Page 1 User’s Manual of WGSW-24040 / WGSW-24040R...
Page 2: Fcc Warning
User’s Manual of WGSW-24040 / WGSW-24040R Trademarks Copyright © PLANET Technology Corp. 2012. Contents subject to which revision without prior notice. PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners. Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications, and makes no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose.
Page 3: Table Of Contents
User’s Manual of WGSW-24040 / WGSW-24040R TABLE OF CONETNTS 1. INTRODUTION ........................21 1.1 Packet Contents ............................21 1.2 Product Description ...........................21 1.3 How to Use This Manual ..........................23 1.4 Product Features............................24 1.5 Product Specification ..........................27 2. INSTALLATION ........................30 2.1 Hardware Description ..........................30 2.1.1 Switch Front Panel ..............................30...
Page 4 User’s Manual of WGSW-24040 / WGSW-24040R 4.2.4 Users Configuration .............................53 4.2.5 Privilege Levels ..............................55 4.2.6 NTP Configuration ...............................57 4.2.7 UPnP ...................................58 4.2.8 DHCP Relay ................................60 4.2.9 DHCP Relay Statistics ............................62 4.2.10 CPU Load ................................63 4.2.11 System Log ................................64 4.2.12 Detailed Log ..............................65 4.2.13 Remote Syslog ..............................66...
Page 5 User’s Manual of WGSW-24040 / WGSW-24040R 4.5.4 LACP Port Status...............................103 4.5.5 LACP Port Statistics............................104 4.6 VLAN................................106 4.6.1 VLAN Overview ..............................106 4.6.2 IEEE 802.1Q VLAN ............................107 4.6.3 VLAN Basic Information............................. 110 4.6.4 VLAN Port Configuration ........................... 111 4.6.5 VLAN Membership ............................114 4.6.6 VLAN Membership Status..........................
Page 6 User’s Manual of WGSW-24040 / WGSW-24040R 4.8.8 MLD Snooping Configuration..........................166 4.8.9 MLD Snooping VLAN Configuration ........................168 4.8.10 MLD Snooping Port Group Filtering.........................170 4.8.11 MLD Snooping Status ............................171 4.8.12 MLD Group Information ...........................172 4.8.13 MLDv2 Information ............................173 4.8.14 MVR.................................174 4.8.15 MVR Status..............................177 4.8.16 MVR Groups Information ..........................178...
Page 7 User’s Manual of WGSW-24040 / WGSW-24040R 4.11.3 Network Access Server Configuration......................227 4.11.4 Network Access Overview ..........................237 4.11.5 Network Access Statistics ..........................238 4.11.6 Authentication Server Configuration.........................245 4.11.7 RADIUS Overview ............................248 4.11.8 RADIUS Details ...............................249 4.11.9 Windows Platform RADIUS Server Configuration....................256 4.11.10 802.1X Client Configuration ...........................261 4.12 Security ..............................264...
Page 8 User’s Manual of WGSW-24040 / WGSW-24040R 4.15.4 Cable Diagnostics............................308 4.16 Loop Protection............................311 4.16.1 Configuration ..............................311 4.16.2 Loop Protection Status.............................312 4.17 sFlow ...............................313 4.17.1 sFlow Configuration ............................314 4.17.2 sFlow Status ..............................316 4.18 RMON...............................319 4.18.1 RMON Alarm Configuration ..........................319 4.18.2 RMON Alarm Detail ............................321 4.18.3 RMON Alarm Status............................322...
Page 9 User’s Manual of WGSW-24040 / WGSW-24040R System Log Level..............................344 System Timezone..............................344 System Log Lookup.............................345 System Log Clear ..............................345 System Reboot..............................346 System Restore Default............................346 System Load ...............................347 6.2 IP Command..............................348 IP Configuration..............................348 IP DHCP................................349 IP Setup................................349 IP Ping.................................350 IP DNS ................................350 IP DNS Proxy ..............................351...
Page 10 User’s Manual of WGSW-24040 / WGSW-24040R MAC Age Time ..............................365 MAC Learning ..............................365 MAC Dump................................366 MAC Statistics ..............................366 MAC Flush................................367 6.5 VLAN Configuration Command ......................368 VLAN Configuration.............................368 VLAV PVID ................................368 VLAN Frame Type ...............................369 VLAN Ingress Filter .............................370 VLAN Mode .................................370 VLAN Link Type..............................371...
Page 11 User’s Manual of WGSW-24040 / WGSW-24040R Security Switch SSH Configuration ........................386 Security Switch SSH Mode..........................386 Security Switch HTTPs Configuration .........................387 Security Switch HTTPs Mode..........................387 Security Switch HTTPs Redirect .........................388 Security Switch Access Configuration .........................388 Security Switch Access Mode..........................389 Security Switch Access Add ..........................389 Security Switch Access IPv6 Add ........................390...
Page 12 User’s Manual of WGSW-24040 / WGSW-24040R Security Switch SNMP Group Delete ........................406 Security Switch SNMP Group Lookup .........................406 Security Switch SNMP View Add.........................407 Security Switch SNMP View Delete........................407 Security Switch SNMP View Lookup ........................408 Security Switch SNMP Access Add ........................408 Security Switch SNMP Access Delete .........................409...
Page 13 User’s Manual of WGSW-24040 / WGSW-24040R Security Network NAS Guest_VLAN ........................426 Security Network NAS Authenticate ........................427 Security Network NAS Statistics..........................427 Security Network ACL Configuration ........................428 Security Network ACL Action ..........................429 Security Network ACL Policy ..........................429 Security Network ACL Rate ..........................430 Security Network ACL Add ..........................430...
Page 14 User’s Manual of WGSW-24040 / WGSW-24040R Security AAA ACCT_RADIUS..........................448 Security AAA TACACS+ ............................448 Security AAA Statistics............................449 6.8 Spanning Tree Protocol Command ......................450 STP Configuration ...............................450 STP Version ................................450 STP Tx Hold ................................451 STP MaxHops ..............................451 STP MaxAge ...............................452 STP FwdDelay ..............................452 STP CName ................................453...
Page 15 User’s Manual of WGSW-24040 / WGSW-24040R LACP Mode .................................467 LACP Key................................468 LACP Priority...............................468 LACP System Priority ............................469 LACP Role................................469 LACP Status ................................470 LACP Statistics ..............................470 LACP Timeout ..............................471 6.11 LLDP Command............................472 LLDP Configuration .............................472 LLDP Mode .................................472 LLDP Optional TLV..............................473 LLDP Interval...............................474...
Page 16 User’s Manual of WGSW-24040 / WGSW-24040R QoS Port Policer Unit ............................488 QoS Port Policer Flow Control..........................488 QoS Port Scheduler Mode...........................489 QoS Port Scheduler Weight ..........................489 QoS Port QueueShaper Mode ..........................490 QoS Port QueueShaper Rate..........................490 QoS Port QueueShaper Excess..........................491 QoS Port TagRemarking Mode..........................491 QoS Port TagRemarking PCP ..........................492...
Page 17 User’s Manual of WGSW-24040 / WGSW-24040R Firmware Swap ..............................506 6.17 UPnP Command .............................508 UPnP Configuration.............................508 UPnP Mode .................................508 UPnP TTL................................509 UPnP Advertising Duration ..........................509 6.18 MVR Command............................510 MVR Configuration ..............................510 MVR Mode ................................510 MVR VLAN Setup..............................511 MVR VLAN Mode ..............................511 MVR VLAN Port ..............................512...
Page 18 User’s Manual of WGSW-24040 / WGSW-24040R Loop Protect Port Mode............................524 Loop Protect Port Action............................525 6.21 IPMC Command............................526 IPMC Configuration .............................526 IPMC Mode .................................526 IPMC Flooding..............................527 IPMC Leave Proxy ..............................527 IPMC Proxy .................................528 IPMC SSM................................528 IPMC VLAN Add..............................529 IPMC VLAN Delete..............................529 IPMC State ................................530...
Page 19 User’s Manual of WGSW-24040 / WGSW-24040R VCL Protocol-based VLAN Add Ethernet II ......................543 VCL Protocol-based VLAN Add SNAP ........................543 VCL Protocol-based VLAN Add LLC ........................544 VCL Protocol-based VLAN Delete Ethernet II .....................544 VCL Protocol-based VLAN Delete SNAP ......................544 VCL Protocol-based VLAN Delete LLC .......................545 VCL Protocol-based VLAN Add ...........................545...
Page 20 User’s Manual of WGSW-24040 / WGSW-24040R APPENDEX B : GLOSSARY....................558...
Page 21: Introdution
WGSW-24040 24-Port 10/100/1000Base-T with 4 Shared SFP Managed Gigabit Switch / Redundant Power WGSW-24040R Terms of “Managed Switch” means the Switches mentioned titled in the cover page of this User’s manual, i.e. WGSW-24040 / 24040R. 1.1 Packet Contents Open the box of the Managed Switch and carefully unpack it. The box should contain the following items: Check the contents of your package for following parts: ...
Page 22 User’s Manual of WGSW-24040 / WGSW-24040R High-Performance / Cost-effective / Telecom class Gigabit solution for Enterprise backbone and Data Center Networking The PLANET Managed Switch is a L2/L4 Managed Gigabit Switch. Since Gigabit network interface had become the basic equipment and requirement of Enterprise and Network Servers, with 48Gbps switching fabric, the Managed Switch can handle extremely large amounts of data in a secure topology linking to a backbone or high capacity servers.
Page 23: How To Use This Manual
User’s Manual of WGSW-24040 / WGSW-24040R Flexibility and Extension solution The 4 mini-GBIC slots are compatible with 1000Base-SX/LX and WDM SFP(Small Factor Pluggable) fiber-optic modules. The distance can be extended from 550 meters (Multi-Mode fiber) up to above 10/20/30 /40/50/70/120 kilometers (Single-Mode fiber or WDM fiber).
Page 24: Product Features
User’s Manual of WGSW-24040 / WGSW-24040R 1.4 Product Features  Physical Port  24-Port 10/100/1000Base-T RJ-45 copper  4 100/1000Base-X mini-GBIC/SFP slots , shared with Port-21 to Port-24  RS-232 DB9 console interface for basic management and setup  Layer 2 Features ...
Page 25 User’s Manual of WGSW-24040 / WGSW-24040R Typical network application Strict priority and Weighted Round Robin (WRR) CoS policies   Traffic-policing policies on the switch port  DSCP remarking  Multicast  Supports IGMP Snooping v1, v2 and v3  Support MLD Snooping v1 and v2 ...
Page 26 User’s Manual of WGSW-24040 / WGSW-24040R  Link Layer Discovery Protocol (LLDP) Protocol  Cable Diagnostic technology provides the mechanism to detect and report potential cabling issues  Reset button for system reboot or reset to factory default  PLANET Smart Discovery Utility for deploy management (WGSW-24040R Only) ...
Page 27: Product Specification
User’s Manual of WGSW-24040 / WGSW-24040R 1.5 Product Specification Product WSGW-24040 / WGSW-24040R Hardware Specification Version 2 Hardware Version 24 10/ 100/1000Base-T RJ-45 Auto-MDI/MDI-X ports Copper Ports 4 100/1000Base-X SFP interfaces, shared with Port-21 to Port-24 SFP/mini-GBIC Slots Compatible with 100Base-FX SFP...
Page 28 User’s Manual of WGSW-24040 / WGSW-24040R Q-in-Q tunneling Private VLAN Edge (PVE) MAC-Based VLAN Protocol-Based VLAN Voice VLAN MVR (Multicast VLAN Registration) Up to 255 VLAN groups, out of 4094 VLAN IDs IEEE 802.3ad LACP / Static Trunk Link Aggregation...
Page 29 User’s Manual of WGSW-24040 / WGSW-24040R IEEE 802.1D Spanning tree protocol IEEE 802.1w Rapid spanning tree protocol IEEE 802.1s Multiple spanning tree protocol IEEE 802.1p Class of service IEEE 802.1Q VLAN Tagging IEEE 802.1x Port Authentication Network Control IEEE 802.1ab LLDP...
Page 30: Installation
User’s Manual of WGSW-24040 / WGSW-24040R 2. INSTALLATION This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For easier management and control of the Managed Switch, familiarize yourself with its display indicators, and ports. Front panel illustrations in this chapter display the unit LED indicators.
Page 31: Led Indications
The front panel LEDs indicates instant status of port links, data activity and system power; helps monitor and troubleshoot when needed. Figure 2-3 shows the LED indications of these Managed Switches. WGSW-24040 / 24040R LED indication Figure 2-3 WGSW-24040 / 24040R LED for Front Panel ■ System Color Function Lights to indicate that the Switch has power.
Page 32: Switch Rear Panel
User’s Manual of WGSW-24040 / WGSW-24040R Lights to indicate the port is running in 10/100Mbps speed and successfully established. 10/100 Orange Blink: indicate that the switch is actively sending or receiving data over that port. LNK/ACT ■ Per 100/1000Base-X SFP Interfaces...
Page 33: Install The Switch
User’s Manual of WGSW-24040 / WGSW-24040R ■ DC Power Connector The rear panel of the WGSW-24040R contains a power switch and a DC power connector, which accepts DC power input voltage from -36V to -60V DC. Connect the power cable to the Managed Switch at the input terminal block. The size of the two screws in the terminal block is M3.5.
Page 34: Rack Mounting
User’s Manual of WGSW-24040 / WGSW-24040R Figure 2-7 Place the Managed Switch on the desktop Keep enough ventilation space between the Managed Switch and the surrounding objects. Step3: When choosing a location, please keep in mind the environmental restrictions discussed in Chapter 1, Section 4, and Specification.
Page 35 User’s Manual of WGSW-24040 / WGSW-24040R Figure 2-8 Attach brackets to the Managed Switch. You must use the screws supplied with the mounting brackets. Damage caused to the parts by using incorrect screws would invalidate the warranty. Secure the brackets tightly.
Page 36: Installing The Sfp Transceiver
User’s Manual of WGSW-24040 / WGSW-24040R 2.2.3 Installing the SFP transceiver The sections describe how to insert an SFP transceiver into an SFP slot. The SFP transceivers are hot-pluggable and hot-swappable. You can plug-in and out the transceiver to/from any SFP port without having to power down the Managed Switch.
Page 37 User’s Manual of WGSW-24040 / WGSW-24040R It recommends using PLANET SFP on the Managed Switch. If you insert a SFP transceiver that is not supported, the Managed Switch will not recognize it. Port 22 to Port 24 are shared SFP slot that support Gigabit & Fast Ethernet SFP transceiver.
Page 38: Connecting Dc Power Supply - Wgsw-24040R
User’s Manual of WGSW-24040 / WGSW-24040R Figure 2-11 Pull out the SFP transceiver Never pull out the module without pull the handle or the push bolts on the module. Direct pull out the module with violent could damage the module and SFP module slot of the Managed Switch.
Page 39: Switch Management
User’s Manual of WGSW-24040 / WGSW-24040R 3. SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (workstation or personal computer) and the system.
Page 40: Management Access Overview
User’s Manual of WGSW-24040 / WGSW-24040R 3.2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods:  An administration console  Web browser interface  An external SNMP-based network management application The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use.
Page 41 User’s Manual of WGSW-24040 / WGSW-24040R Figure 3-1 Console management Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal-emulation program (such as HyperTerminal) to the Managed Switch console (serial) port.
Page 42: Web Management
User’s Manual of WGSW-24040 / WGSW-24040R terminal-emulation program for connecting to the terminal serial port. A workstation attachment under UNIX can use an emulator such as TIP. 3.4 Web Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer.
Page 43: Snmp-Based Network Management
User’s Manual of WGSW-24040 / WGSW-24040R Figure 3-4 Web main screen of Managed Switch 3.5 SNMP-Based Network Management You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMPc Network Manager, HP Openview Network Node Management (NNM) or What’s Up Gold. This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string.
Page 44: Web Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 4. WEB CONFIGURATION This section introduces the configuration and functions of the Web-Based management. About Web-based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer.
Page 45 User’s Manual of WGSW-24040 / WGSW-24040R  Logging on the switch Use Internet Explorer 7.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The factory-default IP Address as following: http://192.168.0.100 When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch.
Page 46 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-1-3 Default main page Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides.
Page 47: Main Web Page
User’s Manual of WGSW-24040 / WGSW-24040R 4.1 Main Web Page The SGSW Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s Web browser interface to configure and manage it.
Page 48 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-1-5 Managed Switch Main Functions Menu...
Page 49: System
User’s Manual of WGSW-24040 / WGSW-24040R 4.2 System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the following topics are provided to configure and view the system information: This section has the following items: The switch system information is provided here.
Page 50: System Information
User’s Manual of WGSW-24040 / WGSW-24040R 4.2.1 System Information The System Info page provides information for the current device information. System Info page helps a switch administrator to identify the hardware MAC address, software version and system uptime. The screen in Figure 4-2-1 appears.
Page 51: Ip Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page; any changes made locally will be undone. 4.2.2 IP Configuration The IP Configuration includes the IP Address, Subnet Mask and Gateway. The Configured column is used to view or change the IP configuration.
Page 52: Ipv6 Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  DNS Proxy When DNS proxy is enabled, DUT will relay DNS requests to the current configured DNS server on DUT, and reply as a DNS resolver to the client device on the network.
Page 53: Users Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Prefix Provide the IPv6 Prefix of this switch. The allowed range is 1 through 128.  Router Provide the IPv6 gateway address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:).
Page 54 User’s Manual of WGSW-24040 / WGSW-24040R  User Name The name identifying the user. This is also a link to Add/Edit User.  The privilege level of the user. The allowed range is 1 to 15. If the privilege level Privilege Level value is 15, it can access all groups, i.e.
Page 55: Privilege Levels
User’s Manual of WGSW-24040 / WGSW-24040R privilege should be same or greater than the group privilege level to have the access of that group. By default setting, most groups privilege level 5 has the read-only access and privilege level 10 has the read-write access. And the system maintenance (software upload, factory defaults and etc.) need user...
Page 56 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-7 Privilege Levels Configuration page screenshot The page includes the following fields: Object Description  Group Name The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one.
Page 57: Ntp Configuration
User’s Manual of WGSW-24040 / WGSW-24040R System: Contact, Name, Location, Timezone, Log. Security: Authentication, System Access Management, Port (contains Dot1x port, MAC based and the MAC Address Limit), ACL, HTTPS, SSH, ARP Inspection and IP source guard. IP: Everything except 'ping'.
Page 58: Upnp
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-8 NTP Configuration page screenshot The page includes the following fields: Object Description  Mode Indicates the NTP mode operation. Possible modes are: Enabled: Enable NTP mode operation. When enable NTP mode operation, the agent forward and to transfer NTP messages between the clients and the server when they are not on the same subnet domain.
Page 59 User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  Mode Indicates the UPnP operation mode. Possible modes are: Enabled: Enable UPnP mode operation. Disabled: Disable UPnP mode operation. When the mode is enabled, two ACEs are added automatically to trap UPNP related packets to CPU.
Page 60: Dhcp Relay
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-10 UPnP devices shows on Windows My Network Places 4.2.8 DHCP Relay Configure DHCP Relay on this page. DHCP Relay is used to forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain.
Page 61 User’s Manual of WGSW-24040 / WGSW-24040R The Remote ID is 6 bytes in length, and the value is equal the DHCP relay agent’s MAC address. The DHCP Relay Configuration screen in Figure 4-2-11 appears. Figure 4-2-11 DHCP Relay Configuration page screenshot...
Page 62: Dhcp Relay Statistics
User’s Manual of WGSW-24040 / WGSW-24040R Drop: Drop the package when receive a DHCP message that already contains relay information. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
Page 63: Cpu Load
User’s Manual of WGSW-24040 / WGSW-24040R Client Statistics Object Description  Transmit to Client The packets number that relayed packets from server to client.  Transmit Error The packets number that error sending packets to servers.  Receive from Client The packets number that received packets from server.
Page 64: System Log
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-13 CPU Load page screenshot Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. If your browser can not displies anythings in this page, please download Adobe SVG tool and install it in your computer.
Page 65: Detailed Log
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  ID The ID (>= 1) of the system log entry.  Level The level of the system log entry. The following level types are supported: Info: Information level of the system log.
Page 66: Remote Syslog
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-15 Detailed Log page screenshot The page includes the following fields: Object Description  ID The ID (>= 1) of the system log entry.  Message The message of the system log entry.
Page 67: Smtp Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-16 Remote Syslog page screenshot The page includes the following fields: Object Description  Mode Indicates the server mode operation. When the mode operation is enabled, the syslog message will send out to syslog server. The syslog protocol is based on...
Page 68 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-17 SMTP Configuration page screenshot The page includes the following fields: Object Description  SMTP Mode Controls whether SMTP is enabled on this switch.  SMTP Server Type the SMTP server name or the IP address of the SMTP server.
Page 69: Web Firmware Upgrade
User’s Manual of WGSW-24040 / WGSW-24040R 4.2.15 Web Firmware Upgrade This page facilitates an update of the firmware controlling the switch. The Web Firmware Upgrade screen in Figure 4-2-18 appears. Figure 4-2-18 Web Firmware Upgrade page screenshot To open Firmware Upgrade screen perform the folling: Click System ->...
Page 70: Tftp Firmware Upgrade
User’s Manual of WGSW-24040 / WGSW-24040R 4.2.16 TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server.
Page 71 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-21 Configuration Save page screenshot You can save/view or load the switch configuration. The configuration file is in XML format with a hierarchy of tags: <?xml version="1.0"?> and <configuration>. These tags are mandatory and must be present Header tags: at the beginning of the file.
Page 72: Configuration Upload
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-2-22 File Download screen Chose the file save path in management workstation. Figure 4-2-23 File save screen 4.2.18 Configuration Upload This function allows backup and reload the current configuration of the Managed Switch to the local management station. The...
Page 73 User’s Manual of WGSW-24040 / WGSW-24040R Configuration Upload screen in Figure 4-2-24 appears. Figure 4-2-24 Configuration Upload page screenshot  Configuration Upload Click the “ ” button of the main page, the system would pop up the file selection menu to choose saved configuration.
Page 74: Image Select
User’s Manual of WGSW-24040 / WGSW-24040R 4.2.19 Image Select This page provides information about the active and alternate (backup) firmware images in the device, and allows you to revert to the alternate image. The web page displays two tables with information about the active and alternate firmware images. The...
Page 75: Factory Default
User’s Manual of WGSW-24040 / WGSW-24040R : Cancel activating the backup image. Navigates away from this page. 4.2.20 Factory Default You can reset the configuration of the stack switch on this page. Only the IP configuration is retained. The new configuration is available immediately, which means that no restart is necessary.
Page 76: System Reboot
User’s Manual of WGSW-24040 / WGSW-24040R 4.2.21 System Reboot The Reboot page enables the device to be rebooted from a remote location. Once the Reboot button is pressed, user have to re-login the WEB interface about 60 seconds later, the System Reboot screen in Figure 4-2-28 appears.
Page 77: Simple Network Management Protocol
User’s Manual of WGSW-24040 / WGSW-24040R 4.3 Simple Network Management Protocol 4.3.1 SNMP Overview The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite.
Page 78: Snmp System Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Configure SNMPv3 communities table on this page. SNMPv3 Communities  Configure SNMPv3 users table on this page. SNMPv3 Users  Configure SNMPv3 groups table on this page. SNMPv3 Groups  Configure SNMPv3 views table on this page.
Page 79: Snmp Trap Configuration
User’s Manual of WGSW-24040 / WGSW-24040R The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 33 to 126. The field is applicable only when SNMP version is SNMPv1 or SNMPv2c. If SNMP version is SNMPv3, the community string will be associated with SNMPv3 communities table.
Page 80 User’s Manual of WGSW-24040 / WGSW-24040R SNMP v3: Set SNMP trap supported version 3.  Indicates the community access string when send SNMP trap packet. The Trap Community allowed string length is 0 to 255, and the allowed content is the ASCII characters from 33 to 126.
Page 81: Snmp System Information
User’s Manual of WGSW-24040 / WGSW-24040R string must contain an even number(in hexadecimal format) with number of digits between 10 and 64, but all-zeros and all-'F's are not allowed.  Trap Security Name Indicates the SNMP trap security name. SNMPv3 traps and informs using USM for authentication and privacy.
Page 82: Snmpv3 Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.3.5 SNMPv3 Configuration 4.3.5.1 SNMPv3 Communities Configure SNMPv3 communities table on this page. The entry index key is Community. The SNMPv3 Communities screen in Figure 4-3-4 appears.
Page 83: Snmpv3 Users
User’s Manual of WGSW-24040 / WGSW-24040R 4.3.5.2 SNMPv3 Users Configure SNMPv3 users table on this page. The entry index keys are Engine ID and User Name. The SNMPv3 Users screen in Figure 4-3-5 appears. Figure 4-3-5 SNMPv3 Users Configuration page screenshot...
Page 84: Snmpv3 Groups
User’s Manual of WGSW-24040 / WGSW-24040R protocol. SHA: An optional flag to indicate that this user using SHA authentication protocol. The value of security level cannot be modified if entry already exist. That means must first ensure that the value is set correctly.
Page 85: Snmpv3 Views
User’s Manual of WGSW-24040 / WGSW-24040R Object Description  Check to delete the entry. It will be deleted during the next save. Delete  Indicates the security model that this entry should belong to. Possible security Security Model models are: v1: Reserved for SNMPv1.
Page 86: Snmpv3 Access
User’s Manual of WGSW-24040 / WGSW-24040R string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126.  Indicates the view type that this entry should belong to. Possible view type are: View Type included: An optional flag to indicate that this view subtree should be included.
Page 87 User’s Manual of WGSW-24040 / WGSW-24040R any: Accepted any security model (v1|v2c|usm). v1: Reserved for SNMPv1. v2c: Reserved for SNMPv2c. usm: User-based Security Model (USM)  Indicates the security model that this entry should belong to. Possible security Security Level models are: NoAuth, NoPriv: None authentication and none privacy.
Page 88: Port Management
User’s Manual of WGSW-24040 / WGSW-24040R 4.4 Port Management Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items:  Configures port connection settings Port Configuration  Lists Ethernet and RMON port statistics Port Statistics Overview ...
Page 89 User’s Manual of WGSW-24040 / WGSW-24040R  Provides the current link speed of the port. Current Link Speed  Select any available link speed for the given switch port. Draw the menu bar to Configured Link Speed select the mode.
Page 90: Port Statistics Overview
User’s Manual of WGSW-24040 / WGSW-24040R 4.4.2 Po rt Statistics Overview This page provides an overview of general tra ffic statistics for all switch ports. The Port Statistics Overview screen in Figure 4-4-2 appears. Figure 4-4-2 Port Statistics Overview page screenshot...
Page 91: Port Statistics Detail
User’s Manual of WGSW-24040 / WGSW-24040R 4.4.3 Port Statistics Detail This page provides detailed traffic statistics for a specific s witch port. Use the port select box to select which switch port details to display. The selected port belong to the currently selected stack unit, as reflected by the page header. The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.
Page 92 User’s Manual of WGSW-24040 / WGSW-24040R  The number of received and transmitted (good and bad) broadcast packets. Rx and Tx Broadcast  Rx and Tx Pause A count of the MAC Control frames received or transmitted on this port that have an opcode indicating a PAUSE operation.
Page 93: Sfp Information
User’s Manual of WGSW-24040 / WGSW-24040R Buttons : Click to refresh the page immediately. : Clears the counters for all ports. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. .4.4 SFP Information You can check the physical or op erational status of an SFP module via the SFP Module Information page.
Page 94: Port Mirror
User’s Manual of WGSW-24040 / WGSW-24040R Buttons Auto-refresh : Check this box to ena ble an automatic refresh of the p age at regular intervals. : Click to refresh the page immediately. 4.4.5 Port Mirror Configure p ort Mirroring on this page. This function provide to monitoring network traffic that forwards a copy of each incoming r outgoing packet from one port of a network Switch to another port where the packet can be studied.
Page 95 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-4-6 Mirror Configuration page screenshot The page includes the following fields: Object Description  Port to mirror on Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored to this port. Disabled disables mirroring.
Page 96 User’s Manual of WGSW-24040 / WGSW-24040R For a given port, a frame is onl y transmitted once. It is therefore not possible to mirror Tx frames on the mirror port. Because of this, mode for the selected mirror port is limited to Disabled or Rx only.
Page 97: Link Aggregation
User’s Manual of WGSW-24040 / WGSW-24040R 4.5 Link Aggregation Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Groups (LAGs). Port Aggregation multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy.
Page 98 User’s Manual of WGSW-24040 / WGSW-24040R The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems that require high speed redundant links. Link aggregation lets you group up to eight consecutive ports into a single dedicated connection.
Page 99: Static Aggregation
User’s Manual of WGSW-24040 / WGSW-24040R 4.5.1 Static Aggregation This page is used to configure the Aggregation hash mode and the aggregation group. The aggregation hash mode settings are global, whereas the aggregation group relate to the currently selected stack unit, as reflected by the page header.
Page 100: Lacp Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-5-3 Aggregation Group Configuration page screenshot The page includes the following fields: .Object Description  Indicates the group ID for the settings contained in the same row. Group ID Group ID "Normal" indicates there is no aggregation. Only one group ID is valid per port.
Page 101 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-5-4 LACP Port Configuration page screenshot The page includes the following fields: Object Description  The switch port number. Port  Controls whether LACP is enabled on this switch port. LACP will form an LACP Enabled aggregation when 2 or more ports are connected to the same partner.
Page 102: Lacp System Status
User’s Manual of WGSW-24040 / WGSW-24040R each second, while Passive will wait for a LACP packet from a partner (speak if spoken to).  Timeout The Timeout controls the period between BPDU transmissions. Fast will transmit LACP packets each second, while Slow will wait for 30 seconds before sending a LACP packet.
Page 103: Lacp Port Status
User’s Manual of WGSW-24040 / WGSW-24040R Buttons : Click to refresh the page immediately. Auto-refresh : Automatic refresh occurs every 3 seconds. 4.5.4 LACP Port Status This page provides a status overview for LACP status for all ports. The LACP Port Status screen in Figure 4-5-6 appears.
Page 104: Lacp Port Statistics
User’s Manual of WGSW-24040 / WGSW-24040R  The partner’s System ID (MAC address). Partner System ID  Partner Port The partner’s port number connected to this port.  Partner Priority The partner's port priority. Buttons : Click to refresh the page immediately.
Page 105 User’s Manual of WGSW-24040 / WGSW-24040R  Shows how many unknown or illegal LACP frames have been discarded at each Discarded port. Buttons Auto-refresh : Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately. : Clears the counters for all ports.
Page 106: Vlan
User’s Manual of WGSW-24040 / WGSW-24040R 4.6 VLAN 4.6.1 VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN.
Page 107: Ieee 802.1Q Vlan
User’s Manual of WGSW-24040 / WGSW-24040R Membership 4.6.2 IEEE 802.1Q VLAN In large networks, routers are used to isolate broadcast traffic for each subnet into separate domains. This Managed Switch provides a similar service at Layer 2 by using VLANs to organize any group of network nodes into separate broadcast domains.
Page 108 User’s Manual of WGSW-24040 / WGSW-24040R Some relevant terms: Tagging - The act of putting 802.1Q VLAN information into the header of a packet. Untagging - The act of stripping 802.1Q VLAN information out of the packet header. ■ 802.1Q VLAN Tags The figure below shows the 802.1Q VLAN tag.
Page 109 User’s Manual of WGSW-24040 / WGSW-24040R ■ Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLAN to span network devices (and indeed, the entire network –...
Page 110: Vlan Basic Information
User’s Manual of WGSW-24040 / WGSW-24040R ■ VLAN Classification When the switch receives a frame, it classifies the frame in one of two ways. If the frame is untagged, the switch assigns the frame to an associated VLAN (based on the default VLAN ID of the receiving port). But if the frame is tagged, the switch uses the tagged VLAN ID to identify the port broadcast domain of the frame.
Page 111: Vlan Port Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Current number of Display the current number of VLANs VLANs  VLAN Learning Display the VLAN learning mode. The Managed Switch supports IVL (IVL Independent vlan learning).  Configurable PVID Indicates whether or not configurable PVID tagging is implemented.
Page 112 User’s Manual of WGSW-24040 / WGSW-24040R QinQ tunneling is used to maintain customer-specific VLAN and Layer 2 protocol configurations even when different customers use the same internal VLAN IDs. This is accomplished by inserting Service Provider VLAN (SPVLAN) tags into the customer’s frames when they enter the service provider’s network, and then stripping the tags when the frames leave the network.
Page 113 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-6-2 VLAN Port Configuration page screenshot The page includes the following fields: Object Description  This is the logical port number for this row. Port  PVID Allow assign PVID for selected port. The range for the PVID is 1-4094.
Page 114: Vlan Membership
User’s Manual of WGSW-24040 / WGSW-24040R frames, untagged frames received on the port are discarded. By default, the field is set to All.  Allow 802.1Q Untagged or Tagged VLAN for selected port. Link Type When adding a VLAN to selected port, it tells the switch whether to keep or remove the tag from a frame on egress.
Page 115 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-6-3 appears. Figure 4-6-3 VLAN Membership Configuration page screenshot The page includes the following fields: Object Description  To delete a VLAN entry, check this box. Delete The entry will be deleted on all stack switch units during the next Save.
Page 116: Vlan Membership Status
User’s Manual of WGSW-24040 / WGSW-24040R : Refreshes the displayed table starting from the "VLAN ID" input fields. : Updates the table starting from the first entry in the VLAN Table, i.e. the entry with the lowest VLAN ID. : Updates the table, starting with the entry after the last entry currently displayed.
Page 117: Vlan Port Status
User’s Manual of WGSW-24040 / WGSW-24040R create multiple spanning trees in a network, which significantly improves network resource utilization while maintaining a loop-free environment.  A row of check boxes for each port is displayed for each VLAN ID. Port Members If a port is included in a VLAN, an image will be displayed.
Page 118 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-6-5 VLAN Port Status for Static User page screenshot The page includes the following fields: Object Description  Port The logical port for the settings contained in the same row.  PVID Shows the VLAN identifier for that port. The allowed values are 1 through 4095.
Page 119: Private Vlan
User’s Manual of WGSW-24040 / WGSW-24040R  Conflicts Shows status of Conflicts whether exists or Not. When a Volatile VLAN User requests to set VLAN membership or VLAN port configuration, the following conflicts can occur: Functional Conflicts between feature. Conflicts due to hardware limitation.
Page 120: Port Isolation
User’s Manual of WGSW-24040 / WGSW-24040R Object Description  Delete To delete a private VLAN entry, check this box. The entry will be deleted during the next save.  Private VLAN ID Indicates the ID of this particular private VLAN.
Page 121 User’s Manual of WGSW-24040 / WGSW-24040R For private VLANs to be applied, the switch must first be configured for standard VLAN operation When this is in place, one or more of the configured VLANs can be configured as private VLANs. Ports in a private VLAN fall into one of these two groups: ...
Page 122: Vlan Setting Example
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-6-7 Port Isolation Configuration page screenshot The page includes the following fields: Object Description  Port Members A check box is provided for each port of a private VLAN. When checked, port isolation is enabled on that port. When unchecked, port isolation is disabled on that port.
Page 123 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-6-8 two separate VLAN diagram VLAN Group Untagged Members Tagged Members VLAN Group 1 Port-7 ~ Port-10 VLAN Group 2 Port-1,Port-2 Port-3 VLAN Group 3 Port-4,Port-5 Port-6 Table 4-1 VLAN and Port Configuration The scenario described as follow: ...
Page 124 User’s Manual of WGSW-24040 / WGSW-24040R While [PC-4] transmit an untagged packet enters Port-4, the switch will tag it with a VLAN Tag=3. [PC-5] and [PC-6] will received the packet through Port-5 and Port-6. While the packet leaves Port-5, it will be stripped away it tag becoming an untagged packet.
Page 125: Vlan Trunking Between Two 802.1Q Aware Switch
User’s Manual of WGSW-24040 / WGSW-24040R Assign PVID for each port: Port-1,Port-2 and Port-3 : PVID=2 Port-4,Port-5 and Port-6 : PVID=3 Port-7~Port-10 : PVID=1 Enable VLAN Tag for specific ports Link Type: Port-3 (VLAN-2) and Port-6 (VLAN-3) The Per Port VLAN configuration in Figure 4-6-10 appears.
Page 126 User’s Manual of WGSW-24040 / WGSW-24040R Setup steps Create VLAN Group Set VLAN Group 1 = Default-VLAN with VID (VLAN ID) =1 Add two VLANs – VLAN 2 and VLAN 3 VLAN Group 2 with VID=2 VLAN Group 3 with VID=3...
Page 127: Port Isolate
User’s Manual of WGSW-24040 / WGSW-24040R port configuration. Specify Port-8 to be the 802.1Q VLAN Trunk port. Assign Port-8 to both VLAN 2 and VLAN 3 at the VLAN Member configuration page. Define a VLAN 1 as a “Public Area” that overlapping with both VLAN 2 members and VLAN 3 members.
Page 128 User’s Manual of WGSW-24040 / WGSW-24040R Setup steps Assign Port Mode Set Port-1~Port-4 in Isolate port. Set Port5 and Port-6 in Promiscuous port. The screen in Figure 4-6-15 appears. Figure 4-6-15 The configuration of Isolate and Promiscuous port Assign VLAN Member : VLAN 1 : Port-1,Port-2 ,Port-5 and Port-3 VLAN 2 : Port-3~Port-6.
Page 129: Mac-Based Vlan
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-6-16 Private VLAN port setting 4.6.11 MAC-based VLAN The MAC-based VLAN enties can be configured here. This page allows for adding and deleting MAC-based VLAN entries and assigning the entries to different ports. This page shows only static entries. The MAC-based VLAN screen in Figure 4-6-17 appears.
Page 130: Mac-Based Vlan Status
User’s Manual of WGSW-24040 / WGSW-24040R VLAN ID are 1 through 4095. The MAC-based VLAN entry is enabled when you click on "Save". A MAC-based VLAN without any port members will be deleted when you click "Save". The “Delete” button can be used to undo the addition of new MAC-based VLANs.
Page 131: Ip Subnet-Based Vlan
User’s Manual of WGSW-24040 / WGSW-24040R Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately. 4.6.13 IP Subnet-based VLAN The IP subnet-based VLAN enties can be configured here. This page allows for adding, updating and deleting IP subnet-based VLAN entries and assigning the entries to different ports.
Page 132: Protocol-Based Vlan
User’s Manual of WGSW-24040 / WGSW-24040R entry. Legal values for a VLAN ID are 1 through 4095. The IP subnet-based VLAN entry is enabled when you click on "Save". The “Delete: button can be used to undo the addition of new IP subnet-based VLANs.
Page 133 User’s Manual of WGSW-24040 / WGSW-24040R vary depending on the new frame type you selected.  Value Valid value that can be entered in this text field depends on the option selected from the the preceding Frame Type selection menu.
Page 134: Protocol-Based Vlan Mambership
User’s Manual of WGSW-24040 / WGSW-24040R 4.6.15 Protocol-based VLAN Mambership This page allows you to map a already configured Group Name to a VLAN for the switch. The Group Name to VLAN Mapping Table screen in Figure 4-6-21 appears. Figure 4-6-21 Group Name to VLAN Mapping Table page screenshot...
Page 135 User’s Manual of WGSW-24040 / WGSW-24040R : Click to undo any changes made locally and revert to previously saved values. Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately.
Page 136: Spanning Tree Protocol
User’s Manual of WGSW-24040 / WGSW-24040R 4.7 Spanning Tree Protocol 4.7.1 Theory The Spanning Tree protocol can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 137 User’s Manual of WGSW-24040 / WGSW-24040R The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on which the packet is transmitted will receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission.
Page 138 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-7-1 STP Port State Transitions You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.
Page 139 User’s Manual of WGSW-24040 / WGSW-24040R Parameter Description Default Value A combination of the User-set priority and 32768 + MAC Bridge Identifier(Not user the switch’s MAC address. configurable The Bridge Identifier consists of two parts: except by setting priority a 16-bit priority and a 48-bit Ethernet MAC...
Page 140 User’s Manual of WGSW-24040 / WGSW-24040R User-Changeable STA Parameters The Switch’s factory default setting should cover the majority of installations. However, it is advisable to keep the default settings as set at the factory; unless, it is absolutely necessary. The user changeable parameters in the Switch are as follows: Priority –...
Page 141 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-7-5 Before Applying the STA Rules In this example, only the default STP values are used. Figure 4-7-6 After Applying the STA Rules...
Page 142: Stp System Configuration
User’s Manual of WGSW-24040 / WGSW-24040R The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two (optional) Gigabit ports (default port cost = 20,000) on switch A are connected to one (optional) Gigabit port on both switch B and C.
Page 143 User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Basic Settings Object Description  The STP protocol version setting. Valid values are STP, RSTP and MSTP. Protocol Version  Bridge Priority Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.
Page 144: Bridge Status
User’s Manual of WGSW-24040 / WGSW-24040R re-enabled for normal STP operation. The condition is also cleared by a system reboot.  The time that has to pass before a port in the error-disabled state can be Port Error Recovery enabled. Valid values are between 30 and 86400 seconds (24 hours).
Page 145: Cist Port Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Topology Flag The current state of the Topology Change Flag for this Bridge instance.  Topology Change Last The time since last Topology Change occurred. Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 146 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-7-9 STP CIST Port Configuration page screenshot The page includes the following fields: Object Description  The switch port number of the logical STP port. Port  Controls whether RSTP is enabled on this switch port.
Page 147 User’s Manual of WGSW-24040 / WGSW-24040R A port entering error-disabled state due to this setting is subject to the bridge Port Error Recovery setting as well.  Point-to-point Controls whether the port connects to a point-to-point LAN rather than a shared medium.
Page 148: Msti Priorities
User’s Manual of WGSW-24040 / WGSW-24040R Trunk 50,000 Full Duplex 10,000 Gigabit Ethernet Trunk 5,000 Table 4-7-3 Default STP Path Costs 4.7.5 MSTI Priorities This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well.
Page 149: Msti Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 4.7.6 MSTI Configuration This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well. The MSTI Configuration screen in Figure 4-7-11 appears. Figure 4-7-11 MSTI Configuration page screenshot...
Page 150: Msti Ports Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Configuration Name The name identifiying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's. (Intra-region). The name is at most 32 characters.
Page 151 User’s Manual of WGSW-24040 / WGSW-24040R MSTI Port Configuration Object Description  Select MSTI Select the bridge instance and set more detail configuration. Figure 4-7-13 MST1 MSTI Port Configuration page screenshot The page includes the following fields: MSTx MSTI Port Configuration...
Page 152: Port Status
User’s Manual of WGSW-24040 / WGSW-24040R  Port The switch port number of the corresponding STP CIST (and MSTI) port.  Path Cost Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.
Page 153: Port Statistics
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  The switch port number of the logical STP port. Port  The current STP port role of the ICST port. The port role can be one of the...
Page 154 User’s Manual of WGSW-24040 / WGSW-24040R  MSTP The number of MSTP Configuration BPDU's received/transmitted on the port.  The number of RSTP Configuration BPDU's received/transmitted on the port. RSTP  The number of legacy STP Configuration BPDU's received/transmitted on the port.
Page 155: Multicast
User’s Manual of WGSW-24040 / WGSW-24040R 4.8 Multicast 4.8.1 IGMP Snooping The Internet Group Management Protocol (IGMP) lets host and routers share information about multicast groups memberships. IGMP snooping is a switch feature that monitors the exchange of IGMP messages and copies them to the CPU for feature processing.
Page 156 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-8-2 Multicast flooding Figure 4-8-3 IGMP Snooping multicast stream control...
Page 157 User’s Manual of WGSW-24040 / WGSW-24040R IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group.
Page 158: Igmp Snooping Configuration
User’s Manual of WGSW-24040 / WGSW-24040R message, and query messages that are specific to a given group. The states a computer will go through to join or to leave a multicast group are shown below: Figure 4-8-4 IGMP State Transitions ...
Page 159 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-8-5 IGMP Snooping Configuration page screenshot The page includes the following fields: Object Description  Enable the Global IGMP Snooping. Snooping Enabled  Enable unregistered IPMCv4 traffic flooding. Unregistered IPMCv4 The flooding control takes effect only when IGMP Snooping is enabled.
Page 160: Igmp Snooping Vlan Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Proxy Enable Enable IGMP Proxy. This feature can be used to avoid forwarding unnecessary join and leave messages to the router side.  Router Port Specify which ports act as IGMP router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier.
Page 161 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-8-6 IGMP Snooping VLAN Configuration page screenshot The page includes the following fields: Object Description  The VLAN ID of the entry. VLAN ID  IGMP Snooping Enable Enable the per-VLAN IGMP Snooping. Only up to 64 VLANs can be selected.
Page 162: Igmp Snooping Port Group Filtering
User’s Manual of WGSW-24040 / WGSW-24040R : Refreshes the displayed table starting from the "VLAN" input fields. : Updates the table starting from the first entry in the VLAN Table, i.e. the entry with the lowest VLAN ID. : Updates the table, starting with the entry after the last entry currently displayed.
Page 163: Igmp Snooping Status
User’s Manual of WGSW-24040 / WGSW-24040R  Filtering Group The IP Multicast Group that will be filtered.  Add New Filtering Click “Add New Filtering Group” to add a new entry to the Group Filtering table. Specify the Port, and Filtering Group of the new entry. Click "Save".
Page 164: Igmp Group Information
User’s Manual of WGSW-24040 / WGSW-24040R Object Description  The VLAN ID of the entry. VLAN ID  Working Querier Version currently. Querier Version  Working Host Version currently. Host Version  Show the Querier status is "ACTIVE" or "IDLE".
Page 165: Igmpv3 Information
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-8-9 IGMP Snooping Groups Information page screenshot The page includes the following fields: Object Description  VLAN ID of the group. VLAN ID  Groups Group address of the group displayed.  Port Members Ports under this group.
Page 166: Mld Snooping Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-8-10 IGMP SSM Information page screenshot The page includes the following fields: Object Description  VLAN ID VLAN ID of the group.  Group Group address of the group displayed.  Port Switch port number.
Page 167 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-8-11 MLD Snooping Configuration page screenshot The page includes the following fields: Object Description  Enable the Global MLD Snooping. Snooping Enabled  Enable unregistered IPMCv6 traffic flooding. Unregistered IPMCv6 The flooding control takes effect only when MLD Snooping is enabled.
Page 168: Mld Snooping Vlan Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Leave Proxy Enable Enable MLD Leave Proxy. This feature can be used to avoid forwarding unnecessary leave messages to the router side.  Proxy Enable Enable MLD Proxy. This feature can be used to avoid forwarding unnecessary join and leave messages to the router side.
Page 169 User’s Manual of WGSW-24040 / WGSW-24040R  The VLAN ID of the entry. VLAN ID  MLD Snooping Enable Enable the per-VLAN MLD Snooping. Only up to 32 VLANs can be selected.  MLD Querier Enable the MLD Querier in the VLAN.
Page 170: Mld Snooping Port Group Filtering
User’s Manual of WGSW-24040 / WGSW-24040R 4.8.10 MLD Snooping Port Group Filtering In certain switch applications, the administrator may want to control the multicast services that are available to end users. For example, an IP/TV service based on a specific subscription plan. The MLD filtering feature fulfills this requirement by restricting access to specified multicast services on a switch port, and MLD throttling limits the number of simultaneous multicast groups a port can join.
Page 171: Mld Snooping Status
User’s Manual of WGSW-24040 / WGSW-24040R 4.8.11 MLD Snooping Status This page provides MLD Snooping status. The IGMP Snooping Status screen in Figure 4-8-14 appears. Figure 4-8-14 MLD Snooping Status page screenshot The page includes the following fields: Object Description ...
Page 172: Mld Group Information
User’s Manual of WGSW-24040 / WGSW-24040R  V2 Reports Received The number of Received V2 Reports.  V1 Leave Received The number of Received V1 Leaves.  Router Port Display which ports act as router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier.
Page 173: Mldv2 Information
User’s Manual of WGSW-24040 / WGSW-24040R  Groups Group address of the group displayed.  Port Members Ports under this group. Buttons Auto-refresh : Automatic refresh occurs every 3 seconds. : Click to refresh the page immediately. : Updates the table, starting with the first entry in the IGMP Group Table.
Page 174: Mvr
User’s Manual of WGSW-24040 / WGSW-24040R  Port Switch port number.  Indicates the filtering mode maintained per (VLAN ID, port number, Group Mode Address) basis. It can be either Include or Exclude.  Source Address IP Address of the source. Currently, system limits the total number of IP source addresses for filtering to be 128.
Page 175 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-8-17 MVR Configuration page screenshot The page includes the following fields: Object Description  MVR Mode Enable/Disable the Global MVR. The Unregistered Flooding control depends on the current configuration in IGMP/MLD Snooping. It is suggested to enable Unregistered Flooding control when the MVR group...
Page 176 User’s Manual of WGSW-24040 / WGSW-24040R table is full.  Delete Check to delete the entry. The designated entry will be deleted during the next save.  MVR VID Specify the Multicast VLAN ID. Be Caution: MVR source ports are not recommended to be overlapped with management VLAN ports.
Page 177: Mvr Status
User’s Manual of WGSW-24040 / WGSW-24040R I indicates Inactive; S indicates Source; R indicates Receiver The default Role is Inactive.  Immediate Leave Enable the fast leave on the port. Buttons : Click to add new MVR VLAN. Specify the VID and configure the new entry. Click "Save"...
Page 178: Mvr Groups Information
User’s Manual of WGSW-24040 / WGSW-24040R : Click to refresh the page immediately. : Clears all Statistics counters. Auto-refresh : Automatic refresh occurs every 3 seconds. 4.8.16 MVR Groups Information Entries in the MVR Group Table are shown on this page. The MVR Group Table is sorted first by VLAN ID, and then by group.
Page 179: Mvr Sfm Information
User’s Manual of WGSW-24040 / WGSW-24040R : Updates the table, starting with the entry after the last entry currently displayed. 4.8.17 MVR SFM Information Entries in the MVR SFM Information Table are shown on this page. The MVR SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information.
Page 180 User’s Manual of WGSW-24040 / WGSW-24040R : Refreshes the displayed table starting from the input fields. : Updates the table starting from the first entry in the MVR SFM Information Table. : Updates the table, starting with the entry after the last entry currently displayed.
Page 181: Quality Of Service
User’s Manual of WGSW-24040 / WGSW-24040R 4.9 Quality of Service 4.9.1 Understand QOS Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic. QoS enables you to assign various grades of network service to different types of traffic, such as multi-media, video, protocol-specific, time critical, and file-backup traffic.
Page 182: Port Policing
User’s Manual of WGSW-24040 / WGSW-24040R 4.9.2 Port Policing This page allows you to configure the Policer settings for all switch ports. The Port Policing screen in Figure 4-9-1 appears. Figure 4-9-1 QoS Ingress Port Policers page screenshot The page includes the following fields:...
Page 183: Port Classification
User’s Manual of WGSW-24040 / WGSW-24040R Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.9.3 Port Classification This page allows you to configure the basic QoS Ingress Classification settings for all switch ports. The Port Classification...
Page 184: Port Scheduler
User’s Manual of WGSW-24040 / WGSW-24040R A QoS class of 0 (zero) has the lowest priority. Note: If the QoS class has been dynamically changed, then the actual QoS class is shown in parentheses after the configured QoS class.  DP Level Controls the default Drop Precedence Level, i.e., the DP level for frames not...
Page 185: Port Shaping
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-4 QoS Egress Port Schedule page screenshot The page includes the following fields: Object Description  Port The logical port for the settings contained in the same row. Click on the port number in order to configure the schedulers.
Page 186: Qos Egress Port Schedule And Shapers
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-5 QoS Egress Port Shapers page screenshot The page includes the following fields: Object Description  Port The logical port for the settings contained in the same row. Click on the port number in order to configure the shapers.
Page 187 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-6 QoS Egress Port Schedule and Shapers page screenshot The page includes the following fields: Object Description  Schedule Mode Controls whether the scheduler mode is "Strict Priority" or "Weighted" on this switch port.
Page 188: Port Tag Remarking
User’s Manual of WGSW-24040 / WGSW-24040R restricted to 100-1000000 when the "Unit" is "kbps", and it is restricted to 1-13200 when the "Unit" is "Mbps".  Controls the unit of measure for the port shaper rate as "kbps" or "Mbps". The Port Shaper Unit default value is "kbps".
Page 189: Qos Egress Port Tag Remarking
User’s Manual of WGSW-24040 / WGSW-24040R  Shows the tag remarking mode for this port. Mode Classified: Use classified PCP/DEI values. Default: Use default PCP/DEI values. Mapped: Use mapped versions of QoS class and DP level. 4.9.6.1 QoS Egress Port Tag Remarking The QoS Egress Port Tag Remarking for a specific port are configured on this page.
Page 190: Port Dscp
User’s Manual of WGSW-24040 / WGSW-24040R : Click to undo any changes made locally and return to the previous page. 4.9.7 Port DSCP This page allows you to configure the basic QoS Port DSCP Configuration settings for all switch ports. The Port DSCP screen in Figure 4-9-9 appears.
Page 191: Dscp-Based Qos
User’s Manual of WGSW-24040 / WGSW-24040R  Translate  Classify  Translate To Enable the Ingress Translation click the checkbox.  Classify Classification for a port have 4 different values.  Disable: No Ingress DSCP Classification.  DSCP=0: Classify if incoming (or translated if enabled) DSCP is 0.
Page 192 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-10 DSCP-Based QoS Ingress Classification page screenshot The page includes the following fields: Object Description  DSCP Maximum number of support ed DSCP values are 64.  Trust Controls whether a specific DSCP value is trusted. Only frames with trusted DSCP values are mapped to a specific QoS class and Drop Precedence Level.
Page 193: Dscp Translation
User’s Manual of WGSW-24040 / WGSW-24040R  QoS Class QoS Class value can be any of (0-7)  Drop Precedence Level (0-1) Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
Page 194: Dscp Classification
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  DSCP Maximum number of supported DSCP values are 64 and valid DSCP value ranges from 0 to 63.  Ingress Ingress side DSCP can be first translated to new DSCP before using the DSCP for QoS class and DPL map.
Page 195: Qos Control List
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-12 DSCP Classification page screenshot The page includes the following fields: Object Description  QoS Class Available QoS Class value ranges from 0 to 7. QoS Class (0-7) can be mapped to followed parameters.
Page 196 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-13 QoS Control List Configuration page screenshot The page includes the following fields: Object Description  Indicates the index of QCE. QCE#  Port Indicates the list of ports configured with the QCE.
Page 197: Qos Control Entry Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Class: Classified QoS class. DPL: Classified Drop Precedence Level. DSCP: Classified DSCP value.  You can modify each QCE in the table using the following buttons: Modification Buttons : Inserts a new QCE before the current row.
Page 198 User’s Manual of WGSW-24040 / WGSW-24040R  Key configuration are discribed as below: Key Parameters Tag Value of Tag field can be 'Any', 'Untag' or 'Tag' VID Valid value of VLAN ID can be any value in the range 1-4095 or 'Any'; user...
Page 199: Qos Status
User’s Manual of WGSW-24040 / WGSW-24040R Sport Source TCP/UDP port:(0-65535) or 'Any', specific or port range applicable for IP protocol UDP/TCP Dport Destination TCP/UDP port:(0-65535) or 'Any', specific or port range applicable for IP protocol UDP/TCP  IPv6 Protocol IP protocol number: (0-255, TCP or UDP) or 'Any' Source IP IPv6 source address: (a.b.c.d) or 'Any', 32 LS bits...
Page 200 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-15 QoS Control List Status page screenshot The page includes the following fields: Object Description  User Indicates the QCL user.  Indicates the index of QCE. QCE#  Indicates the type of frame to look for incomming frames. Possible frame types...
Page 201: Storm Control Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 4.9.13 Storm Control Configuration Storm control for the switch is configured on this page. There is a unicast storm rate control, multicast storm rate control, and a broadcast storm rate control. These only affect flooded frames, i.e.
Page 202: Voice Vlan Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-18 Queuing Counters page screenshot The page includes the following fields: Object Description  The logical port for the settings contained in the same row. Port  There are 8 QoS queues per port. Q0 is the lowest priority queue.
Page 203 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-19 Voice VLAN Configuration page screenshot The page includes the following fields: Object Description  Mode Indicates the Voice VLAN mode operation. We must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter. Possible modes are: Enabled: Enable Voice VLAN mode operation.
Page 204: Voice Vlan Oui Table
User’s Manual of WGSW-24040 / WGSW-24040R cannot equal each port PVID. It is conflict configuration if the value equal management VID, MVR VID, PVID etc. The allowed range is 1 to 4095.  Age Time Indicates the Voice VLAN secure learning age time. The allowed range is 10 to 10000000 seconds.
Page 205 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-9-20 Voice VLAN OUI Table page screenshot The page includes the following fields: Object Description  Delete Check to delete the entry. It will be deleted during the next save.  Telephony OUI An telephony OUI address is a globally unique identifier assigned to a vendor by IEEE.
Page 206: Access Control Lists
User’s Manual of WGSW-24040 / WGSW-24040R 4.10 Access Control Lists ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual users or groups permitted or denied to specific traffic objects, such as a process or a program.
Page 207: Access Control List Configuration
User’s Manual of WGSW-24040 / WGSW-24040R based ACE will not get matched by IP and ARP frames. ARP: The ACE will match ARP/RARP frames. IPv4: The ACE will match all IPv4 frames. IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol.
Page 208 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-10-2 Access Control List Configuration page screenshot The page includes the following fields: Object Description  Ingress Port Indicates the ingress port of the ACE. Possible values are: All: The ACE will match all ingress port.
Page 209: Ace Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Modification Buttons You can modify each ACE (Access Control Entry) in the table using the following buttons: : Inserts a new ACE before the current row. : Edits the ACE row. : Moves the ACE up the list.
Page 210 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-10-3 ACE Configuration page screenshot The page includes the following fields: Object Description  Select the ingress port for which this ACE applies. Ingress Port Any: The ACE applies to any port. Port n: The ACE applies to this port number, where n is the number of the switch port.
Page 211 User’s Manual of WGSW-24040 / WGSW-24040R IPv4: Only IPv4 frames can match this ACE. Notice the IPv4 frames won't match the ACE with ethernet type. IPv6: Only IPv6 frames can match this ACE. Notice the IPv6 frames won't match the ACE with ehternet type.
Page 212 User’s Manual of WGSW-24040 / WGSW-24040R MC: Frame must be multicast. BC: Frame must be broadcast. UC: Frame must be unicast. Specific: If you want to filter a specific destination MAC address with this ACE, choose this value. A field for entering a DMAC value appears.
Page 213 User’s Manual of WGSW-24040 / WGSW-24040R Any: No ARP/RARP OP flag is specified. (OP is "don't-care".) Request: Frame must have ARP Request or RARP Request OP flag set. Reply: Frame must have ARP Reply or RARP Reply OP flag. ...
Page 214 User’s Manual of WGSW-24040 / WGSW-24040R Any: Any value is allowed ("don't-care").  IP Specify whether frames can hit the action according to their ARP/RARP hardware address space (HRD) settings. 0: ARP/RARP frames where the HLD is equal to Ethernet (1).
Page 215 User’s Manual of WGSW-24040 / WGSW-24040R than zero must not be able to match this entry. Yes: IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry.
Page 216 User’s Manual of WGSW-24040 / WGSW-24040R ICMP value.  Specify the ICMP code filter for this ACE. ICMP Code Filter Any: No ICMP code filter is specified (ICMP code filter status is "don't-care"). Specific: If you want to filter a specific ICMP code filter with this ACE, you can enter a specific ICMP code value.
Page 217 User’s Manual of WGSW-24040 / WGSW-24040R that hits this ACE matches this TCP/UDP destination value.  TCP/UDP Destination When "Range" is selected for the TCP/UDP destination filter, you can enter a specific TCP/UDP destination range value. The allowed range is 0 to 65535. A Range frame that hits this ACE matches this TCP/UDP destination value.
Page 218: Acl Ports Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 0x800(IPv4), 0x806(ARP) and 0x86DD(IPv6). A frame that hits this ACE matches this EtherType value. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
Page 219 User’s Manual of WGSW-24040 / WGSW-24040R  The logical port for the settings contained in the same row. Port  Select the policy to apply to this port. The allowed values are 0 through 255. The Policy ID default value is 0.
Page 220: Acl Rate Limiter Configuration
User’s Manual of WGSW-24040 / WGSW-24040R : Click to clear the counters. 4.10.5 ACL Rate Limiter Configuration Configure the rate limiter for the ACL of the switch. The ACL Rate Limiter Configuration screen in Figure 4-10-5 appears. Figure 4-10-5 ACL Rate Limiter Configuration page screenshot...
Page 221 User’s Manual of WGSW-24040 / WGSW-24040R Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
Page 222: Authentication
User’s Manual of WGSW-24040 / WGSW-24040R 4.11 Authentication This section is to control the access of the Managed Switch, includes the user access and management control. The Authentication section contains links to the following main topics:  IEEE 802.1X Port-Based Network Access Control ...
Page 223: Understanding Ieee 802.1X Port-Based Authentication
User’s Manual of WGSW-24040 / WGSW-24040R to authenticate. The disadvantage is that MAC addresses can be spoofed by malicious users, equipment whose MAC address is a valid RADIUS user can be used by anyone, and only the MD5-Challenge method is supported.
Page 224 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-11-1 Client—the device (workstation) that requests access to the LAN and switch services and responds to requests from  the switch. The workstation must be running 802.1X-compliant client software such as that offered in the Microsoft Windows XP operating system.
Page 225 User’s Manual of WGSW-24040 / WGSW-24040R authentication server must support EAP within the native frame format. When the switch receives frames from the authentication server, the server's frame header is removed, leaving the EAP frame, which is then encapsulated for Ethernet and sent to the client.
Page 226: Authentication Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state. While in this state, the port disallows all ingress and egress traffic except for 802.1X protocol packets. When a client is successfully authenticated, the port transitions to the authorized state, allowing all traffic for the client to flow normally.
Page 227: Network Access Server Configuration
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  Client The management client for which the configuration below applies.  Authentication Method Authentication Method can be set to one of the following values: None: authentication is disabled and login is not possible.
Page 228 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-11-4 Network Access Server Configuration page screenshot The page includes the following fields: System Configuration Object Description  Mode Indicates if NAS is globally enabled or disabled on the switch. If globally disabled,...
Page 229 User’s Manual of WGSW-24040 / WGSW-24040R all ports are allowed forwarding of frames.  Reauthentication If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period. Reauthentication for Enabled 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached.
Page 230 User’s Manual of WGSW-24040 / WGSW-24040R MAC-Based Auth. If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the "Configuration→Security→AAA" page) - the client is put on hold in the Unauthorized state.
Page 231 User’s Manual of WGSW-24040 / WGSW-24040R Valid values are in the range [1; 4095].  Max. Reauth. Count The number of times that the switch transmits an EAPOL Request Identity frame without response before considering entering the Guest VLAN is adjusted with this setting.
Page 232 User’s Manual of WGSW-24040 / WGSW-24040R between the supplicant and the authentication server. Frames sent between the supplicant and the switch are special 802.1X frames, known as EAPOL (EAP Over LANs) frames. EAPOL frames encapsulate EAP PDUs (RFC3748). Frames sent between the switch and the RADIUS server are RADIUS packets. RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch's IP address, name, and the supplicant's port number on the switch.
Page 233 User’s Manual of WGSW-24040 / WGSW-24040R comes up will be the first one considered. If that supplicant doesn't provide valid credentials within a certain amount of time, another supplicant will get a chance. Once a supplicant is successfully authenticated, only that supplicant will be allowed access.
Page 234 User’s Manual of WGSW-24040 / WGSW-24040R authentication, and therefore, MAC-based Authentication has nothing to do with the 802.1X standard. The advantage of MAC-based authentication over port-based 802.1X is that several clients can be connected to the same port (e.g. through a 3rd party switch or a hub) and still require individual authentication, and that the clients don't need special supplicant software to authenticate.
Page 235 User’s Manual of WGSW-24040 / WGSW-24040R changed to this VLAN ID, the port will be set to be a member of that VLAN ID, and the port will be forced into VLAN unaware mode. Once assigned, all traffic arriving on the port will be classified and switched on the RADIUS-assigned VLAN ID.
Page 236 User’s Manual of WGSW-24040 / WGSW-24040R Membership and VLAN Port" pages. These pages show which modules have (temporarily) overridden the current Port VLAN configuration. Guest VLAN Operation: When a Guest VLAN enabled port's link comes up, the switch starts transmitting EAPOL Request Identity frames.
Page 237: Network Access Overview
User’s Manual of WGSW-24040 / WGSW-24040R the port runs out (EAPOL-based authentication). For MAC-based authentication, reauthentication will be attempted immediately. The button only has effect for successfully authenticated clients on the port and will not cause the clients to get temporarily unauthorized.
Page 238: Network Access Statistics
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  Port The switch port number. Click to navigate to detailed NAS statistics for this port.  Admin State The port's current administrative state. Refer to NAS Admin State for a description of possible values.
Page 239 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-11-6 Network Access Statistics page screenshot The page includes the following fields: Port State Object Description  Admin State The port's current administrative state. Refer to NAS Admin State for a description of possible values.
Page 240 User’s Manual of WGSW-24040 / WGSW-24040R Direction Name IEEE Name Description dot1xAuthEapolFrames The number of valid EAPOL Total frames of any type that have been received by the switch. dot1xAuthEapolRespId The number of valid EAPOL Response ID FramesRx Response Identity frames that have been received by the switch.
Page 241 User’s Manual of WGSW-24040 / WGSW-24040R have been transmitted by the switch. dot1xAuthEapolReqFra The number of valid EAPOL Requests mesTx Request frames (other than Request Identity frames) that have been transmitted by the switch.  Backend Server These backend (RADIUS) frame counters are available for the following administrative...
Page 242 User’s Manual of WGSW-24040 / WGSW-24040R Not applicable. dot1xAuthBackendAuth Auth. 802.1X- and MAC-based: Successes Counts the number of times Successes that the switch receives a success indication. Indicates that the supplicant/client has successfully authenticated to the backend server. dot1xAuthBackendAuth Auth.
Page 243 User’s Manual of WGSW-24040 / WGSW-24040R  Last Supplicant/Client Information about the last supplicant/client that attempted to authenticate. This Info information is available for the following administrative states: Port-based 802.1X Single 802.1X Multi 802.1X MAC-based Auth. Name IEEE Name Description dot1xAuthLastEapolF The MAC address of the last supplicant/client.
Page 244 User’s Manual of WGSW-24040 / WGSW-24040R Object Description  Identity Shows the identity of the supplicant, as received in the Response Identity EAPOL frame. Clicking the link causes the supplicant's EAPOL and Backend Server counters to be shown in the Selected Counters table. If no supplicants are attached, it shows No supplicants attached.
Page 245: Authentication Server Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Click to clear only the currently selected client's counters. 4.11.6 Authentication Server Configuration This page allows you to configure the Authentication Servers. The Authentication Server Configuration screen in Figure 4-11-7 appears. Figure 4-11-7 Authentication Server Configuration page screenshot...
Page 246 User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Port State These setting are common for all of the Authentication Servers. Object Description  Timeout The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server.
Page 247 User’s Manual of WGSW-24040 / WGSW-24040R RADIUS Accounting Server Configuration The table has one row for each RADIUS Accounting Server and a number of columns, which are: Object Description  # The RADIUS Accounting Server number for which the configuration below applies.
Page 248: Radius Overview
User’s Manual of WGSW-24040 / WGSW-24040R 4.11.7 RADIUS Overview This page provides an overview of the status of the RADIUS servers configurable on the Authentication configuration page. The RADIUS Authentication/Accounting Server Overview screen in Figure 4-11-8 appears. Figure 4-11-8 RADIUS Authentication/Accounting Server Overview page screenshot...
Page 249: Radius Details
User’s Manual of WGSW-24040 / WGSW-24040R RADIUS Accounting Servers Object Description  # The RADIUS server number. Click to navigate to detailed statistics for this server.  IP Address The IP address and UDP port number (in <IP Address>:<UDP Port> notation) of this server.
Page 250 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-11-9 RADIUS Authentication/Accounting for Server Overview page screenshot The page includes the following fields: RADIUS Authentication Servers The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB. Use the server select box to switch between the backend servers to show details for.
Page 251 User’s Manual of WGSW-24040 / WGSW-24040R radiusAuthClientExtA The number of RADIUS Access Rejects ccessRejects Access-Reject packets (valid or invalid) received from the server. radiusAuthClientExtA The number of RADIUS Access ccessChallenges Access-Challenge packets Challenges (valid or invalid) received from the server.
Page 252 User’s Manual of WGSW-24040 / WGSW-24040R radiusAuthClientExtA The number of RADIUS Access ccessRequests Access-Request packets sent Requests to the server. This does not include retransmissions. radiusAuthClientExtA The number of RADIUS Access ccessRetransmission Access-Request packets Retransmissio retransmitted to the RADIUS authentication server.
Page 253 User’s Manual of WGSW-24040 / WGSW-24040R Shows the state of the server. It takes one of the State following values: Disabled: The selected server is disabled. Not Ready: The server is enabled, but IP communication is not yet up and running.
Page 254 User’s Manual of WGSW-24040 / WGSW-24040R packets include packets with an invalid length. Bad authenticators or or unknown types are not included as malformed access responses. radiusAcctClientExt The number of RADIUS BadAuthenticators packets containing invalid Authenticators authenticators received from the server.
Page 255 User’s Manual of WGSW-24040 / WGSW-24040R timeout, the client may retry to the same server, send to a different server, or give up. A retry to the same server is counted as a retransmit as well as a timeout. A send to a different server is counted as a Request as well as a timeout.
Page 256: Windows Platform Radius Server Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Click to refresh the page immediately. : Clears the counters for the selected server. The "Pending Requests" counter will not be cleared by this operation.
Page 257 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-11-11 Windows Server – add new RADIUS client setting Assign the client IP address to the Managed switch Figure 4-11-12 Windows Server RADIUS Server setting...
Page 258 User’s Manual of WGSW-24040 / WGSW-24040R The shared secret key should be as same as the key configured on the Managed Switch. Figure 4-11-13 Windows Server RADIUS Server setting Configure ports attribute of 802.1X, the same as “802.1X Port Configuration”.
Page 259 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-11-15 Windows 2003 AD server setting path Enter ” Active Directory Users and Computers”, create legal user data, the next, right-click a user what you created to enter properties, and what to be noticed:...
Page 260 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-11-16 Add User Properties screen Figure 4-11-17 Add User Properties screen Set the Ports Authenticate Status to “Force Authorized” if the port is connected to the RADIUS server or the port is a uplink port that is connected to another switch. Or once the 802.1X stat to...
Page 261: Client Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 4.11.10 802.1X Client Configuration Windows XP is originally 802.1X support. As to other operating systems (windows 98SE, ME, 2000), an 802.1X client utility is needed. The following procedures show how to configure 802.1X Authentication in Windows XP.
Page 262 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-11-19 Click “OK”. When client has associated with the Managed Switch, a user authentication notice appears in system tray. Click on the notice to continue. Figure 4-11-20 Windows client popup login request message...
Page 263 User’s Manual of WGSW-24040 / WGSW-24040R Enter the user name, password and the logon domain that your account belongs. 10. Click “OK” to complete the validation process. Figure 4-11-21...
Page 264: Security
User’s Manual of WGSW-24040 / WGSW-24040R 4.12 Security This section is to control the access of the Managed Switch, includes the user access and management control. The Security page contains links to the following main topics:  Port Limit Control ...
Page 265 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-12-1 Port Limit Control Configuration Overview page screenshot The page includes the following fields: System Configuration Object Description  Mode Indicates if Limit Control is globally enabled or disabled on the switchstack. If...
Page 266 User’s Manual of WGSW-24040 / WGSW-24040R limit checks and corresponding actions are disabled.  Aging Enabled If checked, secured MAC addresses are subject to aging as discussed under Aging Period.  Aging Period If Aging Enabled is checked, then the aging period is controlled with this input. If other modules are using the underlying port security for securing MAC addresses, they may have other requirements to the aging period.
Page 267 User’s Manual of WGSW-24040 / WGSW-24040R maximum cannot be granted, if the remaining ports have already used all available MAC addresses.  Action If Limit is reached, the switch can take one of the following actions: None: Do not allow more than Limit MAC addresses on the port, but take no further action.
Page 268: Access Management
User’s Manual of WGSW-24040 / WGSW-24040R 4.12.2 Access Management Configure access management table on this page. The maximum entry number is 16. If the application's type match any one of the access management entries, it will allow access to the switch. The Access Management Configuration screen in...
Page 269: Access Management Statistics
User’s Manual of WGSW-24040 / WGSW-24040R 4.12.3 Access Management Statistics This page provides statistics for access management. The Access Management Statistics screen in Figure 4-12-3 appears. Figure 4-12-3 Access Management Statistics Overview page screenshot The page includes the following fields:...
Page 270: Ssh
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  Mode Indicates the HTTPS mode operation. When the current connection is HTTPS, to apply HTTPS disabled mode operation will automatically redirect web browser to an HTTP connection. Possible modes are: ...
Page 271 User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  Mode Indicates the SSH mode operation. Possible modes are:  Enabled: Enable SSH mode operation.  Disabled: Disable SSH mode operation. Buttons : Click to save changes.
Page 272: Port Security Status
User’s Manual of WGSW-24040 / WGSW-24040R 4.12.6 Port Security Status This page shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
Page 273 User’s Manual of WGSW-24040 / WGSW-24040R Object Description  User Module Name The full name of a module that may request Port Security services.  Abbr A one-letter abbreviation of the user module. This is used in the Users column in the port status table.
Page 274: Port Security Detail
User’s Manual of WGSW-24040 / WGSW-24040R 4.12.7 Port Security Detail This page shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
Page 275: Dhcp Snooping
User’s Manual of WGSW-24040 / WGSW-24040R 4.12.8 DHCP Snooping DHCP Snooping is used to block intruder on the untrusted ports of DUT when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server. Configure DHCP Snooping on this page. The...
Page 276: Dhcp Snooping Statistics
User’s Manual of WGSW-24040 / WGSW-24040R Disabled: Disable DHCP snooping mode operation.  Port Mode Indicates the DHCP snooping port mode. Possible port modes are: Trusted: Configures the port as trusted sources of the DHCP message. Configuration Untrusted: Configures the port as untrusted sources of the DHCP message.
Page 277: Ip Source Guard Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Rx and Tx Offer The number of offer (option 53 with value 2) packets received and transmitted.  Rx and Tx Request The number of request (option 53 with value 3) packets received and transmitted.
Page 278 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-12-10 IP Source Guard Configuration screen page screenshot The page includes the following fields: Object Description  Mode of IP Source Enable the Global IP Source Guard or disable the Global IP Source Guard. All configured ACEs will be lost when the mode is enabled.
Page 279: Ip Source Guard Static Table
User’s Manual of WGSW-24040 / WGSW-24040R This value can be 0, 1, 2 and unlimited. If the port mode is enabled and the value of max dynamic client is equal 0, it means only allow the IP packets forwarding that are matched in static entries on the specific port.
Page 280: Arp Inspection
User’s Manual of WGSW-24040 / WGSW-24040R 4.12.12 ARP Inspection ARP Inspection is a secure feature. Several types of attacks can be launched against a host or devices connected to Layer 2 networks by "poisoning" the ARP caches. This feature is used to block such attacks. Only valid ARP requests and responses can go through DUT.
Page 281: Arp Inspection Static Table
User’s Manual of WGSW-24040 / WGSW-24040R Configuration  Port Mode Configuration Specify ARP Inspection is enabled on which ports. Only when both Global Mode and Port Mode on a given port are enabled, ARP Inspection is enabled on this given port.
Page 282: Address Table
User’s Manual of WGSW-24040 / WGSW-24040R 4.13 Address Table Switching of frames is based upon the DMAC address contained in the frame. The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame ).
Page 283 User’s Manual of WGSW-24040 / WGSW-24040R By default, dynamic entries are removed from the MAC table after 300 seconds. This removal is also called aging. Object Description  Disable Automatic Enables/disables the the automatic aging of dynamic entries Aging  Aging Time The time after which a learned entry is discarded.
Page 284: Mac Address Table Status
User’s Manual of WGSW-24040 / WGSW-24040R Buttons : Click to save changes. Click to undo any changes made locally and revert to previously saved values. 4.13.2 MAC Address Table Status Dynamic MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address.
Page 285: Dynamic Arp Inspection Table
User’s Manual of WGSW-24040 / WGSW-24040R  The VLAN ID of the entry. VLAN  The MAC address of the entry. MAC address  The ports that are members of the entry. Port Members Buttons Auto-refresh : Automatic refresh occurs every 3 seconds.
Page 286: Dynamic Ip Source Guard Table
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  The port number for which the status applies. Click the port number to see the Port status for this particular port.  The VLAN ID of the entry.
Page 287 User’s Manual of WGSW-24040 / WGSW-24040R next Dynamic IP Source Guard Table match. In addition, the two input fields will - upon a “Refresh” button click - assume the value of the first displayed entry, allowing for continuous refresh with the same start address.
Page 288: Lldp
User’s Manual of WGSW-24040 / WGSW-24040R 4.14 LLDP 4.14.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast domain. LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device. Advertised information is represented in Type Length Value (TLV) format according to the IEEE 802.1ab standard, and can include details...
Page 289 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-14-1 LLDP Configuration page screenshot The page includes the following fields: LLDP Parameters Object Description  The switch is periodically transmitting LLDP frames to its neighbors for having the Tx Interval network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value.
Page 290 User’s Manual of WGSW-24040 / WGSW-24040R Tx Hold multiplied by Tx Interval seconds. Valid values are restricted to 2 - 10 times. TTL in seconds is based on the following rule: (Transmission Interval * Holdtime Multiplier) ≤ 65536. Therefore, the default TTL is 4*30 = 120 seconds.
Page 291 User’s Manual of WGSW-24040 / WGSW-24040R TLVs and discarded CDP frames are not shown in the LLDP statistics.). CDP TLVs are mapped onto LLDP neighbours' table as shown below. CDP TLV "Device ID" is mapped to the LLDP "Chassis ID" field.
Page 292: Lldp Med Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 4.14.3 LLDP MED Configuration This page allows you to configure the LLDP-MED. The LLDPMED Configuration screen in Figure 4-14-2 appears. Figure 4-14-2 LLDPMED Configuration page screenshot The page includes the following fields: Fast start repeat count...
Page 293 User’s Manual of WGSW-24040 / WGSW-24040R advertise LLDP-MED TLVs in outgoing LLDPDUs on the associated port. The LLDP-MED application will temporarily speed up the transmission of the LLDPDU to start within a second, when a new LLDP-MED neighbour has been detected in order share LLDP-MED information as fast as possible to new neighbours.
Page 294 User’s Manual of WGSW-24040 / WGSW-24040R WGS84: (Geographical 3D) - World Geodesic System 1984, CRS Code 4327, Prime Meridian Name: Greenwich. NAD83/NAVD88: North American Datum 1983, CRS Code 4269, Prime Meridian Name: Greenwich; The associated vertical datum is the North American Vertical Datum of 1988 (NAVD88).
Page 295 User’s Manual of WGSW-24040 / WGSW-24040R  Building Building (structure) - Example: Low Library  Apartment Unit (Apartment, suite) - Example: Apt 42  Floor Floor - Example: 4  Room no. Room number - Example: 450F  Place type Place type - Example: Office ...
Page 296 User’s Manual of WGSW-24040 / WGSW-24040R 4. Video Conferencing 5. Streaming Video 6. Control / Signaling (conditionally support a separate network policy for the media types above) A large network may support multiple VoIP policies across the entire organization, and different policies per application type.
Page 297 User’s Manual of WGSW-24040 / WGSW-24040R other similar appliances supporting real-time interactive video/audio services. Streaming Video - for use by broadcast or multicast based video content distribution and other similar applications supporting streaming video services that require specific network policy treatment. Video applications relying on TCP with buffering would not be an intended use of this application type.
Page 298: Lldp-Med Neighbor
User’s Manual of WGSW-24040 / WGSW-24040R  Port The port number for which the configuration applies.  Policy ID The set of policies that shall apply for a given port. The set of policies is selected by checkmarking the checkboxes that corresponds to the policies Buttons : Click to save changes.
Page 299 User’s Manual of WGSW-24040 / WGSW-24040R 1. LAN Switch/Router 2. IEEE 802.1 Bridge 3. IEEE 802.3 Repeater (included for historical reasons) 4. IEEE 802.11 Wireless Access Point 5. Any device that supports the IEEE 802.1AB and MED extensions defined by TIA-1057 and can relay IEEE 802 frames via any method.
Page 300 User’s Manual of WGSW-24040 / WGSW-24040R include aspects related to end user devices. Example product categories expected to adhere to this class include (but are not limited to) end user communication appliances, such as IP Phones, PC-based softphones, or other communication appliances that directly support the end user.
Page 301: Neighbor
User’s Manual of WGSW-24040 / WGSW-24040R  Policy Policy indicates that an Endpoint Device wants to explicitly advertise that the policy is required by the device. Can be either Defined or Unknown Unknown: The network policy for the specified application type is currently unknown.
Page 302 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-14-4 LLDP Neighbor Information page screenshot The page includes the following fields: Object Description  Local Port The port on which the LLDP frame was received.  Chassis ID The Chassis ID is the identification of the neighbor's LLDP frames.
Page 303: Port Statistics
User’s Manual of WGSW-24040 / WGSW-24040R 4.14.6 Port Statistics This page provides an overview of all LLDP traffic. Two types of counters are shown. Global counters are counters that refer to the whole stack, switch, while local counters refers to counters for the currently selected switch. The LLDP Statistics screen in Figure 4-14-5 appears.
Page 304 User’s Manual of WGSW-24040 / WGSW-24040R Local Counters The displayed table contains a row for each port. The columns hold the following information: Object Description  The port on which LLDP frames are received or transmitted. Local Port  The number of LLDP frames transmitted on the port.
Page 305: Network Diagnostics
User’s Manual of WGSW-24040 / WGSW-24040R 4.15 Network Diagnostics This section provide the Physical layer and IP layer network diagnostics tools for troubleshoot. The diagnostic tools are designed for network manager to help them quickly diagnose problems between point to point and better service customers.
Page 306: Ipv6 Ping
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-15-1 ICMP Ping page screenshot The page includes the following fields: Object Description  The destination IP Address. IP Address  Ping Length The payload size of the ICMP packet. Values range from 2 bytes to 1452 bytes.
Page 307: Remote Ip Ping Test
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-15-2 ICMPv6 Ping page screenshot The page includes the following fields: Object Description  The destination IP Address. IP Address  Ping Length The payload size of the ICMP packet. Values range from 2 bytes to 1452 bytes.
Page 308: Cable Diagnostics
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-15-3 Remote IP Ping Test page screenshot The page includes the following fields: Object Description  Port The logical port for the settings.  The destination IP Address. Remote IP Address  The payload size of the ICMP packet. Values range from 8 bytes to 1400 bytes.
Page 309 User’s Manual of WGSW-24040 / WGSW-24040R seconds. When completed, the page refreshes automatically, and you can view the cable diagnostics results in the cable status table. Note that Cable Diagnostics is only accurate for cables of length 7 - 140 meters.
Page 310 User’s Manual of WGSW-24040 / WGSW-24040R Short A - Cross-pair short to pair A Short B - Cross-pair short to pair B Short C - Cross-pair short to pair C Short D - Cross-pair short to pair D Cross A - Abnormal cross-pair coupling with pair A...
Page 311: Loop Protection
User’s Manual of WGSW-24040 / WGSW-24040R 4.16 Loop Protection This chapter describes enabling loop protection function that provides loop protection to prevent broadcast loops in WGSW-24040. 4.16.1 Configuration This page allows the user to inspect the current Loop Protection configurations, and possibly change them as well; screen in Figure 4-16-1 appears.
Page 312: Loop Protection Status
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: General Settings Object Description  Controls whether loop protections is enabled (as a whole). Enable Loop Protection  Transmission Time The interval between each loop protection PDU sent on each port. valid values are 1 to 10 seconds.
Page 313: Sflow
User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  Port The switch port number of the logical port.  Action The currently configured port action.  Transmit The currently configured port transmit mode.  Loops The number of loops detected on this port.
Page 314: Sflow Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 4.17.1 sFlow Configuration This page allows for configuring sFlow. The configuration is divided into two parts: Configuration of the sFlow receiver (a.k.a. sFlow collector) and configuration of per-port flow and counter samplers. sFlow configuration is not persisted to non-volatile memory, which means that a reboot will disable sFlow sampling, screen in Figure 4-17-1 appears.
Page 315 User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Receiver Configuration Object Description  Basically, sFlow can be configured in two ways: Through local management Owner using the Web or CLI interface or through SNMP. This read-only field shows the owner of the current sFlow configuration and assumes values as follows: •...
Page 316: Sflow Status
User’s Manual of WGSW-24040 / WGSW-24040R requested, the switch will automatically adjust it to the closest achievable. This will be reported back in this field.  Flow Sampler Max. The maximum number of bytes that should be copied from a sampled packet to the sFlow datagram.
Page 317 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-17-2 sFlow Statistics page screenshot The page includes the following fields: Receiver Statistics Object Description  This field shows the current owner of the sFlow configuration. It assumes one of Owner three values as follows: •...
Page 318 User’s Manual of WGSW-24040 / WGSW-24040R  IP Address/Hostname The IP address or hostname of the sFlow receiver.  Timeout The number of seconds remaining before sampling stops and the current sFlow owner is released.  Tx Successes The number of UDP datagrams successfully sent to the sFlow receiver.
Page 319: Rmon
User’s Manual of WGSW-24040 / WGSW-24040R 4.18 RMON RMON is the most important expansion of the standard SNMP. RMON is a set of MIB definitions, used to define standard network monitor functions and interfaces, enabling the communication between SNMP management terminals and remote monitors.
Page 320 User’s Manual of WGSW-24040 / WGSW-24040R characters. InUcastPkts: The number of uni-cast packets delivered to a higher-layer protocol. InNUcastPkts: The number of broad-cast and multi-cast packets delivered to a higher-layer protocol. InDiscards: The number of inbound packets that are discarded even the packets are normal.
Page 321: Rmon Alarm Detail
User’s Manual of WGSW-24040 / WGSW-24040R : Click to add a new community entry. : Click to save changes. Click to undo any changes made locally and revert to previously saved values. 4.18.2 RMON Alarm Detail This page provides an Detail of a specific RMON statistics entry; screen in Figure 4-18-2 appears.
Page 322: Rmon Alarm Status
User’s Manual of WGSW-24040 / WGSW-24040R Buttons : Click to refresh the page immediately. Auto-refresh Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Updates the table starting from the first entry in the Alarm Table, i.e. the entry with the lowest ID.
Page 323: Rmon Event Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Rising Index Rising event index.  Falling Threshold Falling threshold value.  Falling Index Falling event index. Buttons : Click to refresh the page immediately. Auto-refresh Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds.
Page 324: Rmon Event Detail
User’s Manual of WGSW-24040 / WGSW-24040R  Community Specify the community when trap is sent, the string length is from 0 to 127, default is "public".  Event Last Time Indicates the value of sysUpTime at the time this event entry last generated an event.
Page 325: Rmon Event Status
User’s Manual of WGSW-24040 / WGSW-24040R 4.18.6 RMON Event Status This page provides an overview of RMON Event table entries.Each page shows up to 99 entries from the Event table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Event table.
Page 326: Rmon History Detail
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-18-7 RMON history configuration page screenshot The page includes the following fields: Object Description  Delete Check to delete the entry. It will be deleted during the next save.  ID Indicates the index of the entry. The range is from 1 to 65535.
Page 327 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-18-8 RMON history Detail page screenshot The page includes the following fields: Object Description  History Index Indicates the index of History control entry.  Sample Index Indicates the index of the data entry associated with the control entry ...
Page 328: Rmon History Status
User’s Manual of WGSW-24040 / WGSW-24040R  Fragments The number of frames which size is less than 64 octets received with invalid CRC.  Jabber The number of frames which size is larger than 64 octets received with invalid CRC.
Page 329: Rmon Statistics Configuration
User’s Manual of WGSW-24040 / WGSW-24040R  Drops The total number of events in which packets were dropped by the probe due to lack of resources.  Octets The total number of octets of data (including those in bad packets) received on the network.
Page 330: Rmon Statistics Detail
User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-18-10 RMON Statistics configuration page screenshot The page includes the following fields: Object Description  Delete Check to delete the entry. It will be deleted during the next save.  ID Indicates the index of the entry. The range is from 1 to 65535.
Page 331 User’s Manual of WGSW-24040 / WGSW-24040R Figure 4-18-11 Loop protection configuration page screenshot The page includes the following fields: Object Description  Data Source The port ID which wants to be monitored.  Drop The total number of events in which packets were dropped by the probe due to lack of resources.
Page 332: Rmon Statistics Status
User’s Manual of WGSW-24040 / WGSW-24040R CRC.  Jabb. The number of frames which size is larger than 64 octets received with invalid CRC.  Coll. The best estimate of the total number of collisions on this Ethernet segment.  64 The total number of packets (including bad packets) received that were 64 octets in length.
Page 333 User’s Manual of WGSW-24040 / WGSW-24040R The page includes the following fields: Object Description  ID Indicates the index of Statistics entry.  Data Source (ifIndex) The port ID which wants to be monitored.  Drop The total number of events in which packets were dropped by the probe due to lack of resources.
Page 334 User’s Manual of WGSW-24040 / WGSW-24040R : Click to refresh the page immediately. Auto-refresh Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Updates the table starting from the first entry in the Alarm Table, i.e. the entry with the lowest ID.
Page 335: Command Line Interface
User’s Manual of WGSW-24040 / WGSW-24040R 5. COMMAND LINE INTERFACE 5.1 Accessing the CLI When accessing the management interface for the switch over a direct connection to the server’s console port, or via a Telnet connection, the switch can be managed by entering command keywords and parameters at the prompt. Using the switch's command-line interface (CLI) is very similar to entering commands on a UNIX system.
Page 336: Configure Ip Address
5-2. Figure 5-2 Show IP information screen  Configure IP address On “WGSW-24040/> ” prompt, enter the following command and press <Enter>. As show in Figure 5-3. WGSW-24040/> ip setup 192.168.0.101 255.255.255.0 192.168.0.253 1 The previous command would apply the follow settings for the Switch.
Page 337: Telnet Login
User’s Manual of WGSW-24040 / WGSW-24040R Figure 5-3 Set IP address screen Repeat Step 1 to check if the IP address is changed. If the IP address is successfully configured, the Managed Switch will apply the new IP address setting immediately. You can access the Web interface of Managed Switch through the new IP address.
Page 338 User’s Manual of WGSW-24040 / WGSW-24040R...
Page 339: Command Line Mode
User’s Manual of WGSW-24040 / WGSW-24040R 6. Command Line Mode The CLI groups all the commands in appropriate modes according to the nature of the command. A sample of the CLI command modes are described below. Each of the command modes supports specific software commands.
Page 340: System Log Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: System Configuration [all | (port <port_list>)] Parameters: : Show all switch configuration, default: Show system configuration : Show switch port configuration port <port_list>: Port list or 'all', default: All ports Example: To display system information: WGSW-24040:/>System configuration...
Page 341: System Version
User’s Manual of WGSW-24040 / WGSW-24040R System Log Server Address : System Log Level : Info WGSW-24040:/> System Version Description: Show system version information. Syntax: System Version Example: To display system version: WGSW-24040:/>System version Version : Beta1205281742 Build Date : 2012-05-28T17:42:57+0800 WGSW-24040:/>...
Page 342: System Name
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>System log server mode System Log Server Mode : Disabled System Name Description: Set or show the system name. Syntax: System Name [<name>] Parameters: <name>: System name string. (1-255) Use "" to clear the string System name is a text string drawn from the alphabet (A-Za-z), digits (0-9), minus sign (-).
Page 343: System Log Server Address
User’s Manual of WGSW-24040 / WGSW-24040R Example: To set device contact: WGSW-24040:/>System contact WGSW-24040-Test System Log Server Address Description: Show or set the system log server address. Syntax: System Log Server Address [<ip_addr_string>] Parameters: <ip_addr_string>: IP host address (a.b.c.d) or a host name string...
Page 344: System Log Level
User’s Manual of WGSW-24040 / WGSW-24040R Example: To set device location: WGSW-24040:/>System location 9F-LAB System Log Level Description: Show or set the system log level. It uses to determine what kind of message will send to syslog server. Syntax: System Log Level [info|warning|error]...
Page 345: System Log Lookup
User’s Manual of WGSW-24040 / WGSW-24040R Example: To set timezone: WGSW-24040:/>system timezone 120 System Log Lookup Description: Show or clear the system log. Syntax: System Log Lookup [<log_id>] [all|info|warning|error] Parameters: <log_id>: System log ID or range (default: All entries) : Show all levels (default)
Page 346: System Reboot
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: System Log Clear [all|info|warning|error] Parameters: : Show all levels (default) : Show informations info warning : Show warnings : Show errors error Example: To sclear the system log: WGSW-24040:/>system log clear WGSW-24040:/> System Reboot Description: Reboot the system.
Page 347: System Load
User’s Manual of WGSW-24040 / WGSW-24040R Example: To restore default value but not reset IP address: WGSW-24040:/>system restore default keep_ip System Load Description: Show current CPU load: 100ms, 1s and 10s running average (in percent, zero is idle). Syntax: System Load...
Page 348: Ip Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.2 IP Command IP Configuration Description: Show IP configuration. Syntax: IP Configuration Example: Show IP configuration: WGSW-24040:/>ip configuration IP Configuration: ================= DHCP Client : Disabled IP Address : 192.168.0.101 IP Mask : 255.255.255.0 IP Router : 192.168.0.254...
Page 349: Ip Dhcp
User’s Manual of WGSW-24040 / WGSW-24040R IP DHCP Description: Set or show the DHCP client mode. Syntax: IP DHCP [enable|disable] Parameters: enable : Enable or renew DHCP client disable: Disable DHCP client Default Setting: Disable Example: Disable DHCP sever: WGSW-24040:/>ip dhcp disable...
Page 350: Ip Ping
User’s Manual of WGSW-24040 / WGSW-24040R VLAN ID Example: Set IP address: WGSW-24040:/>ip setup 192.168.0.100 255.255.255.0 IP Ping Description: Ping IP address (ICMP echo). Syntax: IP Ping <ip_addr_string> [(Length <ping_length>)] [(Count <ping_count>)] [(Interval <ping_interval>)] Parameters: <ip_addr_string>: IPv4 host address (a.b.c.d) or a host name string...
Page 351: Ip Dns Proxy
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: IP DNS [<ip_addr>] Parameters: <ip_addr>: IP address (a.b.c.d), default: Showdne IP address Default Setting: 0.0.0.0 Example: Set DNS IP address: WGSW-24040:/>ip dns 168.95.1.1 IP DNS Proxy Description: Set or show the IP DNS Proxy mode.
Page 352: Ipv6 Setup
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: IP IPv6 AUTOCONFIG [enable|disable] Parameters: enable : Enable IPv6 AUTOCONFIG mode disable: Disable IPv6 AUTOCONFIG mode Default Setting: disable Example: Enable IPv6 autoconfig function: WGSW-24040:/>ip ipv6 autoconfig enable IPv6 Setup Description: Set or show the IPv6 setup.
Page 353: Ipv6 Ping
User’s Manual of WGSW-24040 / WGSW-24040R IPv6 Prefix : 96 IPv6 Router : :: Example: Set IPv6 address: WGSW-24040:/>ip ipv6 setup 2001::0002 64 2100::0001 IPv6 Ping Description: Ping IPv6 address (ICMPv6 echo). Syntax: IP IPv6 Ping6 <ipv6_addr> [(Length <ping_length>)] [(Count <ping_count>)] [(Interval <ping_interval>)] Parameters: : IPv6 host address.
Page 354: Ip Ntp Configuration
User’s Manual of WGSW-24040 / WGSW-24040R IP NTP Configuration Description: Show NTP configuration. Syntax: IP NTP Configuration Default Setting: IP NTP Configuration: ===================== NTP Mode : Disabled Server IP host address (a.b.c.d) or a host name string ------------------------------------------------------ pool.ntp.org europe.pool.ntp.org north-america.pool.ntp.org...
Page 355: Ip Ntp Server Add
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>ip ntp mode enable IP NTP Server Add Description: Add NTP server entry. Syntax: IP NTP Server Add <server_index> <ip_addr_string> Parameters: <server_index> : The server index (1-5) <ip_addr_string>: IP host address (a.b.c.d) or a host name string...
Page 356: Ip Ntp Server Delete
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>ip ntp server ipv6 add 1 2001:7b8:3:2c::123 IP NTP Server Delete Description: Delete NTP server entry. Syntax: IP NTP Server Delete <server_index> Parameters: <server_index>: The server index (1-5) Example: To delete NTP server: WGSW-24040:/>ip ntp server delete 1...
Page 357: Port Management Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.3 Port Management Command Port Configuration Description: Show port configuration. Syntax: Port Configuration [<port_list>] [up|down] Parameters: <port_list>: Port list or 'all', default: All ports : Show ports, which are up : Show ports, which are down...
Page 358: Port Flow Control
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <port_list>: Port list or 'all', default: All ports : Auto negotiation of speed and duplex auto : 10 Mbps, half duplex 10hdx : 10 Mbps, full duplex 10fdx : 100 Mbps, half duplex...
Page 359: Port State
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>port flow control 1 enable Port State Description: Set or show the port administrative state. Syntax: Port State [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable port enable : Disable port...
Page 360: Port Power
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set 2048 frame size for port1 WGSW-24040:/>port maxframe 1 2048 Port Power Description: Set or show the port PHY power mode. Syntax: Port Power [<port_list>] [enable|disable|actiphy|dynamic] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 361: Port Statistics
User’s Manual of WGSW-24040 / WGSW-24040R (default: Show mode) Default Setting: Discard Example: WGSW-24040:/>port excessive 1 restart Port Statistics Description: Show port statistics. Syntax: Port Statistics [<port_list>] [<command>] [up|down] Parameters: <port_list>: Port list or 'all', default: All ports <command> : The command parameter takes the following values:...
Page 362: Port Sfp
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <port_list>: Port list or 'all', default: All ports Port SFP Description: Show SFP port information. Syntax: Port SFP [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show SFP information for port21-22 WGSW-24040:/>port sfp...
Page 363: Mac Address Table Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.4 MAC Address Table Command MAC Configuration Description: Show MAC address table configuration. Syntax: MAC Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show Mac address state WGSW-24040:/>mac configuration 1...
Page 364: Mac Delete
User’s Manual of WGSW-24040 / WGSW-24040R Example: Add Mac address 00-30-4F-01-01-02 in port1 and vid1 WGSW-24040:/>mac add 00-30-4f-01-01-02 1 1 MAC Delete Description: Delete MAC address entry. Syntax: MAC Delete <mac_addr> [<vid>] Parameters: <mac_addr>: MAC address ('xx-xx-xx-xx-xx-xx' or 'xx.xx.xx.xx.xx.xx' or 'xxxxxxxxxxxx', x is a hexadecimal digit) : VLAN ID (1-4095), default: 1 <vid>...
Page 365: Mac Age Time
User’s Manual of WGSW-24040 / WGSW-24040R MAC Age Time Description: Set or show the MAC address age timer. Syntax: MAC Agetime [<age_time>] Parameters: <age_time>: MAC address age time (0,10-1000000) 0=disable, (default: Show age time) Default Setting: Example: Set agetime value in 30 WGSW-24040:/>mac agetime 30...
Page 366: Mac Dump
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>mac learning 1 secure MAC Dump Description: Show sorted list of MAC address entries. Syntax: MAC Dump [<mac_max>] [<mac_addr>] [<vid>] Parameters: <mac_max> : Maximum number of MAC addresses 1-8192, default: Show all addresses <mac_addr>: First MAC address ('xx-xx-xx-xx-xx-xx' or 'xx.xx.xx.xx.xx.xx' or 'xxxxxxxxxxxx', x is a hexadecimal digit),...
Page 367: Mac Flush
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <port_list>: Port list or 'all', default: All ports Example: Set all of MAC statistics WGSW-24040:/>mac statistics Port Dynamic Addresses ---- ----------------- Total Dynamic Addresses: 1 Total Static Addresses : 6 MAC Flush Description: Flush all learned entries.
Page 368: Vlan Configuration Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.5 VLAN Configuration Command VLAN Configuration Description: Show VLAN configuration. Syntax: VLAN Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show VLAN status of port1 WGSW-24040:/>vlan configuration 1 VLAN Configuration: =================== Mode : IEEE 802.1Q...
Page 369: Vlan Frame Type
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: VLAN PVID [<port_list>] [<vid>|none] Parameters: <port_list>: Port list or 'all', default: All ports <vid>|none : Port VLAN ID (1-4095) or 'none', default: Show port VLAN ID Default Setting: Example: Set PVID2 for port10 WGSW-24040:/>vlan pvid 10 2...
Page 370: Vlan Ingress Filter
User’s Manual of WGSW-24040 / WGSW-24040R VLAN Ingress Filter Description: Set or show the port VLAN ingress filter. Syntax: VLAN IngressFilter [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable VLAN ingress filtering enable : Disable VLAN ingress filtering...
Page 371: Vlan Link Type
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>vlan mode portbased VLAN Link Type Description: Set or show the port VLAN link type. Syntax: VLAN LinkType [<port_list>] [untagged|tagged] Parameters: <port_list>: Port list or 'all', default: All ports : VLAN Link Type Tagged...
Page 372: Vlan Ethernet Type
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set port2 in man port WGSW-24040:/>vlan qinq 2 man VLAN Ethernet Type Description: Set or show out layer VLAN tag ether type in Q-in-Q VLAN mode. Syntax: VLAN Ethtype [<port_list>] [man|dot1q] Parameters: <port_list>: Port list or 'all', default: All ports : Set out layer VLAN tag ether type : MAN : Set out layer VLAN tag ether type : 802.1Q...
Page 373: Vlan Forbidden Add
User’s Manual of WGSW-24040 / WGSW-24040R Default Setting: Example: Add port1 to port4 in VLAN10 WGSW-24040:/>vlan add 10 1-4 VLAN Forbidden Add Description: Add or modify VLAN entry in forbidden table. Syntax: VLAN Forbidden Add <vid>|<name> [<port_list>] Parameters: <vid>|<name>: VLAN ID (1-4095) or VLAN Name <port_list>...
Page 374: Vlan Forbidden Delete
User’s Manual of WGSW-24040 / WGSW-24040R VLAN Forbidden Delete Description: Delete VLAN entry. Syntax: LAN Forbidden Delete <vid>|<name> Parameters: <vid>|<name>: VLAN ID (1-4095) or VLAN Name Example: Forbidden delete VLAN10 WGSW-24040:/>vlan forbidden delete 10 VLAN Forbidden Lookup Description: Lookup VLAN Forbidden port entry.
Page 375: Vlan Name Add
User’s Manual of WGSW-24040 / WGSW-24040R <vid> : VLAN ID (1-4095), default: Show all VLANs name : VLAN name string <name>: VLAN name - Maximum of 32 characters. VLAN Name can only contain alphabets or numbers. VLAN name should contain atleast one alphabet.
Page 376: Vlan Name Delete
User’s Manual of WGSW-24040 / WGSW-24040R VLAN Name Delete Description: Delete VLAN Name to VLAN ID Mapping. Syntax: VLAN Name Delete <name> Parameters: <name>: VLAN name - Maximum of 32 characters. VLAN Name can only contain alphabets or numbers. VLAN name should contain atleast one alphabet.
Page 377: Vlan Status
User’s Manual of WGSW-24040 / WGSW-24040R VLAN Status Description: VLAN Port Configuration Status. Syntax: VLAN Status [<port_list>] [combined|static|nas|mvr|voice_vlan|mstp|all|conflicts] Parameters: <port_list>: Port list or 'all', default: All ports : combined VLAN Users configuration combined : static port configuration static : NAS port configuration...
Page 378: Private Vlan Configuration Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.6 Private VLAN Configuration Command PVLAN Configuration Description: Show Private VLAN configuration. Syntax: PVLAN Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show private VLAN configuration WGSW-24040:/> pvlan configuration Private VLAN Configuration:...
Page 379: Pvlan Delete
User’s Manual of WGSW-24040 / WGSW-24040R <port_list>: Port list or 'all', default: All ports Example: Add port1 to port4 in PVLAN10 WGSW-24040:/>pvlan add 10 1-4 PVLAN Delete Description: Delete Private VLAN entry. Syntax: PVLAN Delete <pvlan_id> Parameters: <pvlan_id>: Private VLAN ID. The allowed range for a Private VLAN ID is the same as the switch port number range.
Page 380: Pvlan Isolate
User’s Manual of WGSW-24040 / WGSW-24040R PVLAN ID Ports -------- ----- 1-10 PVLAN Isolate Description: Set or show the port isolation mode. Syntax: PVLAN Isolate [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable port isolation...
Page 381: Security Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.7 Security Command Security Switch User Configuration Description: Show users configuration. Syntax: Security Switch Users Configuration Default Setting: User Name Privilege admin Example: Show users configuration WGSW-24040:/>security switch user configuration Users Configuration: ==================== User Name...
Page 382: Security Switch User Delete
User’s Manual of WGSW-24040 / WGSW-24040R Example: Add new user: username: test, password: test & privilege: 10 WGSW-24040:/>security switch users add test test 10 Security Switch User Delete Description: Delete users entry. Syntax: Security Switch Users Delete <user_name> Parameters: <user_name>: A string identifying the user name that this entry should belong to. The allowed string length is (1-32). The...
Page 383: Security Switch Privilege Level Group
User’s Manual of WGSW-24040 / WGSW-24040R CRO CRW SRO SRW -------------------------------- --- --- --- --- Aggregation 5 10 5 10 Diagnostics 5 10 5 10 5 10 5 10 LACP 5 10 5 10 LLDP 5 10 5 10 LLDP_MED...
Page 384: Security Switch Privilege Level Current
<sro> : Status/Statistics read-write privilege level (1-15) <srw> Example: Change privilege level of MVR group. WGSW-24040:/>security switch privilege level group mvr 15 15 15 15 Security Switch Privilege Level Current Description: Show the current privilege level. Syntax: Security Switch Privilege Level Current...
Page 385: Security Switch Authentication Method
: Enable local authentication if remote authentication fails enable : Disable local authentication if remote authentication fails disable (The parameter is effective when it is typed) Default Setting: disable Example: Use RADIUS authentication method for telnet. WGSW-24040:/>security switch auth method telnet radius enable...
Page 386: Security Switch Ssh Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch SSH Configuration Description: Show SSH configuration. Syntax: Security Switch SSH Configuration Example: Show SSH configuration. WGSW-24040:/>security switch ssh configuration SSH Configuration: ================== SSH Mode : Enable Security Switch SSH Mode Description: Set or show the SSH mode.
Page 387: Security Switch Https Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch HTTPs Configuration Description: Show HTTPS configuration. Syntax: Security Switch HTTPS Configuration Example: Show HTTPs configuration. WGSW-24040:/>security switch https configuration HTTPS Configuration: ==================== HTTPS Mode : Enable HTTPS Redirect Mode : Disabled Security Switch HTTPs Mode Description: Set or show the HTTPS mode.
Page 388: Security Switch Https Redirect
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch HTTPs Redirect Description: Set or show the HTTPS redirect mode. Automatic redirect web browser to HTTPS during HTTPS mode enabled. Syntax: Security Switch HTTPS Redirect [enable|disable] Parameters: enable : Enable HTTPs redirect...
Page 389: Security Switch Access Mode
User’s Manual of WGSW-24040 / WGSW-24040R S: SNMP T: TELNET/SSH Idx Start IP Address End IP Address W S T --- ------------------------------- ------------------------------ - - - Security Switch Access Mode Description: Set or show the access management mode. Syntax: Security Switch Access Mode [enable|disable]...
Page 390: Security Switch Access Ipv6 Add
: Indicates that the host can access the switch from TELNET/SSH telnet Example: Add access management list from 192.168.0.1 to 192.168.0.200 via web interface. WGSW-24040:/>security switch access add 1 192.168.0.1 192.168.0.200 web Security Switch Access IPv6 Add Description: Add access management IPv6 entry, default: Add all supported protocols.
Page 391: Security Switch Access Delete
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch Access Delete Description: Delete access management entry. Syntax: Security Switch Access Delete <access_id> Parameters: <access_id>: entry index (1-16) Example: Delete access management ID 1 WGSW-24040:/>security switch access delete 1 Security Switch Access Lookup Description: Lookup access management entry.
Page 392: Security Switch Access Statistics
User’s Manual of WGSW-24040 / WGSW-24040R Clear access management entry. WGSW-24040:/>security switch access clear Security Switch Access Statistics Description: Show or clear access management statistics. Syntax: Security Switch Access Statistics [clear] Parameters: clear: Clear access management statistics Example: Show access management statistics.
Page 393: Security Switch Snmp Version
User’s Manual of WGSW-24040 / WGSW-24040R Set or show the SNMP mode. Syntax: Security Switch SNMP Mode [enable|disable] Parameters: enable : Enable SNMP disable: Disable SNMP (default: Show SNMP mode) Default Setting: enable Example: Disable SNMP mode. WGSW-24040:/>security switch snmp mode disable...
Page 394: Security Switch Snmp Read Community
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch SNMP Read Community Description: Set or show the community string for SNMP read access. Syntax: Security Switch SNMP Read Community [<community>] Parameters: <community>: Community string. Use 'clear' or "" to clear the string Maximum length allowed is upto 256 characters.
Page 395: Security Switch Snmp Trap Mode
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch SNMP Trap Mode Description: Set or show the SNMP trap mode. Syntax: Security Switch SNMP Trap Mode [enable|disable] Parameters: enable : Enable SNMP traps disable: Disable SNMP traps (default: Show SNMP trap mode)
Page 396: Security Switch Snmp Trap Community
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>security switch snmp trap version 2c Security Switch SNMP Trap Community Description: Set or show the community string for SNMP traps. Syntax: Security Switch SNMP Trap Community [<community>] Parameters: <community>: Community string. Use 'clear' or "" to clear the string Maximum length allowed is upto 256 characters.
Page 397: Security Switch Snmp Trap Ipv6 Destination
16-bit groups of contiguous zeros; but it can only appear once. It also used a following legally IPv4 address. For example,'::192.1.2.34'. Example: Set SNMP trap IPv6 destination address for 2001::0001 WGSW-24040:/>security switch snmp trap ipv6 destination 2001::0001 Security Switch SNMP Trap Authentication Failure Description: Set or show the SNMP authentication failure trap mode.
Page 398: Security Switch Snmp Trap Link-Up
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch SNMP Trap Link-up Description: Set or show the port link-up and link-down trap mode. Syntax: Security Switch SNMP Trap Link-up [enable|disable] Parameters: enable : Enable SNMP trap link-up and link-down disable: Disable SNMP trap link-up and link-down...
Page 399: Security Switch Snmp Trap Inform Timeout
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>security switch snmp trap inform mode disable Security Switch SNMP Trap Inform Timeout Description: Set or show the SNMP trap inform timeout (usecs). Syntax: Security Switch SNMP Trap Inform Timeout [<timeout>] Parameters: <timeout>: SNMP trap inform timeout (0-2147 seconds)
Page 400: Security Switch Snmp Trap Probe Security Engine Id
(default: Show SNMP trap security engine ID probe mode) Default Setting: enable Example: Disable SNMP trap probe security engine ID WGSW-24040:/>security switch snmp trap probe security engine id disable Security Switch SNMP Trap Security Engine ID Description: Set or show SNMP trap security engine ID. Syntax: Security Switch SNMP Trap Security Engine ID [<engineid>]...
Page 401: Security Switch Snmp Trap Security Name
(1-32), and the allowed content is ASCII characters from 33 to 126 Example: Set the SNMP trap security name WGSW-24040:/>security switch snmp trap security name 12345678 Security Switch SNMP Engine ID Description: Set or show SNMPv3 local engine ID.
Page 402: Security Switch Snmp Community Delete
<ip_addr> : IP address (a.b.c.d), default: Show IP address <ip_mask> : IPv4 subnet mask (a.b.c.d), default: Show IP mask Example: Add SNMPv3 community entry. WGSW-24040:/>security switch snmp community add public 192.168.0.20 255.255.255.0 Security Switch SNMP Community Delete Description: Delete SNMPv3 community entry.
Page 403: Security Switch Snmp User Add
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <index>: entry index (1-64) Example: Lookup SNMPv3 community entry WGSW-24040:/>security switch snmp community lookup Idx Community Source IP Source Mask --- -------------------------------- --------------- --------------- public 192.168.0.20 255.255.255.0 private 0.0.0.0 0.0.0.0 Number of entries: 2...
Page 404: Security Switch Snmp User Delete
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>security switch snmp user add 800007e5017f000003 admin_snmpv3 md5 12345678 des abcdefgh Security Switch SNMP User Delete Description: Delete SNMPv3 user entry. Syntax: Security Switch SNMP User Delete <index> Parameters: <index>: entry index (1-64) Example: Delete SNMPv3 user entry WGSW-24040:/>security switch snmp user delete 1...
Page 405: Security Switch Snmp User Lookup
User’s Manual of WGSW-24040 / WGSW-24040R 87654321 12345678 Security Switch SNMP User Lookup Description: Lookup SNMPv3 user entry. Syntax: Security Switch SNMP User Lookup [<index>] Parameters: <index>: entry index (1-64) Example: Lookup SNMPv3 user entry WGSW-24040:/>security switch snmp user lookup...
Page 406: Security Switch Snmp Group Delete
: A string identifying the group name that this entry should belong to. The allowed string length is <group_name> (1-32), and the allowed content is ASCII characters from 33 to 126 Example: Add SNMPv3 group entry WGSW-24040:/>security switch snmp group add usm admin_snmpv3 group_snmpv3 Security Switch SNMP Group Delete Description: Delete SNMPv3 group entry. Syntax: Security Switch SNMP Group Delete <index>...
Page 407: Security Switch Snmp View Add
<oid_subtree>: The OID defining the root of the subtree to add to the named view Example: Add SNMPv3 view entry WGSW-24040:/>security switch snmp view add snmpv3_view include .1 Security Switch SNMP View Delete Description: Delete SNMPv3 view entry. Syntax:...
Page 408: Security Switch Snmp View Lookup
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <index>: entry index (1-64) Example: Delete SNMPv3 view entry WGSW-24040:/>security switch snmp view delete 3 Security Switch SNMP View Lookup Description: Lookup SNMPv3 view entry. Syntax: Security Switch SNMP View Lookup [<index>] Parameters: <index>: entry index (1-64)
Page 409: Security Switch Snmp Access Delete
The name of "None" is reserved. The allowed string length is (1-32), and the allowed content is ASCII characters from 33 to 126 Example: Add SNMPv3 access entry WGSW-24040:/>security switch snmp access add group_snmpv3 usm authpriv snmpv3_view snmpv3_view Security Switch SNMP Access Delete Description: Delete SNMPv3 access entry.
Page 410: Security Switch Snmp Access Lookup
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch SNMP Access Lookup Description: Lookup SNMPv3 access entry. Syntax: Security Switch SNMP Access Lookup [<index>] Parameters: <index>: entry index (1-64) Example: Lookup SNMPv3 access entry WGSW-24040:/>security switch snmp access lookup Idx Group Name...
Page 411: Security Switch Rmon Statistics Lookup
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: Security Switch RMON Statistics Delete <stats_id> Parameters: <stats_id>: Statistics ID (1-65535). Security Switch RMON Statistics Lookup Description: Show RMON Statistics entries. Syntax: Security Switch RMON Statistics Lookup [<stats_id>] Parameters: <stats_id>: Statistics ID (1-65535).
Page 412: Security Switch Rmon History Lookup
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: Security Switch RMON History Delete <history_id> Parameters: <history_id> : History ID (1-65535). Security Switch RMON History Lookup Description: Show RMON History entries. Syntax: Security Switch RMON History Lookup [<history_id>] Parameters: <history_id> : History ID (1-65535).
Page 413: Security Switch Rmon Alarm Delete
User’s Manual of WGSW-24040 / WGSW-24040R .1.3.6.1.2.1.2.2.1.18.xxx – ifOutNUcastPkts .1.3.6.1.2.1.2.2.1.19.xxx – ifOutDiscards .1.3.6.1.2.1.2.2.1.20.xxx – ifOutErrors .1.3.6.1.2.1.2.2.1.21.xxx – ifOutQLen "xxx" means the interface identified by a particular value of this index is the same interface as identified by the same value of OID 'ifIndex'.
Page 414: Security Switch Rmon Event Add
User’s Manual of WGSW-24040 / WGSW-24040R Security Switch RMON Event Add Description: Add or modify RMON Event entry. The entry index key is <event_id>. Syntax: Security Switch RMON Event Add <event_id> [none|log|trap|log_trap] [<community>] [<description>] Parameters: : Event ID (1-65535). <event_id>...
Page 415: Security Network Psec Switch
User’s Manual of WGSW-24040 / WGSW-24040R Security Network Psec Switch Description: Show Port Security status. Syntax: Security Network Psec Switch [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show port security status. WGSW-24040:/>security network psec switch Users: L = Limit Control 8 = 802.1X...
Page 416: Security Network Limit Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Port 1: ------- MAC Address State Added Age/Hold Time ----------------- ---- ---------- ------------------------- ------------- <none> Security Network Limit Configuration Description: Show Limit Control configuration. Syntax: Security Network Limit Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show Limit Control configuration.
Page 417: Security Network Limit Aging
User’s Manual of WGSW-24040 / WGSW-24040R Set or show global state. Syntax: Security Network Limit Mode [enable|disable] Parameters: enable : Globally enable port security disable : Globally disable port security (default: Show current global enabledness of port security limit control)
Page 418: Security Network Limit Agetime
User’s Manual of WGSW-24040 / WGSW-24040R Security Network Limit Agetime Description: Time in seconds between check for activity on learned MAC addresses. Syntax: Security Network Limit Agetime [<age_time>] Parameters: <age_time>: Time in seconds between checks for activity on a MAC address (10-10000000 seconds)
Page 419: Security Network Limit Limit
User’s Manual of WGSW-24040 / WGSW-24040R Security Network Limit Limit Description: Set or show the max. number of MAC addresses that can be learned on this set of ports. Syntax: Security Network Limit Limit [<port_list>] [<limit>] Parameters: <port_list>: Port list or 'all', default: All ports : Max.
Page 420: Security Network Limit Reopen
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set trap mode for limit action for port 1 WGSW-24040:/>security network limit action 1 trap Security Network Limit Reopen Description: Reopen one or more ports whose limit is exceeded and shut down. Syntax: Security Network Limit Reopen [<port_list>]...
Page 421: Security Network Nas Mode
User’s Manual of WGSW-24040 / WGSW-24040R Mode : Disabled Reauth. : Disabled Reauth. Period : 3600 EAPOL Timeout : 30 Age Period : 300 Hold Time : 10 RADIUS QoS : Disabled RADIUS VLAN : Disabled Guest VLAN : Disabled Guest VLAN ID Max.
Page 422: Security Network Nas State
User’s Manual of WGSW-24040 / WGSW-24040R Security Network NAS State Description: Set or show the port security state. Syntax: Security Network NAS State [<port_list>] [auto|authorized|unauthorized|single|multi|macbased] Parameters: <port_list>: Port list or 'all', default: All ports : Port-based 802.1X Authentication auto authorized : Port access is allowed unauthorized: Port access is not allowed : Single Host 802.1X Authentication...
Page 423: Security Network Nas Reauthperiod
User’s Manual of WGSW-24040 / WGSW-24040R disable: Disable reauthentication (default: Show current reauthentication mode) Default Setting: disable Example: Enable reauthentication function. WGSW-24040:/>security network nas reauthentication enable Security Network NAS ReauthPeriod Description: Set or show the period between reauthentication attempts. Syntax: Security Network NAS ReauthPeriod [<reauth_period>]...
Page 424: Security Network Nas Agetime
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <eapol_timeout>: Time between EAPOL retransmissions (1-65535 seconds) (default: Show current EAPOL retransmission timeout) Default Setting: Example: Set the time between EAPOL retransmissions for 100sec. WGSW-24040:/>security network nas eapoltimeout 100 Security Network NAS Agetime Description: Time in seconds between check for activity on successfully authenticated MAC addresses.
Page 425: Security Network Nas Radius_Qos
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <hold_time>: Time on hold (10-1000000 seconds) (default: Show current hold time) Default Setting: Example: Set NAS hold time in 100sec WGSW-24040:/>security network nas holdtime 100 Security Network NAS RADIUS_QoS Description: Set or show either global state (use the global keyword) or per-port state of RADIUS-assigned QoS.
Page 426: Security Network Nas Guest_Vlan
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: Security Network NAS RADIUS_VLAN [global|<port_list>] [enable|disable] Parameters: : Select the global RADIUS-assigned VLAN setting global <port_list>: Select the per-port RADIUS-assigned VLAN setting (default: Show current per-port RADIUS-assigned VLAN state) enable : Enable RADIUS-assigned VLAN either globally or on one or more ports...
Page 427: Security Network Nas Authenticate
User’s Manual of WGSW-24040 / WGSW-24040R (default: Show current Maximum Reauth Count value <allow_if_eapol_seen>: The value can only be set if you use the 'global' keyword in the beginning of the command. disable:The Guest VLAN can only be entered if no EAPOL frames have been received on a port for the lifetime of the port...
Page 428: Security Network Acl Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <port_list>: Port list or 'all', default: All ports : Clear statistics clear : Show EAPOL statistics eapol radius : Show Backend Server statistics (default: Show all statistics) Example: Show 802.1X statistics in port 1 WGSW-24040:/>security network nas statistics 1...
Page 429: Security Network Acl Action
User’s Manual of WGSW-24040 / WGSW-24040R Security Network ACL Action Description: Set or show the ACL port default action. Syntax: Security Network ACL Action [<port_list>] [permit|deny] [<rate_limiter>] [<port_redirect>] [<logging>] [<shutdown>] Parameters: : Port list or 'all', default: All ports <port_list>...
Page 430: Security Network Acl Rate
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set ACL policy 2 for port 1 WGSW-24040:/>security network acl policy 1 2 Security Network ACL Rate Description: Set or show the ACL rate limiter. Syntax: Security Network ACL Rate [<rate_limiter_list>] [<rate>] Parameters: <rate_limiter_list>: Rate limiter list (1-16), default: All rate limiters...
Page 431 User’s Manual of WGSW-24040 / WGSW-24040R [<tag_prio>] [<dmac_type>] [(etype [<etype>] [<smac>] [<dmac>]) | (arp [<sip>] [<dip>] [<smac>] [<arp_opcode>] [<arp_flags>]) | (ip [<sip>] [<dip>] [<protocol>] [<ip_flags>]) | (icmp [<sip>] [<dip>] [<icmp_type>] [<icmp_code>] [<ip_flags>]) | (udp [<sip>] [<dip>] [<sport>] [<dport>] [<ip_flags>]) | (tcp [<sip>] [<dip>] [<sport>] [<dport>] [<ip_flags>] [<tcp_flags>])] [permit|deny] [<rate_limiter>] [<port_redirect>] [<logging>] [<shutdown>]...
Page 432: Security Network Acl Delete
User’s Manual of WGSW-24040 / WGSW-24040R <rate_limiter> : Rate limiter number (1-15) or 'disable' <port_redirect> : Port number for copy of frames or 'disable' : System logging of frames: log|log_disable <logging> : Shut down ingress port: shut|shut_disable <shutdown> Security Network ACL Delete Description: Delete ACE.
Page 433: Security Network Acl Clear
User’s Manual of WGSW-24040 / WGSW-24040R Security Network ACL Clear Description: Clear all ACL counters. Syntax: Security Network ACL Clear Example: Clear all ACL counters. WGSW-24040:/>security network acl clear Security Network ACL Status Description: Show ACL status. Syntax: Security Network ACL Status [combined|static|loop_protect|dhcp|upnp|arp_inspection|ipmc|ip_source_guard|conflicts]...
Page 434: Security Network Acl Port State
User’s Manual of WGSW-24040 / WGSW-24040R Security Network ACL Port State Description: Set or show the ACL port state. Syntax: Security Network ACL Port State [<port_list>] [enable|disable] Parameters: : Port list or 'all', default: All ports <port_list> enable|disable: ACL port state...
Page 435: Security Network Dhcp Relay Server
User’s Manual of WGSW-24040 / WGSW-24040R Set or show the DHCP relay mode. Syntax: Security Network DHCP Relay Mode [enable|disable] Parameters: enable : Enable DHCP relaly mode. When enable DHCP relay mode operation, the agent forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain.
Page 436: Security Network Dhcp Relay Information Mode
Default Setting: disable Example: Enable DHCP relay agent information option mode. WGSW-24040:/>security network dhcp relay information mode enable Security Network DHCP Relay Information Policy Description: Set or show the DHCP relay mode. When enable DHCP relay information mode operation, if agent receive a DHCP message that already contains relay agent information.
Page 437: Security Network Dhcp Relay Statistics
User’s Manual of WGSW-24040 / WGSW-24040R Default Setting: replace Example: Keep the original relay information when receive a DHCP message that already contains it WGSW-24040:/>security network dhcp relay information policy keep Security Network DHCP Relay Statistics Description: Show or clear DHCP relay statistics. Syntax:...
Page 438: Security Network Dhcp Snooping Port Mode
: Configures the port as trusted sources of the DHCP message untrusted: Configures the port as untrusted sources of the DHCP message (default: Show flow DHCP snooping port mode) Default Setting: trusted Example: Set untrusted DHCP snooping port mode in port 1 WGSW-24040:/>security network dhcp snooping port mode 1 untrusted...
Page 439: Security Network Dhcp Snooping Statistics
User’s Manual of WGSW-24040 / WGSW-24040R Security Network DHCP Snooping Statistics Description: Show or clear DHCP snooping statistics. Syntax: Security Network DHCP Snooping Statistics [<port_list>] [clear] Parameters: <port_list>: Port list or 'all', default: All ports : Clear DHCP snooping statistics...
Page 440: Security Network Ip Source Guard Mode
Set or show the IP Source Guard port mode. Syntax: Security Network IP Source Guard Mode [enable|disable] Parameters: enable : Enable IP Source Guard disable: Disable IP Source Guard Default Setting: disable Example: Enable IP source guard port mode WGSW-24040:/>security network ip source guard port mode enable...
Page 441: Security Network Ip Source Guard Limit
<allowed_ip>: IPv4 address (a.b.c.d), IP address allowed for doing IP source guard : IPv4 mask (a.b.c.d), IP mask for allowed IP address <ip_mask> Example: Add IP source guard static entry. WGSW-24040:/>security network ip source guard entry 1 add 1 192.168.0.20...
Page 442: Security Network Ip Source Guard Status
User’s Manual of WGSW-24040 / WGSW-24040R Security Network IP Source Guard Status Description: Show IP source guard static and dynamic entries. Syntax: Security Network IP Source Guard Status [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show IP source guard static and dynamic entries.
Page 443: Security Network Arp Inspection Mode
User’s Manual of WGSW-24040 / WGSW-24040R Security Network ARP Inspection Mode Description: Set or show ARP inspection mode. Syntax: Security Network ARP Inspection Mode [enable|disable] Parameters: enable : Enable ARP Inspection disable: Disable ARP Inspection Default Setting: disable Example: Enable ARP inspection mode WGSW-24040:/>security network arp inspection mode enable...
Page 444: Security Network Arp Inspection Entry
<allowed_ip> : IPv4 address (a.b.c.d), IP address allowed for doing ARP request Example: Add ARP inspection static entry. WGSW-24040:/>security network arp inspection entry 1 add 1 00-30-4f-00-00-11 192.168.0.11 Security Network ARP Inspection Status Description: Show ARP inspection static and dynamic entries.
Page 445: Security Network Arp Inspection Translation
User’s Manual of WGSW-24040 / WGSW-24040R Security Network ARP Inspection Translation Description: Translate ARP inspection dynamic entries into static entries. Syntax: Security Network ARP Inspection Translation Security AAA Configuration Description: Show Auth configuration. Syntax: Security AAA Configuration Example: Show Auth configuration.
Page 446: Security Aaa Timeout
User’s Manual of WGSW-24040 / WGSW-24040R ======================================= Server Mode IP Address Secret Port ------ -------- --------------- ------------------------------ ----- Disabled 1813 Disabled 1813 Disabled 1813 Disabled 1813 Disabled 1813 TACACS+ Authentication Server Configuration: ============================================ Server Mode IP Address Secret Port ------...
Page 447: Security Aaa Deadtime
User’s Manual of WGSW-24040 / WGSW-24040R Security AAA Deadtime Description: Set or show server dead time. Syntax: Security AAA Deadtime [<dead_time>] Parameters: <dead_time>: Time that a server is considered dead if it doesn't answer a request (0-3600 seconds) (default: Show server dead time configuration)
Page 448: Security Aaa Acct_Radius
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set RADIUS authentication server configuration. WGSW-24040:/>security aaa radius 1 enable 192.168.0.20 12345678 1812 Security AAA ACCT_RADIUS Description: Set or show RADIUS accounting server setup. Syntax: Security AAA ACCT_RADIUS [<server_index>] [enable|disable] [<ip_addr_string>] [<secret>] [<server_port>]...
Page 449: Security Aaa Statistics
Quotes in the secret are not allowed. : Server TCP port. Use 0 to use the default TACACS+ port (49) <server_port> Example: Set TACACS+ authentication server configuration. WGSW-24040:/>security aaa tacacs+ 1 enable 192.168.0.20 12345678 49 Security AAA Statistics Description: Show RADIUS statistics. Syntax: Security AAA Statistics [<server_index>]...
Page 450: Spanning Tree Protocol Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.8 Spanning Tree Protocol Command STP Configuration Description: Show STP Bridge configuration. Syntax: STP Configuration Example: Show STP configuration. WGSW-24040:/>stp cofiguration STP Configuration: ================== Protocol Version: MSTP Max Age : 20 Forward Delay : 15...
Page 451: Stp Tx Hold
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set the STP Bridge protocol version. WGSW-24040:/> stp version rstp STP Tx Hold Description: Set or show the STP Bridge Transmit Hold Count parameter. Syntax: STP Txhold [<holdcount>] Parameters: <holdcount>: STP Transmit Hold Count (1-10)
Page 452: Stp Maxage
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set STP maximum hops in 25 WGSW-24040:/>stp maxhops 25 STP MaxAge Description: Set or show the bridge instance maximum age. Syntax: STP MaxAge [<max_age>] Parameters: <max_age>: STP maximum age time (6-40, and max_age <= (forward_delay-1)*2)
Page 453: Stp Cname
User’s Manual of WGSW-24040 / WGSW-24040R Set STP forward delay value in 25 WGSW-24040:/>stp fwddelay 25 STP CName Description: Set or Show MSTP configuration name and revision. Syntax: STP CName [<config-name>] [<integer>] Parameters: <config-name>: MSTP Configuration name. A text string up to 32 characters long.
Page 454: Stp Bpdu Guard
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set edge port BPDU filtering WGSW-24040:/>stp bpdufilter enable STP BPDU Guard Description: Set or show edge port BPDU Guard. Syntax: STP bpduGuard [enable|disable] Parameters: enable|disable: enable or disable BPDU Guard for Edge ports...
Page 455: Stp Status
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set STP recovery value in 30 sec. WGSW-24040:/>stp recovery 30 STP Status Description: Show STP Bridge status. Syntax: STP Status [<msti>] [<port_list>] Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) <msti>...
Page 456: Stp Msti Map
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: STP Msti Priority [<msti>] [<priority>] Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) <msti> <priority> : STP bridge priority (0/4096/8192/12288/.../53248/57344/61440) Default: 32768 Example: Set MST1 priority value in 4096. WGSW-24040:/>stp msti priority 1 4096...
Page 457: Stp Port Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Example: Add MST1 in vlan1. WGSW-24040:/>stp msti add 1 1 STP Port Configuration Description: Show STP Port configuration. Syntax: STP Port Configuration [<port_list>] Parameters: <port_list>: Port list or 'all'. Port zero means aggregations. Example: Show STP status of Port1 WGSW-24040:/>stp port configuration 1...
Page 458: Stp Port Edge
User’s Manual of WGSW-24040 / WGSW-24040R disable Example: Enable STP function on port1 WGSW-24040:/>stp port mode 1 enable STP Port Edge Description: Set or show the STP adminEdge port parameter. Syntax: STP Port Edge [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 459: Stp Port P2P
User’s Manual of WGSW-24040 / WGSW-24040R : Disable MSTP autoEdge Disable Default: enable Example: Disable STP edge function on port1 WGSW-24040:/>stp port autoedge 1 disable STP Port P2P Description: Set or show the STP point2point port parameter. Syntax: STP Port P2P [<port_list>] [enable|disable|auto] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 460: Stp Port Restrictedtcn
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <port_list>: Port list or 'all', default: All ports : Enable MSTP restricted role enable : Disable MSTP restricted role disable Default: disable Example: Eisable STP restricted role on port1 WGSW-24040:/>stp port restrictedrole 1 enable...
Page 461: Stp Port Statistic
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: STP Port bpduGuard [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable port BPDU Guard enable : Disable port BPDU Guard disable Default: disable Example: Eisable BPDU guard on port1 WGSW-24040:/>stp port bpduguard 1 enable...
Page 462: Stp Msti Port Configuration
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: STP Port Mcheck [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Set the STP mCheck (Migration Check) variable for port 1. WGSW-24040:/>stp port mcheck 1 STP MSTI Port Configuration Description: Show the STP port instance configuration.
Page 463: Stp Msti Port Priority
User’s Manual of WGSW-24040 / WGSW-24040R auto Example: Set MSTI7 in port1 WGSW-24040:/>stp msti port cost 7 1 MSTI Port Path Cost ---- ---- ---------- MST7 1 Auto STP MSTI Port Priority Description: Set or show the STP port instance priority.
Page 464: Link Aggregation Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.9 Link Aggregation Command Aggregation Configuration Description: Show link aggregation configuration. Syntax: Aggr Configuration Aggregation Add Description: Add or modify link aggregation. Syntax: Aggr Add <port_list> [<aggr_id>] Parameters: <port_list>: Port list or 'all', default: All ports <aggr_id>...
Page 465: Aggregation Lookup
User’s Manual of WGSW-24040 / WGSW-24040R Delete Group2 WGSW-24040:/>aggr delete 2 Aggregation Lookup Description: Lookup link aggregation. Syntax: Aggr Lookup [<aggr_id>] Parameters: <aggr_id>: Aggregation ID: 1-14 Aggregation Mode Description: Set or show the link aggregation traffic distribution mode. Syntax: Aggr Mode [smac|dmac|ip|port] [enable|disable]...
Page 466 User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>Aggr mode smac disable...
Page 467: Link Aggregation Control Protocol Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.10 Link Aggregation Control Protocol Command LACP Configuration Description: Show LACP configuration. Syntax: LACP Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LACP configuration WGSW-24040:/>lacp configuration Port Mode Role...
Page 468: Lacp Key
User’s Manual of WGSW-24040 / WGSW-24040R <port_list>: Port list or 'all', default: All ports enable : Enable LACP protocol disable: Disable LACP protocol (default: Show LACP mode) Default Setting: disable Example: Enable LACP for port1~4 WGSW-24040:/>lacp mode 1-4 enable LACP Key Description: Set or show the LACP key.
Page 469: Lacp System Priority
User’s Manual of WGSW-24040 / WGSW-24040R LACP Prio [<port_list>] [<prio>] Parameters: <port_list>: Port list or 'all', default: All ports : LACP Prio (0-65535) <prio> Default Setting: 32768 LACP System Priority Description: Set or show the LACP System prio. Syntax: LACP System Prio [<sysprio>] Parameters: <sysprio>: LACP System Prio (0-65535)
Page 470: Lacp Status
User’s Manual of WGSW-24040 / WGSW-24040R active Example: Set passive for port1~4 WGSW-24040:/>lacp role 1-4 passive LACP Status Description: Show LACP Status. Syntax: LACP Status [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LACP status of port1~4 WGSW-24040:/>lacp status 1-4...
Page 471: Lacp Timeout
User’s Manual of WGSW-24040 / WGSW-24040R <port_list>: Port list or 'all', default: All ports : Clear LACP statistics clear Example: Show LACP statistics of port1~4 WGSW-24040:/>lacp statistics 1-4 Port Rx Frames Tx Frames Rx Unknown Rx Illegal ------ --------------- ---------------...
Page 472: Lldp Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.11 LLDP Command LLDP Configuration Description: Show LLDP configuration. Syntax: LLDP Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LLDP configuration of port1~4 WGSW-24040:/>lldp configuration 1-4 LLDP Configuration: ===================...
Page 473: Lldp Optional Tlv
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable LLDP reception and transmission disable: Disable LLDP : Enable LLDP reception only : Enable LLDP transmission only (default: Show LLDP mode) Default Setting:...
Page 474: Lldp Interval
User’s Manual of WGSW-24040 / WGSW-24040R System capabilities: Enable Master's IP address: Enable Example: Disable description of the port for port1 WGSW-24040:/>lldp optional_tlv 1 port_descr disable LLDP Interval Description: Set or show LLDP Tx interval. Syntax: LLDP Interval [<interval>] Parameters: <interval>: LLDP transmission interval (5-32768)
Page 475: Lldp Delay
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set LLDP hold value in 10 WGSW-24040:/>lldp hold 10 LLDP Delay Description: Set or show LLDP Tx delay. Syntax: LLDP Delay [<delay>] Parameters: <delay>: LLDP transmission delay (1-8192) Default Setting: Example: Set LLDP delay value in 1 WGSW-24040:/>lldp delay 1...
Page 476: Lldp Statistics
User’s Manual of WGSW-24040 / WGSW-24040R Example: Set LLDP reinit delay value in 3 WGSW-24040:/>lldp reinit 3 LLDP Statistics Description: Show LLDP Statistics. Syntax: LLDP Statistics [<port_list>] [clear] Parameters: <port_list>: Port list or 'all', default: All ports : Clear LLDP statistics...
Page 477: Lldp Info
User’s Manual of WGSW-24040 / WGSW-24040R LLDP Info Description: Show LLDP neighbor device information. Syntax: LLDP Info [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports LLDP CDP Aware Description: Set or show if discovery information from received CDP ( Cisco Discovery Protocol ) frames is added to the LLDP neighbor table.
Page 478: Lldpmed Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.12 LLDPMED Command LLDPMED Configuration Description: Show LLDP-MED configuration. Syntax: LLDPMED Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LLDP-MED configuration of port1~4 WGSW-24040:/>lldpmed configuration 1-4 LLDP-MED Configuration: =======================...
Page 479: Lldpmed Ecs
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: LLDPMED Civic [country|state|county|city|district|block|street|leading_street_direction|trailing_street_suffix|str_suf|house_no|house_no_s uffix|landmark|additional_info|name|zip_code|building|apartment|floor|room_number|place_type|postal_com_name|p_o_ box|additional_code] [<civic_value>] Parameters: : Country country : National subdivisions (state, caton, region, province, prefecture) state : County, parish,gun (JP), district(IN) county : City, townchip, shi (JP) city : City division,borough, city, district, ward,chou (JP)
Page 480: Lldpmed Policy Delete
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: LLDPMED ecs [<ecs_value>] Parameters: <ecs_value>: lldpmed The value for the Emergency Call Service LLDPMED Policy Delete Description: Delete the selected policy. Syntax: LLDPMED policy delete [<policy_list>] Parameters: <policy_list>: List of policies to delete...
Page 481: Lldpmed Port Policy
User’s Manual of WGSW-24040 / WGSW-24040R interactive voice services. guest_voice_signaling : Guest Voice Signaling (conditional) for use in network topologies that require a different policy for the guest voice signaling than for the guest voice media. : Softphone Voice for use by softphone applications on typical data centric devices, such as softphone_voice PCs or laptops.
Page 482: Lldpmed Coordinates
User’s Manual of WGSW-24040 / WGSW-24040R LLDPMED Coordinates Description: Set or show LLDP-MED Location. Syntax: LLDPMED Coordinates [<tude_type>] [<direction>] [coordinate_value] Parameters: : The tude_type parameter takes the following values: <tude_type> latitude : Latitude, 0 to 90 degrees with max. 4 digits (Positive numbers are north of the equator and negative numbers are south of the equator).
Page 483: Lldpmed Fast
User’s Manual of WGSW-24040 / WGSW-24040R LLDPMED Fast Description: Set or show LLDP-MED Fast Start Repeat Count. Syntax: LLDPMED Fast [<count>] Parameters: <count>: The number of times the fast start LLDPDU are being sent during the activation of the fast start mechanism defined by LLDP-MED (1-10).
Page 484: Quality Of Service Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.13 Quality of Service Command QoS Configuration Description: Show QoS Configuration. Syntax: QoS Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports QoS Port Classification Class Description: Set or show the default QoS class.
Page 485: Qos Port Classification Tag
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: QoS Port Classification DPL [<port_list>] [<dpl>] Parameters: <port_list>: Port list or 'all', default: All ports : Drop Precedence Level (0-3) <dpl> Default Setting: Example: Set the default Drop Precedence Level in 1 for port1 WGSW-24040:/>qos Port Classification dpl 1 1...
Page 486: Qos Port Classification Map
User’s Manual of WGSW-24040 / WGSW-24040R QoS Port Classification Map Description: Set or show the port classification map. This map is used when port classification tag is enabled,and the purpose is to translate the Priority Code Point (PCP) and Drop Eligible Indicator (DEI) from a tagged frame to QoS class and DP level.
Page 487: Qos Port Policer Mode
User’s Manual of WGSW-24040 / WGSW-24040R QoS Port Policer Mode Description: Set or show the port policer mode Syntax: QoS Port Policer Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable port policer enable : Disable port policer...
Page 488: Qos Port Policer Unit
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>qos Port Policer Rate 1-10 1000 QoS Port Policer Unit Description: Set or show the port policer unit. Syntax: QoS Port Policer Unit [<port_list>] [kbps|fps] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 489: Qos Port Scheduler Mode
User’s Manual of WGSW-24040 / WGSW-24040R (default: Show port policer flow control mode) Default Setting: disable QoS Port Scheduler Mode Description: Set or show the port scheduler mode. Syntax: QoS Port Scheduler Mode [<port_list>] [strict|weighted] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 490: Qos Port Queueshaper Mode
(default: Show port queue shaper mode) Default Setting: disable Example: Enable port queue shaper for all port & queue WGSW-24040:/>qos Port QueueShaper Mode 1-10 0-7 enable QoS Port QueueShaper Rate Description: Set or show the port queue shaper rate. Syntax: QoS Port QueueShaper Rate [<port_list>] [<queue_list>] [<bit_rate>]...
Page 491: Qos Port Queueshaper Excess
User’s Manual of WGSW-24040 / WGSW-24040R Set the port queue shaper rate in 1000 WGSW-24040:/>qos Port QueueShaper rate 1-10 0-7 1000 QoS Port QueueShaper Excess Description: Set or show the port queue excess bandwidth mode. Syntax: QoS Port QueueShaper Excess [<port_list>] [<queue_list>] [enable|disable] Parameters: <port_list>...
Page 492: Qos Port Tagremarking Pcp
User’s Manual of WGSW-24040 / WGSW-24040R : Use mapped versions of QoS class and DP level mapped (default: Show port tag remarking mode) Default Setting: classified Example: Set the port tag remarking mode in mapped. WGSW-24040:/>qos Port TagRemarking Mode 1-10 mapped...
Page 493: Qos Port Tagremarking Map
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <port_list>: Port list or 'all', default: All ports : Drop Eligible Indicator (0-1) <dei> Default Setting: Example: Set the default EDI in 1. WGSW-24040:/>qos Port TagRemarking EDI 1-10 1 QoS Port TagRemarking Map Description: Set or show the port tag remarking map.
Page 494: Qos Port Dscp Classification
: Classify DSCP for which class. mode is 'enable' : Classify all DSCP (default: Show port DSCP ingress classification mode) Default Setting: none Example: Set DSCP classification based on QoS class and DP level in zero WGSW-24040:/> QoS Port DSCP Classification 1-10 zero...
Page 495: Qos Port Dscp Egressremark
Default Setting: disable Example: Enable DSCP egress rewrite WGSW-24040:/> QoS Port DSCP EgressRemark 1-10 enable QoS DSCP Map Description: Set or show DSCP mapping table. This table is used to map QoS class and DP level based on DSCP value.
Page 496: Qos Dscp Translation
User’s Manual of WGSW-24040 / WGSW-24040R QoS DSCP Translation Description: Set or show global ingress DSCP translation table. If port DSCP translation is enabled, translation table is used to translate incoming frames DSCP value and translated value is used to map QoS class and DP level.
Page 497: Qos Dscp Classification Map
User’s Manual of WGSW-24040 / WGSW-24040R If port DSCP classification is 'selected', DSCP will be classified based on QoS class and DP level only for DSCP value with classification mode 'enabled'. DSCP may be translated DSCP if translation is enabled for the port.
Page 498: Qos Port Storm Unicast
: Unit is frames per second Default Setting: disable Example: Enable unicast storm control in 2kbps WGSW-24040:/> QoS Port Storm Unicast enable 2 QoS Port Storm Multicast Description: Set or show the port storm rate limiter for broadcast frames. Syntax:...
Page 499: Qos Port Storm Broadcast
Default Setting: disable Example: Enable multicast storm control in 2kbps WGSW-24040:/> QoS Port Storm multicast enable 2 QoS Port Storm Broadcast Description: Set or show the broadcast storm rate limiter. The limiter will only affect flooded frames, i.e. frames with a (VLAN ID, DMAC) pair not present in the MAC Address table.
Page 500: Qos Qcl Add
User’s Manual of WGSW-24040 / WGSW-24040R QoS QCL Add Description: Add or modify QoS Control Entry (QCE). If the QCE ID parameter <qce_id> is specified and an entry with this QCE ID already exists, the QCE will be modified. Otherwise, a new QCE will be added. If the QCE ID is not specified, the next available QCE ID will be used. If the next QCE ID parameter <qce_id_next>...
Page 501: Qos Qcl Delete
User’s Manual of WGSW-24040 / WGSW-24040R : IPv4 frame fragmented: yes|no|any <fragment> : Source TCP/UDP port:(0-65535) or 'any', specific or port range <sport> : Dest. TCP/UDP port:(0-65535) or 'any', specific or port range <dport> : IPv6 keyowrd ipv6 : IPv6 source address: (a.b.c.d/n) or 'any', 32 LS bits <sip_v6>...
Page 502: Qos Qcl Refresh
User’s Manual of WGSW-24040 / WGSW-24040R QoS QCL status [combined|static|voice_vlan|conflicts] Parameters: : Shows the combined status combined|static|voice_vlan|conflicts: combined : Shows the static user configured status static : Shows the status by Voice VLAN voice_vlan : Shows all conflict status conflicts...
Page 503: Mirror Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.14 Mirror Command Mirror Configuration Description: Show mirror configuration. Syntax: Mirror Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show mirror configuration. WGSW-24040:/>mirror configuration Mirror Port Description: Set or show the mirror port.
Page 504: Mirror Mode
User’s Manual of WGSW-24040 / WGSW-24040R Mirror Mode Description: Set or show the mirror mode. Syntax: Mirror Mode [<port_cpu_list>] [enable|disable|rx|tx] Parameters: <port_cpu_list>: Port list or CPU or 'all', default: All ports and CPU enable : Enable Rx and Tx mirroring...
Page 505: Configuration Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.15 Configuration Command Configuration Save Description: Save configuration to TFTP server. Syntax: Config Save <ip_server> <file_name> Parameters: <ip_server>: TFTP server IP address (a.b.c.d) <file_name>: Configuration file name Configuration Load Description: Load configuration from TFTP server.
Page 506: Firmware Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.16 Firmware Command Firmware Load Description: Load new firmware from TFTP server. Syntax: Firmware Load <ip_addr_string> <file_name> Parameters: <ip_addr_string>: IP host address (a.b.c.d) or a host name string : Firmware file name <file_name> Firmware IPv6 Load Description: Load new firmware from IPv6 TFTP server.
Page 507 User’s Manual of WGSW-24040 / WGSW-24040R Activate the alternate firmware image. Syntax: Firmware Swap...
Page 508: Upnp Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.17 UPnP Command UPnP Configuration Description: Show UPnP configuration. Syntax: UPnP Configuration Example: Show UPnP configuration. WGSW-24040:/>upnp configuration UPnP Configuration: =================== UPnP Mode : Disabled UPnP TTL UPnP Advertising Duration : 100 UPnP Mode Description: Set or show the UPnP mode.
Page 509: Upnp Ttl
User’s Manual of WGSW-24040 / WGSW-24040R WGSW-24040:/>upnp mode enable UPnP TTL Description: Set or show the TTL value of the IP header in SSDP messages. Syntax: UPnP TTL [<ttl>] Parameters: <ttl>: ttl range (1..255), default: Show UPnP TTL Default Setting: Example: Set the value 10 for TTL value of the IP header in SSDP messages.
Page 510: Mvr Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.18 MVR Command MVR Configuration Description: Show the MVR configuration. Syntax: MVR Configuration Example: Show the MVR configuration. WGSW-24040:/>mvr configuration MVR Configuration: ================== MVR Mode: Disabled Muticast VLAN ID: 100 Port Port Mode Port Type...
Page 511: Mvr Vlan Setup
User’s Manual of WGSW-24040 / WGSW-24040R MVR Mode [enable|disable] Parameters: : Enable MVR mode enable : Disable MVR mode disable (default: Show MVR mode) Default Setting: disable Example: Enable MVR mode. WGSW-24040:/>mvr mode enable MVR VLAN Setup Description: Set or show per MVR VLAN configuration.
Page 512: Mvr Vlan Port
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <vid>|<mvr_name>: MVR VLAN ID (1-4095) or Name (Maximum of 32 characters) : Dynamic MVR mode dynamic compatible: Compatible MVR mode (default: Show MVR VLAN mode) MVR VLAN Port Description: Set or show per MVR VLAN port role.
Page 513: Mvr Vlan Channel
User’s Manual of WGSW-24040 / WGSW-24040R MVR VLAN Channel Description: Set or show per MVR VLAN channel. Syntax: MVR VLAN Channel [<vid>|<mvr_name>] [add|del|upd] [channel] [channel_bound] [(Name <grp_name>)] Parameters: <vid>|<mvr_name>: MVR VLAN ID (1-4095) or Name (Maximum of 32 characters) : Add operation...
Page 514: Mvr Status
User’s Manual of WGSW-24040 / WGSW-24040R MVR Immediate Leave [<port_list>] [enable|disable] Parameters: <<port_list>: Port list or 'all', default: All ports : Enable Immediate Leave enable : Disable Immediate Leave disable (default: Show MVR Immediate Leave) MVR Status Description: Show/Clear MVR operational status.
Page 515 User’s Manual of WGSW-24040 / WGSW-24040R MVR SFM [<vid>] [<port_list>] Parameters: : VLAN ID (1-4095) <vid> <port_list>: Port list or 'all', default: All ports...
Page 516: Voice Vlan Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.19 Voice VLAN Command Voice VLAN Configuration Description: Show Voice VLAN configuration. Syntax: Voice VLAN Configuration Example: Show Voice VLAN configuration. WGSW-24040:/>voice vlan configuration V oice VLAN Configuration: ========================= Voice VLAN Mode : Disabled...
Page 517: Voice Vlan Mode
User’s Manual of WGSW-24040 / WGSW-24040R Port Mode Security Discovery Protocol ---- -------- -------- ------------------ Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Voice VLAN Mode Description: Set or show the Voice VLAN mode.
Page 518: Voice Vlan Id
User’s Manual of WGSW-24040 / WGSW-24040R Voice VLAN ID Description: Set or show Voice VLAN ID. Syntax: Voice VLAN ID [<vid>] Parameters: <vid>: VLAN ID (1-4095) Default Setting: 1000 Example: Set ID 2 for Voice VLAN ID. WGSW-24040:/>voice vlan id 2...
Page 519: Voice Vlan Traffic Class
User’s Manual of WGSW-24040 / WGSW-24040R Voice VLAN Traffic Class Description: Set or show Voice VLAN ID. Syntax: Voice VLAN Traffic Class [<class>] Parameters: <class>: Traffic class (0-7) Default Setting: Example: Set 4 traffic class for voice VLAN WGSW-24040:/>voice vlan traffic class4...
Page 520: Voice Vlan Oui Delete
User’s Manual of WGSW-24040 / WGSW-24040R Voice VLAN OUI Delete Description: Delete Voice VLAN OUI entry. Modify OUI table will restart auto detect OUI process. Syntax: Voice VLAN OUI Delete <oui_addr> Parameters: <oui_addr>: OUI address (xx-xx-xx). The null OUI address isn't allowed Example: Delete Voice VLAN OUI entry.
Page 521: Voice Vlan Port Mode
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: <oui_addr>: OUI address (xx-xx-xx), default: Show OUI address Voice VLAN Port Mode Description: Set or show the Voice VLAN port mode. When the port mode isn't disabled, we must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter.
Page 522: Voice Vlan Discovery Protocol
User’s Manual of WGSW-24040 / WGSW-24040R <port_list>: Port list or 'all', default: All ports enable : Enable Voice VLAN security mode. disable: Disable Voice VLAN security mode (default: Show flow Voice VLAN security mode) Default Setting: disable Example: Enable the Voice VLAN port security mode for port 1-4.
Page 523: Loop Protect Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.20 Loop Protect Command Loop Protect Configuration Description: Show Loop Protection configuration. Syntax: Loop Protect Configuration Loop Protect Mode Description: Set or show the Loop Protection mode. Syntax: Loop Protect Mode [enable|disable] Parameters: enable : Enable Loop Protection...
Page 524: Loop Protect Shutdown
User’s Manual of WGSW-24040 / WGSW-24040R Loop Protect Shutdown Description: Set or show the Loop Protection shutdown time. Syntax: Loop Protect Shutdown [<shutdown-time>] Parameters: Shutdown time interval (0-604800 seconds) A value of zero disables re-enabling the port Default Setting: Loop Protect Port Configuration Description: Show Loop Protection port configuration.
Page 525: Loop Protect Port Action
User’s Manual of WGSW-24040 / WGSW-24040R Loop Protect Port Action Description: Set or show the Loop Protection port action. Syntax: Loop Protect Port Action [<port_list>] [shutdown|shut_log|log] Parameters: <port_list>: Port list or 'all', default: All ports shutdown : Shutdown the port...
Page 526: Ipmc Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 6.21 IPMC Command IPMC Configuration Description: Show IPMC snooping configuration. Syntax: IPMC Configuration [mld|igmp] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP IPMC Mode Description: Set or show the IPMC snooping mode.
Page 527: Ipmc Flooding
User’s Manual of WGSW-24040 / WGSW-24040R IPMC Flooding Description: Set or show the IPMC unregistered addresses flooding operation. Syntax: IPMC Flooding [mld|igmp] [enable|disable] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP enable : Enable IPMC flooding...
Page 528: Ipmc Proxy
User’s Manual of WGSW-24040 / WGSW-24040R Default Setting: disable Example: Enable IGMP Leave Proxy WGSW-24040:/>ipmc leave proxy igmp enable IPMC Proxy Description: Set or show the mode of IPMC Proxy. Syntax: IPMC Proxy [mld|igmp] [enable|disable] Parameters: mld|igmp: mld : IPMC for IPv6 MLD...
Page 529: Ipmc Vlan Add
User’s Manual of WGSW-24040 / WGSW-24040R Parameters: mld|igmp : mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP : SSM Range keyword range <prefix> : IPv4/IPv6 multicast group address, accordingly <mask_len>: Mask length for IPv4(4 ~ 32)/IPv6(8 ~ 128) ssm range, accordingly...
Page 530: Ipmc State
User’s Manual of WGSW-24040 / WGSW-24040R IPMC State Description: Set or show the IPMC snooping state for VLAN. Syntax: IPMC State [mld|igmp] [<vid>] [enable|disable] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP : VLAN ID (1-4095) or 'any', default: Show all VLANs <vid>...
Page 531: Ipmc Compatibility
User’s Manual of WGSW-24040 / WGSW-24040R Default Setting: enable Example: Enable IGMP querier for VLAN 1 WGSW-24040:/>ipmc querier igmp 1 enable IPMC Compatibility Description: Set or show the IPMC Compatibility. Syntax: IPMC Compatibility [mld|igmp] [<vid>] [auto|v1|v2|v3] Parameters: mld|igmp mld : IPMC for IPv6 MLD...
Page 532: Ipmc Throttling
User’s Manual of WGSW-24040 / WGSW-24040R igmp: IPMC for IPv4 IGMP <port_list>: Port list or 'all', default: All ports enable : Enable MLD fast leave disable: Disable MLD fast leave (default: Show IPMC fast leave mode) Default Setting: disable Example: Enable IGMP fast leave for all port WGSW-24040:/>ipmc fastleave igmp 1-10 enable...
Page 533: Ipmc Filtering
User’s Manual of WGSW-24040 / WGSW-24040R IPMC Filtering Description: Set or show the IPMC port group filtering list. Syntax: IPMC Filtering [mld|igmp] [<port_list>] [add|del] [group_addr] Parameters: mld|igmp mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP <port_list>: Port list or 'all', default: All ports...
Page 534: Ipmc Groups
User’s Manual of WGSW-24040 / WGSW-24040R Show IPMC operational status, accordingly. Syntax: IPMC Status [mld|igmp] [<vid>] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP : VLAN ID (1-4095) or 'any', default: Show all VLANs <vid>...
Page 535: Ipmc Sfm
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: IPMC Version [mld|igmp] [<vid>] Parameters: mld|igmp: mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP : VLAN ID (1-4095) or 'any', default: Show all VLANs <vid> Example: Show VLAN 1 IPMC Versions.
Page 536: Ipmc Parameter Qi
User’s Manual of WGSW-24040 / WGSW-24040R mld : IPMC for IPv6 MLD igmp: IPMC for IPv4 IGMP : VLAN ID (1-4095) or 'any', default: Show all VLANs <vid> ipmc_param_rv: : Default Value (2) : Robustness Variable 1~255 (default: Show IPMC Interface Robustness Variable...
Page 537: Ipmc Parameter Llqi
User’s Manual of WGSW-24040 / WGSW-24040R : VLAN ID (1-4095) or 'any', default: Show all VLANs <vid> ipmc_param_qri: : Default Value (100) 0~31744 : Query Response Interval in tenths of seconds (default: Show IPMC Interface Query Response Interval IPMC Parameter LLQI Description: Set or show the IPMC Last Listener Query Interval.
Page 538 User’s Manual of WGSW-24040 / WGSW-24040R : Default Value (1) 0~31744 : Unsolicited Report Interval in seconds (default: Show IPMC Interface Unsolicited Report Interval...
Page 539: Sflow Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 6.22 sFlow Command sFlow Configuration Description: Show global and per port sFlow configuration. Syntax: sFlow Configuration sFlow Receiver Description: Set or show the sFlow receiver timeout, IP address, and UDP port. Syntax: sFlow Receiver [release] [<timeout>] [<ip_addr_host>] [<udp_port>] [<datagram_size>] Parameters: : Release the current owner of the receiver.
Page 540: Sflow Counterpoller
User’s Manual of WGSW-24040 / WGSW-24040R Syntax: sFlow FlowSampler [<port_list>] [<sampling_rate>] [<max_hdr_size>] Parameters: : Port list or 'all'. Default: All ports. <port_list> <sampling_rate>: Specifies the statistical sampling rate The sample rate is specified as N to sample 1/Nth of the packets in the monitored flows. There are no restrictions on the value, but the switch will adjust it to the closest possible sampling rate.
Page 541: Sflow Statistics Samplers
User’s Manual of WGSW-24040 / WGSW-24040R sFlow Statistics Samplers Description: Get or clear per-port statistics. Syntax: sFlow Statistics Samplers [<port_list>] [clear] Parameters: <port_list>: Port list or 'all'. Default: All ports. : Clear statistics. clear...
Page 542: Vcl Mac-Based Vlan Configuration
User’s Manual of WGSW-24040 / WGSW-24040R 6.23 VLAN Control List Command VCL MAC-based VLAN Configuration Description: Show VCL MAC-based VLAN configuration. Syntax: VCL Macvlan Configuration VCL MAC-based VLAN Add Description: Add or modify VCL MAC-based VLAN entry. Syntax: VCL Macvlan Add <mac_addr> <vid> [<port_list>] Parameters: <mac_addr>...
Page 543: Vcl Protocol-Based Vlan Add Ethernet Ii
User’s Manual of WGSW-24040 / WGSW-24040R Example: Delete 00-11-22-33-44-55-66 in MAC-based VLAN list WGSW-24040:/> vcl macvlan del 00-11-22-33-44-55-66 VCL Stasus Description: Show VCL MAC-based VLAN users configuration. Syntax: VCL Status [combined|static|nas|all] Parameters: combined|static|nas|all: VCL User VCL Protocol-based VLAN Add Ethernet II Description: Add VCL protocol-based VLAN Ethernet-II protocol to group mapping.
Page 544: Vcl Protocol-Based Vlan Add Llc
User’s Manual of WGSW-24040 / WGSW-24040R : PID value (0x0-0xFFFF). If OUI is 00-00-00, valid range of PID is from 0x0600-0xFFFF. <pid> : Protocol group ID <group_id> VCL Protocol-based VLAN Add LLC Description: Add VCL protocol-based VLAN LLC protocol to group mapping.
Page 545: Vcl Protocol-Based Vlan Delete Llc
User’s Manual of WGSW-24040 / WGSW-24040R : PID value (0x0-0xFFFF). If OUI is 00-00-00, valid range of PID is from 0x0600-0xFFFF. <pid> VCL Protocol-based VLAN Delete LLC Description: Delete VCL protocol-based VLAN LLC protocol to group mapping. Syntax: VCL ProtoVlan Protocol Delete Llc <dsap> <ssap>...
Page 546: Vcl Protocol-Based Vlan Configuration
User’s Manual of WGSW-24040 / WGSW-24040R <group_id> : Protocol group ID VCL Protocol-based VLAN Configuration Description: Show VCL protocol-based VLAN entries. Syntax: VCL ProtoVlan Conf VCL IP-based VLAN Configuration Description: Show VCL IP Subnet-based VLAN configuration. Syntax: VCL IPVlan Configuration [<vce_id>] Parameters: <vce_id>: Unique VCE ID for each VCL entry...
Page 547: Vcl Ip-Based Vlan Delete
User’s Manual of WGSW-24040 / WGSW-24040R VCL IP-based VLAN Delete Description: Delete VCL IP Subnet-based VLAN entry. Syntax: VCL IPVlan Delete <vce_id> Parameters: <vce_id>: Unique VCE ID for each VCL entry...
Page 548: Smtp Command
User’s Manual of WGSW-24040 / WGSW-24040R 6.24 SMTP Command SMTP Configuration Description: Show SMTP configure. Syntax: SMTP Configuration SMTP Mode Description: Enable or disable SMTP configure. Syntax: SMTP Mode [enable|disable] Parameters: : Enable SMTP mode enable : Disable SMTP mode...
Page 549: Smtp Auth
User’s Manual of WGSW-24040 / WGSW-24040R SMTP Auth Description: Enable or disable SMTP authentication configure. Syntax: SMTP Auth [enable|disable] Parameters: : Enable SMTP authentication enable : Disable SMTP authentication disable (default: Show SMTP authentication) SMTP Auth_user Description: Set or show SMTP authentication user name configure.
Page 550: Smtp Mail From
User’s Manual of WGSW-24040 / WGSW-24040R SMTP Mail From Description: Set or show SMTP E-mail from configure. Syntax: SMTP Mailfrom [<mailfrom_text>] Parameters: <mailfrom_text>: SMTP E-mail from address SMTP Mail Subject Description: Set or show SMTP E-mail subject configure. Syntax: SMTP Mailsubject [<mailsubject_text>] Parameters: <mailsubject_text>: SMTP E-mail subject...
Page 551 User’s Manual of WGSW-24040 / WGSW-24040R Syntax: SMTP Mailto2 [<mailto2_text>] Parameters: <mailto1_text>: SMTP E-mail 2 to address...
Page 552: Switch Operation
User’s Manual of WGSW-24040 / WGSW-24040R 7. SWITCH OPERATION 7.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Ethernet Switch.
Page 553: Auto-Negotiation
User’s Manual of WGSW-24040 / WGSW-24040R 7.5 Auto-Negotiation The STP ports on the Switch have built-in "Auto-negotiation". This technology automatically sets the best possible bandwidth when a connection is established with another network device (usually at Power On or Reset). This is done by detect the modes and speeds at the second of both device is connected and capable of, both 10Base-T and 100Base-TX devices can connect with the port in either Half- or Full-Duplex mode.
Page 554: Trouble Shooting
User’s Manual of WGSW-24040 / WGSW-24040R 8. TROUBLE SHOOTING This chapter contains information to help you solve problems. If the Ethernet Switch is not functioning properly, make sure the Ethernet Switch was set up according to instructions in this manual.
Page 555 User’s Manual of WGSW-24040 / WGSW-24040R If that device works, refer to the next step. If that device does not work, check the AC power  While IP Address be changed or forgotten admin password – To reset the IP address to the default IP Address “192.168.0.100” or reset the password to default value. Press the hardware reset button at the front panel about 10 seconds.
Page 556: Appendex A
User’s Manual of WGSW-24040 / WGSW-24040R APPENDEX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI-X BI_DA+ BI_DB+ BI_DA- BI_DB- BI_DB+ BI_DA+ BI_DC+ BI_DD+ BI_DC- BI_DD- BI_DB- BI_DA- BI_DD+ BI_DC+ BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard.
Page 557 User’s Manual of WGSW-24040 / WGSW-24040R The standard cable, RJ-45 pin assignment The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded. The following shows the pin allocation and color of straight cable and crossover cable connection:...
Page 558 User’s Manual of WGSW-24040 / WGSW-24040R APPENDEX B : GLOSSARY ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID. There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains many detailed, different parameter options that are available for individual application.
Page 559 User’s Manual of WGSW-24040 / WGSW-24040R ranging from 1-1024K packets per seconds. Under "Ports" and "Access Control List" web-pages you can assign a Rate Limiter ID to the ACE(s) or ingress port(s). AES is an acronym for Advanced Encryption Standard. The encryption key protocol is applied in 802.1i standard to improve WLAN security.
Page 560 User’s Manual of WGSW-24040 / WGSW-24040R CC is an acronym for Continuity Check. It is a MEP functionality that is able to detect loss of continuity in a network by transmitting CCM frames to a peer MEP. CCM is an acronym for Continuity Check Message. It is a OAM frame transmitted from a MEP to it's peer MEP and used to implement CC functionality.
Page 561 User’s Manual of WGSW-24040 / WGSW-24040R Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address.
Page 562 User’s Manual of WGSW-24040 / WGSW-24040R DSCP DSCP is an acronym for Differentiated Services Code Point. It is a field in the header of IP packets for packet classification purposes. EEE is an abbreviation for Energy Efficient Ethernet defined in IEEE 802.3az.
Page 563 User’s Manual of WGSW-24040 / WGSW-24040R connection to a particular port on a remote host (port 80 by default). An HTTP server listening on that port waits for the client to send a request message. HTTPS HTTPS is an acronym for Hypertext Transfer Protocol over Secure Socket Layer. It is used to indicate a secure HTTP connection.
Page 564 User’s Manual of WGSW-24040 / WGSW-24040R from a mail server. IMAP is the protocol that IMAP clients use to communicate with the servers, and SMTP is the protocol used to transport mail to an IMAP server. The current version of the Internet Message Access Protocol is IMAP4. It is similar to Post Office Protocol version 3 (POP3), but offers additional and more complex features.
Page 565 User’s Manual of WGSW-24040 / WGSW-24040R LLDP is an IEEE 802.1ab standard protocol. The Link Layer Discovery Protocol(LLDP) specified in this standard allows stations attached to an IEEE 802 LAN to advertise, to other stations attached to the same IEEE 802 LAN, the major capabilities provided by the system...
Page 566 User’s Manual of WGSW-24040 / WGSW-24040R For debugging network problems or monitoring network traffic, the switch system can be configured to mirror frames from multiple ports to a mirror port. (In this context, mirroring a frame is the same as copying the frame.) Both incoming (source) and outgoing (destination) frames can be mirrored to the mirror port.
Page 567 User’s Manual of WGSW-24040 / WGSW-24040R NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer systems. NTP uses UDP (datagrams) as transport layer. OAM is an acronym for Operation Administration and Maintenance.
Page 568 User’s Manual of WGSW-24040 / WGSW-24040R PING ping is a program that sends a series of packets over a network or the Internet to a specific computer in order to generate a response from that computer. The other computer responds with an acknowledgment that it received the packets.
Page 569 User’s Manual of WGSW-24040 / WGSW-24040R QCE is an acronym for QoS Control Entry. It describes QoS class associated with a particular QCE ID. There are six QCE frame types: Ethernet Type, VLAN, UDP/TCP Port, DSCP, TOS, and Tag Priority. Frames can be classified by one of 4 different QoS classes: "Low", "Normal", "Medium", and "High"...
Page 570 User’s Manual of WGSW-24040 / WGSW-24040R RADIUS is an acronym for Remote Authentication Dial In User Service. It is a networking protocol that provides centralized access, authorization and accounting management for people or computers to connect and use a network service.
Page 571 User’s Manual of WGSW-24040 / WGSW-24040R SNAP The SubNetwork Access Protocol (SNAP) is a mechanism for multiplexing, on networks using IEEE 802.2 LLC, more protocols than can be distinguished by the 8-bit 802.2 Service Access Point (SAP) fields. SNAP supports identifying protocols by Ethernet type field values;...
Page 572 User’s Manual of WGSW-24040 / WGSW-24040R TACACS+ TACACS+ is an acronym for Terminal Acess Controller Access Control System Plus. It is a networking protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers.
Page 573 User’s Manual of WGSW-24040 / WGSW-24040R determine the priority from the 6-bit ToS field in the IP header. The most significant 6 bits of the ToS field are fully decoded into 64 possibilities, and the singular code that results is compared against the corresponding bit in the IPv4 ToS priority control bit (0~63).
Page 574 User’s Manual of WGSW-24040 / WGSW-24040R Virtual LAN. A method to restrict communication between switch ports. VLANs can be used for the following applications: VLAN unaware switching: This is the default configuration. All ports are VLAN unaware with Port VLAN ID 1 and members of VLAN 1.
Page 575 User’s Manual of WGSW-24040 / WGSW-24040R necessarily with first generation wireless access points. WPA2 implements the full standard, but will not work with some older network cards (Wikipedia). WPA-PSK WPA-PSK is an acronym for Wi-Fi Protected Access - Pre Shared Key. WPA was designed to enhance the security of wireless networks.
Page 576: Ec Declaration Of Conformity
EC Declaration of Conformity For the following equipment: *Type of Product: 24-Port 10/100/1000Mbps with 4 Shared SFP Managed Gigabit Switch *Model Number: WGSW-24040 / WGSW-24040R / SGSW-24040 / SGSW-24040R * Produced by: Manufacturer‘s Name : Planet Technology Corp. Manufacturer‘s Address: 10F., No.96, Minquan Rd., Xindian Dist.,...

This manual is also suitable for:

Wgsw-24040r

Planet Networking & Communication WGSW-24040 User Manual

1 Introdution

2 Installation

3 Switch Management

4 Web Configuration

5 Command Line Interface

6 Command Line Mode

Quick Links

Related Manuals for Planet Networking & Communication WGSW-24040

Summary of Contents for Planet Networking & Communication WGSW-24040