of the supplied power cord to the power source.
Page 47: Leds
3.2 LEDs The following table describes the LEDs on the switch. Table 2 LEDs COLOR Green Green 48 Ethernet Ports Green Amber Uplink Gigabit Port 1000 Green Amber GBIC Slots Green Green MGMT Green Amber Chapter 3 Hardware Overview STATUS DESCRIPTION The system is turned on.
Page 48 ES-2048 User’s Guide Chapter 3 Hardware Overview...
Page 49: The Web Configurator
4.2 System Login 1 Start your web browser. 2 Type “http://” and the IP address of the switch (for example, the default for the management port is 192.168.0.1 and for the switch port is 192.168.1.1) in the Location or Address field. Press 3 The login screen appears.
Page 50: The Status Screen
B - Click this link to save your configuration into the switch’s nonvolatile memory. Nonvolatile memory is the configuration of your switch that stays the same even if the switch’s power is turned off.
Page 51: Menu Overview
4.4 Menu Overview In the navigation panel, click a main link to reveal a list of submenu links. Table 3 Navigation Panel Sub-links Overview BASIC SETTING Chapter 4 The Web Configurator ADVANCED ROUTING PROTOCOL MANAGEMENT APPLICATION ES-2048 User’s Guide...
Page 52: Table 4 Web Configurator Screen Sub-Links Details
This link takes you to a screen where you can configure general identification information about the switch. Switch Setup This link takes you to a screen where you can set up global switch parameters such as VLAN type, MAC address learning, GARP and priority queues. ADVANCED...
Page 53 This link takes you to a screen where you can configure the management IP address, subnet mask (necessary for switch management) and DNS (domain name server). Port Setup This link takes you to screens where you can configure settings for individual switch ports. Advanced Application VLAN This link takes you to screens where you can configure port-based or 802.1Q VLAN...
Page 54: Change Your Password
ES-2048 User’s Guide Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Syslog This link takes you to screens where you can setup system logs and a system log server. Cluster This link takes you to a screen where you can configure clustering management Management and view its status.
Page 55: Switch Lockout
7 Prevent all services from accessing the switch. 8 Change a service port number but forget it. Note: Be careful not to lock yourself and others out of the switch. If you do lock yourself out, try using out-of-band management (via the management port) to configure the ES-2048.
Page 56: Figure 18 Example Xmodem Upload
1 Connect to the console port using a computer with terminal emulation software. See Section 3.1.1 on page 42 2 Disconnect and reconnect the switch’s power to begin a session. When you reconnect the switch’s power, you will see the initial screen.
Page 57: Reset To The Factory Defaults
1 Connect to the console port using a computer with terminal emulation software. See the chapter on hardware connections for details. 2 Disconnect and reconnect the switch's power to begin a session. When you reconnect the switch's power, you will see the initial screen.
Page 58: Logging Out Of The Web Configurator
Click Logout in a screen to exit the web configurator. You have to log in with your password again after you log out. This is recommended after you finish a management session both for security reasons and so as you don’t lock out other switch administrators. Figure 21 Web Configurator: Logout Screen 4.9 Help...
Page 59: Initial Setup Example
This chapter shows how to set up the switch for an example network. 5.1 Overview The following lists the configuration steps for the initial setup: • Create a VLAN • Set port VLAN ID • Configure the switch IP management address 5.1.1 Creating a VLAN...
Page 60: Setting Port Vid
IP Setup screen refer to the same VLAN ID. 3 Since the VLAN2 network is connected to port 1 on the switch, select Fixed to configure port 1 to be a permanent member of the VLAN only. 4 To ensure that VLAN-unaware devices (such as computers and hubs) can receive frames properly, clear the TX Tagging check box to set the switch to remove VLAN tags before sending.
Page 61: Configuring Switch Management Ip Address
Figure 24 Initial Setup Example: Management IP Address 1 Connect your computer to any Ethernet port on the switch. Make sure your computer is in the same subnet as the switch. 2 Open your web browser and enter 192.168.1.1 (the default IP address) in the address bar to access the web configurator.
Page 62 This is the same as the VLAN ID you configure in the Static VLAN screen. 6 Select the Manageable check box to allow the switch to be managed from the ports belonging to VLAN2 using this specified IP address.
Page 63: System Status And Port Statistics
System Status and Port This chapter describes the system status (web configurator home page) and port details screens. 6.1 Overview The home screen of the web configurator displays a port statistical summary table with links to each port showing statistical details. 6.2 Port Status Summary To view the port statistics, click Status in all web configurator screens to display the Status screen as shown next.
Page 64: Figure 25 Status
ES-2048 User’s Guide Figure 25 Status The following table describes the labels in this screen. Table 6 Status LABEL DESCRIPTION Port This identifies the Ethernet port. Click a port number to display the Port Details screen (refer to Name This is the name you assigned to this port in the Basic Setting, Port Setup screen. Link This field displays the speed (either 10M for 10Mbps, 100M for 100Mbps or 1000M for 1000Mbps) and the duplex (F for full duplex or H for half).
Page 65: Status: Port Details
Click a number in the Port column in the Status screen to display individual port statistics. Use this screen to check status and detailed performance data about an individual port on the switch. Chapter 6 System Status and Port Statistics...
Page 66: Figure 26 Status: Port Details
ES-2048 User’s Guide Figure 26 Status: Port Details The following table describes the labels in this screen. Table 7 Status: Port Details LABEL DESCRIPTION Port Info Port NO. This field displays the port number. Name This is the name you assigned to this port in the Basic Setting, Port Setup screen. Link This field shows whether the Ethernet connection is down, and the speed/duplex mode.
Page 67 Table 7 Status: Port Details (continued) LABEL DESCRIPTION Status If STP (Spanning Tree Protocol) is enabled, this field displays the STP state of the port (see Section 11.1 on page 105 If STP is disabled, this field displays FORWARDING if the link is up, otherwise, it displays STOP.
Page 68 ES-2048 User’s Guide Table 7 Status: Port Details (continued) LABEL DESCRIPTION Runt This field shows the number of packets received that were too short (shorter than 64 octets), including the ones with CRC errors. Distribution This field shows the number of packets (including bad packets) received that were 64 octets in length.
Page 69: Chapter 7 Basic Setting
The real time is then displayed in the switch logs. The Switch Setup screen allows you to set up and configure global switch features. The IP Setup screen allows you to configure a switch IP address, subnet mask(s) and DNS (domain name server) for management purposes.
Page 70: Figure 27 System Info
You may choose the temperature unit (Centigrade or Fahrenheit) in this field. Temperature MAC, CPU and PHY refer to the location of the temperature sensors on the switch printed circuit board. Current This field displays the current temperature measured at this sensor.
Page 71: General Setup
This field displays the maximum voltage measured at this point. This field displays the minimum voltage measured at this point. Threshold This field displays the minimum voltage at which the switch should work. Status Normal indicates that the voltage is within an acceptable operating range at this point;...
Page 72: Figure 28 General Setup
Enter the geographic location of your switch. You can use up to 32 printable ASCII characters; spaces are allowed. Contact Person's Enter the name of the person in charge of this switch. You can use up to 32 Name printable ASCII characters; spaces are allowed.
Page 73: Introduction To Vlans
1970-1-1 0:0. Time Server IP Enter the IP address of your timeserver. The switch searches for the timeserver for Address up to 60 seconds. If you select a timeserver that is unreachable, then this screen will appear locked for 60 seconds.
Page 74: Switch Setup Screen
Chapter 8 on page 81 7.5 Switch Setup Screen Click Basic Setting and then Switch Setup in the navigation panel to display the screen as shown. The VLAN setup screens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. Refer to the chapter on VLAN.
Page 75 Use the next two fields to configure the priority level-to-physical queue mapping. The switch has eight physical queues that you can map to the 8 priority levels. On the switch, traffic assigned to higher index queues gets through faster while traffic in lower index queues is dropped if the network is congested.
Page 76: Ip Setup
IP address. 7.6.1 Management IP Addresses The switch needs an IP address for it to be managed over the network. The factory default IP address is 192.168.1.1. The subnet mask specifies the network number portion of an IP address.
Page 77: Figure 30 Ip Setup
ES-2048 User’s Guide Figure 30 IP Setup Chapter 7 Basic Setting...
Page 78: Table 11 Ip Setup
In-band Management IP Address DHCP Client Select this option if you have a DHCP server that can assign the switch an IP address, subnet mask, a default gateway IP address and a domain name server IP address automatically. Static IP Select this option if you don’t have a DHCP server or if you wish to assign static IP...
Page 79: Port Setup
Select this option to allow the switch to be managed using this specified IP address. Click Add to save the new rule to the switch’s run-time memory. It then displays in the summary table at the bottom of the screen.
Page 80: Figure 31 Port Setup
ES-2048 User’s Guide Figure 31 Port Setup The following table describes the labels in this screen. Table 12 Port Setup LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 81 When auto-negotiation is turned on, a port on the switch negotiates with the peer automatically to determine the connection speed and duplex mode. If the peer port does not support auto-negotiation or turns off this feature, the switch determines the connection speed by detecting the signal on the cable and using half duplex mode.
Page 82 ES-2048 User’s Guide Chapter 7 Basic Setting...
Page 83: Chapter 8 Vlan
The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. 8.1 Introduction to IEEE 802.1Q Tagged VLAN A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were created.
Page 84: Automatic Vlan Registration
GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Enable this function to permit VLANs groups beyond the local switch. Please refer to the following table for common GARP terminology.
Page 85: Port Vlan Trunking
C, D and E; otherwise they will drop frames with unknown VLAN group tags. However, with VLAN Trunking enabled on a port(s) in each intermediary switch you only need to create VLAN groups in the end devices (A and B). C, D and E automatically allow frames with VLAN group tags 1 and 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking port(s).
Page 86: Static Vlan
The following table describes the labels in this screen. Table 14 VLAN: VLAN Status LABEL DESCRIPTION The Number of This is the number of VLANs configured on the switch. VLAN Index This is the VLAN index number. Click on an index number to view more VLAN details.
Page 87: Static Vlan Details
This field shows how long it has been since a normal VLAN was registered or a static VLAN was set up. Status This field shows how this VLAN was added to the switch; dynamic - using GVRP, static - added as a permanent entry or other - added using Multicast VLAN Registration (MVR).
Page 88: Configure A Static Vlan
ES-2048 User’s Guide 8.5.3 Configure a Static VLAN Use this screen to configure and view 802.1Q VLAN parameters for the switch. See 8.1 on page 81 for more information on static VLAN. To configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next.
Page 89: Figure 36 Vlan: Static Vlan
ES-2048 User’s Guide Figure 36 VLAN: Static VLAN Chapter 8 VLAN...
Page 90: Configure Vlan Port Settings
Select TX Tagging if you want the port to tag all outgoing frames transmitted with this VLAN Group ID. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 91: Figure 37 Vlan: Vlan Port Setting
ES-2048 User’s Guide Figure 37 VLAN: VLAN Port Setting Chapter 8 VLAN...
Page 92: Protocol Based Vlans
When an upstream frame is received on a port (configured for a protocol based VLAN), the switch checks if a tag is added already and its protocol. The untagged packets of the same protocol are then placed in the same protocol based VLAN. One advantage of using protocol based VLANs is that priority can be assigned to traffic of the same protocol.
Page 93: Configuring Protocol Based Vlan
Apple Talk traffic from port 6 and 7 will be in another group and have higher priority than ARP traffic, when they go through the uplink port to a backbone switch C. Figure 38 Protocol Based VLAN Application Example 8.7 Configuring Protocol Based VLAN...
Page 94: Figure 39 Protocol Based Vlan
Advanced Applications, VLAN screens. Priority Select the priority level that the switch will assign to frames belonging to this VLAN. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 95: Create An Ip-Based Vlan Example
Table 18 Protocol Based VLAN Setup (continued) LABEL DESCRIPTION This field shows the VLAN ID of the port. Priority This field shows the priority which is assigned to frames belonging to this protocol based VLAN. Delete Click this to delete the protocol based VLANs which you marked for deletion. Cancel Click Cancel to reset the fields.
Page 96: Port Based Vlan Setup
Port-based VLANs are specific only to the switch on which they were created. Note: When you activate port-based VLAN, the switch uses a default VLAN ID of 1. You cannot change it.
Page 97: Figure 41 Port Based Vlan Setup (All Connected)
ES-2048 User’s Guide Figure 41 Port Based VLAN Setup (All Connected) Chapter 8 VLAN...
Page 98: Figure 42 Port Based Vlan Setup (Port Isolation)
ES-2048 User’s Guide Figure 42 Port Based VLAN Setup (Port Isolation) Chapter 8 VLAN...
Page 99: Table 19 Port Based Vlan Setup
(its outgoing port). CPU refers to the switch management port. By default it forms a VLAN with all Ethernet ports. If it does not form a VLAN with a particular port then the switch cannot be managed from that port.
Page 100 ES-2048 User’s Guide Chapter 8 VLAN...
Page 101: Static Mac Forwarding
MAC addresses for a port. This may reduce the need for broadcasting. Static MAC address forwarding together with port security allow only computers in the MAC address table on a port to access the switch. See on port security.
Page 102: Figure 43 Static Mac Forwarding
Enter the port where the MAC address entered in the previous field will be automatically forwarded. Click Add to save your rule to the switch’s run-time memory. The switch loses this rule if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 103 Table 20 Static MAC Forwarding (continued) LABEL DESCRIPTION Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. Chapter 9 Static MAC Forwarding ES-2048 User’s Guide...
Page 104 ES-2048 User’s Guide Chapter 9 Static MAC Forwarding...
Page 105: Chapter 10 Filtering
This chapter discusses and MAC address port filtering. 10.1 Configure a Filtering Rule Filtering means sifting traffic going through the switch based on the source and/or destination MAC addresses and VLAN group (ID). Click Advanced Application and Filtering in the navigation panel to display the screen as shown next.
Page 106 MAC field). The switch can still send frames to the MAC address. Select Discard destination to drop frames to the destination MAC address (specified in the MAC field). The switch can still receive frames originating from the MAC address. Select Discard source and Discard destination to block traffic to/from the MAC address specified in the MAC field.
Page 107: Spanning Tree Protocol
(R)STP detects and breaks network loops and provides backup links between switches, bridges or routers. It allows a switch to interact with other (R)STP -compliant switches in your network to ensure that only one path exists between any two stations on the network.
Page 108: How Stp Works
On each bridge, the root port is the port through which this bridge communicates with the root. It is the port on this switch with the lowest path cost to the root (the root path cost). If there is no root port, then this switch has been accepted as the root bridge of the spanning tree network.
Page 109: Rapid Spanning Tree Protocol Status
This switch may also be the root bridge. Bridge ID This is the unique identifier for this bridge, consisting of bridge priority plus MAC address. This ID is the same for Root and Our Bridge if the switch is the root switch. Hello Time...
Page 110: Configure Rapid Spanning Tree Protocol
Cost to Bridge This is the path cost from the root port on this switch to the root switch. Port ID This is the priority and number of the port on the switch through which this switch must communicate with the root of the Spanning Tree.
Page 111: Figure 46 Spanning Tree Protocol: Configuration
ES-2048 User’s Guide Figure 46 Spanning Tree Protocol: Configuration Chapter 11 Spanning Tree Protocol...
Page 112: Table 25 Spanning Tree Protocol: Configuration
(provided in the last BPDU) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the switch ports attached to the network. The allowed range is 6 to 40 seconds.
Page 113 DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 114 ES-2048 User’s Guide Chapter 11 Spanning Tree Protocol...
Page 115: Bandwidth Control
This chapter shows you how you can cap the maximum bandwidth using the Bandwidth Control screen. 12.1 Bandwidth Control Overview Bandwidth control means defining a maximum allowable bandwidth for incoming and/or out- going traffic flows on a port. 12.1.1 CIR and PIR The Committed Information Rate (CIR) is the guaranteed bandwidth for the incoming traffic flow on a port.
Page 116: Figure 47 Bandwidth Control
Figure 47 Bandwidth Control The following table describes the related labels in this screen. Table 26 Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the switch. Port This field displays the port number. Chapter 12 Bandwidth Control...
Page 117 Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 118: Table 26 Bandwidth Control
ES-2048 User’s Guide Chapter 12 Bandwidth Control...
Page 119: Broadcast Storm Control
Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the switch receives per second on the ports. When the maximum number of allowable broadcast, multicast and/or DLF packets is reached per second, the subsequent packets are discarded.
Page 120: Figure 48 Broadcast Storm Control
Table 27 Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the switch. Clear this check box to disable this feature. Port This field displays a port number. Chapter 13 Broadcast Storm Control...
Page 121 Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 122 ES-2048 User’s Guide Chapter 13 Broadcast Storm Control...
Page 123: Chapter 14 Mirroring
This chapter discusses the Mirror setup screens. 14.1 Port Mirroring Setup Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the mirror port without interference. Click Advanced Application, Mirroring in the navigation panel to display the Mirroring screen.
Page 124: Figure 49 Mirroring
LABEL DESCRIPTION Active Select this check box to activate port mirroring on the switch. Clear this check box to disable the feature. Monitor The monitor port is the port you copy the traffic to in order to examine it in more detail Port without interfering with the traffic flow on the original port(s).
Page 125 Choices are Egress (outgoing), Ingress (incoming) and Both. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 126 ES-2048 User’s Guide Chapter 14 Mirroring...
Page 127: Chapter 15 Link Aggregation
“standby” ports become operational without user intervention. Please note that: • You must connect all ports point-to-point to the same Ethernet switch and configure the ports for LACP trunking.
Page 128: Link Aggregation Id
ES-2048 User’s Guide 15.2.1 Link Aggregation ID LACP aggregation ID consists of the following information Table 29 Link Aggregation ID: Local Switch SYSTEM PRIORITY MAC ADDRESS 0000 Table 30 Link Aggregation ID: Peer Switch SYSTEM PRIORITY MAC ADDRESS 0000 15.3 Link Aggregation Control Protocol Status Click Advanced Application, Link Aggregation in the navigation panel.
Page 129: Link Aggregation Setup
The following table describes the labels in this screen. Table 31 Link Aggregation Control Protocol Status LABEL DESCRIPTION Index This field displays the trunk ID to identify a trunk group, that is, one logical link containing multiple ports. Aggregator ID LACP aggregation ID consists of the following: system priority, MAC address, key, port priority and port number.
Page 130: Figure 51 Link Aggregation: Configuration
ES-2048 User’s Guide Figure 51 Link Aggregation: Configuration Chapter 15 Link Aggregation...
Page 131: Table 32 Link Aggregation Control Protocol: Configuration
Select this checkbox to enable Link Aggregation Control Protocol (LACP). System LACP system priority is a number between 1 and 65,535. The switch with the lowest Priority system priority (and lowest port number if system priority is the same) becomes the LACP “server”.
Page 132 ES-2048 User’s Guide Chapter 15 Link Aggregation...
Page 133: Chapter 16 Port Authentication
16.1.1.1 Vendor Specific Attribute A Vendor Specific Attribute (VSA) is an attribute-value pair that is sent between a RADIUS server and the switch. Configure VSAs on the RADIUS server to set the switch to perform the following actions on an authenticated user: •...
Page 134: Tunnel Protocol Attribute
16.1.1.2 Tunnel Protocol Attribute You can configure tunnel protocol attributes on the RADIUS server to assign a port on the switch to a VLAN (fixed, untagged). This will also set the port’s VID. Refer to RFC 3580 for more information.
Page 135: Configuring Radius Server Settings
16.2.1 Configuring RADIUS Server Settings From the Port Authentication screen, click RADIUS to display the configuration screen as shown. You can configure two RADIUS servers on the switch. Use this screen to configure the first RADIUS server. Note: Use the CLI to configure the first or second RADIUS server.
Page 136: Activate Ieee 802.1X Security
ES-2048 User’s Guide 16.2.2 Activate IEEE 802.1x Security Use this screen to activate IEEE 802.1x security. From the Port Authentication screen, display the configuration screen as shown. Chapter 16 Port Authentication...
Page 137: Figure 55 Port Authentication: 802.1X
ES-2048 User’s Guide Figure 55 Port Authentication: 802.1x Chapter 16 Port Authentication...
Page 138: Table 36 Port Authentication: 802.1X
Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 139: Port Security
Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the switch. The switch can learn up to 16K MAC addresses in total with no limit on individual ports other than the sum cannot exceed 16K.
Page 140: Figure 56 Port Security
Figure 56 Port Security The following table describes the labels in this screen. Table 37 Port Security LABEL DESCRIPTION Active Select this option to enable port security on the switch. Port This field displays a port number. Chapter 17 Port Security...
Page 141 MAC addresses aged out. MAC address aging out time can be set in the Switch Setup screen. The valid range is from “0” to “254”. “0” means this feature is disabled.
Page 142: Table 37 Port Security
ES-2048 User’s Guide Chapter 17 Port Security...
Page 143: Chapter 18 Queuing Method
18.1.1 Strictly Priority Strictly Priority (SP) services queues based on priority only. As traffic comes into the switch, traffic on the highest priority queue, Q7 is transmitted first. When that queue empties, traffic on the next highest-priority queue, Q6 is transmitted until Q6 empties, and then traffic is transmitted on Q5 and so on.
Page 144: Weighted Round Robin Scheduling (Wrr)
ES-2048 User’s Guide 18.1.3 Weighted Round Robin Scheduling (WRR) Round Robin Scheduling services queues on a rotating basis and is activated only when a port has more traffic than it can handle. A queue is a given an amount of bandwidth irrespective of the incoming traffic on that port.
Page 145: Figure 57 Queuing Method
ES-2048 User’s Guide Figure 57 Queuing Method Chapter 18 Queuing Method...
Page 146: Table 38 Queuing Method
Enable subsequent queue(s) after and including the specified queue for the 10/100 Mbps Ethernet ports. For example, if you select Q5, the switch services traffic on Q5, Q6 and Q7 using Strictly Priority. Select None to always use WFQ or WRR for the 10/100 Mbps Ethernet ports.
Page 147: Chapter 19 Multicast
This allows you to control the distribution of multicast services (such as content information distribution) based on service plans and types of subscription. You can set the switch to filter the multicast group join reports on a per-port basis by configuring an IGMP filtering profile and associating the profile to a port.
Page 148: Multicast Status
ES-2048 User’s Guide The switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your switch.
Page 149: Figure 59 Multicast Setting
ES-2048 User’s Guide Figure 59 Multicast Setting Chapter 19 Multicast...
Page 150: Table 40 Multicast Setting
Note: Changes in this row are copied to all the ports as soon as you Immed. Leave Select this option to set the switch to remove this port from the multicast tree when an IGMP version 2 leave message is received on this port.
Page 151: Igmp Filtering Profile
(or server). The switch forwards IGMP join or leave packets to an IGMP query port. Select Auto to have the switch use the port as an IGMP query port if the port receives IGMP query packets. Select Fixed to have the switch always use the port as an IGMP query port. Select this when you connect an IGMP multicast server to the port.
Page 152: Figure 60 Multicast: Igmp Filtering Profile
If you want to add a single multicast IP address, enter it in both the Start Address and End Address fields. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 153: Mvr Overview
Figure 61 MVR Network Example 19.5.1 Types of MVR Ports In MVR, a source port is a port on the switch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast data. Once configured, the switch maintains a forwarding table that matches the multicast stream to the associated multicast group.
Page 154: How Mvr Works
When the subscriber changes the channel or turns off the computer, an IGMP leave message is sent to the switch to leave the multicast group. The switch sends a query to VLAN 1 on the receiver port (in this case, a DSL port on the switch). If there is another subscriber device connected to this port in the same subscriber VLAN, the receiving port will still be on the list of forwarding destination for the multicast traffic.
Page 155: Figure 63 Mvr
ES-2048 User’s Guide Figure 63 MVR Chapter 19 Multicast...
Page 156: Table 42 Mvr
Multicast VLAN Enter the VLAN ID (1 to 4094) of the multicast VLAN. 802.1p Priority Select a priority level (0-7) with which the switch replaces the priority in outgoing IGMP control packets (belonging to this multicast VLAN). Mode Specify the MVR mode on the switch. Choices are Dynamic and Compatible.
Page 157: Mvr Group Configuration
IP address for a multicast group. Refer to Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 158: Mvr Configuration Example
Select Cancel to clear the checkbox(es) in the table. 19.7.1 MVR Configuration Example The following figure shows a network example where ports 1, 2 and 3 on the switch belong to VLAN 1. In addition, port 7 belongs to the multicast group with VID 200 to receive multicast traffic (the News and Movie channels) from the remote streaming media server, S.
Page 159: Figure 66 Mvr Configuration Example
ES-2048 User’s Guide Figure 66 MVR Configuration Example To set the switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200.
Page 160: Figure 67 Mvr Group Configuration Example
ES-2048 User’s Guide Figure 67 MVR Group Configuration Example Figure 68 MVR Group Configuration Example Chapter 19 Multicast...
Page 161: Chapter 20 Dhcp Relay
You can also specify additional information for the switch to add to the client DHCP requests that it relays to the DHCP server. Please refer to RFC 3046 for more details.
Page 162: Figure 69 Dhcp Relay
This read-only field displays the system name you configure in the General Setup screen. Select the check box for the switch to add the system name to the DHCP client DHCP requests that it relays to a DHCP server. Apply Click Apply to save your changes to the switch’s run-time memory.
Page 163: Chapter 21 Static Route
This chapter shows you how to configure static routes. 21.1 Configure Static Routing Static routes tell the switch how to forward IP traffic when you configure the TCP/IP parameters manually. Click IP Application, Static Routing in the navigation panel to display the screen as shown.
Page 164 Gateway IP Enter the IP address of the gateway. The gateway is an immediate neighbor of your Address switch that will forward the packet to the destination. The gateway must be a router on the same segment as your switch. Metric The metric represents the “cost”...
Page 165: Chapter 22 Diffserv Code Point
This chapter shows you how to configure Differentiated Services (DiffServ) on the switch. 22.1 DiffServ Overview Quality of Service (QoS) is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.
Page 166: Activating Diffserv
ES-2048 User’s Guide Figure 72 DiffServ Network Example Switch A marks traffic flowing into the network based on the configured marking rules. Intermediary network devices 1 and 2 allocate network resources (such as bandwidth) by mapping the DSCP values and the associated policies.
Page 167: Figure 73 Diffserv
The following table describes the labels in this screen. Table 46 DiffServ LABEL DESCRIPTION Active Select this option to enable DiffServ on the switch. Port This field displays the index number of a port on the switch. Chapter 22 DiffServ Code Point ES-2048 User’s Guide...
Page 168: Dscp-To-Ieee802.1P Priority Mapping Settings
Click Cancel to start configuring this screen again. 22.3 DSCP-to-IEEE802.1p Priority Mapping Settings You can configure the DSCP to IEEE802.1p mapping to allow the switch to prioritize all traffic based on the incoming DSCP value according to the DiffServ to IEEE802.1p mapping table.
Page 169: Figure 74 Diffserv: Dscp Setting
To set the IEEE802.1p priority mapping, select the priority level from the drop-down list box. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 170 ES-2048 User’s Guide Chapter 22 DiffServ Code Point...
Page 171: Chapter 23 Maintenance
Table 49 Maintenance LABEL DESCRIPTION Current This field displays which configuration (Configuration 1 or Configuration 2) is currently operating on the switch. Firmware Click Click Here to go to the Firmware Upgrade screen. Upgrade Restore Click Click Here to go to the Restore Configuration screen.
Page 172: Load Factory Default
3 In the web configurator, click the Save button to make the changes take effect. If you want to access the switch web configurator again, you may need to change the IP address of your computer to be in the same subnet as that of the default switch IP address (192.168.1.1).
Page 173: Reboot System
The following screen displays. Figure 77 Reboot System: Confirmation 2 Click OK again and then wait for the switch to restart. This takes up to two minutes. This does not affect the switch’s configuration. Click Config 2 and follow steps 1 to 2 to reboot and load configuration two on the switch.
Page 174: Restore A Configuration File
Figure 78 Firmware Upgrade Type the path and file name of the firmware file you wish to upload to the switch in the File Path text box or click Browse to locate it. After you have specified the file, click Upgrade.
Page 175: Ftp Command Line
Back up your current switch configuration to a computer using the Backup Configuration screen. Figure 80 Backup Configuration Follow the steps below to back up the current switch configuration to your computer in this screen. 1 Click Backup. 2 Click Save to display the Save As screen.
Page 176: Example Ftp Commands
If your (T)FTP client does not allow you to have a destination filename different than the source, you will need to rename them as the switch only recognizes “config” and “ras”. Be sure you keep unaltered copies of both files for later use.
Page 177: Gui-Based Ftp Clients
• FTP service is disabled in the Service Access Control screen. • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the switch will disconnect the Telnet session immediately. Chapter 23 Maintenance DESCRIPTION Enter the address of the host server.
Page 178 ES-2048 User’s Guide Chapter 23 Maintenance...
Page 179: Chapter 24 Access Control
This chapter describes how to control access to the switch. 24.1 Access Control Overview A console port, Telnet, FTP, and SSH are all allowed one session, up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed.
Page 180: About Snmp
An SNMP managed network consists of two main components: agents and a manager. An agent is a management software module that resides in a managed switch (the switch). An agent translates the local management information from the managed switch into a form compatible with SNMP.
Page 181: Supported Mibs
RFC 2012 SNMPv2 MIB for TCP, RFC 2013 SNMPv2 MIB for UDP 24.3.2 SNMP Traps The switch sends traps to an SNMP manager when an event occurs. SNMP traps supported are outlined in the following table. Table 54 SNMP Traps...
Page 182: Configuring Snmp
Enter the IP addresses of up to four stations to send your SNMP traps to. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 183: Figure 84 Access Control: Logins
Note: It is highly recommended that you change the default administrator password (1234). • A non-administrator (username is something other than admin) is someone who can view but not configure switch settings. Click Access Control from the navigation panel and then click Logins from this screen. Figure 84 Access Control: Logins The following table describes the labels in this screen.
Page 184: Ssh Overview
DESCRIPTION Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 185: Ssh Implementation On The Switch
Your switch supports SSH version 2 using RSA authentication and three encryption methods (DES, 3DES and Blowfish). The SSH server is implemented on the switch for remote management and file transfer on port 22. Only one SSH connection is allowed at a time.
Page 186: Requirements For Using Ssh
(you know if data has been changed). It relies upon certificates, public keys, and private keys. HTTPS on the switch is used so that you may securely access the switch using the web configurator. The SSL protocol specifies that the SSL server (the switch) must always...
Page 187: Https Example
24.9 HTTPS Example If you haven’t changed the default HTTPS port on the switch, then in your browser enter “https://switch IP Address/” as the web site address where “switch IP Address” is the IP address or domain name of the switch you wish to access.
Page 188: The Main Screen
Figure 90 Security Certificate 2 (Netscape) 24.9.3 The Main Screen After you accept the certificate and enter the login username and password, the switch main screen appears. The lock displayed in the bottom right of the browser status bar denotes a secure connection.
Page 189: Service Port Access Control
Figure 91 24.10 Service Port Access Control Service Access Control allows you to decide what services you may use to access the switch. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later). Click Access Control to go back to the main Access Control screen.
Page 190: Remote Management
From the Access Control screen, display the Remote Management screen as shown next. You can specify a group of one or more “trusted computers” from which an administrator may use a service to manage the switch. Click Access Control to return to the Access Control screen.
Page 191: Figure 93 Access Control: Remote Management
Configure the IP address range of trusted computers from which you can manage this switch. End Address The switch checks if the client IP address of a computer requesting a service or protocol matches the range set here. The switch immediately disconnects the session if it does not match.
Page 192 ES-2048 User’s Guide Chapter 24 Access Control...
Page 193: Chapter 25 Diagnostic
IP Ping Type the IP address of a device that you want to ping in order to test a connection. Click Ping to have the switch ping the IP address (in the field to the left). Ethernet Port Test Enter the port number and click Port Test to perform internal loopback test.
Page 194 ES-2048 User’s Guide Chapter 25 Diagnostic...
Page 195: Chapter 26 Syslog
This chapter explains the syslog screens. 26.1 Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server. Syslog is defined in RFC 3164.
Page 196: Syslog Server Setup
Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 197: Figure 96 Syslog: Server Setup
The lower the number, the more critical the logs are. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 198 ES-2048 User’s Guide Chapter 26 Syslog...
Page 199: Chapter 27 Cluster Management
Cluster Member Models Cluster Manager Cluster Members In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members. Chapter 27 Cluster Management H A P T E R...
Page 200: Clustering Management Status
ES-2048 User’s Guide Figure 97 Clustering Application Example 27.2 Clustering Management Status Click Management, Cluster Management in the navigation panel to display the following screen. Note: A cluster can only have one manager. Chapter 27 Cluster Management...
Page 201: Cluster Member Switch Management
Go to the Clustering Management Status screen of the cluster manager switch and then select an Index hyperlink from the list of members to go to that cluster member switch's web configurator home page. This cluster member web configurator home page and the home page that you'd see if you accessed it directly are different.
Page 202: Uploading Firmware To A Cluster Member Switch
Figure 99 Cluster Management: Cluster Member Web Configurator Screen 27.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example.
Page 203: Clustering Management Configuration
User Password 360lt0.bin fw-00-a0-c5-01-23-46 config-00-a0-c5-01-23-46 This is the cluster member switch’s configuration file name as seen 27.3 Clustering Management Configuration Click Configuration from the Cluster Management screen to display the next screen. Use this screen to configure cluster management. Chapter 27 Cluster Management...
Page 204: Figure 101 Clustering Management Configuration
Type a name to identify the Clustering Manager. You may use up to 32 printable characters (spaces are allowed). This is the VLAN ID and is only applicable if the switch is set to 802.1Q VLAN. All switches must be directly connected and in the same VLAN group to belong to the same cluster.
Page 205 Chapter 27 Cluster Management DESCRIPTION Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 206 ES-2048 User’s Guide Chapter 27 Cluster Management...
Page 207: Chapter 28 Mac Table
(learned by the switch) or static (manually entered in the Static MAC Forwarding screen). The switch uses the MAC table to determine how to forward frames. See the following figure. 1 The switch examines a received frame and learns the port on which this source MAC address came.
Page 208: Viewing The Mac Table
Port This is the port from which the above MAC address was learned. Type This shows whether the MAC address is dynamic (learned by the switch) or static (manually entered in the Static MAC Forwarding screen). Chapter 28 MAC Table...
Page 209: Chapter 29 Arp Table
If no entry is found for the IP address, ARP broadcasts the request to all the devices on the LAN. The switch fills in its own MAC and IP address in the sender address fields, and puts the known IP address of the target in the target IP address field. In addition, the switch puts all ones in the target MAC field (FF.FF.FF.FF.FF.FF is the Ethernet broadcast address).
Page 210: Figure 104 Arp Table
Index This is the ARP Table entry number. IP Address This is the learned IP address of a device connected to a switch port with corresponding MAC address below. MAC Address This is the MAC address of the device with corresponding IP address above.
Page 211: Chapter 30 Configure Clone
This chapter shows you how you can copy the settings of one port onto other ports. 30.1 Configure Clone Settings Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management, Configure Clone to open the following screen. Figure 105 Configure Clone The following table describes the labels in this screen.
Page 212 Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 213: Chapter 31 Introducing Commands
This chapter introduces commands and gives a summary of commands available. 31.1 Overview In addition to the web configurator, you can use commands to configure the switch. Use commands for advanced switch diagnosis and troubleshooting. If you have problems with your switch, customer support may request that you issue some of these commands to assist them in troubleshooting.
Page 214: Initial Screen
1 For local management, connect your computer to the RJ-45 management port (labeled MGMT) on the switch. 2 Make sure your computer IP address and the switch IP address are on the same subnet. In Windows, click Start (usually in the bottom left corner), Run and then type (the default management IP address) and click OK.
Page 215: Changing The Password
• Use the up or down arrow key to scroll through the command history list. • You may enter a unique part of a command and press [TAB] to have the switch automatically display the full command. For example, if you enter “...
Page 216: Command Modes
ES-2048 User’s Guide Syntax: logins username <username> password <password> logins username <username> privilege <0-14> where username <username> password <password> privilege <0-14> 31.7 Command Modes There are three command modes: User, Enable and Configure. The modes (and commands) available to you depend on what level of privilege your account has. See for more information on setting up privilege levels.
Page 217: Getting Help
DESCRIPTION Config Commands available in this mode allow you to configure settings that affect the switch globally. Command modes that follow are sub-modes of the config mode and can only be accessed from within the config mode. Config-vlan This is a sub-mode of the config mode and allows you to configure VLAN settings.
Page 218: List Of Available Commands
ES-2048 User’s Guide 31.8.1 List of Available Commands Enter “ ” to display a list of available commands and the corresponding sub commands. help sysname> help Commands available: help logout exit history enable show ip <cr> show hardware-monitor <C|F> show system-information ping <ip|host-name>...
Page 219: Using Command History
31.9 Using Command History The switch keeps a list of recently used commands available to you for reuse. You can use any commands in the history again by pressing the up ( ) or down ( ) arrow key to scroll through the previously used commands and press of commands.
Page 220: Logging Out
31.11 Command Summary The following sections summarize the commands available in the switch together with a brief description of each command. Commands listed in the tables are in the same order as they are displayed in the CLI. See the related section in the User’s Guide for more background information.
Page 221: Enable Mode
Table 71 Command Summary: User Mode (continued) COMMAND <IP|host-name> [vlan <vlan-id>] [size <0-1472>] [-t] help traceroute <ip|host-name> <ip|host-name> [vlan <vlan-id>] [ttl <1-255>] [wait <1-60>] [queries <1-10>] help <1|2> <[user@]dest- ip> 31.11.2 Enable Mode The following table describes the commands available for Enable mode. Table 72 Command Summary: Enable Mode COMMAND help...
Page 222: Route Static
ES-2048 User’s Guide Table 72 Command Summary: Enable Mode (continued) COMMAND hardware-monitor <C|F> system- information vlan1q spanning-tree lacp trunk radius-server port-access- authenticator port-security snmp-server logins service-control remote- management interfaces <port-list> DESCRIPTION Displays UDP related information. 13 Displays IP routing information. route Displays IP static route route static...
Page 223 Table 72 Command Summary: Enable Mode (continued) COMMAND interfaces config <port- list> vlan running-config timesync time garp loginPrecedence logging vlan-stacking Chapter 31 Introducing Commands DESCRIPTION Displays current interface configuration on the port(s). Displays bandwidth control bandwidth- settings on the port(s). control Displays outgoing port egress...
Page 224: Member Config
DIsplays all MVR (Multicast VLAN Registration) settings. <vlan-id> DIsplays specified MVR information. Displays DiffServ settings on the switch. Removes all IGMP information. Resets a TCP connection. Use show ip tcp get the Session ID. Clears the MAC address table. Removes all learned MAC address on the specified port(s).
Page 225 Restarts the system with the specified configuration file. Restarts the system and use the specified configuration file. Saves current configuration to the configuration file the switch is currently using. Saves current configuration to the <index> specified configuration file on the switch.
Page 226: General Configuration Mode
Removes a specified IP static route <ip> route. <mask> Enables a specified IP static route <ip> route. <mask> inactive Clears the IGMP filtering settings on the switch. Deletes the IGMP filtering profile. 13 profile <name> Chapter 31 Introducing Commands PRIVILEGE PRIVILEGE...
Page 227 <port-list> Disables Bridge Control Protocol (BCP) transparency. Disables broadcast storm control. 13 Disable bandwidth control on the switch. Disables GVRP on the switch. gvrp Disables port isolation. port-isolation Disables STP. Disables STP on listed ports. <port-list> Disables timeserver settings.
Page 228 Disables FTP access to the switch. Disables web browser control to http the switch. Disables SSH (Secure Shell) server access to the switch. Disables secure web browser https access to the switch. Disables ICMP access to the icmp switch such as pinging and tracerouting.
Page 229 Disables another administrator from logging into Telnet. Disables cluster management on the switch. Removes the cluster member. <mac-address> Disables MVR on the switch. <vlan-id> Disables Strict Priority Queuing on the switch. Disables syslog logging. Disables syslog logging to the server <ip- specified syslog server.
Page 230 Sets the queuing method to WFQ (Weighted Fair Queuing). Sets the queuing method to WRR (Weighted Round Robin). Sets the switch to use SPQ to service the subsequent queue(s) after and including the specified queue for the 10/100 Mbps Ethernet ports.
Page 231 Defines the port number and LACP timeout period. Sets the cluster management VLAN ID. Configures a name to identify the cluster manager. Sets the cluster member switch's hardware MAC address and password. Logs into a cluster member switch. Specifies the IP address of RADIUS server 1 or RADIUS server 2 (index =1 or index =2).
Page 232 MAC address table. Enables GVRP. Enables port-isolation. Configures GARP time settings. Enables STP on the switch. Sets the bridge priority of the switch. Sets Hello Time, Maximum Age and Forward Delay. Enables STP on a specified port.
Page 233 Sets the STP path cost for a specified port. Sets the priority for a specified port. Displays help information. Sets the switch’s name for identification purposes. Sets the time in hour, minute and second format. Selects the time difference between UTC (formerly known as GMT) and your time zone.
Page 234 Sets the IP address of the syslog level [0 ~ 7] server and the severity level. Sets the log type and the file location on the syslog server. Specifies through which traffic flow the switch is to send packets. Chapter 31 Introducing Commands PRIVILEGE...
Page 235: Interface Port-Channel Commands
Enables DHCP relay. Sets the IP addresses of up to 3 DHCP servers. Allows the switch to add DHCP relay agent information. Allows the switch to add system name to agent information. Enables DiffServ on the switch.
Page 236 VLANs that are not included in a port member set. Enables this function to permit VLAN groups beyond the local switch. Choose to accept both tagged and untagged incoming frames, just tagged incoming frames or just untagged incoming frames on a port.
Page 237 Sets the maximum bandwidth egress <Kbps> allowed for outgoing traffic on the port(s). Enables broadcast storm control limit on the switch. <pkt/s> Sets how many broadcast packets the interface receives per second. Enables the interface multicast limit.
Page 238 (DLF) limit on the switch. Disables SPQ priority on the ge-spq specified gigabit ports. Enables the port(s) on the switch. inactive Disables intrusion-lock on a port so intrusion-lock that a port can be connected again after you disconnected the cable.
Page 239: Config-Vlan Commands
Table 74 interface port-channel Commands (continued) COMMAND help exit intrusion-lock test protocol-based- vlan name <name> ethernet-type <ethernet-type> vlan <vid> priority <0-7> weight <wt1> <wt2> ... <wt8> ge-spq <q0|q1|q3|q4|q5 |q6|q7> 31.11.5 config-vlan Commands The following table lists the Table 75 Command Summary: config-vlan Commands COMMAND vlan <1- 4094>...
Page 240: Mvr Commands
IP address in this inband-default VLAN. dhcp-bootp The switch will use the default IP address of 0.0.0.0 if you do not configure a static IP address. Deletes the IP address and subnet ip address <ip- mask from this VLAN.
Page 241: Table 76 Mvr Commands
MVR. Exist from the MVR configuration mode. Sets a priority level (0-7) to which the switch changes the priority in outgoing IGMP control packets. Disables the source port(s). An MVR source port can send and receive multicast traffic in a multicast VLAN.
Page 242 ES-2048 User’s Guide Chapter 31 Introducing Commands...
Page 243: User And Enable Mode Commands
This chapter describes some commands which you can perform in the User and Enable modes. 32.1 Overview The following command examples show how you can use User and Enable modes to diagnose and manage your switch. 32.2 show Commands These are the commonly used 32.2.1 show system-information...
Page 244: Show Ip
32.2.2 show ip Syntax: show ip This command displays the IP related information (such as IP address and subnet mask) on all switch interfaces. The following figure shows the default interface settings. sysname> show Out-of-band Management IP Address = 192.168.0.1 Management IP Address IP[192.168.0.1], Netmask[255.255.255.0], VID[0]...
Page 245: Show Mac Address-Table
This command displays statistics of a port. The following example shows that port 2 is up and the related information. sysname# show interface 2 Port Info Port NO. Link Status LACP TxPkts RxPkts Errors Tx KBs/s Rx KBs/s Up Time TX Packet Tx Packets Multicast...
Page 246: Ping
ES-2048 User’s Guide This command displays the MAC address(es) stored in the switch. The following example shows the static MAC address table. sysname# show mac address-table static Port VLAN ID sysname# 32.3 ping Syntax: ping <ip|host-name> < [in-band|out-of-band|vlan <vlan-id> ] [ size ->...
Page 247: Copy Port Attributes
Ethernet device belongs. Specifies the Time To Live (TTL) period. Specifies the time period to wait. Specifies how many tries the switch performs the traceroute function. command to copy attributes of one port to another port or ES-2048 User’s Guide...
Page 248: Configuration File Maintenance
You can store up to two configuration files on the switch. Only one configuration file is used at a time. By default the switch uses the first configuration file (with an index number of 1). You can set the switch to use a different configuration file. There are two ways in which you can set the switch to use a different configuration file: restart the switch (cold reboot) and restart the system (warm reboot).
Page 249: Resetting To The Factory Default
Note: When you use the file index number, the switch saves the changes to the configuration file the switch is currently using. 32.6.2 Resetting to the Factory Default Follow the steps below to reset the switch back to the factory defaults.
Page 250 ES-2048 User’s Guide Chapter 32 User and Enable Mode Commands...
Page 251: Configuration Mode Commands
Configuration Mode Commands This chapter describes how to enable and configure your switch’s features using commands. For more background information, see the feature specific chapters which proceed the commands chapters. 33.1 Enabling IGMP Snooping To enable IGMP snooping on the switch. Enter...
Page 252: Configure Igmp Filter
An example is shown next. • Enable IGMP snooping on the switch. • Set the host-timeout • Set the switch to drop packets from unknown multicast groups. sysname(config)# igmp-snooping sysname(config)# igmp-snooping host-timeout 30 sysname(config)# igmp-snooping leave-timeout 30 sysname(config)# igmp-snooping unknown-multicast-frame drop 33.2 Configure IGMP Filter...
Page 253: Enabling Stp
(provided in the last BPDU) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the switch ports attached to the network. Specifies the maximum time (in seconds) a switch will wait before changing states.
Page 254: No Command Examples
• Set the bridge priority of the switch to 0. • Set the Hello Time to 4, Maximum Age to 20 and Forward Delay to 15 on the switch. • Enable STP on port 5 with a path cost of 150.
Page 255: Resetting Commands
33.4.2 Resetting Commands Use the command to reset switch settings to their default values. Syntax: no https timeout Resets the https session timeout to default. An example is shown next. The session timeout is reset to 300 seconds. sysname(config)# no https timeout Cache timeout 300 33.4.3 Re-enable commands...
Page 256: No Trunk
<port-list> reauthenticate <port-list> An example is shown next. • Disable authentication on the switch. • Disable re-authentication on ports one, three, four and five. • Disable authentication on ports one, six and seven. = Disables the trunk group. = Disables LACP in the trunk group.
Page 257: No Ssh
33.5 Queuing Method Commands You can use the queuing method commands to configure queuing for outgoing traffic on the switch. You can only select one queuing method for the switch. Chapter 33 Configuration Mode Commands Disables the secure shell server encryption key. Your switch supports SSH versions 1 and 2 using RSA and DSA authentication.
Page 258: Static Route Commands
• Set the queueing method to SPQ. sysname(config)# spq 33.6 Static Route Commands You can create and configure static routes on the switch by using the Syntax: ip route <ip> <mask> <next-hop-ip> ip route <ip> <mask> <next-hop-ip> [metric <metric>][name <name>]...
Page 259: Enabling Mac Filtering
[metric <metric>] [name <name>] [inactive] An example is shown next. • Create a static route with the destination IP address of 172.21.1.104, subnet mask of 255.255.0.0 and the gateway IP address of 192.168.1.2. • Assigns a metric value of 2 to the static route. •...
Page 260: Enabling Trunking
<T1|T2|T3|T4|T5|T6> interface <port-list> <T1|T2|T3|T4|T5|T6> lacp An example is shown next. • Create trunk 1 on the switch. • Place ports 5-8 in trunk 1. Specifies which VLAN this rule applies to. Selects the behavior of the rule. • src - drop packets coming from the specified MAC address •...
Page 261: Enabling Port Authentication
To enable a port authentication, you need to specify your RADIUS server details and select the ports which require external authentication. You can set up multiple RADIUS servers and specify how the switch will process authentication requests. 33.9.1 RADIUS Server Settings Configuring multiple RADIUS servers is only available via the command interpreter mode.
Page 262: Port Authentication Settings
RADIUS server. If 2 RADIUS servers are configured, this is the total time the switch will wait for a response from either server. Specifies the way the switch will process requests from the clients to the RADIUS server. (Only applicable with multiple RADIUS servers configured.)
Page 263 • Specify RADIUS server 1 with IP address 10.10.10.1, port 1890 and the string secretKey as the password. See commands. • Specify the timeout period of 30 seconds that the switch will wait for a response from the RADIUS server. • Enable port authentication on ports 4 to 8.
Page 264 ES-2048 User’s Guide Chapter 33 Configuration Mode Commands...
Page 265: Chapter 34 Interface Commands
These are some commonly used configuration commands that belong to the group of commands. 34.1 Overview The interface commands allow you to configure the switch on a port by port basis. 34.2 Interface Command Examples This section provides examples of some frequently used interface commands.
Page 266: Broadcast-Limit
BPDU. , to forward BPDUs received on ports one, three, four tunnel Enables broadcast storm control limit on the switch. Limits how many broadcast packet the interface receives per second. command enables bandwidth control on the switch.
Page 267: Mirror
Sets the maximum bandwidth allowed for incoming traffic. Sets the guaranteed bandwidth allowed for incoming traffic. Sets the maximum bandwidth allowed for outgoing traffic (egress) on the switch. = Enables port mirroring for incoming, outgoing or both incoming and outgoing traffic.
Page 268: Gvrp
GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Enable this function to permit VLAN groups beyond the local switch. An example is shown next.
Page 269: Frame-Type
<wt1> <wt2> ... <wt8> An example is shown next. • Enable WFQ queuing on the switch. • Enable port 2 and ports 6 to 8 for configuration. Chapter 34 Interface Commands Choose to accept both tagged and untagged incoming frames, just tagged incoming frames or just untagged incoming frames on a port.
Page 270: Egress Set
<port-list> An example is shown next. • Enable port-based VLAN tagging on the switch. • Enable ports one, three, four and five for configuration. • Set the outgoing traffic ports as the CPU (0), seven (7) and eight (8).
Page 271: Name
34.2.12 name Syntax: name <port-name-string> where <port-name-string> An example is shown next. • Enable ports one, three, four and five for configuration. • Set a name for the ports. sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# name Test 34.2.13 speed-duplex Syntax: speed-duplex <auto|10-half|10-full|100-half|100-full|1000-full> where <auto|10-half|10- full|100-half|100-...
Page 272: Interface No Command Examples
ES-2048 User’s Guide An example is shown next. • Select ports 3-6 for internal loopback test. • Execute the test command. • View the results. sysname(config)# interface port-channel 3-6 sysname(config-interface)# test 3-6 Testing internal loopback on port 3 :Passed! Ethernet Port 3 Test ok. Testing internal loopback on port 4 :Passed! Ethernet Port 4 Test ok.
Page 273: Ieee 802.1Q Tagged Vlan Commands
(config-interface)# pvid 2000 sysname (config-interface)# exit 2 Configure your management VLAN. • Use the vlan <vlan-id> managing the switch, and the switch will activate the new management VLAN. • Use the inactive sysname (config)# vlan 3 sysname (config-vlan)# inactive Chapter 35 IEEE 802.1Q Tagged VLAN Commands...
Page 274: Global Vlan1Q Tagged Vlan Configuration Commands
This section shows you how to configure and monitor the IEEE 802.1Q Tagged VLAN. 35.2.1 GARP Status Syntax: show garp This command shows the switch’s GARP timer settings, including the join, leave and leave all timers. An example is shown next. sysname# show garp...
Page 275: Gvrp Timer
This command turns on GVRP in order to propagate VLAN information beyond the switch. 35.2.5 Disable GVRP Syntax: no vlan1q gvrp This command turns off GVRP so that the switch does not propagate VLAN information to other switches. 35.3 Port VLAN Commands You must configure the switch port VLAN settings in config-interface mode.
Page 276: Set Port Vid
ES-2048 User’s Guide 35.3.1 Set Port VID Syntax: pvid <VID> where Specifies the VLAN number between 1 and 4094. <VID> This command sets the default VLAN ID on the port(s). The following example sets the default VID to 200 on ports 1 to 5. sysname (config)# interface port-channel 1-5 sysname (config-interface)# pvid 200 35.3.2 Set Acceptable Frame Type...
Page 277: Modify Static Vlan
35.3.4.2 Forwarding Process Example 35.3.4.2.1 Tagged Frames 1 First the switch checks the VLAN ID (VID) of tagged frames or assigns temporary VIDs to untagged frames. 2 The switch then checks the VID in a frame’s tag against the SVLAN table.
Page 278: Delete Vlan Id
The switch also does not forward frames to “forbidden” ports. 4 If after looking at the SVLAN, the switch does not have any ports to which it will send the frame, it won’t check the port filter.
Page 279: Disable Vlan
• VID is the VLAN identification number. • Status shows whether the VLAN is static or active. • Elap-Time is the time since the VLAN was created on the switch. • The TagCtl section of the last column shows which ports are tagged and which are untagged.
Page 280 ES-2048 User’s Guide Chapter 35 IEEE 802.1Q Tagged VLAN Commands...
Page 281: Chapter 36 Multicast Vlan Registration Commands
Multicast VLAN Registration This chapter shows you how to use Multicast VLAN Registration (mvr) commands. 36.1 Overview Use the mvr commands in the configuration mode to create and configure multicast VLANs. Note: If you want to enable IGMP snooping see 36.2 Create Multicast VLAN Use the following commands in the config-mvr mode to configure a multicast VLAN group.
Page 282 ES-2048 User’s Guide group name <name-str> start-address <ip> end-address <ip> • Enter MVR mode. Create a multicast VLAN with the name multiVlan and the VLAN ID of 3. • Specify source ports 2, 3, 5 and receiver ports 6-8. • Specify dynamic mode for the multicast group. •...
Page 283: Chapter 37 Troubleshooting
IP address, your computer’s IP address must match it. Refer to the chapter on access control for details. Your computer’s and the switch’s IP addresses must be on the same subnet. See the following section to check that pop-up windows, JavaScripts and Java permissions are allowed.
Page 284: Pop-Up Windows, Javascripts And Java Permissions
ES-2048 User’s Guide 37.2.1 Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here.
Page 285: Figure 108 Internet Options
Figure 108 Internet Options 3 Click Apply to save this setting. 37.2.1.1.2 Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab. 2 Select Settings…to open the Pop-up Blocker Settings screen.
Page 286: Figure 109 Internet Options
ES-2048 User’s Guide Figure 109 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites. Chapter 37 Troubleshooting...
Page 287: Javascripts
Figure 110 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 37.2.1.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab.
Page 288: Figure 111 Internet Options
ES-2048 User’s Guide Figure 111 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). 6 Click OK to close the window.
Page 289: Java Permissions
Figure 112 Security Settings - Java Scripting 37.2.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
Page 290: Figure 113 Security Settings - Java
ES-2048 User’s Guide Figure 113 Security Settings - Java 37.2.1.3.1 JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window. Chapter 37 Troubleshooting...
Page 291: Problems With The Password
Figure 114 Java (Sun) 37.3 Problems with the Password Table 79 Troubleshooting the Password PROBLEM Cannot access the switch. Chapter 37 Troubleshooting CORRECTIVE ACTION The password field is case sensitive. Make sure that you enter the correct password using the proper casing.
Page 292 ES-2048 User’s Guide Chapter 37 Troubleshooting...
Page 293: Product Specifications
These are the switch product specifications. Table 80 General Product Specifications Ethernet 48 10/100 Base-TX interfaces Interface Auto-negotiation Auto-MDI/MDIX Compliant with IEEE 802.3/3u Back pressure flow control for half duplex Flow control for full duplex (IEEE 802.3x) RJ-45 Ethernet cable connector...
Page 294: Table 81 Management Specifications
RFC2013 UDP MIB RFC2674 Bridge MIB extension (for IEEE 802.1Q) Table 82 Physical and Environmental Specifications LEDs Per switch: PWR, SYS, ALM Per Ethernet port: LNK/ACT Dimension 438 mm (W) x 300 mm (D) x 44.45 mm (H) Standard 19” rack mountable Weight 4.2Kg...
Page 295 Table 82 Physical and Environmental Specifications (continued) Safety UL 60950-1 CSA 60950-1 EN 60950-1 IEC 60950-1 FCC Part 15 (Class A) CE EMC (Class A) Appendix A Product Specifications ES-2048 User’s Guide...
Page 296 ES-2048 User’s Guide...
Page 297: Ip Addresses And Subnetting
IP Addresses and Subnetting This appendix introduces IP addresses, IP address classes and subnet masks. You use subnet masks to subdivide a network into smaller logical networks. Introduction to IP Addresses An IP address has two parts: the network number and the host ID. Routers use the network number to send packets to the correct network, while the host ID identifies a single device on the network.
Page 298: Table 83 Classes Of Ip Addresses
ES-2048 User’s Guide The following table shows the network number and host ID arrangement for classes A, B and Table 83 Classes of IP Addresses IP ADDRESS OCTET 1 Class A Network number Class B Network number Class C Network number An IP address with host IDs of all zeros is the IP address of the network (192.168.1.0 for example).
Page 299: Table 85 "Natural" Masks
Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). A subnet mask has 32 bits. If a bit in the subnet mask is a “1” then the corresponding bit in the IP address is part of the network number.
Page 300: Table 87 Two Subnets Example
ES-2048 User’s Guide Table 86 Alternative Subnet Mask Notation (continued) SUBNET MASK 255.255.255.240 255.255.255.248 255.255.255.252 The first mask shown is the class “C” natural mask. Normally if no mask is specified it is understood that the natural mask is being used. Example: Two Subnets As an example, you have a class “C”...
Page 301: Table 88 Subnet 1
Table 88 Subnet 1 (continued) IP/SUBNET MASK Subnet Address: 192.168.1.0 Broadcast Address: 192.168.1.127 Table 89 Subnet 2 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask Subnet Mask (Binary) Subnet Address: 192.168.1.128 Broadcast Address: 192.168.1.255 Host IDs of all zeros represent the subnet itself and host IDs of all ones are the broadcast address for that subnet, so the actual number of hosts available on each subnet in the example above is 2 –...
Page 302: Table 91 Subnet 2
ES-2048 User’s Guide Table 90 Subnet 1 (continued) IP/SUBNET MASK Subnet Address: 192.168.1.0 Broadcast Address: 192.168.1.63 Table 91 Subnet 2 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.64 Broadcast Address: 192.168.1.127 Table 92 Subnet 3 IP/SUBNET MASK IP Address IP Address (Binary)
Page 303: Table 94 Eight Subnets
The following table shows class C IP address last octet values for each subnet. Table 94 Eight Subnets SUBNET SUBNET ADDRESS FIRST ADDRESS The following table is a summary for class “C” subnet planning. Table 95 Class C Subnet Planning NO.
Page 304: Table 96 Class B Subnet Planning
ES-2048 User’s Guide The following table is a summary for class “B” subnet planning. Table 96 Class B Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS 255.255.128.0 (/17) 255.255.192.0 (/18) 255.255.224.0 (/19) 255.255.240.0 (/20) 255.255.248.0 (/21) 255.255.252.0 (/22) 255.255.254.0 (/23) 255.255.255.0 (/24) 255.255.255.128 (/25)
Page 305: Index
CFI (Canonical Format Indicator) changing password Class of Service (CoS) syntax conventions cloning a port See port cloning cluster management 31, 197 and switch passwords cluster manager cluster member cluster member firmware upgrade manager member network example setup specification...
Page 306 ES-2048 User’s Guide summary syntax conventions user mode details using history vlan mode details commands interface mode details configuration change running config saving configuration file 53, 217 and commands backup restore 53, 172 configuration, saving console port commands settings 42, 211 copying port settings See port cloning copyright CPU management port...
Page 307 LEDs GMT (Greenwich Mean Time) GVRP 82, 90 and port assignment GVRP (GARP VLAN Registration Protocol) gvrp disable gvrp enable gvrp status hardware front panel mounting ports rear panel ventilation holes hardware installation freestanding mounting brackets precautions rack-mounting rubber feet transceiver hardware overview help...
Page 308 ES-2048 User’s Guide current configuration main screen management Management Information Base (MIB) management interface, See also CLI management port 42, 94, 97 and SNMP supported MIBs MIB (Management Information Base) mini GBIC ports connection speed connector type transceiver installation transceiver removal mirror port modes and accounts...
Page 309 queue weight queuing 29, 141 queuing algorithm 141, 144 queuing method 141, 144 rack mounting RADIUS advantages network example server settings setup RADIUS (Remote Authentication Dial In User Service) Rapid Spanning Tree Protocol (RSTP). See STP rear panel reboot load configuration reboot system registration product...
Page 310 ES-2048 User’s Guide root port status terminology STP (Spanning Tree Protocol) subnet subnet mask subnetting switch accessing problems lockout switch lockout switch reset switch setup sys commands examples 241, 252 sys log disp sys sw mac list syslog protocol server setup...
Page 311 warnings warranty note web configurator getting help help home logging out login navigation panel screen summary weight, queuing Weighted Round Robin Scheduling (WRR) WFQ (Weighted Fair Queuing) WRR (Weighted Round Robin Scheduling) ZyNOS (ZyXEL Network Operating System) Index ES-2048 User’s Guide...

ZyXEL Communications ZyXEL Dimension ES-2048 User Manual

Chapter 1 Getting to Know Your Switch

Chapter 2 Hardware Installation and Connection

Chapter 3 Hardware Overview

Chapter 4 The Web Configurator

Chapter 5 Initial Setup Example

Chapter 6 System Status and Port Statistics

Chapter 7 Basic Setting

Chapter 8 VLAN

Chapter 9 Static MAC Forwarding

Chapter 10 Filtering

Chapter 11 Spanning Tree Protocol

Chapter 12 Bandwidth Control

Chapter 13 Broadcast Storm Control

Chapter 14 Mirroring

Chapter 15 Link Aggregation

Chapter 16 Port Authentication

Chapter 17 Port Security

Chapter 18 Queuing Method

Chapter 19 Multicast

Chapter 20 DHCP Relay

Chapter 21 Static Route

Chapter 22 Diffserv Code Point

Chapter 23 Maintenance

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications ZyXEL Dimension ES-2048

Summary of Contents for ZyXEL Communications ZyXEL Dimension ES-2048