Alloy AS5010-P User Manual
  1. Manuals
  2. Brands
  3. Alloy Manuals
  4. Switch
  5. AS5010-P
  6. User manual

Alloy AS5010-P User Manual

As series gigabit managed l3 lite poe+ switches
Hide thumbs
1
Table Of Contents
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
Table of Contents

Advertisement

Quick Links

AS Series Gigabit Managed L3 Lite PoE+ Switches
AS5010-P
AS5026-P
AS5048-P
AS5128-P
AS5152-P

User Manual

Version: 1.0.2 August 2016

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the AS5010-P and is the answer not in the manual?

Questions and answers

Related Manuals for Alloy AS5010-P

Summary of Contents for Alloy AS5010-P

  • Page 1: User Manual

    AS Series Gigabit Managed L3 Lite PoE+ Switches AS5010-P AS5026-P AS5048-P AS5128-P AS5152-P User Manual Version: 1.0.2 August 2016...

  • Page 2: Table Of Contents

    AS Series User Manual About this Guide ........................7 Compliances and Safety Statements .................... 8 Revision History ........................11 Introduction ......................12 Overview of AS Series Layer 3 Lite Managed PoE+ Switches ............12 Switch Features ........................12 Product Model Overview ......................13 Reset Button ...........................
  • Page 3 AS Series User Manual Limit Control ............................85 NAS ................................89 ACL ................................99 IP Source Guard ............................. 107 ARP Inspection ............................111 AAA ................................ 117 Aggregation ......................... 122 Static ................................122 LACP ................................125 Loop Protection ........................127 Spanning Tree ........................129 Bridge Setting .............................
  • Page 4 AS Series User Manual MAC Based VLAN ............................202 Protocol Based VLAN ..........................204 Protocol to Group ............................204 Group to VLAN ............................207 IP Subnet-based VLAN ..........................209 Voice VLAN ..............................211 OUI ................................215 QoS ............................217 Port Classification ............................218 Port Policing ...............................
  • Page 5 AS Series User Manual DHCP ........................... 290 Server ................................. 290 Statistics ..............................290 Binding ............................... 292 Declined IP ..............................293 Snooping Table ............................294 Relay Statistics ............................295 Detailed Statistics ............................297 Security ..........................299 Access Management Statistics ........................299 Network ..............................
  • Page 6 AS Series User Manual Group Information ..........................361 IPv6 SFM Information ..........................363 LLDP ............................ 365 Neighbors ..............................365 LLDP-MED Neighbor ........................... 367 PoE ................................372 EEE ................................374 Port Statistics ............................. 376 PoE Statistics ........................379 MAC Table ........................... 381 VLANs ..........................
  • Page 7 AS Series User Manual DMS Graphical Monitoring ................... 418 Topology View ........................418 Floor View..........................421 Map View ..........................423 DMS Maintenance ......................425 Floor Image .......................... 425 Diagnostics........................... 426 Traffic Monitor ........................428 9. Software Features ....................429 10. Specifications ......................433 Doc No.: AS5-0116-01...

  • Page 8: About This Guide

    Internet Protocol (IP), and Simple Network Management Protocol (SNMP). Warranty The AS series comes with a limited lifetime warranty. For full Alloy warranty terms and conditions please follow the link below: https://www.alloy.com.au/support/warranty/...

  • Page 9: Compliances And Safety Statements

    AS Series User Manual Compliances and Safety Statements Federal Communications Commission (FCC) Statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
  • Page 10 AS Series User Manual - Electrical fast transient/burst according to IEC 61000-4-4:2010 - Surge immunity test according to IEC 61000-4-5:2005 - Immunity to conducted disturbances, Induced by radio-frequency fields: IEC 61000-4-6:2008 - Power frequency magnetic field immunity test according to IEC 61000-4-8:2009 - Voltage dips, short interruptions and voltage variations immunity test according to IEC 61000-4-11:2004...
  • Page 11 AS Series User Manual SAFETY PRECAUTIONS Read the following information carefully before operating the device. Please follow the following precaution items to protect the device from risks and damage caused by fire and electric power:  Use the power adapter that is included with the device package. ...

  • Page 12: Revision History

    AS Series User Manual Fig. Additional arrester installed between outdoor device and this switch NOTE: The switch is an indoor device; if it will be used in outdoor environment or connects with some outdoor device, then it must use a lightning arrester to protect the switch WARNING: ...

  • Page 13: Introduction

    All of the Alloy AS Series switches feature Alloy’s latest user friendly responsive Web GUI, allowing ease of configuration on all devices including PC, Tablet and Phones. Alloy have also included a bundle of unique features including a built in Device Management System (DMS), advanced PoE features and support for Alloy’s Android and iOS Apps.

  • Page 14: Product Model Overview

    AS Series User Manual Product Model Overview Part Number Description AS5010-P 10 Port Layer 3 Lite Managed PoE+ Switch with 10x 10/100/1000Mbps Ports + 2x Paired 100M/1Gb SFP Ports AS5026-P 26 Port Layer 3 Lite Managed PoE+ Switch with 26x 10/100/1000Mbps Ports + 2x...

  • Page 15: Overview Of The Web Management Interface

    AS Series User Manual Get Started Overview of the Web Management Interface The AS series switches contain an embedded web server and management software that can be used to manage and monitor switch functions. Without configuration of these management functions the switch will act as a simple unmanaged switch.
  • Page 16 AS Series User Manual NOTE: The AS series switches support management interfaces on both IPv4 and IPv6 IP Addresses. The switch allows a total of two admin users to log into the web interface simultaneously. The admin who makes the last changes will take effect on the system.

  • Page 17: Configuration

    AS Series User Manual 2. Configuration Initial Switch Configuration Alloy suggest that the following system configuration changes should be completed before installation of your switch. To complete initial configuration of your switch: 1. Configure your computer with a static IP address in the 192.168.1.x subnet, for example 192.168.1.10, with a subnet mask of 255.255.255.0.
  • Page 18 AS Series User Manual 14. Change Mode to enabled. 15. Enter a network time server into Server 1. Example time server address, au.pool.ntp.org 16. You can enter up to 5 NTP Server addresses for redundancy. Click Apply to confirm your settings change. Doc No.: AS5-0116-01...

  • Page 19: System Configuration

    AS Series User Manual System Configuration Information Enter the contact information of the network administrator in charge of configuring this switch. 1. Select Configuration > System > Information. 2. Enter the System Contact, the name of the contact person for this switch. You can use a system contact up to 128 characters in length.
  • Page 20 AS Series User Manual Configure the IP Address of the switch, DNS Server settings and IP Routes. The maximum number of interfaces supported is 128 and the maximum number of routes is 32. Information To configure the System IP parameters via the Web Interface: 1.
  • Page 21 AS Series User Manual Fig. IP Configuration Parameter Description IP Configuration Mode Configure whether the IP stack should act as a Host or a Router. In Host mode, IP traffic between interfaces will not be routed. In Router mode traffic is routed between all interfaces.
  • Page 22 AS Series User Manual  Configured Manually provide the IP address of the DNS Server in dotted decimal notation.  From this DHCP interface Specify from which DHCP-enabled interface a provided DNS server should be preferred. DNS Proxy When DNS proxy is enabled, system will relay DNS requests to the currently configured DNS server, and reply as a DNS resolver to the client devices on the network.
  • Page 23 AS Series User Manual also represent a legally valid IPv4 address. For example, ::192.1.2.34. The field may be left blank if IPv6 operation on the interface is not desired. IPv6 Mask The IPv6 network mask, in number of bits (prefix length). Valid values are between 1 and 128 bits for a IPv6 address.

  • Page 24: Ntp

    AS Series User Manual NTP (Network Time Protocol) is used to sync the time between devices on your network. When syncing the time to your predefined time server please ensure you have configured your time zone first. The default time zone is +8 hours. Information To configure the NTP parameters via the Web Interface: 1.
  • Page 25 AS Series User Manual Disabled: Disable NTP client mode operation. Server 1 to 5 Enter up to 5 Time Server addresses. These can be host names or IPv4 or IPv6 Addresses. Buttons Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.

  • Page 26: Time

    AS Series User Manual Time The system time on the switch can be configured manually or via NTP. Information To configure the Time parameters via the Web Interface: 1. Select Configuration > System > Time. 2. Select the required Clock Source, options are Use Local Settings or Use NTP Server. 3.
  • Page 27 AS Series User Manual Fig. Time Configuration Parameter Description Time Configuration Clock Source Two modes of setting the system time are available. Use Local Time: Configure local time manually. Use NTP Server: Use NTP Server to provide system time. System Date Shows the current time of the system.
  • Page 28 AS Series User Manual Time Time. Select 'Disable' to disable the Daylight Saving Time configuration. Select 'Recurring' and configure the Daylight Saving Time duration to repeat the configuration every year. Select 'Non-Recurring' and configure the Daylight Saving Time duration for a single time configuration. Default: Disabled Start Time Week - Select the starting week number.

  • Page 29: Log

    AS Series User Manual The switch supports syslog, for exporting system logs to a third party logging software tool. Information To configure the Log Setting parameters via the Web Interface: 1. Select Configuration > System > Log. 2. Select to enable or disable the Syslog function from the Server Mode drop down box. 3.

  • Page 30: Port Power Savings

    AS Series User Manual Green Ethernet Port Power Savings EEE is a power saving option that reduces the power usage when there is low or no traffic utilization. EEE works by powering down circuits when there is no traffic. When a port gets data to be transmitted all circuits are powered up.
  • Page 31 AS Series User Manual Fig. Port Power Savings Configuration Parameter Description The switch can be set to optimize EEE for either best power saving or least Optimize EEE for traffic latency. Port The switch port number. ActiPHY Tick this box to enable Link down power savings. This feature can be enabled on a per port basis.
  • Page 32 AS Series User Manual Buttons Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Doc No.: AS5-0116-01...

  • Page 33: Ports

    AS Series User Manual Ports Configuration Ports Ports settings such disabling and enabling ports, forcing link speed and setting duplex settings as well as the current port status can be shown in this section. Information To configure the Port Configuration Setting parameters via the Web Interface: 1.
  • Page 34 AS Series User Manual Fig. Ports Configuration Parameter Description Port The switch port number. Link Provides the current link status of the port. Red – Link disconnected Orange – 100Mb Link Active Green – 1Gb Link Active Blue – 10Gb Link Active Speed - Current Provides the current link speed of the port.
  • Page 35 AS Series User Manual 1000-X - SFP port in 1000-X speed. Copper port disabled. 1000-X_AMS - Port in AMS mode. SFP port in 1000-X speed. Copper port in Auto mode. Ports in AMS mode with 1000-X speed has Copper port preferred. Ports in AMS mode with 100-FX speed has fibre port preferred.

  • Page 36: Port Description For Switch

    AS Series User Manual Port description for Switch Allows you to add a descriptive name to individual ports. Information To configure the Port Description Settings via the Web Interface: 1. Select Configuration > Ports Configuration > Ports Description. 2. Enter a descriptive name for each port. 3.

  • Page 37: Dhcp

    AS Series User Manual DHCP Server Mode Use this section to enable or disable the DHCP Server function on the switch. You can also select whether DHCP will be enable or disable per VLAN ID. Information To configure the DHCP Server Setting parameters via the Web Interface: 1.
  • Page 38 AS Series User Manual Fig. DHCP Server Mode Configuration Parameter Description Mode Used to enable or disable the DHCP Server function. Enabled: Enables DHCP Server Disabled: Disables DHCP Server VLAN Range Add the VLAN range that you would like to enable or disable the DHCP Server function.

  • Page 39: Excluded Ip

    AS Series User Manual Excluded IP Use this section is used to exclude certain IP Addresses from your DHCP Pool. These addresses will not be issued to DHCP clients. Information To configure the DHCP Excluded IP Setting parameters via the Web Interface: 1.
  • Page 40 AS Series User Manual values. Doc No.: AS5-0116-01...

  • Page 41: Pool

    AS Series User Manual Pool Use this section to add a DHCP pool or pools of IP Addresses to allocate to your DHCP clients. Information To configure the DHCP Pool Settings parameters via the Web Interface: 1. Select Configuration > DHCP > Server > Pool. 2.
  • Page 42 AS Series User Manual Fig. DHCP Server Pool Configuration Parameter Description Pool Setting Delete Tick check box next to DHCP Pool you would like to delete and click Apply button. Name The name of the DHCP Pool. Type Displays the type of DHCP Pool configured, Host or Network. IP Address of the Host or Subnet Address of the DHCP Pool.
  • Page 43 Days, Hours and/or Minutes. Domain Name The domain name that will be included with the DHCP Settings provided to the DHCP client. E.g. alloy.com.au Broadcast The broadcast address of the IP Address Subnet that will be included with the Address DHCP Settings provided to the DHCP client.
  • Page 44 AS Series User Manual Server DHCP client. NIS Domain An optional DHCP Server option that provides a NIS Domain Name to the DHCP Name client. Network Information System (NIS) is designed to centralize administration of UNIX®-like systems such as Solaris™, HP-UX, AIX®, Linux, NetBSD, OpenBSD, and FreeBSD.

  • Page 45: Snooping

    AS Series User Manual Snooping DHCP snooping is a layer 2 security technology built into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable. The fundamental use case for DHCP snooping is to prevent unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients. Information To configure the DCHP Snooping parameters via the Web Interface: 1.
  • Page 46 AS Series User Manual Parameter Description Used to enable or disable DHCP Snooping on the switch. Snooping Mode Enabled: Enable DHCP snooping. When DHCP snooping is enabled, the DHCP request messages will be forwarded to trusted ports and only allow reply packets from trusted ports.

  • Page 47: Relay

    AS Series User Manual Relay A DHCP relay agent is used to forward and to transfer DHCP messages between the clients and the server when they are not in the same subnet domain. It stores the incoming interface IP address in the GIADDR field of the DHCP packet.
  • Page 48 AS Series User Manual Relay Used to enable or disable the DHCP Relay information function on the switch. Information Enabled: Enable DHCP relay information. When DHCP relay information is Mode enabled, the agent inserts specific information (option 82) into a DHCP message when forwarding to DHCP server and removes it from a DHCP message when transferring to the DHCP client.

  • Page 49: Security

    AS Series User Manual Security Switch Users Use this section to create additional users who will have access to the management of the switch. The privilege levels for these users can also be set here. Information Configure the Users security levels of the AS Switch under this section. 1.
  • Page 50 AS Series User Manual Parameter Description Username The name identifying the user. This is also a link to Add/Edit User. Password The password for the new user. Password length is 0 to 255 characters and only ASCII characters from 32 to 126 are allowed. Password (again) Repeat the same password as you entered in the Password field.

  • Page 51: Privilege Levels

    AS Series User Manual Privilege Levels This section is used to assign privileges to particular functions of the switch. Information To configure the Security Privilege Level parameters via the Web Interface: 1. Select Configuration > Security > Switch > Privilege Levels. 2.
  • Page 52 AS Series User Manual them contain more than one. The following description defines these privilege level groups in detail: System: Contact, Name, Location, Timezone, Daylight Saving Time, Log. Security: Authentication, System Access Management, Port (contains Dot1x port, MAC based and the MAC Address Limit), ACL, HTTPS, SSH, ARP Inspection, IP source guard.

  • Page 53: Auth Method

    AS Series User Manual Auth Method This section is used to set the authentication method for all configuration access types. Here you can set how the user is authenticated for Console, Telnet, SSH, HTTP or HTTPS access. Information To configure the Security Auth Method parameters via the Web Interface: 1.
  • Page 54 AS Series User Manual Local: use the local user database on the switch for authentication. Radius: use a remote RADIUS server for authentication. Tacacs: use a remote TACACS+ server for authentication. Service Port This allows you to change the default port number used by each of the management options.

  • Page 55: Ssh

    AS Series User Manual This section is used to enable or disable the SSH management option. SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication. Information To configure the Security SSH parameters via the Web Interface: 1.

  • Page 56: Https

    AS Series User Manual HTTPS This section is used to enable or disable the HTTPS management option. HTTPS is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication via the browser. Information To configure the Security HTTPS Level parameters via the Web Interface: 1.

  • Page 57: Access Management

    AS Series User Manual Access Management This section is used to limit who can access the management interfaces of the switch. This is set via IP Address or IP Address range and can be restricted based on the type of connection, including HTTP/HTTPS, SNMP and Telnet/SSH.
  • Page 58 AS Series User Manual Start IP Address Enter the IP Address that will have access to the management. If allowing an IP Address range, enter the last IP Address in the range that will End IP Address have access to the management. HTTP/HTTPS Check this box to allow access to the HTTP/HTTPS management.

  • Page 59: Snmp

    AS Series User Manual SNMP Any Network Management System (NMS) running the Simple Network Management Protocol (SNMP) can manage a Managed device equipped with a SNMP agent, provided that the Management Information Base (MIB) is installed correctly on the managed devices. SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity (OID) of the management Information Base (MIB), described in the form of SMI syntax.
  • Page 60 AS Series User Manual System This section describes how to configure SNMP on the switch. This function is used to configure SNMP settings, community name, trap host and public traps as well as the throttle of SNMP. A SNMP manager must pass the authentication by identifying both community names, then it can access the MIB information of the target device.
  • Page 61 AS Series User Manual SNMPv3 communities table. It provides more flexibility than a SNMPv1 or SNMPv2c community string. In addition to the community string, a particular range of source addresses can be used to restrict source subnet. Write Indicates the community write access string to permit access to the SNMP Community agent.
  • Page 62 AS Series User Manual Trap SNMP Traps are used to alert administrators when certain events have occurred. This section is used to create Trap Destinations/Managers, all configured SNMP trap event alerts will be sent to the Trap Destinations. Information To configure the SNMP Trap parameters via the Web Interface: 1.
  • Page 63 AS Series User Manual Fig. SNMP Trap Configuration Parameter Description Mode Used to enable or disable the SNMP Traps. Trap Config The Trap Configuration Name. The allowed string length is 0 to 255, and the Name allowed content is the ASCII characters from 33 to 126. Trap Mode Used to enable or disable the Trap Destination.
  • Page 64 AS Series User Manual (seconds) The allowed range is 0 to 2147 seconds. Trap Inform Retry The SNMP trap inform retry times. The allowed range is 0 to 255. Times Trap Probe Indicates the SNMP trap probe security engine ID mode of operation. Security Engine Possible values are: Enabled: Enable SNMP trap probe security engine ID mode of operation.
  • Page 65 AS Series User Manual Communities function is used to configure SNMPv3 communities. This Information To configure the SNMP Community parameters via the Web Interface: 1. Select Configuration > Security > Switch > SNMP > Communities. 2. If using the default public and private community names enter the required Source IP Address and Subnet Mask.
  • Page 66 AS Series User Manual Reset- Click to undo any changes made locally and revert to previously saved values. Doc No.: AS5-0116-01...
  • Page 67 AS Series User Manual Users function is used to configure SNMPv3 Users. This Information To configure the SNMP User parameters via the Web Interface: 1. Select Configuration > Security > Switch > SNMP > Users. 2. Click Add New Entry. 3.
  • Page 68 AS Series User Manual Engine ID An octet string identifying the engine ID for this user. The string must contain an even number (in hexadecimal format) with number of digits between 10 and 64, but all-zeros and all-'F's are not allowed. The SNMPv3 architecture uses the User-based Security Model (USM) for message security and the View-based Access Control Model (VACM) for access control.
  • Page 69 AS Series User Manual values. Doc No.: AS5-0116-01...
  • Page 70 AS Series User Manual Groups function is used to configure SNMPv3 Groups. Max Group Number: v1: 2, v2: 2, v3:10. This Information To configure the SNMP Security parameters via the Web Interface: 1. Select Configuration > Security > Switch > SNMP > Groups. 2.
  • Page 71 AS Series User Manual Parameter Description Tick the check box next to the entry you want to delete and click the Apply Delete button. Security Model Indicates the security model for this group. Possible security models are: v1: Reserved for SNMPv1. v2c: Reserved for SNMPv2c.
  • Page 72 AS Series User Manual Views function is used to configure SNMPv3 Views. Maximum View Entries: 28. This Information To configure the SNMP Viewing parameters via the Web Interface: 1. Select Configuration > Security > Switch > SNMP > Views. 2. Click on Add New Entry button to add a new view. 3.
  • Page 73 AS Series User Manual the 'excluded' view entry. The OID defining the root of the subtree to add to the named view. The allowed OID Subtree OID length is 1 to 128. The allowed string content is digital number or asterisk(*).
  • Page 74 AS Series User Manual Access function is used to configure SNMPv3 Access. Maximum Access entries: 14 This Information To configure the SNMP Access parameters via the Web Interface: 1. Select Configuration > Security > Switch > SNMP > Access. 2. For the default entries the Read View Name and Write View Name can be selected from the drop down boxes.
  • Page 75 AS Series User Manual Delete Tick the check box next to the entry you want to delete and click the Apply button. Group Name A string identifying the group name for this entry. The allowed string length is 1 to 32, and the allowed content is ASCII characters from 33 to 126. Indicates the security model for this entry.
  • Page 76 AS Series User Manual Trap Event Severity page displays the current trap event severity configurations. These options can also be This configured here. Information To configure the SNMP Trap Event parameters via the Web Interface: 1. Select Configuration > Security > Switch > SNMP > Trap Severity Configuration. 2.
  • Page 77 AS Series User Manual Buttons Apply – Click to save changes. Reset - Click to undo any changes made locally and revert to previously saved values. Doc No.: AS5-0116-01...

  • Page 78: Rmon

    AS Series User Manual RMON An RMON implementation typically operates in a client/server model. Monitoring devices contain RMON software agents that collect information and analyze packets. These probes act as servers and the Network Management applications that communicate with them act as clients. Statistics Configure RMON Statistics table on this page.
  • Page 79 AS Series User Manual stored in RMON. The range is from 1 to 3600, default value is 50. Buckets Granted The number of data shall be saved in the RMON. Doc No.: AS5-0116-01...
  • Page 80 AS Series User Manual History Configure RMON History table on this page. Information To configure the RMON History parameters via the Web Interface: 1. Click Configuration > Security > Switch > RMON > History 2. Select Add New Entry to add a new Entry 3.
  • Page 81 AS Series User Manual Alarm Configure RMON Alarm table on this page. Information To configure the RMON Alarm parameters via the Web Interface: 1. Click >Configuration > Security > Switch > RMON > Alarm 2. Select Add New Entry to add a new Entry 3.
  • Page 82 AS Series User Manual The number of inbound packets that are discarded even the packets are normal. InErrors: The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. InUnknownProtos: the number of the inbound packets that were discarded because of the unknown or un-support protocol.
  • Page 83 AS Series User Manual Rising Threshold Rising threshold value (-2147483648-2147483647). Rising Index Rising event index (1-65535). Falling Threshold Falling threshold value (-2147483648-2147483647) Falling Index Falling event index (1-65535). Doc No.: AS5-0116-01...
  • Page 84 AS Series User Manual Event Configure RMON Event table on this page. Information To configure the RMON Event parameters via the Web Interface: 1. Click Configuration > Security > SNMP > RMON> Event 2. Select Add New Entry to add a new Entry 3.
  • Page 85 AS Series User Manual event. Doc No.: AS5-0116-01...

  • Page 86: Network

    AS Series User Manual Network The AS Series switches supports Port Security function allowing the administrator to specify the amount of MAC addresses allowed to be accessed by an individual port. Limit Control This section is used to configure the amount of MAC Addresses allowed to by the port and you can also specify the action taken once this configured threshold has been reached Information To configure the Network Limit Control Security parameters via the Web Interface:...
  • Page 87 AS Series User Manual Fig: The Port Security Limit Control Configuration System Configuration Parameter Description Mode Indicates if Limit Control is globally enabled or disabled on the switch. If globally disabled, other modules may still use the underlying functionality, but limit checks and corresponding actions are disabled.

  • Page 88: Port Configuration

    AS Series User Manual Port Configuration Parameter Description Port Physical port of the switch. Mode Controls whether Limit Control is enabled on this port. Both this and the Global Mode must be set to Enabled for Limit Control to be in effect. Notice that other modules may still use the underlying port security features without enabling Limit Control on a given port.
  • Page 89 AS Series User Manual only be shown if Action is set to None or Trap. Shutdown: Indicates that the port is shut down by the Limit Control module. This state can only be shown if Action is set to Shutdown or Trap & Shutdown. If a port is shut down by this module, you may reopen it by clicking this Re-open Button button, which will only be enabled if this is the case.

  • Page 90: Nas

    AS Series User Manual The AS Series switches supports aNAS (Network Access Server) function which allows users connection to a variety of resources, including the internet. Particular settings can be applied to this user based on authentication to a RADIUS Server. Functions such as 802.1x and Mac based Authentication can be used to authenticate users onto the network allowing them access to these shared resources.
  • Page 91 AS Series User Manual Fig: The Network Access Server Configuration Parameter Description Mode Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Reauthentcation If checked, successfully authenticated supplicants/clients are reauthenticated Enabled after the interval specified by the Reauthentication Period.
  • Page 92 AS Series User Manual the switch and the client, so this will not detect Whether the client is still attached or not, and the only way to free any resources is to age the entry. This setting applies to the following modes, i.e. modes using the Port Security Hold Time functionality to secure MAC addresses: •...
  • Page 93 AS Series User Manual assigned VLAN is enabled on that port. When unchecked, RADIUS-server assigned VLAN is disabled on all ports. Guest VLAN A Guest VLAN is a special VLAN - typically with limited network access - on Enabled which 802.1X-unaware clients are placed after a network administrator- defined timeout.
  • Page 94 AS Series User Manual Force In this mode, the switch will send one EAPOL Failure frame when the port link Unauthorized comes up, and any client on the port will be disallowed network access. Port-based 802.1X In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication server.
  • Page 95 AS Series User Manual standard, but features many of the same characteristics as does port-based 802.1X. In Single 802.1X, at most one supplicant can get authenticated on the port at a time. Normal EAPOL frames are used in the communication between the supplicant and the switch.
  • Page 96 AS Series User Manual server. The 6-byte MAC address is converted to a string on the following form "xx-xx-xx-xx-xx-xx", that is, a dash (-) is used as separator between the lower- cased hexadecimal digits. The switch only supports the MD5-Challenge authentication method, so the RADIUS server must be configured accordingly.
  • Page 97 AS Series User Manual '0' - '3', which translates into the desired QoS Class in the range [0; 3]. RADIUS-Assigned When RADIUS-Assigned VLAN is both globally enabled and enabled (checked) VLAN Enabled for a given port, the switch reacts to VLAN ID information carried in the RADIUS Access-Accept packet transmitted by the RADIUS server when a supplicant is successfully authenticated.
  • Page 98 AS Series User Manual "Monitor→VLANs→VLAN Membership and VLAN Port" pages. These pages show which modules have (temporarily) overridden the current Port VLAN configuration. Guest VLAN Operation: When a Guest VLAN enabled port's link comes up, the switch starts transmitting EAPOL Request Identity frames. If the number of transmissions of such frames exceeds Max.
  • Page 99 AS Series User Manual and will not cause the clients to get temporarily unauthorized. Reinitialize: Forces a reinitialization of the clients on the port and thereby a reauthentication immediately. The clients will transfer to the unauthorized state while the reauthentication is in progress. Buttons Apply –...

  • Page 100: Acl

    AS Series User Manual The AS Series switches access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way.
  • Page 101 AS Series User Manual Parameter Description Port Physical port of the switch. Policy ID Select the Policy to apply to this port. The allowed vales are 1 through 8. The default value is 1. Action Select whether forwarding is permitted (Permit) or denied (Deny). The default value is Permit.

  • Page 102: Rate Limiters

    AS Series User Manual Rate Limiters The section describes how to configure the ACL Rate Limiting Parameters. Up to 16 different rate limits can be set and applied to individual ports. Rate Limits can be set in either pps (Packets Per Second) or Kbps (Kilo Bits Per Second).
  • Page 103 AS Series User Manual values. Doc No.: AS5-0116-01...
  • Page 104 AS Series User Manual Access Control Lists The section describes how to configure Access Control List rules. An Access Control List (ACL) is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria.
  • Page 105 AS Series User Manual Fig: The ACL Rate Limiter Configuration Parameter Description Ingress Port Indicates the ingress port of the ACE. Possible values are: Any: The ACE will match any ingress port. Policy: The ACE will match ingress ports with a specific policy (Policy must be created in the Ports Section before it will appear in the list).
  • Page 106 AS Series User Manual Permit: Frames matching the ACE may be forwarded and learned. Deny: Frames matching the ACE are dropped. Rate Limiter Indicates the rate limiter number of the ACE. The allowed range is 1 to 16. When Disabled is displayed, the rate limiter operation is disabled. Indicates the port copy operation of the ACE.
  • Page 107 AS Series User Manual Mac Parameter Parameter Description SMAC Filter (Only displayed when the frame type is Ethernet Type or ARP.) Specify the source MAC filter for this ACE. Any: No SMAC filter is specified. (SMAC filter status is "don't-care".) Specific: If you want to filter a specific source MAC address with this ACE, choose this value.

  • Page 108: Ip Source Guard

    AS Series User Manual IP Source Guard The AS Series switches support IP Source Guard. IP Source Guard can be used to help secure your switch from IP based spoofing attacks. Configuration This section is used to configure the IP Source Guard settings for the AS switch. Information To configure the IP Source Guard Configuration via the Web Interface: 1.
  • Page 109 AS Series User Manual Parameter Description Mode of IP Source Enable the Global IP Source Guard or disable the Global IP Source Guard. All Guard configured ACEs will be lost when the mode is enabled. Configuration Port Mode Specify IP Source Guard is enabled on which ports. Only when both Global Configuration Mode and Port Mode on a given port are enabled, IP Source Guard is enabled on this given port.
  • Page 110 AS Series User Manual Static Table This section is used to enter Static IP addresses into the AS switch. Information To configure the IP Source Guard Static Table Configuration via the Web Interface: 1. Click Configuration > Security > Network > IP Source Guard > Static Table 2.
  • Page 111 AS Series User Manual MAC Address The MAC Address of the static entry. Adding New Entry Click to add a new static entry. Buttons Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values.

  • Page 112: Arp Inspection

    AS Series User Manual ARP Inspection The AS Series switches supports ARP Inspection. This allows the switch to intercept and examine all ARP request and response packets in a subnet and discard those packets with invalid IP to MAC address bindings. Port Configuration This section describes how to configure ARP Inspection setting including Mode (Enabled and Disabled)
  • Page 113 AS Series User Manual Fig: The ARP Inspection Configuration Parameter Description Mode of ARP Enable the Global ARP Inspection or disable the Global ARP Inspection. inspection Configuration Port Mode Specify ARP Inspection is enabled on which ports. Only when both Global Configuration Mode and Port Mode on a given port are enabled, ARP Inspection is enabled on this given port.
  • Page 114 AS Series User Manual VLAN Configuration Each page shows up to 9999 entries from the VLAN table, default being 20, selected through the entries per page input field. When first visited, the web page will show the first 20 entries from the beginning of the VLAN Table.
  • Page 115 AS Series User Manual per VLAN setting. Possible types are: None: Log nothing. Deny: Log denied entries. Permit: Log permitted entries. ALL: Log all entries. Buttons Add New Entry: Click to add a new VLAN to the ARP Inspection VLAN table. Apply: Click to save changes.
  • Page 116 AS Series User Manual Static Table This section is used to enter Static ARP entries into the AS switch. Information To configure the Static Table ARP Inspection Configuration via the Web Interface: 1. Click Configuration > Security > Network > ARP Inspection > Static Table 2.

  • Page 117: Dynamic Table

    AS Series User Manual Dynamic Table This section is used to view the dynamic ARP Inspection entries. Information To configure the Dynamic Table ARP Inspection Configuration via the Web Interface: 1. Click Configuration > Security > Network > ARP Inspection > Dynamic Table 2.

  • Page 118: Aaa

    AS Series User Manual Reset- Click to undo any changes made locally and revert to previously saved values. The AS Series switches supports AAA (Authentication, Authorization, Accounting) to provide access control to your network. The AAA server can be a TACACS+ or RADIUS server to create and manage objects that contain settings for using AAA servers.
  • Page 119 AS Series User Manual Fig: The RADIUS Authentication Server Configuration Global Configuration These setting are common for all of the RADIUS servers. Parameter Description Timeout Timeout is the number of seconds, in the range 1 to 1000, to wait for a reply from a RADIUS server before retransmitting the request.
  • Page 120 AS Series User Manual Server Configuration The table has one row for each RADIUS server and a number of columns Parameter Description To delete a RADIUS server entry, check this box. The entry will be deleted Delete during the next Save. Hostname The IP address or hostname of the RADIUS server.
  • Page 121 AS Series User Manual TACACS+ This page allows you to configure the TACASC+ Servers on the AS Series Switches. Information To configure the TACACS+ Server Configuration via the Web Interface: 1. Click Configuration > Security > Network > AAA > TACACS+ 2.
  • Page 122 AS Series User Manual Setting the Deadtime to a value greater than 0 (zero) will enable this feature, but only if more than one server has been configured. The secret key - up to 63 characters long - shared between the TACACS+ server and the switch.

  • Page 123: Aggregation

    AS Series User Manual Aggregation The AS Series switches support two types of link aggregation, Static Trunk and LACP. Static Trunk is a non-protocol based aggregation method where the connections are determined via source and destination MAC Addresses. LACP is an IEEE standardized protocol used to aggregate ports. Because it is an IEEE standard LACP trunking or aggregation can be used across multi-vendor equipment.

  • Page 124: Hash Code Contributors

    AS Series User Manual Fig: The Aggregation Mode Configuration Hash Code Contributors Parameter Description Source MAC The Source MAC address can be used to calculate the destination port for the Address frame. Check to enable the use of the Source MAC address, or uncheck to disable.
  • Page 125 AS Series User Manual to disable. By default, TCP/UDP Port Number is enabled. Aggregation Group Configuration Parameter Description Group ID Indicates the group ID for the settings contained in the same row. Group ID "Normal" indicates there is no aggregation. Only one group ID is valid per port. Port Members Each switch port is listed for each group ID.

  • Page 126: Lacp

    AS Series User Manual LACP Ports using Link Aggregation Control Protocol (according to IEEE 802.3ad specification) as their trunking method can choose their unique LACP Group ID to form a logical “trunked port”. The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a “trunk group”...
  • Page 127 AS Series User Manual Parameter Description Port The switch port number. LACP Enabled Controls whether LACP is enabled on this switch port. LACP will form an aggregation when 2 or more ports are connected to the same partner. The Key value incurred by the port, range 1-65535 . The Auto setting will set the key as appropriate by the physical link speed, 10Mb = 1, 100Mb = 2, 1Gb = 3.

  • Page 128: Loop Protection

    AS Series User Manual Loop Protection The AS Series switches support a Loop protection mechanism. Loop Protection can be used in environments that have devices that do not support the spanning tree protocol. If the switch receives a packet containing its own MAC address the port will be locked. Information To configure the Loop Protection Setting parameters via the Web Interface: 1.
  • Page 129 AS Series User Manual Parameter Description Enable Loop Controls whether loop protections is enabled (as a whole). Protection Transmission Time The interval between each loop protection PDU sent on each port. Valid values are 1 to 10 seconds. Shutdown Time The period (in seconds) for which a port will be kept disabled in the event of a loop is detected (and the port action shuts down the port).

  • Page 130: Spanning Tree

    AS Series User Manual Spanning Tree The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STP-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
  • Page 131 AS Series User Manual RSTP Rapid Spanning Tree Protocol (RSTP) also creates a single spanning tree over a network. Compared with STP, RSTP provides for more rapid convergence to an active spanning tree topology. RSTP is defined in IEEE standard 802.1D-2004. MSTP The Multiple Spanning Tree Protocol (MSTP) addresses the limitations in the previous spanning tree protocols, STP and RSTP, within networks that use multiple VLANs with topologies that employ...

  • Page 132: Bridge Setting

    AS Series User Manual Bridge Setting This section is used to configure the spanning tree bridge settings, allowing full configuration of all spanning tree parameters. Here you can select what Spanning Tree Protocol you would like the switch to use, STP, RSTP or MSTP. Information To configure the Spanning Tree Bridge Setting parameters via the Web Interface: 1.

  • Page 133: Basic Settings

    AS Series User Manual Basic Settings Parameter Description Protocol Version The STP protocol version setting. Valid values are STP, RSTP and MSTP. Controls the bridge priority. Lower numeric values have better priority. The Bridge Priority bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.
  • Page 134 AS Series User Manual Recovery Timeout values are between 30 and 86400 seconds (24 hours). Buttons Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Doc No.: AS5-0116-01...

  • Page 135: Msti Mapping

    AS Series User Manual MSTI Mapping Information To configure the Spanning Tree MSTI Mapping parameters via the Web Interface: 1. Click Configuration > Spanning Tree > MSTI Mapping 2. Enter in a name for the configuration 3. Enter the required VLAN’s into the configured MSTI(s). 4.
  • Page 136 AS Series User Manual Example MSTI Configuration Doc No.: AS5-0116-01...
  • Page 137 AS Series User Manual Configuration Identification Parameter Description Configuration The name identifying the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-MSTI mapping configuration Name in order to share spanning trees for MSTI's (Intra-region). The name is at most 32 characters.

  • Page 138: Msti Priorities

    AS Series User Manual MSTI Priorities This section is used to manually change the priority of the STP bridge instances. The CIST (Common and Internal Spanning Tree) is the default Bridge Instance when using MSTP and is always active. Any VLAN that has not been assigned to a MIST is assigned to the CIST.
  • Page 139 AS Series User Manual Parameter Description MSTI The bridge instance. The CIST is the default instance, which is always active. Priority Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier.

  • Page 140: Cist Ports

    AS Series User Manual CIST Ports This section is used to configure individual STP Parameters for each port. Here you can enable and disable STP on individual ports, configure the ports as AdminEdge ports, give certain ports higher priority than others and much more. Information To configure the Spanning Tree CIST Ports parameters via the Web Interface: 1.
  • Page 141 AS Series User Manual Parameter Description Port The switch port number of the logical STP port. STP Enabled Controls whether STP is enabled on this switch port. Path Cost Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.
  • Page 142 AS Series User Manual BPDU Guard If enabled, causes the port to disable itself upon receiving valid BPDU's. Contrary to the similar bridge setting, the port Edge status does not affect this setting. A port entering error-disabled state due to this setting is subject to the bridge Port Error Recovery setting as well.

  • Page 143: Msti Ports

    AS Series User Manual MSTI Ports This section is used to configure MSTI Port parameters. An MSTI Port is a virtual port and each MSTI has its own virtual port. The MSTI must be configured before the individual port configuration options can be applied.
  • Page 144 AS Series User Manual Fig: The MSTI Port Configuration Parameter Description Port The switch port number of the corresponding STP CIST (and MSTI) port. Path Cost Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.

  • Page 145: Ipmc Profile

    AS Series User Manual IPMC Profile This page provides IPMC Profile related configurations. Profile Table The IPMC profile is used to deploy the access control on IP multicast streams. It is allowed to create at maximum 64 Profiles with at maximum 128 corresponding rules for each. Information To configure the IPMC Profile parameters via the Web Interface: 1.
  • Page 146 AS Series User Manual Fig: The IPMC Profile Configuration Parameter Description Port Enable/Disable the Global MVR. The Unregistered Flooding control depends on the current configuration in IGMP/MLD Snooping. It is suggested to enable Unregistered Flooding control when the MVR group table is full. Global Profile Enable/Disable the Global IPMC Profile.
  • Page 147 AS Series User Manual profile mode is enabled. Delete Check to delete the entry. The designated entry will be deleted during the next save. Profile Name The name used for indexing the profile table. Each entry has the unique name which is composed of at maximum 16 alphabetic and numeric characters.

  • Page 148: Address Entry

    AS Series User Manual Address Entry This page provides address range settings used in IPMC profile. The address entry is used to specify the address range that will be associated with IPMC Profile. It is allowed to create at maximum 128 address entries in the system. Information To configure the IPMC Address Entry parameters via the Web Interface: 1.
  • Page 149 AS Series User Manual Buttons Add New Address (Range) Entry – Click to add new address range. Specify the name and configure the addresses. Click "Save" Apply – Click to save changes. Reset – Click to undo any changes made locally and revert to previously saved values.

  • Page 150: Mvr

    VLAN over which IPTV multicast traffic flows throughout the Layer 2 network. The Alloy AS Series Switches that are enabled for MVR selectively forward IPTV multicast traffic from interfaces on the MVLAN (source interfaces) to hosts that are connected to interfaces that are not part of the MVLAN.
  • Page 151 AS Series User Manual Fig: The MVR Configuration Parameter Description MVR Mode Enable/Disable the Global MVR. The Unregistered Flooding control depends on the current configuration in IGMP/MLD Snooping. It is suggested to enable Unregistered Flooding control when the MVR group table is full. Delete Check to delete the entry.
  • Page 152 AS Series User Manual MVR Name MVR Name is an optional attribute to indicate the name of the specific MVR VLAN. Maximum length of the MVR VLAN Name string is 32. MVR VLAN Name can only contain alphabets or numbers. When the optional MVR VLAN name is given, it should contain at least one alphabet.
  • Page 153 AS Series User Manual Source: Configure uplink ports that receive and send multicast data as source ports. Subscribers cannot be directly connected to source ports. Receiver: Configure a port as a receiver port if it is a subscriber port and should only receive multicast data.

  • Page 154: Ipmc

    AS Series User Manual IPMC IGMP Snooping IGMP Snooping is a way for Layer 2 switches to reduce the amount of multicast traffic on a LAN. Without IGMP Snooping, Layer 2 switches handle IP multicast traffic in the same manner as broadcast traffic and forward multicast frames received on one port to all other ports in the same VLAN.

  • Page 155: Basic Configuration

    AS Series User Manual leave a particular multicast group. When the querier receives the Leave message, it sends out a group specific query asking whether any hosts still want to remain members of that specific group. If no hosts respond with join messages for that group, then the querier knows that there are no hosts on its LAN that are still members of that group.
  • Page 156 AS Series User Manual Fig: The IGMP Snooping Configuration. Parameter Description Snooping Enabled Enable the Global IGMP Snooping. Unregistered Enable unregistered IPMCv4 traffic flooding. IPMCv4 Flooding enabled IGMP SSM Range SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers run the SSM service model for the groups in the address range.

  • Page 157: Vlan Configuration

    AS Series User Manual VLAN Configuration This section is used to configure specific IGMP Settings for each of the configured VLAN groups. IGMP Snooping can be enable or disabled for every individual VLAN group. 20 VLAN groups will be displayed on the screen by default this can be increased to a maximum of 99. The VLAN with the lowest VID will be displayed at the top of the table.
  • Page 158 AS Series User Manual IGMP Snooping Enable the per-VLAN IGMP Snooping. Only up to 32 VLANs can be selected. . Enabled Querier Election Enable to join IGMP Querier election in the VLAN. Disable to act as an IGMP Non-Querier. Querier Address Define the IPv4 address as source address used in IP header for IGMP Querier election.
  • Page 159 AS Series User Manual default last member query interval is 10 in tenths of seconds (1 second). Unsolicited Report Interval. The Unsolicited Report Interval is the time between repetitions of a host's initial report of membership in a group. The allowed range is 0 to 31744 seconds, default unsolicited report interval is 1 second.
  • Page 160 AS Series User Manual Doc No.: AS5-0116-01...

  • Page 161: Port Filtering Profile

    AS Series User Manual Port Filtering Profile With this feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups and when applied to a port to deny access to that port on the configured multicast address.

  • Page 162: Mld Snooping

    AS Series User Manual MLD Snooping Multicast Listener Discovery (MLD) snooping constrains the flooding of IPv6 multicast traffic on VLANs on a switch. When MLD snooping is enabled on a VLAN, the AS Series Switches examine MLD messages between hosts and multicast routers and learn which hosts are interested in receiving traffic for a multicast group.
  • Page 163 AS Series User Manual Fig: The MLD Snooping Basic Configuration. Parameter Description Snooping Enabled Enable the Global MLD Snooping. Unregistered Enable unregistered IPMCv6 traffic flooding. IPMCv6 Flooding The flooding control takes effect only when MLD Snooping is enabled. enabled When MLD Snooping is disabled, unregistered IPMCv6 traffic flooding is always active in spite of this setting.
  • Page 164 AS Series User Manual MLD SSM Range SSM (Source-Specific Multicast) Range allows the SSM-aware hosts and routers run the SSM service model for the groups in the address (Using IPv6 Address) range. Leave Proxy Enable MLD Leave Proxy. This feature can be used to avoid forwarding Enabled unnecessary leave messages to the router side.

  • Page 165: Vlan Configuration

    AS Series User Manual VLAN Configuration This section is used to configure specific MLD Settings for each of the configured VLAN groups. MLD Snooping can be enabled or disabled for every individual VLAN group. 20 VLAN groups will be displayed on the screen by default this can be increased to a maximum of 99. The VLAN with the lowest VID will be displayed at the top of the table.
  • Page 166 AS Series User Manual election. When the Querier address is not set, system uses IPv4 management address of the IP interface associated with this VLAN. When the IPv4 management address is not set, system uses the first available IPv4 management address. Otherwise, system uses a pre-defined value.
  • Page 167 AS Series User Manual Buttons Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Doc No.: AS5-0116-01...

  • Page 168: Port Group Filtering

    AS Series User Manual Port Group Filtering With this feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups and when applied to a port to deny access to that port on the configured multicast address.
  • Page 169 AS Series User Manual Parameter Description Port The logical port for the settings. Filtering Profile Select the IPMC Profile as the filtering condition for the specific port. Summary about the designated profile will be shown by clicking the view button. Profile You can inspect the rules of the designated profile by using the following management...

  • Page 170: Lldp

    AS Series User Manual LLDP LLDP enables Ethernet network devices, such as switches and routers, to transmit and/or receive device-related information to or from directly connected devices on the network, and to store such information learned about other devices. The data sent and received by LLDP is useful for many reasons.
  • Page 171 AS Series User Manual Fig: The LLDP Configuration LLDP Parameters Parameter Description Tx Interval The switch periodically transmits LLDP frames to its neighbors for having the network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 - 32768 seconds.

  • Page 172: Lldp Port Configuration

    AS Series User Manual 10 times. Tx Delay If some configuration is changed (e.g. the IP address) a new LLDP frame is transmitted, but the time between the LLDP frames will always be at least the value of Tx Delay seconds. Tx Delay cannot be larger than 1/4 of the Tx Interval value.
  • Page 173 AS Series User Manual CDP address TLV can contain multiple addresses, but only the first address is shown in the LLDP neighbors’ table. CDP TLV "Port ID" is mapped to the LLDP "Port ID" field. CDP TLV "Version and Platform" is mapped to the LLDP "System Description" field.

  • Page 174: Lldp-Med

    AS Series User Manual LLDP-MED Media Endpoint Discovery is an enhancement of LLDP, known as LLDP-MED that provides the following facilities: Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority and Differentiated services (Diffserv) settings) enabling plug and play networking. Device location discovery to allow creation of location databases and, in the case of Voice over Internet Protocol (VoIP), Enhanced 911 services.
  • Page 175 AS Series User Manual Fig: LLDP-MED Configuration Doc No.: AS5-0116-01...
  • Page 176 AS Series User Manual Fast start repeat count Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general. In addition, it is best to advertise only those pieces of information which are specifically relevant to particular endpoint types (for example only advertise the voice network policy to permitted voice-capable devices), both in order to conserve the limited LLDPU space and to reduce security and system integrity issues that can come with inappropriate...
  • Page 177 AS Series User Manual Attitude Altitude SHOULD be normalized to within -32767 to 32767 with a maximum of 4 digits. It is possible to select between two altitude types (floors or meters). Meters: Representing meters of Altitude defined by the vertical datum specified.
  • Page 178 AS Series User Manual Leading Street Leading street direction - Example: N. direction Training Street Trailing street suffix - Example: SW. suffix Street suffix Street suffix - Example: Ave, Platz. House No House number - Example: 21. House No suffix House number suffix - Example: A, 1/2.
  • Page 179 AS Series User Manual Policies Network Policy Discovery enables the efficient discovery and diagnosis of mismatch issues with the VLAN configuration, along with the associated Layer 2 and Layer 3 attributes, which apply for a set of specific protocol applications on that port. Improper network policy configurations are a very significant issue in VoIP environments that frequently result in voice quality degradation or loss of service.
  • Page 180 AS Series User Manual Parameter Description Delete Check to delete the policy. It will be deleted during the next save. Policy ID ID for the policy. This is auto generated and shall be used when selecting the policies that shall be mapped to the specific ports. Application Type Intended use of the application types: 1.
  • Page 181 AS Series User Manual application type should not be advertised if all the same network policies apply as those advertised in the Video Conferencing application policy. Tag indicating whether the specified application type is using a 'tagged' or an 'untagged' VLAN. Untagged indicates that the device is using an untagged frame format and as such does not include a tag header as defined by IEEE 802.1Q-2003.

  • Page 182: Poe

    AS Series User Manual PoE or Power over Ethernet is an IEEE standard used to pass electrical power along with data over standard Ethernet Cable. Utilising 2 of the 4 pairs of an Ethernet Cable PoE provides up to 15.4W (IEEE 802.3af) or 25.5W (IEEE 802.3at) of power.
  • Page 183 AS Series User Manual Fig: The PoE Configuration Power Supply Configuration Parameter Description Reserved Power There are three modes for configuring how the ports/PDs may reserve power. determined by 1. Allocated mode: In this mode the user allocates the amount of power that each port may reserve.
  • Page 184 AS Series User Manual 2. Reserved Power: In this mode the ports are shut down when total reserved powered exceeds the amount of power that the power supply can deliver. In this mode the port power is not turned on if the PD requests more power than available from the power supply.

  • Page 185: Power Delay

    AS Series User Manual Power Delay This section is used to configure time periods in which particular ports will power on the connected PoE devices. Information This section is used to configure PoE Power Delay settings on the AS Series switches. Select Configuration >...

  • Page 186: Scheduling

    AS Series User Manual Scheduling The AS Series PoE switches support a PoE Scheduling feature that allows the administrator to power off devices when they are not in use. This can be used as a power saving feature to limit the amount of power draw of the switch.
  • Page 187 AS Series User Manual Parameter Description Port This is the logical port number for this row Status PoE Scheduling Status. Enabled: Enable POE Scheduling. Disabled: Disable POE Scheduling. Hour The time of PoE port provide power of a day. Doc No.: AS5-0116-01...

  • Page 188: Auto Checking

    AS Series User Manual Auto Checking The AS Series PoE switches have a feature that allows the administrator to constantly monitor the PD device connected to the switch. Periodically it will ping the device, if there is no response the switch can reboot the device.
  • Page 189 AS Series User Manual Power Supply Configuration Parameter Description Ping Check Enable Ping Check function can detects the connection between PoE port and power device. Disable will turn off the detection. Port Physical port of the switch. Ping IP Address The IP Address of the device connected to this port.

  • Page 190: Mac Table

    AS Series User Manual MAC Table Switching of frames is based upon the Destination MAC address contained in the frame. The switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the Destination MAC address in the frame). This table contains both static and dynamic entries.

  • Page 191: Aging Configuration

    AS Series User Manual Aging Configuration By default, dynamic entries are removed from the MAC table after 300 seconds. This removal is also called aging. Configure aging time by entering a value here in seconds; for example, Age time seconds. The allowed range is 10 to 1000000 seconds.
  • Page 192 AS Series User Manual values. Doc No.: AS5-0116-01...

  • Page 193: Vlan's

    AS Series User Manual VLAN’s The virtual LAN (VLAN) allows you to group physically separate users into the same broadcast domain. The use of VLANs improves security, segmentation, and flexibility. The use of VLANs also decreases the cost of arranging users, because no extra cabling is required. VLANs allow an administrator to define user groups logically rather than by their physical locations.
  • Page 194 AS Series User Manual through to 4095. To enter in single VLANs you use a comma. Adding 1, 3, 8 will only allocate VLAN’s 1, 3 and 8. Note: If an option is greyed out it is not available to be modified in that configuration mode.
  • Page 195 AS Series User Manual Parameter Description Allowed Access This field shows the VLANs that are created on the switch. VLAN’s By default, only VLAN 1 exists. More VLANs may be created by using a list syntax where the individual elements are separated by commas. Ranges are specified with a dash separating the lower and upper bound.
  • Page 196 AS Series User Manual following characteristics: • By default, a trunk port is member of all existing VLANs. This may be limited by the use of Allowed VLANs. • unless VLAN Trunking is enabled on the port, frames classified to a VLAN that the port is not a member of will be discarded.
  • Page 197 AS Series User Manual C-Port: C-Ports is the more commonly used port type for VLAN for Tagged ports. We recommend using this Port type for Tagged VLANs unless you are a service provider or require QinQ stacked VLAN’s. On ingress, frames with a VLAN tag with TPID = 0x8100 get classified to the VLAN ID embedded in the tag.
  • Page 198 AS Series User Manual VLANs that haven't been created. By configuring the ports that connect the cloud of switches as trunking ports, they can seamlessly carry those VLANs from one end to the other. Hybrid ports allow for changing the type of frames that are accepted on ingress. Ingress Acceptance Tagged and Untagged Both tagged and untagged frames are accepted.
  • Page 199 AS Series User Manual member of all possible VLANs. Doc No.: AS5-0116-01...

  • Page 200: Private Vlan's

    AS Series User Manual Private VLAN’s The Private VLAN membership configurations for the switch can be monitored and modified under this section. Port members of each Private VLAN can be added and removed. Private VLANs are based on the source port mask, and there are no connections to VLANs. This means that VLAN IDs and Private VLAN IDs can be identical.
  • Page 201 AS Series User Manual Parameter Description Delete To delete a private VLAN entry, check this box. The entry will be deleted during the next save. Private VLAN ID Indicates the ID of this particular private VLAN. Port Members A row of check boxes for each port is displayed for each private VLAN ID. To include a port in a Private VLAN, check the box.

  • Page 202: Port Isolation

    AS Series User Manual Port Isolation Port Isolation provides a method that isolates ports on layer 2 switches on the same VLAN to restrict traffic flow. Port isolation is a technique in computer networking where a VLAN contains switch ports that are restricted such that they can only communicate with a given "uplink".

  • Page 203: Vcl

    AS Series User Manual MAC Based VLAN MAC address-based VLAN decides the VLAN for forwarding an untagged frame based on the source MAC address of the frame. A most common way of grouping VLAN members is by port, hence the name port-based VLAN. Typically, the device adds the same VLAN tag to untagged packets that are received through the same port.
  • Page 204 AS Series User Manual Fig: MAC-based VLAN Membership Configuration. Parameter Description Delete To delete a MAC-based VLAN entry, check this box and press save. The entry will be deleted on the selected switch in the stack. MAC Address Indicates the MAC address VLAN ID Indicates the VLAN ID.

  • Page 205: Protocol Based Vlan

    AS Series User Manual Protocol Based VLAN This section describe Protocol -based VLAN, The Switch support Protocol include Ethernet LLC SNAP Protocol, The Logical Link Control (LLC) data communication protocol layer is the upper sub-layer of the Data Link Layer (which is itself layer 2, just above the Physical Layer) in the seven-layer OSI reference model.
  • Page 206 AS Series User Manual The Protocol to Group Mapping Table Fig: Protocol to Group Mapping Table Parameter Description To delete a Protocol to Group Name map entry, check this box. The entry will be Delete deleted on the switch during the next Save. Frame Type can have one of the following values: Frame Type Ethernet...
  • Page 207 AS Series User Manual OUI for a particular organization, the protocol ID is a value assigned by that organization to the protocol running on top of SNAP. In other words, if value of OUI field is 00-00-00 then value of PID will be etype (0x0600-0xffff) and if value of OUI is other than 00-00-00 then valid value of PID will be any value from 0x0000 to 0xffff.

  • Page 208: Group To Vlan

    AS Series User Manual Group to VLAN Information This page allows you to map an already configured Group Name to a VLAN Switch. 1. Select Configuration > VCL > Protocol-based VLAN > Group to VLAN 2. By Default there will be no Group Entries. To create an entry, select Add New Entry 3.
  • Page 209 AS Series User Manual A row of check boxes for each port is displayed for each Group Name to VLAN Port Members ID mapping. To include a port in a mapping, check the box. To remove or exclude the port from the mapping, make sure the box is unchecked. By default, no ports are members, and all boxes are unchecked.

  • Page 210: Ip Subnet-Based Vlan

    AS Series User Manual IP Subnet-based VLAN Information The IP subnet-based VLAN entries can be configured here. This page allows for adding, updating and deleting IP subnet-based VLAN entries and assigning the entries to different ports. This page shows only static entries. 1.
  • Page 211 AS Series User Manual A row of check boxes for each port is displayed for each IP subnet-based VLAN Port Members entry. To include a port in a IP subnet-based VLAN, check the box. To remove or exclude the port from the IP subnet-based VLAN, make sure the box is unchecked.

  • Page 212: Voice Vlan

    AS Series User Manual Voice VLAN Voice VLAN is VLAN configured specially for voice traffic. By adding the ports with voice devices attached to voice VLAN, we can perform QoS-related configuration for voice data, ensuring the transmission priority of voice traffic and voice quality. Information The Voice VLAN feature enables voice traffic forwarding on the Voice VLAN, then the switch can classify and schedule network traffic.
  • Page 213 AS Series User Manual Fig: The IP Voice VLAN Configuration Doc No.: AS5-0116-01...
  • Page 214 AS Series User Manual Parameter Description Indicates the Voice VLAN mode operation. We must disable MSTP feature Mode before we enable Voice VLAN. It can avoid the conflict of ingress filtering. Possible modes are: Enabled: Enable Voice VLAN mode operation. Disabled: Disable Voice VLAN mode operation.
  • Page 215 AS Series User Manual "OUI" or "LLDP" will restart auto detect process. Possible discovery protocols are: OUI: Detect telephony device by OUI address. LLDP: Detect telephony device by LLDP. Both: Both OUI and LLDP. Apply – Click to save changes. Buttons Reset- Click to undo any changes made locally and revert to previously saved values.

  • Page 216: Oui

    AS Series User Manual This section is used to configure the Voice VLAN OUI table. The maximum number of entries is 16. Modifying the OUI table will restart auto detection of OUI process. Information To configure the Voice VLAN OUI settings via the Web Interface: 1.
  • Page 217 AS Series User Manual Parameter Description Delete Check to delete the entry. It will be deleted during the next save. Telephony OUI A telephony OUI address is a globally unique identifier assigned to a vendor by IEEE. It must be 6 characters long and the input format is "xx-xx-xx" (x is a hexadecimal digit).

  • Page 218: Qos

    AS Series User Manual The AS Series switches support four QoS queues per port with strict or weighted fair queuing scheduling. It supports QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges. High flexibility in the classification of incoming frames to a QoS class.

  • Page 219: Port Classification

    AS Series User Manual Port Classification This section allows you to configure the basic QoS Ingress Classification settings for all switch ports. Information To configure the QoS Port Classification settings via the Web Interface: 1. Click Configuration > QoS > Port Classification 2.
  • Page 220 AS Series User Manual Parameter Description Port Physical port of the switch. Controls the default QoS class, i.e., the QoS class for frames not classified in any other way. There is a one to one mapping between QoS class, queue and priority.

  • Page 221: Port Policing

    AS Series User Manual Port Policing This section provides an overview of QoS Ingress Port Policers for all switch ports The Port Policing is useful in constraining traffic flows and marking frames above specific rates. Policing is primarily useful for data flows and voice or video flows because voice and video usually maintains a steady rate of traffic.
  • Page 222 AS Series User Manual Parameter Description Port The logical port for the settings contained in the same row. Click on the port number in order to configure the schedulers. Enabled To evoke which Port you need to enable the QoS Ingress Port Policers function. Rate To set the Rate limit value for this port, the default is 500.

  • Page 223: Port Schedulers

    AS Series User Manual Port Schedulers This section provides an overview of QoS Egress Port Schedulers for all switch ports. Information To display the QoS Port Schedulers in the web interface: 1. Click Configuration > QoS > Port Scheduler. 2. Click on the required port to configure the scheduling options. 3.
  • Page 224 AS Series User Manual Doc No.: AS5-0116-01...
  • Page 225 AS Series User Manual Fig: The QoS Egress Port Schedules Parameter Description Port The logical port for the settings contained in the same row. Click on the port number in order to configure the schedulers. Shows the scheduling mode for this port. Mode Shows the weight for this queue and port.
  • Page 226 AS Series User Manual Excess Controls the weight for this queue. The default value is "17". This value is Queue Scheduler restricted to 1-100. This parameter is only shown if "Scheduler Mode" is set to Weight "Weighted". Shows the weight in percent for this queue. This parameter is only shown if Queue scheduler "Scheduler Mode"...

  • Page 227: Port Tag Remarking

    AS Series User Manual Port Tag Remarking This section provides an overview of QoS Egress Port Tag Remarking all switch ports. Information To configure the QoS Port Tag Remarking settings via the Web Interface: 1. Click Configuration > QoS > Port Tag Remarking. 2.
  • Page 228 AS Series User Manual Fig: The Port Tag Remarking Doc No.: AS5-0116-01...
  • Page 229 AS Series User Manual Parameter Description Controls the tag remarking mode for this port. Mode Classified: Use classified PCP/DEI values. Default: Use default PCP/DEI values. Mapped: Use mapped versions of QoS class and DP level. Controls the default PCP and DEI values used when the mode is set to Default. PCP/DEI Configuration Controls the mapping of the classified (QoS class, DP level) to (PCP, DEI) values...

  • Page 230: Port Dscp

    AS Series User Manual Port DSCP This section will teach user to set the QoS Port DSCP configuration that was allowed you to configure the basic QoS Port DSCP Configuration settings for all switch ports. Information To configure the QoS Port DSCP settings via the Web Interface: 1.
  • Page 231 AS Series User Manual Parameter Description The Port column shows the list of ports for which you can configure dscp Port ingress and egress settings In Ingress settings you can change ingress translation and classification settings Ingress for individual ports. There are two configuration parameters available in Ingress: Translate : To Enable the Ingress Translation click the checkbox Classify: Classification for a port have 4 different values...

  • Page 232: Dscp-Based Qos

    AS Series User Manual DSCP-Based QoS This section is used to configure DSCP-based QoS settings for all switch ports. Information To configure the DSCP-based QoS settings via the Web Interface: 1. Click Configuration > QoS > DSCP-based QoS. 2. Specify whether the DSCP value is trusted, and set the corresponding QoS value and DP level used for ingress processing.
  • Page 233 AS Series User Manual Drop Precedence Level (0-3) Buttons Apply – Click to save changes. Reset- Click to undo any changes made locally and revert to previously saved values. Doc No.: AS5-0116-01...

  • Page 234: Dscp Translation

    AS Series User Manual DSCP Translation This section is used to configure DSCP translation for ingress traffic or DSCP re-mapping for egress traffic. Information To configure the DSCP-based QoS settings via the Web Interface: 1. Click Configuration > QoS > DSCP Translation 2.
  • Page 235 AS Series User Manual Parameter Description Maximum number of supported DSCP values are 64 and valid DSCP value DSCP ranges from 0 to 63. Ingress side DSCP can be first translated to new DSCP before using the DSCP for Ingress QoS class and DPL map.

  • Page 236: Dscp Classification

    AS Series User Manual DSCP Classification This section is used to map DSCP values to a QoS class and drop precedence level. Information To configure the DSCP-based QoS settings via the Web Interface: 1. Click Configuration > QoS > DSCP Classification. 2.
  • Page 237 AS Series User Manual Fig: The DSCP Classification Configuration Doc No.: AS5-0116-01...
  • Page 238 AS Series User Manual Parameter Description Available QoS Class value ranges from 0 to 7. QoS Class (0-7) can be mapped to QoS Class followed parameters. Drop Precedence Level (0-1) can be configured for all available QoS Classes. Select DSCP value (0-63) from DSCP menu to map DSCP to corresponding QoS DSCP Class and DPL value Buttons...

  • Page 239: Qos Control List Configuration

    AS Series User Manual QoS Control list Configuration Use the QoS Control List Configuration page to configure Quality of Service policies for handling ingress packets based on Ethernet type, VLAN ID, TCP/UDP port, DSCP, ToS, or VLAN priority tag. Once a QCE is mapped to a port, traffic matching the first entry in the QoS Control List is assigned to the QoS class, drop precedence level, and DSCP value defined by that entry.
  • Page 240 AS Series User Manual Fig: The QoS Control List Configuration Doc No.: AS5-0116-01...
  • Page 241 AS Series User Manual Parameter Description QCE# Indicates the index of QCE. Indicates the list of ports configured with the QCE Port Indicates the destination MAC address. Possible values are: DMAC Any: Match any DMAC. Unicast: Match unicast DMAC. Multicast: Match multicast DMAC. Broadcast: Match broadcast DMAC.
  • Page 242 AS Series User Manual Ethernet: Only Ethernet frames (with Ether Type 0x600-0xFFFF) are allowed. LLC: Only (LLC) frames are allowed. SNAP: Only (SNAP) frames are allowed IPv4: The QCE will match only IPV4 frames. IPv6: The QCE will match only IPV6 frames Indicates the classification action taken on ingress frame if parameters Action configured are matched with the frame's content.
  • Page 243 AS Series User Manual DEI Drop Eligible Indicator: Valid value of DEI can be any of values between 0, 1 or 'Any' SMAC Source MAC address: 24 MS bits (OUI) or 'Any' DMAC Type Destination MAC type: possible values are unicast(UC), multicast(MC), broadcast(BC) or 'Any' Frame Type Frame Type can have any of the following values 1.
  • Page 244 AS Series User Manual 6. IPv6 :Protocol IP protocol number: (0-255, TCP or UDP) or 'Any' Source IP IPv6 source address: (a.b.c.d) or 'Any', 32 LS bits DSCP Diffserv Code Point value(DSCP): It can be specific value, range of value or 'Any'.

  • Page 245: Storm Control

    AS Series User Manual Storm Control Use the Storm Control Configuration page to set limits on broadcast, multicast and unknown unicast traffic to control traffic storms which may occur when a network device is malfunctioning, the network is not properly configured, or application programs are not well designed or properly configured.
  • Page 246 AS Series User Manual Parameter Description The settings in a particular row apply to the frame type listed here: Unicast, Frame Type Multicast or Broadcast. Enable Enable or disable the storm control status for the given frame type. Rate The rate unit is packets per second (pps). Valid values are: 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1K, 2K, 4K, 8K, 16K, 32K, 64K, 128K, 256K, 512K or 1024K.

  • Page 247: Mirroring

    AS Series User Manual Mirroring The AS Series switches support traffic mirroring to capture and analyze real time traffic. You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner.
  • Page 248 AS Series User Manual Fig: The Mirror Configuration Parameter Description Port The logical port for the settings contained in the same row. Mode Select mirror mode. Rx only Frames received on this port are mirrored on the mirror port. Frames transmitted are not mirrored.
  • Page 249 AS Series User Manual Apply – Click to save changes. Buttons Reset- Click to undo any changes made locally and revert to previously saved values. Doc No.: AS5-0116-01...

  • Page 250: Upnp

    AS Series User Manual UPnP The AS Series switches support UPnP. UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components.
  • Page 251 AS Series User Manual Duration control points how often it or they should receive an SSDP advertisement message from this switch. If a control point does not receive any message within the duration, it will think that the switch no longer exists. Due to the unreliable nature of UDP, in the standard it is recommended that such refreshing of advertisements to be done at less than one-half of the advertising duration.

  • Page 252: Gvrp

    AS Series User Manual GVRP The GARP VLAN Registration Protocol (GVRP) allows network devices to share VLAN information and to use the information to modify existing VLANs or create new VLANs, automatically. This makes it easier to manage VLANs that span more than one switch. Without GVRP, you have to manually configure your switches to ensure that the various parts of the VLANs can communicate with each other across the different switches.
  • Page 253 AS Series User Manual •default-config: A read-only file with vendor-specific configuration. This file is read when the system is restored to default settings. It is also possible to store up to two other files and apply them to running-config, thereby switching configuration Information This page allows you to configure the Global GVRP Configuration settings for all switch ports.
  • Page 254 AS Series User Manual Leave All-time is a value in the range 1000-5000 in the units of centi seconds, i.e. in units of one hundredth of a second. The default is 1000. Max number of When GVRP is enabled a maximum number of VLANs supported by GVRP is VLAN’s specified.

  • Page 255: Port Config

    AS Series User Manual Port Config Information This page allows you to configure the basic GVRP Configuration settings for all switch ports. The settings relate to the currently selected unit, as reflected by the page header. 1. Click Configuration > GVRP > Port Config. 2.

  • Page 256: Sflow

    AS Series User Manual sFlow The AS Series switches support s-Flow network monitoring. sFlow is a sampling technology that meets the key requirements for a network traffic monitoring solution:  sFlow provides a network-wide view of usage and active routes. It is a scalable technique for measuring network traffic, collecting, storing, and analyzing traffic data.
  • Page 257 AS Series User Manual Fig: The sFlow Configuration Doc No.: AS5-0116-01...

  • Page 258: Agent Configuration

    AS Series User Manual Agent Configuration Parameter Description The IP address used as Agent IP address in sFlow datagrams. It serves as a IP Address unique key that will identify this agent over extended periods of time. Both IPv4 and IPv6 addresses are supported. Receiver Configuration Parameter Description...
  • Page 259 AS Series User Manual Enabled Flow Sampler The statistical sampling rate for packet sampling. Set to N to sample on Sampling Rate average 1/Nth of the packets transmitted/received on the port. Not all sampling rates are achievable. If an unsupported sampling rate is requested, the switch will automatically adjust it to the closest achievable.

  • Page 260: Switch Alert

     Receive real time critical network conditions and attack events from Alloy managed switches at any time  Easily register your Alloy managed switches with the switch alert app via a one off 3 step process Switch Alert Setting Information To configure the Switch Alert management via the web interface 1.
  • Page 261 AS Series User Manual Fig: The Switch Alert Setting Parameter Description Management Indicates the Management mode operation. When the mode operation is Mode enabled, the message will send out to (or get from) the server. The protocol is based on TCP communication and received on TCP port 443 and the server will send acknowledgments/information back sender since TCP is a connection- oriented protocol.
  • Page 262 AS Series User Manual Possible modes are: Automatic: Link Option in Automatic. Manual: Link Option in Manual. Link State Report network information between Switch and Internet Gateway Device (IGN). External Port When the Link Option in Manual, you should Setting External Port. Internal Port Information about Client's Internal Port.

  • Page 263: Mobile Link Management

    AS Series User Manual Mobile Link Management Configure the Mobile Link Management Settings on this page. This section is used to configure your mobile device to receive switch alerts from Switch Alert. Information To configure the Switch Alert management via the web interface 1.
  • Page 264 AS Series User Manual Fig: The Mobile Link Management Parameter Description User Mobile Information about the mobile devices which can access this switch. Device Link List Activity Code The Activity Code to register the mobile device to the Switch Alert Setting Server.

  • Page 265: Ipush Options

    AS Series User Manual iPush Options iPush options are configured on this page. User can setup the events to trigger the iPush and the severity in iPush Event Severity Configuration. The name and role of each port also can be defined here.
  • Page 266 AS Series User Manual Reset- Click to undo any changes made locally and revert to previously saved values. Doc No.: AS5-0116-01...

  • Page 267: Smtp Configuration

    AS Series User Manual SMTP Configuration The AS Series switches support trap events that can alert the administrator if a particular event occurs. This section is used to configure the mail server settings that will be used to send the emails. Email Addresses can also be configured here, these will be the addresses the events will be sent to.
  • Page 268 AS Series User Manual Password Specify the password on the mail server. Sender Specify the sender name of the alarm mail. Return-Path Specify the sender email address of the alarm mail. This address will be the "from" address on the email message. Email Address 1-6 Email address that would like to receive the alarm message.

  • Page 269: Monitor

    AS Series User Manual Monitor This chapter describes all of the basic network statistics which includes the Ports, Layer 2 network protocol (e.g. NAS, ACL, DHCP, AAA and RMON etc.) and any setting of the Switch. System After you login, the switch shows you the system information. This page is default and tells you the basic information of the system, including “Model Name”, “System Description”, “Contact”, “Location”, “System Up Time”, “Firmware Version”, “Host Mac Address”, “Device Port”.
  • Page 270 AS Series User Manual Parameter Description Model Name Displays the factory defined model name for identification purpose. System Description Displays the system description. Location The system location configured in Configuration | System | Information | System Location. The system contact configured in Configuration | System | Information | Contact System Contact.

  • Page 271: Ip Status

    AS Series User Manual IP Status This page displays the status of the IP protocol layer. The status is defined by the IP interfaces, the IP routes and the neighbor cache (ARP cache) status. Information To display the IP configuration Status via the Web Interface: 1.
  • Page 272 AS Series User Manual IP Interfaces Parameter Description Interface Show the name of the interface. Type Show the address type of the entry. This may be LINK or IPv4. Address Show the current address of the interface (of the given type). Status Show the status flags of the interface (and/or address).
  • Page 273 AS Series User Manual Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page immediately. Doc No.: AS5-0116-01...

  • Page 274: Log

    AS Series User Manual This section describes that display the system log information of the switch Information To display the Log Information Status via the Web Interface: 1. Click Monitor > System > Log Fig: The System Log Information Doc No.: AS5-0116-01...
  • Page 275 AS Series User Manual Parameter Description Auto-refresh To evoke the auto-refresh icon then the device will refresh the log automatically. Level of the system log entry. The following level types are supported: Level Information level of the system log. Warning: Warning level of the system log. Error: Error level of the system log.

  • Page 276: Detailed Log

    AS Series User Manual Detailed Log This section describes that display the detailed log information of the switch Information To display the Detailed Log Information Status via the Web Interface: 1. Click Monitor > System > Detailed Log Fig: The Detailed System Log Information Parameter Description The ID (>= 1) of the system log entry.

  • Page 277: Green Ethernet

    AS Series User Manual Green Ethernet Port Power Savings This page provides the current status for Energy Efficient Ethernet (EEE) Information To display the Port Power Savings via the Web Interface: 1. Click Monitor > Port Power Savings Fig: Green Ethernet Port Saving Settings Parameter Description Local Port...
  • Page 278 AS Series User Manual Actiphy Savings Shows if the system is currently saving power due to ActiPhy. PerfectReach Shows if the system is currently saving power due to PerfectReach. Savings Doc No.: AS5-0116-01...

  • Page 279: Ports

    AS Series User Manual Ports The section describes to configure the Port detail parameters of the switch. Others you could using the Port configure to enable or disable the Port of the switch. Monitor the ports content or status in the function.
  • Page 280 AS Series User Manual Parameter Description Port The logical port for the settings contained in the same row. Packets The number of received and transmitted packets per port. Bytes The number of received and transmitted bytes per port. Errors The number of frames received in error and the number of incomplete transmissions per port.

  • Page 281: Qos Statistics

    AS Series User Manual QoS Statistics The section describes that switch could display the QoS detailed Queuing counters for a specific switch port. For the different queues for all switch ports. Information To Display the QoS Statistics in the web interface: 1.
  • Page 282 AS Series User Manual refresh occurs every 3 seconds. Refresh: Click to refresh the page. Clear: Clears the counters for all ports. Doc No.: AS5-0116-01...

  • Page 283: Qcl Status

    AS Series User Manual QCL Status The section will let you know how to configure and shows the QCL status by different QCL users. Each row describes the QCE that is defined. It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations.
  • Page 284 AS Series User Manual IPv4: The QCE will match only IPV4 frames. IPv6: The QCE will match only IPV6 frames. Port Indicates the list of ports configured with the QCE. Action Indicates the classification action taken on ingress frame if parameters configured are matched with the frame's content.

  • Page 285: Detailed Statistics

    AS Series User Manual Detailed Statistics The section describes how to provide detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display. The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit.
  • Page 286 AS Series User Manual Fig: The Detailed Port Statistics Receive Total and Transmit Total Parameter Description To evoke the auto-refresh to refresh the Port Statistics information Auto-refresh automatically. Rx and Tx Packets The number of received and transmitted (good and bad) packets. Rx and Tx Octets The number of received and transmitted (good and bad) bytes.
  • Page 287 AS Series User Manual Broadcast Rx and Tx Pause A count of the MAC Control frames received or transmitted on this port that have an opcode indicating a PAUSE operation Receive and Transmit Size Counters The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes.
  • Page 288 AS Series User Manual Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Clear: Clears the counters for the selected port. Refresh: Click to refresh the page. Doc No.: AS5-0116-01...

  • Page 289: Sfp Information

    AS Series User Manual SFP Information The section describes that switch could display the SFP module detail information which you connect it to the switch. The information includes: Connector type, Fiber type, wavelength, baud rate and Vendor OUI etc. Information To Display the SFP Information in the web interface: 1.
  • Page 290 AS Series User Manual Fiber Type Display the fiber mode, for instance, Multi-Mode, Single-Mode. Tx Central Display the fiber optical transmitting central wavelength, for instance, 850nm, Wavelength 1310nm, 1550nm and so on. Baud Rate Display the maximum baud rate of the fiber module supported, for instance, 10M, 100M, 1G and so on.

  • Page 291: Dhcp

    AS Series User Manual DHCP Server DHCP Server is used to allocate network addresses and deliver configuration parameters to dynamically configured hosts called DHCP client. Statistics This page displays the database counters and the number of DHCP messages sent and received by DHCP server.
  • Page 292 AS Series User Manual Pool Number of pools. Excluded IP Number of excluded IP address ranges. Address Declined IP Number of sec lined IP addresses. Address Binding Counters Parameter Description Automatic Binding Number of bindings with network-type pools. Manual Binding Number of bindings that administrator assigns an IP address to a client.

  • Page 293: Binding

    AS Series User Manual Binding This page displays bindings generated for DHCP clients. Information To Display DHCP Server Binding IP in the web interface: 1. Click Monitor > DHCP > Server > Binding 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.

  • Page 294: Declined Ip

    AS Series User Manual Declined IP This page displays declined IP addresses. Information To Display Declined IPs in the web interface: 1. Click Monitor > DHCP > Server > Declined IP 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.

  • Page 295: Snooping Table

    AS Series User Manual Snooping Table This page display the dynamic IP assigned information after DHCP Snooping mode is disabled. All DHCP clients obtained the dynamic IP address from the DHCP server will be listed in this table except for local VLAN interface IP addresses. Entries in the Dynamic DHCP snooping Table are shown on this page.

  • Page 296: Relay Statistics

    AS Series User Manual Relay Statistics This page provides statistics for DHCP relay. Information To Display the Relay Statistics Information in the web interface: 1. Click Monitor > DHCP > Relay Statistics 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.
  • Page 297 AS Series User Manual Circuit ID Receive Missing The number of packets received with the Remote ID option missing. Remote ID Receive Bad Circuit The number of packets whose Circuit ID option did not match known circuit ID. Receive Bad The number of packets whose Remote ID option did not match known Remote Remote ID Client Statistics...

  • Page 298: Detailed Statistics

    AS Series User Manual Detailed Statistics This page provides statistics for DHCP snooping. Notice that the normal forward per-port TX statistics isn't increased if the incoming DHCP packet is done by L3 forwarding mechanism. And clear the statistics on specific port may not take effect on global statistics since it gathers the different layer overview.
  • Page 299 AS Series User Manual Rx and Tx Offer The number of offer (option 53 with value 2) packets received and transmitted. Rx and TX Request The number of request (option 53 with value 3) packets received and transmitted. Rx and Tx Decline The number of decline (option 53 with value 4) packets received and transmitted.

  • Page 300: Security

    AS Series User Manual Security Access Management Statistics This section shows you a detailed statistics of the Access Management including HTTP, HTTPS, SSH. TELNET. Information To Display the Access Management Statistics Information in the web interface: 1. Click Monitor > Security > Access Management Statistics 2.
  • Page 301 AS Series User Manual mode is enabled. Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Clear: Clears the counters for the selected port. Refresh: Click to refresh the page. Doc No.: AS5-0116-01...

  • Page 302: Network

    AS Series User Manual Network Port Security Switch This section shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning. In this mode, frames from unknown MAC addresses are passed on to the port security module, which in turn asks all user modules whether to allow this new MAC address to forward or block it.
  • Page 303 AS Series User Manual Fig: The Port Security Switch Status Parameter Description User Module The legend shows all user modules that may request Port Security services. Legend User Module The full name of a module that may request Port Security services. Name Abbr A one-letter abbreviation of the user module.
  • Page 304 AS Series User Manual columns, which are: Port The port number for which the status applies. Click the port number to see the status for this particular port. Users Each of the user modules has a column that shows whether that module has enabled Port Security or not.
  • Page 305 AS Series User Manual Port This section shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software- based learning.
  • Page 306 AS Series User Manual address still forwards traffic. If the age period (measured in seconds) expires and no frames have been seen, the MAC address will be removed from the MAC table. Otherwise a new age period will begin. If aging is disabled or a user module has decided to hold the MAC address indefinitely, a dash (-) will be shown Buttons Auto-refresh: Check this box to refresh the page automatically.

  • Page 307: Nas

    AS Series User Manual Switch The section describes to show the each port NAS status information of the switch. The status includes Admin State Port State, Last Source, Last ID, QoS Class, and Port VLAN ID. Information To Display the NAS Statistics Information in the web interface: 1.
  • Page 308 AS Series User Manual individual states. Last Source The source MAC address carried in the most recently received EAPOL frame for EAPOL-based authentication, and the most recently received frame from a new client for MAC-based authentication. Last ID The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame for EAPOL-based authentication, and the source MAC address from the most recently received frame from a new client for MAC-based authentication.

  • Page 309: Port

    AS Series User Manual Port The section describes to provide detailed NAS statistics for a specific switch port running EAPOL- based IEEE 802.1X authentication. For MAC-based ports, it shows selected backend server (RADIUS Authentication Server) statistics only. Information To Display the NAS port Statistics Information in the web interface: 1.
  • Page 310 AS Series User Manual Read more about Guest VLANs here. Port Counters Parameter Description EAPOL Counters These supplicant frame counters are available for the following administrative states: • Force Authorized • Force Unauthorized • Port-based 802.1X • Single 802.1X • Multi 802.1X Backend Server These backend (RADIUS) frame counters are available for the following Counters...
  • Page 311 AS Series User Manual • Multi 802.1X • MAC-based Auth. The table is identical to and is placed next to the Port Counters table, and will be empty if no MAC address is currently selected. To populate the table, select one of the attached MAC Addresses from the table below.
  • Page 312 AS Series User Manual Clear: This button is available in the following modes: • Force Authorized • Force Unauthorized • Port-based 802.1X • Single 802.1X Clear All: Click to clear the counters for the selected port. This button is available in the following modes: •...

  • Page 313: Arp Inspection

    AS Series User Manual ARP Inspection The section describes to configure the Dynamic ARP Inspection Table parameters of the switch. The Dynamic ARP Inspection Table contains up to 1024 entries, and is sorted first by port, then by VLAN ID, then by MAC address, and then by IP address. Information To Display the ARP Inspection Information in the web interface: 1.
  • Page 314 AS Series User Manual Port Switch Port Number for which the entries are displayed. VLAN ID VLAN-ID in which the ARP traffic is permitted. MAC Address User MAC address of the entry. IP Address User IP address of the entry. Buttons Auto-refresh: Check this box to refresh the page automatically.

  • Page 315: Ip Source Guard

    AS Series User Manual IP Source Guard Entries in the Dynamic IP Source Guard Table are shown on this page. The Dynamic IP Source Guard Table is sorted first by port, then by VLAN ID, then by IP address, and then by MAC address. Information To Display the IP Source Guard in the web interface: 1.

  • Page 316: Aaa

    AS Series User Manual Radius Overview This section shows you an overview of the RADIUS Authentication and Accounting servers status to ensure the function is workable. Information To Display the Radius Overview Information in the web interface: 1. Click Monitor > Security > AAA > RADIUS Overview 2.
  • Page 317 AS Series User Manual Parameter Description The RADIUS server number. Click to navigate to detailed statistics for this server. IP Address The IP address and UDP port number (in <IP Address>:<UDP Port> notation) of this server. State The current state of the server. This field takes one of the following values: Disabled: The server is disabled.
  • Page 318 AS Series User Manual seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled. Doc No.: AS5-0116-01...

  • Page 319: Radius Details

    AS Series User Manual RADIUS Details This section shows you the detailed statistics for a particular RADIUS server. Information To Display the Radius Details Information in the web interface: 1. Click Monitor > Security > AAA > RADIUS Details 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.
  • Page 320 AS Series User Manual Fig: The RADIUS Authentication Statistics Server RADIUS Authentication Statistics The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB. Use the server select box to switch between the backend servers to show details for. Packet Counters RADIUS authentication server packet counter.
  • Page 321 AS Series User Manual Responses rmedAccessResponses packets received from the server. Malformed packets include packets with an invalid length. Bad authenticators or Message Authenticator attributes or unknown types are not included as malformed access responses. Bad Authenticators radiusAuthClientExtBadA The number of RADIUS Access-Response packets uthenticators containing invalid...
  • Page 322 AS Series User Manual variable is incremented when an Access-Request is sent and decremented due to receipt of an Access-Accept, Access- Reject, Access-Challenge, timeout, or retransmission. Timeouts radiusAuthClientExtTimeo The number of authentication timeouts to the server. After a timeout, the client may retry to the same server, send to a different server, or give up.
  • Page 323 AS Series User Manual Dead (X seconds left): Access attempts were made to this server, but it did not reply within the configured timeout. The server has temporarily been disabled, but will get re-enabled when the dead-time expires. The number of seconds left before this occurs is displayed in parentheses.
  • Page 324 AS Series User Manual authenticators or unknown types are not included as malformed access responses. Bad Authenticators radiusAcctClientExtBadAu The number of RADIUS thenticators packets containing invalid authenticators received from the server. Unknown Types radiusAccClientExtUnkno The number of RADIUS wnTypes packets of unknown types that were received from the server on the accounting port.
  • Page 325 AS Series User Manual well as a timeout. A send to a different server is counted as a Request as well as a timeout. Other Info This section contains information about the state of the server and the latest round-trip time. Name RFC4668 Name Description...
  • Page 326 AS Series User Manual Round-Trip Time The time interval (measured in milliseconds) between the most recent Response and the Request that matched it from the RADIUS radiusAccClientExtRoundTripTim accounting server. The granularity of this measurement is 100 ms. A value of 0 ms indicates that there hasn't been round-trip communication with the server yet.

  • Page 327: Switch

    AS Series User Manual Switch RMON Statistics From the Statistics table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Statistics table. The first displayed will be the one with the lowest ID found in the Statistics table.
  • Page 328 AS Series User Manual Data Source The port ID which wants to be monitored. (ifindex) Drop The total number of events in which packets were dropped by the probe due to lack of resources. Octets The total number of octets of data (including those in bad packets) received on the network.
  • Page 329 AS Series User Manual 512-1023 The total number of packets (including bad packets) received that were between 512 to 1023 octets in length. 1024-1588 The total number of packets (including bad packets) received that were between 1024 to 1588 octets in length. Buttons Auto-refresh: Check this box to refresh the page automatically.

  • Page 330: History

    AS Series User Manual History This section provides an overview of RMON History entries. Each page shows up to 99 entries from the History table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the History table. The first displayed will be the one with the lowest History Index and Sample Index found in the History table.
  • Page 331 AS Series User Manual Information To Display the RMON History Information in the web interface: 1. Click Monitor > Security > RMON > History 2. If you want to auto-refresh the information tick the Auto-refresh option. 3. Click Refresh to refresh the History statistics or clear all information when you click Clear. Parameter Description History Index...
  • Page 332 AS Series User Manual Jabb The number of frames which size is larger than 64 octets received with invalid CRC. Coll The best estimate of the total number of collisions on this Ethernet segment. Utilization The best estimate of the mean physical layer network utilization on this interface during this sampling interval, in hundredths of a percent.

  • Page 333: Alarm

    AS Series User Manual Alarm This page provides an overview of RMON Alarm entries. Each page shows up to 99 entries from the Alarm table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Alarm table. The first displayed will be the one with the lowest ID found in the Alarm table.
  • Page 334 AS Series User Manual Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds. Value The value of the statistic during the last sampling period. Startup Alarm The alarm that may be sent when this entry is first set to valid. Rising Threshold Rising threshold value.

  • Page 335: Event

    AS Series User Manual Event This page provides an overview of RMON Event table entries. Each page shows up to 99 entries from the Event table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Event table. The first displayed will be the one with the lowest Event Index and Log Index found in the Event table .
  • Page 336 AS Series User Manual Refresh: Click to refresh the page immediately. |<< : Updates the table starting from the first entry in the Event Table, i.e. the entry with the lowest Event Index and Log Index. >>: Updates the table, starting with the entry after the last entry currently displayed Doc No.: AS5-0116-01...

  • Page 337: Lacp

    AS Series User Manual LACP System Status This section describes that when you complete to set LACP function on the switch then it provides a status overview for all LACP instances. Information To Display the LACP Information in the web interface: 1.

  • Page 338: Port Status

    AS Series User Manual Port Status This section describes that when you complete to set LACP function on the switch then it provides a Port Status overview for all LACP instances Information To Display the LACP Port Status Information in the web interface: 1.
  • Page 339 AS Series User Manual Aggr ID The Aggregation ID assigned to this aggregation group. IDs 1 and 2 are GLAGs while IDs 3-14 are LLAGs. Partner System ID The partner's System ID (MAC address). Partner Port The partner's port number connected to this port. Buttons Auto-refresh: Check this box to refresh the page automatically.

  • Page 340: Port Statistics

    AS Series User Manual Port Statistics This page provides an overview for LACP statistics for all ports. Fig: The LACP Statistics Parameter Description Port The switch port number. LACP Received Shows how many LACP frames have been received at each port. LACP Transmitted Shows how many LACP frames have been sent from each port.

  • Page 341: Loop Protection

    AS Series User Manual Loop Protection This section displays the loop protection port status the ports of the currently selected switch. Information To Display the Loop Protection Information in the web interface: 1. Click Monitor > LACP > Port Statistics 2.

  • Page 342: Spanning Tree

    AS Series User Manual Spanning Tree Bridge Status The Section provides a status overview of all STP bridge instances. The displayed tables on this page contain information on STP information such as Bridge ID, Root ID MSTI etc. Information To Display the Spanning Tree Information in the web interface: 1.
  • Page 343 AS Series User Manual refresh occurs every 3 seconds. Refresh: Click to refresh the page. Doc No.: AS5-0116-01...

  • Page 344: Port Status

    AS Series User Manual Port Status The Section provides you to ask switch to display the STP CIST port status for physical ports of the currently selected switch. Information To Display the STP Port Status Information in the web interface: 1.
  • Page 345 AS Series User Manual Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. Doc No.: AS5-0116-01...

  • Page 346: Port Statistics

    AS Series User Manual Port Statistics The Section provides you to ask switch to display the STP Statistics detail counters of bridge ports in the switch. Information To Display the STP Port Statistic information in the web interface: 1. Click Monitor > Spanning Tree > STP Port Status 2.
  • Page 347 AS Series User Manual Clear: Clears the counters for the selected port. Refresh: Click to refresh the page. Doc No.: AS5-0116-01...

  • Page 348: Mvr

    AS Series User Manual Statistics The section describes the switch will display the MVR detail Statistics after you had configured MVR on the switch. It provides the detail MVR Statistics Information Information To Display the MVR Information in the web interface: 1.
  • Page 349 AS Series User Manual Leave's Received Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Clear: Clears the counters for the selected port. Refresh: Click to refresh the page. Doc No.: AS5-0116-01...

  • Page 350: Mvr Channels Group

    AS Series User Manual MVR Channels Group The section displays the MVR Groups detail information on the switch. Entries in the MVR Group Table are shown on this page. The MVR Group Table is sorted first by VLAN ID, and then by group. Information To Display the MVR Groups Information in the web interface: 1.
  • Page 351 AS Series User Manual VLAN ID VLAN ID of the group. Groups Group ID of the group displayed. Port Members Ports under this group. Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page.

  • Page 352: Mvr Sfm Information

    AS Series User Manual MVR SFM Information The MVR SFM (Source-Filtered Multicast) Information Table contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port. Different source addresses belong to the same group are treated as single entry. Information To Display the MVR SFM Information in the web interface: 1.
  • Page 353 AS Series User Manual Parameter Description VLAN ID VLAN ID of the group. Group Group address of the group displayed. Port Switch port number. Mode Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis. It can be either Include or Exclude. IP Address of the source.

  • Page 354: Ipmc

    AS Series User Manual IPMC IGMP Snooping Status The Section displays the IGMP Snooping detail status. Information To Display the IGMP Snooping Information in the web interface: 1. Click Monitor > IPMC > IGMP Snooping > Status 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.
  • Page 355 AS Series User Manual Parameter Description VLAN ID The VLAN ID of the entry. Querier Version Working Querier Version currently. Host Version Working Host Version currently. Querier Status Shows the Querier status is ACTIVE or IDLE. DISABLE denotes the specific interface is administratively disabled. Queries The number of Transmitted Queries.

  • Page 356: Group Information

    AS Series User Manual Group Information Entries in the IGMP Group Table are shown on this page. The IGMP Group Table is sorted first by VLAN ID, and then by group. Information To Display the IGMP Group Snooping Information in the web interface: 1.
  • Page 357 AS Series User Manual Parameter Description VLAN ID VLAN ID of the group. Groups Group address of the group displayed. Port members Ports under this group. Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page.

  • Page 358: Ipv4 Sfm Information

    AS Series User Manual IPv4 SFM information Entries in the IGMP SFM Information Table are shown on this page. The IGMP SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port. Different source addresses belong to the same group are treated as single entry.
  • Page 359 AS Series User Manual IGMP SFM Information Table Columns Parameter Description VLAN ID VLAN ID of the group. Group Group address of the group displayed. Port Switch port number. Mode Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis.

  • Page 360: Mld Snooping

    AS Series User Manual MLD Snooping Status The section displays the MLD Snooping Status and detail information. It will help you to find out the detail information of MLD Snooping status. Information To Display the IPv4 SFM IGMP Information in the web interface: 1.
  • Page 361 AS Series User Manual Parameter Description VLAN ID The VLAN ID of the entry. Querier Version Working Querier Version currently. Host Version Working Host Version currently. Querier Status Show the Querier status is ACTIVE or IDLE. DISABLE denotes the specific interface is administratively disabled. Queries The number of Transmitted Queries.

  • Page 362: Group Information

    AS Series User Manual Group Information The section the MLD Snooping Groups Information. The Start from VLAN, and group input fields allow the user to select the starting point in the MLD Group Table Information To Display the MLD Group Snooping Information in the web interface: 1.
  • Page 363 AS Series User Manual Parameter Description VLAN ID VLAN ID of the group. Groups Group address of the group displayed. Port Members Ports under this group Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page.

  • Page 364: Ipv6 Sfm Information

    AS Series User Manual IPv6 SFM Information Entries in the MLD SFM Information Table are shown on this page. The MLD SFM (Source-Filtered Multicast) Information Table also contains the SSM (Source-Specific Multicast) information. This table is sorted first by VLAN ID, then by group, and then by Port. Different source addresses belong to the same group are treated as single entry.
  • Page 365 AS Series User Manual Parameter Description VLAN ID VLAN ID of the group. Group Group address of the group displayed. Port Switch port number. Mode Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis. It can be either Include or Exclude. IP Address of the source.

  • Page 366: Lldp

    AS Series User Manual LLDP Neighbors This page provides a status overview for all LLDP neighbors. The displayed table contains a row for each port on which an LLDP neighbor is detected. The columns hold the following information: Information To Display the LLDP information in the web interface: 1.
  • Page 367 AS Series User Manual 3. Bridge 4. WLAN Access Point 5. Router 6. Telephone 7. DOCSIS cable device 8. Station only 9. Reserved When a capability is enabled, the capability is followed by (+). If the capability is disabled, the capability is followed by (-). Management Management Address is the neighbor unit's address that is used for higher Address...

  • Page 368: Lldp-Med Neighbor

    AS Series User Manual LLDP-MED Neighbor This page provides a status overview of all LLDP-MED neighbors. The displayed table contains a row for each port on which an LLDP neighbor is detected. This function applies to VoIP devices which support LLDP-MED. The columns hold the following information: Information To Display the LLDP-MED Neighbor information in the web interface: 1.
  • Page 369 AS Series User Manual 5. Any device that supports the IEEE 802.1AB and MED extensions defined by TIA-1057 and can relay IEEE 802 frames via any method. LLDP-MED Endpoint Device Definition : LLDP-MED Endpoint Devices, as defined in TIA-1057, are located at the IEEE 802 LAN network edge, and participate in IP communication service using the LLDP-MED framework.
  • Page 370 AS Series User Manual endpoint products that act as end user communication appliances supporting IP media. Capabilities include all of the capabilities defined for the previous Generic Endpoint (Class I) and Media Endpoint (Class II) classes, and are extended to include aspects related to end user devices. Example product categories expected to adhere to this class include (but are not limited to) end user communication appliances, such as IP Phones, PC-based softphones, or other communication appliances that directly support the end user.
  • Page 371 AS Series User Manual services. 7. Streaming Video - for use by broadcast or multicast based video content distribution and other similar applications supporting streaming video services that require specific network policy treatment. Video applications relying on TCP with buffering would not be an intended use of this application type. 8.
  • Page 372 AS Series User Manual Capabilities Buttons Auto-refresh: Check this box to refresh the page automatically. Automatic refresh occurs every 3 seconds. Refresh: Click to refresh the page. Doc No.: AS5-0116-01...

  • Page 373: Poe

    AS Series User Manual This page allows the user to inspect the current status for all PoE ports. The section show all port Power Over Ethernet Status. Information To Display the PoE LLDP information in the web interface: 1. Click Monitor > LLDP > PoE 2.
  • Page 374 AS Series User Manual Power Priority Power Power Priority represents the priority of the PD device, or the power priority associated with the PSE type device's port that is sourcing the power. There are three levels of power priority. The three levels are: Critical, High and Low.

  • Page 375: Eee

    AS Series User Manual By using EEE power savings can be achieved at the expense of traffic latency. This latency occurs due to that the circuits EEE turn off to save power, need time to boot up before sending traffic over the link.
  • Page 376 AS Series User Manual more efficient allocation. Systems that do not implement this option default the value to be the same as that of the Receive Tw_sys_tx. Echo Tx Tw The link partner's Echo Tx Tw value. The respective echo values shall be defined as the local link partner’s reflection (echo) of the remote link partners respective values.

  • Page 377: Port Statistics

    AS Series User Manual Port Statistics Two types of counters are shown. Global counters are counters that refer to the whole switch, while local counters refer to per port counters for the currently selected switch Information To Display the LDAP Port information in the web interface: 1.
  • Page 378 AS Series User Manual Global Counters Parameter Description Neighbor entries It also shows the time when the last entry was last deleted or added. It also were last changed shows the time elapsed since the last change was detected. Total Neighbors Shows the number of new entries added since switch reboot.
  • Page 379 AS Series User Manual Org Discarded The number of organizationally received TLVs. Age-Outs Each LLDP frame contains information about how long time the LLDP information is valid (age-out time). If no new LLDP frame is received within the age out time, the LLDP information is removed, and the Age-Out counter is incremented.

  • Page 380: Poe Statistics

    AS Series User Manual PoE Statistics This page allows the user to inspect the current status for all PoE ports. Information To Display the PoE Statistics information in the web interface: 1. Click Monitor > PoE 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.
  • Page 381 AS Series User Manual Priority The Priority shows the port's priority configured by the user. Port Status The Port Status shows the port's status. The status can be one of the following values: PoE not available - No PoE chip found - PoE not supported for the port. PoE turned OFF - PoE disabled: PoE is disabled by user.

  • Page 382: Mac Table

    AS Series User Manual MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address. Information To Display the MAC Table information in the web interface: 1.
  • Page 383 AS Series User Manual MAC Table Columns Parameter Description Type Indicates whether the entry is a static or a dynamic entry. VLAN The VLAN ID of the entry. MAC Address The MAC address of the entry. Port Members The ports that are members of the entry. Buttons Auto-refresh: Check this box to refresh the page automatically.

  • Page 384: Vlans

    AS Series User Manual VLANs VLAN Membership This page provides an overview of membership status of VLAN users. Information To Display the VLAN information in the web interface: 1. Click Monitor > VLANs > Membership 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.
  • Page 385 AS Series User Manual Parameter Description VLAN User VLAN User module uses services of the VLAN management functionality to configure VLAN memberships and VLAN port configurations such as PVID and UVID. Currently we support the following VLAN user types: Admin: These are referred to as static. NAS : NAS provides port-based authentication, which involves communications between a Supplicant, Authenticator, and an Authentication Server.

  • Page 386: Vlan Ports

    AS Series User Manual VLAN Ports This section provides the VLAN Port Status Information Information To Display the VLAN information in the web interface: 1. Click Monitor > VLANs > Ports 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.
  • Page 387 AS Series User Manual MVR: MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN. Multicast traffic for all channels is sent only on a single (multicast) VLAN. Port The logical port for the settings contained in the same row. Port Type Shows the Port Type.

  • Page 388: Vcl

    AS Series User Manual MAC-based VLAN This section shows MAC-based VLAN entries configured by various MAC-based VLAN users. Currently we support following VLAN User types: CLI/Web/SNMP: These are referred to as static. NAS: NAS provides port-based authentication, which involves communications between a Supplicant, Authenticator, and an Authentication Server.

  • Page 389: Protocol-Based Vlan

    AS Series User Manual Protocol-based VLAN Protocol to Group This page shows you the protocols to Group Name (unique for each Group) mapping entries for the switch. Information To Display the Protocol-based VLAN information in the web interface: 1. Click Monitor > VCL > Protocol-based VLAN > Protocol to Group 2.
  • Page 390 AS Series User Manual a. DSAP: 1-byte long string (0x00-0xff) b. SSAP: 1-byte long string (0x00-0xff) 3. For SNAP: Valid value in this case also is comprised of two different sub- values. a. OUI: OUI (Organizationally Unique Identifier) is value in format of xx-xx-xx where each pair (xx) in string is a hexadecimal value ranges from 0x00-0xff.

  • Page 391: Group To Vlan

    AS Series User Manual Group to VLAN This page shows you the configured Group Name to a VLAN for the switch. Information To Display the Group to VLAN information in the web interface: 1. Click Monitor > VCL > Protocol-based VLAN > Group to VLAN 2.

  • Page 392: Ip Subnet-Based Vlan

    AS Series User Manual IP Subnet-based VLAN The page shows IP subnet-based VLAN entries. This page shows only static entries. Information To Display the IP Subnet-based VLAN information in the web interface: 1. Click Monitor > VCL > IP Subnet-based VLAN 2.

  • Page 393: Sflow

    AS Series User Manual sFlow This session shows receiver and per-port sFlow statistics Information To Display the IP Subnet-based VLAN information in the web interface: 1. Click Monitor > sFLow 2. If you want to auto-refresh the information tick the Auto-refresh option. 3.
  • Page 394 AS Series User Manual <Configured through local management>. • If sFlow is currently configured through SNMP, Owner contains a string identifying the sFlow receiver. The IP address or hostname of the sFlow receiver. Address/Hostname Timeout The number of seconds remaining before sampling stops and the current sFlow owner is released.

  • Page 395: Diagnostics

    AS Series User Manual Diagnostics This section provides a set of basic system diagnosis. It lets users know whether the system is healthy or needs to be fixed. Users can also check network connectivity issues with the Ping command. The basic system check includes ICMP Ping, ICMPv6, and VeriPHY Cable Diagnostics. Ping This section is used to test network connectivity issues using the Ping command.
  • Page 396 AS Series User Manual (Only for IPv6) goes. The given VID ranges from 1 to 4094 and will be effective only when the corresponding IPv6 interface is valid. When the egress interface is not given, PING6 finds the best match interface for destination.

  • Page 397: Ping6

    AS Series User Manual Ping6 This section is used to test network connectivity issues using the Ping IPv6 command. Information To test network connectivity issues using the Ping command for IPv6. 1. Click Diagnostics > Ping6. 2. Enter the IP Address of the device you are trying to communicate with. 3.
  • Page 398 AS Series User Manual When the egress interface is not given, PING6 finds the best match interface for destination. Do not specify egress interface for loopback address. Do specify egress interface for link-local or multicast address. Click the “Start” button then the switch will start to ping the device using Start ICMPv6 packet size what set on the switch.

  • Page 399: Veriphy

    AS Series User Manual VeriPhy This section is used for running the VeriPHY Cable Diagnostics. Press to run the diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take approximately 15 seconds. When completed, the page refreshes automatically, and you can view the cable diagnostics results in the cable status table.

  • Page 400: Traceroute

    AS Series User Manual Traceroute This page allows you to issue ICMP, TCP, or UDP packets to diagnose network connectivity issues. Information To test network pathing via the traceroute command in the web interface 1. Click Diagnostics > Traceroute 2. Specify the Protocol to use for the Traceroute 3.
  • Page 401 AS Series User Manual default is 3. Doc No.: AS5-0116-01...

  • Page 402: Maintenance

    AS Series User Manual Maintenance This chapter describes all of the switch Maintenance configuration tasks to enhance the performance of the switch, including Restart Device, Firmware upgrade, Save/Restore, Import/Export, and Diagnostics. Restart Device This section explains how to restart the device. Information To restart the switch via the Web Interface 1.
  • Page 403 AS Series User Manual No- Click to undo any restart action. Doc No.: AS5-0116-01...

  • Page 404: Factory Defaults

    AS Series User Manual Factory Defaults This section is used to reset the switch back to its factory default settings. Information To perform a Factory Default of the Configuration in the web interface: 1. Click Maintenance > Factory Defaults 2. Click Factory Defaults 3.

  • Page 405: Firmware

    AS Series User Manual Firmware This section describes how to upgrade Firmware. The Switch can be enhanced with more value- added functions by installing firmware upgrades. Firmware Upgrade This page is where you upload the firmware for the AS Series Switch. Information To perform a Factory Default of the Configuration in the web interface: 1.

  • Page 406: Firmware Selection

    AS Series User Manual Firmware Selection This section is used to switch between the latest uploaded firmware image and the previously uploaded firmware image. This page displays both firmware file details including the version number. Information To perform a Factory Default of the Configuration in the web interface: 1.
  • Page 407 AS Series User Manual Version The version of the firmware image. Date The date where the firmware was produced. Buttons Activate Alternate Image: Click to use the “Activate Alternate Image”. This button may be disabled depending on system state. Cancel: Cancel activating the backup image. Navigates away from this page. Doc No.: AS5-0116-01...

  • Page 408: Configuration

    AS Series User Manual Configuration This section is used to backup, restore and save the configuration files of the AS Series Switch. Save startup-config This section describes how to save the Switch Start configuration. Any current configuration files will be saved to start. This must be performed after configuration of the switch if you wish to retain any changed settings you have made upon a reboot.

  • Page 409: Download

    AS Series User Manual Download This section describes to export the Switch Configuration. Any current configuration files will be exported as text format. Information To download a copy of the configuration files for the switch in the web interface: 1. Click Maintenance > Configuration > Download 2.
  • Page 410 AS Series User Manual default-config: A read-only file with vendor-specific configuration. This file is read when the system is restored to default settings. Parameter Description Buttons Download Configuration: Click to save configuration, the running configuration will be written to flash memory for system boot up to load this startup configuration file.

  • Page 411: Upload

    AS Series User Manual Upload This section is used to Import a saved configuration file into the switch. Information To Import a configuration file into the switch via the Web Interface: 1. Click Maintenance > Configuration > Upload. 2. Click Choose File to browse for the previously saved configuration file. 3.

  • Page 412: Activate

    AS Series User Manual Activate It is possible to activate any of the configuration files present on the switch, except for running- config which represents the currently active configuration. Select the file to activate and click Activate Configuration. This will initiate the process of completely replacing the existing configuration with that of the selected file.

  • Page 413: Delete

    AS Series User Manual Delete It is possible to delete any of the writable files stored in flash, including startup-config. If this is done and the switch is rebooted without a prior save operation, this effectively resets the switch to default configuration.

  • Page 414: Dms Management

    AS Series User Manual DMS Management Information Device Management System The Information page shows general system information for the Switch including its DMS software version, the maximum number of device can manage, MAC Address and IP Address for the Switch. Information To Configure DMS Information via the Web Interface 1.
  • Page 415 AS Series User Manual Fig: DMS Information Screen Doc No.: AS5-0116-01...
  • Page 416 AS Series User Manual Parameter Description DMS Software Displays the current DMS firmware version number. Version Total Device Displays the number of devices in topology. MAC Address The MAC Address of this switch. Current IP Address The current address (IPv4). DMS use switch interface VLAN1. DMS Working Displays the Working Status of DMS Status...

  • Page 417: Device List

    AS Series User Manual Device List The DMS Device list shows all devices that have been found though DMS either via automatic or Manual Methods. It will show you details such as if the unit is online or not, the device, Model name (If applicable) as well as the Device Name, MAC Address and IP address.
  • Page 418 AS Series User Manual Version Device firmware version. Doc No.: AS5-0116-01...

  • Page 419: Dms Graphical Monitoring

    AS Series User Manual DMS Graphical Monitoring Topology View In this page, you can see a visual view of the topology in a cluster of networks. Information To Configure DMS Graphical Monitoring Information via the Web Interface 1. Click DMS Tab > Graphical Monitoring > Topology View 2.
  • Page 420 AS Series User Manual Fig DMS Topology Device View Parameter Description Login Removes selected devices from DMS Reboot Device Reboots the End Point Device If applicable Device Type Select Device Type to PC, IP phone, IP cam, AP or other device. Diagnostics Launches into the Maintenance Diagnostics section.
  • Page 421 AS Series User Manual Buttons Description Use the directional pad to scroll up, down, left, or right. Use the slider to zoom in/out. Alternatively, you can use the mouse to navigate by clicking and dragging the left mouse button. Use the mouse wheel to zoom in/out.

  • Page 422: Floor View

    AS Series User Manual Floor View In this page, the administrator can place a device per time onto the custom image, which you have already uploaded, by dragging-and-dropping markers in the device list. Information To Configure DMS Information via the Web Interface 1.
  • Page 423 AS Series User Manual Buttons Description Use the directional pad to scroll up, down, left, or right. Use the slider to zoom in/out. Alternatively, you can use the mouse to navigate by clicking and dragging the left mouse button. Use the mouse wheel to zoom in/out.

  • Page 424: Map View

    AS Series User Manual Map View In this page, you can view a representation of where devices are located geographically in the network. To find one of devices within the network, enter the device name in the search bar. Click Device List to hide the Device List on the page or show a list of devices.
  • Page 425 AS Series User Manual Buttons Description Use the directional pad to scroll up, down, left, or right. Use the slider to zoom in/out. Alternatively, you can use the mouse to navigate by clicking and dragging the left mouse button. Use the mouse wheel to zoom in/out.

  • Page 426: Dms Maintenance

    AS Series User Manual DMS Maintenance Floor Image In this page, an administrator can add or delete a custom map or floor image Information To Configure the DMS Floor Image Information via the Web Interface 1. Click DMS Tab > Maintenance > Floor Image 2.

  • Page 427: Diagnostics

    AS Series User Manual Diagnostics In this page, you can troubleshoot any issue you have with devices connected to the network. This feature is designed primarily for administrators to verify and test the link routes between the switch and the device. A troubleshooting solution is provided by the system so that administrators can detect where the problem lies.
  • Page 428 AS Series User Manual Fig: the DMS Diagnostics Section. Doc No.: AS5-0116-01...

  • Page 429: Traffic Monitor

    AS Series User Manual Traffic Monitor This page displays visual chart of network traffic of all the devices managed by the AS Series switch. Information To view the DMS Traffic Monitor Information via the Web Interface 1. Click DMS Tab > Maintenance > Traffic Monitor 2.

  • Page 430: Software Features

    AS Series User Manual 9. Software Features Layer 3 Lite Switching IPv4 Static Routes IPv4 Unicast: Static routing IPv6 Static Routes IPv6 Unicast: Static routing DHCP Server Built in DHCP Server, allowing IP Address assignment to DHCP clients. Configurable DHCP Options. Layer 2+ Switching Spanning Tree Provides Redundant links and prevents network loops.
  • Page 431 AS Series User Manual information such as port numbers, devices connected, devices disconnected, allows access to device web management etc. Floor View - Allows you to upload floor plan of your building, allowing you to place devices in their physical positions. Map View - Google Maps type view, allowing you to place devices in their physical locations, perfect for IP Cameras that are installed schools, streets etc.
  • Page 432 AS Series User Manual Private VLAN PVE (also known as protected ports) provides L2 isolation between clients Edge in the same VLAN. Supports multiple uplinks Port Security Locks MAC addresses to ports, and limits the number of learned MAC address IP Source Guard Prevents illegal IP address from accessing specific ports on the switch RADIUS /...
  • Page 433 AS Series User Manual Multiple Multiple versions of configuration can be saved on the switch. Config files Configuration can be backed exported and imported. Files SNMP SNMP version1, 2c and 3 with support for traps, and SNMP version 3 user- based security model (USM) Power over Ethernet (PoE) Port...

  • Page 434: 10. Specifications

    AS Series User Manual 10. Specifications AS Series Model AS5010-P AS5026-P AS5048-P AS5128-P AS5152-P Interface Total Ports, comprising 10x GbE 26x GbE 48x GbE 28x GbE 52x GbE UTP (10/100/1000Mbps) UTP/(100M/1G) SFP SFP+ (1G/10G) Power Over Ethernet Total IEEE 802.3af/at PoE...
  • Page 435 AS Series User Manual SDRAM 128MB 128MB 128MB 128MB 128MB Flash 32MB 32MB 32MB 32MB 32MB Environmental Specifications Dimensions 220 x 44 x 442 x 44 x 442 x 44 x 442 x 44 x 442 x 44 x (W x H x D mm) Weight 2.3Kg 3.1Kg...

This manual is also suitable for:

As5026-pAs5048-pAs5128-pAs5152-p

Table of Contents